From a86be44b08fe0935fe77d90948b9baad85af3624 Mon Sep 17 00:00:00 2001
From: Barry Warsaw <barry@list.org>
Date: Wed, 12 Nov 2008 23:02:29 -0500
Subject: Apply Heiko Rommel's patch for hashlib deprecation warnings for bug
293178. I've modified the patch to improve some of the stylistic issues.
---
Mailman/Cgi/admin.py | 6 +++---
Mailman/Cgi/create.py | 6 +++---
Mailman/Handlers/Scrubber.py | 6 +++---
Mailman/LockFile.py | 6 +++---
Mailman/Pending.py | 6 +++---
Mailman/Queue/Switchboard.py | 4 ++--
Mailman/SecurityManager.py | 15 +++++++--------
Mailman/Utils.py | 17 ++++++++++++++---
bin/change_pw | 7 +++----
bin/export.py | 7 +++----
bin/newlist | 8 ++++----
bin/update | 13 ++++++-------
tests/test_handlers.py | 9 +++++----
tests/test_security_mgr.py | 16 ++++++++--------
14 files changed, 67 insertions(+), 59 deletions(-)
diff --git a/Mailman/Cgi/admin.py b/Mailman/Cgi/admin.py
index a6251058..ba44fc44 100644
--- a/Mailman/Cgi/admin.py
+++ b/Mailman/Cgi/admin.py
@@ -24,7 +24,6 @@ import sys
import os
import re
import cgi
-import sha
import urllib
import signal
from types import *
@@ -41,6 +40,7 @@ from Mailman.UserDesc import UserDesc
from Mailman.htmlformat import *
from Mailman.Cgi import Auth
from Mailman.Logging.Syslog import syslog
+from Mailman.Utils import sha_new
# Set up i18n
_ = i18n._
@@ -1269,7 +1269,7 @@ def change_options(mlist, category, subcat, cgidata, doc):
confirm = cgidata.getvalue('confirmmodpw', '').strip()
if new or confirm:
if new == confirm:
- mlist.mod_password = sha.new(new).hexdigest()
+ mlist.mod_password = sha_new(new).hexdigest()
# No re-authentication necessary because the moderator's
# password doesn't get you into these pages.
else:
@@ -1279,7 +1279,7 @@ def change_options(mlist, category, subcat, cgidata, doc):
confirm = cgidata.getvalue('confirmpw', '').strip()
if new or confirm:
if new == confirm:
- mlist.password = sha.new(new).hexdigest()
+ mlist.password = sha_new(new).hexdigest()
# Set new cookie
print mlist.MakeCookie(mm_cfg.AuthListAdmin)
else:
diff --git a/Mailman/Cgi/create.py b/Mailman/Cgi/create.py
index 55ec2887..7e21b981 100644
--- a/Mailman/Cgi/create.py
+++ b/Mailman/Cgi/create.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2007 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -21,7 +21,6 @@ import sys
import os
import signal
import cgi
-import sha
from types import ListType
from Mailman import mm_cfg
@@ -31,6 +30,7 @@ from Mailman import Errors
from Mailman import i18n
from Mailman.htmlformat import *
from Mailman.Logging.Syslog import syslog
+from Mailman.Utils import sha_new
# Set up i18n
_ = i18n._
@@ -180,7 +180,7 @@ def process_request(doc, cgidata):
# Install the emergency shutdown signal handler
signal.signal(signal.SIGTERM, sigterm_handler)
- pw = sha.new(password).hexdigest()
+ pw = sha_new(password).hexdigest()
# Guarantee that all newly created files have the proper permission.
# proper group ownership should be assured by the autoconf script
# enforcing that all directories have the group sticky bit set
diff --git a/Mailman/Handlers/Scrubber.py b/Mailman/Handlers/Scrubber.py
index 1d5aed92..7f42e5ed 100644
--- a/Mailman/Handlers/Scrubber.py
+++ b/Mailman/Handlers/Scrubber.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2007 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -21,7 +21,6 @@ from __future__ import nested_scopes
import os
import re
-import sha
import time
import errno
import binascii
@@ -41,6 +40,7 @@ from Mailman import Message
from Mailman.Errors import DiscardMessage
from Mailman.i18n import _
from Mailman.Logging.Syslog import syslog
+from Mailman.Utils import sha_new
# Path characters for common platforms
pre = re.compile(r'[/\\:]')
@@ -158,7 +158,7 @@ def calculate_attachments_dir(mlist, msg, msgdata):
if msgid is None:
msgid = msg['Message-ID'] = Utils.unique_message_id(mlist)
# We assume that the message id actually /is/ unique!
- digest = sha.new(msgid).hexdigest()
+ digest = sha_new(msgid).hexdigest()
return os.path.join('attachments', datedir, digest[:4] + digest[-4:])
diff --git a/Mailman/LockFile.py b/Mailman/LockFile.py
index 9b5b05f0..195615e6 100644
--- a/Mailman/LockFile.py
+++ b/Mailman/LockFile.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -546,8 +546,8 @@ def _seed():
except EnvironmentError, e:
if e.errno <> errno.ENOENT:
raise
- import sha
- d = sha.new(`os.getpid()`+`time.time()`).hexdigest()
+ from Mailman.Utils import sha_new
+ d = sha_new(`os.getpid()`+`time.time()`).hexdigest()
random.seed(d)
diff --git a/Mailman/Pending.py b/Mailman/Pending.py
index 224565b5..e6372eda 100644
--- a/Mailman/Pending.py
+++ b/Mailman/Pending.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2004 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -17,13 +17,13 @@
"""Track pending actions which require confirmation."""
import os
-import sha
import time
import errno
import random
import cPickle
from Mailman import mm_cfg
+from Mailman.Utils import sha_new
# Types of pending records
SUBSCRIPTION = 'S'
@@ -72,7 +72,7 @@ class Pending:
while True:
now = time.time()
x = random.random() + now % 1.0 + time.clock() % 1.0
- cookie = sha.new(repr(x)).hexdigest()
+ cookie = sha_new(repr(x)).hexdigest()
# We'll never get a duplicate, but we'll be anal about checking
# anyway.
if not db.has_key(cookie):
diff --git a/Mailman/Queue/Switchboard.py b/Mailman/Queue/Switchboard.py
index 94b8efa0..bd1cd357 100644
--- a/Mailman/Queue/Switchboard.py
+++ b/Mailman/Queue/Switchboard.py
@@ -35,7 +35,6 @@
# needs.
import os
-import sha
import time
import email
import errno
@@ -46,6 +45,7 @@ from Mailman import mm_cfg
from Mailman import Utils
from Mailman import Message
from Mailman.Logging.Syslog import syslog
+from Mailman.Utils import sha_new
# 20 bytes of all bits set, maximum sha.digest() value
shamax = 0xffffffffffffffffffffffffffffffffffffffffL
@@ -118,7 +118,7 @@ class Switchboard:
# this system) and the sha hex digest.
#rcvtime = data.setdefault('received_time', now)
rcvtime = data.setdefault('received_time', now)
- filebase = `rcvtime` + '+' + sha.new(hashfood).hexdigest()
+ filebase = `rcvtime` + '+' + sha_new(hashfood).hexdigest()
filename = os.path.join(self.__whichq, filebase + '.pck')
tmpfile = filename + '.tmp'
# Always add the metadata schema version number
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index 01610b43..7d32b370 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2006 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -49,7 +49,6 @@
import os
import re
-import sha
import time
import Cookie
import marshal
@@ -62,12 +61,12 @@ try:
import crypt
except ImportError:
crypt = None
-import md5
from Mailman import mm_cfg
from Mailman import Utils
from Mailman import Errors
from Mailman.Logging.Syslog import syslog
+from Mailman.Utils import md5_new, sha_new
try:
True, False
@@ -171,11 +170,11 @@ class SecurityManager:
key, secret = self.AuthContextInfo(ac)
if secret is None:
continue
- sharesponse = sha.new(response).hexdigest()
+ sharesponse = sha_new(response).hexdigest()
upgrade = ok = False
if sharesponse == secret:
ok = True
- elif md5.new(response).digest() == secret:
+ elif md5_new(response).digest() == secret:
ok = upgrade = True
elif cryptmatchp(response, secret):
ok = upgrade = True
@@ -196,7 +195,7 @@ class SecurityManager:
elif ac == mm_cfg.AuthListModerator:
# The list moderator password must be sha'd
key, secret = self.AuthContextInfo(ac)
- if secret and sha.new(response).hexdigest() == secret:
+ if secret and sha_new(response).hexdigest() == secret:
return ac
elif ac == mm_cfg.AuthUser:
if user is not None:
@@ -237,7 +236,7 @@ class SecurityManager:
# Timestamp
issued = int(time.time())
# Get a digest of the secret, plus other information.
- mac = sha.new(secret + `issued`).hexdigest()
+ mac = sha_new(secret + `issued`).hexdigest()
# Create the cookie object.
c = Cookie.SimpleCookie()
c[key] = binascii.hexlify(marshal.dumps((issued, mac)))
@@ -336,7 +335,7 @@ class SecurityManager:
return False
# Calculate what the mac ought to be based on the cookie's timestamp
# and the shared secret.
- mac = sha.new(secret + `issued`).hexdigest()
+ mac = sha_new(secret + `issued`).hexdigest()
if mac <> received_mac:
return False
# Authenticated!
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index cd9faa41..fbd57636 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -27,9 +27,9 @@ the mailing lists, and whatever else doesn't belong elsewhere.
