CryptPasswordHasher only return None on some platform

[L. Coues]

Not all platform support the crypt module, as stated in the CryptPasswordHasher. But some platform provide a dummy crypt module, returning None on all input.

I tried the following code on both Linux with python 3.5 and OpenBSD with python 3.4

import crypt
print(crypt.crypt(""))

On Linux, I get a string more or less 120 characters long starting with $6. On OpenBSD, I get None. I haven't managed to get anything else than None.

I noticed the problem while running the test suite. In tests/auth_tests/test_hashers, importing crypt is successfull so the test about crypt are done. But django.contrib.auth.hashers.make_password return None for the "crypt" algorithm and fail the test as "crypt$$None" != "crypt$$ab1Hv2Lg7ltQo".

After a quick look at the different PasswordHasher, I believe make_password shouldn't be able to return "crypt$$None". It should either return a usable value or fail with an assert error from the PasswordHasher, like the one that occur if CryptPasswordHasher is supplied a salt of length other than 2.

In the current condition, make_password on OpenBSD using the "crypt" algorithm return the same value for every value.
With attached patch, CryptPasswordHasher throw an assert error if crypt return a None value.

[L. Coues]

patch

[Tim Graham]

Thanks for the patch. I made a few cosmetic tweaks and created a ​pull request if you'd like to double check it.

[L. Coues]

Oh nice, I didn't know we could have an else branch after an except.

[Tim Graham]

I had to update the patch once more for Python 2 compatibility. Does crypt.crypt('', '') (with two arguments) work fine on your platform?

[L. Coues]

crypt.crypt("", "") produce a None return value on python 2.7.10 with OpenBSD. I tried a few different arguments with the same result. So it is consistent with python3 behavior.

[Tim Graham <timograham@…>]

In 1243fdf:

Fixed #26395 -- Skipped the CryptPasswordHasher tests on platforms with a dummy crypt module.