1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
.. -*- restructuredtext -*-
===============
Release History
===============
**1.5.1** (NOT YET RELEASED)
* Google App Engine compatibility:
- bugfix: make ``passlib.hash.__loader__`` attribute writable -
needed by Google App Engine [issue 19]
- provide fallback for loading ``passlib/default.cfg``
if :mod:`pkg_resources` is not present.
* bugfix: fixed error thrown by CryptContext.verify
when issuing min_verify_time warning [issue 17]
* removed min_verify_time setting from custom_app_context,
min_verify_time is too host & load dependant to be hardcoded [issue 17].
* more UT coverage for :mod:`passlib.apps` and :mod:`passlib.hosts`
**1.5** (2011-07-11)
*"20% more unicode than the leading breakfast cereal"*
The main new feature in this release is that
Passlib now supports Python 3 (via the 2to3 tool).
Everything has been recoded to have better separation
between unicode and bytes, and to use unicode internally
where possible.
When run under Python 2, Passlib 1.5 attempts
to provide the same behavior as Passlib 1.4;
but when run under Python 3, most functions
will return unicode instead of ascii bytes.
Besides this major change, there have
been some other additions:
Hashes
* added support for Cryptacular's PBKDF2 format.
* added support for the FSHP family of hashes.
* added support for using BCryptor as BCrypt backend.
* added support for all of Django's hash formats.
CryptContext
* interpolation deprecation:
:meth:`CryptPolicy.from_file` and :meth:`CryptPolicy.from_string`
now use SafeConfigParser instead of ConfigParser.
This may cause some existing config files containing unescaped ``%``
to result in errors; Passlib 1.5 will demote these to warnings,
but any extant config files should be updated,
as the errors will be fatal in Passlib 1.6.
* added encoding keyword to :class:`!CryptPolicy`'s
:meth:`!.from_path()`, :meth:`!.from_string`,
and :meth:`!.to_string` methods.
* both classes in :mod:`passlib.apache`
now support specifying an encoding for the username/realm.
Documentation
* Password Hash API expanded to include explicit
:ref:`unicode vs bytes policy <hash-unicode-behavior>`.
* Added quickstart guide to documentation.
* Various minor improvements.
Utilities
* Added more handler utility functions to reduce code duplication.
* Expanded kdf helpers in :mod:`passlib.utils.pbkdf2`.
* Removed deprecated parts of :mod:`passlib.utils.handlers`.
* Various minor changes to
:class:`passlib.utils.handlers.HasManyBackends`;
main change is that multi-backend handlers now raise
:exc:`~passlib.utils.MissingBackendError`
if no backends are available.
Other
* Builtin tests now use :mod:`!unittest2` if available.
* Setup script no longer requires distribute or setuptools.
* added (undocumented, experimental) Django app
for overriding Django's default hash format,
see ``docs/lib/passlib.ext.django.rst`` for more.
**1.4** (2011-05-04)
This release contains a large number of changes, both large and small.
It adds a number of PBKDF2-based schemes, better support
for LDAP-format hashes, improved documentation,
and faster load times. In detail...
Hashes
* added LDAP ``{CRYPT}`` support for all hashes
known to be supported by OS crypt()
* added 3 custom PBKDF2 schemes for general use,
as well as 3 LDAP-compatible versions.
* added support for Dwayne Litzenberger's PBKDF2 scheme.
* added support for Grub2's PBKDF2 hash scheme.
* added support for Atlassian's PBKDF2 password hash
* added support for all hashes used by the Roundup Issue Tracker
* bsdi_crypt, sha1_crypt now check for OS crypt() support
* ``salt_size`` keyword added to encrypt() method of all
the hashes which support variable-length salts.
* security fix: disabled unix_fallback's "wildcard password" support
unless explicitly enabled by user.
CryptContext
* host_context now dynamically detects which formats
OS crypt() supports, instead of guessing based on sys.platform.
* added predefined context for Roundup Issue Tracker database.
* added CryptContext.verify_and_update() convience method,
to make it easier to perform both operations at once.
* bugfix: fixed NameError in category+min_verify_time border case
Documentation
* greatly expanded documentation on how to use CryptContexts.
* roughly documented framework for writing & testing
custom password handlers.
* various minor improvements.
Utilities
* added generate_password() convenience method
* refactored framework for building hash handlers,
using new mixin-based system.
* deprecated old handler framework - will remove in 1.5
* deprecated list_to_bytes & bytes_to_list - not used, will remove in 1.5
Internals
* apps & hosts now use new LazyCryptContext wrapper class -
should speed up initial import, and reduce memory
by not loading uneeded hashes.
* password hash api - as part of cleaning up optional attributes
specification, renamed a number of them to reduce ambiguity:
- renamed *{xxx}_salt_chars* attributes -> *xxx_salt_size*
- renamed *salt_charset* -> *salt_chars*
- old attributes still present, but deprecated - will remove in 1.5
* password hash api - tightened specifications for salt & rounds parameters,
added support for hashes w/ no max salt size.
* improved password hash api conformance tests
* PyPy compatibility
**1.3.1** (2011-03-28)
* bugfix: replaced "sys.maxsize" reference that was failing under py25
* bugfix: fixed default_rounds>max_rounds border case that could
cause ValueError during CryptContext.encrypt()
* minor documentation changes
* added instructions for building html documentation from source
**1.3** (2011-03-25)
* first public release
* documentation completed
* 99% unittest coverage
* some refactoring and lots of bugfixes
* added support for a number of addtional password schemes:
bigcrypt, crypt16, sun md5 crypt, nthash, lmhash, oracle10 & 11,
phpass, sha1, generic hex digests, ldap digests.
**1.2** (2011-01-06)
* many bugfixes
* global registry added
* transitional release for applications using BPS library.
* first truly functional release since splitting from BPS library (see below).
.. note::
For all previous versions, PassLib did not exist independantly,
but as a subpackage of *BPS*, a private & unreleased toolkit library.
**1.0** (2009-12-11)
* CryptContext & CryptHandler framework
* added support for: des-crypt, bcrypt (via pybcrypt), postgres, mysql
* added unit tests
**0.5** (2008-05-10)
* initial production version
* consolidated from code scattered across multiple applications
* MD5-Crypt, SHA256-Crypt, SHA512-Crypt support
|