from __future__ import nested_scopes
import os
+import sys
import re
import cgi
-import sha
import time
import errno
import base64
@@ -55,6 +55,16 @@ from Mailman import Site
from Mailman.SafeDict import SafeDict
from Mailman.Logging.Syslog import syslog
+try:
+ import hashlib
+ md5_new = hashlib.md5
+ sha_new = hashlib.sha1
+except ImportError:
+ import md5
+ import sha
+ md5_new = md5.new
+ sha_new = sha.new
+
try:
True, False
except NameError:
@@ -384,7 +394,7 @@ def set_global_password(pw, siteadmin=True):
omask = os.umask(026)
try:
fp = open(filename, 'w')
- fp.write(sha.new(pw).hexdigest() + '\n')
+ fp.write(sha_new(pw).hexdigest() + '\n')
fp.close()
finally:
os.umask(omask)
@@ -410,7 +420,7 @@ def check_global_password(response, siteadmin=True):
challenge = get_global_password(siteadmin)
if challenge is None:
return None
- return challenge == sha.new(response).hexdigest()
+ return challenge == sha_new(response).hexdigest()
�
@@ -1034,3 +1044,4 @@ def suspiciousHTML(html):
return True
else:
return False
+
diff --git a/bin/change_pw b/bin/change_pw
index 965f5e50..67d56392 100644
--- a/bin/change_pw
+++ b/bin/change_pw
@@ -1,6 +1,6 @@
#! @PYTHON@
#
-# Copyright (C) 2001-2007 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -66,7 +66,6 @@ Options:
"""
import sys
-import sha
import getopt
import paths
@@ -147,7 +146,7 @@ def main():
if password is not None:
if not password:
usage(1, _('Empty list passwords are not allowed'))
- shapassword = sha.new(password).hexdigest()
+ shapassword = Utils.sha_new(password).hexdigest()
if domains:
for name in Utils.list_names():
@@ -167,7 +166,7 @@ def main():
if password is None:
randompw = Utils.MakeRandomPassword(
mm_cfg.ADMIN_PASSWORD_LENGTH)
- shapassword = sha.new(randompw).hexdigest()
+ shapassword = Utils.sha_new(randompw).hexdigest()
notifypassword = randompw
else:
notifypassword = password
diff --git a/bin/export.py b/bin/export.py
index c8d890eb..122ce8de 100644
--- a/bin/export.py
+++ b/bin/export.py
@@ -1,6 +1,6 @@
#! @PYTHON@
#
-# Copyright (C) 2006-2007 by the Free Software Foundation, Inc.
+# Copyright (C) 2006-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -21,7 +21,6 @@
import os
import sys
-import sha
import base64
import codecs
import datetime
@@ -289,13 +288,13 @@ def plaintext_password(password):
def sha_password(password):
- h = sha.new(password)
+ h = Utils.sha_new(password)
return '{SHA}' + base64.b64encode(h.digest())
def ssha_password(password):
salt = os.urandom(SALT_LENGTH)
- h = sha.new(password)
+ h = Utils.sha_new(password)
h.update(salt)
return '{SSHA}' + base64.b64encode(h.digest() + salt)
diff --git a/bin/newlist b/bin/newlist
index 08b86e08..ab350c88 100755
--- a/bin/newlist
+++ b/bin/newlist
@@ -1,6 +1,6 @@
#! @PYTHON@
#
-# Copyright (C) 1998-2005 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -14,7 +14,8 @@
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+# USA.
"""Create a new, unpopulated mailing list.
@@ -93,7 +94,6 @@ import sys
import os
import getpass
import getopt
-import sha
import paths
from Mailman import mm_cfg
@@ -186,7 +186,7 @@ def main():
mlist = MailList.MailList()
try:
- pw = sha.new(listpasswd).hexdigest()
+ pw = Utils.sha_new(listpasswd).hexdigest()
# Guarantee that all newly created files have the proper permission.
# proper group ownership should be assured by the autoconf script
# enforcing that all directories have the group sticky bit set
diff --git a/bin/update b/bin/update
index 2a25da01..e36c1c40 100755
--- a/bin/update
+++ b/bin/update
@@ -34,7 +34,6 @@ some previous version. It knows about versions back to 1.0b4 (?).
