merged branch jakzal/testfix/bcrypt-before-5-3-7 (PR #8009)

fabpot · fabpot · commit 4b3ae5d1d390 · 2013-05-11T08:20:17.000+02:00
This PR was merged into the master branch. Discussion ---------- [Security] Disabled the BCryptPasswordEncoder tests for PHP < 5.3.7 | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | no (segfault) | Fixed tickets | #7994 | License | MIT | Doc PR | - See ircmaxell/password_compat#10 (comment). Commits ------- 3beaf52 [Security] Disabled the BCryptPasswordEncoder tests for PHP versions lower than 5.3.7.
diff --git a/src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php b/src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php
@@ -46,7 +46,17 @@ public function __construct($cost)
     }
 
     /**
-     * {@inheritdoc}
+     * Encodes the raw password.
+     *
+     * It doesn't work with PHP versions lower than 5.3.7, since
+     * the password compat library uses CRYPT_BLOWFISH hash type with
+     * the "$2y$" salt prefix (which is not available in the early PHP versions).
+     * @see https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833
+     *
+     * @param string $raw  The password to encode
+     * @param string $salt The salt
+     *
+     * @return string The encoded password
      */
     public function encodePassword($raw, $salt)
     {
diff --git a/src/Symfony/Component/Security/Tests/Core/Encoder/BCryptPasswordEncoderTest.php b/src/Symfony/Component/Security/Tests/Core/Encoder/BCryptPasswordEncoderTest.php
@@ -47,16 +47,27 @@ public function testCostInRange()
 
     public function testResultLength()
     {
+        $this->skipIfPhpVersionIsNotSupported();
+
         $encoder = new BCryptPasswordEncoder(self::VALID_COST);
         $result = $encoder->encodePassword(self::PASSWORD, null);
         $this->assertEquals(60, strlen($result));
     }
 
     public function testValidation()
     {
+        $this->skipIfPhpVersionIsNotSupported();
+
         $encoder = new BCryptPasswordEncoder(self::VALID_COST);
         $result = $encoder->encodePassword(self::PASSWORD, null);
         $this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));
         $this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));
     }
+
+    private function skipIfPhpVersionIsNotSupported()
+    {
+        if (version_compare(phpversion(), '5.3.7', '<')) {
+            $this->markTestSkipped('Requires PHP >= 5.3.7');
+        }
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -47,16 +47,27 @@ public function testCostInRange()`
`47`	`47`
`48`	`48`	`public function testResultLength()`
`49`	`49`	`{`
	`50`	`+ $this->skipIfPhpVersionIsNotSupported();`
	`51`	`+`
`50`	`52`	`$encoder = new BCryptPasswordEncoder(self::VALID_COST);`
`51`	`53`	`$result = $encoder->encodePassword(self::PASSWORD, null);`
`52`	`54`	`$this->assertEquals(60, strlen($result));`
`53`	`55`	`}`
`54`	`56`
`55`	`57`	`public function testValidation()`
`56`	`58`	`{`
	`59`	`+ $this->skipIfPhpVersionIsNotSupported();`
	`60`	`+`
`57`	`61`	`$encoder = new BCryptPasswordEncoder(self::VALID_COST);`
`58`	`62`	`$result = $encoder->encodePassword(self::PASSWORD, null);`
`59`	`63`	`$this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));`
`60`	`64`	`$this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));`
`61`	`65`	`}`
	`66`	`+`
	`67`	`+ private function skipIfPhpVersionIsNotSupported()`
	`68`	`+ {`
	`69`	`+ if (version_compare(phpversion(), '5.3.7', '<')) {`
	`70`	`+ $this->markTestSkipped('Requires PHP >= 5.3.7');`
	`71`	`+ }`
	`72`	`+ }`
`62`	`73`	`}`