def testReadAll(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
    self.assertEqual(len(data), 814)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "a491efb3efe56a0535f924d5f8680fd4")
    def testReadAll(self):
        data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
        self.assertEqual(len(data), 1229)

        h = compat.md5_hash()
        h.update(data)
        self.assertEqual(h.hexdigest(), "a02be485db0d82b70c0ae7913b26894e")
Example #3
0
  def testReadAll(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
    self.assertEqual(len(data), 814)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "a491efb3efe56a0535f924d5f8680fd4")
  def testReadAll(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"))
    self.assertEqual(len(data), 1229)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "a02be485db0d82b70c0ae7913b26894e")
    def testReadSize(self):
        data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                              size=100)
        self.assertEqual(len(data), 100)

        h = compat.md5_hash()
        h.update(data)
        self.assertEqual(h.hexdigest(), "256d28505448898d4741b10c5f5dbc12")
Example #6
0
  def testReadSize(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                          size=100)
    self.assertEqual(len(data), 100)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "893772354e4e690b9efd073eed433ce7")
  def testReadSize(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                          size=100)
    self.assertEqual(len(data), 100)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "893772354e4e690b9efd073eed433ce7")
  def testReadSize(self):
    data = utils.ReadFile(testutils.TestDataFilename("cert1.pem"),
                          size=100)
    self.assertEqual(len(data), 100)

    h = compat.md5_hash()
    h.update(data)
    self.assertEqual(h.hexdigest(), "256d28505448898d4741b10c5f5dbc12")
Example #9
0
    def VerifyBasicAuthPassword(self, req, username, password, expected):
        """Checks the password for basic authentication.

    As long as they don't start with an opening brace ("E{lb}"), old passwords
    are supported. A new scheme uses H(A1) from RFC2617, where H is MD5 and A1
    consists of the username, the authentication realm and the actual password.

    @type req: L{http.server._HttpServerRequest}
    @param req: HTTP request context
    @type username: string
    @param username: Username from HTTP headers
    @type password: string
    @param password: Password from HTTP headers
    @type expected: string
    @param expected: Expected password with optional scheme prefix (e.g. from
                     users file)

    """
        # Backwards compatibility for old-style passwords without a scheme
        if not expected.startswith("{"):
            expected = self._CLEARTEXT_SCHEME + expected

        # Check again, just to be sure
        if not expected.startswith("{"):
            raise AssertionError("Invalid scheme")

        scheme_end_idx = expected.find("}", 1)

        # Ensure scheme has a length of at least one character
        if scheme_end_idx <= 1:
            logging.warning("Invalid scheme in password for user '%s'",
                            username)
            return False

        scheme = expected[:scheme_end_idx + 1].upper()
        expected_password = expected[scheme_end_idx + 1:]

        # Good old plain text password
        if scheme == self._CLEARTEXT_SCHEME:
            return password == expected_password

        # H(A1) as described in RFC2617
        if scheme == self._HA1_SCHEME:
            realm = self.GetAuthRealm(req)
            if not realm:
                # There can not be a valid password for this case
                raise AssertionError("No authentication realm")

            expha1 = compat.md5_hash()
            expha1.update("%s:%s:%s" % (username, realm, password))

            return (expected_password.lower() == expha1.hexdigest().lower())

        logging.warning("Unknown scheme '%s' in password for user '%s'",
                        scheme, username)

        return False
Example #10
0
File: auth.py Project: badp/ganeti
  def VerifyBasicAuthPassword(self, req, username, password, expected):
    """Checks the password for basic authentication.

    As long as they don't start with an opening brace ("E{lb}"), old passwords
    are supported. A new scheme uses H(A1) from RFC2617, where H is MD5 and A1
    consists of the username, the authentication realm and the actual password.

