Package entropy :: Package services :: Module auth_interfaces

Source Code for Module entropy.services.auth_interfaces

  1  # -*- coding: utf-8 -*- 
  2  ''' 
  3      # DESCRIPTION: 
  4      # Entropy Object Oriented Interface 
  5   
  6      Copyright (C) 2007-2009 Fabio Erculiani 
  7   
  8      This program is free software; you can redistribute it and/or modify 
  9      it under the terms of the GNU General Public License as published by 
 10      the Free Software Foundation; either version 2 of the License, or 
 11      (at your option) any later version. 
 12   
 13      This program is distributed in the hope that it will be useful, 
 14      but WITHOUT ANY WARRANTY; without even the implied warranty of 
 15      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the 
 16      GNU General Public License for more details. 
 17   
 18      You should have received a copy of the GNU General Public License 
 19      along with this program; if not, write to the Free Software 
 20      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA 
 21  ''' 
 22   
 23  from __future__ import with_statement 
 24  import os 
 25  import time 
 26  import random 
 27  from entropy.services.skel import Authenticator, RemoteDatabase 
 28  from entropy.exceptions import * 
 29  from entropy.const import etpConst 
 30  from entropy.i18n import _ 
 31   
32 -class phpBB3Auth(Authenticator,RemoteDatabase):
33 34 from entropy import tools as entropyTools
35 - def __init__(self):
36 Authenticator.__init__(self) 37 RemoteDatabase.__init__(self) 38 39 self.itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' 40 self.USER_NORMAL = 0 41 self.USER_INACTIVE = 1 42 self.USER_IGNORE = 2 43 self.USER_FOUNDER = 3 44 self.REGISTERED_USERS_GROUP = 7895 45 self.ADMIN_GROUPS = [7893, 7898] 46 self.MODERATOR_GROUPS = [484] 47 self.DEVELOPER_GROUPS = [7900] 48 self.USERNAME_LENGTH_RANGE = range(3,21) 49 self.PASSWORD_LENGTH_RANGE = range(6,31) 50 self.PRIVMSGS_NO_BOX = -3 51 self.NOTIFY_EMAIL = 0 52 self.FAKE_USERNAME = 'already_authed' 53 self.USER_AGENT = "Entropy/%s (compatible; %s; %s: %s %s %s)" % ( 54 etpConst['entropyversion'], 55 "Entropy", 56 "UGC", 57 os.uname()[0], 58 os.uname()[4], 59 os.uname()[2], 60 ) 61 self.TABLE_PREFIX = 'phpbb_' 62 self.do_update_session_table = True
63
64 - def validate_username_regex(self, username):
65 allow_name_chars = self._get_config_value("allow_name_chars") 66 if allow_name_chars == "USERNAME_CHARS_ANY": 67 regex = '.+' 68 elif allow_name_chars == "USERNAME_ALPHA_ONLY": 69 regex = '[A-Za-z0-9]+' 70 elif allow_name_chars == "USERNAME_ALPHA_SPACERS": 71 regex = '[A-Za-z0-9-[\]_+ ]+' 72 elif allow_name_chars == "USERNAME_LETTER_NUM": 73 regex = '[a-zA-Z0-9]+' 74 elif allow_name_chars == "USERNAME_LETTER_NUM_SPACERS": 75 regex = '[-\]_+ [a-zA-Z0-9]+' 76 else: # USERNAME_ASCII 77 regex = '[\x01-\x7F]+' 78 regex = "^%s$" % (regex,) 79 import re 80 myreg = re.compile(regex) 81 if myreg.match(username): 82 del myreg 83 return True 84 return False
85
86 - def does_username_exist(self, username, username_clean):
87 self.check_connection() 88 self.cursor.execute('SELECT user_id FROM '+self.TABLE_PREFIX+'users WHERE `username_clean` = %s OR LOWER(`username`) = %s', (username_clean,username.lower(),)) 89 data = self.cursor.fetchone() 90 if not data: return False 91 if not isinstance(data,dict): return False 92 if not data.has_key('user_id'): return False 93 return True
94
95 - def does_email_exist(self, email):
96 self.check_connection() 97 self.cursor.execute('SELECT user_id FROM '+self.TABLE_PREFIX+'users WHERE `user_email` = %s', (email,)) 98 data = self.cursor.fetchone() 99 if not data: return False 100 if not isinstance(data,dict): return False 101 if not data.has_key('user_id'): return False 102 return True
103
104 - def is_username_allowed(self, username):
105 self.check_connection() 106 self.cursor.execute('SELECT disallow_id FROM '+self.TABLE_PREFIX+'disallow WHERE `disallow_username` = %s', (username,)) 107 data = self.cursor.fetchone() 108 if not data: return True 109 if not isinstance(data,dict): return True 110 if not data.has_key('disallow_id'): return True 111 return False
112
113 - def validate_username_string(self, username, username_clean):
114 115 try: 116 x = unicode(username.encode('utf-8'),'raw_unicode_escape') 117 del x 118 except (UnicodeDecodeError,UnicodeEncodeError,): 119 return False,'Invalid username' 120 if (""" in username) or ("'" in username) or ('"' in username): 121 return False,'Invalid username' 122 123 try: 124 valid = self.validate_username_regex(username) 125 except: 126 return False,'Username contains bad characters' 127 if not valid: 128 return False,'Invalid username' 129 130 exists = self.does_username_exist(username, username_clean) 131 if exists: return False,'Username already taken' 132 133 allowed = self.is_username_allowed(username) 134 if not allowed: return False,'Username not allowed' 135 136 return True,'All fine'
137
138 - def _generate_email_hash(self, email):
139 import binascii 140 return str(binascii.crc32(email.lower())) + str(len(email))
141
142 - def activate_user(self, user_id):
143 self.check_connection() 144 self.cursor.execute('UPDATE '+self.TABLE_PREFIX+'users SET user_type = %s WHERE `user_id` = %s', (self.USER_NORMAL,user_id,)) 145 return True, user_id
146
147 - def generate_username_clean(self, username):
148 import re 149 username_clean = username.lower() 150 username_clean = re.sub(r'(?:[\x00-\x1F\x7F]+|(?:\xC2[\x80-\x9F])+)', '', username_clean) 151 username_clean = re.sub(r' {2,}',' ',username_clean) 152 username_clean = username_clean.strip() 153 return username_clean
154
155 - def register_user(self, username, password, email, activate = False):
156 157 if len(username) not in self.USERNAME_LENGTH_RANGE: 158 return False,'Username not in range' 159 if len(password) not in self.PASSWORD_LENGTH_RANGE: 160 return False,'Password not in range' 161 valid = self.entropyTools.is_valid_email(email) 162 if not valid: 163 return False,'Invalid email' 164 165 # create the clean one 166 username_clean = self.generate_username_clean(username) 167 168 # check username validity 169 status, err_msg = self.validate_username_string(username, username_clean) 170 if not status: return False,err_msg 171 172 # check email 173 exists = self.does_email_exist(email) 174 if exists: return False,'Email already in use' 175 176 # now cross fingers 177 user_id = self.__register(username, username_clean, password, email, activate) 178 179 return True, user_id
180 181
182 - def __register(self, username, username_clean, password, email, activate):
183 184 email_hash = self._generate_email_hash(email) 185 password_hash = self._get_password_hash(password.encode('utf-8')) 186 time_now = int(time.time()) 187 188 user_type = self.USER_INACTIVE 189 if activate: user_type = self.USER_NORMAL 190 191 registration_data = { 192 'username': username, 193 'username_clean': username_clean, 194 'user_password': password_hash, 195 'user_pass_convert': 0, 196 'user_email': email.lower(), 197 'user_email_hash': email_hash, 198 'group_id': self.REGISTERED_USERS_GROUP, 199 'user_type': user_type, 200 'user_permissions': '', 201 'user_timezone': self._get_config_value('board_timezone'), 202 'user_dateformat': self._get_config_value('default_dateformat'), 203 'user_lang': self._get_config_value('default_lang'), 204 'user_style': self._get_config_value('default_style'), 205 'user_actkey': '', 206 'user_ip': '', 207 'user_regdate': time_now, 208 'user_passchg': time_now, 209 'user_options': 895, # ? don't ask me 210 'user_inactive_reason': 0, 211 'user_inactive_time': 0, 212 'user_lastmark': time_now, 213 'user_lastvisit': 0, 214 'user_lastpost_time': 0, 215 'user_lastpage': '', 216 'user_posts': 0, 217 'user_dst': self._get_config_value('board_dst'), 218 'user_colour': '', 219 'user_occ': '', 220 'user_interests': '', 221 'user_avatar': '', 222 'user_avatar_type': 0, 223 'user_avatar_width': 0, 224 'user_avatar_height': 0, 225 'user_new_privmsg': 0, 226 'user_unread_privmsg': 0, 227 'user_last_privmsg': 0, 228 'user_message_rules': 0, 229 'user_full_folder': self.PRIVMSGS_NO_BOX, 230 'user_emailtime': 0, 231 'user_notify': 0, 232 'user_notify_pm': 1, 233 'user_notify_type': self.NOTIFY_EMAIL, 234 'user_allow_pm': 1, 235 'user_allow_viewonline': 1, 236 'user_allow_viewemail': 1, 237 'user_allow_massemail': 1, 238 'user_sig': '', 239 'user_sig_bbcode_uid': '', 240 'user_sig_bbcode_bitfield': '', 241 'user_form_salt': self._get_unique_id(), 242 } 243 244 sql = self._generate_sql('insert', self.TABLE_PREFIX+'users', registration_data) 245 self.cursor.execute(sql) 246 user_id = self.cursor.lastrowid 247 248 # now insert into the default group 249 group_data = { 250 'user_id': user_id, 251 'group_id': self.REGISTERED_USERS_GROUP, 252 'user_pending': 0, 253 } 254 sql = self._generate_sql('insert', self.TABLE_PREFIX+'user_group', group_data) 255 self.cursor.execute(sql) 256 257 # set some misc config shit 258 self._set_config_value('newest_user_id',user_id) 259 self._set_config_value('newest_username',username) 260 self._set_config_value('num_users',int(self._get_config_value('num_users'))+1) 261 self.cursor.execute('SELECT group_colour FROM '+self.TABLE_PREFIX+'groups WHERE group_id = %s', (group_data['group_id'],)) 262 data = self.cursor.fetchone() 263 gcolor = None 264 if isinstance(data,dict): 265 if data.has_key('group_colour'): 266 gcolor = data['group_colour'] 267 if gcolor: self._set_config_value('newest_user_colour',gcolor) 268 269 return user_id
270 271
272 - def login(self):
273 self.check_connection() 274 self.check_login_data() 275 276 if not self.login_data.has_key('username'): 277 raise PermissionDenied('PermissionDenied: %s' % (_('no username specified'),)) 278 elif not self.login_data.has_key('password'): 279 raise PermissionDenied('PermissionDenied: %s' % (_('no password specified'),)) 280 281 if not self.login_data['password']: 282 raise PermissionDenied('PermissionDenied: %s' % (_('empty password'),)) 283 elif not self.login_data['username']: 284 raise PermissionDenied('PermissionDenied: %s' % (_('empty username'),)) 285 286 self.cursor.execute('SELECT * FROM '+self.TABLE_PREFIX+'users WHERE username = %s', (self.login_data['username'],)) 287 data = self.cursor.fetchone() 288 if not data: 289 raise PermissionDenied('PermissionDenied: %s' % (_('user not found'),)) 290 291 if data['user_pass_convert']: 292 raise PermissionDenied('PermissionDenied: %s' % ( 293 _('you need to login on the website to update your password format'), 294 ) 295 ) 296 297 valid = self._phpbb3_check_hash(self.login_data['password'], data['user_password']) 298 if not valid: 299 raise PermissionDenied('PermissionDenied: %s' % (_('wrong password'),)) 300 301 user_type = data['user_type'] 302 if (user_type == self.USER_INACTIVE) or (user_type == self.USER_IGNORE): 303 raise PermissionDenied('PermissionDenied: %s' % (_('user inactive'),)) 304 305 banned = self.is_user_banned(data['user_id']) 306 if banned: 307 raise PermissionDenied('PermissionDenied: %s' % (_('user banned'),)) 308 309 self.login_data.update(data) 310 self.logged_in = True 311 return self.logged_in
312
313 - def disconnect(self):
314 if self.is_logged_in(): 315 self.logout() 316 RemoteDatabase.disconnect(self)
317
318 - def logout(self):
319 self.check_connection() 320 self.check_login_data() 321 self.logged_in = False 322 self.login_data.clear() 323 return True
324
325 - def get_user_data(self):
326 self.check_connection() 327 self.check_login_data() 328 self.check_logged_in() 329 330 self.cursor.execute('SELECT * FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 331 return self.cursor.fetchone()
332
333 - def get_user_birthday(self):
334 self.check_connection() 335 self.check_login_data() 336 self.check_logged_in() 337 338 self.cursor.execute('SELECT user_birthday FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 339 bday = self.cursor.fetchone() 340 if not bday: 341 return None 342 elif not bday.has_key('user_birthday'): 343 return None 344 return bday['user_birthday']
345
346 - def get_username(self):
347 self.check_connection() 348 self.check_login_data() 349 self.check_logged_in() 350 351 self.cursor.execute('SELECT username_clean FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 352 data = self.cursor.fetchone() 353 if not data: 354 return '' 355 elif not data.has_key('username_clean'): 356 return '' 357 return data['username_clean']
358
359 - def is_developer(self):
360 self.check_connection() 361 self.check_login_data() 362 self.check_logged_in() 363 364 # search into phpbb_groups 365 groups = self.get_user_groups() 366 for group in groups: 367 if group in self.DEVELOPER_GROUPS: 368 return True 369 370 return False
371
372 - def is_administrator(self):
373 self.check_connection() 374 self.check_login_data() 375 self.check_logged_in() 376 377 self.cursor.execute('SELECT user_type FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 378 data = self.cursor.fetchone() 379 if data: 380 if data['user_type'] == self.USER_FOUNDER: 381 return True 382 383 # search into phpbb_groups 384 groups = self.get_user_groups() 385 for group in groups: 386 if group in self.ADMIN_GROUPS: 387 return True 388 389 return False
390
391 - def is_moderator(self):
392 self.check_connection() 393 self.check_login_data() 394 self.check_logged_in() 395 396 # search into phpbb_groups 397 groups = self.get_user_groups() 398 for group in groups: 399 if group in self.MODERATOR_GROUPS: 400 return True 401 402 return False
403
404 - def is_user(self):
405 self.check_connection() 406 self.check_login_data() 407 self.check_logged_in() 408 409 if self.is_moderator(): 410 return False 411 elif self.is_administrator(): 412 return False 413 elif self.is_developer(): 414 return False 415 416 self.cursor.execute('SELECT user_type,user_id FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 417 data = self.cursor.fetchone() 418 if not data: 419 return False 420 if self.is_user_banned(data['user_id']): 421 return False 422 elif data['user_type'] in [self.USER_NORMAL]: 423 return True 424 425 return False
426 427 # user == user_id
428 - def is_user_banned(self, user):
429 self.check_connection() 430 self.cursor.execute('SELECT ban_userid FROM '+self.TABLE_PREFIX+'banlist WHERE ban_userid = %s', (user,)) 431 data = self.cursor.fetchone() 432 if data: 433 return True 434 return False
435
436 - def is_in_group(self, group):
437 self.check_connection() 438 self.check_login_data() 439 self.check_logged_in() 440 groups = self.get_user_groups() 441 if isinstance(group,int): 442 if group in groups: 443 return True 444 elif isinstance(group,basestring): 445 self.cursor.execute('SELECT group_id FROM '+self.TABLE_PREFIX+'groups WHERE group_name = %s', (group,)) 446 data = self.cursor.fetchone() 447 if not data: 448 return False 449 elif data['group_id'] in groups: 450 return True 451 452 return False
453
454 - def get_user_groups(self):
455 self.check_connection() 456 self.check_login_data() 457 self.check_logged_in() 458 459 self.cursor.execute('SELECT '+self.TABLE_PREFIX+'user_group.group_id,'+self.TABLE_PREFIX+'groups.group_name FROM '+self.TABLE_PREFIX+'user_group,'+self.TABLE_PREFIX+'users,'+self.TABLE_PREFIX+'groups WHERE '+self.TABLE_PREFIX+'users.user_id = %s and '+self.TABLE_PREFIX+'users.user_id = '+self.TABLE_PREFIX+'user_group.user_id and '+self.TABLE_PREFIX+'user_group.group_id = '+self.TABLE_PREFIX+'groups.group_id', (self.login_data['user_id'],)) 460 data = self.cursor.fetchall() 461 mydata = {} 462 for mydict in data: 463 mydata[mydict['group_id']] = mydict['group_name'] 464 465 return mydata
466
467 - def get_user_group(self):
468 self.check_connection() 469 self.check_login_data() 470 self.check_logged_in() 471 472 self.cursor.execute('SELECT group_id FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 473 data = self.cursor.fetchone() 474 if data: 475 if data.has_key('group_id'): 476 return data['group_id'] 477 478 return -1
479
480 - def get_user_id(self):
481 self.check_connection() 482 self.check_login_data() 483 self.check_logged_in() 484 return self.login_data['user_id']
485
486 - def get_permission_data(self):
487 self.check_connection() 488 self.check_login_data() 489 self.check_logged_in() 490 self.cursor.execute('SELECT user_permissions FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 491 return self.cursor.fetchone()
492
493 - def update_email(self, email):
494 self.check_connection() 495 self.check_login_data() 496 self.check_logged_in() 497 498 email_hash = self._generate_email_hash(email) 499 mydata = { 500 'user_email_hash': email_hash, 501 'user_email': email.lower(), 502 } 503 504 try: 505 sql = self._generate_sql("update",self.TABLE_PREFIX+'users', mydata, 'user_id = %s' % (self.login_data['user_id'],)) 506 self.cursor.execute(sql) 507 return True 508 except Exception: 509 return False
510
511 - def update_password_hash(self, password_hash):
512 self.check_connection() 513 self.check_login_data() 514 self.check_logged_in() 515 516 mydata = { 517 'user_password': password_hash, 518 } 519 520 try: 521 sql = self._generate_sql("update",self.TABLE_PREFIX+'users', mydata, 'user_id = %s' % (self.login_data['user_id'],)) 522 self.cursor.execute(sql) 523 return True 524 except Exception: 525 return False
526
527 - def get_email(self):
528 self.check_connection() 529 self.check_login_data() 530 self.check_logged_in() 531 self.cursor.execute('SELECT user_email FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (self.login_data['user_id'],)) 532 data = self.cursor.fetchone() 533 if not data: 534 return '' 535 elif not data.has_key('user_email'): 536 return '' 537 return data['user_email']
538
539 - def update_user_id_profile(self, profile_data):
540 self.check_connection() 541 self.check_login_data() 542 self.check_logged_in() 543 544 # filter valid params 545 valid_params = [ 546 "user_icq","user_yim","user_msnm", 547 "user_jabber","user_website","user_from", 548 "user_interests","user_occ","user_birthday", 549 "user_sig" 550 ] 551 552 my_params = {} 553 for param in valid_params: 554 d = profile_data.get(param) 555 if d == None: continue 556 my_params[param] = d 557 558 if not my_params: 559 return False,'no parameters' 560 561 562 # validate parameters 563 b_day = my_params.get('user_birthday') 564 if isinstance(b_day,basestring): 565 import re 566 myre = re.compile("(0[1-9]|[12][0-9]|3[01])[-](0[1-9]|1[012])[-](19|20)\d\d") 567 if not myre.match(b_day): 568 del my_params['user_birthday'] 569 570 try: 571 sql = self._generate_sql("update",self.TABLE_PREFIX+'users', my_params, 'user_id = %s' % (self.login_data['user_id'],)) 572 self.cursor.execute(sql) 573 return True, None 574 except Exception, e: 575 return False, unicode(e)
576 577
578 - def _set_config_value(self, config_name, data):
579 self.cursor.execute('UPDATE '+self.TABLE_PREFIX+'config SET config_value = %s WHERE config_name = %s',(data,config_name,))
580
581 - def _get_config_value(self, config_name):
582 self.check_connection() 583 self.cursor.execute('SELECT config_value FROM '+self.TABLE_PREFIX+'config WHERE config_name = %s',(config_name,)) 584 myconfig = self.cursor.fetchone() 585 if isinstance(myconfig,dict): 586 if myconfig.has_key('config_value'): 587 return myconfig['config_value'] 588 return None
589
590 - def _update_session_table(self, user_id, ip_address):
591 self.check_connection() 592 time_now = int(time.time()) 593 autologin = self._get_config_value("allow_autologin") 594 self.cursor.execute('SELECT user_allow_viewonline FROM '+self.TABLE_PREFIX+'users WHERE user_id = %s', (user_id,)) 595 myuserprefs = self.cursor.fetchone() 596 session_admin = 0 597 session_data = { 598 'session_id': None, 599 'session_user_id': user_id, 600 'session_last_visit': time_now, 601 'session_start': time_now, 602 'session_time': time_now, 603 'session_ip': ip_address, 604 'session_browser': self.USER_AGENT, 605 'session_forwarded_for': '', 606 'session_page': 'index.php', 607 'session_viewonline': myuserprefs['user_allow_viewonline'], 608 'session_autologin': autologin, 609 'session_admin': session_admin, 610 'session_forum_id': 0, 611 } 612 import hashlib 613 m = hashlib.md5() 614 m.update(str(user_id)+str(time_now)+str(self.USER_AGENT)+str(ip_address)+str(autologin)+str(myuserprefs['user_allow_viewonline'])) 615 session_data['session_id'] = m.hexdigest() 616 617 self.cursor.execute('SELECT * FROM '+self.TABLE_PREFIX+'sessions WHERE session_user_id = %s', (user_id,)) 618 mydata = self.cursor.fetchone() 619 do_update = False 620 if mydata: 621 do_update = True 622 # update 623 session_data['session_id'] = mydata['session_id'] 624 session_data['session_viewonline'] = mydata['session_viewonline'] 625 session_data['session_autologin'] = mydata['session_autologin'] 626 session_data['session_forwarded_for'] = mydata['session_forwarded_for'] 627 session_data['session_forum_id'] = mydata['session_forum_id'] 628 session_data['session_page'] = mydata['session_page'] 629 session_data['session_browser'] = mydata['session_browser'] 630 session_data['session_admin'] = mydata['session_admin'] 631 632 if do_update: 633 where = "session_id = '%s'" % (session_data['session_id'],) 634 del session_data['session_id'] 635 sql = self._generate_sql('update', self.TABLE_PREFIX+'sessions', session_data, where) 636 else: 637 sql = self._generate_sql('insert', self.TABLE_PREFIX+'sessions', session_data) 638 if sql: 639 self.cursor.execute(sql) 640 self.dbconn.commit()
641 642
643 - def _is_ip_banned(self, ip):
644 self.check_connection() 645 self.cursor.execute('SELECT ban_ip FROM '+self.TABLE_PREFIX+'banlist WHERE ban_ip = %s', (ip,)) 646 data = self.cursor.fetchone() 647 if data: 648 return True 649 return False
650
651 - def _get_unique_id(self):
652 import hashlib 653 m = hashlib.md5() 654 rnd = str(abs(hash(os.urandom(1)))) 655 m.update(rnd) 656 x = m.hexdigest()[:-16] 657 del m 658 return x
659
660 - def _get_random_number(self):
661 myrand = 0 662 low_n = 100000 663 high_n = 999999 664 while (myrand < low_n) or (myrand > high_n): 665 try: 666 myrand = hash(os.urandom(1))%high_n 667 except NotImplementedError: 668 random.seed() 669 myrand = random.randint(low_n,high_n) 670 return myrand
671
672 - def _get_password_hash(self, password):
673 674 #random_state = self._get_unique_id() 675 myrandom = str(self._get_random_number()) 676 677 myhash = self._hash_crypt_private(password, self._hash_gensalt_private(myrandom)) 678 679 if len(myhash) == 34: 680 return myhash 681 682 import hashlib 683 m = hashlib.md5() 684 m.update(myhash) 685 return m.hexdigest()
686 687
688 - def _hash_gensalt_private(self, myinput, iteration_count_log2 = 6):
689 690 if (iteration_count_log2 < 4) or (iteration_count_log2 > 31): 691 iteration_count_log2 = 8 692 693 myoutput = '$H$' 694 myoutput += self.itoa64[min(iteration_count_log2 + 5,30)] 695 myoutput += self._hash_encode64(myinput, 6) 696 697 return myoutput
698
699 - def _hash_crypt_private(self, password, setting):
700 701 myoutput = '*' 702 # Check for correct hash 703 if setting[:3] != '$H$': 704 return myoutput 705 706 count_log2 = self.itoa64.find(setting[3]) 707 if count_log2 == -1: count_log2 = 0 708 709 if (count_log2 < 7) or (count_log2 > 30): 710 return myoutput 711 712 count = 1 << count_log2 713 salt = setting[4:12] 714 715 if len(salt) != 8: 716 return myoutput 717 718 import hashlib 719 m = hashlib.md5() 720 m.update(salt+password) 721 myhash = m.digest() 722 while count: 723 m = hashlib.md5() 724 m.update(myhash+password) 725 myhash = m.digest() 726 count -= 1 727 728 myoutput = setting[:12] 729 myoutput += self._hash_encode64(myhash, 16) 730 731 return myoutput
732
733 - def _hash_encode64(self, myinput, count):
734 735 output = '' 736 i = 0 737 while i < count: 738 739 value = ord(myinput[i]) 740 i += 1 741 output += self.itoa64[value & 0x3f] 742 if i < count: 743 value |= ord(myinput[i]) << 8 744 745 output += self.itoa64[(value >> 6) & 0x3f] 746 747 if i >= count: 748 break 749 i += 1 750 751 if i < count: 752 value |= ord(myinput[i]) << 16 753 754 output += self.itoa64[(value >> 12) & 0x3f] 755 756 if (i >= count): 757 break 758 i += 1 759 760 output += self.itoa64[(value >> 18) & 0x3f] 761 762 return output
763
764 - def _phpbb3_check_hash(self, password, myhash):
765 766 if len(myhash) == 34: 767 return self._hash_crypt_private(password, myhash) == myhash 768 769 import hashlib 770 m = hashlib.md5() 771 m.update(password) 772 rhash = m.hexdigest() 773 return rhash == myhash
774