summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2017-03-17 00:50:27 +0100
committerMagnus Ahltorp <map@kth.se>2017-03-17 02:04:21 +0100
commit4ec7a9d1e9cf31d9cc00c81578ffb52d15f91181 (patch)
tree100f4a2bb6ae12557e5c76d5246363960395d135
parent597055e2b1bfadb08a59f9d3f6e328444012d893 (diff)
Verify http auth signature correctly.
Don't interpret http contents when content type is "application/octet-stream".
-rw-r--r--tools/certtools.py7
1 files changed, 5 insertions, 2 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 7a5f9fc..cb56a8d 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -328,8 +328,11 @@ def http_request_session(url, data=None, key=None, verifynode=None, params=None,
result = session.send(prepared_req, verify=sslparameters.cafile)
result.raise_for_status()
authheader = result.headers.get('X-Catlfish-Auth')
- data = result.text
- check_auth_header(authheader, verifynode, data, url_to_sign)
+ if result.headers['Content-Type'] == "application/octet-stream":
+ data = result.content
+ else:
+ data = result.text
+ check_auth_header(authheader, verifynode, result.content, url_to_sign)
return data
def get_signature(baseurl, data, key=None):