changeset 5242:852a5dbe3ef5

merged moin/1.8
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 31 Oct 2009 21:09:12 +0100
parents d16dca1d4440 (current diff) 495a020af0b5 (diff)
children b8b4e75c9ca1
files MoinMoin/config/multiconfig.py MoinMoin/user.py
diffstat 4 files changed, 24 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/config/multiconfig.py	Sat Oct 31 21:01:39 2009 +0100
+++ b/MoinMoin/config/multiconfig.py	Sat Oct 31 21:09:12 2009 +0100
@@ -779,13 +779,13 @@
         'AttachFile': (300, 30),
         'cache': (600, 30), # cache action is very cheap/efficient
      },
-     "Surge protection tries to deny clients causing too much load/traffic, see /SurgeProtection."),
+     "Surge protection tries to deny clients causing too much load/traffic, see HelpOnConfiguration/SurgeProtection."),
     ('surge_lockout_time', 3600, "time [s] someone gets locked out when ignoring the warnings"),
 
     ('textchas', None,
      "Spam protection setup using site-specific questions/answers, see HelpOnTextChas."),
     ('textchas_disabled_group', None,
-     "Name of a group of trusted users who do not get asked TextCha questions."),
+     "Name of a group of trusted users who do not get asked !TextCha questions."),
 
     ('antispam_master_url', "http://master.moinmo.in/?action=xmlrpc2",
      "where antispam security policy fetches spam pattern updates (if it is enabled)"),
@@ -1141,7 +1141,7 @@
         # id -> username for page info and recent changes, but it
         # is not usable for the user any more:
        ],
-       "Describes user preferences, see /UserPreferences."),
+       "Describes user preferences, see HelpOnConfiguration/UserPreferences."),
 
       ('checkbox_defaults',
        {
@@ -1157,13 +1157,13 @@
         'wikiname_add_spaces': 0,
         'remember_me': 1,
        },
-       "Defaults for user preferences, see /UserPreferences."),
+       "Defaults for user preferences, see HelpOnConfiguration/UserPreferences."),
 
       ('checkbox_disable', [],
-       "Disable user preferences, see /UserPreferences."),
+       "Disable user preferences, see HelpOnConfiguration/UserPreferences."),
 
       ('checkbox_remove', [],
-       "Remove user preferences, see /UserPreferences."),
+       "Remove user preferences, see HelpOnConfiguration/UserPreferences."),
 
       ('form_fields',
        [
--- a/MoinMoin/filter/application_vnd_oasis_opendocument.py	Sat Oct 31 21:01:39 2009 +0100
+++ b/MoinMoin/filter/application_vnd_oasis_opendocument.py	Sat Oct 31 21:09:12 2009 +0100
@@ -4,7 +4,7 @@
 
     Depends on: nothing (only python with zlib)
 
-    @copyright: 2006 MoinMoin:ThomasWaldmann
+    @copyright: 2006-2009 MoinMoin:ThomasWaldmann
     @license: GNU GPL, see COPYING for details.
 """
 
@@ -24,5 +24,10 @@
     except (zipfile.BadZipfile, RuntimeError), err:
         logging.error("%s [%s]" % (str(err), filename))
         data = ""
-    return data.decode('utf-8')
+    try:
+        data = data.decode('utf-8')
+    except UnicodeDecodeError:
+        # protected with password? no valid OpenDocument file?
+        data = u''
+    return data
 
--- a/MoinMoin/filter/application_vnd_sun_xml.py	Sat Oct 31 21:01:39 2009 +0100
+++ b/MoinMoin/filter/application_vnd_sun_xml.py	Sat Oct 31 21:09:12 2009 +0100
@@ -4,7 +4,7 @@
 
     Depends on: nothing (only python with zlib)
 
-    @copyright: 2006 MoinMoin:ThomasWaldmann
+    @copyright: 2006-2009 MoinMoin:ThomasWaldmann
     @license: GNU GPL, see COPYING for details.
 """
 
@@ -24,5 +24,10 @@
     except (zipfile.BadZipfile, RuntimeError), err:
         logging.error("%s [%s]" % (str(err), filename))
         data = ""
-    return data.decode('utf-8')
+    try:
+        data = data.decode('utf-8')
+    except UnicodeDecodeError:
+        # protected with password? no valid OpenOffice file?
+        data = u''
+    return data
 
--- a/MoinMoin/user.py	Sat Oct 31 21:01:39 2009 +0100
+++ b/MoinMoin/user.py	Sat Oct 31 21:09:12 2009 +0100
@@ -492,7 +492,7 @@
         This is a private method and should not be used by clients.
 
         @param data: dict with user data (from storage)
-        @param password: password to verify
+        @param password: password to verify [unicode]
         @rtype: 2 tuple (bool, bool)
         @return: password is valid, enc_password changed
         """
@@ -506,19 +506,17 @@
         if not password:
             return False, False
 
-        password = password.encode('utf-8')
-
         if epwd[:5] == '{SHA}':
-            enc = '{SHA}' + base64.encodestring(hash_new('sha1', password).digest()).rstrip()
+            enc = '{SHA}' + base64.encodestring(hash_new('sha1', password.encode('utf-8')).digest()).rstrip()
             if epwd == enc:
-                data['enc_password'] = encodePassword(password)
+                data['enc_password'] = encodePassword(password) # upgrade to SSHA
                 return True, True
             return False, False
 
         if epwd[:6] == '{SSHA}':
             data = base64.decodestring(epwd[6:])
             salt = data[20:]
-            hash = hash_new('sha1', password)
+            hash = hash_new('sha1', password.encode('utf-8'))
             hash.update(salt)
             return hash.digest() == data[:20], False