Add test for ldap check password with bad base64 hash
This commit is contained in:
parent
d25f738b03
commit
d053003344
@ -131,8 +131,12 @@ class CheckPasswordCase(TestCase):
|
||||
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||
utils.check_password("ldap", self.password1, b"TOTOssdsdsd", "utf8")
|
||||
for scheme in schemes_salt:
|
||||
# bad length
|
||||
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||
utils.check_password("ldap", self.password1, scheme + b"dG90b3E8ZHNkcw==", "utf8")
|
||||
# bad base64
|
||||
with self.assertRaises(utils.LdapHashUserPassword.BadHash):
|
||||
utils.check_password("ldap", self.password1, scheme + b"dG90b3E8ZHNkcw", "utf8")
|
||||
|
||||
def test_hex(self):
|
||||
"""test all the hex_HASH method: the hashed password is a simple hash of the password"""
|
||||
|
@ -28,6 +28,7 @@ import six
|
||||
import requests
|
||||
import time
|
||||
import logging
|
||||
import binascii
|
||||
|
||||
from importlib import import_module
|
||||
from datetime import datetime, timedelta
|
||||
@ -563,7 +564,7 @@ class LdapHashUserPassword(object):
|
||||
else:
|
||||
try:
|
||||
hashed_passord = base64.b64decode(hashed_passord[len(scheme):])
|
||||
except TypeError as error:
|
||||
except (TypeError, binascii.Error) as error:
|
||||
raise cls.BadHash("Bad base64: %s" % error)
|
||||
if len(hashed_passord) < cls._schemes_to_len[scheme]:
|
||||
raise cls.BadHash("Hash too short for the scheme %s" % scheme)
|
||||
|
Loading…
Reference in New Issue
Block a user