[pve-devel] [RFC v2 access-control 1/2] drop libdigest-hmac-perl dependency

Fabian Grünbichler f.gruenbichler at proxmox.com
Fri Jul 1 10:23:37 CEST 2016


applied both patches

> Wolfgang Bumiller <w.bumiller at proxmox.com> hat am 1. Juli 2016 um 10:15 geschrieben:
> 
> 
> Its functionality is provided by perl core's Digest::SHA
> module now.
> ---
>  PVE/AccessControl.pm | 6 +++---
>  control.in           | 2 +-
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
> index 6023285..de2908e 100644
> --- a/PVE/AccessControl.pm
> +++ b/PVE/AccessControl.pm
> @@ -9,7 +9,6 @@ use Net::SSLeay;
>  use Net::IP;
>  use MIME::Base64;
>  use Digest::SHA;
> -use Digest::HMAC_SHA1;
>  use URI::Escape;
>  use LWP::UserAgent;
>  use PVE::Tools qw(run_command lock_file file_get_contents split_list safe_print);
> @@ -1184,7 +1183,8 @@ sub yubico_compute_param_sig {
>  	$paramstr .= "$key=$param->{$key}";
>      }
>  
> -    my $sig = uri_escape(encode_base64(Digest::HMAC_SHA1::hmac_sha1($paramstr, decode_base64($api_key || '')), ''));
> +    # hmac_sha1_base64 does not add '=' padding characters, so we use encode_base64
> +    my $sig = uri_escape(encode_base64(Digest::SHA::hmac_sha1($paramstr, decode_base64($api_key || '')), ''));
>  
>      return ($paramstr, $sig);
>  }
> @@ -1202,7 +1202,7 @@ sub yubico_verify_otp {
>      $url = 'http://api2.yubico.com/wsapi/2.0/verify' if !defined($url);
>  
>      my $params = {
> -	nonce =>  Digest::HMAC_SHA1::hmac_sha1_hex(time(), rand()),
> +	nonce =>  Digest::SHA::hmac_sha1_hex(time(), rand()),
>  	id => $api_id,
>  	otp => uri_escape($otp),
>  	timestamp => 1,
> diff --git a/control.in b/control.in
> index 876d3dd..b74aaf1 100644
> --- a/control.in
> +++ b/control.in
> @@ -3,7 +3,7 @@ Version: @@VERSION@@-@@PKGRELEASE@@
>  Section: perl
>  Priority: optional
>  Architecture: @@ARCH@@
> -Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, libdigest-hmac-perl, liburi-perl, libwww-perl, oathtool, libmime-base32-perl
> +Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, liburi-perl, libwww-perl, oathtool, libmime-base32-perl
>  Maintainer: Proxmox Support Team <support at proxmox.com>
>  Description: Proxmox VE access control library
>   This package contains the role based user management and access
> -- 
> 2.1.4
> 
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>



More information about the pve-devel mailing list