[Zodb-checkins] CVS: ZODB3/ZEO/auth - __init__.py:1.1.2.2
auth_digest.py:1.1.2.3 auth_plaintext.py:1.1.2.2
auth_sha.py:1.1.2.2 hmac.py:1.1.2.2 storage.py:NONE
Johan Dahlin
jdahlin at telia.com
Mon May 19 14:46:38 EDT 2003
Update of /cvs-repository/ZODB3/ZEO/auth
In directory cvs.zope.org:/tmp/cvs-serv17295/ZEO/auth
Modified Files:
Tag: ZODB3-auth-branch
__init__.py auth_digest.py auth_plaintext.py auth_sha.py
hmac.py
Removed Files:
Tag: ZODB3-auth-branch
storage.py
Log Message:
Merge AuthZEOStorage with ZEOStorage. Don't use __import__(). Introduce register_module() and get_module(). Use hmac.py from python 2.2 (for python 2.1 support)
=== ZODB3/ZEO/auth/__init__.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/__init__.py:1.1.2.1 Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/__init__.py Mon May 19 13:46:06 2003
@@ -11,3 +11,22 @@
# FOR A PARTICULAR PURPOSE
#
##############################################################################
+
+from ZEO.auth.database import Database
+
+auth_modules = {}
+
+def get_module(name):
+ if name == 'sha':
+ from auth_sha import StorageClass, Client
+ return StorageClass, Client, Database
+ elif name == 'digest':
+ from auth_digest import StorageClass, Client, DigestDatabase
+ return StorageClass, Client, DigestDatabase
+ else:
+ return auth_modules.get(name)
+
+def register_module(name, storage_class, client, db=Database):
+ if auth_modules.has_key(name):
+ raise TypeError, "%s is already registred" % name
+ auth_modules[name] = storage_class, client, db
=== ZODB3/ZEO/auth/auth_digest.py 1.1.2.2 => 1.1.2.3 ===
--- ZODB3/ZEO/auth/auth_digest.py:1.1.2.2 Thu May 15 09:46:41 2003
+++ ZODB3/ZEO/auth/auth_digest.py Mon May 19 13:46:06 2003
@@ -40,8 +40,8 @@
import struct
import time
-from ZEO.auth.storage import AuthZEOStorage
from ZEO.auth.database import Database
+from ZEO.StorageServer import ZEOStorage
def get_random_bytes(n=8):
if os.path.exists("/dev/urandom"):
@@ -57,7 +57,6 @@
return sha.new(s).hexdigest()
class DigestDatabase(Database):
-
def __init__(self, filename):
Database.__init__(self, filename)
@@ -69,8 +68,7 @@
dig = hexdigest("%s:%s" % (username, password))
self._users[username] = dig
-class StorageClass(AuthZEOStorage):
-
+class StorageClass(ZEOStorage):
def set_database(self, database):
assert isinstance(database, DigestDatabase)
self.database = database
@@ -122,7 +120,6 @@
return self.finish_auth(check == response)
class Client:
-
def __init__(self, stub):
self.stub = stub
@@ -140,6 +137,3 @@
resp_dig = hexdigest("%s:%s" % (h_up, nonce))
return self.auth_response((username, nonce, resp_dig))
-
-# StorageServer checks here for DatabaseClass
-DatabaseClass = DigestDatabase
=== ZODB3/ZEO/auth/auth_plaintext.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/auth_plaintext.py:1.1.2.1 Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/auth_plaintext.py Mon May 19 13:46:06 2003
@@ -20,14 +20,18 @@
auth_srp module for a secure mechanism)"""
import sha
-from ZEO.auth.storage import AuthZEOStorage
+import sys
-class StorageClass(AuthZEOStorage):
+from ZEO.StorageServer import ZEOStorage
+from ZEO.auth import register_module
+
+class StorageClass(ZEOStorage):
def auth(self, username, password):
try:
dbpw = self.database.get_password(username)
except LookupError:
return 0
+
password = sha.new(password).hexdigest()
return self.finish_auth(dbpw == password)
@@ -38,3 +42,5 @@
def start(self, username, password):
method = self.stub.extensionMethod('auth')
return method(username, password)
+
+register_module('plaintext', StorageClass, Client)
=== ZODB3/ZEO/auth/auth_sha.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/auth_sha.py:1.1.2.1 Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/auth_sha.py Mon May 19 13:46:06 2003
@@ -21,9 +21,9 @@
import sha
-from ZEO.auth.storage import AuthZEOStorage
+from ZEO.StorageServer import ZEOStorage
-class StorageClass(AuthZEOStorage):
+class StorageClass(ZEOStorage):
def auth(self, username, password):
try:
dbpw = self.database.get_password(username)
=== ZODB3/ZEO/auth/hmac.py 1.1.2.1 => 1.1.2.2 ===
--- ZODB3/ZEO/auth/hmac.py:1.1.2.1 Tue Apr 29 16:02:54 2003
+++ ZODB3/ZEO/auth/hmac.py Mon May 19 13:46:06 2003
@@ -1,56 +1,99 @@
-##############################################################################
-#
-# Copyright (c) 2003 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE
-#
-##############################################################################
-"""HMAC -- keyed hashing for message authentication, as described in rfc2104.
-
-Author: Tom Holroyd <tomh at kurage.nimh.nih.gov>
-Part of the SRPSocket package:
-http://members.tripod.com/professor_tom/archives/srpsocket.html
-"""
-
-import sha
-
-BLEN = 64
-ipad = map(ord, "\x36" * BLEN)
-opad = map(ord, "\x5C" * BLEN)
-
-def hash(s):
- return sha.new(s).digest()
-
-def hmac(key, text):
- """Given strings 'key' and 'text', produce an HMAC digest."""
+"""HMAC (Keyed-Hashing for Message Authentication) Python module.
- # If the key is longer than BLEN, hash it first. The result must
- # be less than BLEN bytes. This depends on the hash function used;
- # sha1 and md5 are both OK.
-
- l = len(key)
- if l > BLEN:
- key = hash(key)
- l = len(key)
-
- # Pad the key with zeros to BLEN bytes.
-
- key = key + '\0' * (BLEN - l)
- key = map(ord, key)
-
- # Now compute the HMAC.
+Implements the HMAC algorithm as described by RFC 2104.
+"""
- l = map(lambda x, y: x ^ y, key, ipad)
- s = reduce(lambda x, y: x + chr(y), l, '')
- s = hash(s + text)
- l = map(lambda x, y: x ^ y, key, opad)
- t = reduce(lambda x, y: x + chr(y), l, '')
- s = hash(t + s)
+import string
- return s
+def _strxor(s1, s2):
+ """Utility method. XOR the two strings s1 and s2 (must have same length).
+ """
+ return "".join(map(lambda x, y: chr(ord(x) ^ ord(y)), s1, s2))
+
+# The size of the digests returned by HMAC depends on the underlying
+# hashing module used.
+digest_size = None
+
+class HMAC:
+ """RFC2104 HMAC class.
+
+ This supports the API for Cryptographic Hash Functions (PEP 247).
+ """
+
+ def __init__(self, key, msg = None, digestmod = None):
+ """Create a new HMAC object.
+
+ key: key for the keyed hash object.
+ msg: Initial input for the hash, if provided.
+ digestmod: A module supporting PEP 247. Defaults to the md5 module.
+ """
+ if digestmod == None:
+ import md5
+ digestmod = md5
+
+ self.digestmod = digestmod
+ self.outer = digestmod.new()
+ self.inner = digestmod.new()
+ self.digest_size = digestmod.digest_size
+
+ blocksize = 64
+ ipad = "\x36" * blocksize
+ opad = "\x5C" * blocksize
+
+ if len(key) > blocksize:
+ key = digestmod.new(key).digest()
+
+ key = key + chr(0) * (blocksize - len(key))
+ self.outer.update(_strxor(key, opad))
+ self.inner.update(_strxor(key, ipad))
+ if (msg):
+ self.update(msg)
+
+## def clear(self):
+## raise NotImplementedError, "clear() method not available in HMAC."
+
+ def update(self, msg):
+ """Update this hashing object with the string msg.
+ """
+ self.inner.update(msg)
+
+ def copy(self):
+ """Return a separate copy of this hashing object.
+
+ An update to this copy won't affect the original object.
+ """
+ other = HMAC("")
+ other.digestmod = self.digestmod
+ other.inner = self.inner.copy()
+ other.outer = self.outer.copy()
+ return other
+
+ def digest(self):
+ """Return the hash value of this hashing object.
+
+ This returns a string containing 8-bit data. The object is
+ not altered in any way by this function; you can continue
+ updating the object after calling this function.
+ """
+ h = self.outer.copy()
+ h.update(self.inner.digest())
+ return h.digest()
+
+ def hexdigest(self):
+ """Like digest(), but returns a string of hexadecimal digits instead.
+ """
+ return "".join([string.zfill(hex(ord(x))[2:], 2)
+ for x in tuple(self.digest())])
+
+def new(key, msg = None, digestmod = None):
+ """Create a new hashing object and return it.
+
+ key: The starting key for the hash.
+ msg: if available, will immediately be hashed into the object's starting
+ state.
+
+ You can now feed arbitrary strings into the object using its update()
+ method, and can ask for the hash value at any time by calling its digest()
+ method.
+ """
+ return HMAC(key, msg, digestmod)
=== Removed File ZODB3/ZEO/auth/storage.py ===
More information about the Zodb-checkins
mailing list