Switch from md5 to sha256 for UIDs and tokens
This commit is contained in:
parent
6697a6c8c4
commit
c99a1f53df
3
config
3
config
@ -70,7 +70,8 @@
|
|||||||
# Htpasswd encryption method
|
# Htpasswd encryption method
|
||||||
# Value: plain | sha1 | ssha | crypt | bcrypt | md5
|
# Value: plain | sha1 | ssha | crypt | bcrypt | md5
|
||||||
# Only bcrypt can be considered secure.
|
# Only bcrypt can be considered secure.
|
||||||
# bcrypt and md5 require the passlib library to be installed.
|
# bcrypt requires the passlib[bcrypt] module and md5 requires
|
||||||
|
# the passlib module.
|
||||||
#htpasswd_encryption = bcrypt
|
#htpasswd_encryption = bcrypt
|
||||||
|
|
||||||
# Incorrect authentication delay (seconds)
|
# Incorrect authentication delay (seconds)
|
||||||
|
@ -25,7 +25,7 @@ Module for address books and calendar entries (see ``Item``).
|
|||||||
|
|
||||||
import math
|
import math
|
||||||
import sys
|
import sys
|
||||||
from hashlib import md5
|
from hashlib import sha256
|
||||||
from random import getrandbits
|
from random import getrandbits
|
||||||
|
|
||||||
import vobject
|
import vobject
|
||||||
@ -183,7 +183,7 @@ def get_etag(text):
|
|||||||
Encoded as quoted-string (see RFC 2616).
|
Encoded as quoted-string (see RFC 2616).
|
||||||
|
|
||||||
"""
|
"""
|
||||||
etag = md5()
|
etag = sha256()
|
||||||
etag.update(text.encode("utf-8"))
|
etag.update(text.encode("utf-8"))
|
||||||
return '"%s"' % etag.hexdigest()
|
return '"%s"' % etag.hexdigest()
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@ Take a look at the class ``BaseCollection`` if you want to implement your own.
|
|||||||
|
|
||||||
import contextlib
|
import contextlib
|
||||||
import json
|
import json
|
||||||
from hashlib import md5
|
from hashlib import sha256
|
||||||
|
|
||||||
import pkg_resources
|
import pkg_resources
|
||||||
import vobject
|
import vobject
|
||||||
@ -79,7 +79,7 @@ class BaseCollection:
|
|||||||
@property
|
@property
|
||||||
def etag(self):
|
def etag(self):
|
||||||
"""Encoded as quoted-string (see RFC 2616)."""
|
"""Encoded as quoted-string (see RFC 2616)."""
|
||||||
etag = md5()
|
etag = sha256()
|
||||||
for item in self.get_all():
|
for item in self.get_all():
|
||||||
etag.update((item.href + "/" + item.etag).encode("utf-8"))
|
etag.update((item.href + "/" + item.etag).encode("utf-8"))
|
||||||
etag.update(json.dumps(self.get_meta(), sort_keys=True).encode())
|
etag.update(json.dumps(self.get_meta(), sort_keys=True).encode())
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
import os
|
import os
|
||||||
import pickle
|
import pickle
|
||||||
import time
|
import time
|
||||||
from hashlib import md5
|
from hashlib import sha256
|
||||||
|
|
||||||
from radicale import pathutils, storage
|
from radicale import pathutils, storage
|
||||||
from radicale.log import logger
|
from radicale.log import logger
|
||||||
@ -54,7 +54,7 @@ class CollectionCacheMixin:
|
|||||||
self._storage._sync_directory(folder)
|
self._storage._sync_directory(folder)
|
||||||
|
|
||||||
def _item_cache_hash(self, raw_text):
|
def _item_cache_hash(self, raw_text):
|
||||||
_hash = md5()
|
_hash = sha256()
|
||||||
_hash.update(storage.CACHE_VERSION)
|
_hash.update(storage.CACHE_VERSION)
|
||||||
_hash.update(raw_text)
|
_hash.update(raw_text)
|
||||||
return _hash.hexdigest()
|
return _hash.hexdigest()
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
import itertools
|
import itertools
|
||||||
import os
|
import os
|
||||||
import pickle
|
import pickle
|
||||||
from hashlib import md5
|
from hashlib import sha256
|
||||||
|
|
||||||
from radicale.log import logger
|
from radicale.log import logger
|
||||||
|
|
||||||
@ -27,10 +27,10 @@ from radicale.log import logger
|
|||||||
class CollectionSyncMixin:
|
class CollectionSyncMixin:
|
||||||
def sync(self, old_token=None):
|
def sync(self, old_token=None):
|
||||||
# The sync token has the form http://radicale.org/ns/sync/TOKEN_NAME
|
# The sync token has the form http://radicale.org/ns/sync/TOKEN_NAME
|
||||||
# where TOKEN_NAME is the md5 hash of all history etags of present and
|
# where TOKEN_NAME is the sha256 hash of all history etags of present
|
||||||
# past items of the collection.
|
# and past items of the collection.
|
||||||
def check_token_name(token_name):
|
def check_token_name(token_name):
|
||||||
if len(token_name) != 32:
|
if len(token_name) != 64:
|
||||||
return False
|
return False
|
||||||
for c in token_name:
|
for c in token_name:
|
||||||
if c not in "0123456789abcdef":
|
if c not in "0123456789abcdef":
|
||||||
@ -47,7 +47,7 @@ class CollectionSyncMixin:
|
|||||||
raise ValueError("Malformed token: %r" % old_token)
|
raise ValueError("Malformed token: %r" % old_token)
|
||||||
# Get the current state and sync-token of the collection.
|
# Get the current state and sync-token of the collection.
|
||||||
state = {}
|
state = {}
|
||||||
token_name_hash = md5()
|
token_name_hash = sha256()
|
||||||
# Find the history of all existing and deleted items
|
# Find the history of all existing and deleted items
|
||||||
for href, item in itertools.chain(
|
for href, item in itertools.chain(
|
||||||
((item.href, item) for item in self.get_all()),
|
((item.href, item) for item in self.get_all()),
|
||||||
|
Loading…
Reference in New Issue
Block a user