Fix python 2.4 compatibility

I got overexcited and forgot we have to remain compatible with python 2.4. With this patch we move from sha256 to sha1 for hmac authenticated serialized messages, and we handle both newer and older python, by importing the right module for each. Signed-off-by: Guido Trotter <ultrotter@google.com> Reviewed-by: Iustin Pop <iustin@google.com>

Fix python 2.4 compatibility
I got overexcited and forgot we have to remain compatible with python 2.4. With this patch we move from sha256 to sha1 for hmac authenticated serialized messages, and we handle both newer and older python, by importing the right module for each. Signed-off-by: Guido Trotter <ultrotter@google.com> Reviewed-by: Iustin Pop <iustin@google.com>
541822e0 · Guido Trotter · d393737d · 541822e0
Commit 541822e0 authored 15 years ago by Guido Trotter
--- a/lib/serializer.py
+++ b/lib/serializer.py
@@ -28,10 +28,13 @@ backend (currently json).
 import simplejson
 import re
 import hmac
-import hashlib

 from ganeti import errors

+try:
+  from hashlib import sha1
+except ImportError:
+  import sha as sha1

 # Check whether the simplejson module supports indentation
 _JSON_INDENT = 2
@@ -88,7 +91,7 @@ def DumpSignedJson(data, key, salt=None):
  signed_dict = {
    'msg': txt,
    'salt': salt,
-    'hmac': hmac.new(key, salt + txt, hashlib.sha256).hexdigest(),
+    'hmac': hmac.new(key, salt + txt, sha1).hexdigest(),
  }
  return DumpJson(signed_dict)

@@ -120,7 +123,7 @@ def LoadSignedJson(txt, key, salt_verifier=None):
    if not salt_verifier(salt):
      raise errors.SignatureError('Invalid salt')

-  if hmac.new(key, salt + msg, hashlib.sha256).hexdigest() != hmac_sign:
+  if hmac.new(key, salt + msg, sha1).hexdigest() != hmac_sign:
    raise errors.SignatureError('Invalid Signature')
  return LoadJson(msg)