From fc72b5606dd878be06e205cc1da141f5356e6dd8 Mon Sep 17 00:00:00 2001
From: Renzo Frigato <rfrigato@stanford.edu>
Date: Thu, 5 Nov 2015 17:05:10 -0800
Subject: [PATCH] replace sha1 with sha384
skip md5 when it is not sended
---
api/files.py | 6 +++---
api/handlers/listhandler.py | 2 +-
api/util.py | 15 ++++++++++-----
bin/bootstrap.py | 2 +-
4 files changed, 15 insertions(+), 10 deletions(-)
diff --git a/api/files.py b/api/files.py
index c05aa79e..16eae437 100644
--- a/api/files.py
+++ b/api/files.py
@@ -54,18 +54,18 @@ class FileRequest(object):
def _save_temp_file(self, folder):
filepath = os.path.join(folder, self.filename)
md5 = hashlib.md5()
- sha1 = hashlib.sha1()
+ sha384 = hashlib.sha384()
filesize = 0
start_time = datetime.datetime.utcnow()
with open(filepath, 'wb') as fd:
for chunk in iter(lambda: self.body.read(2**20), ''):
md5.update(chunk)
- sha1.update(chunk)
+ sha384.update(chunk)
filesize += len(chunk)
fd.write(chunk)
self.filesize = filesize
self.md5 = md5.hexdigest()
- self.sha1 = sha1.hexdigest()
+ self.sha384 = sha384.hexdigest()
duration = datetime.datetime.utcnow() - start_time
success = (self.md5 == self.received_md5) if self.received_md5 is not None else True
return success, duration
diff --git a/api/handlers/listhandler.py b/api/handlers/listhandler.py
index c134a691..a40a88b3 100644
--- a/api/handlers/listhandler.py
+++ b/api/handlers/listhandler.py
@@ -376,7 +376,7 @@ class FileListHandler(ListHandler):
file_properties = {
'name': file_request.filename,
'size': file_request.filesize,
- 'hash': file_request.sha1,
+ 'hash': file_request.sha384,
'type': file_request.mimetype,
'tags': file_request.tags,
'metadata': file_request.metadata,
diff --git a/api/util.py b/api/util.py
index 57f1d663..fc58a1ef 100644
--- a/api/util.py
+++ b/api/util.py
@@ -267,18 +267,23 @@ def download_ticket(ip, type_, target, filename, size):
def receive_stream_and_validate(stream, filepath, received_md5):
- md5 = hashlib.md5()
- sha1 = hashlib.sha1()
+ skip_md5 = False
+ if received_md5 is not None:
+ md5 = hashlib.md5()
+ else:
+ skip_md5 = True
+ sha384 = hashlib.sha384()
filesize = 0
start_time = datetime.datetime.utcnow()
with open(filepath, 'wb') as fd:
for chunk in iter(lambda: stream.read(2**20), ''):
- md5.update(chunk)
- sha1.update(chunk)
+ if received_md5 is not None:
+ md5.update(chunk)
+ sha384.update(chunk)
filesize += len(chunk)
fd.write(chunk)
duration = datetime.datetime.utcnow() - start_time
- return (md5.hexdigest() == received_md5) if received_md5 is not None else True, sha1.hexdigest(), filesize, duration
+ return skip_md5 or (md5.hexdigest() == received_md5), sha384.hexdigest(), filesize, duration
def guess_mimetype(filepath):
diff --git a/bin/bootstrap.py b/bin/bootstrap.py
index 9ea2cec7..0b57f9f1 100755
--- a/bin/bootstrap.py
+++ b/bin/bootstrap.py
@@ -78,7 +78,7 @@ def sort(args):
log.info('found %d files to sort (ignoring symlinks and dotfiles)' % file_cnt)
for i, filepath in enumerate(files):
log.info('sorting %s [%s] (%d/%d)' % (os.path.basename(filepath), util.hrsize(os.path.getsize(filepath)), i+1, file_cnt))
- hash_ = hashlib.sha1()
+ hash_ = hashlib.sha384()
if not args.quick:
with open(filepath, 'rb') as fd:
for chunk in iter(lambda: fd.read(2**20), ''):
--
GitLab