diff options
| author | Barry Warsaw <barry@list.org> | 2008-11-12 23:02:29 -0500 |
|---|---|---|
| committer | Barry Warsaw <barry@list.org> | 2008-11-12 23:02:29 -0500 |
| commit | a86be44b08fe0935fe77d90948b9baad85af3624 (patch) | |
| tree | cc9b8b20530f1d54975005d19f9a17fddade945d | |
| parent | 392554b8de4641c8ac9c5ca1e062919a64ecd020 (diff) | |
| download | mailman2-a86be44b08fe0935fe77d90948b9baad85af3624.tar.gz mailman2-a86be44b08fe0935fe77d90948b9baad85af3624.tar.xz mailman2-a86be44b08fe0935fe77d90948b9baad85af3624.zip | |
Apply Heiko Rommel's patch for hashlib deprecation warnings for bug 293178.
I've modified the patch to improve some of the stylistic issues.
| -rw-r--r-- | Mailman/Cgi/admin.py | 6 | ||||
| -rw-r--r-- | Mailman/Cgi/create.py | 6 | ||||
| -rw-r--r-- | Mailman/Handlers/Scrubber.py | 6 | ||||
| -rw-r--r-- | Mailman/LockFile.py | 6 | ||||
| -rw-r--r-- | Mailman/Pending.py | 6 | ||||
| -rw-r--r-- | Mailman/Queue/Switchboard.py | 4 | ||||
| -rw-r--r-- | Mailman/SecurityManager.py | 15 | ||||
| -rw-r--r-- | Mailman/Utils.py | 17 | ||||
| -rw-r--r-- | bin/change_pw | 7 | ||||
| -rw-r--r-- | bin/export.py | 7 | ||||
| -rwxr-xr-x | bin/newlist | 8 | ||||
| -rwxr-xr-x | bin/update | 13 | ||||
| -rw-r--r-- | tests/test_handlers.py | 9 | ||||
| -rw-r--r-- | tests/test_security_mgr.py | 16 |
14 files changed, 67 insertions, 59 deletions
diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py index a6251058..ba44fc44 100644 --- a/Mailman/Cgi/admin.py +++ b/Mailman/Cgi/admin.py @@ -24,7 +24,6 @@ import sys import os import re import cgi -import sha import urllib import signal from types import * @@ -41,6 +40,7 @@ from Mailman.UserDesc import UserDesc from Mailman.htmlformat import * from Mailman.Cgi import Auth from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_new # Set up i18n _ = i18n._ @@ -1269,7 +1269,7 @@ def change_options(mlist, category, subcat, cgidata, doc): confirm = cgidata.getvalue('confirmmodpw', '').strip() if new or confirm: if new == confirm: - mlist.mod_password = sha.new(new).hexdigest() + mlist.mod_password = sha_new(new).hexdigest() # No re-authentication necessary because the moderator's # password doesn't get you into these pages. else: @@ -1279,7 +1279,7 @@ def change_options(mlist, category, subcat, cgidata, doc): confirm = cgidata.getvalue('confirmpw', '').strip() if new or confirm: if new == confirm: - mlist.password = sha.new(new).hexdigest() + mlist.password = sha_new(new).hexdigest() # Set new cookie print mlist.MakeCookie(mm_cfg.AuthListAdmin) else: diff --git a/Mailman/Cgi/create.py b/Mailman/Cgi/create.py index 55ec2887..7e21b981 100644 --- a/Mailman/Cgi/create.py +++ b/Mailman/Cgi/create.py @@ -1,4 +1,4 @@ -# Copyright (C) 2001-2007 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -21,7 +21,6 @@ import sys import os import signal import cgi -import sha from types import ListType from Mailman import mm_cfg @@ -31,6 +30,7 @@ from Mailman import Errors from Mailman import i18n from Mailman.htmlformat import * from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_new # Set up i18n _ = i18n._ @@ -180,7 +180,7 @@ def process_request(doc, cgidata): # Install the emergency shutdown signal handler signal.signal(signal.SIGTERM, sigterm_handler) - pw = sha.new(password).hexdigest() + pw = sha_new(password).hexdigest() # Guarantee that all newly created files have the proper permission. # proper group ownership should be assured by the autoconf script # enforcing that all directories have the group sticky bit set diff --git a/Mailman/Handlers/Scrubber.py b/Mailman/Handlers/Scrubber.py index 1d5aed92..7f42e5ed 100644 --- a/Mailman/Handlers/Scrubber.py +++ b/Mailman/Handlers/Scrubber.py @@ -1,4 +1,4 @@ -# Copyright (C) 2001-2007 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -21,7 +21,6 @@ from __future__ import nested_scopes import os import re -import sha import time import errno import binascii @@ -41,6 +40,7 @@ from Mailman import Message from Mailman.Errors import DiscardMessage from Mailman.i18n import _ from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_new # Path characters for common platforms pre = re.compile(r'[/\\:]') @@ -158,7 +158,7 @@ def calculate_attachments_dir(mlist, msg, msgdata): if msgid is None: msgid = msg['Message-ID'] = Utils.unique_message_id(mlist) # We assume that the message id actually /is/ unique! - digest = sha.new(msgid).hexdigest() + digest = sha_new(msgid).hexdigest() return os.path.join('attachments', datedir, digest[:4] + digest[-4:]) diff --git a/Mailman/LockFile.py b/Mailman/LockFile.py index 9b5b05f0..195615e6 100644 --- a/Mailman/LockFile.py +++ b/Mailman/LockFile.