httpauth.py: Allow configuration of the hash function.

author Mark Wooding <mdw@distorted.org.uk>

Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)

committer Mark Wooding <mdw@distorted.org.uk>

Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)
author Mark Wooding <mdw@distorted.org.uk>
Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)
committer Mark Wooding <mdw@distorted.org.uk>
Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)
diff --git a/httpauth.py b/httpauth.py

index 13ba0d1155767a66de538942a6851f776d6ffdbb..ea978eb123fa1ffd9b4cee82890d892382a711c5 100644 (file)
--- a/httpauth.py
+++ b/httpauth.py
@@ -100,7 +100,10 @@ CONF.DEFAULTS.update(
    SECRETLIFE = 30*60,
  
    ## Maximum age of an authentication key, in seconds.
-  SECRETFRESH = 5*60)
+  SECRETFRESH = 5*60,
+
+  ## Hash function to use for crypto.
+  AUTHHASH = H.sha256)
  
  def cleansecrets():
    """Remove dead secrets from the database."""
@@ -152,7 +155,7 @@ def hack_octets(s):
  
  def auth_tag(sec, stamp, nonce, user):
    """Compute a tag using secret SEC on `STAMP.NONCE.USER'."""
-  hmac = HM.HMAC(sec, digestmod = H.sha256)
+  hmac = HM.HMAC(sec, digestmod = CFG.AUTHHASH)
    hmac.update('%d.%s.%s' % (stamp, nonce, user))
    return hack_octets(hmac.digest())
author	Mark Wooding <mdw@distorted.org.uk>
	Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)
committer	Mark Wooding <mdw@distorted.org.uk>
	Sat, 10 Aug 2013 12:28:17 +0000 (13:28 +0100)