X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=roundup%2Fpassword.py;h=459e1f7877c86d94f9e3b0924dd9767f65c3a0b0;hb=2cde21add45ebe056ae4dc5f70e3caf1d9c68c5f;hp=28c68a1382622a907404a1d2466895a3e970edfc;hpb=7d090d036546fee25381ecc6ddaddfd26317c9c3;p=roundup.git diff --git a/roundup/password.py b/roundup/password.py index 28c68a1..459e1f7 100644 --- a/roundup/password.py +++ b/roundup/password.py @@ -15,21 +15,33 @@ # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. # -# $Id: password.py,v 1.4 2001-11-22 15:46:42 jhermann Exp $ +# $Id: password.py,v 1.7 2002-09-26 13:38:35 gmcm Exp $ __doc__ = """ Password handling (encoding, decoding). """ -import sha, re +import sha, re, string +try: + import crypt +except: + crypt = None + pass -def encodePassword(plaintext, scheme): +def encodePassword(plaintext, scheme, other=None): '''Encrypt the plaintext password. ''' if scheme == 'SHA': s = sha.sha(plaintext).hexdigest() + elif scheme == 'crypt' and crypt is not None: + if other is not None: + salt = other[:2] + else: + saltchars = './0123456789'+string.letters + salt = random.choice(saltchars) + random.choice(saltchars) + s = crypt.crypt(plaintext, salt) elif scheme == 'plaintext': - pass + s = plaintext else: raise ValueError, 'Unknown encryption scheme "%s"'%scheme return s @@ -60,8 +72,10 @@ class Password: default_scheme = 'SHA' # new encryptions use this scheme pwre = re.compile(r'{(\w+)}(.+)') - def __init__(self, plaintext=None): + def __init__(self, plaintext=None, scheme=None): '''Call setPassword if plaintext is not None.''' + if scheme is None: + scheme = self.default_scheme if plaintext is not None: self.password = encodePassword(plaintext, self.default_scheme) self.scheme = self.default_scheme @@ -82,22 +96,25 @@ class Password: self.password = encodePassword(encrypted, self.default_scheme) self.scheme = self.default_scheme - def setPassword(self, plaintext): + def setPassword(self, plaintext, scheme=None): '''Sets encrypts plaintext.''' - self.password = encodePassword(plaintext, self.scheme) + if scheme is None: + scheme = self.default_scheme + self.password = encodePassword(plaintext, scheme) def __cmp__(self, other): '''Compare this password against another password.''' # check to see if we're comparing instances if isinstance(other, Password): if self.scheme != other.scheme: - return + return cmp(self.scheme, other.scheme) return cmp(self.password, other.password) # assume password is plaintext if self.password is None: raise ValueError, 'Password not set' - return cmp(self.password, encodePassword(other, self.scheme)) + return cmp(self.password, encodePassword(other, self.scheme, + self.password)) def __str__(self): '''Stringify the encrypted password for database storage.''' @@ -106,31 +123,21 @@ class Password: return '{%s}%s'%(self.scheme, self.password) def test(): + # SHA p = Password('sekrit') assert p == 'sekrit' assert p != 'not sekrit' assert 'sekrit' == p assert 'not sekrit' != p + # crypt + p = Password('sekrit', 'crypt') + assert p == 'sekrit' + assert p != 'not sekrit' + assert 'sekrit' == p + assert 'not sekrit' != p + if __name__ == '__main__': test() -# -# $Log: not supported by cvs2svn $ -# Revision 1.3 2001/10/20 11:58:48 richard -# Catch errors in login - no username or password supplied. -# Fixed editing of password (Password property type) thanks Roch'e Compaan. -# -# Revision 1.2 2001/10/09 23:58:10 richard -# Moved the data stringification up into the hyperdb.Class class' get, set -# and create methods. This means that the data is also stringified for the -# journal call, and removes duplication of code from the backends. The -# backend code now only sees strings. -# -# Revision 1.1 2001/10/09 07:25:59 richard -# Added the Password property type. See "pydoc roundup.password" for -# implementation details. Have updated some of the documentation too. -# -# -# # vim: set filetype=python ts=4 sw=4 et si