diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2016-06-30 22:47:50 -0400 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2016-06-30 22:47:50 -0400 |
| commit | dd2d61194d2908f78f2b36f481e0d2a08e6c8547 (patch) | |
| tree | 659e7323bc363dfbdbcbd775f341c7e675a53a17 | |
| parent | 8828a40f7f47fa765d5969327c0a12fb236d0731 (diff) | |
| download | passlib-dd2d61194d2908f78f2b36f481e0d2a08e6c8547.tar.gz | |
passlib.exc: PasswordSizeError / PasswordTruncateError now have a .max_size
attribute to make displaying user-facing messages easier.
| -rw-r--r-- | passlib/exc.py | 28 | ||||
| -rw-r--r-- | passlib/tests/utils.py | 15 | ||||
| -rw-r--r-- | passlib/utils/handlers.py | 2 |
3 files changed, 32 insertions, 13 deletions
diff --git a/passlib/exc.py b/passlib/exc.py index 1cdb860..3e4f0c1 100644 --- a/passlib/exc.py +++ b/passlib/exc.py @@ -31,10 +31,20 @@ class PasswordSizeError(ValueError): ``PASSLIB_MAX_PASSWORD_SIZE`` environmental variable before Passlib is loaded. The value can be any large positive integer. + .. attribute:: max_size + + indicates the maximum allowed size. + .. versionadded:: 1.6 """ - def __init__(self): - ValueError.__init__(self, "password exceeds maximum allowed size") + + max_size = None + + def __init__(self, max_size, msg=None): + self.max_size = max_size + if msg is None: + msg = "password exceeds maximum allowed size" + ValueError.__init__(self, msg) # this also prevents a glibc crypt segfault issue, detailed here ... # http://www.openwall.com/lists/oss-security/2011/11/15/1 @@ -47,12 +57,18 @@ class PasswordTruncateError(PasswordSizeError): Hashers such as :class:`~passlib.hash.bcrypt` can be configured to raises this error by setting ``truncate_error=True``. + .. attribute:: max_size + + indicates the maximum allowed size. + .. versionadded:: 1.7 """ - def __init__(self, cls): - msg = ("Password too long (%s truncates to %d characters)" % - (cls.name, cls.truncate_size)) - ValueError.__init__(self, msg) + + def __init__(self, cls, msg=None): + if msg is None: + msg = ("Password too long (%s truncates to %d characters)" % + (cls.name, cls.truncate_size)) + PasswordSizeError.__init__(self, cls.truncate_size, msg) class PasslibSecurityError(RuntimeError): """ diff --git a/passlib/tests/utils.py b/passlib/tests/utils.py index 066dfa8..6c6145d 100644 --- a/passlib/tests/utils.py +++ b/passlib/tests/utils.py @@ -373,7 +373,8 @@ class TestCase(_TestCase): return msg or std #--------------------------------------------------------------- - # override assertRaises() to support '__msg__' keyword + # override assertRaises() to support '__msg__' keyword, + # and to return the caught exception for further examination #--------------------------------------------------------------- def assertRaises(self, _exc_type, _callable=None, *args, **kwds): msg = kwds.pop("__msg__", None) @@ -383,8 +384,8 @@ class TestCase(_TestCase): *args, **kwds) try: result = _callable(*args, **kwds) - except _exc_type: - return + except _exc_type as err: + return err std = "function returned %r, expected it to raise %r" % (result, _exc_type) raise self.failureException(self._formatMessage(msg, std)) @@ -1906,8 +1907,9 @@ class HandlerCase(TestCase): hash = self.do_encrypt(secret, handler=without_error) # with errors enabled, should forbid truncation. - self.assertRaises(uh.exc.PasswordTruncateError, - self.do_encrypt, secret, handler=with_error) + err = self.assertRaises(uh.exc.PasswordTruncateError, + self.do_encrypt, secret, handler=with_error) + self.assertEqual(err.max_size, sc) # make sure we can create & hash string that's exactly sc chars self.do_encrypt(secret[:-1], handler=with_error) @@ -2004,7 +2006,8 @@ class HandlerCase(TestCase): from passlib.utils import MAX_PASSWORD_SIZE secret = '.' * (1+MAX_PASSWORD_SIZE) hash = self.get_sample_hash()[1] - self.assertRaises(PasswordSizeError, self.do_genhash, secret, hash) + err = self.assertRaises(PasswordSizeError, self.do_genhash, secret, hash) + self.assertEqual(err.max_size, MAX_PASSWORD_SIZE) self.assertRaises(PasswordSizeError, self.do_encrypt, secret) self.assertRaises(PasswordSizeError, self.do_verify, secret, hash) diff --git a/passlib/utils/handlers.py b/passlib/utils/handlers.py index 93023ef..1e3441f 100644 --- a/passlib/utils/handlers.py +++ b/passlib/utils/handlers.py @@ -120,7 +120,7 @@ def validate_secret(secret): if not isinstance(secret, unicode_or_bytes_types): raise exc.ExpectedStringError(secret, "secret") if len(secret) > MAX_PASSWORD_SIZE: - raise exc.PasswordSizeError() + raise exc.PasswordSizeError(MAX_PASSWORD_SIZE) def to_unicode_for_identify(hash): """convert hash to unicode for identify method""" |