Mark Sapiro pushed to branch master at GNU Mailman / Mailman Core
Commits:
6465cb40 by Mark Sapiro at 2022-12-15T00:46:00+00:00
Catch UnknownHashError in utilities/passwords.py.
Fixes #1046
- - - - -
cbb072b1 by Mark Sapiro at 2022-12-15T00:46:01+00:00
Merge branch 'pass' into 'master'
Catch UnknownHashError in utilities/passwords.py.
Closes #1046
See merge request mailman/mailman!1072
- - - - -
3 changed files:
- src/mailman/docs/NEWS.rst
- src/mailman/utilities/passwords.py
- src/mailman/utilities/tests/test_passwords.py
Changes:
=====================================
src/mailman/docs/NEWS.rst
=====================================
@@ -20,6 +20,8 @@ Bugs fixed
* The deprecated SQLAlchemy query.values() method is replaced by
query.with_entities(). This fixes an issue with MariaDB that truncated
the generated postfix_lmtp file. (Closes #1044)
+* An uncaught passlib.exc.UnknownHashError in utilities/passwords.py is now
+ caught and handled appropriately. (Closes #1046)
.. _news-3.3.7:
=====================================
src/mailman/utilities/passwords.py
=====================================
@@ -20,6 +20,7 @@
from mailman.config.config import load_external
from mailman.interfaces.configuration import ConfigurationUpdatedEvent
from passlib.context import CryptContext
+from passlib.exc import UnknownHashError
from public import public
@@ -58,7 +59,10 @@ class PasswordContext:
existing hash needs to be replaced (a str if so, else None).
:rtype: 2-tuple
"""
- return self._context.verify_and_update(password, hashed)
+ try:
+ return self._context.verify_and_update(password, hashed)
+ except UnknownHashError:
+ return (False, password)
@public
=====================================
src/mailman/utilities/tests/test_passwords.py
=====================================
@@ -23,6 +23,7 @@ import unittest
from mailman.config import config
from mailman.testing.helpers import configuration
from mailman.testing.layers import ConfigLayer
+from mailman.utilities.passwords import PasswordContext
class TestPasswords(unittest.TestCase):
@@ -49,3 +50,8 @@ schemes = plaintext
with configuration('passwords', configuration=config_file):
self.assertEqual(config.password_context.encrypt('my password'),
'my password')
+
+ def test_check_bad_hash(self):
+ # Check against an invalid hash should return (False, None).
+ self.assertEqual(PasswordContext(config).verify('my password', ''),
+ (False, 'my password'))
View it on GitLab:
https://gitlab.com/mailman/mailman/-/compare/d9d2e141d6b94af2b30c451400e3a7111c7ccd80...cbb072b1203647f97351aaeceaadebef99fb1d2c
--
View it on GitLab:
https://gitlab.com/mailman/mailman/-/compare/d9d2e141d6b94af2b30c451400e3a7111c7ccd80...cbb072b1203647f97351aaeceaadebef99fb1d2c
You're receiving this email because of your account on gitlab.com.
_______________________________________________
Mailman-checkins mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3/lists/mailman-checkins.python.org/
Member address: [email protected]
