| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
No more %-strings. Kill off all __i18n_templates__ hacks.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
scheme. Fix mmsitepass and test cases accordingly. Details:
- set_global_password(): Instead of taking a string for 'scheme' argument,
take None and then coerce that into passwords.Schemes.ssha
- Add a base PasswordError and a BadPasswordSchemeError error that derives
from that. For consistency, multiply inherit MMBadPasswordError and
MMPasswordsMustMatch from PasswordError.
- Add a passwords.lookup_scheme() method which turns scheme_names into scheme
enum constants. It returns None if the lookup fails.
- passwords.py: change the internal representation of _SCHEMES_BY_TAG
dictionary to map scheme names to scheme enum values. Change internal uses
of this dictionary to then turn those enum values into hash classes, or
whatever else we need.
- make_secret(): Raise BadPasswordSchemeErrorif the given schema (which should
be an enum value) is invalid.
- TestBase.tearDown(): Clear out any <site> locks that might hang around after
a test case runs.
|
| |
|
|
|
|
|
|
|
|
| |
emum.py:
'cls' is used instead of 'self'
mmsitepass.py:
SCHEMES -> Schemes
passwords.py:
make_secret is called with 'scheme' in string.
decode() of challenge string fails if it is unicode.
|
| |
|
|
|
|
|
|
|
|
| |
I put it in $var-prefix.
mmsitepass.py ... parseargs() fails because config is not
loaded before initialize(config).
passwords.make_secret() should be called.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
First off, there are several password hashing schemes added including SHA,
salted-SHA, and RFC 2989 PBKDF2 (contributed by Bob Fleck). Then we encode
the password using RFC 2307 style syntax. At least I think: specifically
things like the PRF and iteration count for PBKDF2 are encoded the way I
/think/ is intended for RFC 2307 but I could be wrong. Seems darn hard to
find definitive information about that.
In any event, even though CLEARTEXT passwords are supported, they are mostly
deprecated, even for user passwords. It also allows us to easily update all
passwords to a new hashing scheme when the existing schemes get cracked. The
default scheme (specified in Defaults.py.in) is salted-SHA with a 20 byte salt
(the salt length and PBKDF2 iteration counts can only be specified in the
passwords.py file).
These hashed passwords are used for user passwords, list owner and moderator
passwords, and site and list creator passwords.
Of course this means that user password reminders are impossible now. They've
been ripped out of the code for a while, but now we'll need to implement
password resets since user passwords cannot be recovered.
bin/export has had several changes:
- export no longer converts to dollar strings. Were assuming dollar strings
are used by default for all new lists and any imported lists will already be
converted to dollar strings.
- Likewise, rip out the password scheme stuff, since cleartext passwords can
never be exported, so we might as well always include the member's hashed
password.
- Fix exporting to stdout when that stream can only handle ascii by wrapping
stdout in a utf-8 codec writer.
Other changes:
- add a missing import to HTTPRunner.py
- Convert GUIBase.py to use Defaults.* for constants instead of mm_cfg.*
- Remove pre-Python 2.4 compatibility from Utils.py. We've already said
Python 2.4 will be a minimum requirement.
- Change the permissions on the global password file. The default 007 umask
is used and should be good enough.
- bin/newlist adds the ability to specify the password scheme (or list the
available schemes) for the list owner password. It is not possible to set
the scheme on a per-list basis. bin/mmsitepass does the same, but for the
site and list creator passwords.
- Fix a nasty problem with bin/import. The comment in the code says it best:
# XXX Here's what sucks. Some properties need to have
# _setValue() called on the gui component, because those
# methods do some pre-processing on the values before they're
# applied to the MailList instance. But we don't have a good
# way to find a category and sub-category that a particular
# property belongs to. Plus this will probably change. So
# for now, we'll just hard code the extra post-processing
# here. The good news is that not all _setValue() munging
# needs to be done -- for example, we've already converted
# everything to dollar strings.
- Set the 'debug' logger to logging.DEBUG level. It doesn't seem to make much
sense for the debugging log to ignore debug messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bin/withlist: If there's no '@' in the listname, append the DEFAULT_EMAIL_HOST
so we always get a fully qualified list name.
bin/mmsitepass: plumb through -C/--config switch and be sure to call
config.load().
Convert Mailman/MTA/Postfix.py to configuration.config, and update MTA/Manual.
In mailman/Cgi/create, we can't convert straight from a string to a bool,
because bool('0') is True. We need to go through int first.
MailList.InitTempVars(): The logic here looked weird because we could get
'name' = None and that would break. Assume name is never None.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
require Python to be at least 2.3.0
Convert all scripts/* scripts (except driver) to use the
symlink-to-bin/mmshell trick.
For now (since we're debugging more often than releasing), set STEALTH_MODE to
False in scripts/driver. We need to remember to turn this back to True when
we start getting closer to releases!
In the various scripts, er, Mailman/bin scripts, convert them to $-strings for
i18n substitution, and clean up imports. Also, get rid of the crufty Emacs
-*- line, which is no longer needed now that the files end in .py.
Get rid of lots of unnecessary svn:executable properties.
Remove an unnecessary import from Mailman/bin/disabled.py
|
|
|
use optparse. Update newlist and rmlist to get their version string entirely
from mm_cfg.MAILMAN_VERSION instead of having to build that string up each
time.
Fix the symlink source in the Makefile.in.
Remove b4b5-archfix entirely.
|
