Hello community, here is the log from the commit of package python-hetzner for openSUSE:Factory checked in at 2019-05-28 09:43:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-hetzner (Old) and /work/SRC/openSUSE:Factory/.python-hetzner.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-hetzner" Tue May 28 09:43:39 2019 rev:3 rq:705707 version:0.8.2 Changes: -------- --- /work/SRC/openSUSE:Factory/python-hetzner/python-hetzner.changes 2019-03-05 12:23:32.960873863 +0100 +++ /work/SRC/openSUSE:Factory/.python-hetzner.new.5148/python-hetzner.changes 2019-05-28 09:43:46.877833565 +0200 @@ -1,0 +2,9 @@ +Mon May 27 19:31:07 UTC 2019 - Martin Hauke <mardnh@gmx.de> + +- Update to version 0.8.2 + * RobotWebInterface: Fix login by using CSRF token + * server: Fix fetching rescue system information + * Expose server power state and reset options + * Properly encode non-scalar values in API requests + +------------------------------------------------------------------- Old: ---- python-hetzner-0.8.1.tar.gz New: ---- python-hetzner-0.8.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-hetzner.spec ++++++ --- /var/tmp/diff_new_pack.lVxQ2C/_old 2019-05-28 09:43:48.469833014 +0200 +++ /var/tmp/diff_new_pack.lVxQ2C/_new 2019-05-28 09:43:48.469833014 +0200 @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-hetzner -Version: 0.8.1 +Version: 0.8.2 Release: 0 Summary: High level access to the Hetzner robot License: BSD-2-Clause ++++++ python-hetzner-0.8.1.tar.gz -> python-hetzner-0.8.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hetzner-0.8.1/hetzner/robot.py new/hetzner-0.8.2/hetzner/robot.py --- old/hetzner-0.8.1/hetzner/robot.py 2018-09-19 14:12:45.000000000 +0200 +++ new/hetzner-0.8.2/hetzner/robot.py 2019-05-27 19:10:15.000000000 +0200 @@ -1,3 +1,4 @@ +import re import json import logging @@ -23,6 +24,10 @@ ROBOT_WEBHOST = "robot.your-server.de" ROBOT_LOGINHOST = "accounts.hetzner.com" +RE_CSRF_TOKEN = re.compile( + r'<input[^>]*?name="_csrf_token"[^>]*?value="([^">]+)"' +) + __all__ = ['Robot', 'RobotConnection', 'RobotWebInterface', 'ServerManager'] @@ -156,7 +161,14 @@ raise WebRobotError("Invalid status code {0} while visiting login" " page".format(response.status)) - data = urlencode({'_username': self.user, '_password': self.passwd}) + # Find the CSRF token + haystack = response.read() + token = RE_CSRF_TOKEN.search(str(haystack)) + if token is None: + raise WebRobotError("Unable to find CSRF token for login form") + + data = urlencode({'_username': self.user, '_password': self.passwd, + '_csrf_token': token.group(1)}) self.logger.debug("Logging in to auth site with user %s.", self.user) # Again, we need to reconnect here. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/hetzner-0.8.1/setup.py new/hetzner-0.8.2/setup.py --- old/hetzner-0.8.1/setup.py 2018-09-19 14:12:45.000000000 +0200 +++ new/hetzner-0.8.2/setup.py 2019-05-27 19:10:15.000000000 +0200 @@ -32,7 +32,7 @@ setup(name='hetzner', - version='0.8.1', + version='0.8.2', description='High level access to the Hetzner robot', url='https://github.com/aszlig/hetzner', author='aszlig',