From 4fb36cfae11c863b2078826937d61c2f76bcc951 Mon Sep 17 00:00:00 2001 From: Sergio Durigan Junior Date: Mon, 8 Aug 2016 20:18:27 -0400 Subject: [PATCH] Support python-bcrypt instead of the abandoned py-bcrypt --- ...t-python-bcrypt-instead-of-py-bcrypt.patch | 35 +++++++++++++++++++ debian/patches/series | 1 + 2 files changed, 36 insertions(+) create mode 100644 debian/patches/0001-Support-python-bcrypt-instead-of-py-bcrypt.patch create mode 100644 debian/patches/series diff --git a/debian/patches/0001-Support-python-bcrypt-instead-of-py-bcrypt.patch b/debian/patches/0001-Support-python-bcrypt-instead-of-py-bcrypt.patch new file mode 100644 index 0000000..9d1e385 --- /dev/null +++ b/debian/patches/0001-Support-python-bcrypt-instead-of-py-bcrypt.patch @@ -0,0 +1,35 @@ +From: Sergio Durigan Junior +Date: Mon, 8 Aug 2016 20:16:35 -0400 +Subject: Support python-bcrypt instead of py-bcrypt + +This patch basically makes sure that the arguments to bcrypt.hashpw +are encoded to UTF-8. This is a requirement of python-bcrypt. Using +python-bcrypt has the advantage that the library is well maintained +and available on more distributions, like Debian. +--- + pagure/lib/login.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/pagure/lib/login.py b/pagure/lib/login.py +index 4227c94..989fb4e 100644 +--- a/pagure/lib/login.py ++++ b/pagure/lib/login.py +@@ -72,7 +72,8 @@ def get_users_by_group(session, group): + def generate_hashed_value(password): + """ Generate hash value for password + """ +- return '$2$' + bcrypt.hashpw(to_unicode(password), bcrypt.gensalt()) ++ return '$2$' + bcrypt.hashpw(password.encode("utf8"), ++ bcrypt.gensalt().encode("utf8")) + + + def check_password(entered_password, user_password, seed=None): +@@ -86,7 +87,7 @@ def check_password(entered_password, user_password, seed=None): + _, version, user_password = user_password.split('$', 2) + + if version == '2': +- password = bcrypt.hashpw(to_unicode(entered_password), user_password) ++ password = bcrypt.hashpw(entered_password.encode("utf8"), user_password.encode("utf8")) + + elif version == '1': + password = '%s%s' % (to_unicode(entered_password), seed) diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..48a2f82 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +0001-Support-python-bcrypt-instead-of-py-bcrypt.patch