From 6636cbff81061bc270e4d21659fa3fba8eb3c87b Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Fri, 12 Apr 2013 18:44:55 +0200 Subject: Create installation script using distutils --- pylock/LockWindow.py | 172 +++++++++++++++++++++++++++++++++++++++++ pylock/Locker.py | 73 ++++++++++++++++++ pylock/Main.py | 126 ++++++++++++++++++++++++++++++ pylock/Selection.py | 66 ++++++++++++++++ pylock/__init__.py | 0 pylock/data/bg.svg | 208 ++++++++++++++++++++++++++++++++++++++++++++++++++ pylock/data/unlock.ui | 166 ++++++++++++++++++++++++++++++++++++++++ pylock/pam.py | 170 +++++++++++++++++++++++++++++++++++++++++ 8 files changed, 981 insertions(+) create mode 100644 pylock/LockWindow.py create mode 100644 pylock/Locker.py create mode 100644 pylock/Main.py create mode 100644 pylock/Selection.py create mode 100644 pylock/__init__.py create mode 100644 pylock/data/bg.svg create mode 100644 pylock/data/unlock.ui create mode 100644 pylock/pam.py (limited to 'pylock') diff --git a/pylock/LockWindow.py b/pylock/LockWindow.py new file mode 100644 index 0000000..bb4d0e4 --- /dev/null +++ b/pylock/LockWindow.py @@ -0,0 +1,172 @@ +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import sys +import os +import locale + +from gi.repository import Gtk, Gdk, GObject, GLib + + +_ = locale.gettext + + +PACKAGE_DIR = os.path.dirname(__file__) + + +class LockWindow(Gtk.Window): + __gsignals__ = { + 'logout': (GObject.SIGNAL_RUN_FIRST, None, ()), + 'tryUnlock': (GObject.SIGNAL_RUN_FIRST, None, (str,)) + } + + def __init__(self): + Gtk.Window.__init__(self) + + self.display = Gdk.Display.get_default() + self.screen = self.display.get_default_screen() + self.devicesGrabbed = False + + self.overlay = Gtk.Overlay() + self.add(self.overlay) + + self.bg = Gtk.Image.new_from_file(os.path.join(PACKAGE_DIR, 'data/bg.svg')) + self.overlay.add(self.bg) + + self.realize() + self.get_window().set_override_redirect(True) + + self.set_default_size(self.screen.get_width(), self.screen.get_height()) + + self.set_has_resize_grip(False) + + builder = Gtk.Builder() + + if not builder.add_from_file(os.path.join(PACKAGE_DIR, 'data/unlock.ui')): + sys.exit(1) + + self.unlockWindow = builder.get_object('unlock_window') + self.lockLabel = builder.get_object('lock_label') + self.promptEntry = builder.get_object('prompt_entry') + self.messageLabel = builder.get_object('message_label') + self.logoutButton = builder.get_object('logout_button') + self.unlockButton = builder.get_object('unlock_button') + + self.overlay.add_overlay(self.unlockWindow) + + self.connect('delete-event', lambda w, e: True) + + self.promptEntry.connect('activate', lambda w: self._tryUnlock()) + self.logoutButton.connect('clicked', lambda w: self._logout()) + self.unlockButton.connect('clicked', lambda w: self._tryUnlock()) + + self.reset(False, True) + + self.deviceManager = self.display.get_device_manager() + + self.connect('map-event', self._grabDevices) + self.connect('configure-event', lambda w, e: self.get_window().move_resize(0, 0, self.screen.get_width(), self.screen.get_height()) and False) + + def _logout(self): + self.promptEntry.set_sensitive(False) + self.unlockButton.set_sensitive(False) + self.logoutButton.set_sensitive(False) + GLib.idle_add(lambda: self.emit('logout')) + + def _tryUnlock(self): + self.promptEntry.set_sensitive(False) + self.unlockButton.set_sensitive(False) + self.logoutButton.set_sensitive(False) + GLib.idle_add(lambda: self.emit('tryUnlock', self.promptEntry.get_text())) + + def _update(self): + self.promptEntry.set_sensitive(self._enablePromptEntry) + self.logoutButton.set_sensitive(self._enableLogoutButton) + self.unlockButton.set_sensitive(self._enableUnlockButton) + + def reset(self, regrab = True, resetButtons = False): + if resetButtons: + self._enablePromptEntry = True + self._enableLogoutButton = False + self._enableUnlockButton = True + + self.promptEntry.set_text('') + self.messageLabel.set_label('') + self._update() + + if regrab: + self._grabDevices(None, None) + + def updateLockMessage(self, username, logoutTime = None): + if logoutTime is None: + self.lockLabel.set_markup(_('This computer is currently locked by the user {username}.').format(username=GLib.markup_escape_text(username))) + self._enableLogoutButton = False + elif logoutTime > 0: + self.lockLabel.set_markup( + _('This computer is currently locked by the user {username}.\nThe user can be logged out in {minutes:02}:{seconds:02} minutes.').format( + username=GLib.markup_escape_text(username), minutes=logoutTime//60, seconds=logoutTime%60)) + self._enableLogoutButton = False + else: + self.lockLabel.set_markup( + _('This computer is currently locked by the user {username}.\nThe user can be logged out now.').format( + username=GLib.markup_escape_text(username))) + self._enableLogoutButton = True + self._update() + + def setAuthMessage(self, message): + self.messageLabel.set_label(message) + + def _grabDevices(self, w, e): + self.promptEntry.grab_focus() + + if not self.devicesGrabbed: + for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): + if device.grab(self.get_window(), Gdk.GrabOwnership.APPLICATION, True, Gdk.EventMask.ALL_EVENTS_MASK, None, Gdk.CURRENT_TIME) != Gdk.GrabStatus.SUCCESS: + self._ungrabDevices() + self.get_window().lower() + return False + + self.present() + + self.devicesGrabbed = True + + return False + + def _ungrabDevices(self): + for device in self.deviceManager.list_devices(Gdk.DeviceType.MASTER): + device.ungrab(Gdk.CURRENT_TIME) + self.devicesGrabbed = False + + def lock(self): + self.show_all() + self.display.sync() + self._grabDevices(self, None) + return self.devicesGrabbed + + def unlock(self): + self._ungrabDevices() + + self.hide() + + self.reset(False, True) diff --git a/pylock/Locker.py b/pylock/Locker.py new file mode 100644 index 0000000..5243609 --- /dev/null +++ b/pylock/Locker.py @@ -0,0 +1,73 @@ +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +from gi.repository import Gtk, GLib + + +class Locker(object): + def __init__(self, doLock, doUnlock, logoutTimeout = None, doLogout = None, updateLogoutTimeout = None): + self.locked = False + self.logoutTimeout = logoutTimeout + self.doLock = doLock + self.doUnlock = doUnlock + self.doLogout = doLogout + self.updateLogoutTimeout = updateLogoutTimeout + + def _checkLogout(self): + if not self.locked: + return False + + self.currentLogoutTimeout = self.currentLogoutTimeout - 1 + if self.updateLogoutTimeout is not None: + self.updateLogoutTimeout(self.currentLogoutTimeout) + + return self.currentLogoutTimeout > 0 + + def lock(self): + if not self.locked: + self.locked = True + if not self.doLock(self.logoutTimeout): + self.locked = False + GLib.timeout_add_seconds(1, self.lock) + return False + + if self.doLogout is not None: + self.currentLogoutTimeout = self.logoutTimeout + + if self.currentLogoutTimeout > 0: + GLib.timeout_add_seconds(1, self._checkLogout) + + return True + + def unlock(self): + if self.locked: + self.doUnlock() + self.locked = False + + def _canLogout(self): + return (self.locked and self.doLogout is not None and self.currentLogoutTimeout <= 0) + + def logout(self): + if self._canLogout(): + self.doLogout() diff --git a/pylock/Main.py b/pylock/Main.py new file mode 100644 index 0000000..7a2cbb9 --- /dev/null +++ b/pylock/Main.py @@ -0,0 +1,126 @@ +#!/usr/bin/env python3 + + +# Copyright (c) 2012, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import signal +import sys +import os +import pwd +import locale +import configparser + +from gi.repository import Gtk, GLib + +from .Locker import Locker +from .LockWindow import LockWindow +from . import Selection +from . import pam + + +CONFIG_FILE = '/etc/pylock.conf' + + +_ = locale.gettext + + +def main(): + configParser = configparser.ConfigParser() + configParser.read_file(open(CONFIG_FILE)) + + config = configParser['pylock'] + username = pwd.getpwuid(os.getuid())[0] + + def signalHandler(signum, frame): + Gtk.main_quit() + + signal.signal(signal.SIGINT, signalHandler) + signal.signal(signal.SIGTERM, signalHandler) + signal.signal(signal.SIGQUIT, signalHandler) + + locale.setlocale(locale.LC_ALL, '') + locale.textdomain('pylock') + + if 'theme' in config: + Gtk.Settings.get_defalt().set_property('gtk-theme-name', config['theme']) + + def waitForSelection(): + if Selection.get() != 0: + return True + + Gtk.main_quit() + return False + + + if Selection.get() != 0: + GLib.timeout_add_seconds(1, waitForSelection) + Gtk.main() + sys.exit(0) + + window = LockWindow() + + if not Selection.acquire(window): + print('Unable to register pylock at X server', file=sys.stderr) + sys.exit(1) + + + def lock(timeLeft): + window.updateLockMessage(username, timeLeft) + return window.lock() + + def logout(): + try: + os.system(config['logout_command']) + except: + pass + + window.reset(False) + + def updateTimeout(timeLeft): + window.updateLockMessage(username, timeLeft) + + if not ('logout_timeout' in config and 'logout_command' in config): + locker = Locker(lock, window.unlock) + else: + locker = Locker(lock, window.unlock, int(config['logout_timeout']), logout, updateTimeout) + + pamAuth = pam.pam() + + def tryUnlock(w, password): + if pamAuth.authenticate(username, password): + locker.unlock() + Gtk.main_quit() + else: + window.reset() + window.setAuthMessage(pamAuth.reason) + + return True + + window.connect('logout', lambda w: locker.logout()) + window.connect('tryUnlock', tryUnlock) + + GLib.idle_add(lambda: locker.lock()) + + Gtk.main() diff --git a/pylock/Selection.py b/pylock/Selection.py new file mode 100644 index 0000000..11a7285 --- /dev/null +++ b/pylock/Selection.py @@ -0,0 +1,66 @@ +# Copyright (c) 2012-2013, Matthias Schiffer +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# 1. Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright notice, +# this list of conditions and the following disclaimer in the documentation +# and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +import ctypes +import ctypes.util + +from gi.repository import Gdk, GdkX11 + + +XEvent_p = ctypes.c_void_p +display_p = ctypes.c_void_p +xid = ctypes.c_ulong +x11_bool = ctypes.c_int +x11_time = ctypes.c_ulong +status = ctypes.c_int + + +libX11 = ctypes.util.find_library('X11') +if libX11 == None: + raise OSError('libX11 could not be found.') +libX11 = ctypes.cdll.LoadLibrary(libX11) + +libX11.XSetSelectionOwner.argtypes = display_p, xid, xid, x11_time +libX11.XSetSelectionOwner.restype = ctypes.c_int +libX11.XGetSelectionOwner.argtypes = display_p, xid +libX11.XGetSelectionOwner.restype = xid + + +display = Gdk.Display.get_default() +dpy_p = display_p(hash(GdkX11.X11Display.get_xdisplay(display))) +atomPylockWindow = GdkX11.x11_get_xatom_by_name("PYLOCK_WINDOW") + + +def get(): + return libX11.XGetSelectionOwner(dpy_p, atomPylockWindow) + +def acquire(window): + if get() != 0: + return False + + window.realize() + xid = GdkX11.X11Window.get_xid(window.get_window()) + libX11.XSetSelectionOwner(dpy_p, atomPylockWindow, xid, 0) + + return (get() == xid) diff --git a/pylock/__init__.py b/pylock/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/pylock/data/bg.svg b/pylock/data/bg.svg new file mode 100644 index 0000000..78e3972 --- /dev/null +++ b/pylock/data/bg.svg @@ -0,0 +1,208 @@ + + + +image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Bei Problemen melden Sie sich bitte per E-Mail anpool-hotline@itsc.uni-luebeck.deoder telefonisch unter derinternen Nummer 5004. + + \ No newline at end of file diff --git a/pylock/data/unlock.ui b/pylock/data/unlock.ui new file mode 100644 index 0000000..89bc3b8 --- /dev/null +++ b/pylock/data/unlock.ui @@ -0,0 +1,166 @@ + + + + + 700 + True + False + center + center + False + + + True + False + 40 + + + True + False + siegel.png + + + False + True + 0 + + + + + True + False + 12 + 12 + + + True + False + [lock] + + + True + True + 1 + + + + + False + 6 + + + False + 6 + + + True + False + Password: + + + False + True + 0 + + + + + True + True + False + + True + False + False + + + + True + True + 1 + + + + + True + True + 0 + + + + + False + 0 + [message] + + + True + True + 1 + + + + + True + False + 20 + + + Unlock + False + True + True + True + False + + + True + True + end + 1 + + + + + Logout + False + True + True + True + False + + + True + True + end + 2 + + + + + True + True + 2 + + + + + False + True + 3 + + + + + False + True + 1 + + + + + + + + + diff --git a/pylock/pam.py b/pylock/pam.py new file mode 100644 index 0000000..d72489d --- /dev/null +++ b/pylock/pam.py @@ -0,0 +1,170 @@ +# (c) 2007 Chris AtLee +# Licensed under the MIT license: +# http://www.opensource.org/licenses/mit-license.php +""" +PAM module for python + +Provides an authenticate function that will allow the caller to authenticate +a user against the Pluggable Authentication Modules (PAM) on the system. + +Implemented using ctypes, so no compilation is necessary. + +--- +modified to work [better] with python3.2, 2011-12-6, david ford, +i haven't paid any attention to making sure things work in python2. there may be +problems in my_conv() +--- +Just some encoding fixes for python3, 2012-01-27 Matthias Schiffer +""" + +import sys +import locale +if sys.version_info >= (3,): + py3k = True +else: + py3k = False + +from ctypes import CDLL, POINTER, Structure, CFUNCTYPE, cast, pointer, sizeof +from ctypes import c_void_p, c_uint, c_char_p, c_char, c_int +from ctypes import memmove +from ctypes.util import find_library + +class PamHandle(Structure): + """wrapper class for pam_handle_t""" + _fields_ = [ + ("handle", c_void_p) + ] + + def __init__(self): + Structure.__init__(self) + self.handle = 0 + +class PamMessage(Structure): + """wrapper class for pam_message structure""" + _fields_ = [ + ("msg_style", c_int), + ("msg", c_char_p), + ] + + def __repr__(self): + return "" % (self.msg_style, self.msg) + +class PamResponse(Structure): + """wrapper class for pam_response structure""" + _fields_ = [ + ("resp", c_char_p), + ("resp_retcode", c_int), + ] + + def __repr__(self): + return "" % (self.resp_retcode, self.resp) + +CONV_FUNC = CFUNCTYPE( + c_int, + c_int, + POINTER(POINTER(PamMessage)), + POINTER(POINTER(PamResponse)), + c_void_p) + +class PamConv(Structure): + """wrapper class for pam_conv structure""" + _fields_ = [ + ("conv", CONV_FUNC), + ("appdata_ptr", c_void_p) + ] + +# Various constants +PAM_PROMPT_ECHO_OFF = 1 +PAM_PROMPT_ECHO_ON = 2 +PAM_ERROR_MSG = 3 +PAM_TEXT_INFO = 4 + +LIBC = CDLL(find_library("c")) +LIBPAM = CDLL(find_library("pam")) + +CALLOC = LIBC.calloc +CALLOC.restype = c_void_p +CALLOC.argtypes = [c_uint, c_uint] + +PAM_START = LIBPAM.pam_start +PAM_START.restype = c_int +PAM_START.argtypes = [c_char_p, c_char_p, POINTER(PamConv), POINTER(PamHandle)] + +PAM_STRERROR = LIBPAM.pam_strerror +PAM_STRERROR.restype = c_char_p +PAM_STRERROR.argtypes = [POINTER(PamHandle), c_int] + +PAM_AUTHENTICATE = LIBPAM.pam_authenticate +PAM_AUTHENTICATE.restype = c_int +PAM_AUTHENTICATE.argtypes = [PamHandle, c_int] + +class pam(): + code = 0 + reason = None + + def __init__(self): + pass + + def authenticate(self, username, password, service='login'): + """username and password authenticate for the given service. + + Returns True for success, or False. self.code is the integer + value representing the numerice failure reason, or 0 on success. + self.reason is the textual reason. + + Python3 expects bytes() for ctypes inputs. This function will make + necessary conversions using the latin-1 coding. + + username: the username to authenticate + password: the password in plain text + service: the PAM service to authenticate against. + Defaults to 'login' """ + + @CONV_FUNC + def my_conv(n_messages, messages, p_response, app_data): + """Simple conversation function that responds to any + prompt where the echo is off with the supplied password""" + # Create an array of n_messages response objects + addr = CALLOC(n_messages, sizeof(PamResponse)) + p_response[0] = cast(addr, POINTER(PamResponse)) + for i in range(n_messages): + if messages[i].contents.msg_style == PAM_PROMPT_ECHO_OFF: + cs = c_char_p(password) + dst = CALLOC(sizeof(c_char_p), len(password)+1) + memmove(dst , cs, len(password)) + p_response.contents[i].resp = dst + p_response.contents[i].resp_retcode = 0 + return 0 + + # python3 ctypes prefers bytes, pretend everyone will be happy using latin-1 + if py3k: + if isinstance(username, str): + username = bytes(username, locale.getpreferredencoding()) + if isinstance(password, str): + password = bytes(password, locale.getpreferredencoding()) + if isinstance(service, str): + service = bytes(service, locale.getpreferredencoding()) + + handle = PamHandle() + conv = PamConv(my_conv, 0) + retval = PAM_START(service, username, pointer(conv), pointer(handle)) + + if retval != 0: + # This is not an authentication error, something has gone wrong starting up PAM + self.code = retval + self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) + return False + + retval = PAM_AUTHENTICATE(handle, 0) + + if retval == 0: + # success + logic = True + else: + logic = False + + # store information to inform the caller why we failed + self.code = retval + self.reason = str(PAM_STRERROR(pointer(handle), retval), locale.getpreferredencoding()) + + return logic -- cgit v1.2.3