diff options
| author | Stanislav Laznicka <slaznick@redhat.com> | 2016-12-06 09:05:42 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2017-01-06 09:26:56 +0100 |
| commit | 8db5b277a079fdfe5efbd7d49311f14489cee0e8 (patch) | |
| tree | e70fd61ab3bb90151ebc6d05761cf8f8d50ac9e7 /ipaserver/secrets | |
| parent | be7865bf4f9b6774a17f31380e96b76d0473f982 (diff) | |
| download | freeipa-8db5b277a079fdfe5efbd7d49311f14489cee0e8.tar.gz freeipa-8db5b277a079fdfe5efbd7d49311f14489cee0e8.tar.xz freeipa-8db5b277a079fdfe5efbd7d49311f14489cee0e8.zip | |
Unify password generation across FreeIPA
Also had to recalculate entropy of the passwords as originally,
probability of generating each character was 1/256, however the
default probability of each character in the ipa_generate_password
is 1/95 (1/94 for first and last character).
https://fedorahosted.org/freeipa/ticket/5695
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'ipaserver/secrets')
| -rw-r--r-- | ipaserver/secrets/store.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipaserver/secrets/store.py b/ipaserver/secrets/store.py index 1df7191f9..1c369d8cd 100644 --- a/ipaserver/secrets/store.py +++ b/ipaserver/secrets/store.py @@ -122,7 +122,7 @@ class NSSCertDB(DBMAPHandler): with open(nsspwfile, 'w+') as f: f.write(self.nssdb_password) pk12pwfile = os.path.join(tdir, 'pk12pwfile') - password = b64encode(os.urandom(16)) + password = ipautil.ipa_generate_password(pwd_len=20) with open(pk12pwfile, 'w+') as f: f.write(password) pk12file = os.path.join(tdir, 'pk12file') |