SRP authentication for Python

SRP authentication for Python

srplib is a python library providing SRP authentication capabilities to your python applications.

SRP stand for Secure Remote Password protocol. This protocol performs secure remote authentication.

srplib is inspired by the first python port provided by one of the author itself here : SRP Authenticated Sockets in Python.

srplib provide a more usable API for applications and an original support for asynchat and asynchore applications without too much changes.

srplib is not released alone for now, it is part of the Tcp Proxy Reflector package, but you can install the package and just import srplib. The only documentation available until now are the two asynchronous and synchronous client and server samples provided with the package. Read the README.txt file for more.

Normal usage

Most of the application use synchronous path to handle connections, of course srplib support this way by providing and extended socket class SRPSocket and also a SRPRequestHandler inherited from SocketServer.StreamRequestHandler.

asychat support

The integration in new or already existing asynchat classes is very smooth ! You just have to create two new methods handle_authentication_failure and handle_authentication_success and call handle_authentication from inside the __init__ or handle_connect method.

The way it is done is very original, handle_authentication redirect your collect_incoming_data and found_terminator like this :

        self._srp_save_collect_incoming_data=self.collect_incoming_data
        self._srp_save_found_terminator=self.found_terminator
        self.collect_incoming_data=self._srp_collect_incoming_data
        self.found_terminator=self._srp_found_terminator

... and restore your original method when the authentication is successful :

        self.collect_incoming_data=self._srp_save_collect_incoming_data
        self.found_terminator=self._srp_save_found_terminator

asycore support

srplib doesn't provide a direct support for asyncore or even a sample, but you could reuse your code by inheriting from asynchat child classes above and redirect the handle_read method to your previous handler when the authentication is successful, doing something like :

class YourHandler(SRPXXXXHandler):
        """inherit from SRPServerHandler or SRPClientHandler"""

        def your_handle_read():
        """this is your original handle_read method"""
        ....

        def handle_authentication_success(self, username, key, userdata):
            print 'session opened for user "%s"' % (username, )
            self.handle_read=self.your_handle_read

This has not been tested but should works