From 458120dd40db6b4df55a4e96b650e16798ef06a0 Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Tue, 3 May 2011 11:25:13 +0000 Subject: add hg and python --- sys/src/cmd/python/Doc/lib/libcrypt.tex | 54 +++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 sys/src/cmd/python/Doc/lib/libcrypt.tex (limited to 'sys/src/cmd/python/Doc/lib/libcrypt.tex') diff --git a/sys/src/cmd/python/Doc/lib/libcrypt.tex b/sys/src/cmd/python/Doc/lib/libcrypt.tex new file mode 100644 index 000000000..b6a14635b --- /dev/null +++ b/sys/src/cmd/python/Doc/lib/libcrypt.tex @@ -0,0 +1,54 @@ +\section{\module{crypt} --- + Function to check \UNIX{} passwords} + +\declaremodule{builtin}{crypt} + \platform{Unix} +\modulesynopsis{The \cfunction{crypt()} function used to check + \UNIX\ passwords.} +\moduleauthor{Steven D. Majewski}{sdm7g@virginia.edu} +\sectionauthor{Steven D. Majewski}{sdm7g@virginia.edu} +\sectionauthor{Peter Funk}{pf@artcom-gmbh.de} + + +This module implements an interface to the +\manpage{crypt}{3}\index{crypt(3)} routine, which is a one-way hash +function based upon a modified DES\indexii{cipher}{DES} algorithm; see +the \UNIX{} man page for further details. Possible uses include +allowing Python scripts to accept typed passwords from the user, or +attempting to crack \UNIX{} passwords with a dictionary. + +Notice that the behavior of this module depends on the actual implementation +of the \manpage{crypt}{3}\index{crypt(3)} routine in the running system. +Therefore, any extensions available on the current implementation will also +be available on this module. +\begin{funcdesc}{crypt}{word, salt} + \var{word} will usually be a user's password as typed at a prompt or + in a graphical interface. \var{salt} is usually a random + two-character string which will be used to perturb the DES algorithm + in one of 4096 ways. The characters in \var{salt} must be in the + set \regexp{[./a-zA-Z0-9]}. Returns the hashed password as a + string, which will be composed of characters from the same alphabet + as the salt (the first two characters represent the salt itself). + + Since a few \manpage{crypt}{3}\index{crypt(3)} extensions allow different + values, with different sizes in the \var{salt}, it is recommended to use + the full crypted password as salt when checking for a password. +\end{funcdesc} + + +A simple example illustrating typical use: + +\begin{verbatim} +import crypt, getpass, pwd + +def login(): + username = raw_input('Python login:') + cryptedpasswd = pwd.getpwnam(username)[1] + if cryptedpasswd: + if cryptedpasswd == 'x' or cryptedpasswd == '*': + raise "Sorry, currently no support for shadow passwords" + cleartext = getpass.getpass() + return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd + else: + return 1 +\end{verbatim} -- cgit v1.2.3