diff options
| author | Eli Collins <elic@assurancetechnologies.com> | 2012-04-17 15:10:07 -0400 |
|---|---|---|
| committer | Eli Collins <elic@assurancetechnologies.com> | 2012-04-17 15:10:07 -0400 |
| commit | ab5a64cea160b07477874e646bb3c11511af3967 (patch) | |
| tree | 6646759a4d74d1ea419ec2b9cd5dea005147070f /passlib | |
| parent | 29e7c681bed9a2a9b96f71b56b0bf4edca8ef044 (diff) | |
| download | passlib-ab5a64cea160b07477874e646bb3c11511af3967.tar.gz | |
bugfix: set des_crypt.checksum_size, so it will now reject hashes with missing chars
Diffstat (limited to 'passlib')
| -rw-r--r-- | passlib/handlers/des_crypt.py | 1 | ||||
| -rw-r--r-- | passlib/hosts.py | 21 | ||||
| -rw-r--r-- | passlib/tests/test_handlers.py | 4 |
3 files changed, 17 insertions, 9 deletions
diff --git a/passlib/handlers/des_crypt.py b/passlib/handlers/des_crypt.py index efce29e..efff479 100644 --- a/passlib/handlers/des_crypt.py +++ b/passlib/handlers/des_crypt.py @@ -129,6 +129,7 @@ class des_crypt(uh.HasManyBackends, uh.HasSalt, uh.GenericHandler): name = "des_crypt" setting_kwds = ("salt",) checksum_chars = uh.HASH64_CHARS + checksum_size = 11 #--HasSalt-- min_salt_size = max_salt_size = 2 diff --git a/passlib/hosts.py b/passlib/hosts.py index 5836c98..dc3ce83 100644 --- a/passlib/hosts.py +++ b/passlib/hosts.py @@ -20,10 +20,10 @@ __all__ = [ ] #========================================================= -#linux support +# linux support #========================================================= -#known platform names - linux2 +# known platform names - linux2 linux_context = linux2_context = LazyCryptContext( schemes = [ "sha512_crypt", "sha256_crypt", "md5_crypt", @@ -32,7 +32,7 @@ linux_context = linux2_context = LazyCryptContext( ) #========================================================= -#bsd support +# bsd support #========================================================= #known platform names - @@ -59,13 +59,16 @@ openbsd_context = LazyCryptContext(["bcrypt", "md5_crypt", "bsdi_crypt", netbsd_context = LazyCryptContext(["bcrypt", "sha1_crypt", "md5_crypt", "bsdi_crypt", "des_crypt", "unix_disabled"]) +# XXX: include darwin in this list? it's got a BSD crypt variant, +# but that's not what it uses for user passwords. + #========================================================= #current host #========================================================= if has_crypt: - #NOTE: this is basically mimicing the output of os crypt(), - #except that it uses passlib's (usually stronger) defaults settings, - #and can be introspected and used much more flexibly. + # NOTE: this is basically mimicing the output of os crypt(), + # except that it uses passlib's (usually stronger) defaults settings, + # and can be introspected and used much more flexibly. def _iter_os_crypt_schemes(): "helper which iterates over supported os_crypt schemes" @@ -76,11 +79,11 @@ if has_crypt: found = True yield name if found: - #only offer fallback if there's another scheme in front, - #as this can't actually hash any passwords + # only offer disabled handler if there's another scheme in front, + # as this can't actually hash any passwords yield "unix_disabled" else: # pragma: no cover - #no idea what OS this could happen on, but just in case... + # no idea what OS this could happen on... warn("crypt.crypt() function is present, but doesn't support any " "formats known to passlib!", PasslibRuntimeWarning) diff --git a/passlib/tests/test_handlers.py b/passlib/tests/test_handlers.py index b06d100..259a58f 100644 --- a/passlib/tests/test_handlers.py +++ b/passlib/tests/test_handlers.py @@ -643,6 +643,10 @@ class _des_crypt_test(HandlerCase): # bad char in otherwise correctly formatted hash #\/ '!gAwTx2l6NADI', + + # wrong size + 'OgAwTx2l6NAD', + 'OgAwTx2l6NADIj', ] platform_crypt_support = dict( |