diff options
| author | Ted Trask <ttrask01@yahoo.com> | 2011-10-27 18:51:08 +0000 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2011-10-27 18:51:08 +0000 |
| commit | f41fd7182d71427d7a0adf54e55df3a3c97a667e (patch) | |
| tree | cae09a985c21c8ebb88a53740c4551371a1a2863 /lib | |
| parent | eb4221096cc581a41f64d7d6b99e8d5be0d470b0 (diff) | |
| download | acf-core-f41fd7182d71427d7a0adf54e55df3a3c97a667e.tar.bz2 acf-core-f41fd7182d71427d7a0adf54e55df3a3c97a667e.tar.xz | |
Fixed mksalt to use correct characters
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/authenticator.lua | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/authenticator.lua b/lib/authenticator.lua index f3af4e3..43814c1 100644 --- a/lib/authenticator.lua +++ b/lib/authenticator.lua @@ -96,10 +96,17 @@ local verify_password = function(plaintext, pwhash) return (pwhash == md5.sumhexa(plaintext)) end --- generate a salt string +local b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./" + local mksalt = function() - -- use sha-512 algorithm (no 6) - return "$6$"..session.random_hash(96).."$" + local file = io.open("/dev/urandom") + local str = "" + if file == nil then return nil end + for i = 1,16 do + local offset = (string.byte(file:read(1)) % 64) + 1 + str = str .. string.sub (b64, offset, offset) + end + return "$6$"..str.."$" end --- public methods |