Ticket #7458: trac-0.11-hashlib.patch

contrib/htdigest.py

@@ -17 +17 @@
 
 import errno
 import fileinput
-import md5
+import hashlib
 import sys
 from optparse import OptionParser
 from getpass import getpass
@@ -36 +36 @@
     return make_digest(userprefix, password)
 
 def make_digest(userprefix, password):
-    return userprefix + md5.new(userprefix + password).hexdigest()
+    return userprefix + hashlib.md5(userprefix + password).hexdigest()
 
 usage = "%prog [-c] [-b] passwordfile realm username"
 parser = OptionParser(usage=usage)

trac/ticket/notification.py

@@ -16 +16 @@
 # Author: Daniel Lundin <daniel@edgewall.com>
 #
 
-import md5
+import hashlib
 
 from trac import __version__
 from trac.core import *
@@ -284 +284 @@
         s = '%s.%08d.%d.%s' % (self.config.get('project', 'url'),
                                int(self.ticket.id), to_timestamp(modtime),
                                rcpt.encode('ascii', 'ignore'))
-        dig = md5.new(s).hexdigest()
+        dig = hashlib.md5(s).hexdigest()
         host = self.from_email[self.from_email.find('@') + 1:]
         msgid = '<%03d.%s@%s>' % (len(s), dig, host)
         return msgid

trac/util/__init__.py

@@ -18 +18 @@
 #         Matthew Good <trac@matt-good.net>
 
 import locale
-import md5
+import hashlib
 import os
 import re
 import sys
@@ -271 +271 @@
     # /* The password first, since that is what is most unknown */
     # /* Then our magic string */
     # /* Then the raw salt */
-    m = md5.new()
+    m = hashlib.md5()
     m.update(password + magic + salt)
 
     # /* Then just as many characters of the MD5(pw,salt,pw) */
-    mixin = md5.md5(password + salt + password).digest()
+    mixin = hashlib.md5(password + salt + password).digest()
     for i in range(0, len(password)):
         m.update(mixin[i % 16])
 
@@ -293 +293 @@
 
     # /* and now, just to make sure things don't run too fast */
     for i in range(1000):
-        m2 = md5.md5()
+        m2 = hashlib.md5()
         if i & 1:
             m2.update(password)
         else:

trac/web/api.py

@@ -243 +243 @@
         so that consecutive requests can be cached.
         """
         if isinstance(extra, list):
-            import md5
-            m = md5.new()
+            import hashlib
+            m = hashlib.md5()
             for elt in extra:
                 m.update(repr(elt))
             extra = m.hexdigest()

trac/web/auth.py

@@ -22 +22 @@
     import threading
 except ImportError:
     import dummy_threading as threading
-import md5
+import hashlib
 import os
 import re
 import sys
@@ -35 +35 @@
 from trac.core import *
 from trac.web.api import IAuthenticator, IRequestHandler
 from trac.web.chrome import INavigationContributor
-from trac.util import hex_entropy, md5crypt
+from trac.util import hex_entropy, hashlibcrypt
 
 
 class LoginModule(Component):
@@ -367 +367 @@
             self.send_auth_request(environ, start_response)
             return None
 
-        kd = lambda x: md5.md5(':'.join(x)).hexdigest()
+        kd = lambda x: hashlib.md5(':'.join(x)).hexdigest()
         a1 = self.hash[auth['username']]
         a2 = kd([environ['REQUEST_METHOD'], auth['uri']])
         # Is the response correct?

trac/wiki/default-pages/TracStandalone

@@ -111 +111 @@
 {{{
 #!python
 from optparse import OptionParser
-import md5
+import hashlib
 
 # build the options
 usage = "usage: %prog [options]"
@@ -128 +128 @@
    
 # Generate the string to enter into the htdigest file
 realm = 'trac'
-kd = lambda x: md5.md5(':'.join(x)).hexdigest()
+kd = lambda x: hashlib.md5(':'.join(x)).hexdigest()
 print ':'.join((options.username, realm, kd([options.username, realm, options.password])))
 }}}