thebaron / passlib

Automatically exported from code.google.com/p/passlib
Other
0 stars 0 forks source link

CryptContext "deprecated" and "default" border cases not handled correctly by compiler #39

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
[affects Passlib 1.6, possibly earlier releases]

The CryptContext compiler stage has a couple of border cases it doesn't handle 
correctly...

1. If there is no explicit default, CryptContext should pick the first 
*non-deprecated* scheme. It currently picks the first listed scheme, even if 
it's flagged as deprecated, causing verify_and_update to re-encrypt every time. 
(reported by Barry Warsaw).

2. The compiler stage should throw an error if an explicit default is flagged 
as deprecated; otherwise user would get #1's behavior. 

3. The compile stage should throw an error if all listed schemes are flagged as 
deprecated; otherwise user would get #1's behavior or an incorrect error 
message.

Once fixed, need to add unittests for all these, and update documentation re: 
#1. 

Original issue reported on code.google.com by elic@astllc.org on 4 Jul 2012 at 4:50

GoogleCodeExporter commented 9 years ago
This issue was closed by revision 22e79ee7af86.

Original comment by elic@astllc.org on 9 Jul 2012 at 8:51

GoogleCodeExporter commented 9 years ago
Fixed as of r22e79ee7af86, will be included in next release.

Original comment by elic@astllc.org on 9 Jul 2012 at 8:53

GoogleCodeExporter commented 9 years ago
1.6.1 has been released, which fixes this bug.

Original comment by elic@astllc.org on 2 Aug 2012 at 7:57