rhodecode-enterprise-ce Commit - r2836:66997538

tests: don't use md5 for testing crypto for compliance reasons.

marcink -

r2836:66997538 default

parent child

rhodecode/lib/auth.py

0 +6 -6

                 User, Repository, Permission, UserToPerm, UserGroupToPerm, UserGroupMember,
                 UserIpMap, UserApiKeys, RepoGroup, UserGroup)
             from rhodecode.lib import caches
-            from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int
+            from rhodecode.lib.utils2 import safe_unicode, aslist, safe_str, md5, safe_int, sha1
             from rhodecode.lib.utils import (
                 get_repo_slug, get_repo_group_slug, get_user_group_slug)
             from rhodecode.lib.caching_query import FromCache
                     return hashlib.sha256(password).hexdigest() == hashed
-            class _RhodeCodeCryptoMd5(_RhodeCodeCryptoBase):
+            class _RhodeCodeCryptoTest(_RhodeCodeCryptoBase):
                 ENC_PREF = '_'
                 def hash_create(self, str_):
                     self._assert_bytes(str_)
-                    return hashlib.md5(str_).hexdigest()
+                    return sha1(str_)
                 def hash_check(self, password, hashed):
                     """
                     :param hashed: password in hashed form
                     """
                     self._assert_bytes(password)
-                    return hashlib.md5(password).hexdigest() == hashed
+                    return sha1(password) == hashed
             def crypto_backend():
                 """
                 Return the matching crypto backend.
-                Selection is based on if we run tests or not, we pick md5 backend to run
+                Selection is based on if we run tests or not, we pick sha1-test backend to run
                 tests faster since BCRYPT is expensive to calculate
                 """
                 if rhodecode.is_test:
-                    RhodeCodeCrypto = _RhodeCodeCryptoMd5()
+                    RhodeCodeCrypto = _RhodeCodeCryptoTest()
                 else:
                     RhodeCodeCrypto = _RhodeCodeCryptoBCrypt()

rhodecode/tests/lib/test_auth_crypto_backend.py

0 +1 -1

             @pytest.fixture(params=[
-                auth._RhodeCodeCryptoMd5,
+                auth._RhodeCodeCryptoTest,
                 auth._RhodeCodeCryptoBCrypt,
                 auth._RhodeCodeCryptoSha256,
             ])

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages