[Twisted-Python] R: Re: smtp-server: issue with checkers.FilePasswordDB and hash

aleuser at inwind.it aleuser at inwind.it
Mon Apr 5 09:22:19 EDT 2010


First of all, thanks for your answer :-)

>Can't say for sure without a full example, but it looks like you are

Here the full source code:

from twisted.mail import mail, relaymanager
from twisted.cred import checkers
from twisted.python import log
from twisted.application import internet
from twisted.application import service
import os, md5

SMTP_PORT = 25
QUEUE_PATH = './users_home/insertionQueue'

if not os.path.exists(QUEUE_PATH):
    os.makedirs(QUEUE_PATH)

def _hash(name, clearpsw, hashedpsw):
    return 'aa'
    return md5.md5(clearpsw).hexdigest()

# doesnt' work# smtpusers = checkers.FilePasswordDB('smtppasswords.txt', 
caseSensitive=True, hash=_hash, cache=True)
smtpusers = checkers.FilePasswordDB('smtppasswords.txt', caseSensitive=True, 
cache=True)

mailservice = mail.MailService()
mailservice.setQueue(relaymanager.Queue(QUEUE_PATH))
mailservice.smtpPortal.registerChecker(smtpusers)
smtpserver = mailservice.getESMTPFactory()
application = service.Application("Console SMTP Server")
internet.TCPServer(SMTP_PORT, smtpserver).setServiceParent(application)



>If you provide a hash function to FilePasswordDB, it only accepts
>IUsernamePassword credentials. The hash function is for plaintext

I read the source code, I'm agree with this point


>If your passwords are already hashed before they are sent to the server
>for authentication, then there is no need for a hash function.
>FilePasswordDB will accept either IUsernamePassword or
>IUsernameHashedPassword credentials.

I want to hash the password on the server; can't I? How I can decide to use a 
simple IUsernamePassword?

however If I don't use the hash function the connection still continue to use 
an IUsernameHashedPassword.
Probably the smtp connection is not made for a plain-text password, isn't it?

Alessandro



More information about the Twisted-Python mailing list