mirror of
https://github.com/esphome/esphome.git
synced 2025-03-15 15:18:16 +00:00
Fix hmac with non-ASCII passwords
This commit is contained in:
parent
238633168a
commit
94c2435852
@ -236,7 +236,7 @@ def start_web_server(args):
|
|||||||
PASSWORD = js.get('password') or PASSWORD
|
PASSWORD = js.get('password') or PASSWORD
|
||||||
|
|
||||||
if PASSWORD:
|
if PASSWORD:
|
||||||
PASSWORD = hmac.new(PASSWORD).digest()
|
PASSWORD = hmac.new(str(PASSWORD)).digest()
|
||||||
# Use the digest of the password as our cookie secret. This makes sure the cookie
|
# Use the digest of the password as our cookie secret. This makes sure the cookie
|
||||||
# isn't too short. It, of course, enables local hash brute forcing (because the cookie
|
# isn't too short. It, of course, enables local hash brute forcing (because the cookie
|
||||||
# secret can be brute forced without making requests). But the hashing algorithm used
|
# secret can be brute forced without making requests). But the hashing algorithm used
|
||||||
|
Loading…
x
Reference in New Issue
Block a user