summaryrefslogtreecommitdiff
path: root/passlib/utils
Commit message (Collapse)AuthorAgeFilesLines
* various minor updates to documentation & code commentsEli Collins2012-06-271-2/+2
|
* loads of documentation updatesEli Collins2012-05-012-44/+57
|
* bunch bugfixes to the unittestsEli Collins2012-05-012-33/+15
| | | | | | | | | * timer issues under windows * id() issues under jython * mtime issues under jython & darwin * corrected expectations of test_ext_django's patch checker * added darwin flags to platform_os_crypt info * fixed regression in os_crypt backend test mocking
* moved is_ascii_codec() helper to utilsEli Collins2012-05-011-0/+7
|
* assorted bugfixes & additional test coverageEli Collins2012-04-302-73/+31
|
* utils.handlers: fleshed out tests; fixed some bugsEli Collins2012-04-301-27/+33
|
* excluded some branches from coverageEli Collins2012-04-303-9/+8
|
* splitcomma won't dieEli Collins2012-04-301-8/+8
|
* better coverage of crypto routines, fixed some bugsEli Collins2012-04-301-54/+61
|
* unittest cleanups, better coverage, etcEli Collins2012-04-301-1/+14
| | | | | | | | | | | | | | | * split ut2 backports into separate module to keep them distinct from customizations * added backport of skip() / skipIf(), simplified a bunch of code * "PASSLIB_TESTS" env var renamed to "PASSLIB_TEST_MODE", has one of three values (quick,default,full) * assertWarningList() can now be used as context manager * added TestCase.mktemp(), and some capability tests via TestCase.require_xxx() * HandlerCase - subclasses can now modify do_xxx() settings and context using unified interface. - defaults to lower number of rounds for all hashes, to speed up UTs - create_backend_case() is now classmethod that yields multiple backends - added test to ensure os_crypt hashes forbid NULL chars - EncodingHandlerMixin for common tests of 'encoding' keyword
* added some missing tests; fixed a bunch of bugsEli Collins2012-04-284-32/+27
|
* assorted small details that weren't covered in the last few mergesEli Collins2012-04-273-3/+14
|
* updated front matter and other documentationEli Collins2012-04-272-5/+16
|
* near complete rewrite of django plugin, now making publicEli Collins2012-04-272-0/+59
| | | | | | | | | | | - monkeypatching now formalized w/ a patch manager, and should be *much* more resilient. - patch states reduced greatly, simplified code and tests - now handles django 1.4 correctly - patches hashers module as well (had to write some new wrappers) - added experimental methods GenericHandler.parsehash() to back our wrapper of Hasher.safe_summary() - XXX: doesn't currently import current HASHER state, - XXX: can't import hashers into passlib either -- though left initial notes on this
* finally added abstract base class for the password hash interface -- ↵Eli Collins2012-04-271-25/+10
| | | | | | passlib.ifc.PasswordHash (also had to make some tweaks to fix class repr due to ABCMeta)
* added experimental GenericHandler.bitsize() method, which estimates bitsize ↵Eli Collins2012-04-271-6/+73
| | | | of hash components
* made support for encoding context keyword uniformEli Collins2012-04-271-0/+9
| | | | | | - plaintext, ldap_plaintext, lmhash, htdigest all support it - also expose default_encoding attribute - moved HasEncodingContext from lmhash to handlers
* context change - shortened hash_needs_update() to needs_update()Eli Collins2012-04-271-2/+2
| | | | | | | - renamed internal update hooks as well - needs_update() now accepts an optional copy of the password. this is unused for now, but should pave the way for properly migrating crypt_blowfish $2x$ hashes in the next release.
