Secure, extensible, forward-compatable passwords.
authorJeremy Stanley <fungi@yuggoth.org>
Thu, 17 Jun 2010 23:49:58 +0000 (23:49 +0000)
committerJeremy Stanley <fungi@yuggoth.org>
Thu, 17 Jun 2010 23:49:58 +0000 (23:49 +0000)
commit520cbd3c71a1c3a90fc4425c400f4bb4572890a8
tree77502e21ccedc6ed0f6b26445d1469800a0a4310
parente79cdd1520524f3c90a3e0be5a1d5164afedbaae
Secure, extensible, forward-compatable passwords.

* lib/mudpy/__init__.py (modules): Added the new password module to
the list.

* lib/mudpy/misc.py (handler_checking_password)
(handler_entering_new_password, handler_verifying_new_password):
Replaced existing md5 usage with calls to the new password
functions.

* lib/mudpy/password.py: Implemented a new module to handle creating
and verifying account password hashes. The functions and format are
forward-compatable to new hashing algorithms, and can be scaled to
allow tuning for CPU utilization/brute-force mitigation trade-offs.
The new functions are not directly backward-compatable with the old
format, but a utility function (upgrade_legacy_hash) is included to
upgrade those hexdigests if needed.
lib/mudpy/__init__.py
lib/mudpy/misc.py
lib/mudpy/password.py [new file with mode: 0644]