"""
import os
-import md5
import sys
import time
import errno
@@ -131,7 +130,7 @@ def move_language_templates(mlist):
# No global template
continue
- gcksum = md5.new(fp.read()).digest()
+ gcksum = Utils.md5_new(fp.read()).digest()
fp.close()
# Match against the lists/<list>/* template
try:
@@ -139,7 +138,7 @@ def move_language_templates(mlist):
except IOError, e:
if e.errno <> errno.ENOENT: raise
else:
- tcksum = md5.new(fp.read()).digest()
+ tcksum = Utils.md5_new(fp.read()).digest()
fp.close()
if gcksum == tcksum:
os.unlink(os.path.join(mlist.fullpath(), gtemplate))
@@ -149,7 +148,7 @@ def move_language_templates(mlist):
except IOError, e:
if e.errno <> errno.ENOENT: raise
else:
- tcksum = md5.new(fp.read()).digest()
+ tcksum = Utils.md5_new(fp.read()).digest()
fp.close()
if gcksum == tcksum:
os.unlink(os.path.join(mlist.fullpath(), gtemplate + '.prev'))
@@ -159,7 +158,7 @@ def move_language_templates(mlist):
except IOError, e:
if e.errno <> errno.ENOENT: raise
else:
- tcksum = md5.new(fp.read()).digest()
+ tcksum = Utils.md5_new(fp.read()).digest()
fp.close()
if gcksum == tcksum:
os.unlink(os.path.join(mlist.fullpath(), 'en', gtemplate))
@@ -169,7 +168,7 @@ def move_language_templates(mlist):
except IOError, e:
if e.errno <> errno.ENOENT: raise
else:
- tcksum = md5.new(fp.read()).digest()
+ tcksum = Utils.md5_new(fp.read()).digest()
fp.close()
if gcksum == tcksum:
os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR, gtemplate))
@@ -179,7 +178,7 @@ def move_language_templates(mlist):
except IOError, e:
if e.errno <> errno.ENOENT: raise
else:
- tcksum = md5.new(fp.read()).digest()
+ tcksum = Utils.md5_new(fp.read()).digest()
fp.close()
if gcksum == tcksum:
os.unlink(os.path.join(mm_cfg.TEMPLATE_DIR,
diff --git a/tests/test_handlers.py b/tests/test_handlers.py
index 66c583f7..17e5ec96 100644
--- a/tests/test_handlers.py
+++ b/tests/test_handlers.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -12,13 +12,13 @@
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+# USA.
"""Unit tests for the various Mailman/Handlers/*.py modules.
"""
import os
-import sha
import time
import email
import errno
@@ -53,13 +53,14 @@ from Mailman.Handlers import ToArchive
from Mailman.Handlers import ToDigest
from Mailman.Handlers import ToOutgoing
from Mailman.Handlers import ToUsenet
+from Mailman.Utils import sha_new
from TestBase import TestBase
�
def password(plaintext):
- return sha.new(plaintext).hexdigest()
+ return sha_new(plaintext).hexdigest()
�
diff --git a/tests/test_security_mgr.py b/tests/test_security_mgr.py
index c63f0876..e829d0c9 100644
--- a/tests/test_security_mgr.py
+++ b/tests/test_security_mgr.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2001-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 2001-2008 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -12,7 +12,8 @@
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+# USA.
"""Unit tests for Mailman/SecurityManager.py
"""
@@ -20,8 +21,6 @@
import os
import unittest
import errno
-import md5
-import sha
import Cookie
try:
import crypt
@@ -33,13 +32,14 @@ from StringIO import StringIO
from Mailman import mm_cfg
from Mailman import Utils
from Mailman import Errors
+from Mailman.Utils import md5_new, sha_new
from TestBase import TestBase
�
def password(plaintext):
- return sha.new(plaintext).hexdigest()
+ return sha_new(plaintext).hexdigest()
�
@@ -132,7 +132,7 @@ class TestAuthenticate(TestBase):
def test_list_admin_upgrade(self):
eq = self.assertEqual
mlist = self._mlist
- mlist.password = md5.new('ssSSss').digest()
+ mlist.password = md5_new('ssSSss').digest()
eq(mlist.Authenticate(
[mm_cfg.AuthListAdmin], 'ssSSss'), mm_cfg.AuthListAdmin)
eq(mlist.password, password('ssSSss'))
@@ -146,10 +146,10 @@ class TestAuthenticate(TestBase):
def test_list_admin_oldstyle_unauth(self):
eq = self.assertEqual
mlist = self._mlist
- mlist.password = md5.new('ssSSss').digest()
+ mlist.password = md5_new('ssSSss').digest()
eq(mlist.Authenticate(
[mm_cfg.AuthListAdmin], 'xxxxxx'), mm_cfg.UnAuthorized)
- eq(mlist.password, md5.new('ssSSss').digest())
+ eq(mlist.password, md5_new('ssSSss').digest())
# Test crypt upgrades if crypt is supported
if crypt:
mlist.password = crypted = crypt.crypt('rrRRrr', 'zc')
--
cgit v1.2.3