Mercurial > p > roundup > code

diff roundup/password.py @ 3434:1f860b50fa5f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
encodePassword: don't trim the salt string... ...the first two characters aren't enough for MD5-based crypt implementations [SF#1372253]
author Alexander Smishlajev <a1s@users.sourceforge.net>
date Sat, 03 Dec 2005 11:35:54 +0000
parents c9e52addda42
children 822a2719b81b
line wrap: on
line diff
--- a/roundup/password.py	Sat Dec 03 11:26:08 2005 +0000
+++ b/roundup/password.py	Sat Dec 03 11:35:54 2005 +0000
@@ -14,8 +14,8 @@
 # FOR A PARTICULAR PURPOSE.  THE CODE PROVIDED HEREUNDER IS ON AN "AS IS"
 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
-# 
-# $Id: password.py,v 1.13 2004-05-10 22:32:17 richard Exp $
+#
+# $Id: password.py,v 1.14 2005-12-03 11:35:54 a1s Exp $
 
 """Password handling (encoding, decoding).
 """
@@ -43,7 +43,7 @@
         s = md5.md5(plaintext).hexdigest()
     elif scheme == 'crypt' and crypt is not None:
         if other is not None:
-            salt = other[:2]
+            salt = other
         else:
             saltchars = './0123456789'+string.letters
             salt = random.choice(saltchars) + random.choice(saltchars)
@@ -59,7 +59,7 @@
     return ''.join([random.choice(chars) for x in range(length)])
 
 class Password:
-    '''The class encapsulates a Password property type value in the database. 
+    '''The class encapsulates a Password property type value in the database.
 
     The encoding of the password is one if None, 'SHA', 'MD5' or 'plaintext'.
     The encodePassword function is used to actually encode the password from
@@ -161,4 +161,4 @@
 if __name__ == '__main__':
     test()
 
-# vim: set filetype=python ts=4 sw=4 et si
+# vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/