[Jifty-commit] r1481 - in jifty/trunk: lib/Jifty

jifty-commit at lists.jifty.org jifty-commit at lists.jifty.org
Wed Jul 5 16:31:37 EDT 2006 

Author: alexmv
Date: Wed Jul  5 16:31:36 2006
New Revision: 1481

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/META.yml
   jifty/trunk/lib/Jifty/LetMe.pm

Log:
 r14930 at zoq-fot-pik:  chmrr | 2006-07-05 16:30:45 -0400
  * Shift away from using Koremutake strings for the letme checksums.
 This is because Koremutake tries to do integer math on integer created
 from the 16-character hex string -- which 32-bit machines can't do
 with full precision, so it rounds.  The difficulty is that it
 *doesn't* round on 64-bit machines, leading to different "checksums".
 Just using the hex has no such failure mode.


Modified: jifty/trunk/META.yml
==============================================================================
--- jifty/trunk/META.yml	(original)
+++ jifty/trunk/META.yml	Wed Jul  5 16:31:36 2006
@@ -14,7 +14,7 @@
     - inc
 requires: 
   App::CLI: 0.03
-  CSS::Squish: 0.04
+  CSS::Squish: 0.05
   Cache::Cache: 0
   Calendar::Simple: 0
   Class::Accessor: 0

Modified: jifty/trunk/lib/Jifty/LetMe.pm
==============================================================================
--- jifty/trunk/lib/Jifty/LetMe.pm	(original)
+++ jifty/trunk/lib/Jifty/LetMe.pm	Wed Jul  5 16:31:36 2006
@@ -84,44 +84,69 @@
     return $currentuser_object_class->new( email => $email );
 }
 
+sub _generate_digest {
+    my $self = shift;
+
+    # get user's generic secret
+    my $user;
+    return undef unless ( $user = $self->_user_from_email($self->email) );
+
+    # build an md5sum of the email token and until and our secret
+    my $digest = Digest::MD5->new();
+    $digest->add( $user->auth_token );
+    $digest->add( $self->path );
+    my %args = %{$self->args};
+    $digest->add( $_, $args{$_}) for sort keys %args;
+    $digest->add( $self->until ) if ($self->until);
+    return $digest->hexdigest();
+}
+
+
 
 =head2 generate_checksum
 
 Returns an auth checksum for the current combination of
 
     user
-    token
+    path
+    arguments
     until
 
 =cut
 
-
 sub generate_checksum {
     my $self = shift;
 
-    # get user's generic secret
-    my $user;
-    return undef unless ( $user = $self->_user_from_email($self->email) );
+    return substr( $self->_generate_digest, 0, 16 );
+}
 
-    # build an md5sum of the email token and until and our secret
-    my $digest = Digest::MD5->new();
-    $digest->add( $user->auth_token );
-    $digest->add( $self->path );
-    my %args = %{$self->args};
-    $digest->add( $_, $args{$_}) for sort keys %args;
-    $digest->add( $self->until ) if ($self->until);
-    # only take the first 16 characters. we're rally just trying to
+=head2 generate_koremutake_checksum
+
+Generate a slightly more pronouncable version of the checksum using
+L<String::Koremutake>.  Due to hex -> integer limitations, this is
+imporecise and may vary depending on the platform it is used on; as
+such, it is deprecated.
+
+=cut
+
+sub generate_koremutake_checksum {
+    my $self = shift;
+
+    # Only take the first 16 characters. We're really just trying to
     # get something reasonably short, memorable and unguessable. Also,
     # don't use Math::BigInt->new directly for simple computation,
     # because it insists exporting overload to us, which makes
-    # devel::cover and devel::dprof very sad.
+    # devel::cover and devel::dprof very sad.  This is deprecated in
+    # favor of generate_checksum, which returns a straight hex digest.
     my $integer_digest = Math::BigInt::Calc->_str(
         Math::BigInt::Calc->_from_hex(
-            substr( $digest->hexdigest(), 0, 16 )
+            substr( $self->_generate_digest, 0, 16 )
         )
     );
 
-    # koremutake it
+    # koremutake it.  This loses precision, since most perls can't
+    # deal with 64 bits with precision.  Thus, $integer_digest ends up
+    # being rounded, possibly in unpredicatable ways.
     my $k = String::Koremutake->new;
     return( $k->integer_to_koremutake($integer_digest));
 
@@ -267,7 +292,10 @@
 
 sub _correct_checksum_provided {
     my $self = shift;
-    return undef unless ($self->checksum_provided eq $self->generate_checksum); 
+    return undef
+        unless ( $self->checksum_provided eq $self->generate_checksum )
+        or
+        ( $self->checksum_provided eq $self->generate_koremutake_checksum );
 
 }

More information about the Jifty-commit mailing list