summaryrefslogtreecommitdiff
path: root/passlib/utils/handlers.py
Commit message (Collapse)AuthorAgeFilesLines
* a bunch of bugfixes found during unittestingEli Collins2012-04-171-2/+2
| | | | | | | | | | * bsdi_crypt apparently available on openbsd 4.9 * typo fixes * ConfigParser apparently only uses OrderedDict for >= PY27, adjusted CryptContext test accordingly * fixed test that depended on sha256_crypt.default_rounds * handle os_crypt backend w/ no fallback (bcrypt) * let _norm_rounds accept longs
* assorted bugfixes, tweaks, and tests added; based on coverage examinationEli Collins2012-04-121-11/+11
| | | | | | | * test os_crypt backend has functional fallback * test handler methods accept all unicode/bytes combinations for secret & hash * fixed some incorrect error messages & types being caught & raised * other minor cleanups
* clarify behavior for secret=None and hash=NoneEli Collins2012-04-111-50/+45
| | | | | | | | | | | | | | | | | | | | | | | * passing a non-string secret or non-string hash to any CryptContext or handler method will now reliably result in a TypeError. previously, passing hash=None to many handler identify() and verify() methods would return False, while others would raise a TypeError. other handler methods would alternately throw ValueError or TypeError when passed a value that wasn't unicode or bytes. the various CryptContext methods also behaved inconsistently, depending on the behavior of the underlying handler. all of these behaviors are gone, they should all raise the same TypeError. * redid many of the from_string() methods to verify the hash type. * moved secret type & size validation to GenericHandler's encrypt/genhash/verify methods. this cheaply made the secret validation global to all hashes, and lets _calc_digest() implementations trust that the secret is valid. * updated the CryptContext and handler unittests to verify the above behavior is adhered to.
* md5_crypt / sha2-crypt cleanupEli Collins2012-04-101-1/+1
| | | | | * tried to clarify documentation & alg for builtin md5_crypt / sha2-crypt backends * replaced regex parser in sha2-crypt with index-based one - less redundant, and should be faster.
* parse_mc3/render_mc3 helpers now handle rounds str<->int, consolidated a ↵Eli Collins2012-04-101-14/+68
| | | | bunch of redundant code
* passlib.exc: added constructors for common errors, should normalize error ↵Eli Collins2012-04-101-45/+60
| | | | messages
* *all* hashes now throw PasswordSizeError if password is larger than 4096 ↵Eli Collins2012-04-091-1/+9
| | | | chars; to prevent DOS issues.
* updated test support & py3 compat code from an external libraryEli Collins2012-03-121-3/+3
| | | | | | | | | | | | | | | | passlib.tests ------------- * deprecated support for unittest 1... accumulated too many backports, planning to require unittest2 in next release. * case_prefix renamed to shortDescription * test case now archives & clears warning registry state in addition to warning filter state passlib.utils.compat -------------------- * a bunch of the bytes-related functions were renamed for clarity * NativeStringIO alias added * trange alias merged into irange
* utils.handlers framework reworked; removed a bunch of boilerplate codeEli Collins2012-03-091-285/+337
| | | | | | | | | | | | | | | | | | | | | | | | | | | * StaticHandler is now subclass of GenericHandler - _calc_checksum() should be implemented instead of encrypt(). (compatibility stub added so old code should continue to work) - _norm_hash() no longer needs to handle ->unicode conversion - default from_string() contains a bunch of features, including stripping a known prefix, etc. * context kwds now pulled into constructor, so GenericHandler supports context kwds properly; HasUserContext mixin added to support common 'user' context kwd * identify_regexp & identify_prefix removed, functionality rolled into default GenericHandler.identify() implementation. - default identify checks _hash_regex as potential way to identify hashes * HasStubChecksum removed, functionality rolled into GenericHandler * HasRawChecksum now just sets a flag, functionality moved into GenericHandler * HasManyIdents._parse_ident() helper added to valid & split identifier from hashes. * GenericHandler._norm_checksum() is now strict about unicode / bytes
* renamed calc_checksum() -> _calc_checksum(), hiding the last of the private ↵Eli Collins2012-02-081-17/+17
| | | | methods of most handlers
* renamed passlib.exc warning classesEli Collins2012-02-081-4/+4
|
* documentation updates for last two commitsEli Collins2012-02-081-95/+98
|
* minor tweaks & fixesEli Collins2012-02-081-1/+1
|
* large refactor of GenericHandler internalsEli Collins2012-02-081-166/+192
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | strict keyword -------------- * GenericHandler's "strict" keyword had poorly defined semantics; replaced this with "use_defaults" and "relaxed" keywords. Most handlers' from_string() method specified strict=True. This is now the default behavior, use_defaults=True is enabled only for encrypt() and genconfig(). relaxed=True is enabled only for specific handlers (and unittests) whose code requires it. This *does* break backward compat with passlib 1.5 handlers, but this is mostly and internal class. * missing required settings now throws a TypeError instead of a ValueError, to be more in line with std python behavior. * The norm_xxx functions provided by the GenericHandler mixins (e.g. norm_salt) have been renamed to _norm_xxx() to reflect their private nature; and converted from class methods to instance methods, to simplify their call signature for subclassing. misc ---- * rewrote GenericHandler unittests to use constructor only, instead of poking into norm_salt/norm_rounds internals. * checksum/salt charset checks speed up using set comparison * some small cleanups to FHSP implementation
* simplified crypt.crypt() wrappersEli Collins2012-01-191-1/+0
| | | | | | | * safe_crypt() improved - accepts unicode/bytes for salt, checks for NULL, returns None on failure * added test_crypt() wrapper to simplify backend checks. * removed native=True from most to_string() implementations, unused now. * updated UTs
* split exceptions/warnings to separate module; added some additional warning ↵Eli Collins2012-01-181-6/+12
| | | | classes to make filtering easier
* misc bugfixes from round of changesEli Collins2012-01-181-0/+2
| | | | | | | | | * added str_to_[ub]ascii to wrap hexdigest() calls * fixed some h64big calls I missed * some py3 fixes * removed utils.compat.aliases, using overlay to replace real compat module instead (to agree w/ imports already in code)
* StaticHandler._norm_hash() should return native str typeEli Collins2012-01-181-6/+8
|
* import cleanupsEli Collins2012-01-181-8/+8
| | | | | | | | | | | | | | | * moved bytes compat functions from utils to utils.compat (bord, bjoin, bjoin_ints, bjoin_elems, ujoin) * renamed bord -> belem_ord for clarify * a bunch of to_native_str() always use ascii, and have fixed input types (always bytes or always unicode). these don't need overhead of to_native_str(), so replaced those calls with two new funcs: compat.bascii_to_str() / compat.uascii_to_str() * cleaned up a lot of imports from utils/utils.compat to pull from correct module * simplified the to_string() logic of a bunch of handlers to reduce unicode<->byte transitions
* cleaned up utils a littleEli Collins2012-01-181-1/+9
|
* renamed the utils.handlers.XX_CHARS constants to match utils.XX_CHARS (old ↵Eli Collins2012-01-181-9/+18
| | | | aliases kept for now)
* lots of work on scram hashEli Collins2012-01-091-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | handler ------- * added 'scram' to default registry list * handler 'algs' keyword now parsed & validated correctly * digest names normalized -> IANA spec * saslprep() integrated into code * added config string format related ------- * added documentation (still needs cleaning up though) * added majority of UTs, still need to add a few edge cases other ----- * redid context->handler deprecation link - code now looks for handler._deprecated_detector(settings) to generate a callable, should be more efficient, and allow errors to be throw at bind-time instead of call-time. * pbkdf2() function now treats keylen = -1 as request for keylen = PRF digest size.
* clarified border case where verify() accepted configuration strings instead ↵Eli Collins2012-01-091-1/+27
| | | | of throwing ValueError for some handlers
* deprecated to_hash_str, replaced all instances with to_native_strEli Collins2011-12-281-4/+4
| | | | | | decided that to_hash_str will always return native string, feature of hashes being returned as unicode under python 2 is better done through a CryptContext option.
* Merge from defaultEli Collins2011-12-281-5/+56
|\
| * PrefixWrapper: added .ident and .ident_values proxies; dir() now reports ↵Eli Collins2011-12-221-5/+56
| | | | | | | | proxies attrs
* | fixed conversion typoEli Collins2011-12-061-1/+1
| |
* | ran a custom 2to3 fixer to replace all u"" with u() and add an import from ↵Eli Collins2011-12-061-16/+16
| | | | | | | | compat.u
* | added compat.unicode imports in a number of placesEli Collins2011-12-061-0/+1
|/ | | | | | | | this distinguishes the types, so that for isinstance() tests... * 'unicode' always means the unicode type * 'bytes' always means the bytes type * 'str' always means the native string type
* all verify() methods now use "constant time" comparison function (see ↵Eli Collins2011-12-011-7/+8
| | | | CHANGELOG for details)
* Merge 1.5.3 bugfixesEli Collins2011-10-081-24/+9
|\
| * misc doc changesEli Collins2011-09-141-11/+7
| |
| * beginning 1.6 devEli Collins2011-08-251-16/+5
| | | | | | | | | | * removed previously deprecated support for ConfigParser interpolated files * removed previously deprecated support for set_backend(None)
* | minor documentation updatesEli Collins2011-10-071-15/+31
|/
* documentation building should now be done through 'setup.py build_sphinx';Eli Collins2011-08-171-1/+2
| | | | | changed instructions accordingly; also added 'docdist' setup command to build doc zip files
* minor doc tweaksEli Collins2011-07-101-3/+3
|
* bugfixes from running UTsEli Collins2011-07-091-1/+1
| | | | | | | | | | | | | * typo in safe_os_crypt UT * typo in has_backend UT * typo in HasManyBackends HandlerCase UT * fixed inverted has_backend() test in HasManyBackends.set_backend() * ensure all safe_os_crypt backend checks return boolean * BSDiCrypt - fixed os_crypt backend, was passing incomplete string to os_crypt * workaround for Jython object.__new__() behavior in test 'UnsaltedHash' UT * added passlib.utils.jython_vm flag for detecting jython
* cleaned up and documented HasManyBackends behavior; now raises ↵Eli Collins2011-07-081-16/+107
| | | | MissingBackendError if no backends available
* stripped trailing whitespace from a bunch of filesEli Collins2011-07-081-7/+7
|
* replaced redundant code in a few places w/ new identify_prefix() helperEli Collins2011-06-221-0/+12
|
* StaticHandler now provides internal _norm_hash() method for subclasses to ↵Eli Collins2011-06-221-5/+16
| | | | | | | | override * enhanced StaticHandler.verify method to normalize hash unicode/bytes better * changed various StaticHandler-derived classes to use _norm_hash() instead of re-implementing verify() * oracle, postgres hashes now derive from StaticHandler instead of object.
* GenericHandler.checksum_chars now defaults to ``None``, instead of implicit ↵Eli Collins2011-06-201-1/+2
| | | | H64_CHARS
* converted md5crypt to py3 compatEli Collins2011-06-171-0/+19
| | | | | * added safe_os_crypt() to work around some major issues with stdlib crypt under 2 vs 3 * added some render_mcX helpers to match parse_mcX helpers under utils.handlers
* pbkdf2 handlers now py3 compatEli Collins2011-06-171-0/+6
|
* base HandlerCase, and utils.handlers UTs, converted to support unicode policyEli Collins2011-06-171-0/+14
|
* utils.handlers reworked.Eli Collins2011-06-171-30/+101
| | | | | | | | | | NOTE: this commit breaks pretty much all hashes in passlib, until they're converted. * added to_hash_str() helper to abstract policy re: password hash return values * GenericHandler & mixins now use unicode internally everywhere. per policy, bytes are assumed to be ascii, and decoded. * HasRawSalt/HasRawChecksum now refuse to accept unicode inputs, and only use bytes. * PrefixWrapper now uses unicode internally wherever possible.
* added support for Cryptacular's PBKDF2 formatEli Collins2011-06-021-0/+1
|
* removed some things that were deprecated under 1.4Eli Collins2011-06-011-581/+0
|
* replace legacy exc constructorEli Collins2011-05-091-1/+1
|
* tightened salt info specifications; improved salt info conformance testsEli Collins2011-05-031-1/+1
|
View Lorry Controller Status