Index: misc-stml.scm ================================================================== --- misc-stml.scm +++ misc-stml.scm @@ -10,13 +10,12 @@ ;;====================================================================== ;; dumbobj helpers ;;====================================================================== (declare (unit misc-stml)) +(use (prefix crypt c:)) (use regex) -(use dbi) -(import (prefix dbi dbi:)) ;; given a list of symbols give the count of the matching symbol ;; l => '(a b c) (dumobj:indx a 'b) => 1 (define (s:get-fieldnum lst field-name) (let loop ((head (car lst)) @@ -127,22 +126,15 @@ (n 1)) (if (> n len) res (loop (string-append res (session:get-rand-char)) (+ n 1))))) -;; openssl passwd -crypt -salt xx password +;; Rely on crypt egg's default settings being secure enough, accept +;; backwards-compatible OpenSSL crypt passwords too. ;; (define (s:crypt-passwd pw s) - (let* ((salt (if s s (session:make-rand-string 2))) - (inp (open-input-pipe - ;;(string-append "echo " pw " | mkpasswd -S " salt " -s"))) - ;; (conc "mkpasswd " pw " " salt) - (conc "openssl passwd -crypt -salt " salt " " pw) - )) - (res (read-line inp))) - (close-input-port inp) - res)) + (c:crypt pw (or s (c:crypt-gensalt)))) (define (s:password-match? password crypted) (let* ((salt (substring crypted 0 2)) (pcrypted (s:crypt-passwd password salt))) (s:log "INFO: pcrypted=" pcrypted " crypted=" crypted) Index: tests/test.scm ================================================================== --- tests/test.scm +++ tests/test.scm @@ -96,11 +96,12 @@ (loop (read-line fh))))) (close-input-port fh)) ;; Should have poll:poll defined now. (test "Make a random string" 2 (string-length (session:make-rand-string 2))) -(test "Create a encrypted password" "abQ9KY.KfrYrc" (s:crypt-passwd "foo" "ab")) +(test "Create an encrypted password using DES (backwards compat)" "abQ9KY.KfrYrc" (s:crypt-passwd "foo" "ab")) +(test "Create an encrypted password using Blowfish" "$2a$12$GyoKHX/UOxMLGtwdSTr7EOF9KQzlyyyRqFTKx1YvLA3sMukbV4WBC" (s:crypt-passwd "foo" "$2a$12$GyoKHX/UOxMLGtwdSTr7EO")) (test "s:any->string on a hash-table" "#" (s:any->string (make-hash-table))) (define select-list '((a b c)(d (e f g)(h i j #t))))