]> Cypherpunks.ru repositories - gocheese.git/blobdiff - gocheese.go
projects / gocheese.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
FIFO-based password management
[gocheese.git] / gocheese.go
diff --git a/gocheese.go b/gocheese.go
index 67bc1c1c40ff157a9fec2edf033689106ef700c8..cc30de23dfc84596f7980a2fef81fc370827521c 100644 (file)
--- a/gocheese.go
+++ b/gocheese.go
@@ -46,7 +46,7 @@ import (
 )
 
 const (
-       Version   = "2.6.0"
+       Version   = "3.0.0"
        HTMLBegin = `<!DOCTYPE html>
 <html>
   <head>
@@ -99,9 +99,9 @@ var (
        gpgUpdateURLPath = flag.String("gpgupdate", "/gpgupdate/", "GPG forceful refreshing URL path")
        pypiURL          = flag.String("pypi", "https://pypi.org/simple/", "Upstream (PyPI) URL")
        pypiCertHash     = flag.String("pypi-cert-hash", "", "Authenticate upstream by its X.509 certificate's SPKI SHA256 hash")
-       passwdPath       = flag.String("passwd", "passwd", "Path to file with authenticators")
        logTimestamped   = flag.Bool("log-timestamped", false, "Prepend timestmap to log messages")
-       passwdCheck      = flag.Bool("passwd-check", false, "Test the -passwd file for syntax errors and exit")
+       passwdPath       = flag.String("passwd", "", "Path to FIFO for upload authentication")
+       passwdCheck      = flag.Bool("passwd-check", false, "Run password checker")
        fsck             = flag.Bool("fsck", false, "Check integrity of all packages (errors are in stderr)")
        maxClients       = flag.Int("maxclients", 128, "Maximal amount of simultaneous clients")
        version          = flag.Bool("version", false, "Print version information")
@@ -288,8 +288,24 @@ func main() {
        }
 
        if *passwdCheck {
-               refreshPasswd()
-               return
+               if passwdReader(os.Stdin) {
+                       os.Exit(0)
+               } else {
+                       os.Exit(1)
+               }
+       }
+
+       if *passwdPath != "" {
+               go func() {
+                       for {
+                               fd, err := os.OpenFile(*passwdPath, os.O_RDONLY, os.FileMode(0666))
+                               if err != nil {
+                                       log.Fatalln(err)
+                               }
+                               passwdReader(fd)
+                               fd.Close()
+                       }
+               }()
        }
 
        if (*tlsCert != "" && *tlsKey == "") || (*tlsCert == "" && *tlsKey != "") {
@@ -301,7 +317,6 @@ func main() {
        if err != nil {
                log.Fatalln(err)
        }
-       refreshPasswd()
        tlsConfig := tls.Config{
                ClientSessionCache: tls.NewLRUClientSessionCache(16),
                NextProtos:         []string{"h2", "http/1.1"},
@@ -340,17 +355,9 @@ func main() {
                http.HandleFunc(*gpgUpdateURLPath, handler)
        }
 
-       needsRefreshPasswd := make(chan os.Signal, 0)
        needsShutdown := make(chan os.Signal, 0)
        exitErr := make(chan error, 0)
-       signal.Notify(needsRefreshPasswd, syscall.SIGHUP)
        signal.Notify(needsShutdown, syscall.SIGTERM, syscall.SIGINT)
-       go func() {
-               for range needsRefreshPasswd {
-                       log.Println("refreshing passwords")
-                       refreshPasswd()
-               }
-       }()
        go func(s *http.Server) {
                <-needsShutdown
                killed = true
Python private package repository and caching proxy