From ec38f431f55db667681d2f2de816e1b279ab7545 Mon Sep 17 00:00:00 2001
From: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
Date: Sat, 4 May 2024 21:24:54 +0800
Subject: [PATCH] Rollback to `pyo3 = { version = "0.16.6", features = ["abi3"]
 }`

In order to avoid `ImportError: PyO3 modules compiled for CPython 3.8 or
older may only be initialized once per interpreter process` introduced
since pyo3 >= 0.17.0, which only allow each `#[pymodule]` to be
initialized once, this PR temporarily rollback to pyo3 = 0.16.6.

It also remove the use of `PyUserWarning` which introduced since pyo3 >
0.18.0.

See https://github.com/PyO3/pyo3/commit/78ba70d2b4cdae1228561700bab62da793801d18
See https://github.com/PyO3/pyo3/commit/1d20f2a5317585c13750e4433fe502dd25230775

Fixes https://github.com/pyca/bcrypt/issues/694

Signed-off-by: Wong Hoi Sing Edison <hswong3i@pantarei-design.com>
---
 src/_bcrypt/Cargo.lock | 57 ++++++++++++------------------------------
 src/_bcrypt/Cargo.toml |  2 +-
 src/_bcrypt/src/lib.rs | 30 ++++++----------------
 tests/test_bcrypt.py   |  5 ----
 4 files changed, 24 insertions(+), 70 deletions(-)

diff --git a/src/_bcrypt/Cargo.lock b/src/_bcrypt/Cargo.lock
index e11ad83d..7038da4f 100644
--- a/src/_bcrypt/Cargo.lock
+++ b/src/_bcrypt/Cargo.lock
@@ -148,17 +148,11 @@ dependencies = [
  "wasi",
 ]
 
-[[package]]
-name = "heck"
-version = "0.4.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
-
 [[package]]
 name = "indoc"
-version = "2.0.5"
+version = "1.0.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b248f5224d1d606005e02c97f5aa4e88eeb230488bcc03bc9ca4d7991399f2b5"
+checksum = "bfa799dd5ed20a7e349f3b4639aa80d74549c81716d9ec4f994c9b5815598306"
 
 [[package]]
 name = "inout"
@@ -185,15 +179,6 @@ dependencies = [
  "scopeguard",
 ]
 
-[[package]]
-name = "memoffset"
-version = "0.9.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a"
-dependencies = [
- "autocfg",
-]
-
 [[package]]
 name = "once_cell"
 version = "1.19.0"
@@ -232,12 +217,6 @@ dependencies = [
  "digest",
 ]
 
-[[package]]
-name = "portable-atomic"
-version = "1.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7170ef9988bc169ba16dd36a7fa041e5c4cbeb6a35b76d4c03daded371eae7c0"
-
 [[package]]
 name = "proc-macro2"
 version = "1.0.81"
@@ -249,16 +228,14 @@ dependencies = [
 
 [[package]]
 name = "pyo3"
-version = "0.21.2"
+version = "0.16.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a5e00b96a521718e08e03b1a622f01c8a8deb50719335de3f60b3b3950f069d8"
+checksum = "0220c44442c9b239dd4357aa856ac468a4f5e1f0df19ddb89b2522952eb4c6ca"
 dependencies = [
  "cfg-if",
  "indoc",
  "libc",
- "memoffset",
  "parking_lot",
- "portable-atomic",
  "pyo3-build-config",
  "pyo3-ffi",
  "pyo3-macros",
@@ -267,9 +244,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-build-config"
-version = "0.21.2"
+version = "0.16.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7883df5835fafdad87c0d888b266c8ec0f4c9ca48a5bed6bbb592e8dedee1b50"
+checksum = "9c819d397859445928609d0ec5afc2da5204e0d0f73d6bf9e153b04e83c9cdc2"
 dependencies = [
  "once_cell",
  "target-lexicon",
@@ -277,9 +254,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-ffi"
-version = "0.21.2"
+version = "0.16.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "01be5843dc60b916ab4dad1dca6d20b9b4e6ddc8e15f50c47fe6d85f1fb97403"
+checksum = "ca882703ab55f54702d7bfe1189b41b0af10272389f04cae38fe4cd56c65f75f"
 dependencies = [
  "libc",
  "pyo3-build-config",
@@ -287,9 +264,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros"
-version = "0.21.2"
+version = "0.16.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77b34069fc0682e11b31dbd10321cbf94808394c56fd996796ce45217dfac53c"
+checksum = "568749402955ad7be7bad9a09b8593851cd36e549ac90bfd44079cea500f3f21"
 dependencies = [
  "proc-macro2",
  "pyo3-macros-backend",
@@ -299,13 +276,11 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros-backend"
-version = "0.21.2"
+version = "0.16.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08260721f32db5e1a5beae69a55553f56b99bd0e1c3e6e0a5e8851a9d0f5a85c"
+checksum = "611f64e82d98f447787e82b8e7b0ebc681e1eb78fc1252668b2c605ffb4e1eb8"
 dependencies = [
- "heck",
  "proc-macro2",
- "pyo3-build-config",
  "quote",
  "syn",
 ]
@@ -359,9 +334,9 @@ checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
 
 [[package]]
 name = "syn"
-version = "2.0.60"
+version = "1.0.109"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "909518bc7b1c9b779f1bbf07f2929d35af9f0f37e47c6e9ef7f9dddc1e1821f3"
+checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -388,9 +363,9 @@ checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b"
 
 [[package]]
 name = "unindent"
-version = "0.2.3"
+version = "0.1.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c7de7d73e1754487cb58364ee906a499937a0dfabd86bcb980fa99ec8c8fa2ce"
+checksum = "e1766d682d402817b5ac4490b3c3002d91dfa0d22812f341609f97b08757359c"
 
