diff options
author | Magnus Ahltorp <map@kth.se> | 2017-03-17 00:50:27 +0100 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2017-03-17 02:04:21 +0100 |
commit | 4ec7a9d1e9cf31d9cc00c81578ffb52d15f91181 (patch) | |
tree | 100f4a2bb6ae12557e5c76d5246363960395d135 | |
parent | 597055e2b1bfadb08a59f9d3f6e328444012d893 (diff) |
Verify http auth signature correctly.
Don't interpret http contents when content type is "application/octet-stream".
-rw-r--r-- | tools/certtools.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/tools/certtools.py b/tools/certtools.py index 7a5f9fc..cb56a8d 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -328,8 +328,11 @@ def http_request_session(url, data=None, key=None, verifynode=None, params=None, result = session.send(prepared_req, verify=sslparameters.cafile) result.raise_for_status() authheader = result.headers.get('X-Catlfish-Auth') - data = result.text - check_auth_header(authheader, verifynode, data, url_to_sign) + if result.headers['Content-Type'] == "application/octet-stream": + data = result.content + else: + data = result.text + check_auth_header(authheader, verifynode, result.content, url_to_sign) return data def get_signature(baseurl, data, key=None): |