diff options
| author | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-12-22 11:39:31 +0100 |
|---|---|---|
| committer | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-12-22 11:39:31 +0100 |
| commit | 7e232cb04c6d8d8aaaa288784d8313799b858448 (patch) | |
| tree | f0d0350b35c503e2234a12e7c71d21f763bf5410 | |
| parent | 45301b2c7f653a92b06dbcc2a714ba4f590e928f (diff) | |
| parent | d38f4c5cd9185cc8985bf64e71c1de782c5cef60 (diff) | |
| download | symfony-security-7e232cb04c6d8d8aaaa288784d8313799b858448.zip symfony-security-7e232cb04c6d8d8aaaa288784d8313799b858448.tar.gz symfony-security-7e232cb04c6d8d8aaaa288784d8313799b858448.tar.bz2 | |
Merge branch '3.0'
* 3.0:
Fix merge
[SecurityBundle] Removing test insulations for a huge perf win
[Validator] Use the new interface in the README
[Validator] Add missing pt_BR translation
Fix doctrine bridge tests on older PHP versions
[Filesystem] fix tests on 2.3
[Filesystem] Recursivly widen non-executable directories
[DependencyInjection] fixed definition loosing property shared when decorated by a parent definition
[Form] fix #15544 when a collection type attribute "required" is false, "prototype" should too
updated validators.bg.xlf
[Security] Enable bcrypt validation and result length tests on all PHP versions
[Security] Verify if a password encoded with bcrypt is no longer than 72 characters
[Console] Avoid extra blank lines when rendering exceptions
[Console][Table] fixed render row with multiple cells.
[Yaml] do not remove "comments" in scalar blocks
| -rw-r--r-- | Core/Encoder/BCryptPasswordEncoder.php | 2 | ||||
| -rw-r--r-- | Core/Encoder/BasePasswordEncoder.php | 2 | ||||
| -rw-r--r-- | Core/Tests/Encoder/BCryptPasswordEncoderTest.php | 6 |
3 files changed, 7 insertions, 3 deletions
diff --git a/Core/Encoder/BCryptPasswordEncoder.php b/Core/Encoder/BCryptPasswordEncoder.php index d19c462..ddac77a 100644 --- a/Core/Encoder/BCryptPasswordEncoder.php +++ b/Core/Encoder/BCryptPasswordEncoder.php @@ -19,6 +19,8 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException; */ class BCryptPasswordEncoder extends BasePasswordEncoder { + const MAX_PASSWORD_LENGTH = 72; + /** * @var string */ diff --git a/Core/Encoder/BasePasswordEncoder.php b/Core/Encoder/BasePasswordEncoder.php index 12126d8..d86f260 100644 --- a/Core/Encoder/BasePasswordEncoder.php +++ b/Core/Encoder/BasePasswordEncoder.php @@ -93,6 +93,6 @@ abstract class BasePasswordEncoder implements PasswordEncoderInterface */ protected function isPasswordTooLong($password) { - return strlen($password) > self::MAX_PASSWORD_LENGTH; + return strlen($password) > static::MAX_PASSWORD_LENGTH; } } diff --git a/Core/Tests/Encoder/BCryptPasswordEncoderTest.php b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php index ebd845d..40de8af 100644 --- a/Core/Tests/Encoder/BCryptPasswordEncoderTest.php +++ b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php @@ -67,13 +67,15 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase { $encoder = new BCryptPasswordEncoder(self::VALID_COST); - $encoder->encodePassword(str_repeat('a', 5000), 'salt'); + $encoder->encodePassword(str_repeat('a', 73), 'salt'); } public function testCheckPasswordLength() { $encoder = new BCryptPasswordEncoder(self::VALID_COST); + $result = $encoder->encodePassword(str_repeat('a', 72), null); - $this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), 'salt')); + $this->assertFalse($encoder->isPasswordValid($result, str_repeat('a', 73), 'salt')); + $this->assertTrue($encoder->isPasswordValid($result, str_repeat('a', 72), 'salt')); } } |