reverted changes causing test failures

src/ZEO/auth/auth_digest.py

@@ -37,14 +37,13 @@ TODO: I'm not sure if this is a sound approach; SRP would be preferred.
 
 import os
 import random
-
+import sha
 import struct
 import time
 
 from ZEO.auth.base import Database, Client
 from ZEO.StorageServer import ZEOStorage
 from ZEO.Exceptions import AuthError
-from ZEO.hash import sha1
 
 def get_random_bytes(n=8):
     if os.path.exists("/dev/urandom"):
@@ -57,7 +56,7 @@ def get_random_bytes(n=8):
     return s
 
 def hexdigest(s):
-    return sha1(s).hexdigest()
+    return sha.new(s).hexdigest()
 
 class DigestDatabase(Database):
     def __init__(self, filename, realm=None):
@@ -77,7 +76,7 @@ def session_key(h_up, nonce):
     # HMAC wants a 64-byte key.  We don't want to use h_up
     # directly because it would never change over time.  Instead
     # use the hash plus part of h_up.
-    return sha1("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
+    return sha.new("%s:%s" % (h_up, nonce)).digest() + h_up[:44]
 
 class StorageClass(ZEOStorage):
     def set_database(self, database):
@@ -93,7 +92,7 @@ class StorageClass(ZEOStorage):
     def _get_nonce(self):
         # RFC 2069 recommends a nonce of the form
         # H(client-IP ":" time-stamp ":" private-key)
-        dig = sha1()
+        dig = sha.sha()
         dig.update(str(self.connection.addr))
         dig.update(self._get_time())
         dig.update(self.noncekey)

src/ZEO/auth/base.py

@@ -18,7 +18,7 @@ Client -- abstract base class for authentication client
 """
 
 import os
-from ZEO.hash import sha1
+import sha
 
 class Client:
     # Subclass should override to list the names of methods that
@@ -113,7 +113,7 @@ class Database:
         return self._users[username]
 
     def hash(self, s):
-        return sha1(s).hexdigest()
+        return sha.new(s).hexdigest()
 
     def add_user(self, username, password):
         if self._users.has_key(username):

src/ZEO/tests/auth_plaintext.py

@@ -19,15 +19,14 @@ This mechanism offers *no network security at all*; the only security
 is provided by not storing plaintext passwords on disk.
 """
 
+import sha
 
 from ZEO.StorageServer import ZEOStorage
 from ZEO.auth import register_module
 from ZEO.auth.base import Client, Database
 
-from ZEO.hash import sha1
-
 def session_key(username, realm, password):
-    return sha1.new("%s:%s:%s" % (username, realm, password)).hexdigest()
+    return sha.new("%s:%s:%s" % (username, realm, password)).hexdigest()
 
 class StorageClass(ZEOStorage):
 
@@ -37,7 +36,7 @@ class StorageClass(ZEOStorage):
         except LookupError:
             return 0
 
-        password_dig = sha1.new(password).hexdigest()
+        password_dig = sha.new(password).hexdigest()
         if dbpw == password_dig:
             self.connection.setSessionKey(session_key(username,
                                                       self.database.realm,

src/ZEO/zrpc/smac.py

@@ -27,7 +27,11 @@ is set to 1 and the MAC immediately follows the length.
 
 import asyncore
 import errno
-import ZEO.hash
+try:
+    import hmac
+except ImportError:
+    import _hmac as hmac
+import sha
 import socket
 import struct
 import threading
@@ -38,7 +42,7 @@ from ZODB.loglevels import TRACE
 
 from ZEO.zrpc.log import log, short_repr
 from ZEO.zrpc.error import DisconnectedError
-import ZEO.hash
+
 
 # Use the dictionary to make sure we get the minimum number of errno
 # entries.   We expect that EWOULDBLOCK == EAGAIN on most systems --
@@ -143,8 +147,8 @@ class SizedMessageAsyncConnection(asyncore.dispatcher):
         # and thus iterator, because it contains a yield statement.
 
         def hack():
-            self.__hmac_send = hmac.HMAC(sesskey, digestmod=ZEO.hash)
-            self.__hmac_recv = hmac.HMAC(sesskey, digestmod=ZEO.hash)
+            self.__hmac_send = hmac.HMAC(sesskey, digestmod=sha)
+            self.__hmac_recv = hmac.HMAC(sesskey, digestmod=sha)
             if False:
                 yield ''