| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
As part of merge:
* various: reverted the py26 compat fixes from rev 5e2f92012412
* test utils: stripped out "has_real_subtest" compat from rev c732a9e2a582,
since now on py35+, which always has .subTest() method
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(should fix long-standing issue 98)
* test_ext_django:
- Simplified "stock config" setup code. It now gets it's "sha_rounds" value
from the django source, so we don't have to manually update it every time
django changes their default. This should require less maintenance across
minor django releases. (Should fix issue 98, and prevent recurrence)
- Updated tests to account for quirks in how encoded hashes are handled.
Specifically: None, "", and invalid hashes all cause subtly different
behaviors across django versions. tests pass against django 1.8 - 3.1.
- split "empty hash" test out from the loop it shared with "null hash" test,
since the two behave differently.
* tox: expanded envlist to explicitly test a bunch more django versions
(1.8 - 3.1); and remove some needless "django 2.x + py2" tests
* passlib.apps: reformatted django CryptContext declarations;
added one for django 2.1 (which dropped "django_bcrypt" it's default list)
* passlib.ext.django:
- added internal "quirks" helper as central place to track
minor edge-case changes between django versions.
- passlib_to_django() helper now falls back to searching hasher classes
directly, even if patch isn't installed. this allows it to work
for django hashers that have been removed from django's default list.
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| |/ |
|
| | |
|
|/
|
|
|
|
|
|
|
| |
scheduled
for removal in v1.8.
this removes CryptPolicy, unix_fallback, some old HtpasswdFile methods,
and more. tests were updated as well. see history/1.8 for a complete list.
|
| |
|
| |
|
|
|
|
|
|
| |
now stored in public Hash.deprecated attr of returned hashers,
instead of monkeypatching Hash.needs_update().
this removes some cruft from a bunch of places.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django
------------------
* everything in .models relocated to the DjangoContextAdapter() class in .utils.
all that's left in models is a couple of hooks. This consolidates all
the model state into a single object, making it a lot easier to inspect
and optimize.
* consolidated a bunch of (undocumented) helper functions into DjangoTranslator()
class, which now acts as based for DjangoContextAdapter. Translator instances
handle converted passlib <-> django hashers, including caching speed-critical bits.
* wrapper class now has guards against wrong type of hasher being passed in
* wrapper class uses .using() instead of deprecated .hash(**kwds) format.
* updated and confirmed passing tests w/ django 1.10.3
passlib.ext.django tests
------------------------
* split test wrapper for django's internal tests (HashersTest) into separate file,
test_ext_django_source.py, to make it easier to run independantly.
reworked to use patchAttr(wraps=True) rather than less flexible ContextHook() hack
* tries to clean up HashersTest - adapts to django settings,
fixed code syncing .iteration settings back to passlib hashers,
* blocked out some django tests that we can't / won't pass,
documented reasons why.
other
-----
* CryptContext: added temporary hack to access unpatched Hasher.needs_update() method.
* PrefixWrapper: now proxies attr writes if it owns the wrapped hasher.
* test utils: added wrap=True support to patchAttr(), for wrapping arbitrary functions.
|
| |
|
|
|
|
|
| |
this basically reversed rev 5c41b0153d4f; after using it a bit more,
decided the name didn't indicate as well what the method was doing.
|
|
|
|
| |
to match stdlib's convention (for things like str, namedtuple, etc)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
after further consideration (while implementing a handler for argon2),
decided that rolling .genconfig() and .genhash() into the .hash() method
(as was done in rev 1f7421b35b75) put too much complexity into the .hash() method.
this commit walks back those portions of rev 1f7421b35b75 -- .genconfig()
and .genhash() are now implemented for each handler directly.
however, going a little further and completely deprecating .genconfig()
and .genhash() support entirely -- decided there's no need for them in
the public api whatsoever. apps shouldn't need/use them, and the unittests
can use their own workarounds.
* removed "config" keyword from handler.hash() ifc
* removed support for config=None from handler.genhash() -- nothing should use it
now that handler.genconfig() always returns a string.
* marked .genhash() and .genconfig() as completely deprecated, w/ no alternative
* uts: factored out calls which need config only into a .do_stub_encrypt() helper,
as replacement for internal uses of .genconfig()
|
|
|
|
| |
w/ public needs_update() call
|
|
|
|
|
|
|
| |
and not worth the amount of code it requires to support it.
* stripped out vary_rounds from all internal presets
* added deprecation warning if it's ever used
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
.encrypt()
----------
hash.encrypt() & context.encrypt() have been renamed to .hash().
this should take care of the long-standing issue 21 (the poor naming of .encrypt).
per docs, legacy aliases will remain in place until passlib 2.0.
.genhash() / .genconfig()
-------------------------
taking advantage of this reorganization to also deprecate .genconfig()
and .genhash() -- they're not really useful in a modern system,
nor as needed for historical support as initially thought:
.genconfig() will be retired completely in passlib 2.0;
.genhash() is rolled into the new .hash() method along with .encrypt().
|
|
|
|
|
|
|
|
|
| |
announcement
motivation is that django hashers framework has matured greatly
as of django 1.8, and dropping all prior versions not only eases support burden,
but opens up opportunity for integration via less invasive method in a
future passlib release, using django 1.8 as a common base.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
failures were mostly in the unittests, not in passlib proper.
however, to get things working, ended up making some internal improvements
to django integration.
* passlib.ext.django now patches get_hashers() for django 1.8+
* the (still internal) _PasslibHasherWrapper, which wraps a passlib hash
in a django-hasher-compatible api, got an overhaul:
- 'rounds' and 'iterations' attributes now populated from underlying
passlib hasher, so inspecting them gives sane result.
- now autohandles 'rounds' vs 'iterations' to match expected django api.
- bugfix: correct OrderedDict import removed in django 1.9
- .must_update() now mimics django's semantics, using wrapped handler.parse_rounds().
previously just always returned False.
- NOTE: all these changes bring this thing much closer to be able to provide
passlib handlers TO django, rather than having to patch entire django framework.
* unittests
- django 1.7+: populate django apps before test; required as of 1.9
- added rounds settings required for 1.9 test to function
- django tests integratio - now keeps context in sync
for all hashers, not just pbkdf2_sha256; needed to pass some django 1.9 tests.
* django 1.8 is LTS, and <= 1.7 is EOLed, per https://www.djangoproject.com/download/;
so now planning to drop django 1.6 / 1.7 support in passlib 1.7.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* stripped out support for django 1.4/1.5;
removes a TON of edge cases we no longer need.
* added formal MIN_DJANGO_VERSION constant,
moved version check to models._apply() so test cases don't throw error
if older django is present.
* monkeypatcher now supports passed wrapped function as first argument,
simplifies imports & calls w/in models.py
|
|\ \
| |/ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
make_password()'s salt parameter on to the hash (fixes issue 52).
old behavior would incorrectly pass explicit salt provided for hash
that didn't need one; a situation that only occurs in django 1.4.0-1.4.5's
unittests, and was corrected in django 1.4.6's.
new behavior separates out a couple of the cases we were trying to handle,
handles them separately, has better comment explaining what's going on.
|
| |
| |
| |
| | |
(grafted from e9ab0efde79bf018ffabd85eb9afb517462a3cbf)
|
| | |
|
| |
| |
| |
| | |
now requiring django >= 1.4
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
support;
as well as PyPy 1.x and Jython 2.5.
