[Checkins] SVN: Zope/branches/gsoc-python-2.5/utilities/mkzopeinstance.py sha -> hashlib
Andreas Jung
lists at zopyx.com
Thu Oct 16 01:36:17 EDT 2008
On 15.10.2008 23:19 Uhr, Philipp von Weitershausen wrote:
> Andreas Jung wrote:
>> Log message for revision 92197:
>> sha -> hashlib
>>
>> Changed:
>> U Zope/branches/gsoc-python-2.5/utilities/mkzopeinstance.py
>>
>> -=-
>> Modified: Zope/branches/gsoc-python-2.5/utilities/mkzopeinstance.py
>> ===================================================================
>> --- Zope/branches/gsoc-python-2.5/utilities/mkzopeinstance.py
>> 2008-10-14 14:45:35 UTC (rev 92196)
>> +++ Zope/branches/gsoc-python-2.5/utilities/mkzopeinstance.py
>> 2008-10-14 15:22:29 UTC (rev 92197)
>> @@ -167,9 +167,9 @@
>>
>> def write_inituser(fn, user, password):
>> import binascii
>> - import sha
>> + import hashlib
>> fp = open(fn, "w")
>> - pw = binascii.b2a_base64(sha.new(password).digest())[:-1]
>> + pw = binascii.b2a_base64(hashlib.sha256(password).digest())[:-1]
>> fp.write('%s:{SHA}%s\n' % (user, pw))
>> fp.close()
>> os.chmod(fn, 0644)
>
> To my knowledge, sha.new() and hashlib.sha256() aren't equivalent. A
> quick test on the interpeter prompt confirms that, though perhaps I'm
> missing something... Is there a particular reason why you chose
> hashlib.sha256() and not hashlib.sha1() which seems to be the equivalent
> to sha.new()?
I added a new SHA256 digest schema to AuthEncoding and fixed the auth
encoding classifier..so we have a stronger encryption for new accounts.
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lists.vcf
Type: text/x-vcard
Size: 316 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/checkins/attachments/20081016/c5fdb313/attachment.vcf
More information about the Checkins
mailing list