summaryrefslogtreecommitdiff
path: root/docs/lib
Commit message (Collapse)AuthorAgeFilesLines
* disabling saslprep() support under Jython - it lacks the stringprep moduleEli Collins2012-04-171-0/+5
|
* CryptPolicy deprecation, part 5 - updated docs, changelog, benchmark scriptEli Collins2012-04-175-88/+113
|
* updated passlib.apache module's api - more flexible to use, changed some ↵Eli Collins2012-04-171-13/+20
| | | | ambiguous method names
* issue warning if app requests even bsdi_crypt roundsEli Collins2012-04-131-10/+17
|
* work on des_crypt familyEli Collins2012-04-132-2/+2
| | | | | * cleaned up source of des_crypt variants and DES util functions * DES utils functions now have tighter input validation, full UT coverage
* ldap salted digest improvementsEli Collins2012-04-091-3/+12
| | | | | | * support variable salt size of 4-16 bytes [issue 30]. * throw correct error when invalid base64 encoding is encountered. * added some test vectors for the above.
* *all* hashes now throw PasswordSizeError if password is larger than 4096 ↵Eli Collins2012-04-091-0/+1
| | | | chars; to prevent DOS issues.
* removed default policy file & objectEli Collins2012-04-091-8/+0
| | | | | | | was using default policy to store recommended defaults for hashes, but it only affects CryptContext objects, and users seem to frequent using the handler objects directly - so going to store recommended defaults in the handler from now on.
* bcrypt workEli Collins2012-03-121-0/+1
| | | | | | | * added code to shoehorn $2$-support wrapper for bcryptor backend * added PasslibSecurityWarning when builtin backend is enabled (still considered whether it should be enabled by default) * py3 compat fix for repair_unused
* updated passlib.ext.django; made some notes about django 1.4Eli Collins2012-03-121-32/+33
| | | | (may not support django 1.4 until passlib 1.7)
* doc tweaksEli Collins2012-03-123-5/+17
|
* updated test support & py3 compat code from an external libraryEli Collins2012-03-121-9/+9
| | | | | | | | | | | | | | | | passlib.tests ------------- * deprecated support for unittest 1... accumulated too many backports, planning to require unittest2 in next release. * case_prefix renamed to shortDescription * test case now archives & clears warning registry state in addition to warning filter state passlib.utils.compat -------------------- * a bunch of the bytes-related functions were renamed for clarity * NativeStringIO alias added * trange alias merged into irange
* doc tweaksEli Collins2012-03-102-8/+8
|
* various bcrypt improvementsEli Collins2012-03-101-3/+33
| | | | | | | | | | | | * studied crypt_blowfish's 8bit bug - verified none of passlib's backends were affected - added recognition (but not support) for crypt_blowfish's $2x$ hash prefix - added support for crypt_blowfish's $2y$ hash prefix - note in docs about Passlib's current handling of crypt_blowfish 8bit issues. * refactored bcrypt's salt-unused-bits repair code into Base64Engine.repair_unused(), making the code cleaner and more isolated. a bunch more tests. * added bcrypt64 (bcrypt-base64 variant) to utils * added LazyBase64Engine to reduce memory / startup time
* cleanup of scram hash; improved norm_digest_name() and moved it to utils.pbkdf2Eli Collins2012-03-102-16/+46
|
* did rewrite of unix_fallback as unix_disabled; unix_fallback is now deprecatedEli Collins2012-03-104-57/+50
|
* added Window's DCC hashes (aka mscache / mscash) version 1 & 2Eli Collins2012-03-103-2/+206
|
* renamed nthash -> bsd_nthash; added real nthash implementedEli Collins2012-03-102-30/+55
| | | | | | | after some thought, realized the 'nthash' name should implement the raw hash. since bsd_nthash was very rarely used, it shouldn't present backwards incompatibility issues at this point to go ahead and rename it.
* added support for lmhashEli Collins2012-03-102-0/+164
|
* added support for Cisco PIX & Type 7 hashesEli Collins2012-03-104-6/+315
| | | | | | | | * Cisco Type 5 appears to be same as md5_crypt * added requires_user=False support to HandlerCase * added more through salt-generation test (since cisco_pix has only 4 bits of salt) * added HandlerCase test to ensure user is used as salt
* added mssql 2000/2005 hashes; enhanced HandlerCase's password case sensitive ↵Eli Collins2012-03-103-0/+193
| | | | test
* utils.handlers framework reworked; removed a bunch of boilerplate codeEli Collins2012-03-091-5/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | * StaticHandler is now subclass of GenericHandler - _calc_checksum() should be implemented instead of encrypt(). (compatibility stub added so old code should continue to work) - _norm_hash() no longer needs to handle ->unicode conversion - default from_string() contains a bunch of features, including stripping a known prefix, etc. * context kwds now pulled into constructor, so GenericHandler supports context kwds properly; HasUserContext mixin added to support common 'user' context kwd * identify_regexp & identify_prefix removed, functionality rolled into default GenericHandler.identify() implementation. - default identify checks _hash_regex as potential way to identify hashes * HasStubChecksum removed, functionality rolled into GenericHandler * HasRawChecksum now just sets a flag, functionality moved into GenericHandler * HasManyIdents._parse_ident() helper added to valid & split identifier from hashes. * GenericHandler._norm_checksum() is now strict about unicode / bytes
* base HandlerCase class reworkedEli Collins2012-03-091-1/+1
