Home Explore Help
Register Sign In
RISCI_ATOM
/
synapse
mirror of https://github.com/matrix-org/synapse.git
1
0
Fork 0
Files Issues 3 Wiki
Browse Source

Port hash_password to Python 3 (#4161)

* port hash_password

* changelog
Amber Brown 5 years ago
parent
b3708830b8
commit
264cb14402
3 changed files with 36 additions and 8 deletions
Split View Show Diff Stats
  1. 1 0
      changelog.d/4161.bugfix
  2. 34 7
      scripts/hash_password
  3. 1 1
      tox.ini

+ 1 - 0
changelog.d/4161.bugfix
View File 

@@ -0,0 +1 @@
 
+The hash_password script now works on Python 3.

+ 34 - 7
scripts/hash_password
View File 

@@ -3,13 +3,15 @@
 
 import argparse
 
 import getpass
 
 import sys
 
+import unicodedata
 
 
 import bcrypt
 
 import yaml
 
 
-bcrypt_rounds=12
 
+bcrypt_rounds = 12
 
 password_pepper = ""
 
 
+
 
 def prompt_for_pass():
 
     password = getpass.getpass("Password: ")
 
 
@@ -23,19 +25,27 @@ def prompt_for_pass():
 
 
     return password
 
 
+
 
 if __name__ == "__main__":
 
     parser = argparse.ArgumentParser(
 
-        description="Calculate the hash of a new password, so that passwords"
 
-                    " can be reset")
 
+        description=(
 
+            "Calculate the hash of a new password, so that passwords can be reset"
 
+        )
 
+    )
 
     parser.add_argument(
 
-        "-p", "--password",
 
+        "-p",
 
+        "--password",
 
         default=None,
 
         help="New password for user. Will prompt if omitted.",
 
     )
 
     parser.add_argument(
 
-        "-c", "--config",
 
+        "-c",
 
+        "--config",
 
         type=argparse.FileType('r'),
 
-        help="Path to server config file. Used to read in bcrypt_rounds and password_pepper.",
 
+        help=(
 
+            "Path to server config file. "
 
+            "Used to read in bcrypt_rounds and password_pepper."
 
+        ),
 
     )
 
 
     args = parser.parse_args()
 
@@ -49,4 +59,21 @@ if __name__ == "__main__":
 
     if not password:
 
         password = prompt_for_pass()
 
 
-    print bcrypt.hashpw(password + password_pepper, bcrypt.gensalt(bcrypt_rounds))
 
+    # On Python 2, make sure we decode it to Unicode before we normalise it
 
+    if isinstance(password, bytes):
 
+        try:
 
+            password = password.decode(sys.stdin.encoding)
 
+        except UnicodeDecodeError:
 
+            print(
 
+                "ERROR! Your password is not decodable using your terminal encoding (%s)."
 
+                % (sys.stdin.encoding,)
 
+            )
 
+
 
+    pw = unicodedata.normalize("NFKC", password)
 
+
 
+    hashed = bcrypt.hashpw(
 
+        pw.encode('utf8') + password_pepper.encode("utf8"),
 
+        bcrypt.gensalt(bcrypt_rounds),
 
+    ).decode('ascii')
 
+
 
+    print(hashed)

+ 1 - 1
tox.ini
View File 

@@ -122,7 +122,7 @@ skip_install = True
 
 basepython = python3.6
 
 deps =
 
     flake8
 
-commands = /bin/sh -c "flake8 synapse tests scripts scripts-dev scripts/register_new_matrix_user scripts/synapse_port_db synctl {env:PEP8SUFFIX:}"
 
+commands = /bin/sh -c "flake8 synapse tests scripts scripts-dev scripts/hash_password scripts/register_new_matrix_user scripts/synapse_port_db synctl {env:PEP8SUFFIX:}"
 
 
 [testenv:check_isort]
 
 skip_install = True