IRC log of #zope for Sunday, 2011-02-20

« Saturday, 2011-02-19 Index Monday, 2011-02-21 »
*** goschtl has joined #zope00:05
*** daMaestro has joined #zope00:09
*** J1m_ has joined #zope00:13
*** goschtl has quit IRC00:16
*** daMaestro has quit IRC00:30
*** goschtl has joined #zope00:38
*** zenwryly has joined #zope00:39
*** J1m_ has quit IRC00:40
*** daMaestro has joined #zope00:43
*** goschtl has quit IRC00:47
*** ccomb has quit IRC01:09
*** mr_jolly has quit IRC01:09
*** mr_jolly has joined #zope01:16
*** lcpfnyvc has quit IRC02:07
*** lcpfnyvc has joined #zope02:08
*** Arfrever has quit IRC02:20
*** MrTango has quit IRC02:36
*** d2m has quit IRC02:47
*** J1m_ has joined #zope02:57
*** mr_jolly has quit IRC03:01
*** gwik has quit IRC04:22
*** daMaestro has quit IRC04:22
*** chaoflow_ is now known as chaoflow04:55
*** purserj has joined #zope05:17
*** davisagli has quit IRC07:10
*** davisagli has joined #zope07:11
*** sm has quit IRC07:31
*** dayne has quit IRC08:06
*** hever has quit IRC08:59
*** digitalmortician has quit IRC09:14
*** tiwula has quit IRC09:26
*** d2m has joined #zope09:37
*** goschtl has joined #zope09:52
*** goschtl has quit IRC10:07
*** mcdonc has quit IRC10:19
*** zagy has joined #zope10:26
*** planetzopebot has quit IRC10:33
*** planetzopebot has joined #zope10:34
*** d2m has quit IRC11:00
*** d2m has joined #zope11:14
*** ccomb has joined #zope11:19
*** d2m has quit IRC11:30
*** cpf_ has joined #zope11:32
CIA-85zagy * r120456 /Acquisition/branches/zagy-unicode-should-be-called: remove completed bug fix branch (released in 2.13.6)11:37
*** nebo has joined #zope12:00
*** nebo has quit IRC12:17
*** digitalmortician has joined #zope12:27
*** nebo has joined #zope12:33
*** nebo has quit IRC12:48
CIA-85hannosch 2.12 * r120457 Zope/include: Update AQ external12:49
*** Ariel_Calzada has joined #zope13:07
*** mr_jolly has joined #zope13:14
*** TomBlockley has joined #zope13:43
*** MrTango has joined #zope13:50
CIA-85mj * r120458 zope.password/ (5 files in 2 dirs):13:51
CIA-85Add a 'match' method to the IPasswordManager interface, which returns True if a given password hash was encdoded with the scheme implemented by the specific manager.13:51
CIA-85Note that the plain-text manager always returns False for this method, as the alternative is to always return True and thus also validate hashed password against their literal values, a security risk.13:51
*** nitrogenycs has joined #zope13:54
*** m8 has joined #zope13:54
*** TomBlockley has quit IRC13:57
CIA-85mj * r120459 zope.password/ (src/zope/password/password.py CHANGES.txt):14:46
CIA-85Use {SHA} instead of {SHA1} to be compatible with LDAP (RFC 2307).14:46
CIA-85We still support checking against password hashes prefixed with {SHA1}.14:46
*** zagy has quit IRC14:57
*** d2m has joined #zope15:06
*** d2m has quit IRC15:17
*** digitalmortician has quit IRC15:23
*** digitalmortician has joined #zope15:35
*** J1m_ has joined #zope15:37
CIA-85mj * r120460 zope.password/src/zope/password/password.py: Clean up SSHA test, turning a redundant test into something that actually covers the issue at hand.15:53
CIA-85mj * r120461 zope.password/ (5 files in 3 dirs): Add a crypt password manager.15:53
*** nebo has joined #zope15:54
*** hever has joined #zope15:58
*** hever has quit IRC16:01
*** hever has joined #zope16:02
*** bigkevmcd has quit IRC16:04
*** TheJester has quit IRC16:16
*** TheJester has joined #zope16:16
*** hever has quit IRC16:22
*** hever has joined #zope16:28
*** hever has quit IRC16:30
*** sm has joined #zope16:42
CIA-85mj * r120462 zope.password/ (4 files in 2 dirs):16:49
CIA-85Port AccessControl.AuthEncoding.MySQLDigestScheme to zope.password.16:49
CIA-85This is very much a legacy scheme, encoding to a very weak 16 bit hash with no salt support.16:49
CIA-85mj * r120463 zope.password/ (8 files in 2 dirs):16:49
CIA-85Keep things backwards compatible by creating an extended interface.16:49
CIA-85By moving the match method to a IMatchingPasswordManager, we keep the original interface unchanged and thus backwards compatible. Users of zope.password that require the new functionality can test for the new interface.16:49
CIA-85mj * r120464 zope.password/README.txt: Correct spelling.16:49
CIA-85mj * r120465 zope.password/README.txt: Add the 2 new legacy managers to the readme.16:49
*** zenwryly has quit IRC16:49
*** Arfrever has joined #zope16:59
*** Ariel_Calzada has quit IRC17:08
*** seppo14 has joined #zope17:09
*** supton has joined #zope17:10
*** Ariel_Calzada has joined #zope17:13
*** River_Rat has joined #zope17:16
*** River-Rat has quit IRC17:18
*** seppo14 has left #zope17:25
*** mlechner has joined #zope17:25
*** alexmorega has joined #zope17:45
*** supton has quit IRC17:53
*** agroszer has joined #zope18:07
*** agroszer has quit IRC18:08
*** mlechner has quit IRC18:13
*** supton has joined #zope18:26
*** sm_ has joined #zope18:34
*** sm has quit IRC18:38
*** sm_ is now known as sm18:38
CIA-85mj * r120466 zope.password/ (src/zope/password/password.py CHANGES.txt README.txt):18:57
