|
Line 0
Link Here
|
|
|
1 |
# :class:`bcrypt`: OS native backend wasn't being detected under Python 3 on BSD platforms. |
| 2 |
# This was due to an internal issue in feature-detection code, which has been fixed. |
| 3 |
# https://foss.heptapod.net/python-libs/passlib/commit/2d0a79401a2c454c666607d261ad64f44569ed9f |
| 4 |
|
| 5 |
diff --git a/passlib/handlers/bcrypt.py b/passlib/handlers/bcrypt.py |
| 6 |
index 73fbc21aa1b01f349a40384b1d62654e099ea26a..e54a085a7ba9aa394c88a7cf768cb2801a069148 100644 |
| 7 |
--- passlib/handlers/bcrypt.py |
| 8 |
+++ passlib/handlers/bcrypt.py |
| 9 |
@@ -49,7 +49,7 @@ IDENT_2B = u("$2b$") |
| 10 |
_BNULL = b'\x00' |
| 11 |
|
| 12 |
# reference hash of "test", used in various self-checks |
| 13 |
-TEST_HASH_2A = b"$2a$04$5BJqKfqMQvV7nS.yUguNcueVirQqDBGaLXSqj.rs.pZPlNR0UX/HK" |
| 14 |
+TEST_HASH_2A = "$2a$04$5BJqKfqMQvV7nS.yUguNcueVirQqDBGaLXSqj.rs.pZPlNR0UX/HK" |
| 15 |
|
| 16 |
def _detect_pybcrypt(): |
| 17 |
""" |
| 18 |
@@ -408,7 +408,7 @@ class _BcryptCommon(uh.SubclassBackendMixin, uh.TruncateMixin, uh.HasManyIdents, |
| 19 |
#---------------------------------------------------------------- |
| 20 |
# check for 2y support |
| 21 |
#---------------------------------------------------------------- |
| 22 |
- test_hash_2y = TEST_HASH_2A.replace(b"2a", b"2y") |
| 23 |
+ test_hash_2y = TEST_HASH_2A.replace("2a", "2y") |
| 24 |
result = safe_verify("test", test_hash_2y) |
| 25 |
if not result: |
| 26 |
raise RuntimeError("%s incorrectly rejected $2y$ hash" % backend) |
| 27 |
@@ -428,7 +428,7 @@ class _BcryptCommon(uh.SubclassBackendMixin, uh.TruncateMixin, uh.HasManyIdents, |
| 28 |
#---------------------------------------------------------------- |
| 29 |
# check for 2b support |
| 30 |
#---------------------------------------------------------------- |
| 31 |
- test_hash_2b = TEST_HASH_2A.replace(b"2a", b"2b") |
| 32 |
+ test_hash_2b = TEST_HASH_2A.replace("2a", "2b") |
| 33 |
result = safe_verify("test", test_hash_2b) |
| 34 |
if not result: |
| 35 |
raise RuntimeError("%s incorrectly rejected $2b$ hash" % backend) |
| 36 |
diff --git a/passlib/utils/__init__.py b/passlib/utils/__init__.py |
| 37 |
index ba54b2fb89d0533b32621408554b12ce38496da0..b9fad4d8ccb726fa1283ddbe87608710fe18a8e7 100644 |
| 38 |
--- passlib/utils/__init__.py |
| 39 |
+++ passlib/utils/__init__.py |
| 40 |
@@ -59,7 +59,7 @@ from passlib.exc import ExpectedStringError |
| 41 |
from passlib.utils.compat import (add_doc, join_bytes, join_byte_values, |
| 42 |
join_byte_elems, irange, imap, PY3, u, |
| 43 |
join_unicode, unicode, byte_elem_value, nextgetter, |
| 44 |
- unicode_or_bytes_types, |
| 45 |
+ unicode_or_str, unicode_or_bytes_types, |
| 46 |
get_method_function, suppress_cause) |
| 47 |
# local |
| 48 |
__all__ = [ |
| 49 |
@@ -860,7 +860,13 @@ def test_crypt(secret, hash): |
| 50 |
:arg hash: known hash of password to use as reference |
| 51 |
:returns: True or False |
| 52 |
""" |
| 53 |
- assert secret and hash |
| 54 |
+ # safe_crypt() always returns unicode, which means that for py3, |
| 55 |
+ # 'hash' can't be bytes, or "== hash" will never be True. |
| 56 |
+ # under py2 unicode & str(bytes) will compare fine; |
| 57 |
+ # so just enforcing "unicode_or_str" limitation |
| 58 |
+ assert isinstance(hash, unicode_or_str), \ |
| 59 |
+ "hash must be unicode_or_str, got %s" % type(hash) |
| 60 |
+ assert hash, "hash must be non-empty" |
| 61 |
return safe_crypt(secret, hash) == hash |
| 62 |
|
| 63 |
timer = timeit.default_timer |