From: Andrew M. Kuchling <amk@amk.ca>
Date: Fri, 27 Oct 2006 17:13:33 +0000 (+0000)
Subject: [Patch #1574068 by Scott Dial] urllib and urllib2 were using
X-Git-Tag: v2.5.1c1~293
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ff9e7abac8df84480bcfd7e3ce3a3dd912e69537;p=python

[Patch #1574068 by Scott Dial] urllib and urllib2 were using
base64.encodestring() for encoding authentication data.
encodestring() can include newlines for very long input, which
produced broken HTTP headers.

2.4 backport candidate, probably.
---

diff --git a/Lib/urllib.py b/Lib/urllib.py
index 8d5669075d..064632c260 100644
--- a/Lib/urllib.py
+++ b/Lib/urllib.py
@@ -302,13 +302,13 @@ class URLopener:
 
         if proxy_passwd:
             import base64
-            proxy_auth = base64.encodestring(proxy_passwd).strip()
+            proxy_auth = base64.b64encode(proxy_passwd).strip()
         else:
             proxy_auth = None
 
         if user_passwd:
             import base64
-            auth = base64.encodestring(user_passwd).strip()
+            auth = base64.b64encode(user_passwd).strip()
         else:
             auth = None
         h = httplib.HTTP(host)
@@ -387,12 +387,12 @@ class URLopener:
             if not host: raise IOError, ('https error', 'no host given')
             if proxy_passwd:
                 import base64
-                proxy_auth = base64.encodestring(proxy_passwd).strip()
+                proxy_auth = base64.b64encode(proxy_passwd).strip()
             else:
                 proxy_auth = None
             if user_passwd:
                 import base64
-                auth = base64.encodestring(user_passwd).strip()
+                auth = base64.b64encode(user_passwd).strip()
             else:
                 auth = None
             h = httplib.HTTPS(host, 0,
diff --git a/Lib/urllib2.py b/Lib/urllib2.py
index 3459f0d230..890d3d4a6c 100644
--- a/Lib/urllib2.py
+++ b/Lib/urllib2.py
@@ -674,7 +674,7 @@ class ProxyHandler(BaseHandler):
             proxy_type = orig_type
         if user and password:
             user_pass = '%s:%s' % (unquote(user), unquote(password))
-            creds = base64.encodestring(user_pass).strip()
+            creds = base64.b64encode(user_pass).strip()
             req.add_header('Proxy-authorization', 'Basic ' + creds)
         hostport = unquote(hostport)
         req.set_proxy(hostport, proxy_type)
@@ -798,7 +798,7 @@ class AbstractBasicAuthHandler:
         user, pw = self.passwd.find_user_password(realm, host)
         if pw is not None:
             raw = "%s:%s" % (user, pw)
-            auth = 'Basic %s' % base64.encodestring(raw).strip()
+            auth = 'Basic %s' % base64.b64encode(raw).strip()
             if req.headers.get(self.auth_header, None) == auth:
                 return None
             req.add_header(self.auth_header, auth)
diff --git a/Misc/NEWS b/Misc/NEWS
index 64fa7bf826..57e5ad0c3d 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -110,6 +110,9 @@ Library
 
 - Bug #1576241: fix functools.wraps() to work on built-in functions.
 
+- Patch #1574068: fix urllib/urllib2 to not insert line breaks when
+  HTTP authentication data was very long.
+
 - Fix a bug in traceback.format_exception_only() that led to an error
   being raised when print_exc() was called without an exception set.
   In version 2.4, this printed "None", restored that behavior.