Ticket #7919: hashcompat2.diff

django/db/backends/util.py

@@ -1 +1 @@
-import datetime
-import md5
-from time import time
+from django.utils.hashcompat import md5_constructor
-
-try:
-    import decimal
@@ -114 +114 @@
-    if length is None or len(name) <= length:
-        return name
-
-.md5
+_constructor
-
-    return '%s%s' % (name[:length-4], hash)
-

django/core/cache/backends/filebased.py

@@ -1 +1 @@
-"File-based cache backend"
-
-import md5
-import os, time
-try:
-    import cPickle as pickle
-except ImportError:
-    import pickle
-from django.core.cache.backends.base import BaseCache
+from django.utils.hashcompat import md5_constructor
-
-class CacheClass(BaseCache):
-    def __init__(self, dir, params):
@@ -137 +137 @@
-        Thus, a cache key of "foo" gets turnned into a file named
-        ``{cache-dir}ac/bd/18db4cc2f85cedef654fccc4a4d8``.
-        """
-.new
+_constructor
-        path = os.path.join(path[:2], path[2:4], path[4:])
-        return os.path.join(self._dir, path)
-

django/contrib/formtools/wizard.py

@@ -10 +10 @@
-from django.shortcuts import render_to_response
-from django.template.context import RequestContext
-import cPickle as pickle
-
+
-
-class FormWizard(object):
-    # Dictionary of extra template context variables.
@@ -150 +150 @@
-        # Use HIGHEST_PROTOCOL because it's the most efficient. It requires
-        # Python 2.3, but Django requires 2.3 anyway, so that's OK.
-        pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
-.new
+_constructor
-
-    def determine_step(self, request, *args, **kwargs):
-        """

django/contrib/formtools/preview.py

@@ -7 +7 @@
-from django.shortcuts import render_to_response
-from django.template.context import RequestContext
-import cPickle as pickle
-
+
-
-AUTO_ID = 'formtools_%s' # Each form here uses this as its auto_id parameter.
-
@@ -109 +109 @@
-        # Use HIGHEST_PROTOCOL because it's the most efficient. It requires
-        # Python 2.3, but Django requires 2.3 anyway, so that's OK.
-        pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
-.new
+_constructor
-
-    def failed_hash(self, request):
-        "Returns an HttpResponse in the case of an invalid security hash."

django/contrib/comments/models.py

@@ -29 +29 @@
-        'pa,ra') and target (something like 'lcom.eventtimes:5157'). Used to
-        validate that submitted form options have not been tampered-with.
-        """
-import md5
-.new
+from django.utils.hashcompat import md5_constructor
+_constructor
-
-    def get_rating_options(self, rating_string):
-        """

django/contrib/admin/views/decorators.py

@@ -1 +1 @@
-import base64
-import md5
-import cPickle as pickle
-try:
-    from functools import wraps
@@ -12 +11 @@
-from django.contrib.auth import authenticate, login
-from django.shortcuts import render_to_response
-from django.utils.translation import ugettext_lazy, ugettext as _
+from django.utils.hashcompat import md5_constructor
-
-ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.")
-LOGIN_FORM_KEY = 'this_is_the_login_form'
@@ -35 +35 @@
-
-def _encode_post_data(post_data):
-    pickled = pickle.dumps(post_data)
-.new
+_constructor
-    return base64.encodestring(pickled + pickled_md5)
-
-def _decode_post_data(encoded_data):
-    encoded_data = base64.decodestring(encoded_data)
-    pickled, tamper_check = encoded_data[:-32], encoded_data[-32:]
-.new
+_constructor
-        from django.core.exceptions import SuspiciousOperation
-        raise SuspiciousOperation, "User may have tampered with session cookie."
-    return pickle.loads(pickled)

django/contrib/admin/sites.py

@@ -12 +12 @@
-import base64
-import cPickle as pickle
-import datetime
-
+
-import re
-
-ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. Note that both fields are case-sensitive.")
@@ -29 +29 @@
-def _encode_post_data(post_data):
-    from django.conf import settings
-    pickled = pickle.dumps(post_data)
-.new
+_constructor
-    return base64.encodestring(pickled + pickled_md5)
-
-def _decode_post_data(encoded_data):
-    from django.conf import settings
-    encoded_data = base64.decodestring(encoded_data)
-    pickled, tamper_check = encoded_data[:-32], encoded_data[-32:]
-.new
+_constructor
-        from django.core.exceptions import SuspiciousOperation
-        raise SuspiciousOperation, "User may have tampered with session cookie."
-    return pickle.loads(pickled)

django/contrib/csrf/middleware.py

@@ -8 +8 @@
-from django.conf import settings
-from django.http import HttpResponseForbidden
-from django.utils.safestring import mark_safe
-
+
-import re
-import itertools
-
@@ -20 +20 @@
-_HTML_TYPES = ('text/html', 'application/xhtml+xml')    
-
-def _make_token(session_id):
-.new
+_constructor
-
-class CsrfMiddleware(object):
-    """Django middleware that adds protection against Cross Site

django/contrib/auth/tokens.py

@@ -50 +50 @@
-        # last_login will also change), we produce a hash that will be
-        # invalid as soon as it is used.
-        # We limit the hash to 20 chars to keep URL short
-import sha
-.new
-
-
+from django.utils.hashcompat import sha_constructor 
+_constructor
+        
+        
-        return "%s-%s" % (ts_b36, hash)
-
-    def _num_days(self, dt):

django/contrib/sessions/backends/base.py

@@ -1 +1 @@
-import base64
-import md5
-import os
-import random
-import sys
@@ -12 +11 @@
-
-from django.conf import settings
-from django.core.exceptions import SuspiciousOperation
+from django.utils.hashcompat import md5_constructor
-
-
-class SessionBase(object):
-    """
-    Base class for all Session classes.
@@ -73 +72 @@
-    def encode(self, session_dict):
-        "Returns the given session dictionary pickled and encoded as a string."
-        pickled = pickle.dumps(session_dict, pickle.HIGHEST_PROTOCOL)
-.new
+_constructor
-        return base64.encodestring(pickled + pickled_md5)
-
-    def decode(self, session_data):
-        encoded_data = base64.decodestring(session_data)
-        pickled, tamper_check = encoded_data[:-32], encoded_data[-32:]
-.new
+_constructor
-            raise SuspiciousOperation("User tampered with session cookie.")
-        try:
-            return pickle.loads(pickled)
@@ -117 +116 @@
-            # No getpid() in Jython, for example
-            pid = 1
-        while 1:
-.new
-
+_constructor
+        
-            if not self.exists(session_key):
-                break
-        return session_key

django/contrib/sessions/models.py

@@ -1 +1 @@
-import base64
-import md5
-import cPickle as pickle
-
-from django.db import models
-from django.utils.translation import ugettext_lazy as _
-from django.conf import settings
+from django.utils.hashcompat import md5_constructor
-
-
-class SessionManager(models.Manager):
@@ -13 +13 @@
-        Returns the given session dictionary pickled and encoded as a string.
-        """
-        pickled = pickle.dumps(session_dict)
-.new
+_constructor
-        return base64.encodestring(pickled + pickled_md5)
-
-    def save(self, session_key, session_dict, expire_date):
@@ -56 +56 @@
-    def get_decoded(self):
-        encoded_data = base64.decodestring(self.session_data)
-        pickled, tamper_check = encoded_data[:-32], encoded_data[-32:]
-.new
+_constructor
-            from django.core.exceptions import SuspiciousOperation
-            raise SuspiciousOperation, "User tampered with session cookie."
-        try:

django/utils/cache.py

@@ -17 +17 @@
-"Accept-language" header.
-"""
-
-import md5
-import re
-import time
-try:
@@ -29 +28 @@
-from django.core.cache import cache
-from django.utils.encoding import smart_str, iri_to_uri
-from django.utils.http import http_date
+from django.utils.hashcompat import md5_constructor
-
-cc_delim_re = re.compile(r'\s*,\s*')
-
@@ -104 +104 @@
-    if cache_timeout < 0:
-        cache_timeout = 0 # Can't have max-age negative
-    if not response.has_header('ETag'):
-.new
+_constructor
-    if not response.has_header('Last-Modified'):
-        response['Last-Modified'] = http_date()
-    if not response.has_header('Expires'):
@@ -138 +138 @@
-
-def _generate_cache_key(request, headerlist, key_prefix):
-    """Returns a cache key from the headers given in the header list."""
-.new
+_constructor
-    for header in headerlist:
-        value = request.META.get(header, None)
-        if value is not None:

django/utils/hashcompat.py

@@ +1 @@
+try:
+    import hashlib
+    md5_constructor = hashlib.md5
+    sha_constructor = hashlib.sha1
+except ImportError:
+    import md5
+    md5_constructor = md5.new
+    import sha
+    sha_constructor = sha.new
+    

django/middleware/common.py

@@ -1 @@
-import md5
-import re
-
-from django.conf import settings
@@ -6 +5 @@
-from django.core.mail import mail_managers
-from django.utils.http import urlquote
-from django.core import urlresolvers
+from django.utils.hashcompat import md5_constructor
-
-class CommonMiddleware(object):
-    """
@@ -108 +108 @@
-            if response.has_header('ETag'):
-                etag = response['ETag']
-            else:
-.new
+_constructor
-            if response.status_code >= 200 and response.status_code < 300 and request.META.get('HTTP_IF_NONE_MATCH') == etag:
-                cookies = response.cookies
-                response = http.HttpResponseNotModified()

tests/regressiontests/cache/tests.py

@@ -99 +99 @@
-            self.assertEqual(cache.get(key), value)
-
-import os
-import md5
-import shutil
-import tempfile
-from django.core.cache.backends.filebased import CacheClass as FileCache
+from django.utils.hashcompat import md5_constructor
-
-class FileBasedCacheTests(unittest.TestCase):
-    """
@@ -119 +119 @@
-    def test_hashing(self):
-        """Test that keys are hashed into subdirectories correctly"""
-        self.cache.set("foo", "bar")
-.new
+_constructor
-        keypath = os.path.join(self.dirname, keyhash[:2], keyhash[2:4], keyhash[4:])
-        self.assert_(os.path.exists(keypath))
-        
@@ -128 +128 @@
-        Make sure that the created subdirectories are correctly removed when empty.
-        """
-        self.cache.set("foo", "bar")
-.new
+_constructor
-        keypath = os.path.join(self.dirname, keyhash[:2], keyhash[2:4], keyhash[4:])
-        self.assert_(os.path.exists(keypath))
-

tests/regressiontests/file_uploads/tests.py

@@ -1 +1 @@
-import os
-import errno
-import sha
-import shutil
-import unittest
-
@@ -8 +7 @@
-from django.core.files.uploadedfile import SimpleUploadedFile
-from django.test import TestCase, client
-from django.utils import simplejson
+from django.utils.hashcompat import sha_constructor
-
-from models import FileModel, UPLOAD_ROOT, UPLOAD_TO
-
@@ -45 +45 @@
-
-        for key in post_data.keys():
-            try:
-.new
+_constructor
-                post_data[key].seek(0)
-            except AttributeError:
-.new
+_constructor
-
-        response = self.client.post('/file_uploads/verify/', post_data)
-

tests/regressiontests/test_client_regress/models.py

@@ -6 +6 @@
-from django.core.urlresolvers import reverse
-from django.core.exceptions import SuspiciousOperation
-import os
-import sha
-
-class AssertContainsTests(TestCase):
-    def test_contains(self):