diff options
author | Krombel <krombel@krombel.de> | 2018-03-05 17:51:09 +0100 |
---|---|---|
committer | Krombel <krombel@krombel.de> | 2018-03-05 18:02:59 +0100 |
commit | ed9b5eced4f17dfb0a92167a6281e13054821d6f (patch) | |
tree | e50d64ddf5d88a708fd23cb69922c9cfe219d4a3 | |
parent | Merge pull request #2943 from matrix-org/rav/fix_find_first_stream_ordering_a... (diff) | |
download | synapse-ed9b5eced4f17dfb0a92167a6281e13054821d6f.tar.xz |
use bcrypt.checkpw
in bcrypt 3.1.0 checkpw got introduced (already 2 years ago) This makes use of that with enhancements which might get introduced by that Signed-Off-by: Matthias Kesler <krombel@krombel.de>
-rw-r--r-- | synapse/handlers/auth.py | 6 | ||||
-rw-r--r-- | synapse/python_dependencies.py | 2 |
2 files changed, 5 insertions, 3 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 258cc345dc..a5365c4fe4 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -863,8 +863,10 @@ class AuthHandler(BaseHandler): """ def _do_validate_hash(): - return bcrypt.hashpw(password.encode('utf8') + self.hs.config.password_pepper, - stored_hash.encode('utf8')) == stored_hash + return bcrypt.checkpw( + password.encode('utf8') + self.hs.config.password_pepper, + stored_hash.encode('utf8') + ) if stored_hash: return make_deferred_yieldable(threads.deferToThread(_do_validate_hash)) diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index 5d65b5fd6e..91179ce532 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -31,7 +31,7 @@ REQUIREMENTS = { "pyyaml": ["yaml"], "pyasn1": ["pyasn1"], "daemonize": ["daemonize"], - "bcrypt": ["bcrypt"], + "bcrypt": ["bcrypt>=3.1.0"], "pillow": ["PIL"], "pydenticon": ["pydenticon"], "ujson": ["ujson"], |