Mercurial > p > roundup > code

diff roundup/password.py @ 6000:6c3826600610

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bandit - silence old hash warnings. They are not recommended. Kept for older installs. Newer installs get upgraded password storage using PBKDF2.
author John Rouillard <rouilj@ieee.org>
date Thu, 26 Dec 2019 21:16:10 -0500
parents 07abc8d36940
children e27a240430b8
line wrap: on
line diff
--- a/roundup/password.py	Thu Dec 26 19:51:07 2019 -0500
+++ b/roundup/password.py	Thu Dec 26 21:16:10 2019 -0500
@@ -105,7 +105,7 @@
     Based on code of Roberto Aguilar <roberto@baremetal.io>
     https://gist.github.com/rca/7217540
     '''
-    shaval = sha1(password)
+    shaval = sha1(password)  # nosec
     shaval.update( salt )
     ssha_digest = b64encode( shaval.digest() + salt ).strip()
     return ssha_digest
@@ -185,9 +185,9 @@
             salt = random_.token_bytes(salt_len)
         s = ssha(s2b(plaintext), salt)
     elif scheme == 'SHA':
-        s = sha1(s2b(plaintext)).hexdigest()
+        s = sha1(s2b(plaintext)).hexdigest()  # nosec
     elif scheme == 'MD5':
-        s = md5(s2b(plaintext)).hexdigest()
+        s = md5(s2b(plaintext)).hexdigest()  # nosec
     elif scheme == 'crypt' and crypt is not None:
         if other is not None:
             salt = other
Roundup Issue Tracker: http://roundup-tracker.org/