2 new commits in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/a6f688dade80/ Changeset: a6f688dade80 Branch: next-stable User: natefoo Date: 2013-05-29 19:55:08 Summary: Make PBKDF2 password hashing conditional, enable by default. Affected #: 3 files diff -r 886a722b0aef6560320c1ddf7382e6207731f49f -r a6f688dade808b0e16903fbb50186ad9656c0d1c lib/galaxy/app.py --- a/lib/galaxy/app.py +++ b/lib/galaxy/app.py @@ -62,7 +62,8 @@ self.config.database_engine_options, database_query_profiling_proxy = self.config.database_query_profiling_proxy, object_store = self.object_store, - trace_logger=self.trace_logger ) + trace_logger=self.trace_logger, + use_pbkdf2=self.config.get_bool( 'use_pbkdf2', True ) ) # Manage installed tool shed repositories. self.installed_repository_manager = tool_shed.galaxy_install.InstalledRepositoryManager( self ) # Create an empty datatypes registry. diff -r 886a722b0aef6560320c1ddf7382e6207731f49f -r a6f688dade808b0e16903fbb50186ad9656c0d1c lib/galaxy/model/__init__.py --- a/lib/galaxy/model/__init__.py +++ b/lib/galaxy/model/__init__.py @@ -62,6 +62,7 @@ class User( object, APIItem ): + use_pbkdf2 = True """ Data for a Galaxy user or admin and relations to their histories, credentials, and roles. @@ -87,7 +88,10 @@ """ Set user password to the digest of `cleartext`. """ - self.password = galaxy.security.passwords.hash_password( cleartext ) + if User.use_pbkdf2: + self.password = galaxy.security.passwords.hash_password( cleartext ) + else: + self.password = new_secure_hash( text_type=cleartext ) def check_password( self, cleartext ): """ diff -r 886a722b0aef6560320c1ddf7382e6207731f49f -r a6f688dade808b0e16903fbb50186ad9656c0d1c lib/galaxy/model/mapping.py --- a/lib/galaxy/model/mapping.py +++ b/lib/galaxy/model/mapping.py @@ -2008,12 +2008,14 @@ # Let this go, it could possibly work with db's we don't support log.error( "database_connection contains an unknown SQLAlchemy database dialect: %s" % dialect ) -def init( file_path, url, engine_options={}, create_tables=False, database_query_profiling_proxy=False, object_store=None, trace_logger=None ): +def init( file_path, url, engine_options={}, create_tables=False, database_query_profiling_proxy=False, object_store=None, trace_logger=None, use_pbkdf2=True ): """Connect mappings to the database""" # Connect dataset to the file path model.Dataset.file_path = file_path # Connect dataset to object store model.Dataset.object_store = object_store + # Use PBKDF2 password hashing? + model.User.use_pbkdf2 = use_pbkdf2 # Load the appropriate db module load_egg_for_url( url ) # Should we use the logging proxy? https://bitbucket.org/galaxy/galaxy-central/commits/e3455a092882/ Changeset: e3455a092882 User: natefoo Date: 2013-05-29 19:55:22 Summary: merge next-stable. Affected #: 3 files diff -r 35ac562e7e81f232b99c2c377d415b6aeab538cb -r e3455a0928824b8ef0fb8f9337e3b0a1d194d2ed lib/galaxy/app.py --- a/lib/galaxy/app.py +++ b/lib/galaxy/app.py @@ -62,7 +62,8 @@ self.config.database_engine_options, database_query_profiling_proxy = self.config.database_query_profiling_proxy, object_store = self.object_store, - trace_logger=self.trace_logger ) + trace_logger=self.trace_logger, + use_pbkdf2=self.config.get_bool( 'use_pbkdf2', True ) ) # Manage installed tool shed repositories. self.installed_repository_manager = tool_shed.galaxy_install.InstalledRepositoryManager( self ) # Create an empty datatypes registry. diff -r 35ac562e7e81f232b99c2c377d415b6aeab538cb -r e3455a0928824b8ef0fb8f9337e3b0a1d194d2ed lib/galaxy/model/__init__.py --- a/lib/galaxy/model/__init__.py +++ b/lib/galaxy/model/__init__.py @@ -62,6 +62,7 @@ class User( object, APIItem ): + use_pbkdf2 = True """ Data for a Galaxy user or admin and relations to their histories, credentials, and roles. @@ -87,7 +88,10 @@ """ Set user password to the digest of `cleartext`. """ - self.password = galaxy.security.passwords.hash_password( cleartext ) + if User.use_pbkdf2: + self.password = galaxy.security.passwords.hash_password( cleartext ) + else: + self.password = new_secure_hash( text_type=cleartext ) def check_password( self, cleartext ): """ diff -r 35ac562e7e81f232b99c2c377d415b6aeab538cb -r e3455a0928824b8ef0fb8f9337e3b0a1d194d2ed lib/galaxy/model/mapping.py --- a/lib/galaxy/model/mapping.py +++ b/lib/galaxy/model/mapping.py @@ -2008,12 +2008,14 @@ # Let this go, it could possibly work with db's we don't support log.error( "database_connection contains an unknown SQLAlchemy database dialect: %s" % dialect ) -def init( file_path, url, engine_options={}, create_tables=False, database_query_profiling_proxy=False, object_store=None, trace_logger=None ): +def init( file_path, url, engine_options={}, create_tables=False, database_query_profiling_proxy=False, object_store=None, trace_logger=None, use_pbkdf2=True ): """Connect mappings to the database""" # Connect dataset to the file path model.Dataset.file_path = file_path # Connect dataset to object store model.Dataset.object_store = object_store + # Use PBKDF2 password hashing? + model.User.use_pbkdf2 = use_pbkdf2 # Load the appropriate db module load_egg_for_url( url ) # Should we use the logging proxy? Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.