| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
realized can do this now that we're requiring python3 >= 3.3.
had to keep u() helper around for u(r"") instances, since py3 doesn't have ur"".
but switched it to use ascii decoding for py2, to make sure things are clean.
|
| |
|
|
|
|
|
|
|
| |
scheduled
for removal in v1.8.
this removes CryptPolicy, unix_fallback, some old HtpasswdFile methods,
and more. tests were updated as well. see history/1.8 for a complete list.
|
| |
|
|
| |
of places.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Still not happy with how this is structured -- would like to use simple
if/elif/else blocks within source to determine which backend to load;
but being able to switch backends on the fly is too useful in development,
and cross-fuzz-testing the various backends.
In any case, this tries to rebalance things a little -- loaders
should now be more explicit about what they're doing, at the expense
of a little more boilerplate.
passlib.utils.handlers
----------------------
* BackendMixin:
- added global thread lock to eliminate chance of changing
backends in multiple threads, and getting things scrambled.
- factored out some of set_backend()'s internals into (threadsafe)
_set_backend() helper, which invokes the loaders.
- removed _finalize_backend() entirely -- all the grunt work is now
pushed explicitly into the loaders, instead of getting something back
and then running additional code. a little more boilerplate,
but a LOT clearer.
- loaders now passed optional 'name' keyword as well,
just have to return True/False.
* SubclassBackendMixin:
- moved '_backend_owner' attr from BackendMixin to here,
renamed to '_backend_mixin_target', and made a required attr.
- _finalize_backend_mixin() methods now an implementation detail
of the particular hasher, and invoked explicitly from the loaders.
so removed base implementation of this & _finalize_backend().
- now invokes mixin_cls._load_backend_mixin()
* HasManyBackends:
- loaders now have to explicitly call ._set_calc_checksum_backend() helper,
which takes care of dryrun, etc.
HasManyBackends classes (sha256_crypt, etc)
-------------------------------------------
* loaders now invoke _set_calc_checksum_backend(), and return bool success.
SubclassMixin classes (argon2 & bcrypt)
---------------------------------------
* _finalize_backend_mixin() is now an internal detail of class,
and is called explicitly by the mixin class loaders.
* loaders renamed to _load_backend_mixin(), take in 'name' and 'dryrun'
|
| |
|
|
| |
following change to HasIdents.identify() a few commits ago
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
which provides a more generic & flexible framework than HasManyBackends.
* has_backend() now a wrapper for set_backend(), which now accepts a dryrun flag.
* loaders can now return arbitrary objects, classes can control how they operate.
* loaders can now be dryrun aware.
* bcrypt hasher, scrypt hasher, and scrypt module updated to use new api
* fuzz tester now correctly restored backend after use
|
| |
|
|
|
| |
this basically reversed rev 5c41b0153d4f; after using it a bit more,
decided the name didn't indicate as well what the method was doing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
callers should use handler.replace(**settings).hash() instead.
this is being done because it greatly streamlines the internals of the .hash()
implementation, and allows some redundant configuration parsing to be extracted
from the .hash() methods and merged in with existing code in .replace().
this also opens things up for alternate code architectures for implementing new hashers,
making it easier to wrap existing libraries (e.g. argon2).
internals
---------
* replaced a bunch of internal .hash(**settings) calls
* GenericHandler
- stripped out 'relaxed' keyword from constructor, since it's no longer
passed by hash() etc.
- _norm_checksum() now only invoked if checksum is specified (simplifies logic).
keeping support for 'relaxed' mode, but only as explicit keyword.
- removed some unused comments about .from_string() & .to_string()
* HasSalt mixin:
- .replace() now supports 'salt' keyword, creates variant
which has a fixed salt string.
- 'salt size' keyword removed from ctor, now handled by .replace() call
- _norm_salt() converted to class method so it can be
used by .replace() 'salt' keyword code.
- per-instance bits of _norm_salt() relocated to HasSalt.__init__ proper
- _generate_salt() converted to class method, since no longer depends on instance config.
* HasRounds mixin:
- similar to HasSalt, relocates per-instance bits of _norm_rounds()
into HasRounds.__init__() proper.
- remainder of _norm_rounds() turned into class method, merged
with ._clip_to_valid_rounds() helper to reduce duplication.
- _generate_rounds() converted to class method, since no longer depends on instance config.
hashers
-------
* fshp: added support for 'variant' keyword to replace()
* unix_disabled: added support for 'marker' keyword to replace(), added UTs.
* cisco_type7: to match HasSalt, added support for 'salt' keyword to replace(), added UTs.
* sha256/512_crypt: now uses custom salt & rounds parsing, rather than relaxed kwd,
to handle correctable-but-invalid config strings.
unittests
---------
* removed checks for PasslibConfigWarning when setting hash(rounds=) out of policy bounds,
since that now *is* setting the policy.
* adapted some handler ctor to deal w/ lack of 'relaxed' kwd
docs
----
* updated docstrings listing hash() keywords for each scheme to list them
as .replace() keywords.
* updated example code to use .replace()
* fleshed out api docs about the change
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
after further consideration (while implementing a handler for argon2),
decided that rolling .genconfig() and .genhash() into the .hash() method
(as was done in rev 1f7421b35b75) put too much complexity into the .hash() method.
this commit walks back those portions of rev 1f7421b35b75 -- .genconfig()
and .genhash() are now implemented for each handler directly.
however, going a little further and completely deprecating .genconfig()
and .genhash() support entirely -- decided there's no need for them in
the public api whatsoever. apps shouldn't need/use them, and the unittests
can use their own workarounds.
* removed "config" keyword from handler.hash() ifc
* removed support for config=None from handler.genhash() -- nothing should use it
now that handler.genconfig() always returns a string.
* marked .genhash() and .genconfig() as completely deprecated, w/ no alternative
* uts: factored out calls which need config only into a .do_stub_encrypt() helper,
as replacement for internal uses of .genconfig()
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.encrypt()
----------
hash.encrypt() & context.encrypt() have been renamed to .hash().
this should take care of the long-standing issue 21 (the poor naming of .encrypt).
per docs, legacy aliases will remain in place until passlib 2.0.
.genhash() / .genconfig()
-------------------------
taking advantage of this reorganization to also deprecate .genconfig()
and .genhash() -- they're not really useful in a modern system,
nor as needed for historical support as initially thought:
.genconfig() will be retired completely in passlib 2.0;
.genhash() is rolled into the new .hash() method along with .encrypt().
|
| |\ |
|
| | |
| |
| |
| |
| | |
default rounds values. serves me right for tweaking the default
rounds *after* a release.
|
| | | |
|
| | |
| |
| |
| | |
for the few simple uses that we have.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
support;
as well as PyPy 1.x and Jython 2.5.
shims removed
-------------
* b() shim replaced with b'' (py25)
* 'bytes' alias no longer needed (py25)
* callable() shim no longer needed (py30,31)
* PY_MIN_32 flag replaced with PY3 flag (py30,31)
* removed 'abc' module stub used by passlib.ifc (py25)
* removed chain_from_iterable() backport (py25)
* tests: removed catch_warnings() backport,
replaced refs with real warnings.catch_warnings() (py25)
* tests: removed unittest2 backports (py25, py30, py31) --
now throw hard error if unittest2 not present under py26
(the only release remaining which lacks the unittest2 features)
* removed SUPPORTS_DIR_METHOD conditional (py25, pypy 1.x)
* some other minor workarounds
other
-----
* added check in passlib.compat which now throws error telling user
version isn't supported (to prevent spurious errors later)
|
| |\ \
| |/ |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* _has_backend_xxx attr replaced by _load_backend_xxx(),
which should allow much more flexibility in backend initialization
* added _try_alternate_backends() helper for falling back to another
backend on a per-hash basis -- used by pretty much all os_crypt backends
* converted all internal hashes to use this code
* added UTs for _load_backend() and _try_alternate_backends()
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* passing a non-string secret or non-string hash to any
CryptContext or handler method will now reliably result
in a TypeError.
previously, passing hash=None to many handler identify() and verify()
methods would return False, while others would raise a TypeError.
other handler methods would alternately throw ValueError or TypeError
when passed a value that wasn't unicode or bytes.
the various CryptContext methods also behaved inconsistently,
depending on the behavior of the underlying handler.
all of these behaviors are gone, they should all raise the same TypeError.
* redid many of the from_string() methods to verify the hash type.
* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
this cheaply made the secret validation global to all hashes, and lets
_calc_digest() implementations trust that the secret is valid.
* updated the CryptContext and handler unittests to verify the above behavior is adhered to.
|
| |
|
|
| |
messages
|
| |
|
|
|
|
|
|
|
|
|
| |
* removed cisco_type7 config string, conflicted w/ empty password
* fixed unicode type issue in cisco_type7, win32.nthash
* bsdi_crypt.min_rounds now 1 (0 results in identical hashes)
* fixed unicode type issue in UPASS_TABLE tests for plaintext, ldap_plaintext
* relocated test vectors from test_win32 to lmhash/nthash
* 8bit test for UnsaltedHash
* fuzz testing expanded to use 5-99 char passwords, and 1/10000 are empty
*
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.tests
-------------
* deprecated support for unittest 1... accumulated too many backports,
planning to require unittest2 in next release.
* case_prefix renamed to shortDescription
* test case now archives & clears warning registry state in addition
to warning filter state
passlib.utils.compat
--------------------
* a bunch of the bytes-related functions were renamed for clarity
* NativeStringIO alias added
* trange alias merged into irange
|
| | |
|
| |
|
|
| |
reliably
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* StaticHandler is now subclass of GenericHandler
- _calc_checksum() should be implemented instead of encrypt().
(compatibility stub added so old code should continue to work)
- _norm_hash() no longer needs to handle ->unicode conversion
- default from_string() contains a bunch of features,
including stripping a known prefix, etc.
* context kwds now pulled into constructor, so GenericHandler
supports context kwds properly; HasUserContext mixin added
to support common 'user' context kwd
* identify_regexp & identify_prefix removed, functionality
rolled into default GenericHandler.identify() implementation.
- default identify checks _hash_regex as potential way to identify hashes
* HasStubChecksum removed, functionality rolled into GenericHandler
* HasRawChecksum now just sets a flag, functionality moved into GenericHandler
* HasManyIdents._parse_ident() helper added to valid & split identifier
from hashes.
* GenericHandler._norm_checksum() is now strict about unicode / bytes
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* reworked warning-matching code into assertWarningList() method
* reorganized HandlerCase hash tests based on cross-cutting topic, not per-function;
this combined many tests together to eliminate redundant setup
* added test of reported rounds limits
* added better fuzz testing - tests random passwords & options using encrypt(),
and verifies against any all available backends
* added flags to properly support 'disabled' handlers, and other border cases.
* added tests for password & user case-sensitivity
* restores warning filters after every test
|
| |
|
|
| |
methods of most handlers
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
strict keyword
--------------
* GenericHandler's "strict" keyword had poorly defined semantics;
replaced this with "use_defaults" and "relaxed" keywords.
Most handlers' from_string() method specified strict=True.
This is now the default behavior, use_defaults=True is enabled
only for encrypt() and genconfig(). relaxed=True is enabled
only for specific handlers (and unittests) whose code requires it.
This *does* break backward compat with passlib 1.5 handlers,
but this is mostly and internal class.
* missing required settings now throws a TypeError instead of
a ValueError, to be more in line with std python behavior.
* The norm_xxx functions provided by the GenericHandler mixins
(e.g. norm_salt) have been renamed to _norm_xxx() to reflect their
private nature; and converted from class methods to instance
methods, to simplify their call signature for subclassing.
misc
----
* rewrote GenericHandler unittests to use constructor only,
instead of poking into norm_salt/norm_rounds internals.
* checksum/salt charset checks speed up using set comparison
* some small cleanups to FHSP implementation
|
| |
|
|
|
|
|
| |
* safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure
* added test_crypt() wrapper to simplify backend checks.
* removed native=True from most to_string() implementations, unused now.
* updated UTs
|
| |
|
|
| |
classes to make filtering easier
|
| |
|
|
|
|
|
|
|
| |
* added str_to_[ub]ascii to wrap hexdigest() calls
* fixed some h64big calls I missed
* some py3 fixes
* removed utils.compat.aliases, using overlay
to replace real compat module instead
(to agree w/ imports already in code)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved bytes compat functions from utils to utils.compat
(bord, bjoin, bjoin_ints, bjoin_elems, ujoin)
* renamed bord -> belem_ord for clarify
* a bunch of to_native_str() always use ascii, and
have fixed input types (always bytes or always unicode).
these don't need overhead of to_native_str(), so replaced
those calls with two new funcs: compat.bascii_to_str() /
compat.uascii_to_str()
* cleaned up a lot of imports from utils/utils.compat to
pull from correct module
* simplified the to_string() logic of a bunch of handlers
to reduce unicode<->byte transitions
|
| | |
|
| |
|
|
| |
aliases kept for now)
|
| | |
|
| |
|
|
|
|
| |
decided that to_hash_str will always return native string,
feature of hashes being returned as unicode under python 2
is better done through a CryptContext option.
|
| | |
|
| |\ |
|