CIA-85Remove the completely useless 'cosmetic' salt from the MD5 manager.18:57
CIA-85The generated salt was not being used to generate the actual hash and had no18:57
CIA-85cryptographic meaning. It only served to make the output incompatible with18:57
CIA-85RFC 2307 MD5 implementations. Any encoded input with the salt still in place are still supported for password checks.18:57
CIA-85mj * r120467 zope.password/src/zope/password/password.py: Remove now redundant test.18:57
CIA-85mj * r120468 zope.password/ (src/zope/password/password.py CHANGES.txt README.txt): Remove the 'cosmetic' salt from the SHA1 implementation as well, update docs.18:57
CIA-85mj * r120469 zope.password/src/zope/password/password.py:18:57
CIA-85LDAP does not use the URL-safe base64 encoding! See http://www.openldap.org/faq/data/cache/347.html.18:57
CIA-85Correct to use the standard encoding instead.18:57
CIA-85mj * r120470 zope.password/ (src/zope/password/password.py CHANGES.txt):18:57
CIA-85Maintain backwards compatibility to older hashes encoded with urlsafe.18:57
CIA-85Update documentation as well.18:57
CIA-85mj * r120471 zope.password/src/zope/password/password.py:18:57
CIA-85Newly generated slappasswd example with / and + to test base64 assertions.18:57
CIA-85Note that with a different salt there are / and + characters in the slappasswd output showing that the urlsafe_base64 assumption from before is incorrect.18:57
CIA-85mj * r120472 zope.password/src/zope/password/password.py:18:57
CIA-85Correct slappasswd test to actually use the new salt, and fix urlsafe case.18:57
CIA-85The urlsafe backwards compatible mode is now covered with a test and actually works.18:57
*** nijan has joined #zope19:06
nijanHello, I have googled for "Zope2 or Zope3", but even the wiki in zope.org contains recommandations from 2007. It says site builders who want to get sites up and running quickly, with a lot of ready-made add-ons to choose from, should choose Zope 2, but keep an eye on Zope 3 and try to use its practices where possible.19:09
nijanIs this advice still valuable or after 4 years I should go for Zope3? Basically, I need plone and add-ons, but I see that plone now supports zope3.19:10
*** menesis has joined #zope19:16
*** nijan has quit IRC19:21
*** mcdonc has joined #zope19:30
*** tiwula has joined #zope19:44
*** supton has quit IRC19:44
*** davisagli has quit IRC19:45
*** davisagli has joined #zope19:46
*** d2m has joined #zope19:56
*** alexmorega has quit IRC20:02
*** mustard has joined #zope20:52
*** Theuni1 has quit IRC20:55
*** J1m_ has quit IRC21:03
*** mustard has quit IRC21:16
*** hever has joined #zope21:38
*** tiwula has quit IRC21:51
CIA-85mj * r120473 zope.password/ (src/zope/password/password.py CHANGES.txt):21:51
CIA-85Make SHA and MD5 output compatible with LDAP schemes.21:51
CIA-85This means using base64 output instead of hexdigests. We still support checking passwords against the old format.21:51
CIA-85mj * r120474 zope.password/CHANGES.txt: typo.21:51
*** RaceCondition has joined #zope22:14
*** menesis has quit IRC22:14
RaceConditionI couldn't find any information on how to use zope.tal in a non-zope app22:15
*** menesis has joined #zope22:16
*** Theuni1 has joined #zope22:19
*** menesis has quit IRC22:19
*** menesis has joined #zope22:19
*** mustard has joined #zope22:25
*** hever has quit IRC22:28
*** hever has joined #zope22:31
*** menesis has quit IRC22:45
*** menesis1 has joined #zope22:46
*** menesis1 is now known as menesis22:46
*** goschtl has joined #zope22:46
*** menesis has quit IRC22:47
*** menesis has joined #zope22:48
*** Theuni1 has quit IRC22:49
*** nitrogenycs has quit IRC23:04
*** nitrogenycs has joined #zope23:05
*** d2m has quit IRC23:17
*** goschtl has quit IRC23:20
*** J1m_ has joined #zope23:30
*** ccomb has quit IRC23:33
CIA-85thefunny42 * r120475 /grokcore.view/branches/sylvain-template-warning-improvements: Branch to improve the number of unassociated template warning23:34
CIA-85thefunny42 sylvain-template-warning-improvements * r120476 grokcore.view/ (6 files in 2 dirs): Add an ignoreTemplate ZCML directive.23:34
*** davisagli has quit IRC23:44
*** davisagli has joined #zope23:45
*** J1m_ has quit IRC23:48
*** J1m_ has joined #zope23:53
« Saturday, 2011-02-19 Index Monday, 2011-02-21 »

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!