did rewrite of unix_fallback as unix_disabled; unix_fallback is now deprecated

4 files changed, 50 insertions, 57 deletions

diff --git a/docs/lib/passlib.hash.rst b/docs/lib/passlib.hash.rst
index d06fed1..1dda3b9 100644
--- a/docs/lib/passlib.hash.rst
+++ b/docs/lib/passlib.hash.rst
@@ -104,7 +104,7 @@ behavior found in many Linux & BSD password files:
 .. toctree::
     :maxdepth: 1
 
-    passlib.hash.unix_fallback
+    passlib.hash.unix_disabled
 
 .. _ldap-hashes:
 
diff --git a/docs/lib/passlib.hash.unix_disabled.rst b/docs/lib/passlib.hash.unix_disabled.rst
new file mode 100644
index 0000000..bfd725d
--- /dev/null
+++ b/docs/lib/passlib.hash.unix_disabled.rst
@@ -0,0 +1,47 @@
+==================================================================
+:class:`passlib.hash.unix_disabled` - Unix Disabled Account Helper
+==================================================================
+
+.. currentmodule:: passlib.hash
+
+This class does not provide an encryption scheme,
+but instead provides a helper for handling disabled
+password fields as found in unix ``/etc/shadow`` files.
+
+Usage
+=====
+This class is mainly useful only for plugging into a
+:class:`~passlib.context.CryptContext` instance.
+It can be used directly as follows::
+
+    >>> from passlib.hash import unix_disabled as ud
+
+    >>> # 'encrypting' a password always results in "!" or "*"
+    >>> ud.encrypt("password")
+    '!'
+
+    >>> # verifying will fail for all passwords and hashes
+    >>> ud.verify("password", "!")
+    False
+    >>> ud.verify("letmein", "*NOPASSWORD*")
+    False
+
+    >>> # all strings are recognized - if used in conjunction with other hashes,
+    >>> # this should be the last one checked.
+    >>> ud.identify('!')
+    True
+    >>> ud.identify('*')
+    True
+    >>> ud.identify('')
+    True
+
+
+Interface
+=========
+.. autoclass:: unix_disabled
+
+Deviations
+==========
+According to the Linux ``shadow`` man page, an empty string is treated
+as a wildcard by Linux, allowing all passwords. For security purposes,
+this behavior is NOT supported; empty strings are treated the same as ``!``.
diff --git a/docs/lib/passlib.hash.unix_fallback.rst b/docs/lib/passlib.hash.unix_fallback.rst
deleted file mode 100644
index 4870d82..0000000
--- a/docs/lib/passlib.hash.unix_fallback.rst
+++ /dev/null
@@ -1,52 +0,0 @@
-==================================================================
-:class:`passlib.hash.unix_fallback` - Unix Fallback Helper
-==================================================================
-
-.. currentmodule:: passlib.hash
-
-This class does not provide an encryption scheme,
-but instead provides a helper for handling disabled / wildcard
-password fields as found in unix ``/etc/shadow`` files.
-
-Usage
-=====
-This class is mainly useful only for plugging into a :class:`~passlib.context.CryptContext`.
-When used, it should always be the last scheme in the list,
-as it is designed to provide a fallback behavior.
-It can be used directly as follows::
-
-    >>> from passlib.hash import unix_fallback as uf
-
-    >>> #'encrypting' a password always results in "!", the default reject hash.
-    >>> uf.encrypt("password")
-    '!'
-
-    >>> #check if hash is recognized (all strings are recognized)
-    >>> uf.identify('!')
-    True
-    >>> uf.identify('*')
-    True
-    >>> uf.identify('')
-    True
-
-    >>> #verify against non-empty string - no passwords allowed
-    >>> uf.verify("password", "!")
-    False
-
-    >>> #verify against empty string:
-    >>> #   * by default, no passwords allowed
-    >>> #   * all passwords allowed IF enable_wildcard=True
-    >>> uf.verify("password", "")
-    False
-    >>> uf.verify("password", "", enable_wildcard=True)
-    True
-
-Interface
-=========
-.. autoclass:: unix_fallback
-
-Deviations
-==========
-According to the Linux ``shadow`` man page, an empty string is treated
-as a wildcard by Linux, allowing all passwords. For security purposes,
-this behavior is not enabled unless specifically requested by the application.
diff --git a/docs/lib/passlib.hosts.rst b/docs/lib/passlib.hosts.rst
index c03bbed..5ca13db 100644
--- a/docs/lib/passlib.hosts.rst
+++ b/docs/lib/passlib.hosts.rst
@@ -49,12 +49,10 @@ for the following Unix variants:
 
 .. note::
 
-    All of the above contexts include the :class:`~passlib.hash.unix_fallback` handler
+    All of the above contexts include the :class:`~passlib.hash.unix_disabled` handler
     as a final fallback. This special handler treats all strings as invalid passwords,
     particularly the common strings ``!`` and ``*`` which are used to indicate
-    that an account has been disabled [#shadow]_. It can also be configured
-    to treat empty strings as a wildcard allowing in all passwords,
-    though this behavior is disabled by default for security reasons.
+    that an account has been disabled [#shadow]_. 
 
 A quick usage example, using the :data:`!linux_context` instance::