Code

Ticket #5600: salt.diff

File salt.diff, 819 bytes (added by Rick van Hattem <Rick.van.Hattem@…>, 6 years ago)

Patch for 10 character salt

Line 
1Index: contrib/auth/models.py
2===================================================================
3--- contrib/auth/models.py      (revision 7364)
4+++ contrib/auth/models.py      (working copy)
5@@ -8,8 +8,10 @@
6 from django.utils.translation import ugettext_lazy as _
7 import datetime
8 import urllib
9+import string
10 
11 UNUSABLE_PASSWORD = '!' # This will never be a valid hash
12+SALT_CHARACTERS = string.ascii_letters + string.digits
13 
14 try:
15     set
16@@ -183,7 +185,7 @@
17     def set_password(self, raw_password):
18         import random
19         algo = 'sha1'
20-        salt = get_hexdigest(algo, str(random.random()), str(random.random()))[:5]
21+        salt = ''.join(random.choice(SALT_CHARACTERS) for c in range(10))
22         hsh = get_hexdigest(algo, salt, raw_password)
23         self.password = '%s$%s$%s' % (algo, salt, hsh)
24