From d60d26260f24a145ba5b8f49aec3233f26c37c01 Mon Sep 17 00:00:00 2001
From: Narayan Desai <desai@mcs.anl.gov>
Date: Tue, 20 Mar 2007 17:50:49 +0000
Subject: Include more information in authentication failure messages

git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@2958 ce84e21b-d406-0410-9b95-82705330c041
---
 src/lib/Server/Plugins/Metadata.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/lib/Server/Plugins/Metadata.py b/src/lib/Server/Plugins/Metadata.py
index 3d5e7cbe2..b5400f6b8 100644
--- a/src/lib/Server/Plugins/Metadata.py
+++ b/src/lib/Server/Plugins/Metadata.py
@@ -344,12 +344,15 @@ class Metadata(Bcfg2.Server.Plugin.Plugin):
                 self.logger.error("Client %s attempted to use global password while in secure mode" % (address[0]))
                 return False
             if password != self.password:
-                self.logger.error("Client %s used incorrect password" % (address[0]))
+                self.logger.error("Client %s used incorrect global password" % (address[0]))
                 return False
             return True
-        if self.passwords[client] != password:
-            self.logger.error("Client %s used incorrect password" % (address[0]))
-            return False
+        if client not in self.secure:
+            if password not in [self.password, self.passwords[client]]:
+                self.logger.error("Client %s failed to use either allowed password" % \
+                                  (address[0]))
+                return False
         # populate the session cache
         if user != 'root':
             self.session_cache[address] = (time.time(), user)
+        return True
-- 
cgit v1.2.3-1-g7c22