summaryrefslogtreecommitdiff
path: root/passlib/tests/test_apache.py
Commit message (Collapse)AuthorAgeFilesLines
* Merge from stableEli Collins2015-07-221-6/+46
|\
| * bunch of bcrypt updates, centered around the bsd wraparound bug.Eli Collins2015-07-211-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bcrypt ------ * added support & UT for $2b$ hash format. not making it the default yet, for backward compat. * large refactor of how bcrypt backends are loaded: instead of per-backend workarounds within each _calc_checksum_<backend>() function: now using runtime detection of specific capabilities & workarounds, that runs whenever set_backend() is called, combined with consolidated workaround code within _calc_checksum(), controlled by the flags set by set_backend(). this detection now looks for: - the 8bit bug: throws a PasslibSecurityError - the wraparound bug: issues warning, sets flag enabling a workaround. - support for 2/2y/2b: if backend lacks support for particular variants, sets flag enabling workaround to add support. * os_crypt backend now just issues error if it can't handle a password encoding; rather than trying fallbacks first -- edge case anyways, and likely to not have any fallbacks when it does happen. simplifies backend code. * added UTs to make sure wraparound-vulnerable passwords are hashed correctly (as a 72char string, not a 1-3 char string that's repeated). * internal blowfish code's ident parsing clarified. other ----- * added exc.PasslibSecurityError for fatal runtime errors. * test framework: os_crypt backends no longer expected to use *any* backend as fallback, just ones with lower priority than os_crypt. * test framework: crypt_stub() wrapper now subclasses the handler, so it can use an independant backend, instead of changing global backend for duration of call (made parallel testing hard) docs ---- * added entry to bcrypt page, writing down wraparound bug details, and how passlib is handling it. * all versions of pybcrypt & bcryptor seem to be vulnerable to wraparound bug. starting process of deprecating these backends: marked bcrypt backend as 'preferred' throughout the documentation.
| * HtpasswdFile's default context now recognized bcrypt, sha256_crypt (fixes ↵Eli Collins2015-07-201-5/+38
| | | | | | | | | | | | issue 55); also added default_scheme="portable" to ease transition to passlib 1.7's new default behavior.
| * style cleanups (transplant of rc94c6072a652 in default)Eli Collins2013-12-271-24/+24
| |
* | removed a LOT of compatibility shims -- dropped python 2.5, 3.0, and 3.1 ↵Eli Collins2015-01-101-52/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | support; as well as PyPy 1.x and Jython 2.5. shims removed ------------- * b() shim replaced with b'' (py25) * 'bytes' alias no longer needed (py25) * callable() shim no longer needed (py30,31) * PY_MIN_32 flag replaced with PY3 flag (py30,31) * removed 'abc' module stub used by passlib.ifc (py25) * removed chain_from_iterable() backport (py25) * tests: removed catch_warnings() backport, replaced refs with real warnings.catch_warnings() (py25) * tests: removed unittest2 backports (py25, py30, py31) -- now throw hard error if unittest2 not present under py26 (the only release remaining which lacks the unittest2 features) * removed SUPPORTS_DIR_METHOD conditional (py25, pypy 1.x) * some other minor workarounds other ----- * added check in passlib.compat which now throws error telling user version isn't supported (to prevent spurious errors later)
* | removed some unused importsEli Collins2013-04-091-5/+3
| |
* | style cleanupsEli Collins2013-04-091-24/+24
|/
* project-wide whitespace & comment cleanup (it's been a couple of years)Eli Collins2012-08-011-37/+37
|
* replaced HAS_INTEGER_MTIME flag with more reliable workaroundEli Collins2012-06-271-3/+3
|
* bunch bugfixes to the unittestsEli Collins2012-05-011-2/+2
| | | | | | | | | * timer issues under windows * id() issues under jython * mtime issues under jython & darwin * corrected expectations of test_ext_django's patch checker * added darwin flags to platform_os_crypt info * fixed regression in os_crypt backend test mocking
* fleshed out passlib.apache tests; small bugfixe to moduleEli Collins2012-04-301-43/+121
|
* a bunch of bugfixes found during unittestingEli Collins2012-04-171-2/+2
