summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2017-03-17 00:50:27 +0100
committerMagnus Ahltorp <map@kth.se>2017-03-17 14:45:56 +0100
commitabe1da31a293c2765b4bb3fca42a08cdf336fcc7 (patch)
treeba33c0f99f65184e973c3d12fcf9a39515a621c8
parent9c15cdd7e225795168a8b4f330f60bc57e19f95d (diff)
Verify http auth signature correctly.
Don't interpret http contents when content type is "application/octet-stream".
-rw-r--r--tools/certtools.py7
1 files changed, 5 insertions, 2 deletions
diff --git a/tools/certtools.py b/tools/certtools.py
index 7a5f9fc..cb56a8d 100644
--- a/tools/certtools.py
+++ b/tools/certtools.py
@@ -328,8 +328,11 @@ def http_request_session(url, data=None, key=None, verifynode=None, params=None,
result = session.send(prepared_req, verify=sslparameters.cafile)
result.raise_for_status()
authheader = result.headers.get('X-Catlfish-Auth')
- data = result.text
- check_auth_header(authheader, verifynode, data, url_to_sign)
+ if result.headers['Content-Type'] == "application/octet-stream":
+ data = result.content
+ else:
+ data = result.text
+ check_auth_header(authheader, verifynode, result.content, url_to_sign)
return data
def get_signature(baseurl, data, key=None):