git://git.onelab.eu
/
plcapi.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c19e6d5
)
- handle non-ascii passwords correctly
author
Mark Huang
<mlhuang@cs.princeton.edu>
Fri, 8 Sep 2006 19:44:12 +0000
(19:44 +0000)
committer
Mark Huang
<mlhuang@cs.princeton.edu>
Fri, 8 Sep 2006 19:44:12 +0000
(19:44 +0000)
PLC/Auth.py
patch
|
blob
|
history
diff --git
a/PLC/Auth.py
b/PLC/Auth.py
index
2b2ea02
..
25938c6
100644
(file)
--- a/
PLC/Auth.py
+++ b/
PLC/Auth.py
@@
-4,7
+4,7
@@
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
-# $Id$
+# $Id
: Auth.py,v 1.1 2006/09/06 15:36:06 mlhuang Exp
$
#
import crypt
#
import crypt
@@
-95,12
+95,13
@@
class PasswordAuth(Auth):
if auth['AuthString'] != password:
raise PLCAuthenticationFailure, "Maintenance account password verification failed"
else:
if auth['AuthString'] != password:
raise PLCAuthenticationFailure, "Maintenance account password verification failed"
else:
- # Get encrypted password stored in the DB
+ # Compare encrypted plaintext against encrypted password stored in the DB
+ plaintext = auth['AuthString'].encode(method.api.encoding)
password = person['password']
# Protect against blank passwords in the DB
if password is None or password[:12] == "" or \
password = person['password']
# Protect against blank passwords in the DB
if password is None or password[:12] == "" or \
- crypt.crypt(
auth['AuthString']
, password[:12]) != password:
+ crypt.crypt(
plaintext
, password[:12]) != password:
raise PLCAuthenticationFailure, "Password verification failed"
if auth['Role'] not in person['roles']:
raise PLCAuthenticationFailure, "Password verification failed"
if auth['Role'] not in person['roles']: