tsig import cleanups; rename tsig signing routing from "hmac_md5" to "sign"

diff --git a/dns/renderer.py b/dns/renderer.py
index b8a0c9483bde1472f260287d6c5d717102644e0f..2a53089eb633c98f2eceb979fd75c5f69effc68b 100644 (file)
--- a/dns/renderer.py
+++ b/dns/renderer.py
@@ -274,16 +274,16 @@ class Renderer(object):
         self._set_section(ADDITIONAL)
         before = self.output.tell()
         s = self.output.getvalue()
-        (tsig_rdata, self.mac, ctx) = dns.tsig.hmac_md5(s,
-                                                        keyname,
-                                                        secret,
-                                                        int(time.time()),
-                                                        fudge,
-                                                        id,
-                                                        tsig_error,
-                                                        other_data,
-                                                        request_mac,
-                                                        algorithm=algorithm)
+        (tsig_rdata, self.mac, ctx) = dns.tsig.sign(s,
+                                                    keyname,
+                                                    secret,
+                                                    int(time.time()),
+                                                    fudge,
+                                                    id,
+                                                    tsig_error,
+                                                    other_data,
+                                                    request_mac,
+                                                    algorithm=algorithm)
         keyname.to_wire(self.output, self.compress, self.origin)
         self.output.write(struct.pack('!HHIH', dns.rdatatype.TSIG,
                                       dns.rdataclass.ANY, 0, 0))

diff --git a/dns/tsig.py b/dns/tsig.py
index 90296c744c1c403372625094cbabc121f35f79d0..175bb2e05044f267c453f6e69afca75aeb42789c 100644 (file)
--- a/dns/tsig.py
+++ b/dns/tsig.py
@@ -57,9 +57,9 @@ BADKEY = 17
 BADTIME = 18
 BADTRUNC = 22
 
-def hmac_md5(wire, keyname, secret, time, fudge, original_id, error,
-             other_data, request_mac, ctx=None, multi=False, first=True,
-             algorithm=default_algorithm):
+def sign(wire, keyname, secret, time, fudge, original_id, error,
+         other_data, request_mac, ctx=None, multi=False, first=True,
+         algorithm=default_algorithm):
     """Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata
     for the input parameters, the HMAC MAC calculated by applying the
     TSIG signature algorithm, and the TSIG digest context.
@@ -108,6 +108,12 @@ def hmac_md5(wire, keyname, secret, time, fudge, original_id, error,
         ctx = None
     return (tsig_rdata, mac, ctx)
 
+def hmac_md5(wire, keyname, secret, time, fudge, original_id, error,
+             other_data, request_mac, ctx=None, multi=False, first=True,
+             algorithm=default_algorithm):
+    return sign(wire, keyname, secret, time, fudge, original_id, error,
+                other_data, request_mac, ctx, multi, first, algorithm)
+
 def validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata,
              tsig_rdlen, ctx=None, multi=False, first=True):
     """Validate the specified TSIG rdata against the other input parameters.
@@ -154,17 +160,18 @@ def validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata,
     time_high = time + fudge
     if now < time_low or now > time_high:
         raise BadTime
-    (junk, our_mac, ctx) = hmac_md5(new_wire, keyname, secret, time, fudge,
-                                    original_id, error, other_data,
-                                    request_mac, ctx, multi, first, aname)
+    (junk, our_mac, ctx) = sign(new_wire, keyname, secret, time, fudge,
+                                original_id, error, other_data,
+                                request_mac, ctx, multi, first, aname)
     if (our_mac != mac):
         raise BadSignature
     return ctx
 
 def get_algorithm(algorithm):
     """Returns the wire format string and the hash module to use for the
-    specified TSIG algorithm"
-    @rtype: (string, hash module)
+    specified TSIG algorithm
+
+    @rtype: (string, hash constructor)
     @raises NotImplementedError: I{algorithm} is not supported
     """
 
@@ -175,6 +182,8 @@ def get_algorithm(algorithm):
         hashes[dns.name.from_text('hmac-sha256')] = hashlib.sha256
         hashes[dns.name.from_text('hmac-sha384')] = hashlib.sha384
         hashes[dns.name.from_text('hmac-sha512')] = hashlib.sha512
+        hashes[dns.name.from_text('hmac-sha1')] = hashlib.sha1
+        hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] = hashlib.md5
 
         import sys
         if sys.hexversion < 0x02050000:
@@ -193,11 +202,9 @@ def get_algorithm(algorithm):
                 hashes[name] = HashlibWrapper(hashes[name])
 
     except ImportError:
-        pass
-
-    import md5, sha
-    hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] =  md5
-    hashes[dns.name.from_text('hmac-sha1')] = sha
+        import md5, sha
+        hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] =  md5.md5
+        hashes[dns.name.from_text('hmac-sha1')] = sha.sha
 
     if isinstance(algorithm, (str, unicode)):
         algorithm = dns.name.from_text(algorithm)