From ba2cb0c12727e3073d1560c5a597398c1a67c714 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= Date: Sun, 1 Jan 2023 23:23:39 +0100 Subject: [PATCH] Ignore bandit errors when setting password hash algorithm --- qweechat/network.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/qweechat/network.py b/qweechat/network.py index b7d802c..709272e 100644 --- a/qweechat/network.py +++ b/qweechat/network.py @@ -144,7 +144,7 @@ def pbkdf2(self, hash_name, salt): def _build_init_command(self): """Build the init command to send to WeeChat.""" totp = f',totp={self._totp}' if self._totp else '' - if self._pwd_hash_algo == 'plain': + if self._pwd_hash_algo == 'plain': # nosec cmd = _PROTO_INIT_PWD % { 'password': self._password, 'totp': totp, @@ -154,16 +154,16 @@ def _build_init_command(self): salt = self._server_nonce + client_nonce pwd_hash = None iterations = '' - if self._pwd_hash_algo == 'pbkdf2+sha512': + if self._pwd_hash_algo == 'pbkdf2+sha512': # nosec pwd_hash = self.pbkdf2('sha512', salt) iterations = f':{self._pwd_hash_iter}' - elif self._pwd_hash_algo == 'pbkdf2+sha256': + elif self._pwd_hash_algo == 'pbkdf2+sha256': # nosec pwd_hash = self.pbkdf2('sha256', salt) iterations = f':{self._pwd_hash_iter}' - elif self._pwd_hash_algo == 'sha512': + elif self._pwd_hash_algo == 'sha512': # nosec pwd = salt + self._password.encode('utf-8') pwd_hash = hashlib.sha512(pwd).hexdigest() - elif self._pwd_hash_algo == 'sha256': + elif self._pwd_hash_algo == 'sha256': # nosec pwd = salt + self._password.encode('utf-8') pwd_hash = hashlib.sha256(pwd).hexdigest() if not pwd_hash: @@ -184,7 +184,7 @@ def _build_sync_command(self): def handshake_timer_expired(self): if self.status == STATUS_AUTHENTICATING: - self._pwd_hash_algo = 'plain' + self._pwd_hash_algo = 'plain' # nosec self.send_to_weechat(self._build_init_command()) self.sync_weechat() self.set_status(STATUS_CONNECTED)