* renamed 'errname' to 'param' for to_unicode, etc; to match some of the other ↵Eli Collins2012-04-271-26/+26
| | | | helper functions
* sped up pbkdf2 implementation by 60% or so - upped the rounds for all pbkdf2 ↵Eli Collins2012-04-192-57/+61
| | | | hashes
* disabling saslprep() support under Jython - it lacks the stringprep moduleEli Collins2012-04-172-6/+31
|
* a bunch of bugfixes found during unittestingEli Collins2012-04-171-2/+2
| | | | | | | | | | * bsdi_crypt apparently available on openbsd 4.9 * typo fixes * ConfigParser apparently only uses OrderedDict for >= PY27, adjusted CryptContext test accordingly * fixed test that depended on sha256_crypt.default_rounds * handle os_crypt backend w/ no fallback (bcrypt) * let _norm_rounds accept longs
* updated passlib.apache module's api - more flexible to use, changed some ↵Eli Collins2012-04-171-5/+34
| | | | ambiguous method names
* work on des_crypt familyEli Collins2012-04-131-115/+238
| | | | | * cleaned up source of des_crypt variants and DES util functions * DES utils functions now have tighter input validation, full UT coverage
* assorted bugfixes, tweaks, and tests added; based on coverage examinationEli Collins2012-04-124-82/+73
| | | | | | | * test os_crypt backend has functional fallback * test handler methods accept all unicode/bytes combinations for secret & hash * fixed some incorrect error messages & types being caught & raised * other minor cleanups
* ran full UTs, found and fixed a few bugs introduced in last few commits.Eli Collins2012-04-111-0/+2
|
* clarify behavior for secret=None and hash=NoneEli Collins2012-04-114-71/+58
| | | | | | | | | | | | | | | | | | | | | | | * passing a non-string secret or non-string hash to any CryptContext or handler method will now reliably result in a TypeError. previously, passing hash=None to many handler identify() and verify() methods would return False, while others would raise a TypeError. other handler methods would alternately throw ValueError or TypeError when passed a value that wasn't unicode or bytes. the various CryptContext methods also behaved inconsistently, depending on the behavior of the underlying handler. all of these behaviors are gone, they should all raise the same TypeError. * redid many of the from_string() methods to verify the hash type. * moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods. this cheaply made the secret validation global to all hashes, and lets _calc_digest() implementations trust that the secret is valid. * updated the CryptContext and handler unittests to verify the above behavior is adhered to.
* replaced some common string ops with util funcs (repeat_string, ↵Eli Collins2012-04-102-11/+20
| | | | right_pad_string)
* md5_crypt / sha2-crypt cleanupEli Collins2012-04-102-1/+10
| | | | | * tried to clarify documentation & alg for builtin md5_crypt / sha2-crypt backends * replaced regex parser in sha2-crypt with index-based one - less redundant, and should be faster.
* parse_mc3/render_mc3 helpers now handle rounds str<->int, consolidated a ↵Eli Collins2012-04-101-14/+68
| | | | bunch of redundant code
* passlib.exc: added constructors for common errors, should normalize error ↵Eli Collins2012-04-101-45/+60
| | | | messages
* fixed issue 29 - m2crypto crash may be triggered by keylen > 32, not > 41 as ↵Eli Collins2012-04-091-5/+7
| | | | I previously thought
* *all* hashes now throw PasswordSizeError if password is larger than 4096 ↵Eli Collins2012-04-092-1/+12
| | | | chars; to prevent DOS issues.
