[pve-devel] [RFC access-control 1/2] drop libdigest-hmac-perl dependency
Wolfgang Bumiller
w.bumiller at proxmox.com
Thu Jun 30 14:43:58 CEST 2016
Its functionality is provided by perl core's Digest::SHA
module now.
---
Tested with local validation server (yubikey-val + yubikey-ksm packages)
PVE/AccessControl.pm | 6 +++---
control.in | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 6023285..de2908e 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -9,7 +9,6 @@ use Net::SSLeay;
use Net::IP;
use MIME::Base64;
use Digest::SHA;
-use Digest::HMAC_SHA1;
use URI::Escape;
use LWP::UserAgent;
use PVE::Tools qw(run_command lock_file file_get_contents split_list safe_print);
@@ -1184,7 +1183,8 @@ sub yubico_compute_param_sig {
$paramstr .= "$key=$param->{$key}";
}
- my $sig = uri_escape(encode_base64(Digest::HMAC_SHA1::hmac_sha1($paramstr, decode_base64($api_key || '')), ''));
+ # hmac_sha1_base64 does not add '=' padding characters, so we use encode_base64
+ my $sig = uri_escape(encode_base64(Digest::SHA::hmac_sha1($paramstr, decode_base64($api_key || '')), ''));
return ($paramstr, $sig);
}
@@ -1202,7 +1202,7 @@ sub yubico_verify_otp {
$url = 'http://api2.yubico.com/wsapi/2.0/verify' if !defined($url);
my $params = {
- nonce => Digest::HMAC_SHA1::hmac_sha1_hex(time(), rand()),
+ nonce => Digest::SHA::hmac_sha1_hex(time(), rand()),
id => $api_id,
otp => uri_escape($otp),
timestamp => 1,
diff --git a/control.in b/control.in
index 876d3dd..b74aaf1 100644
--- a/control.in
+++ b/control.in
@@ -3,7 +3,7 @@ Version: @@VERSION@@-@@PKGRELEASE@@
Section: perl
Priority: optional
Architecture: @@ARCH@@
-Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, libdigest-hmac-perl, liburi-perl, libwww-perl, oathtool, libmime-base32-perl
+Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, liburi-perl, libwww-perl, oathtool, libmime-base32-perl
Maintainer: Proxmox Support Team <support at proxmox.com>
Description: Proxmox VE access control library
This package contains the role based user management and access
--
2.1.4
More information about the pve-devel
mailing list