0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-14 12:43:50 +01:00

Merge pull request #258 from matrix-org/slowtestsmakemesad

Swap out bcrypt for md5 in tests
This commit is contained in:
Daniel Wagner-Hall 2015-08-28 15:42:25 +01:00
commit b143641b20
3 changed files with 39 additions and 4 deletions

View file

@ -324,7 +324,7 @@ class AuthHandler(BaseHandler):
def _check_password(self, user_id, password, stored_hash): def _check_password(self, user_id, password, stored_hash):
"""Checks that user_id has passed password, raises LoginError if not.""" """Checks that user_id has passed password, raises LoginError if not."""
if not bcrypt.checkpw(password, stored_hash): if not self.validate_hash(password, stored_hash):
logger.warn("Failed password login for user %s", user_id) logger.warn("Failed password login for user %s", user_id)
raise LoginError(403, "", errcode=Codes.FORBIDDEN) raise LoginError(403, "", errcode=Codes.FORBIDDEN)
@ -369,7 +369,7 @@ class AuthHandler(BaseHandler):
@defer.inlineCallbacks @defer.inlineCallbacks
def set_password(self, user_id, newpassword): def set_password(self, user_id, newpassword):
password_hash = bcrypt.hashpw(newpassword, bcrypt.gensalt()) password_hash = self.hash(newpassword)
yield self.store.user_set_password_hash(user_id, password_hash) yield self.store.user_set_password_hash(user_id, password_hash)
yield self.store.user_delete_access_tokens(user_id) yield self.store.user_delete_access_tokens(user_id)
@ -391,3 +391,26 @@ class AuthHandler(BaseHandler):
def _remove_session(self, session): def _remove_session(self, session):
logger.debug("Removing session %s", session) logger.debug("Removing session %s", session)
del self.sessions[session["id"]] del self.sessions[session["id"]]
def hash(self, password):
"""Computes a secure hash of password.
Args:
password (str): Password to hash.
Returns:
Hashed password (str).
"""
return bcrypt.hashpw(password, bcrypt.gensalt())
def validate_hash(self, password, stored_hash):
"""Validates that self.hash(password) == stored_hash.
Args:
password (str): Password to hash.
stored_hash (str): Expected hash value.
Returns:
Whether self.hash(password) == stored_hash (bool).
"""
return bcrypt.checkpw(password, stored_hash)

View file

@ -25,7 +25,6 @@ import synapse.util.stringutils as stringutils
from synapse.util.async import run_on_reactor from synapse.util.async import run_on_reactor
from synapse.http.client import CaptchaServerHttpClient from synapse.http.client import CaptchaServerHttpClient
import bcrypt
import logging import logging
import urllib import urllib
@ -82,7 +81,7 @@ class RegistrationHandler(BaseHandler):
yield run_on_reactor() yield run_on_reactor()
password_hash = None password_hash = None
if password: if password:
password_hash = bcrypt.hashpw(password, bcrypt.gensalt()) password_hash = self.auth_handler().hash(password)
if localpart: if localpart:
yield self.check_username(localpart) yield self.check_username(localpart)

View file

@ -27,6 +27,7 @@ from twisted.enterprise.adbapi import ConnectionPool
from collections import namedtuple from collections import namedtuple
from mock import patch, Mock from mock import patch, Mock
import hashlib
import urllib import urllib
import urlparse import urlparse
@ -67,6 +68,18 @@ def setup_test_homeserver(name="test", datastore=None, config=None, **kargs):
**kargs **kargs
) )
# bcrypt is far too slow to be doing in unit tests
def swap_out_hash_for_testing(old_build_handlers):
def build_handlers():
handlers = old_build_handlers()
auth_handler = handlers.auth_handler
auth_handler.hash = lambda p: hashlib.md5(p).hexdigest()
auth_handler.validate_hash = lambda p, h: hashlib.md5(p).hexdigest() == h
return handlers
return build_handlers
hs.build_handlers = swap_out_hash_for_testing(hs.build_handlers)
defer.returnValue(hs) defer.returnValue(hs)