deepblue/GoogleDriveManagement
1
0
Fork 0
mirror of https://github.com/GAM-team/GAM.git synced 2025-07-09 14:13:35 +00:00
Code Issues Actions 19 Packages Projects Releases Wiki Activity

exclude null character, max out passwd length on random

Browse Source
This commit is contained in:
Jay Lee
2021-07-13 10:44:58 -04:00
parent c7c1bfbeba
commit daed17fac8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/gam/__init__.py
View File

@ -7132,10 +7132,10 @@ def getUserAttributes(i, cd, updateCmd):
# passwords. We expect "password random nohash" to fail but no one # passwords. We expect "password random nohash" to fail but no one
# should be using that. Our goal here is to purposefully block login # should be using that. Our goal here is to purposefully block login
# with this password. # with this password.
pass_chars = [chr(i) for i in range(55296)] pass_chars = [chr(i) for i in range(1, 55296)]
rnd = SystemRandom() rnd = SystemRandom()
body['password'] = ''.join( body['password'] = ''.join(
rnd.choice(pass_chars) for _ in range(2000)) rnd.choice(pass_chars) for _ in range(4096))
if 'password' in body and need_to_hash_password: if 'password' in body and need_to_hash_password:
body['password'] = gen_sha512_hash(body['password']) body['password'] = gen_sha512_hash(body['password'])
body['hashFunction'] = 'crypt' body['hashFunction'] = 'crypt'