This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lnt/lnttool/
-
lnttool/
1
create.py

Differential D68104

[LNT] Python 3 support: adapt secret computation
ClosedPublic

Authored by thopre on Sep 26 2019, 2:33 PM.

Download Raw Diff

Details

Reviewers

cmatthews
hubert.reinterpretcast
kristof.beyls

Commits

rL374303: [LNT] Python 3 support: adapt secret computation

Summary

Computation of the secret when it is not supplied on the command line
involves passing a string constructed with str to the sha1 function.
However that function expects binary data which is a different type in
Python3. This commit uses the bytes constructor as an additional step to
convert from text to binary data.

Diff Detail

Build Status

Buildable 39309
Build 39325: arc lint + arc unit

Event Timeline

thopre created this revision.Sep 26 2019, 2:33 PM

thopre added a parent revision: D67882: [LNT] Python 3 support: remove useless var-setting getter.Sep 26 2019, 2:33 PM

Harbormaster completed remote builds in B38620: Diff 222027.Sep 26 2019, 2:33 PM

thopre added a child revision: D68105: [LNT] Python 3 support: fix report version literal.Sep 26 2019, 2:34 PM

Ping?

hubert.reinterpretcast added inline comments.Oct 6 2019, 2:53 PM

lnt/lnttool/create.py
141–146	Being no security expert, I am not sure about the patch. I do see that `getrandbits` is documented as not being for security purposes, but I think we can do the Python 3 support without changing the status quo of the "security". With the `future` package: from builtins import bytes hashlib.sha1(bytes(str(random.getrandbits(256)), encoding='ascii')).hexdigest()

Use approach suggested by Hubert to adapt the existing code rather than use a new way of generating random bits to not change the security strength of the code.

thopre edited the summary of this revision. (Show Details)Oct 7 2019, 3:10 AM

Harbormaster completed remote builds in B39071: Diff 223468.Oct 7 2019, 5:08 AM

LGTM.

This revision is now accepted and ready to land.Oct 9 2019, 6:20 PM

Fix mypy warning

Harbormaster completed remote builds in B39309: Diff 224297.Oct 10 2019, 3:19 AM

thopre closed this revision.Oct 10 2019, 3:54 AM

Revision Contents

Path

Size

lnt/

lnttool/

create.py

9 lines

Diff 224297

lnt/lnttool/create.py

Show First 20 Lines • Show All 107 Lines • ▼ Show 20 Lines	def action_create(instance_path, name, config, wsgi, tmp_dir, db_dir,
profile_dir, default_db, secret_key, hostname, hostsuffix,		profile_dir, default_db, secret_key, hostname, hostsuffix,
show_sql):		show_sql):
"""create an LLVM nightly test installation		"""create an LLVM nightly test installation

\b		\b
* INSTANCE_PATH should point to a directory that will keep		* INSTANCE_PATH should point to a directory that will keep
LNT configuration.		LNT configuration.
"""		"""
		from builtins import bytes
from .common import init_logger		from .common import init_logger
import hashlib		import hashlib
import lnt.server.db.migrate		import lnt.server.db.migrate
import lnt.server.db.util		import lnt.server.db.util
import lnt.testing		import lnt.testing
import logging		import logging
import os		import os
import random		import random
import sys		import sys

init_logger(logging.INFO if show_sql else logging.WARNING,		init_logger(logging.INFO if show_sql else logging.WARNING,
show_sql=show_sql)		show_sql=show_sql)

basepath = os.path.abspath(instance_path)		basepath = os.path.abspath(instance_path)
if os.path.exists(basepath):		if os.path.exists(basepath):
raise SystemExit("error: invalid path: %r already exists" % basepath)		raise SystemExit("error: invalid path: %r already exists" % basepath)

hosturl = "http://%s/%s" % (hostname, hostsuffix)		hosturl = "http://%s/%s" % (hostname, hostsuffix)

python_executable = sys.executable		python_executable = sys.executable
cfg_path = os.path.join(basepath, config)		cfg_path = os.path.join(basepath, config)
tmp_path = os.path.join(basepath, tmp_dir)		tmp_path = os.path.join(basepath, tmp_dir)
wsgi_path = os.path.join(basepath, wsgi)		wsgi_path = os.path.join(basepath, wsgi)
schemas_path = os.path.join(basepath, "schemas")		schemas_path = os.path.join(basepath, "schemas")
secret_key = (secret_key or		secret_key = (
hashlib.sha1(str(random.getrandbits(256))).hexdigest())		secret_key or
		hashlib.sha1(
		bytes(str(random.getrandbits(256)), encoding="ascii")
		).hexdigest()
		)
		hubert.reinterpretcastUnsubmitted Not Done Reply Inline Actions Being no security expert, I am not sure about the patch. I do see that `getrandbits` is documented as not being for security purposes, but I think we can do the Python 3 support without changing the status quo of the "security". With the `future` package: from builtins import bytes hashlib.sha1(bytes(str(random.getrandbits(256)), encoding='ascii')).hexdigest() hubert.reinterpretcast: Being no security expert, I am not sure about the patch. I do see that `getrandbits` is…

os.mkdir(instance_path)		os.mkdir(instance_path)
os.mkdir(tmp_path)		os.mkdir(tmp_path)
os.mkdir(schemas_path)		os.mkdir(schemas_path)

# If the path does not contain database type, assume relative path.		# If the path does not contain database type, assume relative path.
if lnt.server.db.util.path_has_no_database_type(db_dir):		if lnt.server.db.util.path_has_no_database_type(db_dir):
db_dir_path = os.path.join(basepath, db_dir)		db_dir_path = os.path.join(basepath, db_dir)
Show All 34 Lines