summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* passlib.exc: added constructors for common errors, should normalize error ↵Eli Collins2012-04-1020-116/+185
| | | | messages
* ldap salted digest improvementsEli Collins2012-04-094-15/+84
| | | | | | * support variable salt size of 4-16 bytes [issue 30]. * throw correct error when invalid base64 encoding is encountered. * added some test vectors for the above.
* fixed issue 29 - m2crypto crash may be triggered by keylen > 32, not > 41 as ↵Eli Collins2012-04-091-5/+7
| | | | I previously thought
* *all* hashes now throw PasswordSizeError if password is larger than 4096 ↵Eli Collins2012-04-099-1/+62
| | | | chars; to prevent DOS issues.
* removed default policy file & objectEli Collins2012-04-096-92/+19
| | | | | | | was using default policy to store recommended defaults for hashes, but it only affects CryptContext objects, and users seem to frequent using the handler objects directly - so going to store recommended defaults in the handler from now on.
* misc bugfixesEli Collins2012-03-127-32/+85
| | | | | | | | | | | * removed cisco_type7 config string, conflicted w/ empty password * fixed unicode type issue in cisco_type7, win32.nthash * bsdi_crypt.min_rounds now 1 (0 results in identical hashes) * fixed unicode type issue in UPASS_TABLE tests for plaintext, ldap_plaintext * relocated test vectors from test_win32 to lmhash/nthash * 8bit test for UnsaltedHash * fuzz testing expanded to use 5-99 char passwords, and 1/10000 are empty *
* bcrypt workEli Collins2012-03-125-43/+102
| | | | | | | * added code to shoehorn $2$-support wrapper for bcryptor backend * added PasslibSecurityWarning when builtin backend is enabled (still considered whether it should be enabled by default) * py3 compat fix for repair_unused
* updated passlib.ext.django; made some notes about django 1.4Eli Collins2012-03-125-49/+68
| | | | (may not support django 1.4 until passlib 1.7)
* doc tweaksEli Collins2012-03-128-21/+36
|
* updated test support & py3 compat code from an external libraryEli Collins2012-03-1221-372/+448
| | | | | | | | | | | | | | | | passlib.tests ------------- * deprecated support for unittest 1... accumulated too many backports, planning to require unittest2 in next release. * case_prefix renamed to shortDescription * test case now archives & clears warning registry state in addition to warning filter state passlib.utils.compat -------------------- * a bunch of the bytes-related functions were renamed for clarity * NativeStringIO alias added * trange alias merged into irange
* misc bugfixes dealing with changes from last 8 or so commitsEli Collins2012-03-116-16/+27
|
* bugfix: change some context tests to use phpass instead of bsd_nthash or bcryptEli Collins2012-03-112-15/+18
|
* added hack to clear warnings registry so assertWarningList() tests will pass ↵Eli Collins2012-03-118-34/+53
| | | | reliably
* to_bytes, to_unicode, to_native_str: added special TypeErrors for None, ↵Eli Collins2012-03-102-8/+18
| | | | other small tweaks
* safe_crypt() now handles "*0" and similar error returns from crypt()Eli Collins2012-03-102-12/+31
|
* added some notesEli Collins2012-03-105-22/+18
|
* bugfix to setup.pyEli Collins2012-03-101-1/+1
|
* doc tweaksEli Collins2012-03-104-18/+16
|
* various bcrypt improvementsEli Collins2012-03-107-129/+355
| | | | | | | | | | | | * studied crypt_blowfish's 8bit bug - verified none of passlib's backends were affected - added recognition (but not support) for crypt_blowfish's $2x$ hash prefix - added support for crypt_blowfish's $2y$ hash prefix - note in docs about Passlib's current handling of crypt_blowfish 8bit issues. * refactored bcrypt's salt-unused-bits repair code into Base64Engine.repair_unused(), making the code cleaner and more isolated. a bunch more tests. * added bcrypt64 (bcrypt-base64 variant) to utils * added LazyBase64Engine to reduce memory / startup time
* cleanup of scram hash; improved norm_digest_name() and moved it to utils.pbkdf2Eli Collins2012-03-106-339/+391
|
* did rewrite of unix_fallback as unix_disabled; unix_fallback is now deprecatedEli Collins2012-03-1010-72/+173
|
* added Window's DCC hashes (aka mscache / mscash) version 1 & 2Eli Collins2012-03-107-6/+405
|
* renamed nthash -> bsd_nthash; added real nthash implementedEli Collins2012-03-109-86/+184
| | | | | | | after some thought, realized the 'nthash' name should implement the raw hash. since bsd_nthash was very rarely used, it shouldn't present backwards incompatibility issues at this point to go ahead and rename it.
* added support for lmhashEli Collins2012-03-107-5/+310
|
* added support for Cisco PIX & Type 7 hashesEli Collins2012-03-1010-20/+697
| | | | | | | | * Cisco Type 5 appears to be same as md5_crypt * added requires_user=False support to HandlerCase * added more through salt-generation test (since cisco_pix has only 4 bits of salt) * added HandlerCase test to ensure user is used as salt
* added mssql 2000/2005 hashes; enhanced HandlerCase's password case sensitive ↵Eli Collins2012-03-108-3/+622
| | | | test
* more test vectors!Eli Collins2012-03-091-144/+481
| | | | | | * incorporated test vectors from various sources (esp JTR) for various hashes * tried to document sources for existing vectors * added at least one unicode/8bit test vector for every hash
* renamed test_handlers classes to match alg name + "_test" (tired of having ↵Eli Collins2012-03-093-188/+142
| | | | to guess capitalization)
* utils.handlers framework reworked; removed a bunch of boilerplate codeEli Collins2012-03-0920-643/+627
| | | | | | | | | | | | | | | | | | | | | | | | | | | * StaticHandler is now subclass of GenericHandler - _calc_checksum() should be implemented instead of encrypt(). (compatibility stub added so old code should continue to work) - _norm_hash() no longer needs to handle ->unicode conversion - default from_string() contains a bunch of features, including stripping a known prefix, etc. * context kwds now pulled into constructor, so GenericHandler supports context kwds properly; HasUserContext mixin added to support common 'user' context kwd * identify_regexp & identify_prefix removed, functionality rolled into default GenericHandler.identify() implementation. - default identify checks _hash_regex as potential way to identify hashes * HasStubChecksum removed, functionality rolled into GenericHandler * HasRawChecksum now just sets a flag, functionality moved into GenericHandler * HasManyIdents._parse_ident() helper added to valid & split identifier from hashes. * GenericHandler._norm_checksum() is now strict about unicode / bytes
* base HandlerCase class reworkedEli Collins2012-03-097-666/+1133
| | | | | | | | | | | | * reworked warning-matching code into assertWarningList() method * reorganized HandlerCase hash tests based on cross-cutting topic, not per-function; this combined many tests together to eliminate redundant setup * added test of reported rounds limits * added better fuzz testing - tests random passwords & options using encrypt(), and verifies against any all available backends * added flags to properly support 'disabled' handlers, and other border cases. * added tests for password & user case-sensitivity * restores warning filters after every test
* tweak to setup scriptEli Collins2012-02-091-8/+8
|
* consolidated some unit testsEli Collins2012-02-094-161/+126
|
* MergeEli Collins2012-02-0842-602/+737
|\
| * renamed calc_checksum() -> _calc_checksum(), hiding the last of the private ↵Eli Collins2012-02-0816-47/+48
| | | | | | | | methods of most handlers
| * renamed passlib.exc warning classesEli Collins2012-02-0811-38/+38
| |
| * documentation updates for last two commitsEli Collins2012-02-0820-161/+185
| |
| * minor tweaks & fixesEli Collins2012-02-085-12/+14
| |
| * large refactor of GenericHandler internalsEli Collins2012-02-0820-359/+467
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | strict keyword -------------- * GenericHandler's "strict" keyword had poorly defined semantics; replaced this with "use_defaults" and "relaxed" keywords. Most handlers' from_string() method specified strict=True. This is now the default behavior, use_defaults=True is enabled only for encrypt() and genconfig(). relaxed=True is enabled only for specific handlers (and unittests) whose code requires it. This *does* break backward compat with passlib 1.5 handlers, but this is mostly and internal class. * missing required settings now throws a TypeError instead of a ValueError, to be more in line with std python behavior. * The norm_xxx functions provided by the GenericHandler mixins (e.g. norm_salt) have been renamed to _norm_xxx() to reflect their private nature; and converted from class methods to instance methods, to simplify their call signature for subclassing. misc ---- * rewrote GenericHandler unittests to use constructor only, instead of poking into norm_salt/norm_rounds internals. * checksum/salt charset checks speed up using set comparison * some small cleanups to FHSP implementation
* | fix to lazy handler loadingEli Collins2012-01-191-4/+4
| |
* | deprecating min_verify_time option; doesn't meaningfully increase security, ↵Eli Collins2012-01-195-30/+57
|/ | | | and adds code complexity
* minor updatesEli Collins2012-01-192-1/+5
|
* assertEquals() -> assertEqual()Eli Collins2012-01-193-42/+42
|
* simplified crypt.crypt() wrappersEli Collins2012-01-1914-203/+220
| | | | | | | * safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure * added test_crypt() wrapper to simplify backend checks. * removed native=True from most to_string() implementations, unused now. * updated UTs
* split exceptions/warnings to separate module; added some additional warning ↵Eli Collins2012-01-1819-72/+152
| | | | classes to make filtering easier
* documentation updates for latest round of changesEli Collins2012-01-188-85/+114
|
* misc bugfixes from round of changesEli Collins2012-01-1816-91/+174
| | | | | | | | | * added str_to_[ub]ascii to wrap hexdigest() calls * fixed some h64big calls I missed * some py3 fixes * removed utils.compat.aliases, using overlay to replace real compat module instead (to agree w/ imports already in code)
* StaticHandler._norm_hash() should return native str typeEli Collins2012-01-186-38/+23
|
* import cleanupsEli Collins2012-01-1836-280/+292
| | | | | | | | | | | | | | | * moved bytes compat functions from utils to utils.compat (bord, bjoin, bjoin_ints, bjoin_elems, ujoin) * renamed bord -> belem_ord for clarify * a bunch of to_native_str() always use ascii, and have fixed input types (always bytes or always unicode). these don't need overhead of to_native_str(), so replaced those calls with two new funcs: compat.bascii_to_str() / compat.uascii_to_str() * cleaned up a lot of imports from utils/utils.compat to pull from correct module * simplified the to_string() logic of a bunch of handlers to reduce unicode<->byte transitions
* changed test_utils to import subjects within test functions, instead of globallyEli Collins2012-01-183-25/+36
|
* cleanups to utilsEli Collins2012-01-186-97/+82
|
View Lorry Controller Status