Commit b0e6727c authored by Nikos Skalkotos's avatar Nikos Skalkotos
Browse files

Add support for Blowfish passwd hashing algorithm

This is not supported by the Linux version of crypt and is needed
for NetBSD and OpenBSD. Add a new python-bcrypt packet in the helper
that implements the OpenBSD Blowfish password hashing algorithm.
parent b3c48174
......@@ -27,6 +27,7 @@ To do this, it generates a random salt internally.
import sys
import crypt
import bcrypt
from string import ascii_letters, digits
from random import choice
......@@ -40,7 +41,6 @@ from optparse import OptionParser
HASH_ID_FROM_METHOD = {
'md5': '1',
'blowfish': '2a',
'sun-md5': 'md5',
'sha256': '5',
'sha512': '6'
}
......@@ -71,8 +71,13 @@ def parse_arguments(input_args):
def main():
(passwd, method) = parse_arguments(sys.argv[1:])
salt = random_salt()
hash = crypt.crypt(passwd, "$" + HASH_ID_FROM_METHOD[method] + "$" + salt)
if method != 'blowfish' :
hash = crypt.crypt(
passwd,"$" + HASH_ID_FROM_METHOD[method] + "$" + random_salt())
else:
hash = bcrypt.hashpw(passwd, bcrypt.gensalt(8))
sys.stdout.write("%s\n" % (hash))
return 0
......
......@@ -99,8 +99,18 @@ unix_password() {
log_error "No ${!shadow} found!"
fi
hash=$("@scriptsdir@/snf-passtohash.py" "$password")
case "$flavor" in
linux|freebsd)
hash=$("@scriptsdir@/snf-passtohash.py" "$password")
;;
openbsd|netbsd)
hash=$("@scriptsdir@/snf-passtohash.py" -m blowfish "$password")
;;
*)
log_error "Unknown unix flavor: \`$flavor'"
;;
esac
users=()
if [ -n "$SNF_IMAGE_PROPERTY_USERS" ]; then
......
......@@ -34,7 +34,7 @@ suite=wheezy/
components=
[Helper]
packages=ufsutils linux-image-3.2.0-4-amd64
packages=ufsutils linux-image-3.2.0-4-amd64 python-bcrypt
# Don't change the parameters below unless you really know what you are doing.
# The /'s and the empty `componets' variable are needed when working with apt.
source=http://apt.dev.grnet.gr/
......
......@@ -6,6 +6,10 @@ Package: ufsutils
Pin: version 8.2-3+wheezy+grnet.growfs.fix
Pin-Priority: 1001
Package: python-bcrypt
Pin: version 0.4-1grnet
Pin-Priority: 1001
Package: linux-image-3.2.0-4-amd64
Pin: version 3.2.46-1+deb7u1+ufs.rw
Pin-Priority: 1001
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment