[CalendarServer-changes] [3891] CalendarServer/trunk/twistedcaldav/directory

source_changes at macosforge.org source_changes at macosforge.org
Thu Mar 19 09:14:10 PDT 2009


Revision: 3891
          http://trac.macosforge.org/projects/calendarserver/changeset/3891
Author:   cdaboo at apple.com
Date:     2009-03-19 09:14:09 -0700 (Thu, 19 Mar 2009)
Log Message:
-----------
Make sure memcached timeout does not interfere with the digest nonce stale behavior.

Modified Paths:
--------------
    CalendarServer/trunk/twistedcaldav/directory/digest.py
    CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py

Modified: CalendarServer/trunk/twistedcaldav/directory/digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/digest.py	2009-03-19 03:39:21 UTC (rev 3890)
+++ CalendarServer/trunk/twistedcaldav/directory/digest.py	2009-03-19 16:14:09 UTC (rev 3891)
@@ -91,6 +91,8 @@
 
     implements(IDigestCredentialsDatabase)
 
+    CHALLENGE_MAXTIME_SECS = 8 * 60 * 60    # 8 hrs
+
     def __init__(self, namespace):
         super(DigestCredentialsMemcache, self).__init__(
             namespace=namespace,
@@ -112,7 +114,7 @@
         super(DigestCredentialsMemcache, self).set(
             key,
             value,
-            expire_time=DigestCredentialFactory.CHALLENGE_LIFETIME_SECS
+            expire_time=self.CHALLENGE_MAXTIME_SECS
         )
 
 class QopDigestCredentialFactory(DigestCredentialFactory):

Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py	2009-03-19 03:39:21 UTC (rev 3890)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_digest.py	2009-03-19 16:14:09 UTC (rev 3891)
@@ -25,6 +25,8 @@
 from twistedcaldav.directory.digest import QopDigestCredentialFactory
 from twistedcaldav.test.util import TestCase
 from twistedcaldav.config import config
+from twisted.web2.auth.digest import DigestCredentialFactory
+import time
 
 import md5
 import sys
@@ -553,7 +555,44 @@
             creds = (yield factory.decode(clientResponse, _trivial_GET()))
             self.failUnless(creds.checkPassword('password'))
 
+    @inlineCallbacks
+    def test_stale_response(self):
+        """
+        Test that we can decode a valid response to our challenge
+        """
 
+        oldTime = DigestCredentialFactory.CHALLENGE_LIFETIME_SECS
+        DigestCredentialFactory.CHALLENGE_LIFETIME_SECS = 2
+
+        for ctr, factory in enumerate(self.credentialFactories):
+            challenge = (yield factory.getChallenge(clientAddress))
+    
+            clientResponse = authRequest1[ctr] % (
+                challenge['nonce'],
+                self.getDigestResponse(challenge, "00000001"),
+            )
+    
+            creds = (yield factory.decode(clientResponse, _trivial_GET()))
+            self.failUnless(creds.checkPassword('password'))
+            
+            time.sleep(3)
+            request = _trivial_GET()
+            try:
+                clientResponse = authRequest2[ctr] % (
+                    challenge['nonce'],
+                    self.getDigestResponse(challenge, "00000002"),
+                )
+                creds = (yield factory.decode(clientResponse, request))
+                self.fail("Nonce should have timed out")
+            except error.LoginFailed:
+                self.assertTrue(hasattr(request.remoteAddr, "stale"))
+            except Exception, e:
+                self.fail("Invalid exception from nonce timeout: %s" % e)
+            challenge = (yield factory.getChallenge(request.remoteAddr))
+            self.assertTrue(challenge.get("stale") == "true")
+            
+        DigestCredentialFactory.CHALLENGE_LIFETIME_SECS = oldTime
+
 def _trivial_GET():
     return SimpleRequest(None, 'GET', '/')
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20090319/09e10cdc/attachment.html>


More information about the calendarserver-changes mailing list