Implement password hash testing using new roundup-admin perftest.

Add new anypy/time_.py to provide a suitable definition for
perf_counter for python2 or 3.

Also update examples in upgrading.txt, man page, new translatable
strings in locale.

Author: rouilj

doc/upgrading.txt

@@ -204,21 +204,41 @@ older 10000 round hashed passwords. If ``migrate_passwords`` is
 set to ``yes``, passwords will be automatically re-hashed using
 the new higher value when the user logs in.
 
-This re-hashing might result in a slight delay (under 1
-second). If you see a large slowdown, check to see if you can
-execute::
+Increasing the number of rounds will slow down re-hashing. That's the
+whole point.  Sadly it will also slow down logins.  Usually the hash
+takes under 1 second, but if you are using a slow chip (e.g. an ARM V6
+at 700 bogo mips) it can take 30 seconds to compute the 2000000
+rounds. The slowdown is linear. So what takes .001 seconds at 10000
+rounds will take: ``2000000/10000 * .001 = 200 * .001`` seconds or 0.2
+seconds.
+
+You can see how long it will take by using the new ``roundup-admin``
+``perftest`` command. After you have finished migrating your database,
+run::
+
+   roundup-admin -i <tracker_home> perftest password rounds=10000
+
+and then::
+
+   roundup-admin -i <tracker_home> perftest password rounds=2,000,000
+
+so see the difference. Output from this command looks like::
+
+   Hash time: 0.203151849s scheme: PBKDF2 rounds: 10000
+
+If your testing reports a hash time in the 0.5 second range for 10000
+rounds, there may be another issue. See if executing::
 
   python3 -c 'from hashlib import pbkdf2_hmac'
 
-without an error.
+produces an error.
 
-If you get an ImportError, you are using Roundup's fallback
-PBKDF2 implementation. It is written in Python and is much slower
-than the library version.  As a result re-encrypting the password
-(and logging in which requires calculating the encrypted
-password) will be very slow.
+If you get an ImportError, you are using Roundup's fallback PBKDF2
+implementation. It is much slower than the library version.  As a
+result re-encrypting the password (and logging in, which requires
+calculating the encrypted password) will be very slow.
 
-You should find out how to make this succeed. You may need to
+You should find out how to make the import succeed. You may need to
 install an OS vendor package or some other library.
 
 .. _recommended setting of 1,300,000: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2

locale/de.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Roundup 2.3.0\n"
 "Report-Msgid-Bugs-To: [email protected]\n"
-"POT-Creation-Date: 2023-03-01 12:54-0500\n"
+"POT-Creation-Date: 2023-03-03 17:28-0500\n"
 "PO-Revision-Date: 2016-04-11 09:13+0200\n"
 "Last-Translator: Tobias Herp <[email protected]>\n"
 "Language-Team: German Translators <[email protected]>\n"
@@ -1253,41 +1253,78 @@ msgstr ""
 "        "
 
 #: ../roundup/admin.py:1742
-msgid "Tracker updated"
-msgstr "Tracker aktualisiert"
+#, python-format
+msgid "Tracker updated to schema version %s."
+msgstr ""
 
-#: ../roundup/admin.py:1745
-msgid "No migration action required"
+#: ../roundup/admin.py:1746
+#, fuzzy, python-format
+msgid "No migration action required. At schema version %s."
 msgstr "Keine Migration notwendig"
 
-#: ../roundup/admin.py:1771
+#: ../roundup/admin.py:1751
+msgid ""
+"Usage: perftest [mode] [arguments]*\n"
+"\n"
+"        Time operations in Roundup. Supported arguments:\n"
+"\n"
+"            [password] [rounds=<integer>] [scheme=<scheme>]\n"
+"\n"
+"        'password' is the default mode.  The tracker's config.ini\n"
+"        setting for 'password_pbkdf2_default_rounds' is the default\n"
+"        value for 'rounds'. On the command line, 'rounds' can include\n"
+"        thousands separator of ',' or '.'.  'scheme' is the default\n"
+"        coded into Roundup. List supported schemes by using 'scheme='.\n"
+"\n"
+"        "
+msgstr ""
+
+#: ../roundup/admin.py:1785
+msgid "Invalid 'rounds'. Must be larger than 999."
+msgstr ""
+
+#: ../roundup/admin.py:1789
+#, python-format
+msgid "Invalid 'rounds'. It must be an integer not: %s"
+msgstr ""
+
+#: ../roundup/admin.py:1816
+msgid "scheme does not support rounds."
+msgstr ""
+
+#: ../roundup/admin.py:1819
+#, python-format
+msgid "Hash time: %(time)0.9f seconds, scheme: %(scheme)s, rounds: %(rounds)s"
+msgstr ""
+
+#: ../roundup/admin.py:1847
 #, python-format
 msgid "Unknown command \"%(command)s\" (\"help commands\" for a list)"
 msgstr "Der Befehl \"%(command)s\" existiert nicht (siehe \"help commands\")"
 
-#: ../roundup/admin.py:1777
+#: ../roundup/admin.py:1853
 #, python-format
 msgid "Multiple commands match \"%(command)s\": %(list)s"
 msgstr "Zur Abkürzung \"%(command)s\" passen mehrere Befehle: %(list)s"
 
-#: ../roundup/admin.py:1786
+#: ../roundup/admin.py:1862
 msgid "Enter tracker home: "
 msgstr "Tracker-Verzeichnis: "
 
 # ../roundup/admin.py:1263 :1269 :1289
-#: ../roundup/admin.py:1795 ../roundup/admin.py:1801 ../roundup/admin.py:1838
-#: ../roundup/admin.py:1795:1801:1838
+#: ../roundup/admin.py:1871 ../roundup/admin.py:1877 ../roundup/admin.py:1914
+#: ../roundup/admin.py:1871:1877:1914
 #, python-format
 msgid "Error: %(message)s"
 msgstr "Fehler: %(message)s"
 
-#: ../roundup/admin.py:1811 ../roundup/admin.py:1815
-#: ../roundup/admin.py:1811:1815
+#: ../roundup/admin.py:1887 ../roundup/admin.py:1891
+#: ../roundup/admin.py:1887:1891
 #, python-format
 msgid "Error: Couldn't open tracker: %(message)s"
 msgstr "Fehler: Die Tracker-Instanz konnte nicht geöffnet werden: %(message)s"
 
-#: ../roundup/admin.py:1851
+#: ../roundup/admin.py:1927
 #, python-format
 msgid ""
 "Roundup %s ready for input.\n"
@@ -1296,15 +1333,15 @@ msgstr ""
 "Roundup %s ist bereit.\n"
 "Schreiben Sie \"help\", um zur Hilfe zu gelangen."
 
-#: ../roundup/admin.py:1856
+#: ../roundup/admin.py:1932
 msgid "Note: command history and editing not available"
 msgstr "Bemerkung: Befehlsverlauf/-bearbeitung möglicherweise nicht verfügbar"
 
-#: ../roundup/admin.py:1862
+#: ../roundup/admin.py:1938
 msgid "exit..."
 msgstr "beenden..."
 
-#: ../roundup/admin.py:1875
+#: ../roundup/admin.py:1951
 msgid "There are unsaved changes. Commit them (y/N)? "
 msgstr "Es gibt noch ungespeicherte Änderungen. Änderungen speichern (y/N)?"
 
@@ -5663,6 +5700,9 @@ msgstr "Aufgabe anzeigen"
 msgid "Password"
 msgstr "Passwort"
 
+#~ msgid "Tracker updated"
+#~ msgstr "Tracker aktualisiert"
+
 #~ msgid "roundup> "
 #~ msgstr "roundup> "
 

locale/en.po

@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Roundup 2.3.0\n"
 "Report-Msgid-Bugs-To: [email protected]\n"
-"POT-Creation-Date: 2023-03-01 12:54-0500\n"
+"POT-Creation-Date: 2023-03-03 17:28-0500\n"
 "PO-Revision-Date: 2004-11-20 13:47+0200\n"
 "Last-Translator: Not applicable\n"
 "Language-Team: English\n"
@@ -846,55 +846,92 @@ msgid ""
 msgstr ""
 
 #: ../roundup/admin.py:1742
-msgid "Tracker updated"
+#, python-format
+msgid "Tracker updated to schema version %s."
+msgstr ""
+
+#: ../roundup/admin.py:1746
+#, python-format
+msgid "No migration action required. At schema version %s."
+msgstr ""
+
+#: ../roundup/admin.py:1751
+msgid ""
+"Usage: perftest [mode] [arguments]*\n"
+"\n"
+"        Time operations in Roundup. Supported arguments:\n"
+"\n"
+"            [password] [rounds=<integer>] [scheme=<scheme>]\n"
+"\n"
+"        'password' is the default mode.  The tracker's config.ini\n"
+"        setting for 'password_pbkdf2_default_rounds' is the default\n"
+"        value for 'rounds'. On the command line, 'rounds' can include\n"
+"        thousands separator of ',' or '.'.  'scheme' is the default\n"
+"        coded into Roundup. List supported schemes by using 'scheme='.\n"
+"\n"
+"        "
+msgstr ""
+
+#: ../roundup/admin.py:1785
+msgid "Invalid 'rounds'. Must be larger than 999."
+msgstr ""
+
+#: ../roundup/admin.py:1789
+#, python-format
+msgid "Invalid 'rounds'. It must be an integer not: %s"
 msgstr ""
 
-#: ../roundup/admin.py:1745
-msgid "No migration action required"
+#: ../roundup/admin.py:1816
+msgid "scheme does not support rounds."
 msgstr ""
 
-#: ../roundup/admin.py:1771
+#: ../roundup/admin.py:1819
+#, python-format
+msgid "Hash time: %(time)0.9f seconds, scheme: %(scheme)s, rounds: %(rounds)s"
+msgstr ""
+
+#: ../roundup/admin.py:1847
 #, python-format
 msgid "Unknown command \"%(command)s\" (\"help commands\" for a list)"
 msgstr ""
 
-#: ../roundup/admin.py:1777
+#: ../roundup/admin.py:1853
 #, python-format
 msgid "Multiple commands match \"%(command)s\": %(list)s"
 msgstr ""
 
-#: ../roundup/admin.py:1786
+#: ../roundup/admin.py:1862
 msgid "Enter tracker home: "
 msgstr ""
 
-#: ../roundup/admin.py:1795 ../roundup/admin.py:1801 ../roundup/admin.py:1838
-#: ../roundup/admin.py:1795:1801:1838
+#: ../roundup/admin.py:1871 ../roundup/admin.py:1877 ../roundup/admin.py:1914
+#: ../roundup/admin.py:1871:1877:1914
 #, python-format
 msgid "Error: %(message)s"
 msgstr ""
 
-#: ../roundup/admin.py:1811 ../roundup/admin.py:1815
-#: ../roundup/admin.py:1811:1815
+#: ../roundup/admin.py:1887 ../roundup/admin.py:1891
+#: ../roundup/admin.py:1887:1891
 #, python-format
 msgid "Error: Couldn't open tracker: %(message)s"
 msgstr ""
 
-#: ../roundup/admin.py:1851
+#: ../roundup/admin.py:1927
 #, python-format
 msgid ""
 "Roundup %s ready for input.\n"
 "Type \"help\" for help."
 msgstr ""
 
-#: ../roundup/admin.py:1856
+#: ../roundup/admin.py:1932
 msgid "Note: command history and editing not available"
 msgstr ""
 
-#: ../roundup/admin.py:1862
+#: ../roundup/admin.py:1938
 msgid "exit..."
 msgstr ""
 
-#: ../roundup/admin.py:1875
+#: ../roundup/admin.py:1951
 msgid "There are unsaved changes. Commit them (y/N)? "
 msgstr ""