diff options
author | Linus Nordberg <linus@nordu.net> | 2017-06-21 16:47:05 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2017-06-21 16:47:05 +0200 |
commit | 32d66a4cffb03f68319262e982c3309047add01c (patch) | |
tree | 96c3cc8fe33fd1696276e3af4d0e23969f7e20df | |
parent | f9d9272401c588930d4ecca6fdd8903b2a09cb99 (diff) |
Verify raw content of auth header instead of decoded text.
The decoded text representation is an educated guess by the Requests
package.
Patch by Magnus Ahltorp.
-rw-r--r-- | tools/certtools.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/certtools.py b/tools/certtools.py index 7a5f9fc..5aa2251 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -329,7 +329,7 @@ def http_request_session(url, data=None, key=None, verifynode=None, params=None, result.raise_for_status() authheader = result.headers.get('X-Catlfish-Auth') data = result.text - check_auth_header(authheader, verifynode, data, url_to_sign) + check_auth_header(authheader, verifynode, result.content, url_to_sign) return data def get_signature(baseurl, data, key=None): |