traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix up brokenness with hashing, now hashlib is strict in requiring bytes too.

This commit is contained in:
Guido van Rossum 2007-08-29 14:26:52 +00:00
parent ec9a4afa32
commit 8136014862
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Lib/test/test_urllib2_localnet.py
View File

@ -88,7 +88,7 @@ class DigestAuthHandler:
def _generate_nonce(self): def _generate_nonce(self):
self._request_num += 1 self._request_num += 1
nonce = hashlib.md5(str(self._request_num)).hexdigest() nonce = hashlib.md5(str(self._request_num).encode("ascii")).hexdigest()
self._nonces.append(nonce) self._nonces.append(nonce)
return nonce return nonce
@ -116,14 +116,14 @@ class DigestAuthHandler:
final_dict["method"] = method final_dict["method"] = method
final_dict["uri"] = uri final_dict["uri"] = uri
HA1_str = "%(username)s:%(realm)s:%(password)s" % final_dict HA1_str = "%(username)s:%(realm)s:%(password)s" % final_dict
HA1 = hashlib.md5(HA1_str).hexdigest() HA1 = hashlib.md5(HA1_str.encode("ascii")).hexdigest()
HA2_str = "%(method)s:%(uri)s" % final_dict HA2_str = "%(method)s:%(uri)s" % final_dict
HA2 = hashlib.md5(HA2_str).hexdigest() HA2 = hashlib.md5(HA2_str.encode("ascii")).hexdigest()
final_dict["HA1"] = HA1 final_dict["HA1"] = HA1
final_dict["HA2"] = HA2 final_dict["HA2"] = HA2
response_str = "%(HA1)s:%(nonce)s:%(nc)s:" \ response_str = "%(HA1)s:%(nonce)s:%(nc)s:" \
"%(cnonce)s:%(qop)s:%(HA2)s" % final_dict "%(cnonce)s:%(qop)s:%(HA2)s" % final_dict
response = hashlib.md5(response_str).hexdigest() response = hashlib.md5(response_str.encode("ascii")).hexdigest()
return response == auth_dict["response"] return response == auth_dict["response"]

11
Lib/urllib2.py
View File

@ -837,7 +837,7 @@ class ProxyBasicAuthHandler(AbstractBasicAuthHandler, BaseHandler):
def randombytes(n): def randombytes(n):
"""Return n random bytes.""" """Return n random bytes."""
return str(os.urandom(n), "latin-1") return os.urandom(n)
class AbstractDigestAuthHandler: class AbstractDigestAuthHandler:
# Digest authentication is specified in RFC 2617. # Digest authentication is specified in RFC 2617.
@ -896,8 +896,9 @@ class AbstractDigestAuthHandler:
# and server to avoid chosen plaintext attacks, to provide mutual # and server to avoid chosen plaintext attacks, to provide mutual
# authentication, and to provide some message integrity protection. # authentication, and to provide some message integrity protection.
# This isn't a fabulous effort, but it's probably Good Enough. # This isn't a fabulous effort, but it's probably Good Enough.
dig = hashlib.sha1("%s:%s:%s:%s" % (self.nonce_count, nonce, time.ctime(), s = "%s:%s:%s:" % (self.nonce_count, nonce, time.ctime())
randombytes(8))).hexdigest() b = s.encode("ascii") + randombytes(8)
dig = hashlib.sha1(b).hexdigest()
return dig[:16] return dig[:16]
def get_authorization(self, req, chal): def get_authorization(self, req, chal):
@ -959,9 +960,9 @@ class AbstractDigestAuthHandler:
def get_algorithm_impls(self, algorithm): def get_algorithm_impls(self, algorithm):
# lambdas assume digest modules are imported at the top level # lambdas assume digest modules are imported at the top level
if algorithm == 'MD5': if algorithm == 'MD5':
H = lambda x: hashlib.md5(x).hexdigest() H = lambda x: hashlib.md5(x.encode("ascii")).hexdigest()
elif algorithm == 'SHA': elif algorithm == 'SHA':
H = lambda x: hashlib.sha1(x).hexdigest() H = lambda x: hashlib.sha1(x.encode("ascii")).hexdigest()
# XXX MD5-sess # XXX MD5-sess
KD = lambda s, d: H("%s:%s" % (s, d)) KD = lambda s, d: H("%s:%s" % (s, d))
return H, KD return H, KD