[Twisted-Python] Authenticating with md5 hashed passwords

Ramiro Alba Queipo raq at cttc.upc.edu
Fri Feb 12 11:03:00 MST 2010


Hello everybody,

I am trying to build a a client/server application using Perspective
Broker and wanting to authenticate against a PostgreSQL database.
Everything works fine if I user plain text passwords, but when trying to
hash then using md5 using

from hashlib import md5
md5Password = md5(password).hexdigest()

then it does not authenticate (I use
credentials.checkMD5Password(password) at the checker class)

Then after reading 

twisted/spread/pb.py

I saw that everything is done in the functions:

respond(challenge, password)
challenge()

and the methods

checkMD5Password(self, md5Password)
checkPassword(self, password)

at the 

class _PortalAuthChallenger(Referenceable, _JellyableAvatarMixin)
 
By changing digest() with hexdigest(), it works.

The question is:

I there some way to make it work without making changes at the 'pb.py'
module?

Yes. I should use md5Password = md5(password).digest() to produce the
password, but then I cant authenticate with a 'pure-ftpd' daemon I need
to work with.

Any alternatives?

Thanks in advance.

Regards

-- 
Ramiro Alba

Centre Tecnològic de Tranferència de Calor
http://www.cttc.upc.edu


Escola Tècnica Superior d'Enginyeries
Industrial i Aeronàutica de Terrassa
Colom 11, E-08222, Terrassa, Barcelona, Spain
Tel: (+34) 93 739 86 46


-- 
Aquest missatge ha estat analitzat per MailScanner
a la cerca de virus i d'altres continguts perillosos,
i es considera que està net.





More information about the Twisted-Python mailing list