lp:~openerp-groupes/openobject-addons/enhance_base_crypt_trunk

Created by Julien Thewys on 2011-02-24 and last modified on 2011-03-13
Get this branch:
bzr branch lp:~openerp-groupes/openobject-addons/enhance_base_crypt_trunk
Members of OpenERP Groupe S can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
OpenERP Groupe S
Project:
Odoo Addons (MOVED TO GITHUB)
Status:
Development

Recent revisions

4422. By Julien Thewys on 2011-03-13

[REF] Simplify test for correctness and moved to YAML file.

Note: this test is more akin to a unit test. We should not need to refer to a
model in the !python block and we should not need to import the module we are
in.

4421. By Julien Thewys on 2011-02-28

[FIX] base_crypt: speedup: hmac.HMAC in Python 2.5 is 10 times slower than in 2.6

4420. By Julien Thewys on 2011-02-24

[ADD] base_crypt: added new password crypting schema based on PBKDF2.

See http://en.wikipedia.org/wiki/PBKDF2 .
The schema is 5 times slower than the MD5 based one and takes 30ms on my laptop.
So it is not ready to use as long as we don't have authentication sessions
and/or as we don't batch XMLRPC together (since every XMLRPC request will
trigger the encryption and add 30ms to the latency).
When authentication sessions are ready, just update the value of
password_crypter.default_crypter .

4419. By Julien Thewys on 2011-02-24

[FIX] base_crypt: fixed ImportError

4418. By Julien Thewys on 2011-02-24

[REF] base_crypt: prepare to add a new cryptin schema.

4417. By Julien Thewys on 2011-02-24

[REF] base_crypt: big refactoring to allow new crypting schema.

The original crypting schema based on md5 is factored out, which makes the whole
thing clearer. It is also much easier to quickly check a raw password and its
hash with the interactive interpreter.

4416. By Julien Thewys on 2011-02-22

[REF] base_crypt: cosmetic, renaming

4415. By Julien Thewys on 2011-02-22

[FIX][REF] base_crypt: security fix: raw password is not a session id.

Raw password should not be cached (why would you delete it in set_pw then?).
Better to cache the whole encrypted password. It is more adaptable and we don't
need a dedicated salt cache anymore.

4414. By Julien Thewys on 2011-02-21

[FIX] base_crypt: do not return an excpetion, raise it

4413. By Julien Thewys on 2011-02-21

[REF] base_crypt: self.pool.get(self._name) is self

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:openobject-addons
This branch contains Public information 
Everyone can see this information.

Subscribers