Ticket #13969: better_salting.diff

File better_salting.diff, 1.5 KB (added by cyounkins, 5 years ago)
  • django/contrib/auth/models.py

     
    3232        return sha_constructor(salt + raw_password).hexdigest()
    3333    raise ValueError("Got unknown password algorithm type in password.")
    3434
     35def gen_salt(length=12):
     36    """
     37    Returns a random string of length characters from the set of a-z, A-Z, 0-9
     38    for use as a salt.
     39   
     40    The default length of 12 with the a-z, A-Z, 0-9 character set returns a
     41    71-bit salt. log_2((26+26+10)^12) =~ 71 bits
     42    """
     43    allowed_chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
     44   
     45    import random
     46    try:
     47        random = random.SystemRandom()
     48    except NotImplementedError:
     49        import random
     50   
     51    ret = []
     52    for i in xrange(length):
     53        ret.append(random.choice(allowed_chars))
     54   
     55    return ''.join(ret)
     56
    3557def check_password(raw_password, enc_password):
    3658    """
    3759    Returns a boolean of whether the raw_password was correct. Handles
     
    238260        return full_name.strip()
    239261
    240262    def set_password(self, raw_password):
    241         import random
    242263        algo = 'sha1'
    243         salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
     264        salt = gen_salt()
    244265        hsh = get_hexdigest(algo, salt, raw_password)
    245266        self.password = '%s$%s$%s' % (algo, salt, hsh)
    246267
Back to Top