* bcrypt workEli Collins2012-03-121-1/+4
| | | | | | | * added code to shoehorn $2$-support wrapper for bcryptor backend * added PasslibSecurityWarning when builtin backend is enabled (still considered whether it should be enabled by default) * py3 compat fix for repair_unused
* doc tweaksEli Collins2012-03-121-3/+3
|
* updated test support & py3 compat code from an external libraryEli Collins2012-03-124-120/+130
| | | | | | | | | | | | | | | | passlib.tests ------------- * deprecated support for unittest 1... accumulated too many backports, planning to require unittest2 in next release. * case_prefix renamed to shortDescription * test case now archives & clears warning registry state in addition to warning filter state passlib.utils.compat -------------------- * a bunch of the bytes-related functions were renamed for clarity * NativeStringIO alias added * trange alias merged into irange
* to_bytes, to_unicode, to_native_str: added special TypeErrors for None, ↵Eli Collins2012-03-101-7/+17
| | | | other small tweaks
* safe_crypt() now handles "*0" and similar error returns from crypt()Eli Collins2012-03-101-6/+21
|
* added some notesEli Collins2012-03-101-1/+5
|
* various bcrypt improvementsEli Collins2012-03-102-7/+130
| | | | | | | | | | | | * studied crypt_blowfish's 8bit bug - verified none of passlib's backends were affected - added recognition (but not support) for crypt_blowfish's $2x$ hash prefix - added support for crypt_blowfish's $2y$ hash prefix - note in docs about Passlib's current handling of crypt_blowfish 8bit issues. * refactored bcrypt's salt-unused-bits repair code into Base64Engine.repair_unused(), making the code cleaner and more isolated. a bunch more tests. * added bcrypt64 (bcrypt-base64 variant) to utils * added LazyBase64Engine to reduce memory / startup time
* cleanup of scram hash; improved norm_digest_name() and moved it to utils.pbkdf2Eli Collins2012-03-101-1/+104
|
* added support for Cisco PIX & Type 7 hashesEli Collins2012-03-101-0/+18
| | | | | | | | * Cisco Type 5 appears to be same as md5_crypt * added requires_user=False support to HandlerCase * added more through salt-generation test (since cisco_pix has only 4 bits of salt) * added HandlerCase test to ensure user is used as salt
* utils.handlers framework reworked; removed a bunch of boilerplate codeEli Collins2012-03-091-285/+337
| | | | | | | | | | | | | | | | | | | | | | | | | | | * StaticHandler is now subclass of GenericHandler - _calc_checksum() should be implemented instead of encrypt(). (compatibility stub added so old code should continue to work) - _norm_hash() no longer needs to handle ->unicode conversion - default from_string() contains a bunch of features, including stripping a known prefix, etc. * context kwds now pulled into constructor, so GenericHandler supports context kwds properly; HasUserContext mixin added to support common 'user' context kwd * identify_regexp & identify_prefix removed, functionality rolled into default GenericHandler.identify() implementation. - default identify checks _hash_regex as potential way to identify hashes * HasStubChecksum removed, functionality rolled into GenericHandler * HasRawChecksum now just sets a flag, functionality moved into GenericHandler * HasManyIdents._parse_ident() helper added to valid & split identifier from hashes. * GenericHandler._norm_checksum() is now strict about unicode / bytes
* renamed calc_checksum() -> _calc_checksum(), hiding the last of the private ↵Eli Collins2012-02-081-17/+17
| | | | methods of most handlers
* renamed passlib.exc warning classesEli Collins2012-02-081-4/+4
|
* documentation updates for last two commitsEli Collins2012-02-081-95/+98
|
* minor tweaks & fixesEli Collins2012-02-081-1/+1
|
* large refactor of GenericHandler internalsEli Collins2012-02-081-166/+192
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | strict keyword -------------- * GenericHandler's "strict" keyword had poorly defined semantics; replaced this with "use_defaults" and "relaxed" keywords. Most handlers' from_string() method specified strict=True. This is now the default behavior, use_defaults=True is enabled only for encrypt() and genconfig(). relaxed=True is enabled only for specific handlers (and unittests) whose code requires it. This *does* break backward compat with passlib 1.5 handlers, but this is mostly and internal class. * missing required settings now throws a TypeError instead of a ValueError, to be more in line with std python behavior. * The norm_xxx functions provided by the GenericHandler mixins (e.g. norm_salt) have been renamed to _norm_xxx() to reflect their private nature; and converted from class methods to instance methods, to simplify their call signature for subclassing. misc ---- * rewrote GenericHandler unittests to use constructor only, instead of poking into norm_salt/norm_rounds internals. * checksum/salt charset checks speed up using set comparison * some small cleanups to FHSP implementation
* simplified crypt.crypt() wrappersEli Collins2012-01-192-45/+64
| | | | | | | * safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure * added test_crypt() wrapper to simplify backend checks. * removed native=True from most to_string() implementations, unused now. * updated UTs
* split exceptions/warnings to separate module; added some additional warning ↵Eli Collins2012-01-184-34/+23
| | | | classes to make filtering easier
View Lorry Controller Status