Merged revisions 76952 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk ........ r76952 | tarek.ziade | 2009-12-21 00:23:34 +0100 (Mon, 21 Dec 2009) | 1 line Fixed #7552: fixed distutils.command.upload failure on very long passwords ........

Merged revisions 76952 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk ........ r76952 | tarek.ziade | 2009-12-21 00:23:34 +0100 (Mon, 21 Dec 2009) | 1 line Fixed #7552: fixed distutils.command.upload failure on very long passwords ........
8b9361a2 · Tarek Ziadé · 4d1e50dc · 8b9361a2 · 8b9361a2 · 8b9361a2
Commit 8b9361a2 authored Dec 21, 2009 by Tarek Ziadé
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 3 deletions

Lib/distutils/command/upload.py Lib/distutils/command/upload.py +2 -2

Lib/distutils/tests/test_upload.py Lib/distutils/tests/test_upload.py +22 -1

Misc/NEWS Misc/NEWS +4 -0

No files found.
--- a/Lib/distutils/command/upload.py
+++ b/Lib/distutils/command/upload.py
@@ -6,7 +6,7 @@ import os, io
 import socket
 import platform
 from urllib.request import urlopen, Request, HTTPError
-import base64
+from base64 import standard_b64encode
 from urllib.parse import urlparse
 from hashlib import md5

@@ -130,7 +130,7 @@ class upload(PyPIRCCommand):
        user_pass = (self.username + ":" + self.password).encode('ascii')
        # The exact encoding of the authentication string is debated.
        # Anyway PyPI only accepts ascii for both username or password.
-        auth = "Basic " + base64.encodebytes(user_pass).strip().decode('ascii')
+        auth = "Basic " + standard_b64encode(user_pass).decode('ascii')

        # Build up the MIME payload for the POST data
        boundary = '--------------GHSKFJDLGDS7543FJKLFHRE75642756743254'

--- a/Lib/distutils/tests/test_upload.py
+++ b/Lib/distutils/tests/test_upload.py
@@ -10,6 +10,25 @@ from distutils.core import Distribution
 from distutils.tests import support
 from distutils.tests.test_config import PYPIRC, PyPIRCCommandTestCase

+PYPIRC_LONG_PASSWORD = """\
+[distutils]
+
+index-servers =
+    server1
+    server2
+
+[server1]
+username:me
+password:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+
+[server2]
+username:meagain
+password: secret
+realm:acme
+repository:http://another.pypi/
+"""
+
+
 PYPIRC_NOPASSWORD = """\
 [distutils]

@@ -85,7 +104,7 @@ class uploadTestCase(PyPIRCCommandTestCase):
        self.write_file(path)
        command, pyversion, filename = 'xxx', '2.6', path
        dist_files = [(command, pyversion, filename)]
-        self.write_file(self.rc, PYPIRC)
+        self.write_file(self.rc, PYPIRC_LONG_PASSWORD)

        # lets run it
        pkg_dir, dist = self.create_dist(dist_files=dist_files)
@@ -101,6 +120,8 @@ class uploadTestCase(PyPIRCCommandTestCase):
        self.assertEquals(self.last_open.req.get_full_url(),
                          'http://pypi.python.org/pypi')
        self.assertTrue(b'xxx' in self.last_open.req.data)
+        auth = self.last_open.req.headers['Authorization']
+        self.assertFalse('\n' in auth)

 def test_suite():
    return unittest.makeSuite(uploadTestCase)

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -157,6 +157,10 @@ C-API
 Library
 -------

+- Issue #7552: Removed line feed in the base64 Authorization header in
+  the Distutils upload command to avoid an error when PyPI reads it.
+  This occurs on long passwords. Initial patch by JP St. Pierre.
+
 - Issue #7231: urllib2 cannot handle https with proxy requiring auth.  Patch by
  Tatsuhiro Tsujikawa.