From 673cf786753eb8952598ecf3e67cbbaa4f80f5e9 Mon Sep 17 00:00:00 2001
From: jgg <>
Date: Sun, 30 Apr 2000 20:28:05 +0000
Subject: [PATCH] Improvement to password hasher

---
 userdir_ldap.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/userdir_ldap.py b/userdir_ldap.py
index 07bc6b1..a8b62fe 100644
--- a/userdir_ldap.py
+++ b/userdir_ldap.py
@@ -137,7 +137,7 @@ def GenPass():
    SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
    Rand = open("/dev/urandom");
    Password = "";
-   for i in range(0,10):
+   for i in range(0,15):
       Password = Password + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
    return Password;
 
@@ -147,8 +147,9 @@ def HashPass(Password):
    # glibc then just change Salt = "$1$" to Salt = "";
    SaltVals = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ/.";
    Salt  = "$1$";
+   Rand = open("/dev/urandom");
    for x in range(0,10):
-      Salt = Salt + SaltVals[whrandom.randint(0,len(SaltVals)-1)];
+      Salt = Salt + SaltVals[ord(Rand.read(1)[0]) % len(SaltVals)];
    Pass = crypt.crypt(Password,Salt);
    if len(Pass) < 14:
       raise "Password Error", "MD5 password hashing failed, not changing the password!";
-- 
2.20.1