upstream/ipython Commit - r20576:478a8026

Merge pull request from minrk/default-secure-session...

Matthias Bussonnier -

r20576:478a8026

parent child

IPython/consoleapp.py

0 +1 -2

                 IPKernelApp
             )
             from IPython.kernel.zmq.pylab.config import InlineBackend
-            from IPython.kernel.zmq.session import Session, default_secure
+            from IPython.kernel.zmq.session import Session
             from IPython.kernel.zmq.zmqshell import ZMQInteractiveShell
             from IPython.kernel.connect import ConnectionFileMixin
                            IPythonConsoleApp.initialize(self,argv)
                     """
                     self.init_connection_file()
-                    default_secure(self.config)
                     self.init_ssh()
                     self.init_kernel_manager()
                     self.init_kernel_client()

IPython/html/notebookapp.py

0 +1 -4

             from IPython.core.profiledir import ProfileDir
             from IPython.kernel import KernelManager
             from IPython.kernel.kernelspec import KernelSpecManager
-            from IPython.kernel.zmq.session import default_secure, Session
+            from IPython.kernel.zmq.session import Session
             from IPython.nbformat.sign import NotebookNotary
             from IPython.utils.importstring import import_item
             from IPython.utils import submodule
                     self.ipython_kernel_argv = ["--profile-dir", self.profile_dir.location]
                 def init_configurables(self):
-                    # force Session default to be secure
-                    default_secure(self.config)
                     self.kernel_spec_manager = self.kernel_spec_manager_class(
                         parent=self,
                         ipython_dir=self.ipython_dir,

IPython/html/services/kernels/handlers.py

0 +2 0

                     # then request kernel info, waiting up to a certain time before giving up.
                     # We don't want to wait forever, because browsers don't take it well when
                     # servers never respond to websocket connection requests.
+                    kernel = self.kernel_manager.get_kernel(self.kernel_id)
+                    self.session.key = kernel.session.key
                     future = self.request_kernel_info()
                     def give_up():

IPython/kernel/inprocess/ipkernel.py

0 +1 -1

                 def _session_default(self):
                     from IPython.kernel.zmq.session import Session
-                    return Session(parent=self)
+                    return Session(parent=self, key=b'')
                 def _shell_class_default(self):
                     return InProcessInteractiveShell

IPython/kernel/inprocess/manager.py

0 +9 -15

             """A kernel manager for in-process kernels."""
-            #-----------------------------------------------------------------------------
+            # Copyright (c) IPython Development Team.
-            #  Copyright (C) 2013  The IPython Development Team
+            # Distributed under the terms of the Modified BSD License.
-            #  Distributed under the terms of the BSD License.  The full license is in
-            #  the file COPYING, distributed as part of this software.
-            #-----------------------------------------------------------------------------
-            #-----------------------------------------------------------------------------
-            # Imports
-            #-----------------------------------------------------------------------------
             from IPython.utils.traitlets import Instance, DottedObjectName
             from IPython.kernel.managerabc import KernelManagerABC
             from IPython.kernel.manager import KernelManager
+            from IPython.kernel.zmq.session import Session
-            #-----------------------------------------------------------------------------
-            # Main kernel manager class
-            #-----------------------------------------------------------------------------
             class InProcessKernelManager(KernelManager):
                 """A manager for an in-process kernel.
                 kernel = Instance('IPython.kernel.inprocess.ipkernel.InProcessKernel')
                 # the client class for KM.client() shortcut
                 client_class = DottedObjectName('IPython.kernel.inprocess.BlockingInProcessKernelClient')
+                def _session_default(self):
+                    # don't sign in-process messages
+                    return Session(key=b'', parent=self)
                 #--------------------------------------------------------------------------
                 # Kernel management methods
                 #--------------------------------------------------------------------------
                 def start_kernel(self, **kwds):
                     from IPython.kernel.inprocess.ipkernel import InProcessKernel
-                    self.kernel = InProcessKernel()
+                    self.kernel = InProcessKernel(parent=self, session=self.session)
                 def shutdown_kernel(self):
                     self._kill_kernel()

IPython/kernel/inprocess/tests/test_kernel.py

0 +2 -2

                 def setUp(self):
                     self.km = InProcessKernelManager()
                     self.km.start_kernel()
-                    self.kc = BlockingInProcessKernelClient(kernel=self.km.kernel)
+                    self.kc = self.km.client()
                     self.kc.start_channels()
                     self.kc.wait_for_ready()
                         kernel.shell.run_cell('print("foo")')
                     self.assertEqual(io.stdout, 'foo\n')
-                    kc = BlockingInProcessKernelClient(kernel=kernel)
+                    kc = BlockingInProcessKernelClient(kernel=kernel, session=kernel.session)
                     kernel.frontends.append(kc)
                     kc.execute('print("bar")')
                     out, err = assemble_output(kc.iopub_channel)

IPython/kernel/inprocess/tests/test_kernelmanager.py

0 +5 -5

                     self.assert_(km.has_kernel)
                     self.assert_(km.kernel is not None)
-                    kc = BlockingInProcessKernelClient(kernel=km.kernel)
+                    kc = km.client()
                     self.assert_(not kc.channels_running)
                     kc.start_channels()
                     """
                     km = InProcessKernelManager()
                     km.start_kernel()
-                    kc = BlockingInProcessKernelClient(kernel=km.kernel)
+                    kc = km.client()
                     kc.start_channels()
                     kc.wait_for_ready()
                     kc.execute('foo = 1')
                     """
                     km = InProcessKernelManager()
                     km.start_kernel()
-                    kc = BlockingInProcessKernelClient(kernel=km.kernel)
+                    kc = km.client()
                     kc.start_channels()
                     kc.wait_for_ready()
                     km.kernel.shell.push({'my_bar': 0, 'my_baz': 1})
                     """
                     km = InProcessKernelManager()
                     km.start_kernel()
-                    kc = BlockingInProcessKernelClient(kernel=km.kernel)
+                    kc = km.client()
                     kc.start_channels()
                     kc.wait_for_ready()
                     km.kernel.shell.user_ns['foo'] = 1
                     """
                     km = InProcessKernelManager()
                     km.start_kernel()
-                    kc = BlockingInProcessKernelClient(kernel=km.kernel)
+                    kc = km.client()
                     kc.start_channels()
                     kc.wait_for_ready()
                     kc.execute('%who')

IPython/kernel/zmq/kernelapp.py

0 +1 -2

             from .ipkernel import IPythonKernel
             from .parentpoller import ParentPollerUnix, ParentPollerWindows
             from .session import (
-                Session, session_flags, session_aliases, default_secure,
+                Session, session_flags, session_aliases,
             )
             from .zmqshell import ZMQInteractiveShell
                 @catch_config_error
                 def initialize(self, argv=None):
                     super(IPKernelApp, self).initialize(argv)
-                    default_secure(self.config)
                     self.init_blackhole()
                     self.init_connection_file()
                     self.init_poller()

IPython/kernel/zmq/session.py

0 +7 -3

                 If Session.key/keyfile have not been set, set Session.key to
                 a new random UUID.
                 """
+                warnings.warn("default_secure is deprecated", DeprecationWarning)
                 if 'Session' in cfg:
                     if 'key' in cfg.Session or 'keyfile' in cfg.Session:
                         return
                 # message signature related traits:
-                key = CBytes(b'', config=True,
+                key = CBytes(config=True,
-                    help="""execution key, for extra authentication.""")
+                    help="""execution key, for signing messages.""")
+                def _key_default(self):
+                    return str_to_bytes(str(uuid.uuid4()))
                 def _key_changed(self):
                     self._new_auth()
                     # ensure self._session_default() if necessary, so bsession is defined:
                     self.session
                     self.pid = os.getpid()
+                    self._new_auth()
                 @property
                 def msg_id(self):

IPython/kernel/zmq/tests/test_session.py

0 +13 -13

-            """test building messages with streamsession"""
+            """test building messages with Session"""
-            #-------------------------------------------------------------------------------
+            # Copyright (c) IPython Development Team.
-            #  Copyright (C) 2011  The IPython Development Team
+            # Distributed under the terms of the Modified BSD License.
-            #  Distributed under the terms of the BSD License.  The full license is in
-            #  the file COPYING, distributed as part of this software.
-            #-------------------------------------------------------------------------------
-            #-------------------------------------------------------------------------------
-            # Imports
-            #-------------------------------------------------------------------------------
+            import hmac
             import os
             import uuid
             from datetime import datetime
                     # ensure floats don't come out as Decimal:
                     self.assertEqual(type(new_msg['content']['b']),type(new_msg['content']['b']))
+                def test_default_secure(self):
+                    self.assertIsInstance(self.session.key, bytes)
+                    self.assertIsInstance(self.session.auth, hmac.HMAC)
                 def test_send(self):
                     ctx = zmq.Context.instance()
                     A = ctx.socket(zmq.PAIR)
                     self.assertEqual(new_msg['parent_header'],msg['parent_header'])
                     self.assertEqual(new_msg['metadata'],msg['metadata'])
                     self.assertEqual(new_msg['buffers'],[b'bar'])
                     content = msg['content']
                     header = msg['header']
+                    header['date'] = datetime.now()
                     parent = msg['parent_header']
                     metadata = msg['metadata']
                     msg_type = header['msg_type']
                     self.assertEqual(new_msg['metadata'],msg['metadata'])
                     self.assertEqual(new_msg['parent_header'],msg['parent_header'])
                     self.assertEqual(new_msg['buffers'],[b'bar'])
+                    header['date'] = datetime.now()
                     self.session.send(A, msg, ident=b'foo', buffers=[b'bar'])
                     ident, new_msg = self.session.recv(B)
                     self.assertEqual(ident[0], b'foo')

IPython/parallel/apps/ipcontrollerapp.py

0 +1 -3

             from IPython.utils.traitlets import Instance, Unicode, Bool, List, Dict, TraitError
             from IPython.kernel.zmq.session import (
-                Session, session_aliases, session_flags, default_secure
+                Session, session_aliases, session_flags,
             )
             from IPython.parallel.controller.heartmonitor import HeartMonitor
                             # no need to wite back the same file
                             self.write_connection_files = False
-                    # switch Session.key default to secure
-                    default_secure(self.config)
                     self.log.debug("Config changed")
                     self.log.debug(repr(self.config))

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages