Changeset 6c756ba in trunk

Timestamp:

2015-01-06T18:10:41Z (10 years ago)

Author:

Daira Hopwood <daira@…>

Branches:

master

Children:

6194ab9

Parents:

102d581

Message:

Simplify key checking code by inlining _allowedKey and _correctSignature. refs #1141

Signed-off-by: Daira Hopwood <daira@…>

File:

• src/allmydata/frontends/auth.py (modified) (2 diffs)

src/allmydata/frontends/auth.py ¶

@@ -83 +83 @@
         return d
 
-    def _allowedKey(self, creds):
-        """
-        Determine whether the public key indicated by the given credentials is
-        one allowed to authenticate the username in those credentials.
-
-        Returns True if so, False otherwise.
-        """
-        return creds.blob == self.pubkeys.get(creds.username)
-
-    def _correctSignature(self, creds):
-        """
-        Determine whether the signature in the given credentials is the correct
-        signature for the data in those credentials.
-
-        Returns True if so, False otherwise.
-        """
-        key = keys.Key.fromString(creds.blob)
-        return key.verify(creds.signature, creds.sigData)
-
     def _checkKey(self, creds):
         """
@@ -110 +91 @@
         UnauthorizedLogin failure otherwise.
         """
-        if self._allowedKey(creds):
+
+        # Is the public key indicated by the given credentials allowed to
+        # authenticate the username in those credentials?
+        if creds.blob == self.pubkeys.get(creds.username):
             if creds.signature is None:
                 return defer.fail(conch_error.ValidPublicKey())
-            if self._correctSignature(creds):
+
+            # Is the signature in the given credentials the correct
+            # signature for the data in those credentials?
+            key = keys.Key.fromString(creds.blob)
+            if key.verify(creds.signature, creds.sigData):
                 return defer.succeed(self._avatarId(creds.username))
+
         return defer.fail(error.UnauthorizedLogin())