python-passlib/support-bcrypt-5.0.patch

Index: passlib-1.7.4/passlib/handlers/bcrypt.py
===================================================================
--- passlib-1.7.4.orig/passlib/handlers/bcrypt.py
+++ passlib-1.7.4/passlib/handlers/bcrypt.py
@@ -652,6 +652,9 @@ class _BcryptBackend(_BcryptCommon):
         config = self._get_config(ident)
         if isinstance(config, unicode):
             config = config.encode("ascii")
+        # bcrypt 5.0 and above require secret to 72 bytes or less
+        if len(secret) > 72:
+            secret = secret[:72]
         hash = _bcrypt.hashpw(secret, config)
         assert isinstance(hash, bytes)
         if not hash.startswith(config) or len(hash) != len(config)+31:
Index: passlib-1.7.4/passlib/tests/test_handlers_bcrypt.py
===================================================================
--- passlib-1.7.4.orig/passlib/tests/test_handlers_bcrypt.py
+++ passlib-1.7.4/passlib/tests/test_handlers_bcrypt.py
@@ -13,7 +13,7 @@ from passlib import hash
 from passlib.handlers.bcrypt import IDENT_2, IDENT_2X
 from passlib.utils import repeat_string, to_bytes, is_safe_crypt_input
 from passlib.utils.compat import irange, PY3
-from passlib.tests.utils import HandlerCase, TEST_MODE
+from passlib.tests.utils import HandlerCase, SkipTest, TEST_MODE
 from passlib.tests.test_handlers import UPASS_TABLE
 # module
 
@@ -193,6 +193,16 @@ class _bcrypt_test(HandlerCase):
     #===================================================================
     # fuzz testing
     #===================================================================
+    def test_77_fuzz_input(self, threaded=False):
+        try:
+            import bcrypt
+        except ImportError:
+            return
+        bcrypt_version = tuple([int(x) for x in bcrypt.__version__.split('.')])
+        if bcrypt_version >= (5, 0, 0):
+            raise SkipTest("requires bcrypt < 5.0")
+        super().test_77_fuzz_input(threaded=threaded)
+
     def crypt_supports_variant(self, hash):
         """check if OS crypt is expected to support given ident"""
         from passlib.handlers.bcrypt import bcrypt, IDENT_2X, IDENT_2Y