예제 #1
0
    def test_verifyCryptedPasswordOSError(self):
        """
        L{cred_unix.verifyCryptedPassword} when OSError is raised
        """
        def mockCrypt(password, salt):
            raise OSError("")

        password = "******"
        cryptedCorrect = crypt.crypt(password, "ab")
        self.patch(crypt, "crypt", mockCrypt)
        self.assertFalse(
            cred_unix.verifyCryptedPassword(cryptedCorrect, password))
예제 #2
0
    def requestAvatarId(self, credentials):
        # We get bytes, but the Py3 pwd module uses str. So attempt to decode
        # it using the same method that CPython does for the file on disk.
        username = credentials.username.decode(sys.getfilesystemencoding())
        password = credentials.password.decode(sys.getfilesystemencoding())

        for func in self._getByNameFunctions:
            try:
                pwnam = func(username)
            except KeyError:
                return defer.fail(UnauthorizedLogin("invalid username"))
            else:
                if pwnam is not None:
                    crypted = pwnam[1]
                    if crypted == "":
                        continue

                    if verifyCryptedPassword(crypted, password):
                        return defer.succeed(credentials.username)
        # fallback
        return defer.fail(UnauthorizedLogin("unable to verify password"))
예제 #3
0
    def test_verifyCryptedPassword(self):
        """
        L{cred_unix.verifyCryptedPassword}
        """
        password = "******"

        for salt in (None, "ab"):
            try:
                cryptedCorrect = crypt.crypt(password, salt)
                if isinstance(cryptedCorrect, bytes):
                    cryptedCorrect = cryptedCorrect.decode("utf-8")
            except TypeError:
                # Older Python versions would throw a TypeError if
                # a value of None was is used for the salt.
                # Newer Python versions allow it.
                continue
            cryptedIncorrect = "$1x1234"
            self.assertTrue(
                cred_unix.verifyCryptedPassword(cryptedCorrect, password))
            self.assertFalse(
                cred_unix.verifyCryptedPassword(cryptedIncorrect, password))

        # Python 3.3+ has crypt.METHOD_*, but not all
        # platforms implement all methods.
        for method in ("METHOD_SHA512", "METHOD_SHA256", "METHOD_MD5",
                       "METHOD_CRYPT"):
            cryptMethod = getattr(crypt, method, None)
            if not cryptMethod:
                continue
            password = "******"
            crypted = crypt.crypt(password, cryptMethod)
            if isinstance(crypted, bytes):
                crypted = crypted.decode("utf-8")
            incorrectCrypted = crypted + "blahfooincorrect"
            result = cred_unix.verifyCryptedPassword(crypted, password)
            self.assertTrue(result)
            # Try to pass in bytes
            result = cred_unix.verifyCryptedPassword(crypted.encode("utf-8"),
                                                     password.encode("utf-8"))
            self.assertTrue(result)
            result = cred_unix.verifyCryptedPassword(incorrectCrypted,
                                                     password)
            self.assertFalse(result)
            # Try to pass in bytes
            result = cred_unix.verifyCryptedPassword(
                incorrectCrypted.encode("utf-8"), password.encode("utf-8"))
            self.assertFalse(result)