| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
As part of merge:
* various: reverted the py26 compat fixes from rev 5e2f92012412
* test utils: stripped out "has_real_subtest" compat from rev c732a9e2a582,
since now on py35+, which always has .subTest() method
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(should fix long-standing issue 98)
* test_ext_django:
- Simplified "stock config" setup code. It now gets it's "sha_rounds" value
from the django source, so we don't have to manually update it every time
django changes their default. This should require less maintenance across
minor django releases. (Should fix issue 98, and prevent recurrence)
- Updated tests to account for quirks in how encoded hashes are handled.
Specifically: None, "", and invalid hashes all cause subtly different
behaviors across django versions. tests pass against django 1.8 - 3.1.
- split "empty hash" test out from the loop it shared with "null hash" test,
since the two behave differently.
* tox: expanded envlist to explicitly test a bunch more django versions
(1.8 - 3.1); and remove some needless "django 2.x + py2" tests
* passlib.apps: reformatted django CryptContext declarations;
added one for django 2.1 (which dropped "django_bcrypt" it's default list)
* passlib.ext.django:
- added internal "quirks" helper as central place to track
minor edge-case changes between django versions.
- passlib_to_django() helper now falls back to searching hasher classes
directly, even if patch isn't installed. this allows it to work
for django hashers that have been removed from django's default list.
|
| | |
|
| | |
|
|/
|
|
| |
removing unittest2 also allowed removing "passlib.tests.backports"
|
|
|
|
| |
removed "gae" from tox suite (no meaningful difference from posix tests)
|
| |
|
|
|
|
| |
(fixes issue 115)
|
|
|
|
|
|
|
|
| |
* removed py26, py33 from default list, tox/pip no longer handle them
* added py37, py38 aliases
* added "django1x" test target
|
| |
|
| |
|
| |
|
|
|
|
| |
(a few minor tweaks to UTs so everything passes)
|
| |
|
|
|
|
|
|
| |
* switched to custom sphinx-fulltoc branch for now, due to readthedocs issue
* added tox.ini environment to test documentation building
* fixed rst warnings about dup target & missing document
|
|
|
|
|
|
|
| |
* tweaked passlib's format to follow argon2 and
use explicit param names + normal base64 encoding
* added support for openwall's $7$ format
* moved hash tests to separate file
|
|
|
|
|
|
|
|
| |
* b"" prefix added to a few strings in argon2 hash & tests
* misc tests: get_handler_case() -- added argon2 to list of conditionally available hashes
* consteq test: pypy's compare_digest() supports non-ascii unicode(), unlike cpython
* old pbkdf2() tests: account for keylen=0 now throwing error
* tox.ini: disable testing w/ cryptography under pypy, not installing properly.
|
|
|
|
|
| |
(a border case anyways), and hashlib or fastpbkdf2 are much better choices
for this use case.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* passlib.handlers.argon2 module contains 'argon2' hasher class,
for both argon2_cffi & argon2pure packages as backends.
* added UTs from argon2 clib source, as well as some from argon2_cffi,
and some more custom hashes.
* UT harness: added limit so salt range test doesn't eat up all the memory under argon2.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scrypt kdf code
- relocated scrypt kdf code to passlib.crypto.scrypt
- py3 compat fixes
- split UTs out into separate file
- removed "non-power of 2" support, not needed.
- added wrapper which can toggle between builtin backend,
and extenrnal scrypt package.
- factored out n/r/p validation code so it can be used independantly
of calling kdf itself.
* passlib.handlers.scrypt: added scrypt handler which wraps the kdf.
- added some custom test strings, as well as adapted some reference values
from the scrypt whitepaper.
- added documentation page
- integrated scrypt kdf wrapper w/ hash's HasManyBackends api
|
|
|
|
| |
to tox.ini
|
|
|
|
|
|
|
|
|
| |
announcement
motivation is that django hashers framework has matured greatly
as of django 1.8, and dropping all prior versions not only eases support burden,
but opens up opportunity for integration via less invasive method in a
future passlib release, using django 1.8 as a common base.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
failures were mostly in the unittests, not in passlib proper.
however, to get things working, ended up making some internal improvements
to django integration.
* passlib.ext.django now patches get_hashers() for django 1.8+
* the (still internal) _PasslibHasherWrapper, which wraps a passlib hash
in a django-hasher-compatible api, got an overhaul:
- 'rounds' and 'iterations' attributes now populated from underlying
passlib hasher, so inspecting them gives sane result.
- now autohandles 'rounds' vs 'iterations' to match expected django api.
- bugfix: correct OrderedDict import removed in django 1.9
- .must_update() now mimics django's semantics, using wrapped handler.parse_rounds().
previously just always returned False.
- NOTE: all these changes bring this thing much closer to be able to provide
passlib handlers TO django, rather than having to patch entire django framework.
