Author jafo
Recipients jafo
Date 2011-01-17.07:06:32
SpamBayes Score 1.92472e-09
Marked as misclassified No
Message-id <1295247997.49.0.7150272714.issue10924@psf.upfronthosting.co.za>
In-reply-to
Content
Over the years I've written the same code over and over to create a random salt string of 2 characters.  Worse, the Modular Crypt Format is difficult to find documentation on, so creating stronger hashed passwords is difficult to get right.

To that end, I'm proposing the addition of a "mksalt()" method which will generate a salt, and several METHOD_* values to select which hashing method to use.

I also figure there will need to be a "methods()" call that figures out what methods are available in the library crypt() and return a list of the available ones.

If we have a way to generate a salt, then I figure we could drop the salt argument of crypt.crypt(), and if not specified to generate one.  So to hash a password you could do: "crypt.crypt('password')".

I figure that the best way to accomplish this is to implement this all in Python and move the existing C crypt module to _crypt.

A patch accomplishing this is attached.  Please review.

Attached is a patch to accomplish this.
History
Date User Action Args
2011-01-17 07:06:37jafosetrecipients: + jafo
2011-01-17 07:06:37jafosetmessageid: <1295247997.49.0.7150272714.issue10924@psf.upfronthosting.co.za>
2011-01-17 07:06:33jafolinkissue10924 messages
2011-01-17 07:06:33jafocreate