An interpreted, interactive, object-oriented programming language
CentOS Sources
2017-08-01 71084d584ff953f5463757ec6536406320560b4d
commit | author | age
6e8c2f 1 diff --git a/Lib/multiprocessing/connection.py b/Lib/multiprocessing/connection.py
CB 2 --- a/Lib/multiprocessing/connection.py
3 +++ b/Lib/multiprocessing/connection.py
4 @@ -41,6 +41,10 @@
5  # A very generous timeout when it comes to local connections...
6  CONNECTION_TIMEOUT = 20.
7  
8 +# The hmac module implicitly defaults to using MD5.
9 +# Support using a stronger algorithm for the challenge/response code:
10 +HMAC_DIGEST_NAME='sha256'
11 +
12  _mmap_counter = itertools.count()
13  
14  default_family = 'AF_INET'
15 @@ -700,12 +704,16 @@
16  WELCOME = b'#WELCOME#'
17  FAILURE = b'#FAILURE#'
18  
19 +def get_digestmod_for_hmac():
20 +    import hashlib
21 +    return getattr(hashlib, HMAC_DIGEST_NAME)
22 +
23  def deliver_challenge(connection, authkey):
24      import hmac
25      assert isinstance(authkey, bytes)
26      message = os.urandom(MESSAGE_LENGTH)
27      connection.send_bytes(CHALLENGE + message)
28 -    digest = hmac.new(authkey, message).digest()
29 +    digest = hmac.new(authkey, message, get_digestmod_for_hmac()).digest()
30      response = connection.recv_bytes(256)        # reject large message
31      if response == digest:
32          connection.send_bytes(WELCOME)
33 @@ -719,7 +727,7 @@
34      message = connection.recv_bytes(256)         # reject large message
35      assert message[:len(CHALLENGE)] == CHALLENGE, 'message = %r' % message
36      message = message[len(CHALLENGE):]
37 -    digest = hmac.new(authkey, message).digest()
38 +    digest = hmac.new(authkey, message, get_digestmod_for_hmac()).digest()
39      connection.send_bytes(digest)
40      response = connection.recv_bytes(256)        # reject large message
41      if response != WELCOME: