chiark
/
gitweb
/
~mdw
/
chopwood
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
httpauth.py: Allow configuration of the hash function.
[chopwood]
/
httpauth.py
diff --git
a/httpauth.py
b/httpauth.py
index 13ba0d1155767a66de538942a6851f776d6ffdbb..ea978eb123fa1ffd9b4cee82890d892382a711c5 100644
(file)
--- a/
httpauth.py
+++ b/
httpauth.py
@@
-100,7
+100,10
@@
CONF.DEFAULTS.update(
SECRETLIFE = 30*60,
## Maximum age of an authentication key, in seconds.
SECRETLIFE = 30*60,
## Maximum age of an authentication key, in seconds.
- SECRETFRESH = 5*60)
+ SECRETFRESH = 5*60,
+
+ ## Hash function to use for crypto.
+ AUTHHASH = H.sha256)
def cleansecrets():
"""Remove dead secrets from the database."""
def cleansecrets():
"""Remove dead secrets from the database."""
@@
-152,7
+155,7
@@
def hack_octets(s):
def auth_tag(sec, stamp, nonce, user):
"""Compute a tag using secret SEC on `STAMP.NONCE.USER'."""
def auth_tag(sec, stamp, nonce, user):
"""Compute a tag using secret SEC on `STAMP.NONCE.USER'."""
- hmac = HM.HMAC(sec, digestmod =
H.sha256
)
+ hmac = HM.HMAC(sec, digestmod =
CFG.AUTHHASH
)
hmac.update('%d.%s.%s' % (stamp, nonce, user))
return hack_octets(hmac.digest())
hmac.update('%d.%s.%s' % (stamp, nonce, user))
return hack_octets(hmac.digest())
~mdw / chopwood / blobdiff