From 264e9ac5f5c74289f04606ed0ed9cd1f7f8cb481 Mon Sep 17 00:00:00 2001 From: Richard Oudkerk Date: Fri, 17 Aug 2012 14:39:18 +0100 Subject: [PATCH] Issue #14501: Clarify that authentication keys are byte strings --- Doc/library/multiprocessing.rst | 39 +++++++++++++++++---------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/Doc/library/multiprocessing.rst b/Doc/library/multiprocessing.rst index f503f4dfb41..e93d121a5fc 100644 --- a/Doc/library/multiprocessing.rst +++ b/Doc/library/multiprocessing.rst @@ -1151,10 +1151,10 @@ their parent process exits. The manager classes are defined in the *address* is the address on which the manager process listens for new connections. If *address* is ``None`` then an arbitrary one is chosen. - *authkey* is the authentication key which will be used to check the validity - of incoming connections to the server process. If *authkey* is ``None`` then - ``current_process().authkey``. Otherwise *authkey* is used and it - must be a string. + *authkey* is the authentication key which will be used to check the + validity of incoming connections to the server process. If + *authkey* is ``None`` then ``current_process().authkey`` is used. + Otherwise *authkey* is used and it must be a byte string. .. method:: start([initializer[, initargs]]) @@ -1168,7 +1168,7 @@ their parent process exits. The manager classes are defined in the :meth:`serve_forever` method:: >>> from multiprocessing.managers import BaseManager - >>> manager = BaseManager(address=('', 50000), authkey='abc') + >>> manager = BaseManager(address=('', 50000), authkey=b'abc') >>> server = manager.get_server() >>> server.serve_forever() @@ -1179,7 +1179,7 @@ their parent process exits. The manager classes are defined in the Connect a local manager object to a remote manager process:: >>> from multiprocessing.managers import BaseManager - >>> m = BaseManager(address=('127.0.0.1', 5000), authkey='abc') + >>> m = BaseManager(address=('127.0.0.1', 5000), authkey=b'abc') >>> m.connect() .. method:: shutdown() @@ -1380,7 +1380,7 @@ remote clients can access:: >>> queue = queue.Queue() >>> class QueueManager(BaseManager): pass >>> QueueManager.register('get_queue', callable=lambda:queue) - >>> m = QueueManager(address=('', 50000), authkey='abracadabra') + >>> m = QueueManager(address=('', 50000), authkey=b'abracadabra') >>> s = m.get_server() >>> s.serve_forever() @@ -1389,7 +1389,7 @@ One client can access the server as follows:: >>> from multiprocessing.managers import BaseManager >>> class QueueManager(BaseManager): pass >>> QueueManager.register('get_queue') - >>> m = QueueManager(address=('foo.bar.org', 50000), authkey='abracadabra') + >>> m = QueueManager(address=('foo.bar.org', 50000), authkey=b'abracadabra') >>> m.connect() >>> queue = m.get_queue() >>> queue.put('hello') @@ -1399,7 +1399,7 @@ Another client can also use it:: >>> from multiprocessing.managers import BaseManager >>> class QueueManager(BaseManager): pass >>> QueueManager.register('get_queue') - >>> m = QueueManager(address=('foo.bar.org', 50000), authkey='abracadabra') + >>> m = QueueManager(address=('foo.bar.org', 50000), authkey=b'abracadabra') >>> m.connect() >>> queue = m.get_queue() >>> queue.get() @@ -1423,7 +1423,7 @@ client to access it remotely:: >>> class QueueManager(BaseManager): pass ... >>> QueueManager.register('get_queue', callable=lambda: queue) - >>> m = QueueManager(address=('', 50000), authkey='abracadabra') + >>> m = QueueManager(address=('', 50000), authkey=b'abracadabra') >>> s = m.get_server() >>> s.serve_forever() @@ -1768,9 +1768,9 @@ authentication* using the :mod:`hmac` module. generally be omitted since it can usually be inferred from the format of *address*. (See :ref:`multiprocessing-address-formats`) - If *authenticate* is ``True`` or *authkey* is a string then digest + If *authenticate* is ``True`` or *authkey* is a byte string then digest authentication is used. The key used for authentication will be either - *authkey* or ``current_process().authkey)`` if *authkey* is ``None``. + *authkey* or ``current_process().authkey`` if *authkey* is ``None``. If authentication fails then :exc:`AuthenticationError` is raised. See :ref:`multiprocessing-auth-keys`. @@ -1805,8 +1805,8 @@ authentication* using the :mod:`hmac` module. If *authenticate* is ``True`` (``False`` by default) or *authkey* is not ``None`` then digest authentication is used. - If *authkey* is a string then it will be used as the authentication key; - otherwise it must be *None*. + If *authkey* is a byte string then it will be used as the + authentication key; otherwise it must be *None*. If *authkey* is ``None`` and *authenticate* is ``True`` then ``current_process().authkey`` is used as the authentication key. If @@ -1919,12 +1919,13 @@ unpickled. Unfortunately unpickling data from an untrusted source is a security risk. Therefore :class:`Listener` and :func:`Client` use the :mod:`hmac` module to provide digest authentication. -An authentication key is a string which can be thought of as a password: once a -connection is established both ends will demand proof that the other knows the -authentication key. (Demonstrating that both ends are using the same key does -**not** involve sending the key over the connection.) +An authentication key is a byte string which can be thought of as a +password: once a connection is established both ends will demand proof +that the other knows the authentication key. (Demonstrating that both +ends are using the same key does **not** involve sending the key over +the connection.) -If authentication is requested but do authentication key is specified then the +If authentication is requested but no authentication key is specified then the return value of ``current_process().authkey`` is used (see :class:`~multiprocessing.Process`). This value will automatically inherited by any :class:`~multiprocessing.Process` object that the current process creates.