Replace crypt module with passlib #2108
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Chris-Peterson444
force-pushed
the
crypt-alternative-for-dryrun
branch
2 times, most recently
from
5cba20c
to
6869fb0
Compare
Chris-Peterson444
changed the title
Chris-Peterson444
force-pushed
the
crypt-alternative-for-dryrun
branch
from
7573b31
to
226bde3
Compare
ogayot
reviewed
Nov 3, 2024
Chris-Peterson444
force-pushed
the
crypt-alternative-for-dryrun
branch
from
226bde3
to
64d4a86
Compare
|
I think reviewing by commit makes sense still, but we can probably just squash all three commits now once we're happy with the changes. |
ogayot
approved these changes
Nov 7, 2024
dbungert
approved these changes
Nov 7, 2024
|
Just tested this on an Oracular install and I was able to login as expected. Based on some out-of-band discussion, I'm going to keep all three commits for historical accuracy but I'll update the commit messages so they're a little more interesting. |
The `crypt` module was deprecated in python3.11 and officially removed in python3.13. This commit introduces equivalent functionality using the `passlib` module instead. The `passlib` module is listed directly in the python documentation as a replacement for the `crypt` module[0]. Additionally, this module is already provided by the `python3-passlib` package in main. The main functionality of `crypt_password` is not replaced in this commit. Instead, this commit acts more as a transient commit to demonstrate that, given the right parameters, we can use `passlib` to provide equivalent functionality compared with what we expected from the `crypt`-based implementation. [0] https://docs.python.org/3.12/library/crypt.html
Replace usage of the `crypt` module from the stdlib with `passlib`, which is provided by the python3-passlib (main) package. Follow-up to the previous commit which introduced the `passlib`-based functionality, and now switches `crypt_password` over to using it. The equivalence between the two implementations can be further demonstrated by the canary test passing with just the previous commit and also passing with this one.
Chris-Peterson444
force-pushed
the
crypt-alternative-for-dryrun
branch
from
64d4a86
to
f1e62f2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In python3.13, the crypt submodule will be removed from the standard library. This won't affect snap builds until core26, but makes dryrun testing difficult. This PR introduces some logic to shell out to perl to compute the hash in dry-run mode only.Replace
cryptmodule usage with thepasslibmodule, which is provided by thepython3-passlibpackage. The package is already in Main and doesn't appear to have any open CVEs. This will fix the issue when trying to import thecryptmodule in python3.13 or later, where it was finally removed.