2 files changed, 18 insertions, 20 deletions

diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index 10332469f..65f7e36aa 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -32,26 +32,8 @@ from Mailman import Cookie
 from Mailman import mm_cfg
 
 
-# TBD: is this the best location for the site password?
-SITE_PW_FILE = os.path.join(mm_cfg.DATA_DIR, 'adm.pw')
-
-
+
 class SecurityManager:
-    def SetSiteAdminPassword(self, pw):
-        fp = Utils.open_ex(SITE_PW_FILE, 'w', perms=0640)
-        fp.write(Crypt.crypt(pw, Utils.GetRandomSeed()))
-        fp.close()
-
-    def CheckSiteAdminPassword(self, str):
-	try:
-	    f = open(SITE_PW_FILE, "r")
-	    pw = f.read()
-	    f.close()
-	    return Crypt.crypt(str, pw) == pw
-	# There probably is no site admin password if there was an exception
-	except: 
-	    return 0
-
     def InitVars(self, crypted_password):
 	# Configurable, however, we don't pass this back in GetConfigInfo
 	# because it's a special case as it requires confirmation to change.
@@ -60,7 +42,7 @@ class SecurityManager:
 	self.passwords = {}
 
     def ValidAdminPassword(self, pw):
-	if self.CheckSiteAdminPassword(pw):
+	if Utils.CheckSiteAdminPassword(pw):
             return 1
 	return type(pw) == StringType and \
                Crypt.crypt(pw, self.password) == self.password
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index 405539f29..720d04826 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -40,6 +40,7 @@ from Mailman import Errors
 ##    import md5
 ##except ImportError:
 ##    md5 = None
+from Mailman import Crypt
 
 
 
@@ -392,6 +393,21 @@ def GetRandomSeed():
         return c
     return "%c%c" % tuple(map(mkletter, (chr1, chr2)))
 
+def SetSiteAdminPassword(pw):
+    fp = open_ex(mm_cfg.SITE_PW_FILE, 'w', perms=0640)
+    fp.write(Crypt.crypt(pw, GetRandomSeed()))
+    fp.close()
+
+def CheckSiteAdminPassword(pw1):
+    try:
+        f = open(mm_cfg.SITE_PW_FILE)
+        pw2 = f.read()
+        f.close()
+        return Crypt.crypt(pw1, pw2[:2]) == pw2
+    # There probably is no site admin password if there was an exception
+    except IOError:
+        return 0
+
 
 
 def QuoteHyperChars(str):