./security/py-passlib, Comprehensive password hashing framework supporting over 30 schemes

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.7.1, Package name: py27-passlib-1.7.1, Maintainer: kleink

Passlib is a password hashing library for Python 2 & 3, which
provides cross-platform implementations of over 30 password hashing
algorithms, as well as a framework for managing existing password
hashes. It's designed to be useful for a wide range of tasks, from
verifying a hash found in /etc/shadow, to providing full-strength
password hashing for multi-user application.


Required to run:
[devel/py-setuptools] [lang/python27]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 1fccaee7a5a158ee04274e18f4927a6a603c6901
RMD160: 5e46aff6cdb6aeb26991f2d794cd78e8ba1490f2
Filesize: 630.59 KB

Version history: (Expand)


CVS history: (Expand)


   2017-06-21 12:24:19 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
1.7.1:
Argon2 & Scrypt hash support
TOTP support
PBKDF2 now has faster builtin backend, and utilizes other backends where available
Lots of API cleanups and internal refactoring
HtpasswdFile reader is now more flexible, and with improved security options.
Refreshed documentation
   2016-06-08 19:43:49 by Thomas Klausner | Files touched by this commit (356)
Log message:
Switch to MASTER_SITES_PYPI.
   2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434)
Log message:
Add SHA512 digests for distfiles for security category

Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-08-14 20:46:33 by Klaus Klein | Files touched by this commit (2) | Package updated
Log message:
Update py-passlib to 1.6.5.

**1.6.5** (2015-08-04) ======================

   Fixed some minor bugs in the test suite which were causing
   erroneous test failures (:issue:`57` and :issue:`58`). The passlib
   library itself is unchanged.

**1.6.4** (2015-07-25) ======================

    This release rolls up assorted bug & compatibility fixes since
    1.6.2.

Bugfixes --------

    * Correctly detect bcrypt 2.0.  Previous releases were incorrectly
      detecting it as py-bcrypt,
      causing spurious errors (:issue:`56`).

    * CryptContext now accepts scheme names as unicode (:issue:`54`).

    * :mod:`passlib.ext.django` now works correctly with Django
      1.7-1.8. Previous
      releases had various test failures (:issue:`52`).

    * :class:`passlib.apache.HtpasswdFile` now recognizes bcrypt,
      sha256_crypt, sha512_crypt
      hashes (:issue:`55`).

BCrypt Changes --------------

    A few changes have been made to the :class:`~passlib.hash.bcrypt`
    hash:

    * It now supports the ``$2b$`` hash format.

    * It will now issue a :exc:`~passlib.exc.PasslibSecurityWarning`
      if the active backend
      is vulnerable to the :ref:`wraparound bug <bsd-wraparound-bug>`,
      and automatically enable a workaround (py-bcrypt is known to
      be vulnerable as of v0.4).

    * It will throw a :exc:`~passlib.exc.PasslibSecurityError` if
      the active backend
      is vulnerable to the :ref:`8-bit bug <crypt-blowfish-bug>`
      (none of Passlib's backends are known to be vulnerable as of
      2015-07).

    * Updated documentation to indicate the cffi-based `bcrypt
      <https://pypi.python.org/pypi/bcrypt>`_
      library is now the recommended bcrypt backend.

    * Backend capability detection code refactored to rely on runtime
      detection
      rather than hardcoded information.

Other Changes -------------

    * Source repo's ``tox.ini`` updated.  Now assumes python3 by
      default, and refactored test
      environments to more cleanly delineate the different setups
      being tested.

    * Passlib releases are now published as wheels instead of eggs.

.. note::

    Release **1.6.3** was skipped due to upload issues.
   2014-01-25 11:30:32 by Thomas Klausner | Files touched by this commit (533) | Package updated
Log message:
Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE=  33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE=  33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.

Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.

Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.

Whitespace cleanups and other nits corrected, where necessary.
   2014-01-01 18:46:20 by Klaus Klein | Files touched by this commit (3) | Package updated
Log message:
Update py-passlib to 1.6.2.

**1.6.2** (2013-12-26)
======================

    Minor changes & compatibility fixes

    * Re-tuned the :attr:`~passlib.ifc.PasswordHash.default_rounds`
      values for all of the hashes.

    * Added the new :doc:`bcrypt_sha256 <lib/passlib.hash.bcrypt_sha256>` hash,
      which wraps BCrypt using SHA256 in order to work around
      BCrypt's password size limitations (:issue:`43`).

    * :doc:`passlib.hash.bcrypt <lib/passlib.hash.bcrypt>`:
      Added support for the `bcrypt <https://pypi.python.org/pypi/bcrypt>`_
      library as one of the possible bcrypt backends that will be
      used if available.  (:issue:`49`)

    * :mod:`passlib.ext.django`: Passlib's Django extension
      (and it's related hashes and unittests) have been updated to
      handle some minor API changes in Django 1.5-1.6. They should
      now be compatible with Django 1.2 and up.  (:issue:`50`)
   2013-08-05 19:42:19 by Klaus Klein | Files touched by this commit (4)
Log message:
Import passlib-1.6.1 as security/py-passlib.

Passlib is a password hashing library for Python 2 & 3, which
provides cross-platform implementations of over 30 password hashing
algorithms, as well as a framework for managing existing password
hashes. It's designed to be useful for a wide range of tasks, from
verifying a hash found in /etc/shadow, to providing full-strength
password hashing for multi-user application.