# HG changeset patch
# User Pascal Volk <user@localhost.localdomain.org>
# Date 1353967640 0
# Node ID 2bf68600e9148bbf6e47ed0fb0a3298787d774fb
# Parent  f2463a64e1d7948e5b30898c1e1d37eff85fadde
VMM/password: Code cleanups:

  - Rely no longer on Crypto.Hash for md4 support. Python's hashlib
    on FreeBSD, Linux and OpenBSD provides the md4 hash.
  - Dropped DIGEST-MD5 password hashing for Dovecot <= v1.1.12/v1.2.beta2

diff -r f2463a64e1d7 -r 2bf68600e914 VirtualMailManager/password.py
--- a/VirtualMailManager/password.py	Mon Nov 26 19:04:38 2012 +0000
+++ b/VirtualMailManager/password.py	Mon Nov 26 22:07:20 2012 +0000
@@ -78,18 +78,14 @@
 
 
 def _md4_new():
-    """Returns an new MD4-hash object if supported by the hashlib or
-    provided by PyCrypto - otherwise `None`.
+    """Returns an new MD4-hash object if supported by the hashlib -
+    otherwise `None`.
     """
     try:
         return hashlib.new('md4')
     except ValueError as err:
-        if str(err) == 'unsupported hash type':
-            try:
-                from Crypto.Hash import MD4
-                return MD4.new()
-            except ImportError:
-                return None
+        if err.args[0].startswith('unsupported hash type'):
+            return None
         else:
             raise
 
@@ -196,7 +192,8 @@
             md5.update(user.localpart.encode() + b':' +
                        user.domainname.encode() + b':')
         else:
-            md5.update('%s::' % user)
+            raise VMMError('You will need Dovecot >= v1.2.0 for proper '
+                           'functioning digest-md5 authentication.', VMM_ERROR)
     md5.update(password)
     if (scheme in ('PLAIN-MD5', 'DIGEST-MD5') and encoding in DEFAULT_HEX) or \
        (scheme == 'LDAP-MD5' and encoding == 'HEX'):
@@ -355,7 +352,7 @@
       * depends on a newer Dovecot version
       * has a unknown encoding suffix
     """
-    assert isinstance(scheme, str), 'Not a str/unicode: %r' % scheme
+    assert isinstance(scheme, str), 'Not a str: {!r}'.format(scheme)
     scheme_encoding = scheme.upper().split('.')
     scheme = scheme_encoding[0]
     if scheme not in _scheme_info:
@@ -388,9 +385,7 @@
     """
     if not isinstance(password, str):
         raise TypeError('Password is not a string: %r' % password)
-    if isinstance(password, str):
-        password = password.encode(ENCODING)
-    password = password.strip()
+    password = password.encode(ENCODING).strip()
     if not password:
         raise ValueError("Could not accept empty password.")
     if scheme is None: