diff options
| author | Davide Beatrici <git@davidebeatrici.dev> | 2020-05-31 01:07:17 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-31 01:07:17 +0300 |
| commit | 846587979899479dc6f4b8b8e2402c9c6f3af7ae (patch) | |
| tree | c45e026ea377e61ac74d1c56870a41c8f9876303 | |
| parent | f3e410a2d3fb398c8b0578615d3bf0815efacbad (diff) | |
| parent | 6e54bef85b49c69ada8ba9672e572227717fbe48 (diff) | |
Merge PR #27: Add SMF 2.1 support to the SMF 2.0 authenticator
| -rw-r--r--[-rwxr-xr-x] | Authenticators/SMF/2.0/smfauth.py | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/Authenticators/SMF/2.0/smfauth.py b/Authenticators/SMF/2.0/smfauth.py index 0209a8c..b8645b5 100755..100644 --- a/Authenticators/SMF/2.0/smfauth.py +++ b/Authenticators/SMF/2.0/smfauth.py @@ -46,6 +46,7 @@ import thread import urllib2 import logging import ConfigParser +import bcrypt from threading import Timer from optparse import OptionParser @@ -805,7 +806,17 @@ def smf_check_hash(password, hash, username): """ Python implementation of the smf check hash function """ - return sha1(username.lower().encode('utf8') + password).hexdigest() == hash + ret = False + + try: + # SMF 2.1 uses a bcrypt hash, try that first + ret = bcrypt.hashpw(username.lower().encode('utf-8') + password, hash.encode('utf-8')) == hash + except ValueError: + # The sha1 password hash from SMF 2.0 and earlier will cause a salt value error + # In that case, try the legacy sha1 hash + ret = sha1(username.lower().encode('utf8') + password).hexdigest() == hash + + return ret # #--- Start of program |