diff options
author | Eli Collins <elic@assurancetechnologies.com> | 2012-01-10 00:15:48 -0500 |
---|---|---|
committer | Eli Collins <elic@assurancetechnologies.com> | 2012-01-10 00:15:48 -0500 |
commit | b65d2f35fb0d95c1cca55c484c8adc311042a935 (patch) | |
tree | aa0ee3c721b21343df5cd377e130309d13cb3e10 /CHANGES | |
parent | 66b1c670d57deff8fc1c0799df5e34febc58a0d0 (diff) | |
download | passlib-b65d2f35fb0d95c1cca55c484c8adc311042a935.tar.gz |
added example hashes to scram documentation, other doc tweaks
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 25 |
1 files changed, 18 insertions, 7 deletions
@@ -6,12 +6,21 @@ Release History **1.6** (NOT YET RELEASED) + Hashes + + * Passlib now offers the :doc:`scram <lib/passlib.hash.scram>` hash, + specially designed for storing digest information for verifying + a user against the SCRAM protocol (:rfc:`5802`). It can also + be used to verify users in the same way as any other password + hash in Passlib, though it offers no particular advantages + outside of this special case. + CryptContext .. currentmodule:: passlib.context - * :class:`~CryptContext` now supports a :ref:`passprep` option, - which runs all passwords through :rfc:`SASLPrep <4013>` + * :class:`~CryptContext` now supports a :ref:`passprep <passprep>` option, + which runs all passwords through SASLPrep (:rfc:`4013`) in order to normalize their unicode representation before hashing [issue 24]. @@ -43,7 +52,9 @@ Release History Other * Passlib is now source-compatible with Python 2.5+ and Python 3, - and no longer requires the use of :cmd:`2to3` to run under Python 3. + and no longer requires the use of :command:`2to3` to run under Python 3. + + .. currentmodule:: passlib.hash .. _consteq-issue: @@ -59,14 +70,14 @@ Release History as it requires the attacker to both know the salt, and be able to generate digests beginning with a specific prefix. However, while this task should be computationally difficult - against modern hashes (such as :class:`!sha512_crypt`), this + against modern hashes (such as :class:`sha512_crypt`), this change should pre-emptively protect Passlib in case someone constructs a such an attack in the future. Furthermore, some of the legacy hashes supported by Passlib (such as - :class:`!mysql323`) are already weak enough to be vulnerable. + :class:`mysql323`) are already weak enough to be vulnerable. - * Builtin implementations of :class:`~md5_crypt`, - :class:`~sha256_crypt`, and :class:`~sha512_crypt` sped up by + * Builtin implementations of :class:`md5_crypt`, + :class:`sha256_crypt`, and :class:`sha512_crypt` sped up by about 25% due via additional pre-computation step. * Restored builtin pure-python BCrypt implementation |