Check for all non-word when calling secure_password

2024-11-07 00:55:19 +00:00 · 2019-05-20 18:10:19 -04:00 · 2019-05-20 18:10:19 -04:00 · 09ff8679b9
commit 09ff8679b9
parent bd02ea6c94
2 changed files with 44 additions and 1 deletions
--- a/salt/utils/pycrypto.py
+++ b/salt/utils/pycrypto.py
@ -54,7 +54,7 @@ def secure_password(length=20, use_random=True):
                    except UnicodeDecodeError:
                        continue
                pw += re.sub(
-                    salt.utils.stringutils.to_str(r'\W'),
+                    salt.utils.stringutils.to_str(r'[\W_]'),
                    str(),  # future lint: disable=blacklisted-function
                    char
                )
--- a/tests/unit/utils/test_pycrypto.py
+++ b/tests/unit/utils/test_pycrypto.py
@ -0,0 +1,43 @@
+# -*- coding: utf-8 -*-
+
+# Import python libs
+from __future__ import absolute_import, print_function, unicode_literals
+import logging
+import re
+
+# Import Salt Libs
+import salt.utils.pycrypto
+
+# Import Salt Testing Libs
+from tests.support.unit import TestCase
+
+log = logging.getLogger(__name__)
+
+
+class PycryptoTestCase(TestCase):
+    '''
+    TestCase for salt.utils.pycrypto module
+    '''
+
+    def test_gen_hash(self):
+        '''
+        Test gen_hash
+        '''
+        passwd = 'test_password'
+        ret = salt.utils.pycrypto.gen_hash(password=passwd)
+        self.assertTrue(ret.startswith('$6$'))
+
+        ret = salt.utils.pycrypto.gen_hash(password=passwd, algorithm='md5')
+        self.assertTrue(ret.startswith('$1$'))
+
+        ret = salt.utils.pycrypto.gen_hash(password=passwd, algorithm='sha256')
+        self.assertTrue(ret.startswith('$5$'))
+
+    def test_secure_password(self):
+        '''
+        test secure_password
+        '''
+        ret = salt.utils.pycrypto.secure_password()
+        check = re.compile(r'[!@#$%^&*()_=+]')
+        assert check.search(ret) is None
+        assert ret