mirror of https://gitlab.com/bashrc2/epicyon
Use secrets for password generation
parent
48553013f6
commit
b02ddbaed0
3
auth.py
3
auth.py
|
@ -11,6 +11,7 @@ import hashlib
|
|||
import binascii
|
||||
import os
|
||||
import random
|
||||
import secrets
|
||||
|
||||
|
||||
def hashPassword(password: str) -> str:
|
||||
|
@ -162,4 +163,4 @@ def authorize(baseDir: str, path: str, authHeader: str, debug: bool) -> bool:
|
|||
def createPassword(length=10):
|
||||
validChars = 'abcdefghijklmnopqrstuvwxyz' + \
|
||||
'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
|
||||
return ''.join((random.choice(validChars) for i in range(length)))
|
||||
return ''.join((secrets.choice(validChars) for i in range(length)))
|
||||
|
|
|
@ -535,7 +535,7 @@ class PubServer(BaseHTTPRequestHandler):
|
|||
except BaseException:
|
||||
pass
|
||||
if not etag:
|
||||
etag = sha1(data).hexdigest()
|
||||
etag = sha1(data).hexdigest() # nosec
|
||||
try:
|
||||
with open(mediaFilename + '.etag', 'w') as etagFile:
|
||||
etagFile.write(etag)
|
||||
|
@ -5098,7 +5098,7 @@ class PubServer(BaseHTTPRequestHandler):
|
|||
else:
|
||||
with open(mediaFilename, 'rb') as avFile:
|
||||
mediaBinary = avFile.read()
|
||||
etag = sha1(mediaBinary).hexdigest()
|
||||
etag = sha1(mediaBinary).hexdigest() # nosec
|
||||
try:
|
||||
with open(mediaTagFilename, 'w') as etagFile:
|
||||
etagFile.write(etag)
|
||||
|
|
6
media.py
6
media.py
|
@ -43,10 +43,10 @@ def removeMetaData(imageFilename: str, outputFilename: str) -> None:
|
|||
return
|
||||
if os.path.isfile('/usr/bin/exiftool'):
|
||||
print('Removing metadata from ' + outputFilename + ' using exiftool')
|
||||
os.system('exiftool -all= ' + outputFilename)
|
||||
os.system('exiftool -all= ' + outputFilename) # nosec
|
||||
elif os.path.isfile('/usr/bin/mogrify'):
|
||||
print('Removing metadata from ' + outputFilename + ' using mogrify')
|
||||
os.system('/usr/bin/mogrify -strip ' + outputFilename)
|
||||
os.system('/usr/bin/mogrify -strip ' + outputFilename) # nosec
|
||||
|
||||
|
||||
def getImageHash(imageFilename: str) -> str:
|
||||
|
@ -119,7 +119,7 @@ def updateEtag(mediaFilename: str) -> None:
|
|||
if not data:
|
||||
return
|
||||
# calculate hash
|
||||
etag = sha1(data).hexdigest()
|
||||
etag = sha1(data).hexdigest() # nosec
|
||||
# save the hash
|
||||
try:
|
||||
with open(mediaFilename + '.etag', 'w') as etagFile:
|
||||
|
|
15
person.py
15
person.py
|
@ -151,13 +151,17 @@ def randomizeActorImages(personJson: {}) -> None:
|
|||
personId = personJson['id']
|
||||
lastPartOfFilename = personJson['icon']['url'].split('/')[-1]
|
||||
existingExtension = lastPartOfFilename.split('.')[1]
|
||||
# NOTE: these files don't need to have cryptographically
|
||||
# secure names
|
||||
personJson['icon']['url'] = \
|
||||
personId + '/avatar' + str(randint(10000000000000, 99999999999999)) + \
|
||||
personId + '/avatar' + \
|
||||
str(randint(10000000000000, 99999999999999)) + \ # nosec
|
||||
'.' + existingExtension
|
||||
lastPartOfFilename = personJson['image']['url'].split('/')[-1]
|
||||
existingExtension = lastPartOfFilename.split('.')[1]
|
||||
personJson['image']['url'] = \
|
||||
personId + '/image' + str(randint(10000000000000, 99999999999999)) + \
|
||||
personId + '/image' + \
|
||||
str(randint(10000000000000, 99999999999999)) + \ # nosec
|
||||
'.' + existingExtension
|
||||
|
||||
|
||||
|
@ -197,13 +201,16 @@ def createPersonBase(baseDir: str, nickname: str, domain: str, port: int,
|
|||
approveFollowers = True
|
||||
personType = 'Application'
|
||||
|
||||
# NOTE: these image files don't need to have
|
||||
# cryptographically secure names
|
||||
|
||||
imageUrl = \
|
||||
personId + '/image' + \
|
||||
str(randint(10000000000000, 99999999999999)) + '.png'
|
||||
str(randint(10000000000000, 99999999999999)) + '.png' # nosec
|
||||
|
||||
iconUrl = \
|
||||
personId + '/avatar' + \
|
||||
str(randint(10000000000000, 99999999999999)) + '.png'
|
||||
str(randint(10000000000000, 99999999999999)) + '.png' # nosec
|
||||
|
||||
contextDict = {
|
||||
'Emoji': 'toot:Emoji',
|
||||
|
|
12
utils.py
12
utils.py
|
@ -13,7 +13,7 @@ import datetime
|
|||
import json
|
||||
from socket import error as SocketError
|
||||
import errno
|
||||
from urllib.request import urlopen
|
||||
import urllib.request
|
||||
from pprint import pprint
|
||||
from calendar import monthrange
|
||||
from followingCalendar import addPersonToCalendar
|
||||
|
@ -1095,10 +1095,14 @@ def siteIsActive(url: str) -> bool:
|
|||
This can be used to check that an instance is online before
|
||||
trying to send posts to it.
|
||||
"""
|
||||
if not url.startswith('http'):
|
||||
return False
|
||||
try:
|
||||
urlopen(url, timeout=10)
|
||||
return True
|
||||
req = urllib.request.Request(url)
|
||||
with urllib.request.urlopen(req, timeout=10) as res: # nosec
|
||||
# testStr = response.read()
|
||||
return True
|
||||
except SocketError as e:
|
||||
if e.errno == errno.ECONNRESET:
|
||||
print('WARN: connection was reset during siteIsActive')
|
||||
return False
|
||||
return False
|
||||
|
|
Loading…
Reference in New Issue