| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
As part of merge:
* various: reverted the py26 compat fixes from rev 5e2f92012412
* test utils: stripped out "has_real_subtest" compat from rev c732a9e2a582,
since now on py35+, which always has .subTest() method
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(should fix long-standing issue 98)
* test_ext_django:
- Simplified "stock config" setup code. It now gets it's "sha_rounds" value
from the django source, so we don't have to manually update it every time
django changes their default. This should require less maintenance across
minor django releases. (Should fix issue 98, and prevent recurrence)
- Updated tests to account for quirks in how encoded hashes are handled.
Specifically: None, "", and invalid hashes all cause subtly different
behaviors across django versions. tests pass against django 1.8 - 3.1.
- split "empty hash" test out from the loop it shared with "null hash" test,
since the two behave differently.
* tox: expanded envlist to explicitly test a bunch more django versions
(1.8 - 3.1); and remove some needless "django 2.x + py2" tests
* passlib.apps: reformatted django CryptContext declarations;
added one for django 2.1 (which dropped "django_bcrypt" it's default list)
* passlib.ext.django:
- added internal "quirks" helper as central place to track
minor edge-case changes between django versions.
- passlib_to_django() helper now falls back to searching hasher classes
directly, even if patch isn't installed. this allows it to work
for django hashers that have been removed from django's default list.
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| |/ |
|
| | |
|
|/
|
|
|
|
|
|
|
| |
scheduled
for removal in v1.8.
this removes CryptPolicy, unix_fallback, some old HtpasswdFile methods,
and more. tests were updated as well. see history/1.8 for a complete list.
|
| |
|
| |
|
|
|
|
|
|
| |
now stored in public Hash.deprecated attr of returned hashers,
instead of monkeypatching Hash.needs_update().
this removes some cruft from a bunch of places.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django
------------------
* everything in .models relocated to the DjangoContextAdapter() class in .utils.
all that's left in models is a couple of hooks. This consolidates all
the model state into a single object, making it a lot easier to inspect
and optimize.
* consolidated a bunch of (undocumented) helper functions into DjangoTranslator()
class, which now acts as based for DjangoContextAdapter. Translator instances
handle converted passlib <-> django hashers, including caching speed-critical bits.
* wrapper class now has guards against wrong type of hasher being passed in
* wrapper class uses .using() instead of deprecated .hash(**kwds) format.
* updated and confirmed passing tests w/ django 1.10.3
passlib.ext.django tests
------------------------
* split test wrapper for django's internal tests (HashersTest) into separate file,
test_ext_django_source.py, to make it easier to run independantly.
reworked to use patchAttr(wraps=True) rather than less flexible ContextHook() hack
* tries to clean up HashersTest - adapts to django settings,
fixed code syncing .iteration settings back to passlib hashers,
* blocked out some django tests that we can't / won't pass,
documented reasons why.
other
-----
* CryptContext: added temporary hack to access unpatched Hasher.needs_update() method.
* PrefixWrapper: now proxies attr writes if it owns the wrapped hasher.
* test utils: added wrap=True support to patchAttr(), for wrapping arbitrary functions.
|
| |
|
|
|
|
|
| |
this basically reversed rev 5c41b0153d4f; after using it a bit more,
decided the name didn't indicate as well what the method was doing.
|
|
|
|
| |
to match stdlib's convention (for things like str, namedtuple, etc)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
after further consideration (while implementing a handler for argon2),
decided that rolling .genconfig() and .genhash() into the .hash() method
(as was done in rev 1f7421b35b75) put too much complexity into the .hash() method.
this commit walks back those portions of rev 1f7421b35b75 -- .genconfig()
and .genhash() are now implemented for each handler directly.
however, going a little further and completely deprecating .genconfig()
and .genhash() support entirely -- decided there's no need for them in
the public api whatsoever. apps shouldn't need/use them, and the unittests
can use their own workarounds.
