diff options
-rw-r--r-- | Lib/test/test_urllib2_localnet.py | 8 | ||||
-rw-r--r-- | Lib/urllib2.py | 11 |
2 files changed, 10 insertions, 9 deletions
diff --git a/Lib/test/test_urllib2_localnet.py b/Lib/test/test_urllib2_localnet.py index 8784f95..dde9504 100644 --- a/Lib/test/test_urllib2_localnet.py +++ b/Lib/test/test_urllib2_localnet.py @@ -88,7 +88,7 @@ class DigestAuthHandler: def _generate_nonce(self): self._request_num += 1 - nonce = hashlib.md5(str(self._request_num)).hexdigest() + nonce = hashlib.md5(str(self._request_num).encode("ascii")).hexdigest() self._nonces.append(nonce) return nonce @@ -116,14 +116,14 @@ class DigestAuthHandler: final_dict["method"] = method final_dict["uri"] = uri HA1_str = "%(username)s:%(realm)s:%(password)s" % final_dict - HA1 = hashlib.md5(HA1_str).hexdigest() + HA1 = hashlib.md5(HA1_str.encode("ascii")).hexdigest() HA2_str = "%(method)s:%(uri)s" % final_dict - HA2 = hashlib.md5(HA2_str).hexdigest() + HA2 = hashlib.md5(HA2_str.encode("ascii")).hexdigest() final_dict["HA1"] = HA1 final_dict["HA2"] = HA2 response_str = "%(HA1)s:%(nonce)s:%(nc)s:" \ "%(cnonce)s:%(qop)s:%(HA2)s" % final_dict - response = hashlib.md5(response_str).hexdigest() + response = hashlib.md5(response_str.encode("ascii")).hexdigest() return response == auth_dict["response"] diff --git a/Lib/urllib2.py b/Lib/urllib2.py index 1defbe9..0995aeb 100644 --- a/Lib/urllib2.py +++ b/Lib/urllib2.py @@ -837,7 +837,7 @@ class ProxyBasicAuthHandler(AbstractBasicAuthHandler, BaseHandler): def randombytes(n): """Return n random bytes.""" - return str(os.urandom(n), "latin-1") + return os.urandom(n) class AbstractDigestAuthHandler: # Digest authentication is specified in RFC 2617. @@ -896,8 +896,9 @@ class AbstractDigestAuthHandler: # and server to avoid chosen plaintext attacks, to provide mutual # authentication, and to provide some message integrity protection. # This isn't a fabulous effort, but it's probably Good Enough. - dig = hashlib.sha1("%s:%s:%s:%s" % (self.nonce_count, nonce, time.ctime(), - randombytes(8))).hexdigest() + s = "%s:%s:%s:" % (self.nonce_count, nonce, time.ctime()) + b = s.encode("ascii") + randombytes(8) + dig = hashlib.sha1(b).hexdigest() return dig[:16] def get_authorization(self, req, chal): @@ -959,9 +960,9 @@ class AbstractDigestAuthHandler: def get_algorithm_impls(self, algorithm): # lambdas assume digest modules are imported at the top level if algorithm == 'MD5': - H = lambda x: hashlib.md5(x).hexdigest() + H = lambda x: hashlib.md5(x.encode("ascii")).hexdigest() elif algorithm == 'SHA': - H = lambda x: hashlib.sha1(x).hexdigest() + H = lambda x: hashlib.sha1(x.encode("ascii")).hexdigest() # XXX MD5-sess KD = lambda s, d: H("%s:%s" % (s, d)) return H, KD |