Commit 8a43c99d authored by Andreas Jung's avatar Andreas Jung

using ZEO.hash

parent f2034833
...@@ -37,13 +37,14 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred. ...@@ -37,13 +37,14 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred.
import os import os
import random import random
import sha
import struct import struct
import time import time
from ZEO.auth.base import Database, Client from ZEO.auth.base import Database, Client
from ZEO.StorageServer import ZEOStorage from ZEO.StorageServer import ZEOStorage
from ZEO.Exceptions import AuthError from ZEO.Exceptions import AuthError
from ZEO.hash import sha1
def get_random_bytes(n=8): def get_random_bytes(n=8):
if os.path.exists("/dev/urandom"): if os.path.exists("/dev/urandom"):
...@@ -56,7 +57,7 @@ def get_random_bytes(n=8): ...@@ -56,7 +57,7 @@ def get_random_bytes(n=8):
return s return s
def hexdigest(s): def hexdigest(s):
return sha.new(s).hexdigest() return sha1.new(s).hexdigest()
class DigestDatabase(Database): class DigestDatabase(Database):
def __init__(self, filename, realm=None): def __init__(self, filename, realm=None):
...@@ -76,7 +77,7 @@ def session_key(h_up, nonce): ...@@ -76,7 +77,7 @@ def session_key(h_up, nonce):
# HMAC wants a 64-byte key. We don't want to use h_up # HMAC wants a 64-byte key. We don't want to use h_up
# directly because it would never change over time. Instead # directly because it would never change over time. Instead
# use the hash plus part of h_up. # use the hash plus part of h_up.
return sha.new("%s:%s" % (h_up, nonce)).digest() + h_up[:44] return sha1.new("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
class StorageClass(ZEOStorage): class StorageClass(ZEOStorage):
def set_database(self, database): def set_database(self, database):
...@@ -92,7 +93,7 @@ class StorageClass(ZEOStorage): ...@@ -92,7 +93,7 @@ class StorageClass(ZEOStorage):
def _get_nonce(self): def _get_nonce(self):
# RFC 2069 recommends a nonce of the form # RFC 2069 recommends a nonce of the form
# H(client-IP ":" time-stamp ":" private-key) # H(client-IP ":" time-stamp ":" private-key)
dig = sha.sha() dig = sha1.sha()
dig.update(str(self.connection.addr)) dig.update(str(self.connection.addr))
dig.update(self._get_time()) dig.update(self._get_time())
dig.update(self.noncekey) dig.update(self.noncekey)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment