Production PBKDF rounds back to 2M, test 1k; fix empty_form (python2)

rouilj · rouilj · commit 636bad601683 · 2023-02-26T15:38:49.000-05:00
diff --git a/roundup/configuration.py b/roundup/configuration.py
@@ -1086,7 +1086,7 @@ def str2value(self, value):
             "get the error 'Error: field larger than field limit' during\n"
             "import."),
         (IntegerNumberGeqZeroOption, 'password_pbkdf2_default_rounds',
-         '10000',
+         '2000000',
             "Sets the default number of rounds used when encoding passwords\n"
             "using the PBKDF2 scheme. Set this to a higher value on faster\n"
             "systems which want more security.\n"
diff --git a/roundup/password.py b/roundup/password.py
@@ -193,13 +193,24 @@ def encodePassword(plaintext, scheme, other=None, config=None):
             salt = h64encode(raw_salt)
             if config:
                 rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS
+
+                # if we are testing
+                if ("pytest" in sys.modules and 
+                    "PYTEST_CURRENT_TEST" in os.environ):
+                    if ("PYTEST_USE_CONFIG" in os.environ):
+                        rounds = config.PASSWORD_PBKDF2_DEFAULT_ROUNDS
+                    else:
+                        # Use 1000 rounds unless the test signals it
+                        # wants the config numberby setting
+                        # PYTEST_USE_CONFIG Using the production 2M
+                        # round values makes testing increase from 12
+                        # minutes to 1 hour in CI.
+                        rounds = 1000
             else:
                 if ("pytest" in sys.modules and
                     "PYTEST_CURRENT_TEST" in os.environ):
                     # Set rounds to 1000 if no config is passed and
-                    # we are running within a pytest test. Using
-                    # actual 2M production values makes testing
-                    # increase from 12 minutes to 1 hour in CI.
+                    # we are running within a pytest test.
                     rounds = 1000
                 else:
                     import logging
diff --git a/test/rest_common.py b/test/rest_common.py
@@ -245,6 +245,13 @@ def setUp(self):
         self.dummy_client.db = self.db
 
         self.empty_form = cgi.FieldStorage()
+        # under python2 invoking:
+        #    python2 -m pytest --durations=20
+        # loads the form with:
+        #   FieldStorage(None, None, [MiniFieldStorage('--durations', '2')])
+        # Invoking it as: python2 -m pytest -v --durations=20
+        # results in an empty list. In any case, force it to be empty.
+        self.empty_form.list = []
         self.terse_form = cgi.FieldStorage()
         self.terse_form.list = [
             cgi.MiniFieldStorage('@verbose', '0'),
