From 52b31e261f8c1dc65428275350507cdaef9d0af0 Mon Sep 17 00:00:00 2001
From: Mike Tigas <mike@tig.as>
Date: Thu, 21 Jun 2012 16:15:47 -0700
Subject: [PATCH 1/2] use bcrypt

allows optional bcrypt integration to make this 200% more secure
---
 requirements.txt |  1 +
 server.py        | 10 +++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 59cc1d5..f4c3e8e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1,2 @@
 gevent==0.13.7
+py-bcrypt==0.2
diff --git a/server.py b/server.py
index e554382..bed7398 100644
--- a/server.py
+++ b/server.py
@@ -3,6 +3,11 @@
 
 
 def mangodb(socket, address):
+    if os.environ.get('MANGODB_USE_BCRYPT', False):
+        import bcrypt
+    else:
+        bcrypt = None
+
     socket.sendall('HELLO\r\n')
     client = socket.makefile()
     output = open('/dev/null', 'w')
@@ -19,7 +24,10 @@ def mangodb(socket, address):
             if os.environ.get('MANGODB_DURABLE', False):
                 output.flush()
                 os.fsync(output.fileno())
-            client.write('OK' + os.urandom(1024).encode('string-escape') + '\r\n')
+            data = os.urandom(1024)
+            if os.environ.get('MANGODB_USE_BCRYPT', True):
+                data = bcrypt.hashpw(data.encode('string-escape'), bcrypt.gensalt())
+            client.write('OK' + data.encode('string-escape') + '\r\n')
         client.flush()
 
 

From bb72d3d634c7d4f996df1116ad152cf6bc213a41 Mon Sep 17 00:00:00 2001
From: Mike Tigas <mike@tig.as>
Date: Thu, 21 Jun 2012 16:20:53 -0700
Subject: [PATCH 2/2] herpderp

---
 server.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server.py b/server.py
index bed7398..aeaf3ee 100644
--- a/server.py
+++ b/server.py
@@ -25,7 +25,7 @@ def mangodb(socket, address):
                 output.flush()
                 os.fsync(output.fileno())
             data = os.urandom(1024)
-            if os.environ.get('MANGODB_USE_BCRYPT', True):
+            if os.environ.get('MANGODB_USE_BCRYPT', False):
                 data = bcrypt.hashpw(data.encode('string-escape'), bcrypt.gensalt())
             client.write('OK' + data.encode('string-escape') + '\r\n')
         client.flush()