Collector #435: Support for passwords encoded using MySQL's

       PASSWORD() function add to lib/python/AccessControl/AuthEncoding.py.

doc/CHANGES.txt

@@ -8,6 +8,9 @@ Zope Changes
 
     Features added
 
+     - Collector #435: Support for passwords encoded using MySQL's 
+       PASSWORD() function add to lib/python/AccessControl/AuthEncoding.py.
+
      - Collector #167: Support __getattr__ on cAccessControl PermissionRole
        objects to allow gathering of permission names for products like
        DocFinder and VerboseSecurity.

lib/python/AccessControl/AuthEncoding.py

@@ -11,7 +11,7 @@
 #
 ##############################################################################
 
-__version__='$Revision: 1.7 $'[11:-2]
+__version__='$Revision: 1.8 $'[11:-2]
 
 import sha, binascii
 from binascii import b2a_base64, a2b_base64
@@ -121,6 +121,29 @@ if crypt is not None:
     registerScheme('CRYPT', CryptDigestScheme())
 
 
+class MySQLDigestScheme:
+
+    def encrypt(self, pw):
+        nr = 1345345333L
+        add = 7
+        nr2 = 0x12345671L
+        for i in pw:
+            if i == ' ' or i == '\t':
+                continue
+            nr ^= (((nr & 63) add) * ord(i)) + (nr << 8)
+            nr2 += (nr2 << 8) ^ nr
+            add += ord(i)
+        r0 = nr & ((1L << 31) - 1L)
+        r1 = nr2 & ((1L << 31) - 1L)
+        return "%08lx%08lx" % (r0, r1)
+
+    def validate(self, reference, attempt):
+        a = self.encrypt(attempt)
+        return (a == reference)
+
+registerScheme('MYSQL', MySQLDigestScheme())
+
+
 def pw_validate(reference, attempt):
     """Validate the provided password string, which uses LDAP-style encoding
     notation.  Reference is the correct password, attempt is clear text