summaryrefslogtreecommitdiff
path: root/wsgitools/scgi.py
diff options
context:
space:
mode:
authorHelmut Grohne <helmut@subdivi.de>2009-03-29 23:27:33 +0200
committerHelmut Grohne <helmut@subdivi.de>2009-03-29 23:27:33 +0200
commit56be1861917a9081a3883ae3b080d4683b52402c (patch)
tree9645dda500527e80bbc33470294a91344ea1f004 /wsgitools/scgi.py
parent58149dfd3d67399a47dbf3035ab0f5a866abcd23 (diff)
downloadwsgitools-56be1861917a9081a3883ae3b080d4683b52402c.tar.gz
improve digest module (killed isnonce method)
Prior to this change the digest module would check whether a nonce looks like a nonce, verify the response and then verify the nonce. This left a bit more room for brute forcing passwords, as the same nonce could be used in arbitrary many tries and a stale response would indicate an authentication success. Now authentication is only tried for valid nonces. This also makes the NonceStoreBase.isnonce method superfluous.
Diffstat (limited to 'wsgitools/scgi.py')
0 files changed, 0 insertions, 0 deletions