[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Make identity checking actually work
Update of /home/minion/cvsroot/src/minion/lib/mixminion
In directory moria.mit.edu:/tmp/cvs-serv9634/lib/mixminion
Modified Files:
MMTPClient.py
Log Message:
Make identity checking actually work
Index: MMTPClient.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/MMTPClient.py,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -d -r1.25 -r1.26
--- MMTPClient.py 28 Mar 2003 15:36:22 -0000 1.25
+++ MMTPClient.py 7 Apr 2003 01:14:12 -0000 1.26
@@ -22,7 +22,7 @@
import socket
import mixminion._minionlib as _ml
from mixminion.Crypto import sha1, getCommonPRNG
-from mixminion.Common import MixProtocolError, LOG, MixError
+from mixminion.Common import MixProtocolError, LOG, MixError, formatBase64
class TimeoutError(MixProtocolError):
"""Exception raised for protocol timeout."""
@@ -265,11 +265,10 @@
peer_pk = tls.get_peer_cert_pk()
hashed_peer_pk = sha1(peer_pk.encode_key(public=1))
- #XXXX Remove this option
+ #XXXX005 Remove this option
if targetKeyID == hashed_peer_pk:
LOG.warn("Non-rotatable keyid from server at %s", address)
return # raise MixProtocolError
-
try:
if self.cache[hashed_peer_pk] == targetKeyID:
return # All is well.
@@ -285,8 +284,8 @@
raise MixProtocolError("Invalid KeyID from server at %s: %s"
%(address, e))
- hashed_identity = sha1(peer_pk.encode_key(public=1))
+ hashed_identity = sha1(identity.encode_key(public=1))
self.cache[hashed_peer_pk] = hashed_identity
if hashed_identity != targetKeyID:
- raise MixProtocolError("Invalid KeyID for server at %s", address)
+ raise MixProtocolError("Invalid KeyID for server at %s" % address)