[1.6.x] Fixed #21398 -- Fixed BCryptSHA256PasswordHasher with py-bcrypt and Python 3.

Thanks arjan at anymore.nl for the report.

Backport of d15985d81f from master
This commit is contained in:
Tim Graham 2013-11-09 06:36:10 -05:00
parent c9076a408c
commit 4b9e932fd4
3 changed files with 18 additions and 1 deletions

View File

@ -322,8 +322,10 @@ class BCryptSHA256PasswordHasher(BasePasswordHasher):
# Ensure that our data is a bytestring # Ensure that our data is a bytestring
data = force_bytes(data) data = force_bytes(data)
# force_bytes() necessary for py-bcrypt compatibility
hashpw = force_bytes(bcrypt.hashpw(password, data))
return constant_time_compare(data, bcrypt.hashpw(password, data)) return constant_time_compare(data, hashpw)
def safe_summary(self, encoded): def safe_summary(self, encoded):
algorithm, empty, algostr, work_factor, data = encoded.split('$', 4) algorithm, empty, algostr, work_factor, data = encoded.split('$', 4)

14
docs/releases/1.6.1.txt Normal file
View File

@ -0,0 +1,14 @@
==========================
Django 1.6.1 release notes
==========================
*Under development*
This is Django 1.6.1, a bugfix release for Django 1.6.
...
Bug fixes
=========
* Fixed ``BCryptSHA256PasswordHasher`` with py-bcrypt and Python 3 (#21398).

View File

@ -23,6 +23,7 @@ Final releases
:maxdepth: 1 :maxdepth: 1
1.6 1.6
1.6.1
1.5 release 1.5 release
----------- -----------