From 5aff41ff2249161d86d30396cc9c4fc565f88213 Mon Sep 17 00:00:00 2001
From: Andrea Cimbalo <cimbalo@gmail.com>
Date: Sat, 16 Sep 2017 12:22:47 +0200
Subject: [PATCH] move to salted sha512 due security reason and bug in ldap3
 sha handling

---
 lilikusers.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lilikusers.py b/lilikusers.py
index 5fa7f40..07d8df5 100644
--- a/lilikusers.py
+++ b/lilikusers.py
@@ -67,9 +67,8 @@ class LILiK_USER(object):
         diff = utils.DictDiffer(new_lilik_user, self.__dict__)
         modifiers = {user_cn: {}}
         if 'userPassword' in diff.added() and new_lilik_user['userPassword']:
-            action = ldap3.MODIFY_REPLACE
-            hashed = ldap3.utils.hashed(ldap3.HASHED_SALTED_SHA, new_lilik_user['userPassword'])
-            modifiers[user_cn]['userPassword'] = [(action, [hashed])]
+            hashed = ldap3.utils.hashed.hashed(ldap3.HASHED_SALTED_SHA512, new_lilik_user['userPassword'])
+            modifiers[user_cn]['userPassword'] = [(ldap3.MODIFY_REPLACE, [hashed])]
         for changed in diff.changed():
             if changed == 'services':
                 services_diff = utils.DictDiffer(self.__dict__[changed], new_lilik_user[changed])