Commit e48d4edf authored by Andreas Jung's avatar Andreas Jung

using ZEO.hash

parent d66ad74a
##############################################################################
#
# Copyright (c) 2008 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""In Python 2.6, the "sha" and "md5" modules have been deprecated
in favor of using hashlib for both. This class allows for compatibility
between versions."""
import sys
if sys.version_info[:2] >= (2, 6):
import hashlib
sha1 = hashlib.sha1
new = sha1
else:
import sha
sha1 = sha.new
new = sha1
digest_size = sha.digest_size
...@@ -19,17 +19,15 @@ This mechanism offers *no network security at all*; the only security ...@@ -19,17 +19,15 @@ This mechanism offers *no network security at all*; the only security
is provided by not storing plaintext passwords on disk. is provided by not storing plaintext passwords on disk.
""" """
try:
from hashlib import sha1 as sha
except ImportError:
import sha
from ZEO.StorageServer import ZEOStorage from ZEO.StorageServer import ZEOStorage
from ZEO.auth import register_module from ZEO.auth import register_module
from ZEO.auth.base import Client, Database from ZEO.auth.base import Client, Database
from ZEO.hash import sha1
def session_key(username, realm, password): def session_key(username, realm, password):
return sha.new("%s:%s:%s" % (username, realm, password)).hexdigest() return sha1.new("%s:%s:%s" % (username, realm, password)).hexdigest()
class StorageClass(ZEOStorage): class StorageClass(ZEOStorage):
...@@ -39,7 +37,7 @@ class StorageClass(ZEOStorage): ...@@ -39,7 +37,7 @@ class StorageClass(ZEOStorage):
except LookupError: except LookupError:
return 0 return 0
password_dig = sha.new(password).hexdigest() password_dig = sha1.new(password).hexdigest()
if dbpw == password_dig: if dbpw == password_dig:
self.connection.setSessionKey(session_key(username, self.connection.setSessionKey(session_key(username,
self.database.realm, self.database.realm,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment