@@ -164,42 +164,3 @@ def authenticateRequest(request, storeSessionCookie=False):
164164 else :
165165 return None
166166
167-
168- class LdapSha1PasswordHasher (django .contrib .auth .hashers .SHA1PasswordHasher ):
169- """Password hasher for legacy LDAP-encoded passwords
170-
171- File this
172- under So Close, Yet So Far. LDAP uses salted SHA-1 hashing, and
173- Django supports exactly that scheme. With some syntactic
174- shuffling it would be possible for Django to work with
175- LDAP-encoded passwords directly, except: LDAP uses binary salts,
176- whereas Django requires salts to be text. Ergo, this custom
177- hasher.
178- """
179- algorithm = "ldap_sha1"
180-
181- def encode (self , password , salt ):
182- assert password is not None
183- assert len (salt ) == 16
184- binarySalt = "" .join (chr (int (salt [i : i + 2 ], 16 )) for i in range (0 , 16 , 2 ))
185- hash = hashlib .sha1 (
186- django .utils .encoding .force_bytes (password ) + binarySalt
187- ).hexdigest ()
188- return f"{ self .algorithm } { salt } { hash }
189-
190- # TODO: Commented out for now, but as far as I can tell, this is unused.
191- # def convertLegacyRepresentation(self, legacy):
192- # # Converts a legacy LDAP-encoded password to Django syntax. In
193- # # LDAP encoding, a 20-byte binary SHA-1 hash and an 8-byte binary
194- # # salt are concatenated, Base64-encoded, and prepended with
195- # # "{SSHA}".
196- # assert legacy.startswith("{SSHA}")
197- # d = base64.b64decode(legacy[6:])
198- # assert len(d) == 28
199- # hash = d[:20]
200- # salt = d[20:]
201- #
202- # def hexify(s):
203- # return "".join(f"{ord(c):02x}" for c in s)
204- #
205- # return f"{self.algorithm}${hexify(salt)}${hexify(hash)}"
0 commit comments