Merge branch 'release-0.9'

.gitignore

@@ -15,3 +15,4 @@ htmlcov/*
 secret.txt
 .tox
 *~
+.vagrant*

.travis.yml

@@ -1,6 +1,5 @@
 language: python
 python:
-  - 2.7
   - 3.4 
   - 3.5
 

ChangeLog

@@ -1,3 +1,9 @@
+2016-August-09 Oz Nahum Tiram <oz.tiram@gmail.com>
+	* Release 0.9.0	
+	* Completely drop Python2 support
+	* Migration from PyCrypto to Cryptography completed
+	  Note that this breaks compatablity with earlier versions.
+
 2016-July-16 Oz Nahum Tiram <oz.tiram@gmail.com>
 	* Release 0.8.1 - Tag only, not on pypi
 	* Fixes of Python2 - Python3 compatablity issues

docs/general_notes.txt

@@ -65,20 +65,7 @@ finally you should step into:
 # upload  
 
   twine upload dist/pwman.tar.gz
-
-# PyCrypto Alternatives:
-
-  * http://wiki.yobi.be/wiki/PyCryptoPlus#Differences_with_pycrypto
-  *  http://brandon.sternefamily.net/2007/06/aes-tutorial-python-implementation/
-  * puresalsa20 - not document so good
-  * http://code.google.com/p/pycrypt/
-  * https://github.com/trevp/tlslite/tree/master/tlslite/utils
-  * seems like the best next standard, but very young:
-    https://github.com/alex/cryptography
-  * another salsa Alternative: www.seanet.com/~bugbee/crypto/salsa20/salsa20.pyb
 
-# for windows port: https://pypi.python.org/pypi/colorama
-
 # db ... https://github.com/coleifer/peewee
          http://sqlobject.org/
          http://www.sqlalchemy.org/

docs/source/configuration.rst

@@ -31,43 +31,53 @@ The following is an example default config file::
     [Database]
     filename = sqlite:///<PWMAN_CONFIG>/pwman.db`
     
+    [Updater]
+    supress_version_check = no
+    client_info = ee5cd64310568736b971e3fb7c7064a4459b99a2b78672515fd0f06c82f65d5
+
 
 Following is a table describing the parameters and their meanings:
 
 
-    ===========   ===========
-    **Section**   *Readline* 
-    -----------   -----------
-                  *Global*
-    history       path to the file containing history of commands typed
-    -----------   -----------
-    **Section**   *Global* 
-    -----------   -----------
-    save          True or False - whether the Configuring file should be saved
-    -----------   -----------
-    colors        yes or no - If set to *no*, no colors used in output. This is useful for breil terminals. 
-    -----------   -----------
-    cp_timeout    Number of seconds before the clipboard is erased.
-    -----------   -----------
-    cls_timeout   Number of seconds before the screen is clean after a print.
-    -----------   -----------
-    umask         The umask in which database and configuration files are written.
-    -----------   -----------
-    xsel          path to the xsel binary (Linux\BSD only) 
-    -----------   -----------
-    **Section**   *Database* 
-    -----------   -----------
-    dburi         Database URI conforming to `RFC3986`_. SQLite, Postgreql, 
-                  MySQL and MongoDB are currently supported. 
-
-                  SQLite example: `sqlite:///path/to/your/db`
-
-                  Postgreql example: `postgresql://<user>:<pass>@<host[:port]>/<database>`
-
-                  MySQL example:     `mysql://<user>:<pass>@<host[:port]>/<database>`
-
-                  MongoDB example:   `mongodb://<user>:<pass>@<host[:port]>/<database>`
-    ===========   ===========
+    =====================    ===========
+    **Section**              *Readline* 
+    ---------------------    -----------
+                             *Global*
+    history                  path to the file containing history of commands typed
+    ---------------------    -----------
+    **Section**              *Global* 
+    ---------------------    -----------
+    save                     True or False - whether the Configuring file should be saved
+    ---------------------    -----------
+    colors                   yes or no - If set to *no*, no colors used in output. This is useful for breil terminals. 
+    ---------------------    -----------
+    cp_timeout               Number of seconds before the clipboard is erased.
+    ---------------------    -----------
+    cls_timeout              Number of seconds before the screen is clean after a print.
+    ---------------------    -----------
+    umask                    The umask in which database and configuration files are written.
+    ---------------------    -----------
+    xsel                     path to the xsel binary (Linux\BSD only) 
+    ---------------------    -----------
+    **Section**              *Database* 
+    ---------------------    -----------
+    dburi                    Database URI conforming to `RFC3986`_. SQLite, Postgreql, 
+                             MySQL and MongoDB are currently supported. 
+
+                             SQLite example: `sqlite:///path/to/your/db`
+
+                             Postgreql example: `postgresql://<user>:<pass>@<host[:port]>/<database>`
+
+                             MySQL example:     `mysql://<user>:<pass>@<host[:port]>/<database>`
+
+                             MongoDB example:   `mongodb://<user>:<pass>@<host[:port]>/<database>`
+    ---------------------    -----------
+    **Section**              *Updater*
+    ---------------------    -----------
+    supress_version_check    yes or no - check for newer versions of pwman3
+    ---------------------    -----------
+    client_info              sha256 digest of host name and username, used for identifying the client
+    =====================    ===========
 
