diff options
author | David Rothstein <drothstein@gmail.com> | 2014-11-19 15:24:29 -0500 |
---|---|---|
committer | David Rothstein <drothstein@gmail.com> | 2014-11-19 15:24:29 -0500 |
commit | 81586d9e9d04dcee487c50de426c04221899b6d0 (patch) | |
tree | 949ef1174475fd3cb5c951fcc8b2b05c0dd16faa /modules/simpletest | |
parent | 4ba5f184c69306da0e30260890f01ea0694af274 (diff) | |
download | brdo-81586d9e9d04dcee487c50de426c04221899b6d0.tar.gz brdo-81586d9e9d04dcee487c50de426c04221899b6d0.tar.bz2 |
Drupal 7.34
Diffstat (limited to 'modules/simpletest')
-rw-r--r-- | modules/simpletest/tests/password.test | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/modules/simpletest/tests/password.test b/modules/simpletest/tests/password.test index 5259d19e8..7105f3b7a 100644 --- a/modules/simpletest/tests/password.test +++ b/modules/simpletest/tests/password.test @@ -57,4 +57,25 @@ class PasswordHashingTest extends DrupalWebTestCase { $this->assertFalse(user_needs_new_hash($account), 'Re-hashed password does not need a new hash.'); $this->assertTrue(user_check_password($password, $account), 'Password check succeeds with re-hashed password.'); } + + /** + * Verifies that passwords longer than 512 bytes are not hashed. + */ + public function testLongPassword() { + $password = str_repeat('x', 512); + $result = user_hash_password($password); + $this->assertFalse(empty($result), '512 byte long password is allowed.'); + $password = str_repeat('x', 513); + $result = user_hash_password($password); + $this->assertFalse($result, '513 byte long password is not allowed.'); + // Check a string of 3-byte UTF-8 characters. + $password = str_repeat('€', 170); + $result = user_hash_password($password); + $this->assertFalse(empty($result), '510 byte long password is allowed.'); + $password .= 'xx'; + $this->assertFalse(empty($result), '512 byte long password is allowed.'); + $password = str_repeat('€', 171); + $result = user_hash_password($password); + $this->assertFalse($result, '513 byte long password is not allowed.'); + } } |