Merge "Add MAX_PASSWORD_LENGTH check in backendutils." into stable/diablo
This commit is contained in:
commit
79a9fde506
1
.mailmap
1
.mailmap
|
@ -1,3 +1,4 @@
|
|||
<dprince@redhat.com> <dan.prince@rackspace.com>
|
||||
<dolph.mathews@rackspace.com> <dolph.mathews@gmail.com>
|
||||
<jeblair@hp.com> <corvus@gnu.org>
|
||||
<jeblair@hp.com> <james.blair@rackspace.com>
|
||||
|
|
2
AUTHORS
2
AUTHORS
|
@ -3,7 +3,7 @@ Alex Silva <alex.silva@M1BPAGY.(none)>
|
|||
Anne Gentle <anne@openstack.org>
|
||||
Anthony Young <sleepsonthefloor@gmail.com>
|
||||
Brian Lamar <brian.lamar@gmail.com>
|
||||
Dan Prince <dan.prince@rackspace.com>
|
||||
Dan Prince <dprince@redhat.com>
|
||||
Dolph Mathews <dolph.mathews@gmail.com>
|
||||
gholt <gholt@brim.net>
|
||||
jabdul <abdulkader.j@hcl.com>
|
||||
|
|
|
@ -2,6 +2,8 @@ from keystone.backends import models
|
|||
import keystone.backends as backends
|
||||
from passlib.hash import sha512_crypt as sc
|
||||
|
||||
MAX_PASSWORD_LENGTH = 4096
|
||||
|
||||
|
||||
def __get_hashed_password(password):
|
||||
if password != None and len(password) > 0:
|
||||
|
@ -28,6 +30,8 @@ def check_password(raw_password, enc_password):
|
|||
if not raw_password:
|
||||
return False
|
||||
if backends.SHOULD_HASH_PASSWORD:
|
||||
if len(raw_password) > MAX_PASSWORD_LENGTH:
|
||||
raw_password = raw_password[:MAX_PASSWORD_LENGTH]
|
||||
return sc.verify(raw_password, enc_password)
|
||||
else:
|
||||
return enc_password == raw_password
|
||||
|
@ -39,6 +43,8 @@ def __make_password(raw_password):
|
|||
"""
|
||||
if raw_password is None:
|
||||
return None
|
||||
if len(raw_password) > MAX_PASSWORD_LENGTH:
|
||||
raw_password = raw_password[:MAX_PASSWORD_LENGTH]
|
||||
hsh = __get_hexdigest(raw_password)
|
||||
return '%s' % (hsh)
|
||||
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
# vim: tabstop=4 shiftwidth=4 softtabstop=4
|
||||
# Copyright (c) 2010-2011 OpenStack, LLC.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
# implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
import unittest2 as unittest
|
||||
import keystone.backends.backendutils as backendutils
|
||||
import keystone.backends as backends
|
||||
|
||||
|
||||
class BackendUtilsTest(unittest.TestCase):
|
||||
|
||||
def setUp(self):
|
||||
backends.SHOULD_HASH_PASSWORD = True
|
||||
|
||||
def test_check_long_password(self):
|
||||
bigboy = '0' * 9999999
|
||||
values = {'password': bigboy}
|
||||
backendutils.set_hashed_password(values)
|
||||
hashed_pw = values['password']
|
||||
self.assertTrue(backendutils.check_password(bigboy, hashed_pw))
|
Loading…
Reference in New Issue