X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=passwd.go;h=a93fbc9e145c7fde84c16d789c0c2efabd334037;hb=f077359218864862f94290b582cb09a4a8fa1b9c;hp=29419564ce9c22b3fb4ceab0f0d0cb7e8658edee;hpb=58cc9588d92ab293d301e7267851bd9c4167e508;p=gocheese.git

diff --git a/passwd.go b/passwd.go
index 2941956..a93fbc9 100644
--- a/passwd.go
+++ b/passwd.go
@@ -1,7 +1,7 @@
 /*
 GoCheese -- Python private package repository and caching proxy
-Copyright (C) 2019 Sergey Matveev <stargrave@stargrave.org>
-              2019 Elena Balakhonova <balakhonova_e@riseup.net>
+Copyright (C) 2019-2021 Sergey Matveev <stargrave@stargrave.org>
+              2019-2021 Elena Balakhonova <balakhonova_e@riseup.net>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -19,30 +19,87 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package main
 
 import (
-	"io/ioutil"
+	"bufio"
+	"errors"
 	"log"
+	"os"
 	"strings"
+	"sync"
 )
 
-func refreshPasswd() {
-	passwd, err := ioutil.ReadFile(*passwdPath)
-	if err != nil {
-		log.Fatal(err)
+var (
+	Passwords  map[string]Auther = make(map[string]Auther)
+	PasswordsM sync.RWMutex
+)
+
+type Auther interface {
+	Auth(password string) bool
+}
+
+func strToAuther(verifier string) (string, Auther, error) {
+	st := strings.SplitN(verifier, "$", 3)
+	if len(st) != 3 || st[0] != "" {
+		return "", nil, errors.New("invalid verifier structure")
+	}
+	algorithm := st[1]
+	var auther Auther
+	var err error
+	switch algorithm {
+	case "argon2i":
+		auther, err = parseArgon2i(st[2])
+	case "sha256":
+		auther, err = parseSHA256(st[2])
+	default:
+		err = errors.New("unknown hashing algorithm")
 	}
-	for i, credentials := range strings.Split(strings.TrimRight(string(passwd), "\n"), "\n") {
-		splitted := strings.Split(credentials, ":")
+	return algorithm, auther, err
+}
+
+func passwdReader(fd *os.File) bool {
+	isGood := true
+	scanner := bufio.NewScanner(fd)
+	for scanner.Scan() {
+		t := scanner.Text()
+		if len(t) == 0 {
+			continue
+		}
+		splitted := strings.Split(t, ":")
 		if len(splitted) != 2 {
-			log.Fatalf("%s:%d: Wrong login:password format", *passwdPath, i)
+			log.Println("wrong login:password format:", t)
+			isGood = false
+			continue
 		}
 		login := splitted[0]
-		if _, exists := passwords[login]; exists {
-			log.Fatalf("%s:%d: %s: already exists", *passwdPath, i, login)
+		passwd := splitted[1]
+		if passwd == "" {
+			log.Println("deleting login:", login)
+			PasswordsM.Lock()
+			delete(Passwords, login)
+			PasswordsM.Unlock()
+			continue
 		}
-		_, auther, err := strToAuther(splitted[1])
+		_, auther, err := strToAuther(passwd)
 		if err != nil {
-			log.Fatalf("%s:%d: %s: %s", *passwdPath, i, login, err)
+			log.Println("login:", login, "invalid password:", err)
+			isGood = false
+			continue
 		}
-		passwords[login] = auther
-		log.Println("Added password for " + login)
+		log.Println("adding password for:", login)
+		PasswordsM.Lock()
+		Passwords[login] = auther
+		PasswordsM.Unlock()
+	}
+	return isGood
+}
+
+func passwdLister(fd *os.File) {
+	PasswordsM.RLock()
+	logins := make([]string, 0, len(Passwords))
+	for login := range Passwords {
+		logins = append(logins, login)
+	}
+	PasswordsM.RUnlock()
+	for _, login := range logins {
+		fd.WriteString(login + "\n")
 	}
 }