File python-38-hmac-digestmod.patch of Package python-Twisted.25323
Index: Twisted-19.10.0/src/twisted/cred/credentials.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/cred/credentials.py
+++ Twisted-19.10.0/src/twisted/cred/credentials.py
@@ -439,7 +439,8 @@ class CramMD5Credentials(object):
def checkPassword(self, password):
- verify = hexlify(hmac.HMAC(password, self.challenge).digest())
+ verify = hexlify(
+ hmac.HMAC(password, self.challenge, digestmod=md5).digest())
return verify == self.response
Index: Twisted-19.10.0/src/twisted/cred/test/test_cramauth.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/cred/test/test_cramauth.py
+++ Twisted-19.10.0/src/twisted/cred/test/test_cramauth.py
@@ -7,6 +7,7 @@ Tests for L{twisted.cred}'s implementati
from __future__ import division, absolute_import
+from hashlib import md5
from hmac import HMAC
from binascii import hexlify
@@ -39,7 +40,7 @@ class CramMD5CredentialsTests(TestCase):
"""
c = CramMD5Credentials()
chal = c.getChallenge()
- c.response = hexlify(HMAC(b'secret', chal).digest())
+ c.response = hexlify(HMAC(b'secret', chal, digestmod=md5).digest())
self.assertTrue(c.checkPassword(b'secret'))
@@ -61,7 +62,8 @@ class CramMD5CredentialsTests(TestCase):
"""
c = CramMD5Credentials()
chal = c.getChallenge()
- c.response = hexlify(HMAC(b'thewrongsecret', chal).digest())
+ c.response = hexlify(
+ HMAC(b'thewrongsecret', chal, digestmod=md5).digest())
self.assertFalse(c.checkPassword(b'secret'))
@@ -75,7 +77,7 @@ class CramMD5CredentialsTests(TestCase):
chal = c.getChallenge()
c.setResponse(b" ".join(
(b"squirrel",
- hexlify(HMAC(b'supersecret', chal).digest()))))
+ hexlify(HMAC(b'supersecret', chal, digestmod=md5).digest()))))
self.assertTrue(c.checkPassword(b'supersecret'))
self.assertEqual(c.username, b"squirrel")
Index: Twisted-19.10.0/src/twisted/mail/_cred.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/mail/_cred.py
+++ Twisted-19.10.0/src/twisted/mail/_cred.py
@@ -7,6 +7,7 @@ Credential managers for L{twisted.mail}.
from __future__ import absolute_import, division
+from hashlib import md5
import hmac
from zope.interface import implementer
@@ -28,7 +29,8 @@ class CramMD5ClientAuthenticator:
def challengeResponse(self, secret, chal):
- response = hmac.HMAC(secret, chal).hexdigest().encode('ascii')
+ response = hmac.HMAC(
+ secret, chal, digestmod=md5).hexdigest().encode('ascii')
return self.user + b' ' + response
Index: Twisted-19.10.0/src/twisted/mail/test/test_pop3.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/mail/test/test_pop3.py
+++ Twisted-19.10.0/src/twisted/mail/test/test_pop3.py
@@ -12,6 +12,7 @@ import base64
import itertools
from collections import OrderedDict
+from hashlib import md5
from io import BytesIO
from zope.interface import implementer
@@ -1097,7 +1098,8 @@ class SASLTests(unittest.TestCase):
p.lineReceived(b"AUTH CRAM-MD5")
chal = s.getvalue().splitlines()[-1][2:]
chal = base64.decodestring(chal)
- response = hmac.HMAC(b'testpassword', chal).hexdigest().encode("ascii")
+ response = hmac.HMAC(
+ b'testpassword', chal, digestmod=md5).hexdigest().encode("ascii")
p.lineReceived(
base64.encodestring(b'testuser ' + response).rstrip(b'\n'))