[Mailman-checkins] [Git][mailman/mailman][master] 2 commits: Catch UnknownHashError in utilities/passwords.py.

Wed, 14 Dec 2022 16:46:36 -0800 


Mark Sapiro pushed to branch master at GNU Mailman / Mailman Core


Commits:
6465cb40 by Mark Sapiro at 2022-12-15T00:46:00+00:00
Catch UnknownHashError in utilities/passwords.py.

Fixes #1046

- - - - -
cbb072b1 by Mark Sapiro at 2022-12-15T00:46:01+00:00
Merge branch 'pass' into 'master'

Catch UnknownHashError in utilities/passwords.py.

Closes #1046

See merge request mailman/mailman!1072
- - - - -


3 changed files:

- src/mailman/docs/NEWS.rst
- src/mailman/utilities/passwords.py
- src/mailman/utilities/tests/test_passwords.py


Changes:

=====================================
src/mailman/docs/NEWS.rst
=====================================
@@ -20,6 +20,8 @@ Bugs fixed
 * The deprecated SQLAlchemy query.values() method is replaced by
   query.with_entities().  This fixes an issue with MariaDB that truncated
   the generated postfix_lmtp file.  (Closes #1044)
+* An uncaught passlib.exc.UnknownHashError in utilities/passwords.py is now
+  caught and handled appropriately.  (Closes #1046)
 
 
 .. _news-3.3.7:


=====================================
src/mailman/utilities/passwords.py
=====================================
@@ -20,6 +20,7 @@
 from mailman.config.config import load_external
 from mailman.interfaces.configuration import ConfigurationUpdatedEvent
 from passlib.context import CryptContext
+from passlib.exc import UnknownHashError
 from public import public
 
 
@@ -58,7 +59,10 @@ class PasswordContext:
             existing hash needs to be replaced (a str if so, else None).
         :rtype: 2-tuple
         """
-        return self._context.verify_and_update(password, hashed)
+        try:
+            return self._context.verify_and_update(password, hashed)
+        except UnknownHashError:
+            return (False, password)
 
 
 @public


=====================================
src/mailman/utilities/tests/test_passwords.py
=====================================
@@ -23,6 +23,7 @@ import unittest
 from mailman.config import config
 from mailman.testing.helpers import configuration
 from mailman.testing.layers import ConfigLayer
+from mailman.utilities.passwords import PasswordContext
 
 
 class TestPasswords(unittest.TestCase):
@@ -49,3 +50,8 @@ schemes = plaintext
         with configuration('passwords', configuration=config_file):
             self.assertEqual(config.password_context.encrypt('my password'),
                              'my password')
+
+    def test_check_bad_hash(self):
+        # Check against an invalid hash should return (False, None).
+        self.assertEqual(PasswordContext(config).verify('my password', ''),
+                         (False, 'my password'))



View it on GitLab: 
https://gitlab.com/mailman/mailman/-/compare/d9d2e141d6b94af2b30c451400e3a7111c7ccd80...cbb072b1203647f97351aaeceaadebef99fb1d2c

-- 
View it on GitLab: 
https://gitlab.com/mailman/mailman/-/compare/d9d2e141d6b94af2b30c451400e3a7111c7ccd80...cbb072b1203647f97351aaeceaadebef99fb1d2c
You're receiving this email because of your account on gitlab.com.



_______________________________________________
Mailman-checkins mailing list -- mailman-checkins@python.org
To unsubscribe send an email to mailman-checkins-le...@python.org
https://mail.python.org/mailman3/lists/mailman-checkins.python.org/
Member address: arch...@jab.org

Reply via email to