;Xc@sdZddlZddlZejeZddlmZddlm Z m Z ddl m Z m Z mZddljjZdddgZdejjejfd YZe d Zd Zdejjejfd YZdejfd YZdS( s.passlib.handlers.misc - misc generic handlers iN(twarn(t to_native_strt str_consteq(tunicodetutunicode_or_bytes_typest unix_disabledt unix_fallbackt plaintextcBsPeZdZdZdZedZedZdZ eedZ RS(sThis class provides the fallback behavior for unix shadow files, and follows the :ref:`password-hash-api`. This class does not implement a hash, but instead provides fallback behavior as found in /etc/shadow on most unix variants. If used, should be the last scheme in the context. * this class will positively identify all hash strings. * for security, passwords will always hash to ``!``. * it rejects all passwords if the hash is NOT an empty string (``!`` or ``*`` are frequently used). * by default it rejects all passwords if the hash is an empty string, but if ``enable_wildcard=True`` is passed to verify(), all passwords will be allowed through if the hash is an empty string. .. deprecated:: 1.6 This has been deprecated due to its "wildcard" feature, and will be removed in Passlib 1.8. Use :class:`unix_disabled` instead. Rtenable_wildcardcCs,t|trtStjj|ddS(Nthash(t isinstanceRtTruetuhtexctExpectedStringError(tclsR ((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pytidentify.scKs0tdttt|j|||_dS(Nsf'unix_fallback' is deprecated, and will be removed in Passlib 1.8; please use 'unix_disabled' instead.(RtDeprecationWarningtsuperRt__init__R (tselfR tkwds((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR5scCs|jr|jStdSdS(Nt!(tchecksumR(Rtsecret((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyt_calc_checksum=s cCsFtj|t|ts4tjj|dn|r>tS|SdS(NR (R tvalidate_secretR RRRtFalse(RRR R ((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pytverifyEs  (senable_wildcard( t__name__t __module__t__doc__tnamet context_kwdst classmethodRRRRR(((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRs  s*!cBseZdZdZdZdZeeeZ de j krNe dZ n e dZ eddZedZedZed Zejd d d d eddZeddZedZRS(sThis class provides disabled password behavior for unix shadow files, and follows the :ref:`password-hash-api`. This class does not implement a hash, but instead matches the "disabled account" strings found in ``/etc/shadow`` on most Unix variants. "encrypting" a password will simply return the disabled account marker. It will reject all passwords, no matter the hash string. The :meth:`~passlib.ifc.PasswordHash.hash` method supports one optional keyword: :type marker: str :param marker: Optional marker string which overrides the platform default used to indicate a disabled account. If not specified, this will default to ``"*"`` on BSD systems, and use the Linux default ``"!"`` for all other platforms. (:attr:`!unix_disabled.default_marker` will contain the default value) .. versionadded:: 1.6 This class was added as a replacement for the now-deprecated :class:`unix_fallback` class, which had some undesirable features. Rtmarkertbsdt*RcKsVtt|j|}|dk rR|j|sFtd|n||_n|S(Nsinvalid marker: %r(RRtusingtNoneRt ValueErrortdefault_marker(RR$Rtsubcls((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR'xs   cCsZt|trt}n-t|tr0t}ntjj|d| pY|d|kS(NR i(R Rt _MARKER_CHARStbytest _MARKER_BYTESR RR(RR tstart((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRs   cCs5tj||j|s1tjj|ntS(N(R RRRtInvalidHashErrorR(RRR ((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRs cKsm|r,tj|||j|j|Stj||j}|rW|j|s]tt|ddS(NtparamR$( R twarn_hash_settings_deprecationR'R RR*RtAssertionErrorR(RRRR$((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR s  t deprecateds1.7tremoveds2.0cCsy|j|s$tjj|nQ|rGtj|t|ddS|dk rh|jd|}n|j|SdS(NR1tconfigR$( RR RR0RRR(R'R (RRR6R$((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pytgenhashs  cCsh|jd}|dk rdt|dd}|j|rN|j|}n|rd||7}qdn|S(NtR1R (R R(RRtenable(RR tout((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pytdisables cCstt|dd}xI|jD]>}|j|r|t|}|rK|StdqqWtjj|dS(NR1R scannot restore original hash(Rt_disable_prefixest startswithtlenR)R RR0(RR tprefixtorig((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR9s(smarker(N(RRR R!t setting_kwdsR"ttupletstrR,R<tsystplatformRR*R#R(R'RRR R tdeprecated_methodR7R;R9(((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRRs&    cBseZdZdZd ZdZdZedZeddZ eddZ e j ddd d ed Ze j ddd d edd ZRS(s~This class stores passwords in plaintext, and follows the :ref:`password-hash-api`. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods all require the following additional contextual keyword: :type encoding: str :param encoding: This controls the character encoding to use (defaults to ``utf-8``). This encoding will be used to encode :class:`!unicode` passwords under Python 2, and decode :class:`!bytes` hashes under Python 3. .. versionchanged:: 1.6 The ``encoding`` keyword was added. Rtencodingsutf-8cCs,t|trtStjj|ddS(NR (R RR R RR(RR ((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRscCs/tj||s|j}nt||dS(NR(R Rtdefault_encodingR(RRRG((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR s  cCsa|s|j}nt||d}|j|sHtjj|nt|j|||S(NR (RHRRR RR0RR (RRR RG((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRs  R4s1.7R5s2.0cCs |jdS(NR8(R (R((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyt genconfigscCs7|j|s$tjj|n|j|d|S(NRG(RR RR0R (RRR6RG((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyR7s((sencodingN(RRR R!RAR"RHR#RR(R RR RFRIR7(((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyRs(R RDtloggingt getLoggerRtlogtwarningsRt passlib.utilsRRtpasslib.utils.compatRRRtpasslib.utils.handlerstutilsthandlersR t__all__tifct DisabledHasht StaticHandlerRR,R.tMinimalHandlerRR(((s9/usr/lib/python2.7/site-packages/passlib/handlers/misc.pyts   "6 "~