[1.6.x] Fixed #21398 -- Fixed BCryptSHA256PasswordHasher with py-bcrypt and Python 3.
Thanks arjan at anymore.nl for the report.
Backport of d15985d81f
from master
This commit is contained in:
parent
c9076a408c
commit
4b9e932fd4
|
@ -322,8 +322,10 @@ class BCryptSHA256PasswordHasher(BasePasswordHasher):
|
|||
|
||||
# Ensure that our data is a bytestring
|
||||
data = force_bytes(data)
|
||||
# force_bytes() necessary for py-bcrypt compatibility
|
||||
hashpw = force_bytes(bcrypt.hashpw(password, data))
|
||||
|
||||
return constant_time_compare(data, bcrypt.hashpw(password, data))
|
||||
return constant_time_compare(data, hashpw)
|
||||
|
||||
def safe_summary(self, encoded):
|
||||
algorithm, empty, algostr, work_factor, data = encoded.split('$', 4)
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
==========================
|
||||
Django 1.6.1 release notes
|
||||
==========================
|
||||
|
||||
*Under development*
|
||||
|
||||
This is Django 1.6.1, a bugfix release for Django 1.6.
|
||||
|
||||
...
|
||||
|
||||
Bug fixes
|
||||
=========
|
||||
|
||||
* Fixed ``BCryptSHA256PasswordHasher`` with py-bcrypt and Python 3 (#21398).
|
|
@ -23,6 +23,7 @@ Final releases
|
|||
:maxdepth: 1
|
||||
|
||||
1.6
|
||||
1.6.1
|
||||
|
||||
1.5 release
|
||||
-----------
|
||||
|
|
Loading…
Reference in New Issue