Ticket #3604: hashlib.diff

django/contrib/auth/models.py

@@ -5 +5 @@
-from django.utils.translation import gettext_lazy as _
-import datetime
-
+def get_hexdigest(algorithm, plaintext):
+    """
+    Returns a string of the hexdigest of the given plaintext
+    using the given algorithm.
+    """
+    try:
+        # Python 2.5 has moved to using hashlib for hashing functions
+        import hashlib
+        if algorithm == 'md5':
+            return hashlib.md5(plaintext).hexdigest()
+        elif algorithm == 'sha1':
+            return hashlib.sha1(plaintext).hexdigest()
+        raise ValueError, "Got unknown password algorithm type in password."
+        
+    except ImportError:
+        if algorithm == 'md5':
+            import md5
+            return md5.new(plaintext).hexdigest()
+        elif algorithm == 'sha1':
+            import sha
+            return sha.new(plaintext).hexdigest()
+        raise ValueError, "Got unknown password algorithm type in password."
+
-def check_password(raw_password, enc_password):
-    """
-    Returns a boolean of whether the raw_password was correct. Handles
-    encryption formats behind the scenes.
-    """
-    algo, salt, hsh = enc_password.split('$')
-
-
-
-
-
-
-
+
-
-class SiteProfileNotAvailable(Exception):
-    pass
@@ -138 +155 @@
-        return full_name.strip()
-
-    def set_password(self, raw_password):
-sha, 
+
-        algo = 'sha1'
-sha.new(str(random.random())).hexdigest(
-sha.new(salt+raw_password).hexdigest(
+get_hexdigest(algo, str(random.random())
+get_hexdigest(algo, salt+raw_password
-        self.password = '%s$%s$%s' % (algo, salt, hsh)
-
-    def check_password(self, raw_password):
@@ -152 +169 @@
-        # Backwards-compatibility check. Older passwords won't include the
-        # algorithm or salt.
-        if '$' not in self.password:
-
-
+
-            if is_correct:
-                # Convert the password to the new, more secure format.
-                self.set_password(raw_password)