qiuck fix to arvados-pam vulnerability

author Nico Cesar <nico@curoverse.com>

Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)

committer Nico Cesar <nico@curoverse.com>

Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)
author Nico Cesar <nico@curoverse.com>
Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)
committer Nico Cesar <nico@curoverse.com>
Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)
diff --git a/sdk/pam/arvados_pam.py b/sdk/pam/arvados_pam.py

index af87e2ce9951bb23c49da0d6a36086c161e91f11..b38e54f0460bdad0f004584d5cc0fcd6be88afec 100644 (file)
--- a/sdk/pam/arvados_pam.py
+++ b/sdk/pam/arvados_pam.py
@@ -17,11 +17,12 @@ def check_arvados_token(requested_username, token):
  
      try:
          f=file('/etc/default/arvados_pam')
-        config=dict([l for l in f.readlines() if not l.startswith('#') or l.strip()==""])
+        config=dict([l.split('=') for l in f.readlines() if not l.startswith('#') or l.strip()==""])
          arvados_api_host=config['ARVADOS_API_HOST'].strip()
          hostname=config['HOSTNAME'].strip()
      except Exception as e:
-        auth_log("problem getting default values" % (str(e)))
+        auth_log("problem getting default values  %s" % e)
+        return False
  
      try:
          arv = arvados.api('v1',host=arvados_api_host, token=token, cache=None)
author	Nico Cesar <nico@curoverse.com>
	Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)
committer	Nico Cesar <nico@curoverse.com>
	Wed, 8 Jul 2015 20:44:18 +0000 (16:44 -0400)