[issue2202] urllib2 fails against IIS 6.0 (No support for MD5-sess auth)
Manuel Muradás mmura...@dieresys.com.ar added the comment: Here is a patch for supporting MD5-sess, following RFC2617 specification. Some comments/warnings: * I've only tested the patch against IIS 6.0. I don't know about other servers supporting MD5-sess. * IIS 6.0 expects the User Agent to send the URI (in the Authorization header) without the query string. * This patch doesn't add support for Digest sessions. For each request we make, we get a new [401|407] message with a new nonce (depending if we're talking about a proxy with digest authentication or a web server). Then we generate another authenticated request using that nonce. For Digest sessions to be fully supported, we should be adding an [WWW|Proxy]-Authenticate header in each following request we made to the server using the last nonce. This includes both MD5-sess and MD5 digest implementations. * A1 is being recalculated for every request. Given the above, this is not a real problem. I'll open a new ticket regarding Digest sessions. -- keywords: +patch nosy: +dieresys Added file: http://bugs.python.org/file15964/urllib2-support_md5-sess.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue2202 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7752] Add support for Digest authentication session (reuse nonces)
New submission from Manuel Muradás mmura...@dieresys.com.ar: Description: As described in issue [2202], for each request we make, we get a new [401|407] message with a new nonce (depending if we're talking about a proxy with digest authentication or a web server). Then we generate another authenticated request using that nonce. For Digest authentication session to be fully supported, we should be adding a [WWW|Proxy]-Authenticate header in each following request we made to the server using the last nonce sent by the server. This will reduce the amount of requests performed, improving the performance. How common browsers behaves: Browsers implements authentication session by reusing the last nonce received from the web server for a given domain and Realm. When a request is made to a new URL from the same domain, the browsers doesn't know if that URL belongs to the same Realm. If the new URL is a sub-url of any other known URL on that Realm, the browsers add the Authorization header to new request. If they can't infer the Realm with this method, the Request is sent without the header. If the new URL do belongs to the Realm, the Browsers uses the nonce included in the response from the sever (with a 401 status code) to make new requests to URLs belonging to that Realm. Regarding proxies with Digest authentication, browsers reuse the last nonce for every request made through the proxy. For example: URL1 redirects to URL2 and URL2 redirects to URL3: Notes: - = request - = response N = nonce C = client nonce NC = nonce count --- [1] URL1: http://domain/1/1.htm URL2: http://domain/2/1.htm URL3: http://domain/1/2.htm - GET URL1 - 401 N1 - GET URL1 N1 C1 NC1 - 301 URL2 - GET URL2 - 401 N2 - GET URL2 N2 C2 NC1 - 301 URL3 - GET URL3 N2 C2 NC2 - 200 --- [2] URL1: http://domain/1.htm URL2: http://domain/1/1.htm URL3: http://domain/2/1.htm - GET URL1 - 401 N1 - GET URL1 N1 C1 NC1 - 301 URL2 - GET URL2 N1 C1 NC2 - 301 URL3 - GET URL3 N1 C1 NC3 - 200 About the patch: I've added a 'http_request' to 'AbstractDigestAuthHandler' to add the '*-Authenticate' header before performing the requests. There is a known problem with this patch: we generate a new AuthenticationSession against digest proxies when we are redirected to another page (with a 30X code), instead of re-using the previous session (first we send the redirected request without the authentication handler, we receive a new 407 code, and then we send the redirected request again with the new authentication handler). This is caused because of the execution order of handlers: - RedirectHandler generates a new request and calls to self.parent.open - ProxyDigestAuthHandler tries to find an AuthenticationSession for that request but fails ('Request.get_host' returns the web server host) - ProxyHandler modifies the request (now 'Request.get_host' returns the proxy host) Comments are more than welcome!! -- components: Library (Lib) files: urllib2-support_digest_sessions.diff keywords: patch messages: 98120 nosy: dieresys severity: normal status: open title: Add support for Digest authentication session (reuse nonces) type: feature request versions: Python 2.7 Added file: http://bugs.python.org/file15966/urllib2-support_digest_sessions.diff ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7752 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7570] Error in urllib2 example
New submission from Manuel Muradás mmura...@dieresys.com.ar: We've found an error in an urllib2 example with Proxy Basic authentication. This is the example with the error: {{{ This example replaces the default ProxyHandler with one that uses programmatically-supplied proxy URLs, and adds proxy authorization support with ProxyBasicAuthHandler. proxy_handler = urllib2.ProxyHandler({'http': 'http://www.example.com:3128/'}) proxy_auth_handler = urllib2.HTTPBasicAuthHandler() proxy_auth_handler.add_password('realm', 'host', 'username', 'password') opener = build_opener(proxy_handler, proxy_auth_handler) # This time, rather than install the OpenerDirector, we use it directly: opener.open('http://www.example.com/login.html') }}} Attached you will find a patch with the fix. -- assignee: georg.brandl components: Documentation files: urllib2.patch keywords: patch messages: 96843 nosy: dieresys, georg.brandl severity: normal status: open title: Error in urllib2 example versions: Python 2.6, Python 2.7 Added file: http://bugs.python.org/file15668/urllib2.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7570 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7291] urllib2 cannot handle https with proxy requiring auth
Manuel Muradás mmura...@dieresys.com.ar added the comment: Hi! 2.6 backport is missing an argument in _set_tunnel definition. It should be: def _set_tunnel(self, host, port=None, headers=None): -- nosy: +dieresys ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7291 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue7291] urllib2 cannot handle https with proxy requiring auth
Manuel Muradás mmura...@dieresys.com.ar added the comment: The patch fixes only when you pass the authentication info in the proxy handler's URL. Like: proxy_handler = urllib2.ProxyHandler({'https': 'http://user:p...@proxy-example.com:3128/'}) But setting the authentication using a ProxyBasicAuthHandler is still broken: proxy_auth_handler = urllib2.ProxyBasicAuthHandler() proxy_auth_handler.add_password('realm', 'proxy-example.com:3128', 'user', 'pass') In the attached file (urllib2_with_proxy_auth_comparison.py) we've wrote a comparison between what works with HTTP and HTTPS. The problem is the 407 error never reaches the ProxyBasicAuthHandler because HTTPConnection._tunnel raises an exception when the http response status code is not 200. -- Added file: http://bugs.python.org/file15669/urllib2_with_proxy_auth_comparison.py ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue7291 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue3396] rlcompleter can't autocomplete members of callable objects
Manuel Muradás [EMAIL PROTECTED] added the comment: Oops, you are right. If that is the way we should handle this regression, I could upload a patch. I also thought we could use hasattr, but that means using getattr twice. Something like: if word[:n] == attr and word != __builtins__ and hasattr(object, word): val = getattr(object, word) What do you think about it? -- nosy: +dieresys ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue3396 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue449227] rlcompleter add ( to callables feature
Manuel Muradás [EMAIL PROTECTED] added the comment: Guilherme, Thanks a lot for taking some time to review my patch. Here is a new version. Please take another look and tell me what do you think about it. Thanks again Added file: http://bugs.python.org/file10721/rlcompleter2.6.diff ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue449227 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue449227] rlcompleter add ( to callables feature
Changes by Manuel Muradás [EMAIL PROTECTED]: Removed file: http://bugs.python.org/file10714/rlcompleterAndDoc2.6.diff ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue449227 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue449227] rlcompleter add ( to callables feature
Manuel Muradás [EMAIL PROTECTED] added the comment: I have also updated the rlcompleter documentation. Here is the complete patch. rlcompleterAndDoc2.6.diff -- nosy: +facundobatista Added file: http://bugs.python.org/file10714/rlcompleterAndDoc2.6.diff ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue449227 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue449227] rlcompleter add ( to callables feature
Changes by Manuel Muradás [EMAIL PROTECTED]: Removed file: http://bugs.python.org/file10695/rlcompleter2.6.diff ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue449227 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1044479] docs for Py_UNICODE are wrong
Manuel Muradás [EMAIL PROTECTED] added the comment: This looks fixed to me. The current documentation is much more clear. Look: http://docs.python.org/api/unicodeObjects.html -- nosy: +dieresys ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue1044479 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue1044479] docs for Py_UNICODE are wrong
Manuel Muradás [EMAIL PROTECTED] added the comment: This is the link to the current py_unicode documentation: http://docs.python.org/dev/c-api/unicode.html ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue1044479 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue449227] rlcompleter add ( to callables feature
Manuel Muradás [EMAIL PROTECTED] added the comment: Here is a new patch against 2.6. -- nosy: +dieresys Added file: http://bugs.python.org/file10695/rlcompleter2.6.diff ___ Python tracker [EMAIL PROTECTED] http://bugs.python.org/issue449227 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com