1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
From 653fb2aea0ca1f60558917d52f4ff0c33cd7b067 Mon Sep 17 00:00:00 2001
From: Craig Rodrigues <rodrigc@crodrigues.org>
Date: Sun, 12 Apr 2020 14:28:23 -0700
Subject: [PATCH 1/2] Add digestmod parameter to HMAC.__init__() invocations
This parameter is now required on Python 3.8+
---
src/twisted/cred/credentials.py | 3 ++-
src/twisted/cred/test/test_cramauth.py | 11 ++++++++---
src/twisted/mail/test/test_pop3.py | 4 +++-
3 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/src/twisted/cred/credentials.py b/src/twisted/cred/credentials.py
index 5469e5158..67c24cb01 100644
--- a/src/twisted/cred/credentials.py
+++ b/src/twisted/cred/credentials.py
@@ -441,7 +441,8 @@ class CramMD5Credentials(object):
def checkPassword(self, password):
- verify = hexlify(hmac.HMAC(password, self.challenge).digest())
+ verify = hexlify(hmac.HMAC(password, self.challenge,
+ digestmod=md5).digest())
return verify == self.response
diff --git a/src/twisted/cred/test/test_cramauth.py b/src/twisted/cred/test/test_cramauth.py
index 1ee08712b..d21f2f68c 100644
--- a/src/twisted/cred/test/test_cramauth.py
+++ b/src/twisted/cred/test/test_cramauth.py
@@ -7,6 +7,8 @@ Tests for L{twisted.cred}'s implementation of CRAM-MD5.
from __future__ import division, absolute_import
+import hashlib
+
from hmac import HMAC
from binascii import hexlify
@@ -39,7 +41,8 @@ class CramMD5CredentialsTests(TestCase):
"""
c = CramMD5Credentials()
chal = c.getChallenge()
- c.response = hexlify(HMAC(b'secret', chal).digest())
+ c.response = hexlify(HMAC(b'secret', chal,
+ digestmod=hashlib.md5).digest())
self.assertTrue(c.checkPassword(b'secret'))
@@ -61,7 +64,8 @@ class CramMD5CredentialsTests(TestCase):
"""
c = CramMD5Credentials()
chal = c.getChallenge()
- c.response = hexlify(HMAC(b'thewrongsecret', chal).digest())
+ c.response = hexlify(HMAC(b'thewrongsecret', chal,
+ digestmod=hashlib.md5).digest())
self.assertFalse(c.checkPassword(b'secret'))
@@ -75,7 +79,8 @@ class CramMD5CredentialsTests(TestCase):
chal = c.getChallenge()
c.setResponse(b" ".join(
(b"squirrel",
- hexlify(HMAC(b'supersecret', chal).digest()))))
+ hexlify(HMAC(b'supersecret', chal,
+ digestmod=hashlib.md5).digest()))))
self.assertTrue(c.checkPassword(b'supersecret'))
self.assertEqual(c.username, b"squirrel")
diff --git a/src/twisted/mail/test/test_pop3.py b/src/twisted/mail/test/test_pop3.py
index 4a59c3b49..ea513487c 100644
--- a/src/twisted/mail/test/test_pop3.py
+++ b/src/twisted/mail/test/test_pop3.py
@@ -11,6 +11,7 @@ import hmac
import base64
import itertools
+from hashlib import md5
from collections import OrderedDict
from io import BytesIO
@@ -1097,7 +1098,8 @@ class SASLTests(unittest.TestCase):
p.lineReceived(b"AUTH CRAM-MD5")
chal = s.getvalue().splitlines()[-1][2:]
chal = base64.decodestring(chal)
- response = hmac.HMAC(b'testpassword', chal).hexdigest().encode("ascii")
+ response = hmac.HMAC(b'testpassword', chal,
+ digestmod=md5).hexdigest().encode("ascii")
p.lineReceived(
base64.encodestring(b'testuser ' + response).rstrip(b'\n'))
--
2.26.2
|
