[Mailman-Developers] sender-based authentication

[Mark Sapiro]

David Lee wrote:
>
>Being completely new to both Mailman and python programming (though with
>several years of majordomo and perl behind me!) I thought I'd check that
>I'm on the right lines.  Attached is a shot at a "UserAuth.py" module(?)
>to maintain the passwords, with ideas borrowed from "Utils.py".
>
>Does it seem the right sort of thing?  Does it conform to the spirit of
>Mailman?  Or is it hopelessly wrong or idiosyncrantic?


It seems to me to be the right sort of thing, but I see some specific
issues.


1) It might be better to use anydbm rather than dbm. Some Python
installations might have dbhash and/or gdbm available and not dbm.

2) I'm not sure why you want to give default values of None to missing
arguments when the arguments are really required and the default None
values throw exceptions anyway.

3) The database file can be left open, either because of your explicit
exceptions or because of exceptions due to 2). E.g.,

def add(user=None, password=None):
    oldmask = os.umask(026)
    try:
        file = dbm.open(filename, 'c')
        if file.has_key(user):
            raise KeyError
        file[user] = sha.new(password).hexdigest()
        file.close()
    finally:
        os.umask(oldmask)

If I call add(), then I get some exception (which depends on the
particular dbm module) and file is not closed (until garbage collected
which may not happen immediately). A subsequent call to
add('user_name', 'user_pwd') may fail with a permission error on the
open (again depending on the particular dbm module). It would be
better to move file.close() into the finally clause, perhaps within
its own try so it doesn't skip the resetting of umask if the open
failed.

4) PEP 8 recommends all lower case module names, although consistency
with existing Mailman module names probably overrides that.

-- 
Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan