diff --git a/seahub/auth/models.py b/seahub/auth/models.py index c9805c2a86..677604477d 100644 --- a/seahub/auth/models.py +++ b/seahub/auth/models.py @@ -1,4 +1,5 @@ import datetime +import hashlib import urllib # import auth @@ -7,7 +8,6 @@ from django.db import models from django.db.models.manager import EmptyManager from django.contrib.contenttypes.models import ContentType from django.utils.encoding import smart_str -from django.utils.hashcompat import md5_constructor, sha_constructor from django.utils.translation import ugettext_lazy as _ @@ -27,9 +27,9 @@ def get_hexdigest(algorithm, salt, raw_password): return crypt.crypt(raw_password, salt) if algorithm == 'md5': - return md5_constructor(salt + raw_password).hexdigest() + return hashlib.md5(salt + raw_password).hexdigest() elif algorithm == 'sha1': - return sha_constructor(salt + raw_password).hexdigest() + return hashlib.sha1(salt + raw_password).hexdigest() raise ValueError("Got unknown password algorithm type in password.") def check_password(raw_password, enc_password): diff --git a/seahub/auth/tokens.py b/seahub/auth/tokens.py index 440f3b185f..1e2ad3f390 100644 --- a/seahub/auth/tokens.py +++ b/seahub/auth/tokens.py @@ -50,10 +50,10 @@ class PasswordResetTokenGenerator(object): # last_login will also change), we produce a hash that will be # invalid as soon as it is used. # We limit the hash to 20 chars to keep URL short - from django.utils.hashcompat import sha_constructor + import hashlib import datetime ctime = datetime.datetime.fromtimestamp(user.ctime/1000000) - hash = sha_constructor(settings.SECRET_KEY + unicode(user.id) + + hash = hashlib.sha1(settings.SECRET_KEY + unicode(user.id) + ctime.strftime('%Y-%m-%d %H:%M:%S') + unicode(timestamp)).hexdigest()[::2] diff --git a/seahub/avatar/models.py b/seahub/avatar/models.py index 21b9e708d3..8d925cd7af 100644 --- a/seahub/avatar/models.py +++ b/seahub/avatar/models.py @@ -1,11 +1,11 @@ from abc import abstractmethod import datetime +import hashlib import os from django.db import models from django.core.files.base import ContentFile from django.utils.translation import ugettext as _ -from django.utils.hashcompat import md5_constructor from django.utils.encoding import smart_str from django.db.models import signals @@ -32,14 +32,14 @@ def avatar_file_path(instance=None, filename=None, size=None, ext=None): if isinstance(instance, Avatar): tmppath = [AVATAR_STORAGE_DIR] if AVATAR_HASH_USERDIRNAMES: - tmp = md5_constructor(instance.user.username).hexdigest() + tmp = hashlib.md5(instance.user.username).hexdigest() tmppath.extend([tmp[0], tmp[1], instance.emailuser]) else: tmppath.append(instance.emailuser) elif isinstance(instance, GroupAvatar): tmppath = [GROUP_AVATAR_STORAGE_DIR] if AVATAR_HASH_USERDIRNAMES: - tmp = md5_constructor(instance.group_id).hexdigest() + tmp = hashlib.md5(instance.group_id).hexdigest() tmppath.extend([tmp[0], tmp[1], instance.group_id]) else: tmppath.append(instance.group_id) @@ -60,7 +60,7 @@ def avatar_file_path(instance=None, filename=None, size=None, ext=None): # File doesn't exist yet if AVATAR_HASH_FILENAMES: (root, ext) = os.path.splitext(filename) - filename = md5_constructor(smart_str(filename)).hexdigest() + filename = hashlib.md5(smart_str(filename)).hexdigest() filename = filename + ext if size: tmppath.extend(['resized', str(size)]) diff --git a/seahub/avatar/templatetags/avatar_tags.py b/seahub/avatar/templatetags/avatar_tags.py index 5e8f0e0915..f86b672d1f 100644 --- a/seahub/avatar/templatetags/avatar_tags.py +++ b/seahub/avatar/templatetags/avatar_tags.py @@ -1,8 +1,8 @@ import urllib +import hashlib from django import template from django.utils.translation import ugettext as _ -from django.utils.hashcompat import md5_constructor from django.core.urlresolvers import reverse from seahub.base.accounts import User @@ -28,7 +28,7 @@ def avatar_url(user, size=AVATAR_DEFAULT_SIZE): if AVATAR_GRAVATAR_DEFAULT: params['d'] = AVATAR_GRAVATAR_DEFAULT return "http://www.gravatar.com/avatar/%s/?%s" % ( - md5_constructor(user.email).hexdigest(), + hashlib.md5(user.email).hexdigest(), urllib.urlencode(params)) else: return get_default_avatar_url() diff --git a/seahub/base/accounts.py b/seahub/base/accounts.py index be3397c92a..e40266b8ee 100644 --- a/seahub/base/accounts.py +++ b/seahub/base/accounts.py @@ -1,7 +1,6 @@ # encoding: utf-8 from django import forms from django.utils.encoding import smart_str -from django.utils.hashcompat import md5_constructor, sha_constructor from django.utils.translation import ugettext_lazy as _ from django.conf import settings from django.contrib.sites.models import RequestSite diff --git a/seahub/group/views.py b/seahub/group/views.py index a61f2d8cc1..b3ebf83b28 100644 --- a/seahub/group/views.py +++ b/seahub/group/views.py @@ -1,9 +1,11 @@ # -*- coding: utf-8 -*- import logging import os +import hashlib import stat import simplejson as json import urllib2 + from django.core.mail import send_mail from django.core.paginator import EmptyPage, InvalidPage from django.core.urlresolvers import reverse @@ -16,7 +18,6 @@ from django.template import Context, loader, RequestContext from django.template.loader import render_to_string from django.utils.encoding import smart_str from django.utils import datetime_safe -from django.utils.hashcompat import md5_constructor from django.utils.translation import ugettext as _ from django.utils.translation import ungettext @@ -1190,7 +1191,7 @@ def group_wiki(request, group, page_name="home"): # fetch file latest contributor and last modified path = '/' + dirent.obj_name - file_path_hash = md5_constructor(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] + file_path_hash = hashlib.md5(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] contributors, last_modified, last_commit_id = get_file_contributors(\ repo.id, path.encode('utf-8'), file_path_hash, dirent.obj_id) latest_contributor = contributors[0] if contributors else None diff --git a/seahub/share/tokens.py b/seahub/share/tokens.py index 59899e7d91..dd943b5b0a 100644 --- a/seahub/share/tokens.py +++ b/seahub/share/tokens.py @@ -67,10 +67,10 @@ class AnonymousShareTokenGenerator(object): ts_b36 = int_to_base36(timestamp) # We limit the hash to 20 chars to keep URL short - from django.utils.hashcompat import sha_constructor import datetime + import hashlib now = datetime.datetime.now() - hash = sha_constructor(settings.SECRET_KEY + + hash = hashlib.sha1(settings.SECRET_KEY + unicode(random.randint(0, 999999)) + now.strftime('%Y-%m-%d %H:%M:%S') + unicode(timestamp)).hexdigest()[::2] diff --git a/seahub/utils/__init__.py b/seahub/utils/__init__.py index 55f9689a53..5734dc72a0 100644 --- a/seahub/utils/__init__.py +++ b/seahub/utils/__init__.py @@ -4,6 +4,7 @@ import re import urllib2 import uuid import logging +import hashlib import json import tempfile import locale @@ -17,7 +18,6 @@ from django.contrib.sites.models import RequestSite from django.db import IntegrityError from django.shortcuts import render_to_response from django.template import RequestContext -from django.utils.hashcompat import sha_constructor, md5_constructor from django.utils.translation import ugettext as _ from django.http import HttpResponseRedirect, HttpResponse from django.utils.http import urlquote @@ -793,7 +793,7 @@ def calc_file_path_hash(path, bits=12): if isinstance(path, unicode): path = path.encode('UTF-8') - path_hash = md5_constructor(urllib2.quote(path)).hexdigest()[:bits] + path_hash = hashlib.md5(urllib2.quote(path)).hexdigest()[:bits] return path_hash diff --git a/seahub/utils/star.py b/seahub/utils/star.py index 76d6d470b0..1a968d02a3 100644 --- a/seahub/utils/star.py +++ b/seahub/utils/star.py @@ -3,7 +3,6 @@ import logging import urllib2 from django.db import IntegrityError -from django.utils.hashcompat import md5_constructor from pysearpc import SearpcError from seaserv import seafile_api @@ -77,7 +76,7 @@ logger = logging.getLogger(__name__) # last_modified = 0 # if not sfile.is_dir: # # last modified -# path_hash = md5_constructor(urllib2.quote(sfile.path.encode('utf-8'))).hexdigest()[:12] +# path_hash = hashlib.md5(urllib2.quote(sfile.path.encode('utf-8'))).hexdigest()[:12] # last_modified = get_file_contributors(sfile.repo_id, sfile.path, path_hash, file_id)[1] # f = StarredFile(sfile.org_id, repo, sfile.path, sfile.is_dir, last_modified, size) diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py index 158651c53f..aff6ded735 100644 --- a/seahub/views/__init__.py +++ b/seahub/views/__init__.py @@ -24,7 +24,6 @@ from django.http import HttpResponse, HttpResponseBadRequest, Http404, \ from django.shortcuts import render_to_response, redirect from django.template import Context, loader, RequestContext from django.template.loader import render_to_string -from django.utils.hashcompat import md5_constructor from django.utils.translation import ugettext as _ from django.utils import timezone from django.utils.http import urlquote diff --git a/seahub/views/file.py b/seahub/views/file.py index cf57cfbee5..3c7bc02a93 100644 --- a/seahub/views/file.py +++ b/seahub/views/file.py @@ -5,6 +5,7 @@ view_snapshot_file, view_shared_file, file_edit, etc. """ import os +import hashlib import simplejson as json import stat import urllib2 @@ -19,7 +20,6 @@ from django.http import HttpResponse, Http404, HttpResponseRedirect from django.shortcuts import render_to_response from django.template import RequestContext from django.template.loader import render_to_string -from django.utils.hashcompat import md5_constructor from django.utils.http import urlquote from django.utils.translation import ugettext as _ from django.views.decorators.http import require_POST @@ -397,7 +397,7 @@ def view_file(request, repo_id): else: repogrp_str = '' - file_path_hash = md5_constructor(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] + file_path_hash = hashlib.md5(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] # fetch file contributors and latest contributor contributors, last_modified, last_commit_id = get_file_contributors(repo_id, path.encode('utf-8'), file_path_hash, obj_id) diff --git a/seahub/views/wiki.py b/seahub/views/wiki.py index 4630d7ff5d..fe117e1733 100644 --- a/seahub/views/wiki.py +++ b/seahub/views/wiki.py @@ -5,6 +5,7 @@ view_trash_file, view_snapshot_file """ import os +import hashlib import simplejson as json import stat import tempfile @@ -20,7 +21,6 @@ from django.http import HttpResponse, HttpResponseBadRequest, Http404, \ from django.shortcuts import render_to_response, redirect from django.template import Context, loader, RequestContext from django.template.loader import render_to_string -from django.utils.hashcompat import md5_constructor from django.utils.http import urlquote from django.utils.translation import ugettext as _ @@ -58,7 +58,7 @@ def personal_wiki(request, page_name="home"): # fetch file latest contributor and last modified path = '/' + dirent.obj_name - file_path_hash = md5_constructor(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] + file_path_hash = hashlib.md5(urllib2.quote(path.encode('utf-8'))).hexdigest()[:12] contributors, last_modified, last_commit_id = get_file_contributors(\ repo.id, path.encode('utf-8'), file_path_hash, dirent.obj_id) latest_contributor = contributors[0] if contributors else None diff --git a/thirdpart/registration/models.py b/thirdpart/registration/models.py index c8a0645f3e..c23e267b16 100644 --- a/thirdpart/registration/models.py +++ b/thirdpart/registration/models.py @@ -1,4 +1,5 @@ import datetime +import hashlib import random import re @@ -7,7 +8,6 @@ from django.conf import settings from django.db import models from django.db import transaction from django.template.loader import render_to_string -from django.utils.hashcompat import sha_constructor from django.utils.translation import ugettext_lazy as _ from seahub.base.accounts import User @@ -110,11 +110,11 @@ class RegistrationManager(models.Manager): username and a random salt. """ - salt = sha_constructor(str(random.random())).hexdigest()[:5] + salt = hashlib.sha1(str(random.random())).hexdigest()[:5] username = user.username if isinstance(username, unicode): username = username.encode('utf-8') - activation_key = sha_constructor(salt+username).hexdigest() + activation_key = hashlib.sha1(salt+username).hexdigest() return self.create(emailuser_id=user.id, activation_key=activation_key) diff --git a/thirdpart/registration/tests/models.py b/thirdpart/registration/tests/models.py index f763cb2c7d..9835a21d9a 100644 --- a/thirdpart/registration/tests/models.py +++ b/thirdpart/registration/tests/models.py @@ -1,4 +1,5 @@ import datetime +import hashlib import re from django.conf import settings @@ -7,7 +8,6 @@ from django.contrib.sites.models import Site from django.core import mail from django.core import management from django.test import TestCase -from django.utils.hashcompat import sha_constructor from registration.models import RegistrationProfile @@ -183,7 +183,7 @@ class RegistrationModelTests(TestCase): """ # Due to the way activation keys are constructed during # registration, this will never be a valid key. - invalid_key = sha_constructor('foo').hexdigest() + invalid_key = hashlib.sha1('foo').hexdigest() self.failIf(RegistrationProfile.objects.activate_user(invalid_key)) def test_expired_user_deletion(self):