Add test for ldap check password with bad base64 hash
This commit is contained in:
parent
d25f738b03
commit
d053003344
@ -131,8 +131,12 @@ class CheckPasswordCase(TestCase):
|
|||||||
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||||
utils.check_password("ldap", self.password1, b"TOTOssdsdsd", "utf8")
|
utils.check_password("ldap", self.password1, b"TOTOssdsdsd", "utf8")
|
||||||
for scheme in schemes_salt:
|
for scheme in schemes_salt:
|
||||||
|
# bad length
|
||||||
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||||
utils.check_password("ldap", self.password1, scheme + b"dG90b3E8ZHNkcw==", "utf8")
|
utils.check_password("ldap", self.password1, scheme + b"dG90b3E8ZHNkcw==", "utf8")
|
||||||
|
# bad base64
|
||||||
|
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||||
|
utils.check_password("ldap", self.password1, scheme + b"dG90b3E8ZHNkcw", "utf8")
|
||||||
|
|
||||||
def test_hex(self):
|
def test_hex(self):
|
||||||
"""test all the hex_HASH method: the hashed password is a simple hash of the password"""
|
"""test all the hex_HASH method: the hashed password is a simple hash of the password"""
|
||||||
|
@ -28,6 +28,7 @@ import six
|
|||||||
import requests
|
import requests
|
||||||
import time
|
import time
|
||||||
import logging
|
import logging
|
||||||
|
import binascii
|
||||||
|
|
||||||
from importlib import import_module
|
from importlib import import_module
|
||||||
from datetime import datetime, timedelta
|
from datetime import datetime, timedelta
|
||||||
@ -563,7 +564,7 @@ class LdapHashUserPassword(object):
|
|||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
hashed_passord = base64.b64decode(hashed_passord[len(scheme):])
|
hashed_passord = base64.b64decode(hashed_passord[len(scheme):])
|
||||||
except TypeError as error:
|
except (TypeError, binascii.Error) as error:
|
||||||
raise cls.BadHash("Bad base64: %s" % error)
|
raise cls.BadHash("Bad base64: %s" % error)
|
||||||
if len(hashed_passord) < cls._schemes_to_len[scheme]:
|
if len(hashed_passord) < cls._schemes_to_len[scheme]:
|
||||||
raise cls.BadHash("Hash too short for the scheme %s" % scheme)
|
raise cls.BadHash("Hash too short for the scheme %s" % scheme)
|
||||||
|
Loading…
Reference in New Issue
Block a user