shims removed
-------------
* b() shim replaced with b'' (py25)
* 'bytes' alias no longer needed (py25)
* callable() shim no longer needed (py30,31)
* PY_MIN_32 flag replaced with PY3 flag (py30,31)
* removed 'abc' module stub used by passlib.ifc (py25)
* removed chain_from_iterable() backport (py25)
* tests: removed catch_warnings() backport,
replaced refs with real warnings.catch_warnings() (py25)
* tests: removed unittest2 backports (py25, py30, py31) --
now throw hard error if unittest2 not present under py26
(the only release remaining which lacks the unittest2 features)
* removed SUPPORTS_DIR_METHOD conditional (py25, pypy 1.x)
* some other minor workarounds
other
-----
* added check in passlib.compat which now throws error telling user
version isn't supported (to prevent spurious errors later)
|
|/ |
|
| |
|
|
|
|
| |
comment 7) (transplant of r1f5b8860b743 from default branch)
|
|
|
|
|
|
|
|
| |
* added implementation of django 1.6's bcrypt_sha256 hasher, and UTs
* added django16 premade context to passlib.apps, made it default django_context
* test_ext_django now makes use of django16_context
* passlib.ext.django.utils.get_preset_config() now uses django16_context
* tox 'django' and 'django-py3' now test bcrypt integration
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django & it's tests have gotten out of sync with django,
leading to a number of UT failures, as reported in issue 50.
tests now pass on django 1.2 through 1.6
passlib.ext.django
------------------
mimic changes in django's hasher logic:
* handle unsalted_sha1 hasher (django 1.4.6+)
* check_password(): empty hashes return False, rather throw error (django 1.5+
* allow empty passwords (django 1.6+)
* generate unusuable password suffixes (django 1.6+)
passlib.hash
------------
* django_des_crypt: added "use_duplicate_salt" class attr,
allowing tests to enable django 1.4+ style hashes which omit 1st salt.
* django_disabled: added support for django 1.6+ random suffixes
passlib.tests
-------------
* test_ext_django: lots of changes to verify django 1.5/1.6 behavior
* test_handlers_django: split django tests out of test_handlers
to make it easiers to run django-related tests.
* added workaround for encoding glitch in salted_md5 / salted_sha1 hashers (django 1.5+)
|
|
|
|
|
|
| |
* hash_needs_update() now issues deprecation warning.
* deprecated_function decorator appends CR to docstring if needed.
* rng genseed() fallback now gulps down a bunch more entropy
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- monkeypatching now formalized w/ a patch manager,
and should be *much* more resilient.
- patch states reduced greatly, simplified code and tests
- now handles django 1.4 correctly - patches hashers module as well
(had to write some new wrappers)
- added experimental methods GenericHandler.parsehash() to back our wrapper of Hasher.safe_summary()
- XXX: doesn't currently import current HASHER state,
- XXX: can't import hashers into passlib either -- though left initial notes on this
|
|
|
|
| |
directly
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* passing a non-string secret or non-string hash to any
CryptContext or handler method will now reliably result
in a TypeError.
previously, passing hash=None to many handler identify() and verify()
methods would return False, while others would raise a TypeError.
other handler methods would alternately throw ValueError or TypeError
when passed a value that wasn't unicode or bytes.
the various CryptContext methods also behaved inconsistently,
depending on the behavior of the underlying handler.
all of these behaviors are gone, they should all raise the same TypeError.
* redid many of the from_string() methods to verify the hash type.
* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
this cheaply made the secret validation global to all hashes, and lets
_calc_digest() implementations trust that the secret is valid.
* updated the CryptContext and handler unittests to verify the above behavior is adhered to.
|
|
|
|
| |
(may not support django 1.4 until passlib 1.7)
|
|
|
|
| |
classes to make filtering easier
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved bytes compat functions from utils to utils.compat
(bord, bjoin, bjoin_ints, bjoin_elems, ujoin)
* renamed bord -> belem_ord for clarify
* a bunch of to_native_str() always use ascii, and
have fixed input types (always bytes or always unicode).
these don't need overhead of to_native_str(), so replaced
those calls with two new funcs: compat.bascii_to_str() /
compat.uascii_to_str()
* cleaned up a lot of imports from utils/utils.compat to
pull from correct module
* simplified the to_string() logic of a bunch of handlers
to reduce unicode<->byte transitions
|
|
|
|
|
|
|
|
| |
this distinguishes the types, so that for isinstance() tests...
* 'unicode' always means the unicode type
* 'bytes' always means the bytes type
* 'str' always means the native string type
|
| |
|
|
|
|
| |
on GAE)
|