This patch fixes #13 by allowing for variable length salts, it also allows for longer salts by separating out the default salt length (which remains at 16) ,used for encrypting new passwords in the module, from the maximum salt length (set to 64 - same as the max DK size for sha512, as larger salts would most likely be meaningless) that is used during verification against existing records.
This is a cleaned up version of a patch I've been using for the last year or so in an LDAP directory populated by data (including password hashes in pbkdf2) from a Django database, and it has been working well so far.
This patch fixes #13 by allowing for variable length salts, it also allows for longer salts by separating out the default salt length (which remains at 16) ,used for encrypting new passwords in the module, from the maximum salt length (set to 64 - same as the max DK size for sha512, as larger salts would most likely be meaningless) that is used during verification against existing records.
This is a cleaned up version of a patch I've been using for the last year or so in an LDAP directory populated by data (including password hashes in pbkdf2) from a Django database, and it has been working well so far.