public inbox for [email protected]
help / color / mirror / Atom feedPATCH: To fix salt generation in session.py
5+ messages / 2 participants
[nested] [flat]
* PATCH: To fix salt generation in session.py
@ 2016-07-11 07:11 Murtuza Zabuawala <[email protected]>
2016-07-11 07:14 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Murtuza Zabuawala @ 2016-07-11 07:11 UTC (permalink / raw)
To: pgadmin-hackers
Hi,
With latest pull session.py fails with below error with python3 because in
python3 strings 'lowercase' method has been renamed to 'ascii_lowercase',
PFA patch to fix the issue.
Issue:
----------
* File "../pgadmin4/web/pgadmin/utils/session.py", line 59, in sign*
* self.randval = ''.join(random.sample(string.lowercase+string.digits,
20))*
*AttributeError: module 'string' has no attribute 'lowercase'*
--
Regards,
Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
--
Sent via pgadmin-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers
Attachments:
[application/octet-stream] Fix_sessions.patch (895B, 3-Fix_sessions.patch)
download | inline diff:
diff --git a/web/pgadmin/utils/session.py b/web/pgadmin/utils/session.py
index 9f740f5..0dcca4d 100644
--- a/web/pgadmin/utils/session.py
+++ b/web/pgadmin/utils/session.py
@@ -56,7 +56,15 @@ class ManagedSession(CallbackDict, SessionMixin):
def sign(self, secret):
if not self.hmac_digest:
- self.randval = ''.join(random.sample(string.lowercase+string.digits, 20))
+ # If script is running under python2
+ if hasattr(string, 'lowercase'):
+ population = string.lowercase
+ # If script is running under python3
+ elif hasattr(string, 'ascii_lowercase'):
+ population = string.ascii_lowercase
+ population += string.digits
+
+ self.randval = ''.join(random.sample(population, 20))
self.hmac_digest = _calc_hmac('%s:%s' % (self.sid, self.randval), secret)
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: PATCH: To fix salt generation in session.py
2016-07-11 07:11 PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
@ 2016-07-11 07:14 ` Murtuza Zabuawala <[email protected]>
2016-07-11 10:35 ` Re: PATCH: To fix salt generation in session.py Ashesh Vashi <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Murtuza Zabuawala @ 2016-07-11 07:14 UTC (permalink / raw)
To: pgadmin-hackers
Hi,
Please hold on in this patch, Need additional changes.
--
Regards,
Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
On Mon, Jul 11, 2016 at 12:41 PM, Murtuza Zabuawala <
[email protected]> wrote:
> Hi,
>
> With latest pull session.py fails with below error with python3 because in
> python3 strings 'lowercase' method has been renamed to 'ascii_lowercase',
> PFA patch to fix the issue.
>
> Issue:
> ----------
> * File "../pgadmin4/web/pgadmin/utils/session.py", line 59, in sign*
> * self.randval = ''.join(random.sample(string.lowercase+string.digits,
> 20))*
> *AttributeError: module 'string' has no attribute 'lowercase'*
>
>
> --
> Regards,
> Murtuza Zabuawala
> EnterpriseDB: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: PATCH: To fix salt generation in session.py
2016-07-11 07:11 PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 07:14 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
@ 2016-07-11 10:35 ` Ashesh Vashi <[email protected]>
2016-07-11 11:00 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Ashesh Vashi @ 2016-07-11 10:35 UTC (permalink / raw)
To: Murtuza Zabuawala <[email protected]>; +Cc: pgadmin-hackers
Hi Murtuza,
Can you please test this patch for the same?
--
Thanks & Regards,
Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company
<http://www.enterprisedb.com;
*http://www.linkedin.com/in/asheshvashi*
<http://www.linkedin.com/in/asheshvashi;
On Mon, Jul 11, 2016 at 12:44 PM, Murtuza Zabuawala <
[email protected]> wrote:
> Hi,
>
> Please hold on in this patch, Need additional changes.
>
> --
> Regards,
> Murtuza Zabuawala
> EnterpriseDB: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
> On Mon, Jul 11, 2016 at 12:41 PM, Murtuza Zabuawala <
> [email protected]> wrote:
>
>> Hi,
>>
>> With latest pull session.py fails with below error with python3 because
>> in python3 strings 'lowercase' method has been renamed to
>> 'ascii_lowercase', PFA patch to fix the issue.
>>
>> Issue:
>> ----------
>> * File "../pgadmin4/web/pgadmin/utils/session.py", line 59, in sign*
>> * self.randval = ''.join(random.sample(string.lowercase+string.digits,
>> 20))*
>> *AttributeError: module 'string' has no attribute 'lowercase'*
>>
>>
>> --
>> Regards,
>> Murtuza Zabuawala
>> EnterpriseDB: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company
>>
>
>
--
Sent via pgadmin-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgadmin-hackers
Attachments:
[application/octet-stream] hmac_python3.patch (2.1K, 3-hmac_python3.patch)
download | inline diff:
diff --git a/web/pgadmin/utils/session.py b/web/pgadmin/utils/session.py
index 9f740f5..ef65fd1 100644
--- a/web/pgadmin/utils/session.py
+++ b/web/pgadmin/utils/session.py
@@ -39,7 +39,11 @@ from werkzeug.datastructures import CallbackDict
def _calc_hmac(body, secret):
- return base64.b64encode(hmac.new(secret, body, hashlib.sha1).digest())
+ return base64.b64encode(
+ hmac.new(
+ secret.encode(), body.encode(), hashlib.sha1
+ ).digest()
+ ).decode()
class ManagedSession(CallbackDict, SessionMixin):
@@ -56,7 +60,14 @@ class ManagedSession(CallbackDict, SessionMixin):
def sign(self, secret):
if not self.hmac_digest:
- self.randval = ''.join(random.sample(string.lowercase+string.digits, 20))
+ if hasattr(string, 'lowercase'):
+ population = string.lowercase
+ # If script is running under python3
+ elif hasattr(string, 'ascii_lowercase'):
+ population = string.ascii_lowercase
+ population += string.digits
+
+ self.randval = ''.join(random.sample(population, 20))
self.hmac_digest = _calc_hmac('%s:%s' % (self.sid, self.randval), secret)
@@ -163,7 +174,7 @@ class FileBackedSessionManager(SessionManager):
fname = os.path.join(self.path, sid)
# touch the file
- with open(fname, 'w'):
+ with open(fname, 'wb'):
pass
return ManagedSession(sid=sid)
@@ -178,7 +189,7 @@ class FileBackedSessionManager(SessionManager):
if os.path.exists(fname):
try:
- with open(fname) as f:
+ with open(fname, 'rb') as f:
randval, hmac_digest, data = load(f)
except:
pass
@@ -203,7 +214,7 @@ class FileBackedSessionManager(SessionManager):
session.sign(self.secret)
fname = os.path.join(self.path, session.sid)
- with open(fname, 'w') as f:
+ with open(fname, 'wb') as f:
dump(
(session.randval, session.hmac_digest, dict(session)),
f
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: PATCH: To fix salt generation in session.py
2016-07-11 07:11 PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 07:14 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 10:35 ` Re: PATCH: To fix salt generation in session.py Ashesh Vashi <[email protected]>
@ 2016-07-11 11:00 ` Murtuza Zabuawala <[email protected]>
2016-07-11 11:03 ` Re: PATCH: To fix salt generation in session.py Ashesh Vashi <[email protected]>
0 siblings, 1 reply; 5+ messages in thread
From: Murtuza Zabuawala @ 2016-07-11 11:00 UTC (permalink / raw)
To: Ashesh Vashi <[email protected]>; +Cc: pgadmin-hackers
Hi,
Tested, I'm able to login now.
Thanks,
Murtuza
--
Regards,
Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
On Mon, Jul 11, 2016 at 4:05 PM, Ashesh Vashi <[email protected]
> wrote:
> Hi Murtuza,
>
> Can you please test this patch for the same?
>
> --
>
> Thanks & Regards,
>
> Ashesh Vashi
> EnterpriseDB INDIA: Enterprise PostgreSQL Company
> <http://www.enterprisedb.com;
>
>
> *http://www.linkedin.com/in/asheshvashi*
> <http://www.linkedin.com/in/asheshvashi;
>
> On Mon, Jul 11, 2016 at 12:44 PM, Murtuza Zabuawala <
> [email protected]> wrote:
>
>> Hi,
>>
>> Please hold on in this patch, Need additional changes.
>>
>> --
>> Regards,
>> Murtuza Zabuawala
>> EnterpriseDB: http://www.enterprisedb.com
>> The Enterprise PostgreSQL Company
>>
>> On Mon, Jul 11, 2016 at 12:41 PM, Murtuza Zabuawala <
>> [email protected]> wrote:
>>
>>> Hi,
>>>
>>> With latest pull session.py fails with below error with python3 because
>>> in python3 strings 'lowercase' method has been renamed to
>>> 'ascii_lowercase', PFA patch to fix the issue.
>>>
>>> Issue:
>>> ----------
>>> * File "../pgadmin4/web/pgadmin/utils/session.py", line 59, in sign*
>>> * self.randval =
>>> ''.join(random.sample(string.lowercase+string.digits, 20))*
>>> *AttributeError: module 'string' has no attribute 'lowercase'*
>>>
>>>
>>> --
>>> Regards,
>>> Murtuza Zabuawala
>>> EnterpriseDB: http://www.enterprisedb.com
>>> The Enterprise PostgreSQL Company
>>>
>>
>>
>
^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: PATCH: To fix salt generation in session.py
2016-07-11 07:11 PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 07:14 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 10:35 ` Re: PATCH: To fix salt generation in session.py Ashesh Vashi <[email protected]>
2016-07-11 11:00 ` Re: PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
@ 2016-07-11 11:03 ` Ashesh Vashi <[email protected]>
0 siblings, 0 replies; 5+ messages in thread
From: Ashesh Vashi @ 2016-07-11 11:03 UTC (permalink / raw)
To: Murtuza Zabuawala <[email protected]>; +Cc: pgadmin-hackers
I've committed the patch.
Thanks for testing it.
--
Thanks & Regards,
Ashesh Vashi
EnterpriseDB INDIA: Enterprise PostgreSQL Company
<http://www.enterprisedb.com;
*http://www.linkedin.com/in/asheshvashi*
<http://www.linkedin.com/in/asheshvashi;
On Mon, Jul 11, 2016 at 4:30 PM, Murtuza Zabuawala <
[email protected]> wrote:
> Hi,
>
> Tested, I'm able to login now.
>
>
> Thanks,
> Murtuza
>
> --
> Regards,
> Murtuza Zabuawala
> EnterpriseDB: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>
> On Mon, Jul 11, 2016 at 4:05 PM, Ashesh Vashi <
> [email protected]> wrote:
>
>> Hi Murtuza,
>>
>> Can you please test this patch for the same?
>>
>> --
>>
>> Thanks & Regards,
>>
>> Ashesh Vashi
>> EnterpriseDB INDIA: Enterprise PostgreSQL Company
>> <http://www.enterprisedb.com;
>>
>>
>> *http://www.linkedin.com/in/asheshvashi*
>> <http://www.linkedin.com/in/asheshvashi;
>>
>> On Mon, Jul 11, 2016 at 12:44 PM, Murtuza Zabuawala <
>> [email protected]> wrote:
>>
>>> Hi,
>>>
>>> Please hold on in this patch, Need additional changes.
>>>
>>> --
>>> Regards,
>>> Murtuza Zabuawala
>>> EnterpriseDB: http://www.enterprisedb.com
>>> The Enterprise PostgreSQL Company
>>>
>>> On Mon, Jul 11, 2016 at 12:41 PM, Murtuza Zabuawala <
>>> [email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> With latest pull session.py fails with below error with python3 because
>>>> in python3 strings 'lowercase' method has been renamed to
>>>> 'ascii_lowercase', PFA patch to fix the issue.
>>>>
>>>> Issue:
>>>> ----------
>>>> * File "../pgadmin4/web/pgadmin/utils/session.py", line 59, in sign*
>>>> * self.randval =
>>>> ''.join(random.sample(string.lowercase+string.digits, 20))*
>>>> *AttributeError: module 'string' has no attribute 'lowercase'*
>>>>
>>>>
>>>> --
>>>> Regards,
>>>> Murtuza Zabuawala
>>>> EnterpriseDB: http://www.enterprisedb.com
>>>> The Enterprise PostgreSQL Company
>>>>
>>>
>>>
>>
>
^ permalink raw reply [nested|flat] 5+ messages in thread
end of thread, other threads:[~2016-07-11 11:03 UTC | newest]
Thread overview: 5+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2016-07-11 07:11 PATCH: To fix salt generation in session.py Murtuza Zabuawala <[email protected]>
2016-07-11 07:14 ` Murtuza Zabuawala <[email protected]>
2016-07-11 10:35 ` Ashesh Vashi <[email protected]>
2016-07-11 11:00 ` Murtuza Zabuawala <[email protected]>
2016-07-11 11:03 ` Ashesh Vashi <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox