PR#1490: deprecate sha1/md5_constructor from koji.util
Merges #1490 https://pagure.io/koji/pull-request/1490 Fixes: #1487 https://pagure.io/koji/issue/1487 Deprecate md5/sha256 constructors
This commit is contained in:
Mike McLean
commit
d85be645be
8 changed files with 29 additions and 29 deletions
|
|
@ -2,9 +2,9 @@ from __future__ import absolute_import
|
|||
from __future__ import division
|
||||
|
||||
import ast
|
||||
import base64
|
||||
from collections import defaultdict, OrderedDict
|
||||
import fnmatch
|
||||
import hashlib
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
|
|
@ -35,7 +35,7 @@ except ImportError: # pragma: no cover
|
|||
yumcomps = None
|
||||
|
||||
import koji
|
||||
from koji.util import md5_constructor, to_list, base64encode
|
||||
from koji.util import to_list, base64encode
|
||||
from koji_cli.lib import _, activate_session, parse_arches, \
|
||||
_unique_path, _running_in_bg, _progress_callback, watch_tasks, \
|
||||
arg_filter, linked_upload, list_task_output_all_volumes, \
|
||||
|
|
@ -1481,7 +1481,7 @@ def handle_import_sig(goptions, session, args):
|
|||
previous = session.queryRPMSigs(rpm_id=rinfo['id'], sigkey=sigkey)
|
||||
assert len(previous) <= 1
|
||||
if previous:
|
||||
sighash = md5_constructor(sighdr).hexdigest()
|
||||
sighash = hashlib.md5(sighdr).hexdigest()
|
||||
if previous[0]['sighash'] == sighash:
|
||||
print(_("Signature already imported: %s") % path)
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ import errno
|
|||
import fcntl
|
||||
import fnmatch
|
||||
import functools
|
||||
import hashlib
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
|
|
@ -67,11 +68,9 @@ from koji.context import context
|
|||
from koji.util import base64encode
|
||||
from koji.util import decode_bytes
|
||||
from koji.util import dslice
|
||||
from koji.util import md5_constructor
|
||||
from koji.util import move_and_symlink
|
||||
from koji.util import multi_fnmatch
|
||||
from koji.util import safer_move
|
||||
from koji.util import sha1_constructor
|
||||
from koji.util import to_list
|
||||
from six.moves import range
|
||||
logger = logging.getLogger('koji.hub')
|
||||
|
|
@ -6070,7 +6069,7 @@ class CG_Importer(object):
|
|||
# until we change the way we handle checksums, we have to limit this to md5
|
||||
raise koji.GenericError("Unsupported checksum type: %(checksum_type)s" % fileinfo)
|
||||
with open(path, 'rb') as fp:
|
||||
m = md5_constructor()
|
||||
m = hashlib.md5()
|
||||
while True:
|
||||
contents = fp.read(8192)
|
||||
if not contents:
|
||||
|
|
@ -6611,7 +6610,7 @@ def import_archive_internal(filepath, buildinfo, type, typeInfo, buildroot_id=No
|
|||
# trust values computed on hub (CG_Importer.prep_outputs)
|
||||
if not fileinfo or not fileinfo.get('hub.checked_md5'):
|
||||
with open(filepath, 'rb') as archivefp:
|
||||
m = md5_constructor()
|
||||
m = hashlib.md5()
|
||||
while True:
|
||||
contents = archivefp.read(8192)
|
||||
if not contents:
|
||||
|
|
@ -6746,7 +6745,7 @@ def _generate_maven_metadata(mavendir):
|
|||
continue
|
||||
if not os.path.isfile('%s/%s' % (mavendir, mavenfile)):
|
||||
continue
|
||||
for ext, sum_constr in (('.md5', md5_constructor), ('.sha1', sha1_constructor)):
|
||||
for ext, sum_constr in (('.md5', hashlib.md5), ('.sha1', hashlib.sha1)):
|
||||
sumfile = mavenfile + ext
|
||||
if sumfile not in mavenfiles:
|
||||
sum = sum_constr()
|
||||
|
|
@ -6795,7 +6794,7 @@ def add_rpm_sig(an_rpm, sighdr):
|
|||
#we use the sigkey='' to represent unsigned in the db (so that uniqueness works)
|
||||
else:
|
||||
sigkey = koji.get_sigpacket_key_id(sigkey)
|
||||
sighash = md5_constructor(sighdr).hexdigest()
|
||||
sighash = hashlib.md5(sighdr).hexdigest()
|
||||
rpm_id = rinfo['id']
|
||||
# - db entry
|
||||
q = """SELECT sighash FROM rpmsigs WHERE rpm_id=%(rpm_id)i AND sigkey=%(sigkey)s"""
|
||||
|
|
@ -13457,7 +13456,7 @@ def get_upload_path(reldir, name, create=False, volume=None):
|
|||
|
||||
def get_verify_class(verify):
|
||||
if verify == 'md5':
|
||||
return md5_constructor
|
||||
return hashlib.md5
|
||||
elif verify == 'adler32':
|
||||
return koji.util.adler32_constructor
|
||||
elif verify:
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ except ImportError: # pragma: no cover
|
|||
import six.moves.configparser
|
||||
import errno
|
||||
from fnmatch import fnmatch
|
||||
import hashlib
|
||||
import six.moves.http_client
|
||||
import imp
|
||||
import logging
|
||||
|
|
@ -2814,7 +2815,7 @@ class ClientSession(object):
|
|||
fo = open(localfile, "rb") #specify bufsize?
|
||||
totalsize = os.path.getsize(localfile)
|
||||
ofs = 0
|
||||
md5sum = util.md5_constructor()
|
||||
md5sum = hashlib.md5()
|
||||
debug = self.opts.get('debug', False)
|
||||
if callback:
|
||||
callback(0, totalsize, 0, 0, 0)
|
||||
|
|
@ -2831,7 +2832,7 @@ class ClientSession(object):
|
|||
sz = ofs
|
||||
else:
|
||||
offset = ofs
|
||||
digest = util.md5_constructor(contents).hexdigest()
|
||||
digest = hashlib.md5(contents).hexdigest()
|
||||
sz = size
|
||||
del contents
|
||||
tries = 0
|
||||
|
|
|
|||
|
|
@ -26,8 +26,9 @@ import koji
|
|||
import koji.tasks
|
||||
import koji.xmlrpcplus
|
||||
from koji.tasks import safe_rmtree
|
||||
from koji.util import md5_constructor, adler32_constructor, parseStatus, \
|
||||
from koji.util import adler32_constructor, parseStatus, \
|
||||
dslice, to_list, base64encode
|
||||
import hashlib
|
||||
import os
|
||||
import signal
|
||||
import logging
|
||||
|
|
@ -61,7 +62,7 @@ def incremental_upload(session, fname, fd, path, retries=5, logger=None):
|
|||
break
|
||||
|
||||
data = base64encode(contents)
|
||||
digest = md5_constructor(contents).hexdigest()
|
||||
digest = hashlib.md5(contents).hexdigest()
|
||||
del contents
|
||||
|
||||
tries = 0
|
||||
|
|
|
|||
14
koji/util.py
14
koji/util.py
|
|
@ -44,15 +44,13 @@ import warnings
|
|||
from six.moves import zip
|
||||
|
||||
# imported from kojiweb and kojihub
|
||||
try:
|
||||
from hashlib import md5 as md5_constructor
|
||||
except ImportError: # pragma: no cover
|
||||
from md5 import new as md5_constructor
|
||||
try:
|
||||
from hashlib import sha1 as sha1_constructor
|
||||
except ImportError: # pragma: no cover
|
||||
from sha import new as sha1_constructor
|
||||
def md5_constructor(*args, **kwargs):
|
||||
deprecated("md5_constructor is deprecated in favour of hashlib.md5 and will be removed in 1.21")
|
||||
return hashlib.md5(*args, **kwargs)
