[CalendarServer-changes] [3891] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Thu Mar 19 09:14:10 PDT 2009
Revision: 3891
http://trac.macosforge.org/projects/calendarserver/changeset/3891
Author: cdaboo at apple.com
Date: 2009-03-19 09:14:09 -0700 (Thu, 19 Mar 2009)
Log Message:
-----------
Make sure memcached timeout does not interfere with the digest nonce stale behavior.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/digest.py
CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py
Modified: CalendarServer/trunk/twistedcaldav/directory/digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/digest.py 2009-03-19 03:39:21 UTC (rev 3890)
+++ CalendarServer/trunk/twistedcaldav/directory/digest.py 2009-03-19 16:14:09 UTC (rev 3891)
@@ -91,6 +91,8 @@
implements(IDigestCredentialsDatabase)
+ CHALLENGE_MAXTIME_SECS = 8 * 60 * 60 # 8 hrs
+
def __init__(self, namespace):
super(DigestCredentialsMemcache, self).__init__(
namespace=namespace,
@@ -112,7 +114,7 @@
super(DigestCredentialsMemcache, self).set(
key,
value,
- expire_time=DigestCredentialFactory.CHALLENGE_LIFETIME_SECS
+ expire_time=self.CHALLENGE_MAXTIME_SECS
)
class QopDigestCredentialFactory(DigestCredentialFactory):
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py 2009-03-19 03:39:21 UTC (rev 3890)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py 2009-03-19 16:14:09 UTC (rev 3891)
@@ -25,6 +25,8 @@
from twistedcaldav.directory.digest import QopDigestCredentialFactory
from twistedcaldav.test.util import TestCase
from twistedcaldav.config import config
+from twisted.web2.auth.digest import DigestCredentialFactory
+import time
import md5
import sys
@@ -553,7 +555,44 @@
creds = (yield factory.decode(clientResponse, _trivial_GET()))
self.failUnless(creds.checkPassword('password'))
+ @inlineCallbacks
+ def test_stale_response(self):
+ """
+ Test that we can decode a valid response to our challenge
+ """
+ oldTime = DigestCredentialFactory.CHALLENGE_LIFETIME_SECS
+ DigestCredentialFactory.CHALLENGE_LIFETIME_SECS = 2
+
+ for ctr, factory in enumerate(self.credentialFactories):
+ challenge = (yield factory.getChallenge(clientAddress))
+
+ clientResponse = authRequest1[ctr] % (
+ challenge['nonce'],
+ self.getDigestResponse(challenge, "00000001"),
+ )
+
+ creds = (yield factory.decode(clientResponse, _trivial_GET()))
+ self.failUnless(creds.checkPassword('password'))
+
+ time.sleep(3)
+ request = _trivial_GET()
+ try:
+ clientResponse = authRequest2[ctr] % (
+ challenge['nonce'],
+ self.getDigestResponse(challenge, "00000002"),
+ )
+ creds = (yield factory.decode(clientResponse, request))
+ self.fail("Nonce should have timed out")
+ except error.LoginFailed:
+ self.assertTrue(hasattr(request.remoteAddr, "stale"))
+ except Exception, e:
+ self.fail("Invalid exception from nonce timeout: %s" % e)
+ challenge = (yield factory.getChallenge(request.remoteAddr))
+ self.assertTrue(challenge.get("stale") == "true")
+
+ DigestCredentialFactory.CHALLENGE_LIFETIME_SECS = oldTime
+
def _trivial_GET():
return SimpleRequest(None, 'GET', '/')
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090319/09e10cdc/attachment.html>
More information about the calendarserver-changes
mailing list