File v3-1-2-remove-testing-auth.patch of Package cobbler
From c2f5f336afd134b040f43808510f49d70084eba1 Mon Sep 17 00:00:00 2001
From: Enno Gotthold <egotthold@suse.de>
Date: Mon, 7 Feb 2022 12:33:42 +0100
Subject: [PATCH] Authentication: Remove testing module
The testing module is shipping a well known username and password
combination. This is insecure. For testing purposes we have the
default password which is well-known as well.
Since noone should use this for production I don't consider removing
this a regression for a new minor release.
---
cobbler/modules/authentication/testing.py | 50 -------------------
docs/cobbler-conf.rst | 1 -
.../cobbler.modules.authentication.rst | 9 ----
3 files changed, 60 deletions(-)
delete mode 100644 cobbler/modules/authentication/testing.py
diff --git a/cobbler/modules/authentication/testing.py b/cobbler/modules/authentication/testing.py
deleted file mode 100644
index 48580207..00000000
--- a/cobbler/modules/authentication/testing.py
+++ /dev/null
@@ -1,50 +0,0 @@
-"""
-Authentication module that denies everything.
-Unsafe demo. Allows anyone in with testing/testing.
-
-Copyright 2007-2009, Red Hat, Inc and Others
-Michael DeHaan <michael.dehaan AT gmail>
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301 USA
-"""
-
-
-def register():
- """
- The mandatory Cobbler module registration hook.
-
- :return: Always "authn"
- :rtype: str
- """
- return "authn"
-
-
-def authenticate(api_handle, username, password):
- """
- Validate a username/password combo, returning True/False
-
- Thanks to http://trac.edgewall.org/ticket/845 for supplying the algorithm info.
-
- :param api_handle: This parameter is not used currently.
- :param username: The username which should be checked.
- :param password: The password which should be checked.
- :return: True if username is "testing" and password is "testing". Otherwise False.
- :rtype: bool
- """
-
- if username == "testing" and password == "testing":
- return True
- return False
diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst
index f1dda64f..3153b571 100644
--- a/docs/cobbler-conf.rst
+++ b/docs/cobbler-conf.rst
@@ -662,7 +662,6 @@ Choices:
- authn_ldap -- authenticate against LDAP
- authn_spacewalk -- ask Spacewalk/Satellite (experimental)
- authn_pam -- use PAM facilities
-- authn_testing -- username/password is always testing/testing (debug)
- (user supplied) -- you may write your own module
WARNING: this is a security setting, do not choose an option blindly.
diff --git a/docs/code-autodoc/cobbler.modules.authentication.rst b/docs/code-autodoc/cobbler.modules.authentication.rst
index 60f290f6..2aeafce6 100644
--- a/docs/code-autodoc/cobbler.modules.authentication.rst
+++ b/docs/code-autodoc/cobbler.modules.authentication.rst
@@ -52,15 +52,6 @@ cobbler.modules.authentication.spacewalk module
:undoc-members:
:show-inheritance:
-cobbler.modules.authentication.testing module
----------------------------------------------
-
-.. automodule:: cobbler.modules.authentication.testing
- :members:
- :undoc-members:
- :show-inheritance:
-
-
Module contents
---------------
--
2.34.1
