Use hmac for additional security against paths leaking.

author: Lars Wirzenius <liw@liw.fi> 2011-06-12 14:43:07 +0100
committer: Lars Wirzenius <liw@liw.fi> 2011-06-12 14:43:07 +0100
commit: 6e509ffb51671c467b2e6ee629cad8bdbe75a260 (patch)
tree: a4b785d4c92e6126bd5e68c9ed0cad130843d83f
parent: f09511fcbe4685c8794e24786aef7f438727491f (diff)
download: summain-6e509ffb51671c467b2e6ee629cad8bdbe75a260.tar.gz
2 files changed, 3 insertions, 2 deletions
diff --git a/summain b/summain
index 6931ae6..35cf634 100755
--- a/summain
+++ b/summain
@@ -53,7 +53,7 @@ class Summain(cliapp.Application):
         exclude = self.settings['exclude']
         nn = summainlib.NumberNormalizer()
         if self.settings['mangle-paths']:
-            pn = summainlib.PathNormalizer()
+            pn = summainlib.PathNormalizer(self.settings['secret'])
         else:
             pn = summainlib.SamePath()
         checksums = [x.upper() 
diff --git a/summainlib.py b/summainlib.py
index c3c0bc0..3de9517 100644
--- a/summainlib.py
+++ b/summainlib.py
@@ -16,6 +16,7 @@
 
 import grp
 import hashlib
+import hmac
 import math
 import os
 import pwd
@@ -91,7 +92,7 @@ class PathNormalizer(object):
         self._secret = secret
         
     def normalize(self, path):
-        return hashlib.sha1(self._secret + path).hexdigest()
+        return hmac.new(self._secret, path).hexdigest()
 
 
 class SamePath(object): # pragma: no cover
author	Lars Wirzenius <liw@liw.fi>	2011-06-12 14:43:07 +0100
committer	Lars Wirzenius <liw@liw.fi>	2011-06-12 14:43:07 +0100
commit	6e509ffb51671c467b2e6ee629cad8bdbe75a260 (patch)
tree	a4b785d4c92e6126bd5e68c9ed0cad130843d83f
parent	f09511fcbe4685c8794e24786aef7f438727491f (diff)
download	summain-6e509ffb51671c467b2e6ee629cad8bdbe75a260.tar.gz