Fixed constant_time_compare on Python 2.7.7

Python 2.7.7 includes compare_digest in the hmac module, but it requires both arguments to have the same type. This is usually not a problem on Python 3 since everything is text, but we have mixed unicode and str on Python 2 -- hence make sure everything is bytes before feeding it into compare_digest.
author: Florian Apolloner <florian@apolloner.eu> 2014-05-26 13:52:37 +0200
committer: Florian Apolloner <florian@apolloner.eu> 2014-05-28 19:51:39 +0200
commit: 7e3cf3cfd27e53ced0a1fc65a02849f78a292d3d (patch)
tree: 3d44e8af64f100a5a2f54e79d20509d9ab543b36 /django/utils/crypto.py
parent: 32586b0ba43816d325be0ce807f75623683eed7a (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/django/utils/crypto.py b/django/utils/crypto.py
index 8bf884a72f..cbf2656316 100644
--- a/django/utils/crypto.py
+++ b/django/utils/crypto.py
@@ -79,7 +79,8 @@ def get_random_string(length=12,
 
 if hasattr(hmac, "compare_digest"):
     # Prefer the stdlib implementation, when available.
-    constant_time_compare = hmac.compare_digest
+    def constant_time_compare(val1, val2):
+        return hmac.compare_digest(force_bytes(val1), force_bytes(val2))
 else:
     def constant_time_compare(val1, val2):
         """
author	Florian Apolloner <florian@apolloner.eu>	2014-05-26 13:52:37 +0200
committer	Florian Apolloner <florian@apolloner.eu>	2014-05-28 19:51:39 +0200
commit	7e3cf3cfd27e53ced0a1fc65a02849f78a292d3d (patch)
tree	3d44e8af64f100a5a2f54e79d20509d9ab543b36 /django/utils/crypto.py
parent	32586b0ba43816d325be0ce807f75623683eed7a (diff)