From 472b4c501ba10cb28c7b3823a0c42821cf4b99bc Mon Sep 17 00:00:00 2001 From: Nicolargo Date: Wed, 21 May 2014 21:38:27 +0200 Subject: [PATCH] Use SHA256 instead of MD5 for the network transfert --- glances/core/glances_main.py | 8 ++++---- glances/core/glances_password.py | 10 +++++----- glances/core/glances_server.py | 5 ----- 3 files changed, 9 insertions(+), 14 deletions(-) diff --git a/glances/core/glances_main.py b/glances/core/glances_main.py index 8eeab0d3..4e5e588c 100644 --- a/glances/core/glances_main.py +++ b/glances/core/glances_main.py @@ -160,11 +160,11 @@ class GlancesMain(object): # Server or client login/password args.username = self.username if args.password_arg is not None: - import hashlib + from hashlib import sha256 # Password is given as an argument - # Hash with MD5 - # Only the MD5 will be transmit on the network - args.password = hashlib.md5(args.password_arg).hexdigest() + # Hash with SHA256 + # Only the SHA will be transmit on the network + args.password = sha256(args.password_arg).hexdigest() elif args.password_prompt: # Interactive or file password if args.server: diff --git a/glances/core/glances_password.py b/glances/core/glances_password.py index 233a1740..698799a4 100644 --- a/glances/core/glances_password.py +++ b/glances/core/glances_password.py @@ -99,7 +99,7 @@ class glancesPassword: For Glances client, get the password (confirm=False, clear=True) 1) From the CLI - 2) The password is hashed with MD5 (only MD5 string transit thrught the network) + 2) The password is hashed with SHA256 (only SHA string transit thrught the network) """ if os.path.exists(self.password_filepath) and not clear: @@ -113,11 +113,11 @@ class glancesPassword: # password_plain is the password MD5 # password_hashed is the hashed password - password_md5 = hashlib.md5(getpass.getpass(_("Password: "))).hexdigest() - password_hashed = self.hash_password(password_md5) + password_sha = hashlib.sha256(getpass.getpass(_("Password: "))).hexdigest() + password_hashed = self.hash_password(password_sha) if confirm: # password_confirm is the clear password (only used to compare) - password_confirm = hashlib.md5(getpass.getpass(_("Password (confirm): "))).hexdigest() + password_confirm = hashlib.sha256(getpass.getpass(_("Password (confirm): "))).hexdigest() if not self.check_password(password_hashed, password_confirm): sys.stdout.write(_("[Error] Sorry, but passwords did not match...\n")) @@ -125,7 +125,7 @@ class glancesPassword: # Return the clear or hashed password if clear: - password = password_md5 + password = password_sha else: password = password_hashed diff --git a/glances/core/glances_server.py b/glances/core/glances_server.py index 97a78edd..108c8caf 100644 --- a/glances/core/glances_server.py +++ b/glances/core/glances_server.py @@ -22,7 +22,6 @@ import json import socket import sys from base64 import b64decode -from hashlib import md5 try: from xmlrpc.server import SimpleXMLRPCRequestHandler from xmlrpc.server import SimpleXMLRPCServer @@ -83,10 +82,6 @@ class GlancesXMLRPCHandler(SimpleXMLRPCRequestHandler): pwd = glancesPassword() - # print "Server password: %s" % self.server.user_dict[username] - # print "Client password: %s" % password - # print "MD5Cli password: %s" % md5(password).hexdigest() - # print "check_password: %s" % pwd.check_password(self.server.user_dict[username], password) return pwd.check_password(self.server.user_dict[username], password) else: return False