 
 .. _RFC3986: http://www.ietf.org/rfc/rfc3986.txt

docs/source/index.rst

@@ -19,7 +19,7 @@ Contents:
 About pwman3:
 ^^^^^^^^^^^^^ 
 
-Pwman3 is a command line password manager for Python 2.7-3.X with support for 
+Pwman3 is a command line password manager for Python3 with support for 
 multiple databases.
 
 

docs/source/install.rst

@@ -13,6 +13,7 @@ Or you can install pwman3 cloning the repository and running::
 Inside the extraced directory. At the moment pypi still does not have 
 the latest version of pwman3.
 
+
 Upgrading from version 0.5.x
 ----------------------------
 
@@ -27,25 +28,46 @@ Once exported you should rename your old database, to keep a backup of it.
 Then you can install pwman3 in version 0.6.x or later as described above. When finished
 you can import your passwords from the CSV to a new database with::
 
-    $ pwman3 -i path_to_your_file.csv
+    $ pwman3 -i path_to_your_file.csv \;
 
+The `\;` tells the importer that the file is semi-colon separated.
 When the import is done, start pwman3 with::
     
     $ pwman3 
 
 If the import was success, erase the CSV file, which contains your passwords 
 in clear text.
 
+Upgrading from version 0.6 or later:
+------------------------------------
+
+Once again the latest release (version 0.9) breaks compatibility with earlier
+versions. As a user you might consider this an annoyance, which is understandable.
+However, older Pwman3 version used a very old cryptography library which is
+no longer actively maintained. With the migration of the code base to use
+the cryptography_ library, there was a necessary change of the underlying
+encryption algorithm. AES encryption with ECB mode was the old algorithm used, 
+which is by now considered outdated, and it was replaced with Fernet encryption
+which is considered best practice.
+
+To upgrade, follow the path described above to export your database to a CSV,
+and the import it.
+
 A Note about Python versions
 ----------------------------
 
-Pwman3 was tested on Python versions 2.7-3.x. However, du to subtle differences
-in PyCrypto, unicode and other stuff it is not recommended to use the same database
-with different Python versions. 
-Hence, if you are using Python version 2.7.x to run Pwman3 and later on you would 
-like to change your default Python interpreter to Python 3 serious, it is recommended
-that you export your database and re-import it to a new database created using Python 
-3.X . 
+Earlier versions of Pwman3 supported both Python2 and Python3 versions. This
+created a bit of an effort for maintaining version compatablity, and served
+as a migration path for future versions. Python 3 has been around now for quite
+a while, and soon enough, Python2 support will end. Python 3 is mature enough, 
+and offers many improvements for developers. Python 3.4 is included in all major
+modern Linux distributions.
+If you use a certain enterprise Linux versions which does not ship Python 3.3
+or later, the process for installing a newer Python versions is pretty straight
+forward and very well documented. You should opt for using newer Python versions
+for all your software if possible.
+
+If you want to learn more about why Python 3, see the following `Python3 statement`_
 
 Database versions 
 ----------------- 
@@ -58,3 +80,6 @@ The required python drivers are:
  * pymysql  version 0.6.6 
  * psycopg2 version 2.6
  * pymongo version 2.8
+
+.. _cryptography: https://cryptography.io
+.. _Python3 statement: https://python3statement.github.io/

docs/source/tutorial.rst

@@ -42,7 +42,7 @@ Most commands have a single or two letter alias which is easy to remember.
 
 As for a start you would probably like to store some passwords in your database, all 
 you need to do is type the command ``new`` (or the alias ``n``), and then insert the information
-as promted::
+as prompted::
 
     pwman> new
     Username: oz123
@@ -97,11 +97,11 @@ To see the content of a saved entry, you need to use the ``print`` command::
 
 Notice, that the ``print`` command expects an entry number as an argument. 
 After printing the content of the entry, pwman3 will wait for ``Enter`` to be 
-pressed or 5 seconds until it flushes the screen. This way, unautorized eyes 
+pressed or 5 seconds until it flushes the screen. This way, unauthorized eyes 
 can not browse your screen and see your password. You can always scroll up to 
 see the printed entry or print it again. 
 
-If you don't want to type passwords and urls constantly ``Pwman3`` comes with 
+If you don't want to type passwords and URLs constantly ``Pwman3`` comes with 
 two shortcut commands. The first shortcut is ``open``, when calling it with 
 an entry number it will open the URL in your default browser::
     

pwman/__init__.py

@@ -18,27 +18,36 @@
 # ============================================================================
 # Copyright (C) 2006 Ivan Kelly <ivan@ivankelly.net>
 # ============================================================================
-import os
 import argparse
+import http.client
+import os
+import pkg_resources
 import re
 import string
-import pkg_resources
+import sys
 from pwman.util import config
 from pwman.data.factory import check_db_version
 
+try:
+    import cryptography  # noqa
+    has_cryptography = True
+except ImportError:
+    has_cryptography = False
+
+
 appname = "pwman3"
 
 try:
     version = pkg_resources.get_distribution('pwman3').version
 except pkg_resources.DistributionNotFound:  # pragma: no cover
-        version = "0.8.1"
+    version = "0.9.0"
 
 
 class PkgMetadata(object):
 
     def __init__(self):
         p = pkg_resources.get_distribution('pwman3')
-        f = open(os.path.join(p.location+'-info','PKG-INFO'))
+        f = open(os.path.join(p.location+'-info', 'PKG-INFO'))
         lines = f.readlines()
         self.summary = lines[3].split(':')[-1].strip()
         self.description = ''.join(map(string.strip, lines[9:14]))
@@ -55,7 +64,7 @@ def __init__(self):
     long_description = pkg_meta.description
 except IOError as E:
     # this should only happen once when installing the package
-    description = "a command line password manager with support for multiple databases."
+    description = "a command line password manager with support for multiple databases."  # noqa
     website = 'http://pwman3.github.io/pwman3/'
 
 
@@ -73,16 +82,15 @@ def which(cmd):  # pragma: no cover
 
 
 def parser_options(formatter_class=argparse.HelpFormatter):  # pragma: no cover
-    parser = argparse.ArgumentParser(
-            prog='pwman3',
-            description=description,
-            formatter_class=formatter_class)
+    parser = argparse.ArgumentParser(prog='pwman3',
+                                     description=description,
+                                     formatter_class=formatter_class)
     parser.add_argument('-c', '--config', dest='cfile',
                         default=os.path.expanduser("~/.pwman/config"),
                         help='cofiguration file to read')
     parser.add_argument('-d', '--database', dest='dbase')
     parser.add_argument('-i', '--import', nargs=2, dest='file_delim',
-            help="Specify the file name and the delimeter type")
+                        help="Specify the file name and the delimeter type")
     return parser
 
 
@@ -105,13 +113,6 @@ def set_xsel(configp, OSX):
         configp.set_value("Global", "xsel", pbcopypath)
 
 
-#def set_win_colors(config):  # pragma: no cover
-#    try:
-#        if sys.platform.startswith('win'):
-#            colorama.init()
-#   except ImportError:  # when installing colorama is still not there
-#        pass
-
 def set_umask(configp):
     umask = configp.get_value("Global", "umask")
     if re.search(r'^\d{4}$', umask):
@@ -130,7 +131,6 @@ def get_conf_options(args, OSX):
     if not xselpath:  # pragma: no cover
         set_xsel(configp, OSX)
 
-    #set_win_colors(configp)
     set_db(args, configp)
     set_umask(configp)
     dburi = configp.get_value("Database", "dburi")
@@ -140,3 +140,29 @@ def get_conf_options(args, OSX):
 def get_db_version(config, args):
     dburi = check_db_version(config.get_value("Database", "dburi"))
     return dburi
+
+
+def calculate_client_info():  # pragma: no cover
+    import hashlib
+    import socket
+    from getpass import getuser
+    hashinfo = hashlib.sha256((socket.gethostname() + getuser()).encode())
+    hashinfo = hashinfo.hexdigest()
+    return hashinfo
+
+
+def is_latest_version(version, client_info):  # pragma: no cover
+    """check current version againt latest version"""
+    try:
+        conn = http.client.HTTPConnection("pwman.tiram.it", timeout=0.5)
+        conn.request("GET",
+                     "/is_latest/?current_version={}&os={}&hash={}".format(
+                         version, sys.platform, client_info))
+        r = conn.getresponse()
+        data = r.read()  # This will return entire content.
+        if data.decode().split(".") > version.split("."):
+            return None, False
+        else:
+            return None, True
+    except Exception as E:
+        return E, True