forked from MirrorHub/synapse
Merge pull request #258 from matrix-org/slowtestsmakemesad
Swap out bcrypt for md5 in tests
This commit is contained in:
commit
b143641b20
3 changed files with 39 additions and 4 deletions
|
@ -324,7 +324,7 @@ class AuthHandler(BaseHandler):
|
||||||
|
|
||||||
def _check_password(self, user_id, password, stored_hash):
|
def _check_password(self, user_id, password, stored_hash):
|
||||||
"""Checks that user_id has passed password, raises LoginError if not."""
|
"""Checks that user_id has passed password, raises LoginError if not."""
|
||||||
if not bcrypt.checkpw(password, stored_hash):
|
if not self.validate_hash(password, stored_hash):
|
||||||
logger.warn("Failed password login for user %s", user_id)
|
logger.warn("Failed password login for user %s", user_id)
|
||||||
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
||||||
|
|
||||||
|
@ -369,7 +369,7 @@ class AuthHandler(BaseHandler):
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def set_password(self, user_id, newpassword):
|
def set_password(self, user_id, newpassword):
|
||||||
password_hash = bcrypt.hashpw(newpassword, bcrypt.gensalt())
|
password_hash = self.hash(newpassword)
|
||||||
|
|
||||||
yield self.store.user_set_password_hash(user_id, password_hash)
|
yield self.store.user_set_password_hash(user_id, password_hash)
|
||||||
yield self.store.user_delete_access_tokens(user_id)
|
yield self.store.user_delete_access_tokens(user_id)
|
||||||
|
@ -391,3 +391,26 @@ class AuthHandler(BaseHandler):
|
||||||
def _remove_session(self, session):
|
def _remove_session(self, session):
|
||||||
logger.debug("Removing session %s", session)
|
logger.debug("Removing session %s", session)
|
||||||
del self.sessions[session["id"]]
|
del self.sessions[session["id"]]
|
||||||
|
|
||||||
|
def hash(self, password):
|
||||||
|
"""Computes a secure hash of password.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
password (str): Password to hash.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Hashed password (str).
|
||||||
|
"""
|
||||||
|
return bcrypt.hashpw(password, bcrypt.gensalt())
|
||||||
|
|
||||||
|
def validate_hash(self, password, stored_hash):
|
||||||
|
"""Validates that self.hash(password) == stored_hash.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
password (str): Password to hash.
|
||||||
|
stored_hash (str): Expected hash value.
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
Whether self.hash(password) == stored_hash (bool).
|
||||||
|
"""
|
||||||
|
return bcrypt.checkpw(password, stored_hash)
|
||||||
|
|
|
@ -25,7 +25,6 @@ import synapse.util.stringutils as stringutils
|
||||||
from synapse.util.async import run_on_reactor
|
from synapse.util.async import run_on_reactor
|
||||||
from synapse.http.client import CaptchaServerHttpClient
|
from synapse.http.client import CaptchaServerHttpClient
|
||||||
|
|
||||||
import bcrypt
|
|
||||||
import logging
|
import logging
|
||||||
import urllib
|
import urllib
|
||||||
|
|
||||||
|
@ -82,7 +81,7 @@ class RegistrationHandler(BaseHandler):
|
||||||
yield run_on_reactor()
|
yield run_on_reactor()
|
||||||
password_hash = None
|
password_hash = None
|
||||||
if password:
|
if password:
|
||||||
password_hash = bcrypt.hashpw(password, bcrypt.gensalt())
|
password_hash = self.auth_handler().hash(password)
|
||||||
|
|
||||||
if localpart:
|
if localpart:
|
||||||
yield self.check_username(localpart)
|
yield self.check_username(localpart)
|
||||||
|
|
|
@ -27,6 +27,7 @@ from twisted.enterprise.adbapi import ConnectionPool
|
||||||
|
|
||||||
from collections import namedtuple
|
from collections import namedtuple
|
||||||
from mock import patch, Mock
|
from mock import patch, Mock
|
||||||
|
import hashlib
|
||||||
import urllib
|
import urllib
|
||||||
import urlparse
|
import urlparse
|
||||||
|
|
||||||
|
@ -67,6 +68,18 @@ def setup_test_homeserver(name="test", datastore=None, config=None, **kargs):
|
||||||
**kargs
|
**kargs
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# bcrypt is far too slow to be doing in unit tests
|
||||||
|
def swap_out_hash_for_testing(old_build_handlers):
|
||||||
|
def build_handlers():
|
||||||
|
handlers = old_build_handlers()
|
||||||
|
auth_handler = handlers.auth_handler
|
||||||
|
auth_handler.hash = lambda p: hashlib.md5(p).hexdigest()
|
||||||
|
auth_handler.validate_hash = lambda p, h: hashlib.md5(p).hexdigest() == h
|
||||||
|
return handlers
|
||||||
|
return build_handlers
|
||||||
|
|
||||||
|
hs.build_handlers = swap_out_hash_for_testing(hs.build_handlers)
|
||||||
|
|
||||||
defer.returnValue(hs)
|
defer.returnValue(hs)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue