Commit fbde9b5a authored by Andreas Jung's avatar Andreas Jung

reverted changes causing test failures

parent 036c6ba4
......@@ -37,14 +37,13 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred.
import os
import random
import sha
import struct
import time
from ZEO.auth.base import Database, Client
from ZEO.StorageServer import ZEOStorage
from ZEO.Exceptions import AuthError
from ZEO.hash import sha1
def get_random_bytes(n=8):
if os.path.exists("/dev/urandom"):
......@@ -57,7 +56,7 @@ def get_random_bytes(n=8):
return s
def hexdigest(s):
return sha1(s).hexdigest()
return sha.new(s).hexdigest()
class DigestDatabase(Database):
def __init__(self, filename, realm=None):
......@@ -77,7 +76,7 @@ def session_key(h_up, nonce):
# HMAC wants a 64-byte key. We don't want to use h_up
# directly because it would never change over time. Instead
# use the hash plus part of h_up.
return sha1("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
return sha.new("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
class StorageClass(ZEOStorage):
def set_database(self, database):
......@@ -93,7 +92,7 @@ class StorageClass(ZEOStorage):
def _get_nonce(self):
# RFC 2069 recommends a nonce of the form
# H(client-IP ":" time-stamp ":" private-key)
dig = sha1()
dig = sha.sha()
dig.update(str(self.connection.addr))
dig.update(self._get_time())
dig.update(self.noncekey)
......
......@@ -18,7 +18,7 @@ Client -- abstract base class for authentication client
"""
import os
from ZEO.hash import sha1
import sha
class Client:
# Subclass should override to list the names of methods that
......@@ -113,7 +113,7 @@ class Database:
return self._users[username]
def hash(self, s):
return sha1(s).hexdigest()
return sha.new(s).hexdigest()
def add_user(self, username, password):
if self._users.has_key(username):
......
......@@ -19,15 +19,14 @@ This mechanism offers *no network security at all*; the only security
is provided by not storing plaintext passwords on disk.
"""
import sha
from ZEO.StorageServer import ZEOStorage
from ZEO.auth import register_module
from ZEO.auth.base import Client, Database
from ZEO.hash import sha1
def session_key(username, realm, password):
return sha1.new("%s:%s:%s" % (username, realm, password)).hexdigest()
return sha.new("%s:%s:%s" % (username, realm, password)).hexdigest()
class StorageClass(ZEOStorage):
......@@ -37,7 +36,7 @@ class StorageClass(ZEOStorage):
except LookupError:
return 0
password_dig = sha1.new(password).hexdigest()
password_dig = sha.new(password).hexdigest()
if dbpw == password_dig:
self.connection.setSessionKey(session_key(username,
self.database.realm,
......
......@@ -27,7 +27,11 @@ is set to 1 and the MAC immediately follows the length.
import asyncore
import errno
import ZEO.hash
try:
import hmac
except ImportError:
import _hmac as hmac
import sha
import socket
import struct
import threading
......@@ -38,7 +42,7 @@ from ZODB.loglevels import TRACE
from ZEO.zrpc.log import log, short_repr
from ZEO.zrpc.error import DisconnectedError
import ZEO.hash
# Use the dictionary to make sure we get the minimum number of errno
# entries. We expect that EWOULDBLOCK == EAGAIN on most systems --
......@@ -143,8 +147,8 @@ class SizedMessageAsyncConnection(asyncore.dispatcher):
# and thus iterator, because it contains a yield statement.
def hack():
self.__hmac_send = hmac.HMAC(sesskey, digestmod=ZEO.hash)
self.__hmac_recv = hmac.HMAC(sesskey, digestmod=ZEO.hash)
self.__hmac_send = hmac.HMAC(sesskey, digestmod=sha)
self.__hmac_recv = hmac.HMAC(sesskey, digestmod=sha)
if False:
yield ''
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment