| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
* added implementation of django 1.6's bcrypt_sha256 hasher, and UTs
* added django16 premade context to passlib.apps, made it default django_context
* test_ext_django now makes use of django16_context
* passlib.ext.django.utils.get_preset_config() now uses django16_context
* tox 'django' and 'django-py3' now test bcrypt integration
|
|
|
|
| |
also split bcrypt handler tests out into separate file for ease of testing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django & it's tests have gotten out of sync with django,
leading to a number of UT failures, as reported in issue 50.
tests now pass on django 1.2 through 1.6
passlib.ext.django
------------------
mimic changes in django's hasher logic:
* handle unsalted_sha1 hasher (django 1.4.6+)
* check_password(): empty hashes return False, rather throw error (django 1.5+
* allow empty passwords (django 1.6+)
* generate unusuable password suffixes (django 1.6+)
passlib.hash
------------
* django_des_crypt: added "use_duplicate_salt" class attr,
allowing tests to enable django 1.4+ style hashes which omit 1st salt.
* django_disabled: added support for django 1.6+ random suffixes
passlib.tests
-------------
* test_ext_django: lots of changes to verify django 1.5/1.6 behavior
* test_handlers_django: split django tests out of test_handlers
to make it easiers to run django-related tests.
* added workaround for encoding glitch in salted_md5 / salted_sha1 hashers (django 1.5+)
|
|
|
|
|
|
|
|
|
|
|
| |
* added some backwards-compat & error handling notes to CryptContext,
as suggested by Thomas Waldmann (https://code.google.com/p/passlib/issues/detail?id=27#c2)
* clarified alg descriptions and internal comments for lmhash, md5_crypt, cisco, et al
* deprecated_method() decorator now checks if ".. deprecated::" stanza already present in docstring
* hash_needs_update() won't be removed until release 2.0
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
builtin-bcrypt implementation
|
| |
|
| |
|
|
|
|
|
|
|
| |
against deprecated list (closes issue 39)
* also added some unittests to catch 3 cases covered in issue 39,
and some others as well.
|
| |
|
| |
|
| |
|
|
|
|
| |
for FreeBSD 8.3+ supporting SHA512-Crypt
|
| |
|
|
|
|
| |
values for bcrypt
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
vectors for speed
|
| |
|
| |
|
|
|
|
| |
reference
|
|
|
|
|
|
|
| |
* password hash api rewritten to center around PasswordHash abstract class
* extended walkthrough and documentation for PasswordHash interface
* pared down the per-hash examples, added links to PasswordHash
* updates docs and warnings
|
|
|
|
|
|
|
|
|
|
|
| |
- monkeypatching now formalized w/ a patch manager,
and should be *much* more resilient.
- patch states reduced greatly, simplified code and tests
- now handles django 1.4 correctly - patches hashers module as well
(had to write some new wrappers)
- added experimental methods GenericHandler.parsehash() to back our wrapper of Hasher.safe_summary()
- XXX: doesn't currently import current HASHER state,
- XXX: can't import hashers into passlib either -- though left initial notes on this
|
|
|
|
|
|
| |
- updated salt handling of the existing django hashes, in a way which should be backwards compatible w/ django 1.0
- UTs now test Django hasher output against passlib handlers (reverse was already being done)
- refactor of fuzz testing to reuse some of the methods.
|
| |
|
|
|
|
| |
for release. will adjust issue 24.
|
|
|
|
| |
hashes
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* bsdi_crypt apparently available on openbsd 4.9
* typo fixes
* ConfigParser apparently only uses OrderedDict for >= PY27,
adjusted CryptContext test accordingly
* fixed test that depended on sha256_crypt.default_rounds
* handle os_crypt backend w/ no fallback (bcrypt)
* let _norm_rounds accept longs
|
| |
|
|
|
|
| |
ambiguous method names
|
| |
|
|
|
|
|
| |
* cleaned up source of des_crypt variants and DES util functions
* DES utils functions now have tighter input validation, full UT coverage
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* passing a non-string secret or non-string hash to any
CryptContext or handler method will now reliably result
in a TypeError.
previously, passing hash=None to many handler identify() and verify()
methods would return False, while others would raise a TypeError.
other handler methods would alternately throw ValueError or TypeError
when passed a value that wasn't unicode or bytes.
the various CryptContext methods also behaved inconsistently,
depending on the behavior of the underlying handler.
all of these behaviors are gone, they should all raise the same TypeError.
* redid many of the from_string() methods to verify the hash type.
* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
this cheaply made the secret validation global to all hashes, and lets
_calc_digest() implementations trust that the secret is valid.
* updated the CryptContext and handler unittests to verify the above behavior is adhered to.
|
|
|
|
|
|
| |
* support variable salt size of 4-16 bytes [issue 30].
* throw correct error when invalid base64 encoding is encountered.
* added some test vectors for the above.
|
|
|
|
| |
chars; to prevent DOS issues.
|
|
|
|
|
|
|
| |
was using default policy to store recommended defaults for hashes,
but it only affects CryptContext objects, and users seem to frequent
using the handler objects directly - so going to store recommended
defaults in the handler from now on.
|
|
|
|
|
|
|
| |
* added code to shoehorn $2$-support wrapper for bcryptor backend
* added PasslibSecurityWarning when builtin backend is enabled
(still considered whether it should be enabled by default)
* py3 compat fix for repair_unused
|
|
|
|
| |
(may not support django 1.4 until passlib 1.7)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.tests
-------------
* deprecated support for unittest 1... accumulated too many backports,
planning to require unittest2 in next release.
* case_prefix renamed to shortDescription
* test case now archives & clears warning registry state in addition
to warning filter state
passlib.utils.compat
--------------------
* a bunch of the bytes-related functions were renamed for clarity
* NativeStringIO alias added
* trange alias merged into irange
|