mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-01-19 07:08:09 +01:00
Code Issues Releases Wiki Activity

[feature/passwords] Increase test coverage to 100% of methods

Browse Source 
Obsolete code that is impossible to hit has been removed and the logic
of the salted md5 driver has been changed to correctly implement the
phpBB 3.0 phpbb_hash() function.

PHPBB3-11610
This commit is contained in:
Marc Alexander 2013-10-10 12:01:10 +02:00
parent cd74fb0946
commit fdf9ae7c18
2 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
phpBB/phpbb/passwords/driver/salted_md5.php
View File

@ -41,7 +41,13 @@ class salted_md5 extends \phpbb\passwords\driver\base
{
if (($settings = $this->get_hash_settings($setting)) === false)
{
return false;
// Return md5 of password if settings do not
// comply with our standards. This will only
// happen if pre-determined settings are
// directly passed to the driver. The manager
// will not do this. Same as the old hashing
// implementatio in phpBB 3.0
return md5($password);
}
}
else
@ -59,13 +65,7 @@ class salted_md5 extends \phpbb\passwords\driver\base
$output = $settings['full'];
$output .= $this->helper->hash_encode64($hash, 16);
if (strlen($output) == 34)
{
return $output;
}
// Should we really just return the md5 of the password? O.o
return md5($password);
return $output;
}
/**

21
tests/passwords/manager_test.php
View File

@ -149,17 +149,28 @@ class phpbb_passwords_manager_test extends PHPUnit_Framework_TestCase
$this->assertEquals($expected, $this->manager->check($password, $hash));
}
public function test_hash_password_length()
public function data_hash_password_length()
{
foreach ($this->passwords_drivers as $driver)
{
$this->assertEquals(false, $driver->hash('foobar', 'foobar'));
}
return array(
array('passwords.driver.bcrypt', false),
array('passwords.driver.bcrypt_2y', false),
array('passwords.driver.salted_md5', '3858f62230ac3c915f300c664312c63f'),
array('passwords.driver.phpass', '3858f62230ac3c915f300c664312c63f'),
);
}
/**
* @dataProvider data_hash_password_length
*/
public function test_hash_password_length($driver, $expected)
{
$this->assertEquals($expected, $this->passwords_drivers[$driver]->hash('foobar', 'foobar'));
}
public function test_hash_password_8bit_bcrypt()
{
$this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt'));
$this->assertNotEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
public function test_combined_hash_data()