Mercurial > p > roundup > code
diff roundup/password.py @ 6626:120b0bb05b6e
issue2551191 - Module deprication PEP 594. crypt
Handle missing crypt module "better" by raising an exception rather
than just silently failing to log in the user when a crypt encoded
password can't be checked.
Update tests and upgrading.txt too.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 20 Mar 2022 00:05:59 -0400 |
| parents | 01e9634b81a4 |
| children | 469ad03e6cb8 |
line wrap: on
line diff
--- a/roundup/password.py Sun Mar 13 16:48:31 2022 -0400 +++ b/roundup/password.py Sun Mar 20 00:05:59 2022 -0400 @@ -201,7 +201,10 @@ s = sha1(s2b(plaintext)).hexdigest() # nosec elif scheme == 'MD5': s = md5(s2b(plaintext)).hexdigest() # nosec - elif scheme == 'crypt' and crypt is not None: + elif scheme == 'crypt': + if crypt is None: + raise PasswordValueError( + 'Unsupported encryption scheme %r' % scheme) if other is not None: salt = other else: @@ -355,6 +358,8 @@ raise ValueError('Password not set') return '{%s}%s' % (self.scheme, self.password) +def test_missing_crypt(): + p = encodePassword('sekrit', 'crypt') def test(): # SHA @@ -415,5 +420,6 @@ if __name__ == '__main__': test() + test_missing_crypt() # vim: set filetype=python sts=4 sw=4 et si :