Add hashed password support. #1011
Conversation
| Out[1]: 'sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12' | ||
|
|
||
| """ | ||
| algorithm = 'sha1' |
There was a problem hiding this comment.
if algorithm is an option, why isn't it an arg to passwd?
There was a problem hiding this comment.
Because, for now, only sha1 is supported. We could add it though; would that be preferred?
There was a problem hiding this comment.
If the design is that multiple algorithms are to be supported, it should probably be an arg, even if the supported list is only length one at this point.
In fact, if you simply removed the length-check dict, and just let the hash go ahead, you would already have support for more than just sha1.
| passphrase : str | ||
| Password to hash. | ||
| algorithm : str | ||
| Hashing algorithm to use. |
There was a problem hiding this comment.
Should indicate here that this string should be any that's a valid input to hashlib.new, so users know what to look for.
|
Thanks a ton for this, it's awesome. The fixes should be pretty easy and we can merge soon. |
Add hashing of passwords to notebook configuration. From now on, we do NOT support plain text passwords in the notebook configuration file, only hashed ones. To create a properly hashed password, you can use `IPython.lib.security.passwd()`. Written with Mateusz Paprocki (@mattpap at github).
| except ValueError: | ||
| return False | ||
|
|
||
| if len(pw_digest) == 0 or len(salt) != salt_len: |
There was a problem hiding this comment.
Checking the salt length seems entirely unnecessary here. It has no valuable effect, because shorter or longer salts would still be perfectly valid.
There was a problem hiding this comment.
Good point. I won't revert it quite yet, let's see if @stefanv had a specific reason to check for that. But I can't think of one and unless Stefan has a good reason for wanting it there, we can remove the length check.
There was a problem hiding this comment.
You can take this out. We put in a number of tests to make sure the hash is
in the right format, but as all negative results return False it doesn't
matter.
On Nov 18, 2011 9:02 PM, "Fernando Perez" <
reply@reply.github.com>
wrote:
- In [3]:
passwd_check('sha1:7cf3:b7d6da294ea9592a9480c8f52e63cd42cfb9dd12',...: 'anotherpassword')- Out[3]: False
- """
- try:
algorithm, salt, pw_digest = hashed_passphrase.split(':', 2)- except (ValueError, TypeError):
return False
- try:
h = hashlib.new(algorithm)- except ValueError:
return False
- if len(pw_digest) == 0 or len(salt) != salt_len:
Good point. I won't revert it quite yet, let's see if @stefanv had a
specific reason to check for that. But I can't think of one and unless
Stefan has a good reason for wanting it there, we can remove the length
check.
Reply to this email directly or view it on GitHub:
https://github.com/ipython/ipython/pull/1011/files#r240467
|
is there anyway to do this, so it can be done on the command line when starting the notebook? i tried to add a function to the config.py file that asks for the password, but it seems the config file is parsed too many times during a session and hence i kept getting asked for a password. |
|
|
||
| h = hashlib.new(algorithm) | ||
| salt = ('%0' + str(salt_len) + 'x') % random.getrandbits(4 * salt_len) | ||
| h.update(passphrase + salt) |
There was a problem hiding this comment.
It's just occurred to me that this is not going to be portable to Python 3, because you can't directly hash unicode. For that matter, it will fail on non-ascii unicode strings in Python 2 as well.
I think the best thing is to do is: py3compat.cast_bytes((passphrase + salt), 'utf-8').
I realise this has been merged - I'll try to get round to doing another PR, unless someone else beats me to it.
There was a problem hiding this comment.
Sorry about that! We haven't gotten into a good swing of keeping py3 in mind, my fault...
BTW, if you see anything similarly problematic on #1012, let me know. It doesn't have similar low-level pieces so it shouldn't be much of a problem, but still, pitch in if you see anything amiss regarding py3.
There was a problem hiding this comment.
Mateusz just reminded me that allowing unicode for a password is probably a bad idea, so I think we'll try to detect that situation.
There was a problem hiding this comment.
My feeling is that if people want to use non-ascii characters in their password, that's up to them.
There was a problem hiding this comment.
So how about just doing .encode() on the string? That should work in both 2.7 and 3.
There was a problem hiding this comment.
I've done essentially that in PR #1016.
|
@satra, that's a good point. There's a quick and easy hack (until we have a chance to disentangle why the init file is being parsed more than once): write a small wrapper function in your init file (or a locally loaded utility) that simply tracks its own state and uses passwd: def password():
from IPython.lib import passwd
if password.pwd is None:
pwd = passwd()
password.pwd = pwd
return pwd
else:
return password.pwd
password.pwd = None |
Add hashing of passwords to notebook configuration. From now on, we do NOT support plain text passwords in the notebook configuration file, only hashed ones. To create a properly hashed password, you can use `IPython.lib.security.passwd()`. Written with Mateusz Paprocki (@mattpap at github).
Add hashing of passwords to notebook configuration [written with Mateusz Paprocki].