Show More
@@ -25,11 +25,12 b'' | |||
|
25 | 25 | # along with this program; if not, write to the Free Software |
|
26 | 26 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
27 | 27 | # MA 02110-1301, USA. |
|
28 | ||
|
28 | import platform | |
|
29 | 29 | |
|
30 | 30 | VERSION = (1, 2, 0, 'beta') |
|
31 | 31 | __version__ = '.'.join((str(each) for each in VERSION[:4])) |
|
32 | 32 | __dbversion__ = 3 #defines current db version for migrations |
|
33 | __platform__ = platform.system() | |
|
33 | 34 | |
|
34 | 35 | try: |
|
35 | 36 | from rhodecode.lib.utils import get_current_revision |
@@ -24,11 +24,11 b'' | |||
|
24 | 24 | # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, |
|
25 | 25 | # MA 02110-1301, USA. |
|
26 | 26 | |
|
27 | import bcrypt | |
|
28 | 27 | import random |
|
29 | 28 | import logging |
|
30 | 29 | import traceback |
|
31 | 30 | import hashlib |
|
31 | ||
|
32 | 32 | from tempfile import _RandomNameSequence |
|
33 | 33 | from decorator import decorator |
|
34 | 34 | |
@@ -36,6 +36,14 b' from pylons import config, session, url,' | |||
|
36 | 36 | from pylons.controllers.util import abort, redirect |
|
37 | 37 | from pylons.i18n.translation import _ |
|
38 | 38 | |
|
39 | from rhodecode import __platform__ | |
|
40 | ||
|
41 | if __platform__ == 'Windows': | |
|
42 | from hashlib import sha256 | |
|
43 | if __platform__ in ('Linux', 'Darwin'): | |
|
44 | import bcrypt | |
|
45 | ||
|
46 | ||
|
39 | 47 | from rhodecode.lib.exceptions import LdapPasswordError, LdapUsernameError |
|
40 | 48 | from rhodecode.lib.utils import get_repo_slug |
|
41 | 49 | from rhodecode.lib.auth_ldap import AuthLdap |
@@ -72,13 +80,49 b' class PasswordGenerator(object):' | |||
|
72 | 80 | self.passwd = ''.join([random.choice(type) for _ in xrange(len)]) |
|
73 | 81 | return self.passwd |
|
74 | 82 | |
|
83 | class RhodeCodeCrypto(object): | |
|
75 | 84 | |
|
76 | def get_crypt_password(password): | |
|
77 | """Cryptographic function used for password hashing based on pybcrypt | |
|
85 | @classmethod | |
|
86 | def hash_string(cls, str_): | |
|
87 | """ | |
|
88 | Cryptographic function used for password hashing based on pybcrypt | |
|
89 | or pycrypto in windows | |
|
78 | 90 | |
|
79 | 91 | :param password: password to hash |
|
80 | 92 | """ |
|
81 | return bcrypt.hashpw(password, bcrypt.gensalt(10)) | |
|
93 | if __platform__ == 'Windows': | |
|
94 | return sha256(str_).hexdigest() | |
|
95 | elif __platform__ in ('Linux', 'Darwin'): | |
|
96 | return bcrypt.hashpw(str_, bcrypt.gensalt(10)) | |
|
97 | else: | |
|
98 | raise Exception('Unknown or unsupoprted platform %s' % __platform__) | |
|
99 | ||
|
100 | @classmethod | |
|
101 | def hash_check(cls, password, hashed): | |
|
102 | """ | |
|
103 | Checks matching password with it's hashed value, runs different | |
|
104 | implementation based on platform it runs on | |
|
105 | ||
|
106 | :param password: password | |
|
107 | :param hashed: password in hashed form | |
|
108 | """ | |
|
109 | ||
|
110 | if __platform__ == 'Windows': | |
|
111 | return sha256(password).hexdigest() == hashed | |
|
112 | elif __platform__ in ('Linux', 'Darwin'): | |
|
113 | return bcrypt.hashpw(password, hashed) == hashed | |
|
114 | else: | |
|
115 | raise Exception('Unknown or unsupoprted platform %s' % __platform__) | |
|
116 | ||
|
117 | ||
|
118 | ||
|
119 | ||
|
120 | ||
|
121 | def get_crypt_password(password): | |
|
122 | return RhodeCodeCrypto.hash_string(password) | |
|
123 | ||
|
124 | def check_password(password, hashed): | |
|
125 | return RhodeCodeCrypto.hash_check(password, hashed) | |
|
82 | 126 | |
|
83 | 127 | def generate_api_key(username, salt=None): |
|
84 | 128 | if salt is None: |
@@ -86,9 +130,6 b' def generate_api_key(username, salt=None' | |||
|
86 | 130 | |
|
87 | 131 | return hashlib.sha1(username + salt).hexdigest() |
|
88 | 132 | |
|
89 | def check_password(password, hashed): | |
|
90 | return bcrypt.hashpw(password, hashed) == hashed | |
|
91 | ||
|
92 | 133 | def authfunc(environ, username, password): |
|
93 | 134 | """Dummy authentication function used in Mercurial/Git/ and access control, |
|
94 | 135 |
@@ -1,5 +1,6 b'' | |||
|
1 | 1 | import sys |
|
2 | 2 | from rhodecode import get_version |
|
3 | from rhodecode import __platform__ | |
|
3 | 4 | |
|
4 | 5 | py_version = sys.version_info |
|
5 | 6 | |
@@ -13,7 +14,6 b' requirements = [' | |||
|
13 | 14 | "mercurial>=1.7.5", |
|
14 | 15 | "whoosh>=1.3.4", |
|
15 | 16 | "celery>=2.2.4", |
|
16 | "py-bcrypt", | |
|
17 | 17 | "babel", |
|
18 | 18 | ] |
|
19 | 19 | |
@@ -29,6 +29,10 b' if py_version < (2, 6):' | |||
|
29 | 29 | requirements.append("simplejson") |
|
30 | 30 | requirements.append("pysqlite") |
|
31 | 31 | |
|
32 | if __platform__ in ('Linux', 'Darwin'): | |
|
33 | requirements.append("py-bcrypt") | |
|
34 | ||
|
35 | ||
|
32 | 36 | #additional files from project that goes somewhere in the filesystem |
|
33 | 37 | #relative to sys.prefix |
|
34 | 38 | data_files = [] |
General Comments 0
You need to be logged in to leave comments.
Login now