Cutlery/calibre
1
0
Fork 0
mirror of https://github.com/kovidgoyal/calibre.git synced 2025-07-09 03:04:10 -04:00
Code Issues Packages Projects Releases Wiki Activity

Use only four bytes to ensure timestamp in unique instead of 16

Browse Source
This commit is contained in:
Kovid Goyal 2015-10-29 10:28:17 +05:30
parent b7f0999949
commit 51df81135f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/calibre/srv/auth.py
View File

@ -43,11 +43,11 @@ def synthesize_nonce(key_order, realm, secret, timestamp=None):
if timestamp is None: if timestamp is None:
global nonce_counter global nonce_counter
with nonce_counter_lock: with nonce_counter_lock:
nonce_counter += 1 nonce_counter = (nonce_counter + 1) % 65535
# The resolution of monotonic() on windows is very low (10s of # The resolution of monotonic() on windows is very low (10s of
# milliseconds) so to ensure nonce values are not re-used, we have a # milliseconds) so to ensure nonce values are not re-used, we have a
# global counter # global counter
timestamp = binascii.hexlify(struct.pack(b'!dQ', float(monotonic()), nonce_counter)) timestamp = binascii.hexlify(struct.pack(b'!dH', float(monotonic()), nonce_counter))
h = sha256_hex(key_order.format(timestamp, realm, secret)) h = sha256_hex(key_order.format(timestamp, realm, secret))
nonce = ':'.join((timestamp, h)) nonce = ':'.join((timestamp, h))
return nonce return nonce
@ -59,7 +59,7 @@ def validate_nonce(key_order, nonce, realm, secret):
def is_nonce_stale(nonce, max_age_seconds=MAX_AGE_SECONDS): def is_nonce_stale(nonce, max_age_seconds=MAX_AGE_SECONDS):
try: try:
timestamp = struct.unpack(b'!dQ', binascii.unhexlify(as_bytestring(nonce.partition(':')[0])))[0] timestamp = struct.unpack(b'!dH', binascii.unhexlify(as_bytestring(nonce.partition(':')[0])))[0]
return timestamp + max_age_seconds < monotonic() return timestamp + max_age_seconds < monotonic()
except Exception: except Exception:
pass pass