* unittests
- django 1.7+: populate django apps before test; required as of 1.9
- added rounds settings required for 1.9 test to function
- django tests integratio - now keeps context in sync
for all hashers, not just pbkdf2_sha256; needed to pass some django 1.9 tests.
* django 1.8 is LTS, and <= 1.7 is EOLed, per https://www.djangoproject.com/download/;
so now planning to drop django 1.6 / 1.7 support in passlib 1.7.
|
| | |
|
|/
|
|
|
|
|
|
|
|
|
|
| |
* stripped out support for django 1.4/1.5;
removes a TON of edge cases we no longer need.
* added formal MIN_DJANGO_VERSION constant,
moved version check to models._apply() so test cases don't throw error
if older django is present.
* monkeypatcher now supports passed wrapped function as first argument,
simplifies imports & calls w/in models.py
|
|
|
|
| |
environments, otherwise the others ones confusingly get the wrong django source.
|
|
|
|
|
|
| |
for full integration tests to run in this case, user has to provide
path to django source as $PASSLIB_TESTS_DJANGO_SOURCE_PATH.
should match version of django being tested.
|
|
|
|
| |
but with some additional updates. needs to be merged back.
|
|
|
|
|
|
|
|
|
|
|
| |
make_password()'s salt parameter on to the hash (fixes issue 52).
old behavior would incorrectly pass explicit salt provided for hash
that didn't need one; a situation that only occurs in django 1.4.0-1.4.5's
unittests, and was corrected in django 1.4.6's.
new behavior separates out a couple of the cases we were trying to handle,
handles them separately, has better comment explaining what's going on.
|
|
|
|
| |
added tox case to catch it also
|
| |
|
|
|
|
|
| |
tox, virtualenv, setuptools no longer supporting py25, have to run those manually.
should consider dropping py25 in passlib 1.7.
|
|
|
|
|
| |
* a number of hashes now feed off pbkdf2_XXX.default_rounds
* added security note re: dlitz_pbkdf2_sha1
|
|
|
|
|
|
|
|
| |
* added implementation of django 1.6's bcrypt_sha256 hasher, and UTs
* added django16 premade context to passlib.apps, made it default django_context
* test_ext_django now makes use of django16_context
* passlib.ext.django.utils.get_preset_config() now uses django16_context
* tox 'django' and 'django-py3' now test bcrypt integration
|
|
|
|
| |
also split bcrypt handler tests out into separate file for ease of testing
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
passlib.ext.django & it's tests have gotten out of sync with django,
leading to a number of UT failures, as reported in issue 50.
tests now pass on django 1.2 through 1.6
passlib.ext.django
------------------
mimic changes in django's hasher logic:
* handle unsalted_sha1 hasher (django 1.4.6+)
* check_password(): empty hashes return False, rather throw error (django 1.5+
* allow empty passwords (django 1.6+)
* generate unusuable password suffixes (django 1.6+)
passlib.hash
------------
* django_des_crypt: added "use_duplicate_salt" class attr,
allowing tests to enable django 1.4+ style hashes which omit 1st salt.
* django_disabled: added support for django 1.6+ random suffixes
passlib.tests
-------------
* test_ext_django: lots of changes to verify django 1.5/1.6 behavior
* test_handlers_django: split django tests out of test_handlers
to make it easiers to run django-related tests.
* added workaround for encoding glitch in salted_md5 / salted_sha1 hashers (django 1.5+)
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* bcrypt fuzz fix: detect $2$ hashes w/ passwords like 'abc' 'abcabc' and regenerate,
since $2$ would hash them the same. one in a million chance, but I hit it.
* django_bcrypt: skip multi-ident testing entirely, only one prefix is used.
* get_fuzz_settings() now handles passwords too, so handlers can alter them
* get_fuzz_ident() now checks os_supports_ident() directly, so bcrypt test doesn't have to
* test_14_salt_chars now cleans up salt, so bcrypt test doesn't have to
* glitch in fuzz skip code
* add tox.ini to sdist
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* split ut2 backports into separate module to keep them distinct from customizations
* added backport of skip() / skipIf(), simplified a bunch of code
* "PASSLIB_TESTS" env var renamed to "PASSLIB_TEST_MODE",
has one of three values (quick,default,full)
* assertWarningList() can now be used as context manager
* added TestCase.mktemp(), and some capability tests via TestCase.require_xxx()
* HandlerCase
- subclasses can now modify do_xxx() settings and context using unified interface.
- defaults to lower number of rounds for all hashes, to speed up UTs
- create_backend_case() is now classmethod that yields multiple backends
- added test to ensure os_crypt hashes forbid NULL chars
- EncodingHandlerMixin for common tests of 'encoding' keyword
|
| |
|
| |
|
| |
|
| |
|
|
|