Construct HMAC as bytes on py3

Signed-off-by: Adrian Tschira <nota@notafile.com>
author: Adrian Tschira <nota@notafile.com> 2018-04-28 23:53:07 +0200
committer: Adrian Tschira <nota@notafile.com> 2018-04-29 00:19:41 +0200
commit: 122593265b4a10732b2e7fcfe2f5b2eba83d61d7 (patch)
tree: 7c2266e44ed87ffe17f7d3cf8847031ea3310040 /synapse/rest/client/v2_alpha
parent: Merge pull request #3127 from matrix-org/rav/deferred_timeout (diff)
download: synapse-122593265b4a10732b2e7fcfe2f5b2eba83d61d7.tar.xz
1 files changed, 6 insertions, 4 deletions
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index f317c919dc..5cab00aea9 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -35,6 +35,8 @@ from hashlib import sha1
 from synapse.util.async import run_on_reactor
 from synapse.util.ratelimitutils import FederationRateLimiter
 
+from six import string_types
+
 
 # We ought to be using hmac.compare_digest() but on older pythons it doesn't
 # exist. It's a _really minor_ security flaw to use plain string comparison
@@ -210,14 +212,14 @@ class RegisterRestServlet(RestServlet):
         # in sessions. Pull out the username/password provided to us.
         desired_password = None
         if 'password' in body:
-            if (not isinstance(body['password'], basestring) or
+            if (not isinstance(body['password'], string_types) or
                     len(body['password']) > 512):
                 raise SynapseError(400, "Invalid password")
             desired_password = body["password"]
 
         desired_username = None
         if 'username' in body:
-            if (not isinstance(body['username'], basestring) or
+            if (not isinstance(body['username'], string_types) or
                     len(body['username']) > 512):
                 raise SynapseError(400, "Invalid username")
             desired_username = body['username']
@@ -243,7 +245,7 @@ class RegisterRestServlet(RestServlet):
 
             access_token = get_access_token_from_request(request)
 
-            if isinstance(desired_username, basestring):
+            if isinstance(desired_username, string_types):
                 result = yield self._do_appservice_registration(
                     desired_username, access_token, body
                 )
@@ -464,7 +466,7 @@ class RegisterRestServlet(RestServlet):
         # includes the password and admin flag in the hashed text. Why are
         # these different?
         want_mac = hmac.new(
-            key=self.hs.config.registration_shared_secret,
+            key=self.hs.config.registration_shared_secret.encode(),
             msg=user,
             digestmod=sha1,
         ).hexdigest()
author	Adrian Tschira <nota@notafile.com>	2018-04-28 23:53:07 +0200
committer	Adrian Tschira <nota@notafile.com>	2018-04-29 00:19:41 +0200
commit	122593265b4a10732b2e7fcfe2f5b2eba83d61d7 (patch)
tree	7c2266e44ed87ffe17f7d3cf8847031ea3310040 /synapse/rest/client/v2_alpha
parent	Merge pull request #3127 from matrix-org/rav/deferred_timeout (diff)
download	synapse-122593265b4a10732b2e7fcfe2f5b2eba83d61d7.tar.xz