    @type req: L{http.server._HttpServerRequest}
    @param req: HTTP request context
    @type username: string
    @param username: Username from HTTP headers
    @type password: string
    @param password: Password from HTTP headers
    @type expected: string
    @param expected: Expected password with optional scheme prefix (e.g. from
                     users file)

    """
    # Backwards compatibility for old-style passwords without a scheme
    if not expected.startswith("{"):
      expected = self._CLEARTEXT_SCHEME + expected

    # Check again, just to be sure
    if not expected.startswith("{"):
      raise AssertionError("Invalid scheme")

    scheme_end_idx = expected.find("}", 1)

    # Ensure scheme has a length of at least one character
    if scheme_end_idx <= 1:
      logging.warning("Invalid scheme in password for user '%s'", username)
      return False

    scheme = expected[:scheme_end_idx + 1].upper()
    expected_password = expected[scheme_end_idx + 1:]

    # Good old plain text password
    if scheme == self._CLEARTEXT_SCHEME:
      return password == expected_password

    # H(A1) as described in RFC2617
    if scheme == self._HA1_SCHEME:
      realm = self.GetAuthRealm(req)
      if not realm:
        # There can not be a valid password for this case
        raise AssertionError("No authentication realm")

      expha1 = compat.md5_hash()
      expha1.update("%s:%s:%s" % (username, realm, password))

      return (expected_password.lower() == expha1.hexdigest().lower())

    logging.warning("Unknown scheme '%s' in password for user '%s'",
                    scheme, username)

    return False
Example #11
0
File: auth.py Project: jfut/ganeti
  def VerifyBasicAuthPassword(self, req, username, password, expected):
    """Checks the password for basic authentication.

    As long as they don't start with an opening brace ("E{lb}"), old passwords
    are supported. A new scheme uses H(A1) from RFC2617, where H is MD5 and A1
    consists of the username, the authentication realm and the actual password.

    @type req: L{http.server._HttpServerRequest}
    @param req: HTTP request context
    @type username: string
    @param username: Username from HTTP headers
    @type password: string
    @param password: Password from HTTP headers
    @type expected: string
    @param expected: Expected password with optional scheme prefix (e.g. from
                     users file)

    """

    scheme, expected_password = self.ExtractSchemePassword(expected)
    if scheme is None or password is None:
      return False

    # Good old plain text password
    if scheme == self._CLEARTEXT_SCHEME:
      return password == expected_password

    # H(A1) as described in RFC2617
    if scheme == self._HA1_SCHEME:
      realm = self.GetAuthRealm(req)
      if not realm:
        # There can not be a valid password for this case
        raise AssertionError("No authentication realm")

      expha1 = compat.md5_hash()
      expha1.update("%s:%s:%s" % (username, realm, password))

      return (expected_password.lower() == expha1.hexdigest().lower())

    logging.warning("Unknown scheme '%s' in password for user '%s'",
                    scheme, username)

    return False
Example #12
0
    def VerifyBasicAuthPassword(self, req, username, password, expected):
        """Checks the password for basic authentication.

    As long as they don't start with an opening brace ("E{lb}"), old passwords
    are supported. A new scheme uses H(A1) from RFC2617, where H is MD5 and A1
    consists of the username, the authentication realm and the actual password.

    @type req: L{http.server._HttpServerRequest}
    @param req: HTTP request context
    @type username: string
    @param username: Username from HTTP headers
    @type password: string
    @param password: Password from HTTP headers
    @type expected: string
    @param expected: Expected password with optional scheme prefix (e.g. from
                     users file)

    """

        scheme, expected_password = self.ExtractSchemePassword(expected)
        if scheme is None or password is None:
            return False

        # Good old plain text password
        if scheme == self._CLEARTEXT_SCHEME:
            return password == expected_password

        # H(A1) as described in RFC2617
        if scheme == self._HA1_SCHEME:
            realm = self.GetAuthRealm(req)
            if not realm:
                # There can not be a valid password for this case
                raise AssertionError("No authentication realm")

            expha1 = compat.md5_hash()
            expha1.update("%s:%s:%s" % (username, realm, password))

            return (expected_password.lower() == expha1.hexdigest().lower())

        logging.warning("Unknown scheme '%s' in password for user '%s'",
                        scheme, username)

        return False