auth/htpasswd: add support for salted sha1 passwords
This patch adds support for salted sha1 passwords.
This commit is contained in:
parent
2aed6d69c9
commit
13c61bf936
2
config
2
config
@ -83,7 +83,7 @@
|
|||||||
#htpasswd_filename = /etc/radicale/users
|
#htpasswd_filename = /etc/radicale/users
|
||||||
|
|
||||||
# Htpasswd encryption method
|
# Htpasswd encryption method
|
||||||
# Value: plain | sha1 | crypt
|
# Value: plain | sha1 | ssha | crypt
|
||||||
#htpasswd_encryption = crypt
|
#htpasswd_encryption = crypt
|
||||||
|
|
||||||
# LDAP server URL, with protocol and port
|
# LDAP server URL, with protocol and port
|
||||||
|
@ -58,6 +58,16 @@ def _sha1(hash_value, password):
|
|||||||
sha1.update(password)
|
sha1.update(password)
|
||||||
return sha1.digest() == base64.b64decode(hash_value)
|
return sha1.digest() == base64.b64decode(hash_value)
|
||||||
|
|
||||||
|
def _ssha(hash_salt_value, password):
|
||||||
|
"""Check if ``hash_salt_value`` and ``password`` match using salted sha1 method."""
|
||||||
|
hash_salt_value = hash_salt_value.replace("{SSHA}", "").encode("ascii").decode('base64')
|
||||||
|
password = password.encode(config.get("encoding", "stock"))
|
||||||
|
hash_value = hash_salt_value[:20]
|
||||||
|
salt_value = hash_salt_value[20:]
|
||||||
|
sha1 = hashlib.sha1() # pylint: disable=E1101
|
||||||
|
sha1.update(password)
|
||||||
|
sha1.update(salt_value)
|
||||||
|
return sha1.digest() == hash_value
|
||||||
|
|
||||||
def is_authenticated(user, password):
|
def is_authenticated(user, password):
|
||||||
"""Check if ``user``/``password`` couple is valid."""
|
"""Check if ``user``/``password`` couple is valid."""
|
||||||
|
Loading…
Reference in New Issue
Block a user