Branch: refs/heads/master Home: https://github.com/tribe29/checkmk Commit: 834eb08540f3d0981b70512017b1dc139afd21a2 https://github.com/tribe29/checkmk/commit/834eb08540f3d0981b70512017b1dc139… Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com> Date: 2022-09-21 (Wed, 21 Sep 2022) Changed paths: M cmk/gui/userdb/__init__.py M cmk/gui/userdb/htpasswd.py M cmk/utils/crypto/password_hashing.py M tests/unit/cmk/gui/test_userdb.py M tests/unit/cmk/gui/test_userdb_htpasswd_connector.py A tests/unit/cmk/utils/crypto/test_password_hashing.py Log Message: ----------- Redesign password hashing API The password hashing module now offers the three functions hash_password, sha256_crypt (deprecated), and verify (replacing check_password). The hashing functions no longer allow specifying the number of rounds, which was only used for test code. The tests now monkeypatch the number of rounds instead. verify will now raise a PasswordInvalidError rather than returning True or False. This makes it harder for using code to accidentally ignore failing verifications. The doctest have been moved to proper unit tests as they were not contributing to readability. Change-Id: If4efb707930743596668dd317c4f6b4a50dd69d9 Commit: dfe521099824d307d0e985c8aa722165b802f77b https://github.com/tribe29/checkmk/commit/dfe521099824d307d0e985c8aa722165b… Author: Hannes Rantzsch <hannes.rantzsch(a)tribe29.com> Date: 2022-09-21 (Wed, 21 Sep 2022) Changed paths: M cmk/utils/crypto/password_hashing.py M tests/testlib/pylint_checker_forbidden_objects.py M tests/unit/test_pylint_checker_forbidden_objects.py Log Message: ----------- pylint: forbid importing passlib directly passlib should remain isolated within cmk.utils.crypto.password_hashing. Use that module's exposed functions instead. Change-Id: Ie9dbe2bea3e600747a9bf34bce1ef43d00fb388f Compare: https://github.com/tribe29/checkmk/compare/d4be6c061587...dfe521099824