| | | | | | | | | | * bsdi_crypt apparently available on openbsd 4.9 * typo fixes * ConfigParser apparently only uses OrderedDict for >= PY27, adjusted CryptContext test accordingly * fixed test that depended on sha256_crypt.default_rounds * handle os_crypt backend w/ no fallback (bcrypt) * let _norm_rounds accept longs
* updated passlib.apache module's api - more flexible to use, changed some ↵Eli Collins2012-04-171-129/+218
| | | | ambiguous method names
* updated test support & py3 compat code from an external libraryEli Collins2012-03-121-2/+2
| | | | | | | | | | | | | | | | passlib.tests ------------- * deprecated support for unittest 1... accumulated too many backports, planning to require unittest2 in next release. * case_prefix renamed to shortDescription * test case now archives & clears warning registry state in addition to warning filter state passlib.utils.compat -------------------- * a bunch of the bytes-related functions were renamed for clarity * NativeStringIO alias added * trange alias merged into irange
* changed test_utils to import subjects within test functions, instead of globallyEli Collins2012-01-181-2/+1
|
* deprecated to_hash_str, replaced all instances with to_native_strEli Collins2011-12-281-4/+4
| | | | | | decided that to_hash_str will always return native string, feature of hashes being returned as unicode under python 2 is better done through a CryptContext option.
* ran a custom 2to3 fixer to replace all u"" with u() and add an import from ↵Eli Collins2011-12-061-7/+8
| | | | compat.u
* added compat.unicode imports in a number of placesEli Collins2011-12-061-1/+1
| | | | | | | | this distinguishes the types, so that for isinstance() tests... * 'unicode' always means the unicode type * 'bytes' always means the bytes type * 'str' always means the native string type
* replaced xrange() instances with compat.irange() aliasEli Collins2011-12-061-2/+3
|
* unittest fixesEli Collins2011-08-121-11/+1
| | | | | * backport of ut2's assertAlmostEquals delta kwd * test_context uses set_file so we can always write bytes
* GAE compatibility fix: changed apache UTs to not rely on filesystem.Eli Collins2011-08-121-66/+69
| | | | | | * added private constructor Htpasswd._from_string(), will clean it up and make public in future * most apache tests now use _from_string() so they don't have to write to fs * tests which still require writing to fs (mainly the autoload tests) now skipped for GAE
* replaced assert_, assertEquals, assertNotEquals to silence Py3.2 deprecation ↵Eli Collins2011-07-111-27/+27
| | | | warnings
* stripped trailing whitespace from a bunch of filesEli Collins2011-07-081-6/+6
|
* minor fixesEli Collins2011-06-201-1/+1
|
* added UT for safe_os_crypt(), helper method is_ascii_safe()Eli Collins2011-06-201-3/+0
|
* apache module rewritten for py3 compatEli Collins2011-06-201-27/+104
| | | | | | | | * added 'encoding' kwd to Htpasswd, Htdigest constructors, allowing user/realm encoding to be specified. * treats file as bytes internally * added UTs for encoding-specific behavior * added render_bytes() util helper - py2/3 compatible replacement for using % formatting with bytes
* coverage workEli Collins2011-03-181-0/+11
| | | | | | | | | | | ============= * restored "default" mode for set_backend() * bugfix: HandlerCase now sets backend explicitly, incorrect backend checks were previously happening * added UT for genhash(secret, None) * enabled HandlerCase.supports_unicode for all hashes * added some needed test cases revealed by coverage check * added "pragma: no cover" for a select few branches that don't need testing * all UTs pass, 92% coverage
* bugfixesEli Collins2011-03-171-6/+10
| | | | | | | | | | ======== * bugfix: test_apache now backdates mtime on files instead of time.sleep() - more reliable across OS's * bugfix: bcrypt & md5_crypt used classmethod() on _has_backend_xxx attrs instead of classproperty() * added backendmixin test suite to HandlerCase to detect regression of above backend bug * added test case for CryptContext.replace() * added setUp/cleanUp support to create_backend_case() (fixes ut test bug) * all UTs passed
* passlib.apache: improved interface; added docs & UTs (all passlib.apache uts ↵Eli Collins2011-03-171-0/+314
pass)
View Lorry Controller Status