diff options
author | zeripath | 2023-02-20 05:20:30 +0000 |
---|---|---|
committer | GitHub | 2023-02-20 13:20:30 +0800 |
commit | ef11d41639dd1e89676e395068ee453312560adb (patch) | |
tree | 7c4015e7995df9086b5b57e845fec57c1a74198f /modules | |
parent | 2b3f12f6fd12afebb3b8397dc612621df6c730e2 (diff) |
Make CI use a dummy password hasher for all tests (#22983)
During the recent hash algorithm change it became clear that the choice
of password hash algorithm plays a role in the time taken for CI to run.
Therefore as attempt to improve CI we should consider using a dummy
hashing algorithm instead of a real hashing algorithm.
This PR creates a dummy algorithm which is then set as the default
hashing algorithm during tests that use the fixtures. This hopefully
will cause a reduction in the time it takes for CI to run.
---------
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Diffstat (limited to 'modules')
-rw-r--r-- | modules/auth/password/hash/argon2.go | 2 | ||||
-rw-r--r-- | modules/auth/password/hash/bcrypt.go | 2 | ||||
-rw-r--r-- | modules/auth/password/hash/dummy.go | 33 | ||||
-rw-r--r-- | modules/auth/password/hash/dummy_test.go | 25 | ||||
-rw-r--r-- | modules/auth/password/hash/hash.go | 13 | ||||
-rw-r--r-- | modules/auth/password/hash/hash_test.go | 8 | ||||
-rw-r--r-- | modules/auth/password/hash/pbkdf2.go | 2 | ||||
-rw-r--r-- | modules/auth/password/hash/scrypt.go | 2 | ||||
-rw-r--r-- | modules/setting/setting.go | 5 |
9 files changed, 84 insertions, 8 deletions
diff --git a/modules/auth/password/hash/argon2.go b/modules/auth/password/hash/argon2.go index 14c16b53c..0cd6472fa 100644 --- a/modules/auth/password/hash/argon2.go +++ b/modules/auth/password/hash/argon2.go @@ -13,7 +13,7 @@ import ( ) func init() { - Register("argon2", NewArgon2Hasher) + MustRegister("argon2", NewArgon2Hasher) } // Argon2Hasher implements PasswordHasher diff --git a/modules/auth/password/hash/bcrypt.go b/modules/auth/password/hash/bcrypt.go index ddf542040..4607c169c 100644 --- a/modules/auth/password/hash/bcrypt.go +++ b/modules/auth/password/hash/bcrypt.go @@ -8,7 +8,7 @@ import ( ) func init() { - Register("bcrypt", NewBcryptHasher) + MustRegister("bcrypt", NewBcryptHasher) } // BcryptHasher implements PasswordHasher diff --git a/modules/auth/password/hash/dummy.go b/modules/auth/password/hash/dummy.go new file mode 100644 index 000000000..22f2e2f64 --- /dev/null +++ b/modules/auth/password/hash/dummy.go @@ -0,0 +1,33 @@ +// Copyright 2023 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package hash + +import ( + "encoding/hex" +) + +// DummyHasher implements PasswordHasher and is a dummy hasher that simply +// puts the password in place with its salt +// This SHOULD NOT be used in production and is provided to make the integration +// tests faster only +type DummyHasher struct{} + +// HashWithSaltBytes a provided password and salt +func (hasher *DummyHasher) HashWithSaltBytes(password string, salt []byte) string { + if hasher == nil { + return "" + } + + if len(salt) == 10 { + return string(salt) + ":" + password + } + + return hex.EncodeToString(salt) + ":" + password +} + +// NewDummyHasher is a factory method to create a DummyHasher +// Any provided configuration is ignored +func NewDummyHasher(_ string) *DummyHasher { + return &DummyHasher{} +} diff --git a/modules/auth/password/hash/dummy_test.go b/modules/auth/password/hash/dummy_test.go new file mode 100644 index 000000000..f3b36df62 --- /dev/null +++ b/modules/auth/password/hash/dummy_test.go @@ -0,0 +1,25 @@ +// Copyright 2023 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package hash + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestDummyHasher(t *testing.T) { + dummy := &PasswordHashAlgorithm{ + PasswordSaltHasher: NewDummyHasher(""), + Specification: "dummy", + } + + password, salt := "password", "ZogKvWdyEx" + + hash, err := dummy.Hash(password, salt) + assert.Nil(t, err) + assert.Equal(t, hash, salt+":"+password) + + assert.True(t, dummy.VerifyPassword(password, hash, salt)) +} diff --git a/modules/auth/password/hash/hash.go b/modules/auth/password/hash/hash.go index 3572dd46d..459320e1b 100644 --- a/modules/auth/password/hash/hash.go +++ b/modules/auth/password/hash/hash.go @@ -83,17 +83,26 @@ var ( availableHasherFactories = map[string]func(string) PasswordSaltHasher{} ) +// MustRegister registers a PasswordSaltHasher with the availableHasherFactories +// Caution: This is not thread safe. +func MustRegister[T PasswordSaltHasher](name string, newFn func(config string) T) { + if err := Register(name, newFn); err != nil { + panic(err) + } +} + // Register registers a PasswordSaltHasher with the availableHasherFactories // Caution: This is not thread safe. -func Register[T PasswordSaltHasher](name string, newFn func(config string) T) { +func Register[T PasswordSaltHasher](name string, newFn func(config string) T) error { if _, has := availableHasherFactories[name]; has { - panic(fmt.Errorf("duplicate registration of password salt hasher: %s", name)) + return fmt.Errorf("duplicate registration of password salt hasher: %s", name) } availableHasherFactories[name] = func(config string) PasswordSaltHasher { n := newFn(config) return n } + return nil } // In early versions of gitea the password hash algorithm field of a user could be diff --git a/modules/auth/password/hash/hash_test.go b/modules/auth/password/hash/hash_test.go index 593c8386a..7aa051733 100644 --- a/modules/auth/password/hash/hash_test.go +++ b/modules/auth/password/hash/hash_test.go @@ -19,16 +19,20 @@ func (t testSaltHasher) HashWithSaltBytes(password string, salt []byte) string { } func Test_registerHasher(t *testing.T) { - Register("Test_registerHasher", func(config string) testSaltHasher { + MustRegister("Test_registerHasher", func(config string) testSaltHasher { return testSaltHasher(config) }) assert.Panics(t, func() { - Register("Test_registerHasher", func(config string) testSaltHasher { + MustRegister("Test_registerHasher", func(config string) testSaltHasher { return testSaltHasher(config) }) }) + assert.Error(t, Register("Test_registerHasher", func(config string) testSaltHasher { + return testSaltHasher(config) + })) + assert.Equal(t, "password$salt$", Parse("Test_registerHasher").PasswordSaltHasher.HashWithSaltBytes("password", []byte("salt"))) diff --git a/modules/auth/password/hash/pbkdf2.go b/modules/auth/password/hash/pbkdf2.go index be3121318..27382fedb 100644 --- a/modules/auth/password/hash/pbkdf2.go +++ b/modules/auth/password/hash/pbkdf2.go @@ -14,7 +14,7 @@ import ( ) func init() { - Register("pbkdf2", NewPBKDF2Hasher) + MustRegister("pbkdf2", NewPBKDF2Hasher) } // PBKDF2Hasher implements PasswordHasher diff --git a/modules/auth/password/hash/scrypt.go b/modules/auth/password/hash/scrypt.go index e77434fc3..f3d38f751 100644 --- a/modules/auth/password/hash/scrypt.go +++ b/modules/auth/password/hash/scrypt.go @@ -13,7 +13,7 @@ import ( ) func init() { - Register("scrypt", NewScryptHasher) + MustRegister("scrypt", NewScryptHasher) } // ScryptHasher implements PasswordHasher diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 83ebde947..87b1e2797 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -16,6 +16,7 @@ import ( "strings" "time" + "code.gitea.io/gitea/modules/auth/password/hash" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/user" "code.gitea.io/gitea/modules/util" @@ -232,6 +233,10 @@ func InitProviderAndLoadCommonSettingsForTest(extraConfigs ...string) { if err := PrepareAppDataPath(); err != nil { log.Fatal("Can not prepare APP_DATA_PATH: %v", err) } + // register the dummy hash algorithm function used in the test fixtures + _ = hash.Register("dummy", hash.NewDummyHasher) + + PasswordHashAlgo, _ = hash.SetDefaultPasswordHashAlgorithm("dummy") } // newFileProviderFromConf initializes configuration context. |