diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2019-11-10 14:47:55 -0500 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2019-11-10 14:47:55 -0500 |
| commit | a945d60e814337e668c647a043bfd6adcbd9d47e (patch) | |
| tree | 6c737fb1a86f7a8e7f028f84959c3961efdbb196 | |
| parent | ff5754b5bf7caaccab3cea32392a7b6b50e47137 (diff) | |
| download | passlib-a945d60e814337e668c647a043bfd6adcbd9d47e.tar.gz | |
argon2 -- check for unsupported "argon2" package, or "argon2_cffi" that's too old.
| -rw-r--r-- | docs/history/1.7.rst | 5 | ||||
| -rw-r--r-- | passlib/handlers/argon2.py | 16 |
2 files changed, 20 insertions, 1 deletions
diff --git a/docs/history/1.7.rst b/docs/history/1.7.rst index 48a1963..3e208b8 100644 --- a/docs/history/1.7.rst +++ b/docs/history/1.7.rst @@ -41,6 +41,11 @@ Other Changes * **setup.py**: now honors ``$SOURCE_DATE_EPOCH`` to help with reproducible builds +* .. py:currentmodule:: passlib.hash + + :class:`argon2`: Now throws helpful error if "argon2" package is actually an incompatible + or supported version of argon2_cffi (:issue:`99`). + * **documentation**: Various updates & corrections. **1.7.1** (2017-1-30) diff --git a/passlib/handlers/argon2.py b/passlib/handlers/argon2.py index 4035146..7e3dfac 100644 --- a/passlib/handlers/argon2.py +++ b/passlib/handlers/argon2.py @@ -64,11 +64,23 @@ ALL_TYPES_SET = set(ALL_TYPES) # import cffi package # NOTE: we try to do this even if caller is going to use argon2pure, # so that we can always use the libargon2 default settings when possible. +_argon2_cffi_error = None try: import argon2 as _argon2_cffi except ImportError: _argon2_cffi = None - +else: + if not hasattr(_argon2_cffi, "Type"): + # they have incompatible "argon2" package installed, instead of "argon2_cffi" package. + _argon2_cffi_error = ( + "'argon2' module points to unsupported 'argon2' pypi package; " + "please install 'argon2-cffi' instead." + ) + _argon2_cffi = None + elif not hasattr(_argon2_cffi, "low_level"): + # they have pre-v16 argon2_cffi package + _argon2_cffi_error = "'argon2-cffi' is too old, please update to argon2_cffi >= 18.2.0" + _argon2_cffi = None # init default settings for our hasher class -- # if we have argon2_cffi >= 16.0, use their default hasher settings, otherwise use static default @@ -696,6 +708,8 @@ class _CffiBackend(_Argon2Common): # we automatically import this at top, so just grab info if _argon2_cffi is None: + if _argon2_cffi_error: + raise exc.PasslibSecurityError(_argon2_cffi_error) return False max_version = _argon2_cffi.low_level.ARGON2_VERSION log.debug("detected 'argon2_cffi' backend, version %r, with support for 0x%x argon2 hashes", |