[Jifty-commit] r1481 - in jifty/trunk: lib/Jifty
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Wed Jul 5 16:31:37 EDT 2006
Author: alexmv
Date: Wed Jul 5 16:31:36 2006
New Revision: 1481
Modified:
jifty/trunk/ (props changed)
jifty/trunk/META.yml
jifty/trunk/lib/Jifty/LetMe.pm
Log:
r14930 at zoq-fot-pik: chmrr | 2006-07-05 16:30:45 -0400
* Shift away from using Koremutake strings for the letme checksums.
This is because Koremutake tries to do integer math on integer created
from the 16-character hex string -- which 32-bit machines can't do
with full precision, so it rounds. The difficulty is that it
*doesn't* round on 64-bit machines, leading to different "checksums".
Just using the hex has no such failure mode.
Modified: jifty/trunk/META.yml
==============================================================================
--- jifty/trunk/META.yml (original)
+++ jifty/trunk/META.yml Wed Jul 5 16:31:36 2006
@@ -14,7 +14,7 @@
- inc
requires:
App::CLI: 0.03
- CSS::Squish: 0.04
+ CSS::Squish: 0.05
Cache::Cache: 0
Calendar::Simple: 0
Class::Accessor: 0
Modified: jifty/trunk/lib/Jifty/LetMe.pm
==============================================================================
--- jifty/trunk/lib/Jifty/LetMe.pm (original)
+++ jifty/trunk/lib/Jifty/LetMe.pm Wed Jul 5 16:31:36 2006
@@ -84,44 +84,69 @@
return $currentuser_object_class->new( email => $email );
}
+sub _generate_digest {
+ my $self = shift;
+
+ # get user's generic secret
+ my $user;
+ return undef unless ( $user = $self->_user_from_email($self->email) );
+
+ # build an md5sum of the email token and until and our secret
+ my $digest = Digest::MD5->new();
+ $digest->add( $user->auth_token );
+ $digest->add( $self->path );
+ my %args = %{$self->args};
+ $digest->add( $_, $args{$_}) for sort keys %args;
+ $digest->add( $self->until ) if ($self->until);
+ return $digest->hexdigest();
+}
+
+
=head2 generate_checksum
Returns an auth checksum for the current combination of
user
- token
+ path
+ arguments
until
=cut
-
sub generate_checksum {
my $self = shift;
- # get user's generic secret
- my $user;
- return undef unless ( $user = $self->_user_from_email($self->email) );
+ return substr( $self->_generate_digest, 0, 16 );
+}
- # build an md5sum of the email token and until and our secret
- my $digest = Digest::MD5->new();
- $digest->add( $user->auth_token );
- $digest->add( $self->path );
- my %args = %{$self->args};
- $digest->add( $_, $args{$_}) for sort keys %args;
- $digest->add( $self->until ) if ($self->until);
- # only take the first 16 characters. we're rally just trying to
+=head2 generate_koremutake_checksum
+
+Generate a slightly more pronouncable version of the checksum using
+L<String::Koremutake>. Due to hex -> integer limitations, this is
+imporecise and may vary depending on the platform it is used on; as
+such, it is deprecated.
+
+=cut
+
+sub generate_koremutake_checksum {
+ my $self = shift;
+
+ # Only take the first 16 characters. We're really just trying to
# get something reasonably short, memorable and unguessable. Also,
# don't use Math::BigInt->new directly for simple computation,
# because it insists exporting overload to us, which makes
- # devel::cover and devel::dprof very sad.
+ # devel::cover and devel::dprof very sad. This is deprecated in
+ # favor of generate_checksum, which returns a straight hex digest.
my $integer_digest = Math::BigInt::Calc->_str(
Math::BigInt::Calc->_from_hex(
- substr( $digest->hexdigest(), 0, 16 )
+ substr( $self->_generate_digest, 0, 16 )
)
);
- # koremutake it
+ # koremutake it. This loses precision, since most perls can't
+ # deal with 64 bits with precision. Thus, $integer_digest ends up
+ # being rounded, possibly in unpredicatable ways.
my $k = String::Koremutake->new;
return( $k->integer_to_koremutake($integer_digest));
@@ -267,7 +292,10 @@
sub _correct_checksum_provided {
my $self = shift;
- return undef unless ($self->checksum_provided eq $self->generate_checksum);
+ return undef
+ unless ( $self->checksum_provided eq $self->generate_checksum )
+ or
+ ( $self->checksum_provided eq $self->generate_koremutake_checksum );
}
More information about the Jifty-commit
mailing list