Changes by Mark Lawrence breamore...@yahoo.co.uk:
--
nosy: -BreamoreBoy
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
___
Mark Lawrence added the comment:
Are the tests for HTTPAuthDigest still outstanding?
--
nosy: +BreamoreBoy
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
Georg Brandl ge...@python.org added the comment:
Ping?
--
nosy: +georg.brandl
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
___
Senthil Kumaran orsent...@gmail.com added the comment:
Okay, This vaguely got out of my mind. Shall come with the tests for
HTTPAuthDigest.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
Senthil Kumaran orsent...@gmail.com added the comment:
Interesting issue. RFC 2617 supports the claim. In RFC 2617, section
3.2.2 The Authorization Request Header, we see that nonce-count is
maintained for each particular nonce value and it can used by the server
to verify the replays.
The
Senthil Kumaran orsent...@gmail.com added the comment:
Fixed in r76288 (trunk), r76289 (release26-maint), r76290 (py3k) and
r76291(release31-maint). The issue is fixed. I am keeping it open to
remind of the pending tests (HTTPAuthDigest and nonce value check testcase).
--
resolution:
Changes by Senthil Kumaran orsent...@gmail.com:
--
assignee: - orsenthil
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
___
Dan dan...@ohuiginn.net added the comment:
Attaching a patch. I don't have a test to go with it, except for the one
submitted with the bug report.
--
keywords: +patch
Added file: http://bugs.python.org/file14815/nonce_count.diff
___
Python tracker
Changes by Daniel Diniz aja...@gmail.com:
--
keywords: +easy
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
___
Python-bugs-list mailing
Changes by Daniel Diniz aja...@gmail.com:
--
nosy: +jjlee, orsenthil
stage: - needs patch
versions: +Python 2.6 -Python 2.5
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue4683
___
Daniel Diniz aja...@gmail.com added the comment:
Chris,
Is there a chance that this is some sort of protection on LJ's side?
Does a given instance mean the same connection being reused? What
happens with longer sleeps?
--
nosy: +ajaksu2
___
Python
Chris Boyle ch...@boyle.name added the comment:
When I say a given instance, I mean an HTTPDigestAuthHandler object. If
I take the three lines before my loop (authhandler=, opener=,
install_opener) and move them into the loop, the problem goes away,
whereas moving only the latter two of those
Daniel Diniz aja...@gmail.com added the comment:
Hmm, notice that AbstractDigestAuthHandler handles retries:
class AbstractDigestAuthHandler:
def __init__(self, passwd=None):
...
self.retried = 0
...
def reset_retry_count(self):
self.retried = 0
def
Dan dan...@ohuiginn.net added the comment:
Reasonable idea, Daniel, but changing self.retried makes no difference.
What does solve Chris' problem (which I can reproduce, btw) is
preventing the nonce_count from incrementing.
i.e. comment out the line :
self.nonce_count += 1
in
New submission from Chris Boyle ch...@boyle.name:
The attached script, when edited to fill in valid LiveJournal
credentials (or InsaneJournal, if you change the URL and user list)
fails for me in a very odd way. It fetches the first two URLs quite
happily, and returns a 401 on the third after
15 matches
Mail list logo