首页 发现 帮助
登录
yangck
/
celery
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

Changes internal serialization method for secure serializer from pickle to json and makes it configurable

mher 14 年之前
父节点
9fd82f973d
当前提交
c6cec79157
共有 1 个文件被更改,包括 17 次插入12 次删除
分列视图 显示文件统计
  1. 17 12
      celery/security/serialization.py

+ 17 - 12
celery/security/serialization.py
查看文件 

@@ -1,4 +1,4 @@
 
-import pickle
 
+import anyjson
 
 
 from kombu.serialization import registry
 
 
@@ -8,22 +8,26 @@ from celery.security.exceptions import SecurityError
 
 
 class SecureSerializer(object):
 
 
-    def __init__(self, key=None, cert=None, cert_store=None):
 
+    def __init__(self, key=None, cert=None, cert_store=None,
 
+                       serialize=anyjson.serialize,
 
+                       deserialize=anyjson.deserialize):
 
         self._key = key
 
         self._cert = cert
 
         self._cert_store = cert_store
 
+        self._serialize = serialize
 
+        self._deserialize = deserialize
 
 
     def serialize(self, data):
 
         """serialize data structure into string"""
 
         assert self._key is not None
 
         assert self._cert is not None
 
         try:
 
-            data = pickle.dumps(data)
 
-            signature = self._key.sign(data)
 
+            data = self._serialize(data)
 
+            signature = self._key.sign(data).encode("base64")
 
             signer = self._cert.get_id()
 
-            return pickle.dumps(dict(data=data,
 
-                                     signer=signer,
 
-                                     signature=signature))
 
+            return self._serialize(dict(data=data,
 
+                                        signer=signer,
 
+                                        signature=signature))
 
         except Exception, e:
 
             raise SecurityError("Unable to serialize", e)
 
 
@@ -31,12 +35,12 @@ class SecureSerializer(object):
 
         """deserialize data structure from string"""
 
         assert self._cert_store is not None
 
         try:
 
-            data = pickle.loads(data)
 
-            signature = data['signature']
 
+            data = self._deserialize(data)
 
+            signature = data['signature'].decode("base64")
 
             signer = data['signer']
 
             data = data['data']
 
             self._cert_store[signer].verify(data, signature)
 
-            return pickle.loads(data)
 
+            return self._deserialize(data)
 
         except Exception, e:
 
             raise SecurityError("Unable to deserialize", e)
 
 
@@ -45,8 +49,9 @@ def register_auth(key=None, cert=None, store=None):
 
     global s
 
     s = SecureSerializer(key and PrivateKey(key),
 
                          cert and Certificate(cert),
 
-                         store and FSCertStore(store))
 
+                         store and FSCertStore(store),
 
+                         anyjson.serialize, anyjson.deserialize)
 
     registry.register("auth", s.serialize, s.deserialize,
 
                       content_type='application/data',
 
-                      content_encoding='binary')
 
+                      content_encoding='utf-8')