U h}'@sdZddlZddlZeeZddlmZddlm Z m Z ddl m Z m Z mZddlmmZdddgZGd ddejjejZe d Zd ZGd ddejjejZGd ddejZdS)z.passlib.handlers.misc - misc generic handlers N)warn) to_native_str str_consteq)unicodeuunicode_or_bytes_types unix_disabled unix_fallback plaintextcsLeZdZdZdZdZeddZd fdd Zdd Z ed d d Z Z S)r aThis class provides the fallback behavior for unix shadow files, and follows the :ref:`password-hash-api`. This class does not implement a hash, but instead provides fallback behavior as found in /etc/shadow on most unix variants. If used, should be the last scheme in the context. * this class will positively identify all hash strings. * for security, passwords will always hash to ``!``. * it rejects all passwords if the hash is NOT an empty string (``!`` or ``*`` are frequently used). * by default it rejects all passwords if the hash is an empty string, but if ``enable_wildcard=True`` is passed to verify(), all passwords will be allowed through if the hash is an empty string. .. deprecated:: 1.6 This has been deprecated due to its "wildcard" feature, and will be removed in Passlib 1.8. Use :class:`unix_disabled` instead. )enable_wildcardcCs t|trdStj|ddSNThash isinstanceruhexcExpectedStringErrorclsr r;./venv/lib/python3.8/site-packages/passlib/handlers/misc.pyidentify.s zunix_fallback.identifyFc s&tdttt|jf|||_dS)Nzf'unix_fallback' is deprecated, and will be removed in Passlib 1.8; please use 'unix_disabled' instead.)rDeprecationWarningsuperr __init__r )selfr kwds __class__rrr5s zunix_fallback.__init__cCs|jr |jStdSdS)N!)Zchecksumr)rsecretrrr_calc_checksum=szunix_fallback._calc_checksumcCs4t|t|ts$tj|dn |r,dS|SdS)Nr F)rvalidate_secretrrrr)rr r r rrrverifyEs   zunix_fallback.verify)F)F) __name__ __module__ __qualname____doc__name context_kwds classmethodrrr!r# __classcell__rrrrr s z*!s*!cseZdZdZdZdZdZeee Z de j kr8e dZne dZedfdd Zed d Zed d ZeddZejdddedddZedddZeddZZS)raThis class provides disabled password behavior for unix shadow files, and follows the :ref:`password-hash-api`. This class does not implement a hash, but instead matches the "disabled account" strings found in ``/etc/shadow`` on most Unix variants. "encrypting" a password will simply return the disabled account marker. It will reject all passwords, no matter the hash string. The :meth:`~passlib.ifc.PasswordHash.hash` method supports one optional keyword: :type marker: str :param marker: Optional marker string which overrides the platform default used to indicate a disabled account. If not specified, this will default to ``"*"`` on BSD systems, and use the Linux default ``"!"`` for all other platforms. (:attr:`!unix_disabled.default_marker` will contain the default value) .. versionadded:: 1.6 This class was added as a replacement for the now-deprecated :class:`unix_fallback` class, which had some undesirable features. markerrZbsd*rNc s:tt|jf|}|dk r6||s0td|||_|S)Nzinvalid marker: %r)rrusingr ValueErrordefault_marker)rr-rsubclsrrrr/xs   zunix_disabled.usingcCs@t|trt}nt|tr t}ntj|d| p>|d|kS)Nr r)rr _MARKER_CHARSbytes _MARKER_BYTESrrr)rr startrrrrs   zunix_disabled.identifycCs$t|||s tj|dS)NF)rr"rrInvalidHashError)rr r rrrr#s   zunix_disabled.verifycKsP|r"t|||jf||St||j}|r@||sDtt|ddS)Nr-Zparam) rZwarn_hash_settings_deprecationr/r r"r1rAssertionErrorr)rr rr-rrrr s  zunix_disabled.hash1.72.0Z deprecatedZremovedcCsT||stj|n8|r2t|t|ddS|dk rF|j|d}||SdS)Nconfigr8r,)rrrr7r"rr/r )rr r=r-rrrgenhashs    zunix_disabled.genhashcCsB|d}|dk r>t|dd}||r2||}|r>||7}|S)Nr r8)r rrenable)rr outrrrdisables    zunix_disabled.disablecCsVt|dd}|jD]2}||r|t|d}|r<|Stdqtj|dS)Nr r8zcannot restore original hash)r_disable_prefixes startswithlenr0rrr7)rr prefixZorigrrrr@s    zunix_disabled.enable)N)N)N)r$r%r&r'r( setting_kwdsr)tuplestrr3rCsysplatformrr1r*r/rr#r rdeprecated_methodr>rBr@r+rrrrrRs.        c@s~eZdZdZdZdZdZdZeddZ eddd Z edd d Z e j d d deddZe j d d dedddZdS)r a~This class stores passwords in plaintext, and follows the :ref:`password-hash-api`. The :meth:`~passlib.ifc.PasswordHash.hash`, :meth:`~passlib.ifc.PasswordHash.genhash`, and :meth:`~passlib.ifc.PasswordHash.verify` methods all require the following additional contextual keyword: :type encoding: str :param encoding: This controls the character encoding to use (defaults to ``utf-8``). This encoding will be used to encode :class:`!unicode` passwords under Python 2, and decode :class:`!bytes` hashes under Python 3. .. versionchanged:: 1.6 The ``encoding`` keyword was added. rencodingzutf-8cCs t|trdStj|ddSr rrrrrrs zplaintext.identifyNcCs t||s|j}t||dS)Nr )rr"default_encodingr)rr rNrrrr s zplaintext.hashcCs>|s |j}t||d}||s,tj|t||||S)Nr )rOrrrrr7rr )rr r rNrrrr#s    zplaintext.verifyr:r;r<cCs |dS)Nr?)r )rrrr genconfigszplaintext.genconfigcCs$||stj||j||dS)NrM)rrrr7r )rr r=rNrrrr>s  zplaintext.genhash)N)N)N)r$r%r&r'r(rGr)rOr*rr r#rrLrPr>rrrrr s"      )r'rJZloggingZ getLoggerr$logwarningsrZ passlib.utilsrrZpasslib.utils.compatrrrZpasslib.utils.handlersZutilsZhandlersr__all__ZifcZ DisabledHashZ StaticHandlerr r3r5ZMinimalHandlerrr rrrrs    6~