mirror of https://github.com/nicolargo/glances
Use SHA256 instead of MD5 for the network transfert
parent
f7b94229b1
commit
472b4c501b
|
@ -160,11 +160,11 @@ class GlancesMain(object):
|
|||
# Server or client login/password
|
||||
args.username = self.username
|
||||
if args.password_arg is not None:
|
||||
import hashlib
|
||||
from hashlib import sha256
|
||||
# Password is given as an argument
|
||||
# Hash with MD5
|
||||
# Only the MD5 will be transmit on the network
|
||||
args.password = hashlib.md5(args.password_arg).hexdigest()
|
||||
# Hash with SHA256
|
||||
# Only the SHA will be transmit on the network
|
||||
args.password = sha256(args.password_arg).hexdigest()
|
||||
elif args.password_prompt:
|
||||
# Interactive or file password
|
||||
if args.server:
|
||||
|
|
|
@ -99,7 +99,7 @@ class glancesPassword:
|
|||
|
||||
For Glances client, get the password (confirm=False, clear=True)
|
||||
1) From the CLI
|
||||
2) The password is hashed with MD5 (only MD5 string transit thrught the network)
|
||||
2) The password is hashed with SHA256 (only SHA string transit thrught the network)
|
||||
"""
|
||||
|
||||
if os.path.exists(self.password_filepath) and not clear:
|
||||
|
@ -113,11 +113,11 @@ class glancesPassword:
|
|||
|
||||
# password_plain is the password MD5
|
||||
# password_hashed is the hashed password
|
||||
password_md5 = hashlib.md5(getpass.getpass(_("Password: "))).hexdigest()
|
||||
password_hashed = self.hash_password(password_md5)
|
||||
password_sha = hashlib.sha256(getpass.getpass(_("Password: "))).hexdigest()
|
||||
password_hashed = self.hash_password(password_sha)
|
||||
if confirm:
|
||||
# password_confirm is the clear password (only used to compare)
|
||||
password_confirm = hashlib.md5(getpass.getpass(_("Password (confirm): "))).hexdigest()
|
||||
password_confirm = hashlib.sha256(getpass.getpass(_("Password (confirm): "))).hexdigest()
|
||||
|
||||
if not self.check_password(password_hashed, password_confirm):
|
||||
sys.stdout.write(_("[Error] Sorry, but passwords did not match...\n"))
|
||||
|
@ -125,7 +125,7 @@ class glancesPassword:
|
|||
|
||||
# Return the clear or hashed password
|
||||
if clear:
|
||||
password = password_md5
|
||||
password = password_sha
|
||||
else:
|
||||
password = password_hashed
|
||||
|
||||
|
|
|
@ -22,7 +22,6 @@ import json
|
|||
import socket
|
||||
import sys
|
||||
from base64 import b64decode
|
||||
from hashlib import md5
|
||||
try:
|
||||
from xmlrpc.server import SimpleXMLRPCRequestHandler
|
||||
from xmlrpc.server import SimpleXMLRPCServer
|
||||
|
@ -83,10 +82,6 @@ class GlancesXMLRPCHandler(SimpleXMLRPCRequestHandler):
|
|||
|
||||
pwd = glancesPassword()
|
||||
|
||||
# print "Server password: %s" % self.server.user_dict[username]
|
||||
# print "Client password: %s" % password
|
||||
# print "MD5Cli password: %s" % md5(password).hexdigest()
|
||||
# print "check_password: %s" % pwd.check_password(self.server.user_dict[username], password)
|
||||
return pwd.check_password(self.server.user_dict[username], password)
|
||||
else:
|
||||
return False
|
||||
|
|
Loading…
Reference in New Issue