From f41fd7182d71427d7a0adf54e55df3a3c97a667e Mon Sep 17 00:00:00 2001 From: Ted Trask Date: Thu, 27 Oct 2011 18:51:08 +0000 Subject: Fixed mksalt to use correct characters --- lib/authenticator.lua | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/authenticator.lua b/lib/authenticator.lua index f3af4e3..43814c1 100644 --- a/lib/authenticator.lua +++ b/lib/authenticator.lua @@ -96,10 +96,17 @@ local verify_password = function(plaintext, pwhash) return (pwhash == md5.sumhexa(plaintext)) end --- generate a salt string +local b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./" + local mksalt = function() - -- use sha-512 algorithm (no 6) - return "$6$"..session.random_hash(96).."$" + local file = io.open("/dev/urandom") + local str = "" + if file == nil then return nil end + for i = 1,16 do + local offset = (string.byte(file:read(1)) % 64) + 1 + str = str .. string.sub (b64, offset, offset) + end + return "$6$"..str.."$" end --- public methods -- cgit v1.2.3