diff options
author | Magnus Ahltorp <map@kth.se> | 2017-03-17 00:50:27 +0100 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2017-03-17 14:45:56 +0100 |
commit | abe1da31a293c2765b4bb3fca42a08cdf336fcc7 (patch) | |
tree | ba33c0f99f65184e973c3d12fcf9a39515a621c8 | |
parent | 9c15cdd7e225795168a8b4f330f60bc57e19f95d (diff) |
Verify http auth signature correctly.
Don't interpret http contents when content type is "application/octet-stream".
-rw-r--r-- | tools/certtools.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/tools/certtools.py b/tools/certtools.py index 7a5f9fc..cb56a8d 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -328,8 +328,11 @@ def http_request_session(url, data=None, key=None, verifynode=None, params=None, result = session.send(prepared_req, verify=sslparameters.cafile) result.raise_for_status() authheader = result.headers.get('X-Catlfish-Auth') - data = result.text - check_auth_header(authheader, verifynode, data, url_to_sign) + if result.headers['Content-Type'] == "application/octet-stream": + data = result.content + else: + data = result.text + check_auth_header(authheader, verifynode, result.content, url_to_sign) return data def get_signature(baseurl, data, key=None): |