def testBundlerOneFile(self):
data = open(self.filename, "r").read()
md5sum = python.md5(data).hexdigest()
name = os.path.split(self.filename)[1]
b = self.bundler.bundle()
sum = b.md5sum
zip = b.zip
filelike = StringIO.StringIO(zip)
zip = zipfile.ZipFile(filelike, "r")
# None means no files were broken
self.failIf(zip.testzip())
data = zip.read(name)
self.failUnless(data)
self.assertEquals(md5sum, python.md5(data).hexdigest())
def testBundlerOneFile(self):
data = open(self.filename, "r").read()
md5sum = python.md5(data).hexdigest()
name = os.path.split(self.filename)[1]
b = self.bundler.bundle()
sum = b.md5sum
zip = b.zip
filelike = StringIO.StringIO(zip)
zip = zipfile.ZipFile(filelike, "r")
# None means no files were broken
self.failIf(zip.testzip())
data = zip.read(name)
self.failUnless(data)
self.assertEquals(md5sum, python.md5(data).hexdigest())
def writeConnection():
i = self.connectionInfo
if not (i.authenticator.username
and i.authenticator.password):
self.log('not caching connection information')
return
s = ''.join(['<connection>',
'<host>%s</host>' % i.host,
'<manager>%s</manager>' % self.planet.get('name'),
'<port>%d</port>' % i.port,
'<use_insecure>%d</use_insecure>'
% ((not i.use_ssl) and 1 or 0),
'<user>%s</user>' % i.authenticator.username,
'<passwd>%s</passwd>' % i.authenticator.password,
'</connection>'])
import os
from flumotion.common import python
md5sum = python.md5(s).hexdigest()
f = os.path.join(configure.registrydir, '%s.connection' % md5sum)
try:
h = open(f, 'w')
h.write(s)
h.close()
except Exception, e:
self.info('failed to write connection cache file %s: %s',
f, log.getExceptionMessage(e))
def writeConnection():
i = self.connectionInfo
if not (i.authenticator.username and i.authenticator.password):
self.log('not caching connection information')
return
s = ''.join([
'<connection>',
'<host>%s</host>' % i.host,
'<manager>%s</manager>' % self.planet.get('name'),
'<port>%d</port>' % i.port,
'<use_insecure>%d</use_insecure>' %
((not i.use_ssl) and 1 or 0),
'<user>%s</user>' % i.authenticator.username,
'<passwd>%s</passwd>' % i.authenticator.password,
'</connection>'
])
import os
from flumotion.common import python
md5sum = python.md5(s).hexdigest()
f = os.path.join(configure.registrydir, '%s.connection' % md5sum)
try:
h = open(f, 'w')
h.write(s)
h.close()
except Exception, e:
self.info('failed to write connection cache file %s: %s', f,
log.getExceptionMessage(e))
def _calculateHA2(self, method, uri):
# We don't support auth-int, otherwise we'd optionally need to do
# some more work here
m = python.md5()
m.update(method)
m.update(':')
m.update(uri)
return m.digest().encode('hex')
def _calculateHA2(self, method, uri):
# We don't support auth-int, otherwise we'd optionally need to do
# some more work here
m = python.md5()
m.update(method)
m.update(':')
m.update(uri)
return m.digest().encode('hex')
def cryptRespond(challenge, cryptPassword):
"""
Respond to a given crypt challenge with our cryptPassword.
"""
md = python.md5()
md.update(cryptPassword)
md.update(challenge)
return md.digest()
def md5sum(self):
"""
Calculate the md5sum of the given file.
@returns: the md5 sum a 32 character string of hex characters.
"""
data = open(self.source, "r").read()
return python.md5(data).hexdigest()
def cryptRespond(challenge, cryptPassword):
"""
Respond to a given crypt challenge with our cryptPassword.
"""
md = python.md5()
md.update(cryptPassword)
md.update(challenge)
return md.digest()
def md5sum(self):
"""
Calculate the md5sum of the given file.
@returns: the md5 sum a 32 character string of hex characters.
"""
data = open(self.source, "r").read()
return python.md5(data).hexdigest()
def cryptChallenge():
"""
I return some random data.
"""
crap = ''
for x in range(random.randrange(15, 25)):
crap = crap + chr(random.randint(65, 90) + x - x) # pychecker madness
crap = python.md5(crap).digest()
return crap
def gen_timed_link(relative_path, secret_key, timeout, type):
start_time = '%08x' % (time.time() - 10)
stop_time = '%08x' % (time.time() + int(timeout))
hashable = secret_key + relative_path + start_time + stop_time
if type == 'md5':
hashed = python.md5(hashable).hexdigest()
else:
hashed = python.sha1(hashable).hexdigest()
return '%s%s%s' % (hashed, start_time, stop_time)
def gen_timed_link(relative_path, secret_key, timeout, type):
start_time = '%08x' % (time.time() - 10)
stop_time = '%08x' % (time.time() + int(timeout))
hashable = secret_key + relative_path + start_time + stop_time
if type == 'md5':
hashed = python.md5(hashable).hexdigest()
else:
hashed = python.sha1(hashable).hexdigest()
return '%s%s%s' % (hashed, start_time, stop_time)
def cryptChallenge():
"""
I return some random data.
"""
crap = ''
for x in range(random.randrange(15, 25)):
crap = crap + chr(random.randint(65, 90) + x - x) # pychecker madness
crap = python.md5(crap).digest()
return crap
def do_authenticate(self, keycard):
if isinstance(keycard, self.challengeResponseClasses):
# Check if we need to challenge it
if not self.hasAuthSession(keycard):
if not self.startAuthSession(keycard):
# Keycard refused right away
keycard.state = keycards.REFUSED
return None
self.debug('putting challenge on keycard %r' % keycard)
keycard.challenge = credentials.cryptChallenge()
if keycard.username in self._db:
keycard.salt = self._db[keycard.username]
else:
# random-ish salt, otherwise it's too obvious
string = str(random.randint(pow(10, 10), pow(10, 11)))
md = python.md5()
md.update(string)
keycard.salt = md.hexdigest()[:2]
self.debug("user not found, inventing bogus salt")
self.debug("salt %s, storing challenge for id %s" %
(keycard.salt, keycard.id))
self.updateAuthSession(keycard)
return keycard
else:
# Check if the challenge has been tampered with
challenge = self.getAuthSessionInfo(keycard)
if challenge != keycard.challenge:
self.info('keycard %r refused, challenge tampered with' %
keycard)
self.cancelAuthSession(keycard)
keycard.state = keycards.REFUSED
return None
else:
# Not a challenge/response authentication.
# creating a temporary session to have a keycard id
if not self.startAuthSession(keycard):
# Keycard refused right away
keycard.state = keycards.REFUSED
return None
# use the checker
self.debug('submitting keycard %r to checker' % keycard)
d = self._checker.requestAvatarId(keycard)
d.addCallback(self._requestAvatarIdCallback, keycard)
d.addErrback(self._requestAvatarIdErrback, keycard)
return d
def do_authenticate(self, keycard):
if isinstance(keycard, self.challengeResponseClasses):
# Check if we need to challenge it
if not self.hasAuthSession(keycard):
if not self.startAuthSession(keycard):
# Keycard refused right away
keycard.state = keycards.REFUSED
return None
self.debug('putting challenge on keycard %r' % keycard)
keycard.challenge = credentials.cryptChallenge()
if keycard.username in self._db:
keycard.salt = self._db[keycard.username]
else:
# random-ish salt, otherwise it's too obvious
string = str(random.randint(pow(10, 10), pow(10, 11)))
md = python.md5()
md.update(string)
keycard.salt = md.hexdigest()[:2]
self.debug("user not found, inventing bogus salt")
self.debug("salt %s, storing challenge for id %s"
% (keycard.salt, keycard.id))
self.updateAuthSession(keycard)
return keycard
else:
# Check if the challenge has been tampered with
challenge = self.getAuthSessionInfo(keycard)
if challenge != keycard.challenge:
self.info('keycard %r refused, challenge tampered with'
% keycard)
self.cancelAuthSession(keycard)
keycard.state = keycards.REFUSED
return None
else:
# Not a challenge/response authentication.
# creating a temporary session to have a keycard id
if not self.startAuthSession(keycard):
# Keycard refused right away
keycard.state = keycards.REFUSED
return None
# use the checker
self.debug('submitting keycard %r to checker' % keycard)
d = self._checker.requestAvatarId(keycard)
d.addCallback(self._requestAvatarIdCallback, keycard)
d.addErrback(self._requestAvatarIdErrback, keycard)
return d
def _calculateRequestDigest(self, username, ha1, nonce, cnonce, method,
uri, ncvalue, qop):
HA1 = self._calculateHA1(ha1, nonce, cnonce)
HA2 = self._calculateHA2(method, uri)
m = python.md5()
m.update(HA1)
m.update(':')
m.update(nonce)
if qop:
m.update(':')
m.update(ncvalue)
m.update(':')
m.update(cnonce)
m.update(':')
m.update(qop) # Must be 'auth', others not supported
m.update(':')
m.update(HA2)
return m.digest().encode('hex')
def _calculateRequestDigest(self, username, ha1, nonce, cnonce, method,
uri, ncvalue, qop):
HA1 = self._calculateHA1(ha1, nonce, cnonce)
HA2 = self._calculateHA2(method, uri)
m = python.md5()
m.update(HA1)
m.update(':')
m.update(nonce)
if qop:
m.update(':')
m.update(ncvalue)
m.update(':')
m.update(cnonce)
m.update(':')
m.update(qop) # Must be 'auth', others not supported
m.update(':')
m.update(HA2)
return m.digest().encode('hex')
def do_authenticate(self, keycard):
# at this point we add it so there's an ID for challenge-response
if not self.addKeycard(keycard):
keycard.state = keycards.REFUSED
return keycard
# check if the keycard is ready for the checker, based on the type
if isinstance(keycard, self.challengeResponseClasses):
# Check if we need to challenge it
if not keycard.challenge:
self.debug("putting challenge on keycard %r" % keycard)
keycard.challenge = credentials.cryptChallenge()
if keycard.username in self._db:
keycard.salt = self._db[keycard.username]
else:
# random-ish salt, otherwise it's too obvious
string = str(random.randint(pow(10, 10), pow(10, 11)))
md = python.md5()
md.update(string)
keycard.salt = md.hexdigest()[:2]
self.debug("user not found, inventing bogus salt")
self.debug("salt %s, storing challenge for id %s" % (keycard.salt, keycard.id))
# we store the challenge locally to verify against tampering
self._challenges[keycard.id] = keycard.challenge
return keycard
if keycard.response:
# Check if the challenge has been tampered with
if self._challenges[keycard.id] != keycard.challenge:
self.removeKeycard(keycard)
self.info("keycard %r refused, challenge tampered with" % keycard)
return None
del self._challenges[keycard.id]
# use the checker
self.debug("submitting keycard %r to checker" % keycard)
d = self._checker.requestAvatarId(keycard)
d.addCallback(self._requestAvatarIdCallback, keycard)
d.addErrback(self._requestAvatarIdErrback, keycard)
return d
def _calculateHA1(self, ha1, nonce, cnonce):
"""
Calculate H(A1) as from specification (RFC2617) section 3.2.2, given
the initial hash H(username:realm:passwd), hex-encoded.
This basically applies the second-level hashing for MD5-sess, if
required.
"""
if self._algorithm == 'MD5':
return ha1
elif self._algorithm == 'MD5-sess':
HA1 = ha1.decode('hex')
m = python.md5()
m.update(HA1)
m.update(':')
m.update(nonce)
m.update(':')
m.update(cnonce)
return m.digest().encode('hex')
else:
raise NotImplementedError("Unimplemented algorithm")
def _calculateHA1(self, ha1, nonce, cnonce):
"""
Calculate H(A1) as from specification (RFC2617) section 3.2.2, given
the initial hash H(username:realm:passwd), hex-encoded.
This basically applies the second-level hashing for MD5-sess, if
required.
"""
if self._algorithm == 'MD5':
return ha1
elif self._algorithm == 'MD5-sess':
HA1 = ha1.decode('hex')
m = python.md5()
m.update(HA1)
m.update(':')
m.update(nonce)
m.update(':')
m.update(cnonce)
return m.digest().encode('hex')
else:
raise NotImplementedError("Unimplemented algorithm")
def setZip(self, zip):
"""
Set the bundle to the given data representation of the zip file.
"""
self.zip = zip
self.md5sum = python.md5(self.zip).hexdigest()
def setZip(self, zip):
"""
Set the bundle to the given data representation of the zip file.
"""
self.zip = zip
self.md5sum = python.md5(self.zip).hexdigest()