 [[package]]
 name = "version_check"
diff --git a/src/_bcrypt/Cargo.toml b/src/_bcrypt/Cargo.toml
index 58f6c13e..0b519485 100644
--- a/src/_bcrypt/Cargo.toml
+++ b/src/_bcrypt/Cargo.toml
@@ -6,7 +6,7 @@ edition = "2018"
 publish = false
 
 [dependencies]
-pyo3 = { version = "0.21", features = ["abi3"] }
+pyo3 = { version = "0.16.6", features = ["abi3"] }
 bcrypt = "0.15"
 bcrypt-pbkdf = "0.10.0"
 base64 = "0.22.1"
diff --git a/src/_bcrypt/src/lib.rs b/src/_bcrypt/src/lib.rs
index d8297d85..6f8fe7f8 100644
--- a/src/_bcrypt/src/lib.rs
+++ b/src/_bcrypt/src/lib.rs
@@ -13,7 +13,6 @@
 #![deny(rust_2018_idioms)]
 
 use base64::Engine;
-use pyo3::prelude::PyBytesMethods;
 use pyo3::PyTypeInfo;
 use std::convert::TryInto;
 use std::io::Write;
@@ -29,7 +28,7 @@ fn gensalt<'p>(
     py: pyo3::Python<'p>,
     rounds: Option<u16>,
     prefix: Option<&[u8]>,
-) -> pyo3::PyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
+) -> pyo3::PyResult<&'p pyo3::types::PyBytes> {
     let rounds = rounds.unwrap_or(12);
     let prefix = prefix.unwrap_or(b"2b");
 
@@ -48,7 +47,7 @@ fn gensalt<'p>(
 
     let encoded_salt = BASE64_ENGINE.encode(salt);
 
-    pyo3::types::PyBytes::new_bound_with(
+    pyo3::types::PyBytes::new_with(
         py,
         1 + prefix.len() + 1 + 2 + 1 + encoded_salt.len(),
         |mut b| {
@@ -69,7 +68,7 @@ fn hashpw<'p>(
     py: pyo3::Python<'p>,
     password: &[u8],
     salt: &[u8],
-) -> pyo3::PyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
+) -> pyo3::PyResult<&'p pyo3::types::PyBytes> {
     // bcrypt originally suffered from a wraparound bug:
     // http://www.openwall.com/lists/oss-security/2012/01/02/4
     // This bug was corrected in the OpenBSD source by truncating inputs to 72
@@ -113,7 +112,7 @@ fn hashpw<'p>(
     let hashed = py
         .allow_threads(|| bcrypt::hash_with_salt(password, cost, raw_salt))
         .map_err(|_| pyo3::exceptions::PyValueError::new_err("Invalid salt"))?;
-    Ok(pyo3::types::PyBytes::new_bound(
+    Ok(pyo3::types::PyBytes::new(
         py,
         hashed.format_for_version(version).as_bytes(),
     ))
@@ -135,7 +134,7 @@ fn kdf<'p>(
     desired_key_bytes: usize,
     rounds: u32,
     ignore_few_rounds: Option<bool>,
-) -> pyo3::PyResult<pyo3::Bound<'p, pyo3::types::PyBytes>> {
+) -> pyo3::PyResult<&'p pyo3::types::PyBytes> {
     let ignore_few_rounds = ignore_few_rounds.unwrap_or(false);
 
     if password.is_empty() || salt.is_empty() {
@@ -156,19 +155,7 @@ fn kdf<'p>(
         ));
     }
 
-    if rounds < 50 && !ignore_few_rounds {
-        // They probably think bcrypt.kdf()'s rounds parameter is logarithmic,
-        // expecting this value to be slow enough (it probably would be if this
-        // were bcrypt). Emit a warning.
-        pyo3::PyErr::warn_bound(
-            py,
-            &pyo3::exceptions::PyUserWarning::type_object_bound(py),
-            &format!("Warning: bcrypt.kdf() called with only {rounds} round(s). This few is not secure: the parameter is linear, like PBKDF2."),
-            3
-        )?;
-    }
-
-    pyo3::types::PyBytes::new_bound_with(py, desired_key_bytes, |output| {
+    pyo3::types::PyBytes::new_with(py, desired_key_bytes, |output| {
         py.allow_threads(|| {
             bcrypt_pbkdf::bcrypt_pbkdf(password, salt, rounds, output).unwrap();
         });
@@ -177,10 +164,7 @@ fn kdf<'p>(
 }
 
 #[pyo3::prelude::pymodule]
-fn _bcrypt(
-    _py: pyo3::Python<'_>,
-    m: &pyo3::Bound<'_, pyo3::types::PyModule>,
-) -> pyo3::PyResult<()> {
+fn _bcrypt(_py: pyo3::Python<'_>, m: &pyo3::types::PyModule) -> pyo3::PyResult<()> {
     m.add_function(pyo3::wrap_pyfunction!(gensalt, m)?)?;
     m.add_function(pyo3::wrap_pyfunction!(hashpw, m)?)?;
     m.add_function(pyo3::wrap_pyfunction!(checkpw, m)?)?;
diff --git a/tests/test_bcrypt.py b/tests/test_bcrypt.py
index 68c00fb4..01a12a2f 100644
--- a/tests/test_bcrypt.py
+++ b/tests/test_bcrypt.py
@@ -462,11 +462,6 @@ def test_kdf_no_warn_rounds():
     bcrypt.kdf(b"password", b"salt", 10, 10, True)
 
 
-def test_kdf_warn_rounds():
-    with pytest.warns(UserWarning):
-        bcrypt.kdf(b"password", b"salt", 10, 10)
-
-
 @pytest.mark.parametrize(
     ("password", "salt", "desired_key_bytes", "rounds", "error"),
     [