[CalendarServer-changes] [15144] CalDAVClientLibrary/trunk
source_changes at macosforge.org
source_changes at macosforge.org
Tue Sep 22 11:03:08 PDT 2015
Revision: 15144
http://trac.calendarserver.org//changeset/15144
Author: cdaboo at apple.com
Date: 2015-09-22 11:03:08 -0700 (Tue, 22 Sep 2015)
Log Message:
-----------
Need pycalendar project reference. Fix digest auth with algo=md5-sess.
Modified Paths:
--------------
CalDAVClientLibrary/trunk/.project
CalDAVClientLibrary/trunk/caldavclientlibrary/protocol/http/authentication/digest.py
Modified: CalDAVClientLibrary/trunk/.project
===================================================================
--- CalDAVClientLibrary/trunk/.project 2015-09-22 14:17:15 UTC (rev 15143)
+++ CalDAVClientLibrary/trunk/.project 2015-09-22 18:03:08 UTC (rev 15144)
@@ -3,6 +3,7 @@
<name>CalDAVClientLibrary</name>
<comment></comment>
<projects>
+ <project>pycalendar</project>
<project>PyKerberos</project>
</projects>
<buildSpec>
Modified: CalDAVClientLibrary/trunk/caldavclientlibrary/protocol/http/authentication/digest.py
===================================================================
--- CalDAVClientLibrary/trunk/caldavclientlibrary/protocol/http/authentication/digest.py 2015-09-22 14:17:15 UTC (rev 15143)
+++ CalDAVClientLibrary/trunk/caldavclientlibrary/protocol/http/authentication/digest.py 2015-09-22 18:03:08 UTC (rev 15144)
@@ -19,6 +19,7 @@
from caldavclientlibrary.protocol.http.definitions import headers
from StringIO import StringIO
import hashlib
+import uuid
class Digest(Authenticator):
@@ -49,8 +50,8 @@
os.write(" uri=\"%s\"," % (request.getURL(),))
if "qop" in self.fields:
os.write(" qop=auth,")
- os.write(" nc=\"%s\"" % (self.fields['nc'],))
- os.write(" cnonce=\"%s\"" % (self.fields['cnonce'],))
+ os.write(" nc=%s," % (self.fields['nc'],))
+ os.write(" cnonce=\"%s\"," % (self.fields['cnonce'],))
os.write(" response=\"%s\"" % (self.response,))
if "algorithm" in self.fields:
@@ -161,29 +162,46 @@
return HA1.encode('hex')
+ # DigestCalcHA2
+ @staticmethod
+ def calcHA2(algo, pszMethod, pszDigestUri, pszQop, pszHEntity):
+ """
+ Compute H(A2) from RFC 2617.
+
+ @param pszAlg: The name of the algorithm to use to calculate the digest.
+ Currently supported are md5, md5-sess, and sha.
+ @param pszMethod: The request method.
+ @param pszDigestUri: The request URI.
+ @param pszQop: The Quality-of-Protection value.
+ @param pszHEntity: The hash of the entity body or C{None} if C{pszQop} is
+ not C{'auth-int'}.
+ @return: The hash of the A2 value for the calculation of the response
+ digest.
+ """
+ m = Digest.algorithms[algo]()
+ m.update(pszMethod)
+ m.update(":")
+ m.update(pszDigestUri)
+ if pszQop == "auth-int":
+ m.update(":")
+ m.update(pszHEntity)
+ HA2 = m.digest()
+
+ return HA2.encode('hex')
+
+
# DigestCalcResponse
@staticmethod
def calcResponse(
HA1,
+ HA2,
algo,
pszNonce,
pszNonceCount,
pszCNonce,
pszQop,
- pszMethod,
- pszDigestUri,
- pszHEntity,
):
m = Digest.algorithms[algo]()
- m.update(pszMethod)
- m.update(":")
- m.update(pszDigestUri)
- if pszQop == "auth-int":
- m.update(":")
- m.update(pszHEntity)
- HA2 = m.digest().encode('hex')
-
- m = Digest.algorithms[algo]()
m.update(HA1)
m.update(":")
m.update(pszNonce)
@@ -201,21 +219,36 @@
def generateResponse(self, request):
- self.response = Digest.calcResponse(
- Digest.calcHA1(
- self.fields.get("algorithm", "md5"),
- self.fields.get("username", ""),
- self.fields.get("realm", ""),
- self.fields.get("password", ""),
- self.fields.get("nonce", ""),
- self.fields.get("cnonce", ""),
- ),
+
+ if self.fields.get("qop", ""):
+ self.clientCount += 1
+ self.fields["cnonce"] = str(uuid.uuid4())
+ self.fields["nc"] = "%08x" % self.clientCount
+ else:
+ self.fields["cnonce"] = ""
+ self.fields["nc"] = ""
+
+ HA1 = Digest.calcHA1(
self.fields.get("algorithm", "md5"),
+ self.fields.get("username", ""),
+ self.fields.get("realm", ""),
+ self.fields.get("password", ""),
self.fields.get("nonce", ""),
- self.fields.get("nc", ""),
self.fields.get("cnonce", ""),
- self.fields.get("qop", ""),
+ )
+ HA2 = Digest.calcHA2(
+ self.fields.get("algorithm", "md5"),
request.method,
request.url,
+ self.fields.get("qop", ""),
None,
)
+ self.response = Digest.calcResponse(
+ HA1,
+ HA2,
+ self.fields.get("algorithm", "md5"),
+ self.fields.get("nonce", ""),
+ self.fields.get("nc", ""),
+ self.fields.get("cnonce", ""),
+ self.fields.get("qop", ""),
+ )
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20150922/0b07cfa8/attachment.html>
More information about the calendarserver-changes
mailing list