python-Twisted/python-38-hmac-digestmod.patch

Index: Twisted-19.10.0/src/twisted/cred/credentials.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/cred/credentials.py
+++ Twisted-19.10.0/src/twisted/cred/credentials.py
@@ -439,7 +439,8 @@ class CramMD5Credentials(object):
 
 
     def checkPassword(self, password):
-        verify = hexlify(hmac.HMAC(password, self.challenge).digest())
+        verify = hexlify(
+            hmac.HMAC(password, self.challenge, digestmod=md5).digest())
         return verify == self.response
 
 
Index: Twisted-19.10.0/src/twisted/cred/test/test_cramauth.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/cred/test/test_cramauth.py
+++ Twisted-19.10.0/src/twisted/cred/test/test_cramauth.py
@@ -7,6 +7,7 @@ Tests for L{twisted.cred}'s implementati
 
 from __future__ import division, absolute_import
 
+from hashlib import md5
 from hmac import HMAC
 from binascii import hexlify
 
@@ -39,7 +40,7 @@ class CramMD5CredentialsTests(TestCase):
         """
         c = CramMD5Credentials()
         chal = c.getChallenge()
-        c.response = hexlify(HMAC(b'secret', chal).digest())
+        c.response = hexlify(HMAC(b'secret', chal, digestmod=md5).digest())
         self.assertTrue(c.checkPassword(b'secret'))
 
 
@@ -61,7 +62,8 @@ class CramMD5CredentialsTests(TestCase):
         """
         c = CramMD5Credentials()
         chal = c.getChallenge()
-        c.response = hexlify(HMAC(b'thewrongsecret', chal).digest())
+        c.response = hexlify(
+            HMAC(b'thewrongsecret', chal, digestmod=md5).digest())
         self.assertFalse(c.checkPassword(b'secret'))
 
 
@@ -75,7 +77,7 @@ class CramMD5CredentialsTests(TestCase):
         chal = c.getChallenge()
         c.setResponse(b" ".join(
             (b"squirrel",
-             hexlify(HMAC(b'supersecret', chal).digest()))))
+             hexlify(HMAC(b'supersecret', chal, digestmod=md5).digest()))))
         self.assertTrue(c.checkPassword(b'supersecret'))
         self.assertEqual(c.username, b"squirrel")
 
Index: Twisted-19.10.0/src/twisted/mail/test/test_pop3.py
===================================================================
--- Twisted-19.10.0.orig/src/twisted/mail/test/test_pop3.py
+++ Twisted-19.10.0/src/twisted/mail/test/test_pop3.py
@@ -12,6 +12,7 @@ import base64
 import itertools
 
 from collections import OrderedDict
+from hashlib import md5
 from io import BytesIO
 
 from zope.interface import implementer
@@ -1097,7 +1098,8 @@ class SASLTests(unittest.TestCase):
         p.lineReceived(b"AUTH CRAM-MD5")
         chal = s.getvalue().splitlines()[-1][2:]
         chal = base64.decodestring(chal)
-        response = hmac.HMAC(b'testpassword', chal).hexdigest().encode("ascii")
+        response = hmac.HMAC(
+            b'testpassword', chal, digestmod=md5).hexdigest().encode("ascii")
 
         p.lineReceived(
             base64.encodestring(b'testuser ' + response).rstrip(b'\n'))