use bcrypt.checkpw

in bcrypt 3.1.0 checkpw got introduced (already 2 years ago) This makes use of that with enhancements which might get introduced by that Signed-Off-by: Matthias Kesler <krombel@krombel.de>
author: Krombel <krombel@krombel.de> 2018-03-05 17:51:09 +0100
committer: Krombel <krombel@krombel.de> 2018-03-05 18:02:59 +0100
commit: ed9b5eced4f17dfb0a92167a6281e13054821d6f (patch)
tree: e50d64ddf5d88a708fd23cb69922c9cfe219d4a3 /synapse
parent: Merge pull request #2943 from matrix-org/rav/fix_find_first_stream_ordering_a... (diff)
download: synapse-ed9b5eced4f17dfb0a92167a6281e13054821d6f.tar.xz
2 files changed, 5 insertions, 3 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 258cc345dc..a5365c4fe4 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -863,8 +863,10 @@ class AuthHandler(BaseHandler):
         """
 
         def _do_validate_hash():
-            return bcrypt.hashpw(password.encode('utf8') + self.hs.config.password_pepper,
-                                 stored_hash.encode('utf8')) == stored_hash
+            return bcrypt.checkpw(
+                password.encode('utf8') + self.hs.config.password_pepper,
+                stored_hash.encode('utf8')
+            )
 
         if stored_hash:
             return make_deferred_yieldable(threads.deferToThread(_do_validate_hash))
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 5d65b5fd6e..91179ce532 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -31,7 +31,7 @@ REQUIREMENTS = {
     "pyyaml": ["yaml"],
     "pyasn1": ["pyasn1"],
     "daemonize": ["daemonize"],
-    "bcrypt": ["bcrypt"],
+    "bcrypt": ["bcrypt>=3.1.0"],
     "pillow": ["PIL"],
     "pydenticon": ["pydenticon"],
     "ujson": ["ujson"],
author	Krombel <krombel@krombel.de>	2018-03-05 17:51:09 +0100
committer	Krombel <krombel@krombel.de>	2018-03-05 18:02:59 +0100
commit	ed9b5eced4f17dfb0a92167a6281e13054821d6f (patch)
tree	e50d64ddf5d88a708fd23cb69922c9cfe219d4a3 /synapse
parent	Merge pull request #2943 from matrix-org/rav/fix_find_first_stream_ordering_a... (diff)
download	synapse-ed9b5eced4f17dfb0a92167a6281e13054821d6f.tar.xz