| | | | | | | | | | | | * reworked warning-matching code into assertWarningList() method * reorganized HandlerCase hash tests based on cross-cutting topic, not per-function; this combined many tests together to eliminate redundant setup * added test of reported rounds limits * added better fuzz testing - tests random passwords & options using encrypt(), and verifies against any all available backends * added flags to properly support 'disabled' handlers, and other border cases. * added tests for password & user case-sensitivity * restores warning filters after every test
* MergeEli Collins2012-02-0816-25/+27
|\
| * renamed calc_checksum() -> _calc_checksum(), hiding the last of the private ↵Eli Collins2012-02-081-2/+2
| | | | | | | | methods of most handlers
| * renamed passlib.exc warning classesEli Collins2012-02-081-2/+2
| |
| * documentation updates for last two commitsEli Collins2012-02-0815-21/+23
| |
* | deprecating min_verify_time option; doesn't meaningfully increase security, ↵Eli Collins2012-01-192-12/+10
|/ | | | and adds code complexity
* simplified crypt.crypt() wrappersEli Collins2012-01-191-1/+1
| | | | | | | * safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure * added test_crypt() wrapper to simplify backend checks. * removed native=True from most to_string() implementations, unused now. * updated UTs
* split exceptions/warnings to separate module; added some additional warning ↵Eli Collins2012-01-182-4/+20
| | | | classes to make filtering easier
* documentation updates for latest round of changesEli Collins2012-01-185-77/+106
|
* deprecated unused int<->bytes utilsEli Collins2012-01-181-2/+0
|
* replaced utils.h64 module with utils.Base64Engine instanceEli Collins2012-01-1810-36/+102
| | | | | | | | | | | * new utils.Base64Engine() provides flexible class for encoding arbitrary base64 charmaps. it should also be a bit faster than the old h64 module. * predefined 'h64' instance has mostly the same methods as the old h64 module which it takes the place off - so imports should be unaffected. (the only the exception of the xxx_dc_xxx methods, which now use the 'h64big' instance) * replaced utils._blowfish base64 encoding with custom Base64Engine instance to reduce code duplication. * more through unittests for Base64Engine.
* added example hashes to scram documentation, other doc tweaksEli Collins2012-01-101-33/+40
|
* lots of work on scram hashEli Collins2012-01-092-0/+137
| | | | | | | | | | | | | | | | | | | | | | | | | handler ------- * added 'scram' to default registry list * handler 'algs' keyword now parsed & validated correctly * digest names normalized -> IANA spec * saslprep() integrated into code * added config string format related ------- * added documentation (still needs cleaning up though) * added majority of UTs, still need to add a few edge cases other ----- * redid context->handler deprecation link - code now looks for handler._deprecated_detector(settings) to generate a callable, should be more efficient, and allow errors to be throw at bind-time instead of call-time. * pbkdf2() function now treats keylen = -1 as request for keylen = PRF digest size.
* minor doc changesEli Collins2012-01-021-5/+4
|
* CryptContext can now run passwords through SASLPrep via "passprep" options ↵Eli Collins2012-01-021-0/+31
| | | | [issue 24]
* large rewrite of how CryptPolicy is parsed and compiled; should result in ↵Eli Collins2011-12-221-4/+2
| | | | *much* shorter codepath when calling CryptContext.encrypt(), etc
* updated documentation to use some cloud_sptheme 1.3 featuresEli Collins2011-12-023-8/+8
| | | | | * escaped {} literals in *samp* roles - used on some doc pages * google analytics integration for pypi docs
* all verify() methods now use "constant time" comparison function (see ↵Eli Collins2011-12-011-0/+1
| | | | CHANGELOG for details)
* minor documentation changesEli Collins2011-12-012-9/+12
|
* Merge 1.5.3 bugfixesEli Collins2011-10-081-3/+3
|\
| * Merge fixes from release-1.5Eli Collins2011-09-191-3/+3
| |\
| | * misc doc changesEli Collins2011-09-141-3/+3
| | |
* | | minor documentation updatesEli Collins2011-10-071-2/+2
| | |
* | | bcrypt padding work:Eli Collins2011-10-071-0/+13
|/ / | | | | | | | | | | | | | | * added changelog entry re: issue & fix * bcrypt now warns about padding bits in digest as well * bcrypt.normhash() now normalizes salt padding bits, digest padding bits, and rounds zero-padding * hash_needs_update() will now flag unclean bcrypt hashes as needing an update * UTs for hash_needs_update(), and digest padding bit handling
* | updated docs for md5-crypt, django hashes, and django plugin; added django ↵Eli Collins2011-09-194-54/+77
| | | | | | | | plugin to setup
* | improvements to passlib.ext.djangoEli Collins2011-09-141-25/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | even though it hasn't been officially documented, some people are using it, so... major ----- * DEFAULT_CTX now uses SHA512-Crypt instead of PBKDF2-HMAC-SHA256, this should be natively supported on a larger number of platforms. * added full unittest suite for passlib.ext.django: - checks monkeypatch implementation - checks full plugin behavior - STOCK_CTX is compared against official Django behavior minor ----- * ``set_django_password_context()`` now patches ``django.contrib.auth.models.check_password()`` as well as User methods. * now exposes active context as ``User.password_context`` when patch is enabled. * replacement ``User.check_password`` now handles None and unusable passwords explicitly, even if context doesn't include support for django_disabled.
* | added documentation for verify_and_updateEli Collins2011-09-141-0/+6
|/
* small corrections to documentationEli Collins2011-08-192-3/+6
|
View Lorry Controller Status