diff options
author | Eli Collins <elic@assurancetechnologies.com> | 2020-05-12 12:05:34 -0400 |
---|---|---|
committer | Eli Collins <elic@assurancetechnologies.com> | 2020-05-12 12:05:34 -0400 |
commit | fd5f041dbd807f18cb250ce13c16c0c4b7362cac (patch) | |
tree | 9800afab0ea3da684d7623d111012182f520fcbc /passlib/exc.py | |
parent | 75971aa30aa80a6ec24861b8afb3d38151b1fa44 (diff) | |
download | passlib-fd5f041dbd807f18cb250ce13c16c0c4b7362cac.tar.gz |
bcrypt / os_crypt backend: now throws new PasswordValueError()
when encoding issue is found, to separate this from an unexpected error
when calling crypt.crypt() (these will still raise MissingBackendError).
also tweaked internal safe_verify() helper to catch errors thrown by
os_crypt backend (MissingBackendError would previously slip through,
causing spurious UT failures)
Diffstat (limited to 'passlib/exc.py')
-rw-r--r-- | passlib/exc.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/passlib/exc.py b/passlib/exc.py index 335fe91..42d3928 100644 --- a/passlib/exc.py +++ b/passlib/exc.py @@ -27,7 +27,21 @@ class MissingBackendError(RuntimeError): :class:`~passlib.hash.bcrypt`). """ -class PasswordSizeError(ValueError): + +class PasswordValueError(ValueError): + """ + Error raised if a password can't be hashed / verified for various reasons. + + May be thrown directly when password violates internal invariants of hasher + (e.g. some don't support NULL characters); may also throw more specified subclasses, + such as :exc:`!PasswordSizeError`. + + .. versionadded:: 1.7.3 + """ + pass + + +class PasswordSizeError(PasswordValueError): """ Error raised if a password exceeds the maximum size allowed by Passlib (by default, 4096 characters); or if password exceeds @@ -59,7 +73,7 @@ class PasswordSizeError(ValueError): self.max_size = max_size if msg is None: msg = "password exceeds maximum allowed size" - ValueError.__init__(self, msg) + PasswordValueError.__init__(self, msg) # this also prevents a glibc crypt segfault issue, detailed here ... # http://www.openwall.com/lists/oss-security/2011/11/15/1 @@ -288,7 +302,7 @@ def MissingDigestError(handler=None): def NullPasswordError(handler=None): """raised by OS crypt() supporting hashes, which forbid NULLs in password""" name = _get_name(handler) - return ValueError("%s does not allow NULL bytes in password" % name) + return PasswordValueError("%s does not allow NULL bytes in password" % name) #------------------------------------------------------------------------ # errors when parsing hashes |