Home-IoT/esphome
1
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2024-11-21 22:48:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Fix hmac with non-ASCII passwords

Browse source
This commit is contained in:
Otto Winter 2018-06-07 21:52:41 +02:00
parent 7b630bfb8b
commit e063f2aaea
No known key found for this signature in database
GPG key ID: DB66C0BE6013F97E
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
esphomeyaml/dashboard/dashboard.py
View file

@ -236,7 +236,7 @@ def start_web_server(args):
PASSWORD = js.get('password') or PASSWORD
if PASSWORD:
PASSWORD = hmac.new(PASSWORD).digest()
PASSWORD = hmac.new(str(PASSWORD)).digest()
# Use the digest of the password as our cookie secret. This makes sure the cookie
# isn't too short. It, of course, enables local hash brute forcing (because the cookie
# secret can be brute forced without making requests). But the hashing algorithm used