utils Module

This file is part of the web2py Web Framework
Copyrighted by Massimo Di Pierro <mdipierro@cs.depaul.edu>

This file specifically includes utilities for security.

gluon.utils.AES_new(key, IV=None)[source]

Returns an AES cipher object and random IV if None specified

gluon.utils.compare(a, b)[source]

Compares two strings and not vulnerable to timing attacks

gluon.utils.fast_urandom16(urandom=[], locker=<_RLock owner=None count=0>)[source]

This is 4x faster than calling os.urandom(16) and prevents the “too many files open” issue with concurrent access to os.urandom()

gluon.utils.get_callable_argspec(fn)[source]
gluon.utils.get_digest(value)[source]

Returns a hashlib digest algorithm from a string

gluon.utils.getipaddrinfo(host)[source]

Filter out non-IP and bad IP addresses from getaddrinfo

gluon.utils.initialize_urandom()[source]

This function and the web2py_uuid follow from the following discussion: http://groups.google.com/group/web2py-developers/browse_thread/thread/7fd5789a7da3f09

At startup web2py compute a unique ID that identifies the machine by adding uuid.getnode() + int(time.time() * 1e3)

This is a 48-bit number. It converts the number into 16 8-bit tokens. It uses this value to initialize the entropy source (‘/dev/urandom’) and to seed random.

If os.random() is not supported, it falls back to using random and issues a warning.

gluon.utils.is_loopback_ip_address(ip=None, addrinfo=None)[source]

Determines whether the address appears to be a loopback address. This assumes that the IP is valid.

gluon.utils.is_valid_ip_address(address)[source]

Examples

Better than a thousand words:

>>> is_valid_ip_address('127.0')
False
>>> is_valid_ip_address('127.0.0.1')
True
>>> is_valid_ip_address('2001:660::1')
True
gluon.utils.md5_hash(text)[source]

Generates a md5 hash with the given text

gluon.utils.pad(s, n=32, padchar=' ')[source]
gluon.utils.pbkdf2_hex(data, salt, iterations=1000, keylen=24, hashfunc=None)[source]
gluon.utils.secure_dumps(data, encryption_key, hash_key=None, compression_level=None)[source]
gluon.utils.secure_loads(data, encryption_key, hash_key=None, compression_level=None)[source]
gluon.utils.simple_hash(text, key='', salt='', digest_alg='md5')[source]

Generates hash with the given text using the specified digest hashing algorithm

gluon.utils.web2py_uuid(ctokens=(15131066609124233724L, 14240331428522476959L))[source]

This function follows from the following discussion: http://groups.google.com/group/web2py-developers/browse_thread/thread/7fd5789a7da3f09

It works like uuid.uuid4 except that tries to use os.urandom() if possible and it XORs the output with the tokens uniquely associated with this machine.