Restore the use of passwords.Schemes enum for selection of password hashing

scheme.  Fix mmsitepass and test cases accordingly.  Details:

- set_global_password(): Instead of taking a string for 'scheme' argument,
  take None and then coerce that into passwords.Schemes.ssha

- Add a base PasswordError and a BadPasswordSchemeError error that derives
  from that.  For consistency, multiply inherit MMBadPasswordError and
  MMPasswordsMustMatch from PasswordError.

- Add a passwords.lookup_scheme() method which turns scheme_names into scheme
  enum constants.  It returns None if the lookup fails.

- passwords.py: change the internal representation of _SCHEMES_BY_TAG
  dictionary to map scheme names to scheme enum values.  Change internal uses
  of this dictionary to then turn those enum values into hash classes, or
  whatever else we need.

- make_secret(): Raise BadPasswordSchemeErrorif the given schema (which should
  be an enum value) is invalid.

- TestBase.tearDown(): Clear out any <site> locks that might hang around after
  a test case runs.

5 files changed, 49 insertions, 11 deletions

diff --git a/Mailman/testing/base.py b/Mailman/testing/base.py
index 2979ad18b..8a131175e 100644
--- a/Mailman/testing/base.py
+++ b/Mailman/testing/base.py
@@ -118,3 +118,9 @@ class TestBase(unittest.TestCase):
                            archives=True, quiet=True)
         os.unlink(self._config)
         os.unlink(self._dbfile)
+        # Clear out any site locks, which can be left over if tests fail.
+        for filename in os.listdir(config.LOCK_DIR):
+            if filename.startswith('<site>'):
+                path = os.path.join(config.LOCK_DIR, filename)
+                print >> sys.stderr, '@@@@@ removing:', path
+                os.unlink(path)
diff --git a/Mailman/testing/test_handlers.py b/Mailman/testing/test_handlers.py
index 849ccfb91..b2fb5ce27 100644
--- a/Mailman/testing/test_handlers.py
+++ b/Mailman/testing/test_handlers.py
@@ -59,7 +59,7 @@ from Mailman.Handlers import ToUsenet
 
 
 def password(cleartext):
-    return passwords.make_secret(cleartext, 'ssha')
+    return passwords.make_secret(cleartext, passwords.Schemes.ssha)
 
 
 
diff --git a/Mailman/testing/test_membership.py b/Mailman/testing/test_membership.py
index ed8ebb1f4..8e8285034 100644
--- a/Mailman/testing/test_membership.py
+++ b/Mailman/testing/test_membership.py
@@ -33,7 +33,7 @@ from Mailman.testing.base import TestBase
 
 
 def password(cleartext):
-    return passwords.make_secret(cleartext, 'ssha')
+    return passwords.make_secret(cleartext, passwords.Schemes.ssha)
 
 
 
diff --git a/Mailman/testing/test_passwords.py b/Mailman/testing/test_passwords.py
index b957b10ae..8298c22f6 100644
--- a/Mailman/testing/test_passwords.py
+++ b/Mailman/testing/test_passwords.py
@@ -19,6 +19,7 @@
 
 import unittest
 
+from Mailman import Errors
 from Mailman import passwords
 
 
@@ -72,6 +73,27 @@ class TestBogusPasswords(TestPasswordsBase):
     scheme = -1
 
     def test_passwords(self):
+        self.assertRaises(Errors.BadPasswordSchemeError,
+                          passwords.make_secret, self.pw8a, self.scheme)
+
+    def test_unicode_passwords(self):
+        self.assertRaises(Errors.BadPasswordSchemeError,
+                          passwords.make_secret, self.pwua, self.scheme)
+
+    def test_passwords_with_funky_chars(self):
+        self.assertRaises(Errors.BadPasswordSchemeError,
+                          passwords.make_secret, self.pw8b, self.scheme)
+
+    def test_unicode_passwords_with_funky_chars(self):
+        self.assertRaises(Errors.BadPasswordSchemeError,
+                          passwords.make_secret, self.pwub, self.scheme)
+
+
+
+class TestNonePasswords(TestPasswordsBase):
+    scheme = passwords.Schemes.no_scheme
+
+    def test_passwords(self):
         failif = self.failIf
         secret = passwords.make_secret(self.pw8a, self.scheme)
         failif(passwords.check_response(secret, self.pw8a))
@@ -97,24 +119,33 @@ class TestBogusPasswords(TestPasswordsBase):
 
 
 
-class TestNonePasswords(TestBogusPasswords):
-    scheme = 'no_scheme'
-
-
 class TestCleartextPasswords(TestPasswordsBase):
-    scheme = 'cleartext'
+    scheme = passwords.Schemes.cleartext
 
 
 class TestSHAPasswords(TestPasswordsBase):
-    scheme = 'sha'
+    scheme = passwords.Schemes.sha
 
 
 class TestSSHAPasswords(TestPasswordsBase):
-    scheme = 'ssha'
+    scheme = passwords.Schemes.ssha
 
 
 class TestPBKDF2Passwords(TestPasswordsBase):
-    scheme = 'pbkdf2'
+    scheme = passwords.Schemes.pbkdf2
+
+
+
+class TestSchemeLookup(unittest.TestCase):
+    def test_scheme_name_lookup(self):
+        unless = self.failUnless
+        unless(passwords.lookup_scheme('NONE') is passwords.Schemes.no_scheme)
+        unless(passwords.lookup_scheme('CLEARTEXT') is
+               passwords.Schemes.cleartext)
+        unless(passwords.lookup_scheme('SHA') is passwords.Schemes.sha)
+        unless(passwords.lookup_scheme('SSHA') is passwords.Schemes.ssha)
+        unless(passwords.lookup_scheme('PBKDF2') is passwords.Schemes.pbkdf2)
+        unless(passwords.lookup_scheme(' -bogus- ') is None)
 
 
 
@@ -126,4 +157,5 @@ def test_suite():
     suite.addTest(unittest.makeSuite(TestSHAPasswords))
     suite.addTest(unittest.makeSuite(TestSSHAPasswords))
     suite.addTest(unittest.makeSuite(TestPBKDF2Passwords))
+    suite.addTest(unittest.makeSuite(TestSchemeLookup))
     return suite
diff --git a/Mailman/testing/test_security_mgr.py b/Mailman/testing/test_security_mgr.py
index 543330aed..089f4b0ef 100644
--- a/Mailman/testing/test_security_mgr.py
+++ b/Mailman/testing/test_security_mgr.py
@@ -36,7 +36,7 @@ from Mailman.testing.base import TestBase
 
 
 def password(cleartext):
-    return passwords.make_secret(cleartext, 'ssha')
+    return passwords.make_secret(cleartext, passwords.Schemes.ssha)