Pbkdf2 speedup #1653

wants to merge 2 commits into


None yet
3 participants

apollo13 commented Sep 21, 2013

Increased the performance of PBKDF2, needs backport to 1.4+

apollo13 added some commits Sep 21, 2013

Revert "Ensure that passwords are never long enough for a DoS."
This reverts commit aae5a96.

This fix is no longer necessary, our pbkdf2 (see next commit) implementation
no longer rehashes the password every iteration.
Increased the performance of our PBKDF2 implementation.
Thanks go to Michael Gebetsroither for pointing out this issue and help on
the patch.

apollo13 commented Sep 21, 2013

@dstufft One final review please. After a last okay I'll backport to 1.4+


apollo13 commented Sep 21, 2013

@gebi I'd appreciate if you could look over this too.


dstufft commented Sep 21, 2013

Looks good to me. You'll probably want to backport it by reverting the indivdiual commits on each branch and cherry-picking 4c7f347

gebi commented Sep 24, 2013

@apollo13 seems fine to me!


apollo13 commented Sep 24, 2013

Fixed, see https://code.djangoproject.com/ticket/21138 for the commits.

@apollo13 apollo13 closed this Sep 24, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment