| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* passing a non-string secret or non-string hash to any
CryptContext or handler method will now reliably result
in a TypeError.
previously, passing hash=None to many handler identify() and verify()
methods would return False, while others would raise a TypeError.
other handler methods would alternately throw ValueError or TypeError
when passed a value that wasn't unicode or bytes.
the various CryptContext methods also behaved inconsistently,
depending on the behavior of the underlying handler.
all of these behaviors are gone, they should all raise the same TypeError.
* redid many of the from_string() methods to verify the hash type.
* moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods.
this cheaply made the secret validation global to all hashes, and lets
_calc_digest() implementations trust that the secret is valid.
* updated the CryptContext and handler unittests to verify the above behavior is adhered to.
|
| |
|
|
| |
bunch of redundant code
|
| |
|
|
| |
messages
|
| |
|
|
|
|
|
| |
was using default policy to store recommended defaults for hashes,
but it only affects CryptContext objects, and users seem to frequent
using the handler objects directly - so going to store recommended
defaults in the handler from now on.
|
| |
|
|
| |
reliably
|
| |
|
|
| |
methods of most handlers
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
strict keyword
--------------
* GenericHandler's "strict" keyword had poorly defined semantics;
replaced this with "use_defaults" and "relaxed" keywords.
Most handlers' from_string() method specified strict=True.
This is now the default behavior, use_defaults=True is enabled
only for encrypt() and genconfig(). relaxed=True is enabled
only for specific handlers (and unittests) whose code requires it.
This *does* break backward compat with passlib 1.5 handlers,
but this is mostly and internal class.
* missing required settings now throws a TypeError instead of
a ValueError, to be more in line with std python behavior.
* The norm_xxx functions provided by the GenericHandler mixins
(e.g. norm_salt) have been renamed to _norm_xxx() to reflect their
private nature; and converted from class methods to instance
methods, to simplify their call signature for subclassing.
misc
----
* rewrote GenericHandler unittests to use constructor only,
instead of poking into norm_salt/norm_rounds internals.
* checksum/salt charset checks speed up using set comparison
* some small cleanups to FHSP implementation
|
| |
|
|
| |
classes to make filtering easier
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* moved bytes compat functions from utils to utils.compat
(bord, bjoin, bjoin_ints, bjoin_elems, ujoin)
* renamed bord -> belem_ord for clarify
* a bunch of to_native_str() always use ascii, and
have fixed input types (always bytes or always unicode).
these don't need overhead of to_native_str(), so replaced
those calls with two new funcs: compat.bascii_to_str() /
compat.uascii_to_str()
* cleaned up a lot of imports from utils/utils.compat to
pull from correct module
* simplified the to_string() logic of a bunch of handlers
to reduce unicode<->byte transitions
|
| | |
|
|
|
* refactoring policy kwd parsing & separation with crypt context
* internal record objects now part of context instead of policy.
* min_verify_time now handled by record objects, now optimized away entirely if not used.
* new interface to policy is currently private, will probably delay deprecated / revising
public interface until next release.
* creating policy & context objects is now 30% faster.
* shortened code path when calling context objects now 14% faster.
|
