def _verify_upload_integrity(self, file, file_url):
"""Download the given file from the URL and compare the SHA1s.
:type file: :class:`cgi.FieldStorage`
:param file: A freshly uploaded file object, that has just been
sent to the FTP server.
:type file_url: str
:param file_url: A publicly accessible URL where the uploaded file
can be downloaded.
:returns: `True` if the integrity check succeeds or is disabled.
:raises FTPUploadError: If the file cannot be downloaded after
the max number of retries, or if the the downloaded file
doesn't match the original.
"""
max_tries = int(self._data[FTP_MAX_INTEGRITY_RETRIES])
if max_tries < 1:
return True
file.seek(0)
orig_hash = sha1(file.read()).hexdigest()
# Try to download the file. Increase the number of retries, or the
# timeout duration, if the server is particularly slow.
# eg: Akamai usually takes 3-15 seconds to make an uploaded file
# available over HTTP.
for i in xrange(max_tries):
try:
temp_file = urlopen(file_url)
dl_hash = sha1(temp_file.read()).hexdigest()
temp_file.close()
except HTTPError, http_err:
# Don't raise the exception now, wait until all attempts fail
time.sleep(3)
else:
# If the downloaded file matches, success! Otherwise, we can
# be pretty sure that it got corrupted during FTP transfer.
if orig_hash == dl_hash:
return True
else:
msg = _('The file transferred to your FTP server is '\
'corrupted. Please try again.')
raise FTPUploadError(msg, None, None)
def _verify_upload_integrity(self, file, file_url):
"""Download the given file from the URL and compare the SHA1s.
:type file: :class:`cgi.FieldStorage`
:param file: A freshly uploaded file object, that has just been
sent to the FTP server.
:type file_url: str
:param file_url: A publicly accessible URL where the uploaded file
can be downloaded.
:returns: `True` if the integrity check succeeds or is disabled.
:raises FTPUploadError: If the file cannot be downloaded after
the max number of retries, or if the the downloaded file
doesn't match the original.
"""
max_tries = int(self._data[FTP_MAX_INTEGRITY_RETRIES])
if max_tries < 1:
return True
file.seek(0)
orig_hash = sha1(file.read()).hexdigest()
# Try to download the file. Increase the number of retries, or the
# timeout duration, if the server is particularly slow.
# eg: Akamai usually takes 3-15 seconds to make an uploaded file
# available over HTTP.
for i in xrange(max_tries):
try:
temp_file = urlopen(file_url)
dl_hash = sha1(temp_file.read()).hexdigest()
temp_file.close()
except HTTPError, http_err:
# Don't raise the exception now, wait until all attempts fail
time.sleep(3)
else:
# If the downloaded file matches, success! Otherwise, we can
# be pretty sure that it got corrupted during FTP transfer.
if orig_hash == dl_hash:
return True
else:
msg = _('The file transferred to your FTP server is '\
'corrupted. Please try again.')
raise FTPUploadError(msg, None, None)
def _set_password(self, password):
"""Hash password on the fly."""
if isinstance(password, unicode):
password_8bit = password.encode('UTF-8')
else:
password_8bit = password
salt = sha1()
salt.update(os.urandom(60))
hash_ = sha1()
hash_.update(password_8bit + salt.hexdigest())
hashed_password = salt.hexdigest() + hash_.hexdigest()
# make sure the hashed password is an UTF-8 object at the end of the
# process because SQLAlchemy _wants_ a unicode object for Unicode columns
if not isinstance(hashed_password, unicode):
hashed_password = hashed_password.decode('UTF-8')
self._password = hashed_password
def _set_password(self, password):
"""Hash password on the fly."""
if isinstance(password, unicode):
password_8bit = password.encode('UTF-8')
else:
password_8bit = password
salt = sha1()
salt.update(os.urandom(60))
hash_ = sha1()
hash_.update(password_8bit + salt.hexdigest())
hashed_password = salt.hexdigest() + hash_.hexdigest()
# make sure the hashed password is an UTF-8 object at the end of the
# process because SQLAlchemy _wants_ a unicode object for Unicode columns
if not isinstance(hashed_password, unicode):
hashed_password = hashed_password.decode('UTF-8')
self._password = hashed_password
def validate_password(self, password):
"""Check the password against existing credentials.
:param password: the password that was provided by the user to
try and authenticate. This is the clear text version that we will
need to match against the hashed one in the database.
:type password: unicode object.
:return: Whether the password is valid.
:rtype: bool
"""
hashed_pass = sha1()
hashed_pass.update(password + self.password[:40])
return self.password[40:] == hashed_pass.hexdigest()
def validate_password(self, password):
"""Check the password against existing credentials.
:param password: the password that was provided by the user to
try and authenticate. This is the clear text version that we will
need to match against the hashed one in the database.
:type password: unicode object.
:return: Whether the password is valid.
:rtype: bool
"""
hashed_pass = sha1()
hashed_pass.update(password + self.password[:40])
return self.password[40:] == hashed_pass.hexdigest()