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2003 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -546,8 +546,8 @@ def _seed(): except EnvironmentError, e: if e.errno <> errno.ENOENT: raise - import sha - d = sha.new(`os.getpid()`+`time.time()`).hexdigest() + from Mailman.Utils import sha_new + d = sha_new(`os.getpid()`+`time.time()`).hexdigest() random.seed(d) diff --git a/Mailman/Pending.py b/Mailman/Pending.py index 224565b5..e6372eda 100644 --- a/Mailman/Pending.py +++ b/Mailman/Pending.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2004 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -17,13 +17,13 @@ """Track pending actions which require confirmation.""" import os -import sha import time import errno import random import cPickle from Mailman import mm_cfg +from Mailman.Utils import sha_new # Types of pending records SUBSCRIPTION = 'S' @@ -72,7 +72,7 @@ class Pending: while True: now = time.time() x = random.random() + now % 1.0 + time.clock() % 1.0 - cookie = sha.new(repr(x)).hexdigest() + cookie = sha_new(repr(x)).hexdigest() # We'll never get a duplicate, but we'll be anal about checking # anyway. if not db.has_key(cookie): diff --git a/Mailman/Queue/Switchboard.py b/Mailman/Queue/Switchboard.py index 94b8efa0..bd1cd357 100644 --- a/Mailman/Queue/Switchboard.py +++ b/Mailman/Queue/Switchboard.py @@ -35,7 +35,6 @@ # needs. import os -import sha import time import email import errno @@ -46,6 +45,7 @@ from Mailman import mm_cfg from Mailman import Utils from Mailman import Message from Mailman.Logging.Syslog import syslog +from Mailman.Utils import sha_new # 20 bytes of all bits set, maximum sha.digest() value shamax = 0xffffffffffffffffffffffffffffffffffffffffL @@ -118,7 +118,7 @@ class Switchboard: # this system) and the sha hex digest. #rcvtime = data.setdefault('received_time', now) rcvtime = data.setdefault('received_time', now) - filebase = `rcvtime` + '+' + sha.new(hashfood).hexdigest() + filebase = `rcvtime` + '+' + sha_new(hashfood).hexdigest() filename = os.path.join(self.__whichq, filebase + '.pck') tmpfile = filename + '.tmp' # Always add the metadata schema version number diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py index 01610b43..7d32b370 100644 --- a/Mailman/SecurityManager.py +++ b/Mailman/SecurityManager.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2006 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -49,7 +49,6 @@ import os import re -import sha import time import Cookie import marshal @@ -62,12 +61,12 @@ try: import crypt except ImportError: crypt = None -import md5 from Mailman import mm_cfg from Mailman import Utils from Mailman import Errors from Mailman.Logging.Syslog import syslog +from Mailman.Utils import md5_new, sha_new try: True, False @@ -171,11 +170,11 @@ class SecurityManager: key, secret = self.AuthContextInfo(ac) if secret is None: continue - sharesponse = sha.new(response).hexdigest() + sharesponse = sha_new(response).hexdigest() upgrade = ok = False if sharesponse == secret: ok = True - elif md5.new(response).digest() == secret: + elif md5_new(response).digest() == secret: ok = upgrade = True elif cryptmatchp(response, secret): ok = upgrade = True @@ -196,7 +195,7 @@ class SecurityManager: elif ac == mm_cfg.AuthListModerator: # The list moderator password must be sha'd key, secret = self.AuthContextInfo(ac) - if secret and sha.new(response).hexdigest() == secret: + if secret and sha_new(response).hexdigest() == secret: return ac elif ac == mm_cfg.AuthUser: if user is not None: @@ -237,7 +236,7 @@ class