|
||||
|
||||
def sha1_constructor(*args, **kwargs):
|
||||
deprecated("sha1_constructor is deprecated in favour of hashlib.md5 and will be removed in 1.21")
|
||||
return hashlib.sha1(*args, **kwargs)
|
||||
|
||||
def deprecated(message):
|
||||
"""Print deprecation warning"""
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
from __future__ import absolute_import
|
||||
import hashlib
|
||||
try:
|
||||
import unittest2 as unittest
|
||||
except ImportError:
|
||||
|
|
@ -6,7 +7,7 @@ except ImportError:
|
|||
|
||||
import kojihub
|
||||
from koji import GenericError
|
||||
from koji.util import md5_constructor, adler32_constructor
|
||||
from koji.util import adler32_constructor
|
||||
|
||||
|
||||
class TestGetVerifyClass(unittest.TestCase):
|
||||
|
|
@ -19,7 +20,7 @@ class TestGetVerifyClass(unittest.TestCase):
|
|||
kojihub.get_verify_class(None) is None
|
||||
|
||||
def test_get_verify_class_is_md5(self):
|
||||
kojihub.get_verify_class('md5') is md5_constructor
|
||||
kojihub.get_verify_class('md5') is hashlib.md5
|
||||
|
||||
def test_get_verify_class_is_adler32(self):
|
||||
kojihub.get_verify_class('adler32') is adler32_constructor
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@
|
|||
|
||||
from __future__ import absolute_import
|
||||
from __future__ import division
|
||||
import hashlib
|
||||
import os
|
||||
import os.path
|
||||
import re
|
||||
|
|
@ -38,7 +39,6 @@ from koji.server import ServerRedirect
|
|||
from kojiweb.util import _initValues
|
||||
from kojiweb.util import _genHTML
|
||||
from kojiweb.util import _getValidTokens
|
||||
from koji.util import sha1_constructor
|
||||
from six.moves import range
|
||||
import six
|
||||
|
||||
|
|
@ -58,7 +58,7 @@ def _setUserCookie(environ, user):
|
|||
digest_string = value + options['Secret'].value
|
||||
if six.PY3:
|
||||
digest_string = digest_string.encode('utf-8')
|
||||
shasum = sha1_constructor(digest_string)
|
||||
shasum = hashlib.sha1(digest_string)
|
||||
value = "%s:%s" % (shasum.hexdigest(), value)
|
||||
cookies = six.moves.http_cookies.SimpleCookie()
|
||||
cookies['user'] = value
|
||||
|
|
@ -97,7 +97,7 @@ def _getUserCookie(environ):
|
|||
digest_string = value + options['Secret'].value
|
||||
if six.PY3:
|
||||
digest_string = digest_string.encode('utf-8')
|
||||
shasum = sha1_constructor(digest_string)
|
||||
shasum = hashlib.sha1(digest_string)
|
||||
if shasum.hexdigest() != sig:
|
||||
authlogger.warn('invalid user cookie: %s:%s', sig, value)
|
||||
return None
|
||||
|
|
|
|||
|
|
@ -24,8 +24,8 @@ from __future__ import division
|
|||
import cgi
|
||||
import Cheetah.Template
|
||||
import datetime
|
||||
import hashlib
|
||||
import koji
|
||||
from koji.util import md5_constructor
|
||||
import os
|
||||
import six
|
||||
import ssl
|
||||
|
|
@ -170,7 +170,7 @@ def _genToken(environ, tstamp=None):
|
|||
value = user + str(tstamp) + environ['koji.options']['Secret'].value
|
||||
if six.PY3:
|
||||
value = value.encode('utf-8')
|
||||
return md5_constructor(value).hexdigest()[-8:]
|
||||
return hashlib.md5(value).hexdigest()[-8:]
|
||||
|
||||
def _getValidTokens(environ):
|
||||
tokens = []
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue