[CalendarServer-changes] [8686] CalendarServer/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Wed Feb 15 11:11:06 PST 2012
Revision: 8686
http://trac.macosforge.org/projects/calendarserver/changeset/8686
Author: sagen at apple.com
Date: 2012-02-15 11:11:05 -0800 (Wed, 15 Feb 2012)
Log Message:
-----------
Auth mechanisms for /apns inherit from root (except for Kerberos)
Modified Paths:
--------------
CalendarServer/trunk/calendarserver/tap/caldav.py
CalendarServer/trunk/calendarserver/tap/util.py
CalendarServer/trunk/twistedcaldav/mail.py
CalendarServer/trunk/twistedcaldav/stdconfig.py
Modified: CalendarServer/trunk/calendarserver/tap/caldav.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/caldav.py 2012-02-15 19:09:45 UTC (rev 8685)
+++ CalendarServer/trunk/calendarserver/tap/caldav.py 2012-02-15 19:11:05 UTC (rev 8686)
@@ -670,7 +670,7 @@
additional = []
if config.Scheduling.iMIP.Enabled:
- additional.append(("inbox", IMIPReplyInboxResource, [], "digest"))
+ additional.append(("inbox", IMIPReplyInboxResource, [], ("digest",)))
#
# Configure the service
Modified: CalendarServer/trunk/calendarserver/tap/util.py
===================================================================
--- CalendarServer/trunk/calendarserver/tap/util.py 2012-02-15 19:09:45 UTC (rev 8685)
+++ CalendarServer/trunk/calendarserver/tap/util.py 2012-02-15 19:11:05 UTC (rev 8686)
@@ -372,7 +372,7 @@
Additional resources can be added to the hierarchy by passing a list of
tuples containing: path, resource class, __init__ args list, and optional
- authentication scheme ("basic" or "digest").
+ authentication schemes list ("basic", "digest").
If the store is specified, then it has already been constructed, so use it.
Otherwise build one with L{storeFromConfig}.
@@ -644,12 +644,12 @@
apnConfig = config.Notifications.Services["ApplePushNotifier"]
if apnConfig.Enabled:
log.info("Setting up APNS resource at /%s with auth: %s" %
- (apnConfig["SubscriptionURL"], apnConfig["AuthMechanism"]))
+ (apnConfig["SubscriptionURL"], apnConfig["AuthMechanisms"]))
resources.append((
apnConfig["SubscriptionURL"],
apnSubscriptionResourceClass,
[],
- apnConfig["AuthMechanism"]
+ apnConfig["AuthMechanisms"]
))
#
@@ -663,7 +663,7 @@
overrides = { }
if resources:
- for path, cls, args, scheme in resources:
+ for path, cls, args, schemes in resources:
# putChild doesn't want "/" starting the path
root.putChild(path, cls(root, newStore, *args))
@@ -671,17 +671,19 @@
# overrides requires "/" prepended
path = "/" + path
- if scheme == "basic":
- overrides[path] = (BasicCredentialFactory(realm),)
+ overrides[path] = []
+ for scheme in schemes:
+ if scheme == "basic":
+ overrides[path].append(BasicCredentialFactory(realm))
- elif scheme == "digest":
- schemeConfig = config.Authentication.Digest
- overrides[path] = (QopDigestCredentialFactory(
- schemeConfig["Algorithm"],
- schemeConfig["Qop"],
- realm,
- ),)
- log.info("Overriding %s with %s (%s)" % (path, cls, scheme))
+ elif scheme == "digest":
+ schemeConfig = config.Authentication.Digest
+ overrides[path].append(QopDigestCredentialFactory(
+ schemeConfig["Algorithm"],
+ schemeConfig["Qop"],
+ realm,
+ ))
+ log.info("Overriding %s with %s (%s)" % (path, cls, schemes))
authWrapper = AuthenticationWrapper(
root,
Modified: CalendarServer/trunk/twistedcaldav/mail.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/mail.py 2012-02-15 19:09:45 UTC (rev 8685)
+++ CalendarServer/trunk/twistedcaldav/mail.py 2012-02-15 19:11:05 UTC (rev 8686)
@@ -885,7 +885,7 @@
config,
"IGNORED", # no need for a store - no /calendars nor /addressbooks
resources = [
- ("inbox", IMIPInvitationInboxResource, (mailer,), "digest"),
+ ("inbox", IMIPInvitationInboxResource, (mailer,), ("digest",)),
]
)
Modified: CalendarServer/trunk/twistedcaldav/stdconfig.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/stdconfig.py 2012-02-15 19:09:45 UTC (rev 8685)
+++ CalendarServer/trunk/twistedcaldav/stdconfig.py 2012-02-15 19:11:05 UTC (rev 8686)
@@ -681,7 +681,7 @@
"Service" : "calendarserver.push.applepush.ApplePushNotifierService",
"Enabled" : False,
"SubscriptionURL" : "apns",
- "AuthMechanism" : "digest",
+ "AuthMechanisms" : [],
"DataHost" : "",
"ProviderHost" : "gateway.push.apple.com",
"ProviderPort" : 2195,
@@ -1267,9 +1267,16 @@
if service["DataHost"] == "":
service["DataHost"] = configDict.ServerHostName
- if service["AuthMechanism"] not in ("basic", "digest"):
- raise ConfigurationError("Unknown ApplePushNotifier AuthMechanism value: '%s'. Must be either 'basic' or 'digest'." %
- (service["AuthMechanism"],))
+ # Advertise Basic and/or Digest on subscription resource
+ if not service["AuthMechanisms"]:
+ authMechanisms = []
+ if configDict.Authentication.Basic.Enabled:
+ authMechanisms.append("basic")
+ if configDict.Authentication.Digest.Enabled:
+ authMechanisms.append("digest")
+ if not authMechanisms:
+ raise ConfigurationError("Must have either 'basic' or 'digest' enabled for Apple Push Notifications.")
+ service["AuthMechanisms"] = authMechanisms
# Retrieve APN topics from certificates if not explicitly set
for protocol, accountName in (
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20120215/8a0a72b9/attachment-0001.html>
More information about the calendarserver-changes
mailing list