Commit 2d874c50 authored by Andreas Jung's avatar Andreas Jung

fixed usage of ZEO.hash

parent 08cb0113
...@@ -37,13 +37,13 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred. ...@@ -37,13 +37,13 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred.
import os import os
import random import random
import sha
import struct import struct
import time import time
from ZEO.auth.base import Database, Client from ZEO.auth.base import Database, Client
from ZEO.StorageServer import ZEOStorage from ZEO.StorageServer import ZEOStorage
from ZEO.Exceptions import AuthError from ZEO.Exceptions import AuthError
from ZEO.hash import sha1
def get_random_bytes(n=8): def get_random_bytes(n=8):
if os.path.exists("/dev/urandom"): if os.path.exists("/dev/urandom"):
...@@ -56,7 +56,7 @@ def get_random_bytes(n=8): ...@@ -56,7 +56,7 @@ def get_random_bytes(n=8):
return s return s
def hexdigest(s): def hexdigest(s):
return sha.new(s).hexdigest() return sha1(s).hexdigest()
class DigestDatabase(Database): class DigestDatabase(Database):
def __init__(self, filename, realm=None): def __init__(self, filename, realm=None):
...@@ -76,7 +76,7 @@ def session_key(h_up, nonce): ...@@ -76,7 +76,7 @@ def session_key(h_up, nonce):
# HMAC wants a 64-byte key. We don't want to use h_up # HMAC wants a 64-byte key. We don't want to use h_up
# directly because it would never change over time. Instead # directly because it would never change over time. Instead
# use the hash plus part of h_up. # use the hash plus part of h_up.
return sha.new("%s:%s" % (h_up, nonce)).digest() + h_up[:44] return sha1("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
class StorageClass(ZEOStorage): class StorageClass(ZEOStorage):
def set_database(self, database): def set_database(self, database):
...@@ -92,7 +92,7 @@ class StorageClass(ZEOStorage): ...@@ -92,7 +92,7 @@ class StorageClass(ZEOStorage):
def _get_nonce(self): def _get_nonce(self):
# RFC 2069 recommends a nonce of the form # RFC 2069 recommends a nonce of the form
# H(client-IP ":" time-stamp ":" private-key) # H(client-IP ":" time-stamp ":" private-key)
dig = sha.sha() dig = sha1()
dig.update(str(self.connection.addr)) dig.update(str(self.connection.addr))
dig.update(self._get_time()) dig.update(self._get_time())
dig.update(self.noncekey) dig.update(self.noncekey)
......
...@@ -18,7 +18,7 @@ Client -- abstract base class for authentication client ...@@ -18,7 +18,7 @@ Client -- abstract base class for authentication client
""" """
import os import os
import sha from ZEO.hash import sha1
class Client: class Client:
# Subclass should override to list the names of methods that # Subclass should override to list the names of methods that
...@@ -113,7 +113,7 @@ class Database: ...@@ -113,7 +113,7 @@ class Database:
return self._users[username] return self._users[username]
def hash(self, s): def hash(self, s):
return sha.new(s).hexdigest() return sha1(s).hexdigest()
def add_user(self, username, password): def add_user(self, username, password):
if self._users.has_key(username): if self._users.has_key(username):
......
...@@ -42,6 +42,7 @@ from ZODB.loglevels import TRACE ...@@ -42,6 +42,7 @@ from ZODB.loglevels import TRACE
from ZEO.zrpc.log import log, short_repr from ZEO.zrpc.log import log, short_repr
from ZEO.zrpc.error import DisconnectedError from ZEO.zrpc.error import DisconnectedError
import ZEO.hash
# Use the dictionary to make sure we get the minimum number of errno # Use the dictionary to make sure we get the minimum number of errno
...@@ -147,8 +148,8 @@ class SizedMessageAsyncConnection(asyncore.dispatcher): ...@@ -147,8 +148,8 @@ class SizedMessageAsyncConnection(asyncore.dispatcher):
# and thus iterator, because it contains a yield statement. # and thus iterator, because it contains a yield statement.
def hack(): def hack():
self.__hmac_send = hmac.HMAC(sesskey, digestmod=sha) self.__hmac_send = hmac.HMAC(sesskey, digestmod=ZEO.hash)
self.__hmac_recv = hmac.HMAC(sesskey, digestmod=sha) self.__hmac_recv = hmac.HMAC(sesskey, digestmod=ZEO.hash)
if False: if False:
yield '' yield ''
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment