[1.6.x] Fixed #20675 -- `check_password` should work when no password is specified.

The regression was introduced by 2c4fe761a. refs #20593.

Backport of 8759778185 from master.
This commit is contained in:
Simon Charette 2013-07-03 13:13:47 -04:00
parent 75041d5ea3
commit 2de0d4c452
2 changed files with 10 additions and 2 deletions

View File

@ -22,6 +22,7 @@ UNUSABLE_PASSWORD_SUFFIX_LENGTH = 40 # number of random chars to add after UNUS
HASHERS = None # lazily loaded from PASSWORD_HASHERS HASHERS = None # lazily loaded from PASSWORD_HASHERS
PREFERRED_HASHER = None # defaults to first item in PASSWORD_HASHERS PREFERRED_HASHER = None # defaults to first item in PASSWORD_HASHERS
@receiver(setting_changed) @receiver(setting_changed)
def reset_hashers(**kwargs): def reset_hashers(**kwargs):
if kwargs['setting'] == 'PASSWORD_HASHERS': if kwargs['setting'] == 'PASSWORD_HASHERS':
@ -34,7 +35,7 @@ def is_password_usable(encoded):
if encoded is None or encoded.startswith(UNUSABLE_PASSWORD_PREFIX): if encoded is None or encoded.startswith(UNUSABLE_PASSWORD_PREFIX):
return False return False
try: try:
hasher = identify_hasher(encoded) identify_hasher(encoded)
except ValueError: except ValueError:
return False return False
return True return True
@ -48,7 +49,7 @@ def check_password(password, encoded, setter=None, preferred='default'):
If setter is specified, it'll be called when you need to If setter is specified, it'll be called when you need to
regenerate the password. regenerate the password.
""" """
if not is_password_usable(encoded): if password is None or not is_password_usable(encoded):
return False return False
preferred = get_hasher(preferred) preferred = get_hasher(preferred)

View File

@ -186,6 +186,13 @@ class TestUtilsHashPass(unittest.TestCase):
# This might fail one day due to a hash collision. # This might fail one day due to a hash collision.
self.assertNotEqual(encoded, make_password(None), "Random password collision?") self.assertNotEqual(encoded, make_password(None), "Random password collision?")
def test_unspecified_password(self):
"""
Makes sure specifying no plain password with a valid encoded password
returns `False`.
"""
self.assertFalse(check_password(None, make_password('lètmein')))
def test_bad_algorithm(self): def test_bad_algorithm(self):
with self.assertRaises(ValueError): with self.assertRaises(ValueError):
make_password('lètmein', hasher='lolcat') make_password('lètmein', hasher='lolcat')