blob: a228e97c58cd90425d1fb967404673aa6dc8e623 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From f41fd7182d71427d7a0adf54e55df3a3c97a667e Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Thu, 27 Oct 2011 18:51:08 +0000
Subject: [PATCH 2/2] Fixed mksalt to use correct characters
---
lib/authenticator.lua | 13 ++++++++++---
1 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/lib/authenticator.lua b/lib/authenticator.lua
index f3af4e3..43814c1 100644
--- a/lib/authenticator.lua
+++ b/lib/authenticator.lua
@@ -96,10 +96,17 @@ local verify_password = function(plaintext, pwhash)
return (pwhash == md5.sumhexa(plaintext))
end
--- generate a salt string
+local b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./"
+
local mksalt = function()
- -- use sha-512 algorithm (no 6)
- return "$6$"..session.random_hash(96).."$"
+ local file = io.open("/dev/urandom")
+ local str = ""
+ if file == nil then return nil end
+ for i = 1,16 do
+ local offset = (string.byte(file:read(1)) % 64) + 1
+ str = str .. string.sub (b64, offset, offset)
+ end
+ return "$6$"..str.."$"
end
--- public methods
--
1.7.8.2
|