innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/contrib/auth
History
Ade Lee d10c7bfe56 Fixed #28401 -- Allowed hashlib.md5() calls to work with FIPS kernels. 
md5 is not an approved algorithm in FIPS mode, and trying to instantiate
a hashlib.md5() will fail when the system is running in FIPS mode.

md5 is allowed when in a non-security context. There is a plan to add a
keyword parameter (usedforsecurity) to hashlib.md5() to annotate whether
or not the instance is being used in a security context.

In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.

Some downstream python versions already support this parameter. To
support these versions, a new encapsulation of md5() has been added.
This encapsulation will pass through the usedforsecurity parameter in
the case where the parameter is supported, and strip it if it is not.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
 		2021-10-12 08:58:27 +02:00
..
handlers Refs #27795 -- Removed force_bytes() usage in contrib/auth/handlers/modwsgi.py. 2018-09-26 11:16:59 -04:00
locale Updated source translation catalogs. 2021-09-21 13:40:07 +02:00
management Fixed #33178 -- Made createsuperuser validate required fields passed in options in interactive mode. 2021-10-12 08:08:05 +02:00
migrations Refs #32675 -- Removed to_field from ForeignKeys in contrib apps' migrations. 2021-04-29 07:46:22 +02:00
templates Refs #30585 -- Updated project templates and tests to use (block)translate tags. 2019-12-18 13:15:38 +01:00
__init__.py Refs #27468 -- Removed support for the pre-Django 3.1 user sessions. 2021-01-14 17:50:04 +01:00
admin.py Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value. 2021-05-20 07:04:26 +02:00
apps.py Fixed #31007 -- Allowed specifying type of auto-created primary keys. 2020-12-15 11:25:46 +01:00
backends.py Removed redundant definition of UserModel in ModelBackend.with_perm(). 2021-08-09 10:36:55 +02:00
base_user.py Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting. 2021-01-14 17:50:04 +01:00
checks.py Fixed #32121 -- Fixed detecting uniqueness of USERNAME_FIELD when using Meta.constraints. 2020-10-20 07:23:51 +02:00
common-passwords.txt.gz Fixed #29952 -- Lowercased all passwords in contrib.auth's auth/common-passwords.txt.gz. 2018-11-15 14:11:03 -05:00
context_processors.py Refs #24121 -- Added __repr__() to PermWrapper. 2021-05-28 08:03:23 +02:00
decorators.py Removed unnecessary trailing commas and spaces in various code. 2017-12-28 21:07:29 +01:00
forms.py Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget. 2021-05-19 20:34:57 +02:00
hashers.py Fixed #28401 -- Allowed hashlib.md5() calls to work with FIPS kernels. 2021-10-12 08:58:27 +02:00
middleware.py Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
mixins.py Fixed #31443 -- Fixed login redirection in auth mixins when LOGIN_URL is off-site URL. 2020-06-23 10:38:35 +02:00
models.py Refs #26445 -- Allowed using UserManager.create_user()/create_superuser() in migrations. 2020-07-06 11:47:22 +02:00
password_validation.py Fixed #32316 -- Deferred accessing __file__. 2021-04-01 14:33:30 +02:00
signals.py Fixed #31327 -- Deprecated providing_args argument for Signal. 2020-03-05 09:38:52 +01:00
tokens.py Fixed #32664 -- Made PasswordResetTokenGenerator.secret validation lazy. 2021-04-20 07:34:53 +02:00
urls.py Fixed comment in django/contrib/auth/urls.py. 2020-06-10 08:39:09 +02:00
validators.py Fixed #30257 -- Made UsernameValidators prohibit trailing newlines. 2019-03-22 13:16:25 -04:00
views.py Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00