diff -Nru python-bcrypt-3.1.4/debian/changelog python-bcrypt-3.1.5/debian/changelog --- python-bcrypt-3.1.4/debian/changelog 2018-11-01 22:55:22.000000000 +0000 +++ python-bcrypt-3.1.5/debian/changelog 2018-12-19 11:15:31.000000000 +0000 @@ -1,3 +1,10 @@ +python-bcrypt (3.1.5-1) unstable; urgency=medium + + * New upstream release. + * add debian/clean (cleaning .pytest_cache/). + + -- Daniel Stender Wed, 19 Dec 2018 12:15:31 +0100 + python-bcrypt (3.1.4-3) unstable; urgency=medium * deb/control: diff -Nru python-bcrypt-3.1.4/debian/clean python-bcrypt-3.1.5/debian/clean --- python-bcrypt-3.1.4/debian/clean 1970-01-01 00:00:00.000000000 +0000 +++ python-bcrypt-3.1.5/debian/clean 2018-11-03 08:55:39.000000000 +0000 @@ -0,0 +1 @@ +.pytest_clean/ \ No newline at end of file diff -Nru python-bcrypt-3.1.4/MANIFEST.in python-bcrypt-3.1.5/MANIFEST.in --- python-bcrypt-3.1.4/MANIFEST.in 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/MANIFEST.in 2018-12-12 00:46:59.000000000 +0000 @@ -1,5 +1,7 @@ include LICENSE README.rst +include pyproject.toml + include tox.ini .coveragerc include src/build_bcrypt.py diff -Nru python-bcrypt-3.1.4/PKG-INFO python-bcrypt-3.1.5/PKG-INFO --- python-bcrypt-3.1.4/PKG-INFO 2017-10-11 12:10:25.000000000 +0000 +++ python-bcrypt-3.1.5/PKG-INFO 2018-12-12 00:47:26.000000000 +0000 @@ -1,23 +1,22 @@ -Metadata-Version: 1.1 +Metadata-Version: 2.1 Name: bcrypt -Version: 3.1.4 +Version: 3.1.5 Summary: Modern password hashing for your software and your servers Home-page: https://github.com/pyca/bcrypt/ Author: The Python Cryptographic Authority developers Author-email: cryptography-dev@python.org License: Apache License, Version 2.0 -Description-Content-Type: UNKNOWN Description: bcrypt ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt - Modern password hashing for your software and your servers + Good password hashing for your software and your servers Installation @@ -43,9 +42,22 @@ $ sudo yum install gcc libffi-devel python-devel + Alternatives + ============ + + While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= + 3.1.5 + ----- + + * Added support for compilation on AIX. + * Dropped Python 2.6 and 3.3 support. + * Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -172,7 +184,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python - 2.6+, 3.3+, and PyPy 2.6+. + 2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -186,15 +198,21 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ + .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt + .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io + .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: License :: OSI Approved :: Apache Software License Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Programming Language :: Python :: 2 -Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.* +Provides-Extra: tests diff -Nru python-bcrypt-3.1.4/pyproject.toml python-bcrypt-3.1.5/pyproject.toml --- python-bcrypt-3.1.4/pyproject.toml 1970-01-01 00:00:00.000000000 +0000 +++ python-bcrypt-3.1.5/pyproject.toml 2018-12-12 00:46:59.000000000 +0000 @@ -0,0 +1,7 @@ +[build-system] +# Must be kept in sync with `setup_requirements` in `setup.py` +requires = [ + "setuptools", + "wheel", + "cffi>=1.1; python_implementation != 'PyPy'", +] diff -Nru python-bcrypt-3.1.4/README.rst python-bcrypt-3.1.5/README.rst --- python-bcrypt-3.1.4/README.rst 2017-10-11 12:07:42.000000000 +0000 +++ python-bcrypt-3.1.5/README.rst 2018-12-12 00:46:59.000000000 +0000 @@ -2,13 +2,13 @@ ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt -Modern password hashing for your software and your servers +Good password hashing for your software and your servers Installation @@ -34,9 +34,22 @@ $ sudo yum install gcc libffi-devel python-devel +Alternatives +============ + +While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= +3.1.5 +----- + +* Added support for compilation on AIX. +* Dropped Python 2.6 and 3.3 support. +* Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -163,7 +176,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python -2.6+, 3.3+, and PyPy 2.6+. +2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -177,3 +190,6 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ +.. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt +.. _`argon2_cffi`: https://argon2-cffi.readthedocs.io +.. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt diff -Nru python-bcrypt-3.1.4/setup.cfg python-bcrypt-3.1.5/setup.cfg --- python-bcrypt-3.1.4/setup.cfg 2017-10-11 12:10:25.000000000 +0000 +++ python-bcrypt-3.1.5/setup.cfg 2018-12-12 00:47:26.000000000 +0000 @@ -1,3 +1,6 @@ +[metadata] +license_file = LICENSE + [egg_info] tag_build = tag_date = 0 diff -Nru python-bcrypt-3.1.4/setup.py python-bcrypt-3.1.5/setup.py --- python-bcrypt-3.1.4/setup.py 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/setup.py 2018-12-12 00:46:59.000000000 +0000 @@ -200,17 +200,18 @@ author=__about__["__author__"], author_email=__about__["__email__"], + python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*", install_requires=[ CFFI_DEPENDENCY, SIX_DEPENDENCY, ], extras_require={ "tests": [ - "pytest>=3.2.1", + "pytest>=3.2.1,!=3.3.0", ], }, tests_require=[ - "pytest>=3.2.1", + "pytest>=3.2.1,!=3.3.0", ], package_dir={"": "src"}, @@ -221,16 +222,17 @@ zip_safe=False, classifiers=[ + "Development Status :: 5 - Production/Stable", + "License :: OSI Approved :: Apache Software License", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Programming Language :: Python :: 2", - "Programming Language :: Python :: 2.6", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", ], ext_package="bcrypt", diff -Nru python-bcrypt-3.1.4/src/bcrypt/__about__.py python-bcrypt-3.1.5/src/bcrypt/__about__.py --- python-bcrypt-3.1.4/src/bcrypt/__about__.py 2017-10-11 12:07:42.000000000 +0000 +++ python-bcrypt-3.1.5/src/bcrypt/__about__.py 2018-12-12 00:46:59.000000000 +0000 @@ -26,7 +26,7 @@ __summary__ = "Modern password hashing for your software and your servers" __uri__ = "https://github.com/pyca/bcrypt/" -__version__ = "3.1.4" +__version__ = "3.1.5" __author__ = "The Python Cryptographic Authority developers" __email__ = "cryptography-dev@python.org" diff -Nru python-bcrypt-3.1.4/src/bcrypt/__init__.py python-bcrypt-3.1.5/src/bcrypt/__init__.py --- python-bcrypt-3.1.4/src/bcrypt/__init__.py 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/src/bcrypt/__init__.py 2018-12-12 00:46:59.000000000 +0000 @@ -22,8 +22,7 @@ import six -from bcrypt import _bcrypt - +from . import _bcrypt from .__about__ import ( __author__, __copyright__, __email__, __license__, __summary__, __title__, __uri__, __version__, @@ -134,7 +133,9 @@ "Warning: bcrypt.kdf() called with only {0} round(s). " "This few is not secure: the parameter is linear, like PBKDF2.") .format(rounds), - UserWarning) + UserWarning, + stacklevel=2, + ) key = _bcrypt.ffi.new("uint8_t[]", desired_key_bytes) res = _bcrypt.lib.bcrypt_pbkdf( diff -Nru python-bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO python-bcrypt-3.1.5/src/bcrypt.egg-info/PKG-INFO --- python-bcrypt-3.1.4/src/bcrypt.egg-info/PKG-INFO 2017-10-11 12:10:25.000000000 +0000 +++ python-bcrypt-3.1.5/src/bcrypt.egg-info/PKG-INFO 2018-12-12 00:47:26.000000000 +0000 @@ -1,23 +1,22 @@ -Metadata-Version: 1.1 +Metadata-Version: 2.1 Name: bcrypt -Version: 3.1.4 +Version: 3.1.5 Summary: Modern password hashing for your software and your servers Home-page: https://github.com/pyca/bcrypt/ Author: The Python Cryptographic Authority developers Author-email: cryptography-dev@python.org License: Apache License, Version 2.0 -Description-Content-Type: UNKNOWN Description: bcrypt ====== .. image:: https://img.shields.io/pypi/v/bcrypt.svg - :target: https://pypi.python.org/pypi/bcrypt/ + :target: https://pypi.org/project/bcrypt/ :alt: Latest Version .. image:: https://travis-ci.org/pyca/bcrypt.svg?branch=master :target: https://travis-ci.org/pyca/bcrypt - Modern password hashing for your software and your servers + Good password hashing for your software and your servers Installation @@ -43,9 +42,22 @@ $ sudo yum install gcc libffi-devel python-devel + Alternatives + ============ + + While bcrypt remains a good choice for password storage depending on your specific use case you may also want to consider using scrypt (either via `standard library`_ or `cryptography`_) or argon2id via `argon2_cffi`_. + Changelog ========= + 3.1.5 + ----- + + * Added support for compilation on AIX. + * Dropped Python 2.6 and 3.3 support. + * Switched to using ``abi3`` wheels for Python 3. If you are not getting a + wheel on a compatible platform please upgrade your ``pip`` version. + 3.1.4 ----- @@ -172,7 +184,7 @@ ------------- This library should be compatible with py-bcrypt and it will run on Python - 2.6+, 3.3+, and PyPy 2.6+. + 2.7, 3.4+, and PyPy 2.6+. C Code ------ @@ -186,15 +198,21 @@ identify a vulnerability, we ask you to contact us privately. .. _`same security policy as cryptography`: https://cryptography.io/en/latest/security/ + .. _`standard library`: https://docs.python.org/3/library/hashlib.html#hashlib.scrypt + .. _`argon2_cffi`: https://argon2-cffi.readthedocs.io + .. _`cryptography`: https://cryptography.io/en/latest/hazmat/primitives/key-derivation-functions/#cryptography.hazmat.primitives.kdf.scrypt.Scrypt Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: License :: OSI Approved :: Apache Software License Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Classifier: Programming Language :: Python :: 2 -Classifier: Programming Language :: Python :: 2.6 Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.3 Classifier: Programming Language :: Python :: 3.4 Classifier: Programming Language :: Python :: 3.5 Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.* +Provides-Extra: tests diff -Nru python-bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt python-bcrypt-3.1.5/src/bcrypt.egg-info/requires.txt --- python-bcrypt-3.1.4/src/bcrypt.egg-info/requires.txt 2017-10-11 12:10:25.000000000 +0000 +++ python-bcrypt-3.1.5/src/bcrypt.egg-info/requires.txt 2018-12-12 00:47:26.000000000 +0000 @@ -2,4 +2,4 @@ six>=1.4.1 [tests] -pytest>=3.2.1 +pytest!=3.3.0,>=3.2.1 diff -Nru python-bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt python-bcrypt-3.1.5/src/bcrypt.egg-info/SOURCES.txt --- python-bcrypt-3.1.4/src/bcrypt.egg-info/SOURCES.txt 2017-10-11 12:10:25.000000000 +0000 +++ python-bcrypt-3.1.5/src/bcrypt.egg-info/SOURCES.txt 2018-12-12 00:47:26.000000000 +0000 @@ -2,6 +2,8 @@ LICENSE MANIFEST.in README.rst +pyproject.toml +setup.cfg setup.py tox.ini src/build_bcrypt.py diff -Nru python-bcrypt-3.1.4/src/_csrc/portable_endian.h python-bcrypt-3.1.5/src/_csrc/portable_endian.h --- python-bcrypt-3.1.4/src/_csrc/portable_endian.h 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/src/_csrc/portable_endian.h 2018-12-12 00:46:59.000000000 +0000 @@ -180,6 +180,35 @@ # define be64toh(x) BE_64(x) # define le64toh(x) LE_64(x) +#elif defined _AIX /* AIX is always big endian */ +# define be64toh(x) (x) +# define be32toh(x) (x) +# define be16toh(x) (x) +# define le32toh(x) \ + ((((x) & 0xff) << 24) | \ + (((x) & 0xff00) << 8) | \ + (((x) & 0xff0000) >> 8) | \ + (((x) & 0xff000000) >> 24)) +# define le64toh(x) \ + ((((x) & 0x00000000000000ffL) << 56) | \ + (((x) & 0x000000000000ff00L) << 40) | \ + (((x) & 0x0000000000ff0000L) << 24) | \ + (((x) & 0x00000000ff000000L) << 8) | \ + (((x) & 0x000000ff00000000L) >> 8) | \ + (((x) & 0x0000ff0000000000L) >> 24) | \ + (((x) & 0x00ff000000000000L) >> 40) | \ + (((x) & 0xff00000000000000L) >> 56)) +# ifndef htobe64 +# define htobe64(x) be64toh(x) +# endif +# ifndef htobe32 +# define htobe32(x) be32toh(x) +# endif +# ifndef htobe16 +# define htobe16(x) be16toh(x) +# endif + + #else # error platform not supported diff -Nru python-bcrypt-3.1.4/tests/test_bcrypt.py python-bcrypt-3.1.5/tests/test_bcrypt.py --- python-bcrypt-3.1.4/tests/test_bcrypt.py 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/tests/test_bcrypt.py 2018-12-12 00:46:59.000000000 +0000 @@ -400,7 +400,9 @@ b"\x43\x66\x6c\x9b\x09\xef\x33\xed\x8c\x27\xe8\xe8\xf3\xe2\xd8\xe6" ]]) def test_kdf(rounds, password, salt, expected): - derived = bcrypt.kdf(password, salt, len(expected), rounds) + derived = bcrypt.kdf( + password, salt, len(expected), rounds, ignore_few_rounds=True + ) assert derived == expected diff -Nru python-bcrypt-3.1.4/tox.ini python-bcrypt-3.1.5/tox.ini --- python-bcrypt-3.1.4/tox.ini 2017-10-11 11:51:28.000000000 +0000 +++ python-bcrypt-3.1.5/tox.ini 2018-12-12 00:46:59.000000000 +0000 @@ -1,5 +1,5 @@ [tox] -envlist = py26,py27,pypy,py33,py34,py35,py36,pep8,py3pep8,packaging +envlist = py27,pypy,py34,py35,py36,py37,pep8,py3pep8,packaging [testenv] extras = @@ -37,6 +37,7 @@ [flake8] +ignore = W504 exclude = .tox,*.egg select = E,W,F,N,I application-import-names = bcrypt,tests