parent: 531e9ac9 | patch | commit | ignore whitespace
Michael Merickel
2012-11-04 ca3df803c9afd04d7dee612e0bf321cc62cf900f 
emit a warning if a user is using the default hashalg to AuthTkt
4 files modified
38 ■■■■■ changed files
CHANGES.txt 9 ●●●●● patch | view | raw | blame | history
TODO.txt 3 ●●●●● patch | view | raw | blame | history
pyramid/authentication.py 17 ●●●●● patch | view | raw | blame | history
pyramid/tests/test_authentication.py 9 ●●●●● patch | view | raw | blame | history 
 CHANGES.txt


@@ -48,6 +48,15 @@


  attribute of the request.  It no longer fails in this case.  See


  https://github.com/Pylons/pyramid/issues/700




Deprecations


------------




- ``pyramid.authentication.AuthTktAuthenticationPolicy`` will emit a warning


  if an application is using the policy without explicitly setting the


  ``hashalg``. This is because the default is "md5" which is considered


  insecure. If you really want "md5" then you must specify it explicitly to


  get rid of the warning.




Internals


---------






 TODO.txt


@@ -141,6 +141,9 @@




- 1.6: Remove IContextURL and TraversalContextURL.




- 1.7: Change ``pyramid.authentication.AuthTktAuthenticationPolicy`` default


  ``hashalg`` to ``sha512``.




Probably Bad Ideas


------------------






 pyramid/authentication.py


@@ -6,6 +6,7 @@


import datetime


import re


import time as time_mod


import warnings




from zope.interface import implementer




@@ -405,6 +406,8 @@


        be done somewhere else or in a subclass."""


        return []




_marker = object()




@implementer(IAuthenticationPolicy)


class AuthTktAuthenticationPolicy(CallbackAuthenticationPolicy):


    """A :app:`Pyramid` :term:`authentication policy` which


@@ -549,8 +552,20 @@


                 http_only=False,


                 wild_domain=True,


                 debug=False,


                 hashalg='md5',


                 hashalg=_marker


                 ):


        if hashalg is _marker:


            hashalg = 'md5'


            warnings.warn('The MD5 hash function is known to have collisions. '


                          'We recommend instead that you update your code to '


                          'use the SHA512 algorithm by setting '


                          'hashalg=\'sha512\'. If you accept these risks '


                          'and want to continue using MD5, explicitly set '


                          'the hashalg=\'md5\' in your authentication policy. '


                          'The default algorithm used in this policy is '


                          'likely to change in the future.',


                          DeprecationWarning,


                          stacklevel=2)


        self.cookie = AuthTktCookieHelper(


            secret,


            cookie_name=cookie_name,




 pyramid/tests/test_authentication.py


@@ -1,4 +1,5 @@


import unittest


import warnings


from pyramid import testing


from pyramid.compat import (


    text_,


@@ -440,6 +441,14 @@


        inst.cookie = DummyCookieHelper(cookieidentity)


        return inst




    def setUp(self):


        self.warnings = warnings.catch_warnings()


        self.warnings.__enter__()


        warnings.simplefilter('ignore', DeprecationWarning)




    def tearDown(self):


        self.warnings.__exit__(None, None, None)




    def test_allargs(self):


        # pass all known args


        inst = self._getTargetClass()(