SecurityManager: # Timestamp issued = int(time.time()) # Get a digest of the secret, plus other information. - mac = sha.new(secret + `issued`).hexdigest() + mac = sha_new(secret + `issued`).hexdigest() # Create the cookie object. c = Cookie.SimpleCookie() c[key] = binascii.hexlify(marshal.dumps((issued, mac))) @@ -336,7 +335,7 @@ class SecurityManager: return False # Calculate what the mac ought to be based on the cookie's timestamp # and the shared secret. - mac = sha.new(secret + `issued`).hexdigest() + mac = sha_new(secret + `issued`).hexdigest() if mac <> received_mac: return False # Authenticated! diff --git a/Mailman/Utils.py b/Mailman/Utils.py index cd9faa41..fbd57636 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -27,9 +27,9 @@ the mailing lists, and whatever else doesn't belong elsewhere. from __future__ import nested_scopes import os +import sys import re import cgi -import sha import time import errno import base64 @@ -56,6 +56,16 @@ from Mailman.SafeDict import SafeDict from Mailman.Logging.Syslog import syslog try: + import hashlib + md5_new = hashlib.md5 + sha_new = hashlib.sha1 +except ImportError: + import md5 + import sha + md5_new = md5.new + sha_new = sha.new + +try: True, False except NameError: True = 1 @@ -384,7 +394,7 @@ def set_global_password(pw, siteadmin=True): omask = os.umask(026) try: fp = open(filename, 'w') - fp.write(sha.new(pw).hexdigest() + '\n') + fp.write(sha_new(pw).hexdigest() + '\n') fp.close() finally: os.umask(omask) @@ -410,7 +420,7 @@ def check_global_password(response, siteadmin=True): challenge = get_global_password(siteadmin) if challenge is None: return None - return challenge == sha.new(response).hexdigest() + return challenge == sha_new(response).hexdigest() @@ -1034,3 +1044,4 @@ def suspiciousHTML(html): return True else: return False + diff --git a/bin/change_pw b/bin/change_pw index 965f5e50..67d56392 100644 --- a/bin/change_pw +++ b/bin/change_pw @@ -1,6 +1,6 @@ #! @PYTHON@ # -# Copyright (C) 2001-2007 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -66,7 +66,6 @@ Options: """ import sys -import sha import getopt import paths @@ -147,7 +146,7 @@ def main(): if password is not None: if not password: usage(1, _('Empty list passwords are not allowed')) - shapassword = sha.new(password).hexdigest() + shapassword = Utils.sha_new(password).hexdigest() if domains: for name in Utils.list_names(): @@ -167,7 +166,7 @@ def main(): if password is None: randompw = Utils.MakeRandomPassword( mm_cfg.ADMIN_PASSWORD_LENGTH) - shapassword = sha.new(randompw).hexdigest() + shapassword = Utils.sha_new(randompw).hexdigest() notifypassword = randompw else: notifypassword = password diff --git a/bin/export.py b/bin/export.py index c8d890eb..122ce8de 100644 --- a/bin/export.py +++ b/bin/export.py @@ -1,6 +1,6 @@ #! @PYTHON@ # -# Copyright (C) 2006-2007 by the Free Software Foundation, Inc. +# Copyright (C) 2006-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -21,7 +21,6 @@ import os import sys -import sha import base64 import codecs import datetime @@ -289,13 +288,13 @@ def plaintext_password(password): def sha_password(password): - h = sha.new(password) + h = Utils.sha_new(password) return '{SHA}' + base64.b64encode(h.digest()) def ssha_password(password): salt = os.urandom(SALT_LENGTH) - h = sha.new(password) + h = Utils.sha_new(password) h.update(salt) return '{SSHA}' + base64.b64encode(h.digest() + salt) diff --git a/bin/newlist b/bin/newlist index 08b86e08..ab350c88 100755 --- a/bin/newlist +++ b/bin/newlist @@ -1,6 +1,6 @@ #! @PYTHON@ # -# Copyright (C) 1998-2005 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -14,7 +14,8 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. """Create a new, unpopulated mailing list. @@ -93,7 +94,6 @@ import sys import os import getpass import getopt -import sha import paths from Mailman import mm_cfg @@ -186,7 +186,7 @@ def main(): mlist = MailList.MailList() try: - pw = sha.new(listpasswd).hexdigest() + pw = Utils.sha_new(listpasswd).hexdigest() # Guarantee that all newly created files have the proper permission. # proper group ownership should be assured by the autoconf script # enforcing that all directories have the group sticky bit set @@ -34,7 +34,6 @@ some previous version. It knows about versions back to 1.0b4 (?). """ import os -import md5 import sys import time import errno @@ -131,7 +130,7 @@ def move_language_templates(mlist): # No global template continue - gcksum = md5.new(fp.read()).digest() + gcksum = Utils.md5_new(fp.read()).digest() fp.close() # Match against the lists/<list>/* template try: @@ -139,7 +138,7 @@ def move_language_templates(mlist): except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = Utils.md5_new(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), gtemplate)) @@ -149,7 +148,7 @@ def move_language_templates(mlist): except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = Utils.md5_new(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), gtemplate + '.prev')) @@ -159,7 +158,7 @@ def move_language_templates(mlist): except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = Utils.md5_new(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mlist.fullpath(), 'en', gtemplate)) @@ -169,7 +168,7 @@ def move_language_templates(mlist): except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = Utils.md5_new(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR, gtemplate)) @@ -179,7 +178,7 @@ def move_language_templates(mlist): except IOError, e: if e.errno <> errno.ENOENT: raise else: - tcksum = md5.new(fp.read()).digest() + tcksum = Utils.md5_new(fp.read()).digest() fp.close() if gcksum == tcksum: os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR, diff --git a/tests/test_handlers.py b/tests/test_handlers.py index 66c583f7..17e5ec96 100644 --- a/tests/test_handlers.py +++ b/tests/test_handlers.py @@ -1,4 +1,4 @@ -# Copyright (C) 2001-2003 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -12,13 +12,13 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. """Unit tests for the various Mailman/Handlers/*.py modules. """ import os -import sha import time import email import errno @@ -53,13 +53,14 @@ from Mailman.Handlers import ToArchive from Mailman.Handlers import ToDigest from Mailman.Handlers import ToOutgoing from Mailman.Handlers import ToUsenet +from Mailman.Utils import sha_new from TestBase import TestBase def password(plaintext): - return sha.new(plaintext).hexdigest() + return sha_new(plaintext).hexdigest() diff --git a/tests/test_security_mgr.py b/tests/test_security_mgr.py index c63f0876..e829d0c9 100644 --- a/tests/test_security_mgr.py +++ b/tests/test_security_mgr.py @@ -1,4 +1,4 @@ -# Copyright (C) 2001-2003 by the Free Software Foundation, Inc. +# Copyright (C) 2001-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -12,7 +12,8 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, +# USA. """Unit tests for Mailman/SecurityManager.py """ @@ -20,8 +21,6 @@ import os import unittest import errno -import md5 -import sha import Cookie try: import crypt @@ -33,13 +32,14 @@ from StringIO import StringIO from Mailman import mm_cfg from Mailman import Utils from Mailman import Errors +from Mailman.Utils import md5_new, sha_new from TestBase import TestBase def password(plaintext): - return sha.new(plaintext).hexdigest() + return sha_new(plaintext).hexdigest() @@ -132,7 +132,7 @@ class TestAuthenticate(TestBase): def test_list_admin_upgrade(self): eq = self.assertEqual mlist = self._mlist - mlist.password = md5.new('ssSSss').digest() + mlist.password = md5_new('ssSSss').digest() eq(mlist.Authenticate( [mm_cfg.AuthListAdmin], 'ssSSss'), mm_cfg.AuthListAdmin) eq(mlist.password, password('ssSSss')) @@ -146,10 +146,10 @@ class TestAuthenticate(TestBase): def test_list_admin_oldstyle_unauth(self): eq = self.assertEqual mlist = self._mlist - mlist.password = md5.new('ssSSss').digest() + mlist.password = md5_new('ssSSss').digest() eq(mlist.Authenticate( [mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized) - eq(mlist.password, md5.new('ssSSss').digest()) + eq(mlist.password, md5_new('ssSSss').digest()) # Test crypt upgrades if crypt is supported if crypt: mlist.password = crypted = crypt.crypt('rrRRrr', 'zc') |