From abba09c6d2264e8151128cb429dee33693f8218a Mon Sep 17 00:00:00 2001
From: Malcolm Tredinnick <malcolm.tredinnick@gmail.com>
Date: Wed, 16 May 2007 22:30:54 +0000
Subject: [PATCH] unicode: Fixed #4314 -- Allow non-ASCII characters in
 password strings.

git-svn-id: http://code.djangoproject.com/svn/django/branches/unicode@5269 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/contrib/auth/models.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py
index a6e11a162d728..38d30b7afb9bc 100644
--- a/django/contrib/auth/models.py
+++ b/django/contrib/auth/models.py
@@ -2,6 +2,7 @@
 from django.core.exceptions import ImproperlyConfigured
 from django.db import backend, connection, models
 from django.contrib.contenttypes.models import ContentType
+from django.utils.encoding import smart_str
 from django.utils.translation import ugettext_lazy, ugettext as _
 import datetime
 import urllib
@@ -14,16 +15,16 @@ def check_password(raw_password, enc_password):
     algo, salt, hsh = enc_password.split('$')
     if algo == 'md5':
         import md5
-        return hsh == md5.new(salt+raw_password).hexdigest()
+        return hsh == md5.new(smart_str(salt + raw_password)).hexdigest()
     elif algo == 'sha1':
         import sha
-        return hsh == sha.new(salt+raw_password).hexdigest()
+        return hsh == sha.new(smart_str(salt + raw_password)).hexdigest()
     elif algo == 'crypt':
         try:
             import crypt
         except ImportError:
             raise ValueError, "Crypt password algorithm not supported in this environment."
-        return hsh == crypt.crypt(raw_password, salt)
+        return hsh == crypt.crypt(smart_str(raw_password), smart_str(salt))
     raise ValueError, "Got unknown password algorithm type in password."
 
 class SiteProfileNotAvailable(Exception):
@@ -153,7 +154,7 @@ def set_password(self, raw_password):
         import sha, random
         algo = 'sha1'
         salt = sha.new(str(random.random())).hexdigest()[:5]
-        hsh = sha.new(salt+raw_password).hexdigest()
+        hsh = sha.new(salt + smart_str(raw_password)).hexdigest()
         self.password = '%s$%s$%s' % (algo, salt, hsh)
 
     def check_password(self, raw_password):
@@ -165,7 +166,7 @@ def check_password(self, raw_password):
         # algorithm or salt.
         if '$' not in self.password:
             import md5
-            is_correct = (self.password == md5.new(raw_password).hexdigest())
+            is_correct = (self.password == md5.new(smart_str(raw_password)).hexdigest())
             if is_correct:
                 # Convert the password to the new, more secure format.
                 self.set_password(raw_password)