1998-08-10 19:42:37 +00:00
|
|
|
\section{\module{crypt} ---
|
2000-04-03 20:13:55 +00:00
|
|
|
Function to check \UNIX{} passwords}
|
1998-07-23 17:59:49 +00:00
|
|
|
|
1999-03-02 16:37:17 +00:00
|
|
|
\declaremodule{builtin}{crypt}
|
1999-03-02 17:03:42 +00:00
|
|
|
\platform{Unix}
|
2000-04-03 20:13:55 +00:00
|
|
|
\modulesynopsis{The \cfunction{crypt()} function used to check
|
2001-05-09 15:50:17 +00:00
|
|
|
\UNIX\ passwords.}
|
1999-03-02 16:37:17 +00:00
|
|
|
\moduleauthor{Steven D. Majewski}{sdm7g@virginia.edu}
|
|
|
|
|
\sectionauthor{Steven D. Majewski}{sdm7g@virginia.edu}
|
2000-04-03 20:13:55 +00:00
|
|
|
\sectionauthor{Peter Funk}{pf@artcom-gmbh.de}
|
1998-07-23 17:59:49 +00:00
|
|
|
|
1996-04-10 16:18:20 +00:00
|
|
|
|
2000-04-03 20:13:55 +00:00
|
|
|
This module implements an interface to the
|
|
|
|
|
\manpage{crypt}{3}\index{crypt(3)} routine, which is a one-way hash
|
|
|
|
|
function based upon a modified DES\indexii{cipher}{DES} algorithm; see
|
|
|
|
|
the \UNIX{} man page for further details. Possible uses include
|
1996-04-10 16:18:20 +00:00
|
|
|
allowing Python scripts to accept typed passwords from the user, or
|
1997-12-29 17:31:22 +00:00
|
|
|
attempting to crack \UNIX{} passwords with a dictionary.
|
1996-04-10 16:18:20 +00:00
|
|
|
|
2004-07-26 12:05:16 +00:00
|
|
|
Notice that the behavior of this module depends on the actual implementation
|
|
|
|
|
of the \manpage{crypt}{3}\index{crypt(3)} routine in the running system.
|
|
|
|
|
Therefore, any extensions available on the current implementation will also
|
|
|
|
|
be available on this module.
|
1998-03-17 06:33:25 +00:00
|
|
|
\begin{funcdesc}{crypt}{word, salt}
|
2000-04-03 20:13:55 +00:00
|
|
|
\var{word} will usually be a user's password as typed at a prompt or
|
|
|
|
|
in a graphical interface. \var{salt} is usually a random
|
|
|
|
|
two-character string which will be used to perturb the DES algorithm
|
|
|
|
|
in one of 4096 ways. The characters in \var{salt} must be in the
|
|
|
|
|
set \regexp{[./a-zA-Z0-9]}. Returns the hashed password as a
|
|
|
|
|
string, which will be composed of characters from the same alphabet
|
|
|
|
|
as the salt (the first two characters represent the salt itself).
|
2004-07-26 12:05:16 +00:00
|
|
|
|
|
|
|
|
Since a few \manpage{crypt}{3}\index{crypt(3)} extensions allow different
|
|
|
|
|
values, with different sizes in the \var{salt}, it is recommended to use
|
|
|
|
|
the full crypted password as salt when checking for a password.
|
1996-04-10 16:18:20 +00:00
|
|
|
\end{funcdesc}
|
|
|
|
|
|
2000-04-03 20:13:55 +00:00
|
|
|
|
|
|
|
|
A simple example illustrating typical use:
|
|
|
|
|
|
|
|
|
|
\begin{verbatim}
|
|
|
|
|
import crypt, getpass, pwd
|
|
|
|
|
|
|
|
|
|
def login():
|
|
|
|
|
username = raw_input('Python login:')
|
|
|
|
|
cryptedpasswd = pwd.getpwnam(username)[1]
|
|
|
|
|
if cryptedpasswd:
|
|
|
|
|
if cryptedpasswd == 'x' or cryptedpasswd == '*':
|
|
|
|
|
raise "Sorry, currently no support for shadow passwords"
|
|
|
|
|
cleartext = getpass.getpass()
|
2004-07-26 12:05:16 +00:00
|
|
|
return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
|
2000-04-03 20:13:55 +00:00
|
|
|
else:
|
|
|
|
|
return 1
|
|
|
|
|
\end{verbatim}
|