* removed "config" keyword from handler.hash() ifc
* removed support for config=None from handler.genhash() -- nothing should use it
now that handler.genconfig() always returns a string.
* marked .genhash() and .genconfig() as completely deprecated, w/ no alternative
* uts: factored out calls which need config only into a .do_stub_encrypt() helper,
as replacement for internal uses of .genconfig()
|
|
|
|
| |
w/ public needs_update() call
|
|
|
|
|
|
|
| |
and not worth the amount of code it requires to support it.
* stripped out vary_rounds from all internal presets
* added deprecation warning if it's ever used
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.encrypt()
----------
hash.encrypt() & context.encrypt() have been renamed to .hash().
this should take care of the long-standing issue 21 (the poor naming of .encrypt).
per docs, legacy aliases will remain in place until passlib 2.0.
.genhash() / .genconfig()
-------------------------
taking advantage of this reorganization to also deprecate .genconfig()
and .genhash() -- they're not really useful in a modern system,
nor as needed for historical support as initially thought:
.genconfig() will be retired completely in passlib 2.0;
.genhash() is rolled into the new .hash() method along with .encrypt().
|
|
|
|
|
|
|
|
|
| |
announcement
motivation is that django hashers framework has matured greatly
as of django 1.8, and dropping all prior versions not only eases support burden,
but opens up opportunity for integration via less invasive method in a
future passlib release, using django 1.8 as a common base.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
failures were mostly in the unittests, not in passlib proper.
however, to get things working, ended up making some internal improvements
to django integration.
* passlib.ext.django now patches get_hashers() for django 1.8+
* the (still internal) _PasslibHasherWrapper, which wraps a passlib hash
in a django-hasher-compatible api, got an overhaul:
- 'rounds' and 'iterations' attributes now populated from underlying
passlib hasher, so inspecting them gives sane result.
- now autohandles 'rounds' vs 'iterations' to match expected django api.
- bugfix: correct OrderedDict import removed in django 1.9
- .must_update() now mimics django's semantics, using wrapped handler.parse_rounds().
previously just always returned False.
- NOTE: all these changes bring this thing much closer to be able to provide
passlib handlers TO django, rather than having to patch entire django framework.
* unittests
- django 1.7+: populate django apps before test; required as of 1.9
- added rounds settings required for 1.9 test to function
- django tests integratio - now keeps context in sync
for all hashers, not just pbkdf2_sha256; needed to pass some django 1.9 tests.
* django 1.8 is LTS, and <= 1.7 is EOLed, per https://www.djangoproject.com/download/;
so now planning to drop django 1.6 / 1.7 support in passlib 1.7.
|
| |
| |
| |
| | |
(grafted from e9ab0efde79bf018ffabd85eb9afb517462a3cbf)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stripped out support for django 1.4/1.5;
removes a TON of edge cases we no longer need.
* added formal MIN_DJANGO_VERSION constant,
moved version check to models._apply() so test cases don't throw error
if older django is present.
* monkeypatcher now supports passed wrapped function as first argument,
simplifies imports & calls w/in models.py
|
| | |
|
| |
| |
| |
| | |
now requiring django >= 1.4
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
support;
as well as PyPy 1.x and Jython 2.5.
shims removed
-------------
* b() shim replaced with b'' (py25)
* 'bytes' alias no longer needed (py25)
* callable() shim no longer needed (py30,31)
* PY_MIN_32 flag replaced with PY3 flag (py30,31)
* removed 'abc' module stub used by passlib.ifc (py25)
* removed chain_from_iterable() backport (py25)
* tests: removed catch_warnings() backport,
replaced refs with real warnings.catch_warnings() (py25)
* tests: removed unittest2 backports (py25, py30, py31) --
now throw hard error if unittest2 not present under py26
(the only release remaining which lacks the unittest2 features)
* removed SUPPORTS_DIR_METHOD conditional (py25, pypy 1.x)
* some other minor workarounds
other
-----
* added check in passlib.compat which now throws error telling user
version isn't supported (to prevent spurious errors later)
|
|/ |
|
| |
|
|
|
|
| |
comment 7) (transplant of r1f5b8860b743 from default branch)
|
|
|
|
|
|
|
|
| |
* added implementation of django 1.6's bcrypt_sha256 hasher, and UTs
* added django16 premade context to passlib.apps, made it default django_context
* test_ext_django now makes use of django16_context
* passlib.ext.django.utils.get_preset_config() now uses django16_context
* tox 'django' and 'django-py3' now test bcrypt integration
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django & it's tests have gotten out of sync with django,
leading to a number of UT failures, as reported in issue 50.
tests now pass on django 1.2 through 1.6
passlib.ext.django
------------------
mimic changes in django's hasher logic:
* handle unsalted_sha1 hasher (django 1.4.6+)
* check_password(): empty hashes return False, rather throw error (django 1.5+
* allow empty passwords (django 1.6+)
* generate unusuable password suffixes (django 1.6+)
passlib.hash
------------
* django_des_crypt: added "use_duplicate_salt" class attr,
allowing tests to enable django 1.4+ style hashes which omit 1st salt.
* django_disabled: added support for django 1.6+ random suffixes
passlib.tests
-------------
* test_ext_django: lots of changes to verify django 1.5/1.6 behavior
* test_handlers_django: split django tests out of test_handlers
to make it easiers to run django-related tests.
* added workaround for encoding glitch in salted_md5 / salted_sha1 hashers (django 1.5+)
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- monkeypatching now formalized w/ a patch manager,
and should be *much* more resilient.
- patch states reduced greatly, simplified code and tests
- now handles django 1.4 correctly - patches hashers module as well
(had to write some new wrappers)
- added experimental methods GenericHandler.parsehash() to back our wrapper of Hasher.safe_summary()
- XXX: doesn't currently import current HASHER state,
- XXX: can't import hashers into passlib either -- though left initial notes on this
|
| |
|
|
|
|
| |
(may not support django 1.4 until passlib 1.7)
|
|
|
|
| |
classes to make filtering easier
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved bytes compat functions from utils to utils.compat
(bord, bjoin, bjoin_ints, bjoin_elems, ujoin)
* renamed bord -> belem_ord for clarify
* a bunch of to_native_str() always use ascii, and
have fixed input types (always bytes or always unicode).
these don't need overhead of to_native_str(), so replaced
those calls with two new funcs: compat.bascii_to_str() /
compat.uascii_to_str()
* cleaned up a lot of imports from utils/utils.compat to
pull from correct module
* simplified the to_string() logic of a bunch of handlers
to reduce unicode<->byte transitions
|
| |
|
|
|
|
| |
on GAE)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
even though it hasn't been officially documented,
some people are using it, so...
major
-----
* DEFAULT_CTX now uses SHA512-Crypt instead of PBKDF2-HMAC-SHA256,
this should be natively supported on a larger number of platforms.
* added full unittest suite for passlib.ext.django:
- checks monkeypatch implementation
- checks full plugin behavior
- STOCK_CTX is compared against official Django behavior
minor
-----
* ``set_django_password_context()`` now patches ``django.contrib.auth.models.check_password()``
as well as User methods.
* now exposes active context as ``User.password_context`` when patch is enabled.
* replacement ``User.check_password`` now handles None and unusable passwords explicitly,
even if context doesn't include support for django_disabled.
|
|
|
|
|
|
| |
to support pbkdf2
* docs & module currently hidden since it hasn't had much testing yet (and may split out into separate package anyway)
|
|
* django hashes cleaned up, UTs added
* added passlib.apps.django_context for reading existing django hashes
* added experimental django plugin "passlib.ext.django" which monkeypatches django to use pbkdf2_sha256 (and many other features)
* not listing in changelog or documenting just yet, needs more testing
|