generate htpasswd files, understand apr1 hashes in confirmation script

This commit is contained in:
Enno Rehling 2016-02-10 14:12:38 +01:00
parent d361622008
commit 88f3a46142
3 changed files with 35 additions and 21 deletions

View File

@ -3,8 +3,15 @@
from string import split from string import split
from string import strip from string import strip
from string import lower from string import lower
import subprocess
class EPasswd: class EPasswd:
def _check_apr1(self, pwhash, pw):
spl = split(pwhash, '$')
salt = spl[2]
hash = subprocess.check_output(['openssl', 'passwd', '-apr1', '-salt', salt, pw]).decode('utf-8').strip()
return hash==pwhash
def __init__(self, file): def __init__(self, file):
self.data = {} self.data = {}
try: try:
@ -16,32 +23,23 @@ class EPasswd:
line = fp.readline() line = fp.readline()
if not line: break if not line: break
line = strip(line) line = strip(line)
[id, email, passwd, overri] = split(line, ":")[0:4] [id, email, passwd] = split(line, ":")[0:3]
lc_id = lower(id) lc_id = lower(id)
self.data[lc_id] = {} self.data[lc_id] = {}
self.data[lc_id]["id"] = id self.data[lc_id]["id"] = id
self.data[lc_id]["email"] = email self.data[lc_id]["email"] = email
self.data[lc_id]["passwd"] = passwd self.data[lc_id]["passwd"] = passwd
self.data[lc_id]["overri"] = overri
fp.close() fp.close()
def check(self, id, passwd): def check(self, id, passwd):
pw = self.get_passwd(id) pw = self.get_passwd(id)
if pw[0:6]=='$apr1$': if pw[0:6]=='$apr1$':
# htpasswd hashes, cannot check, assume correct return self._check_apr1(pw, passwd)
return 1 return pw == passwd
if lower(pw) == lower(passwd):
return 1
if lower(self.get_overri(id)) == lower(passwd):
return 1
return 0
def get_passwd(self, id): def get_passwd(self, id):
return self.data[lower(id)]["passwd"] return self.data[lower(id)]["passwd"]
def get_overri(self, id):
return self.data[lower(id)]["overri"]
def get_email(self, id): def get_email(self, id):
return self.data[lower(id)]["email"] return self.data[lower(id)]["email"]
@ -49,6 +47,4 @@ class EPasswd:
return self.data[lower(id)]["id"] return self.data[lower(id)]["id"]
def fac_exists(self, id): def fac_exists(self, id):
if self.data.has_key(lower(id)): return self.data.has_key(lower(id))
return 1
return 0

View File

@ -59,11 +59,16 @@ local function write_emails(locales)
end end
end end
local function join_path(a, b)
if a then return a .. '/' .. b end
return b
end
local function write_addresses() local function write_addresses()
local file local file
local faction local faction
file = io.open(config.basepath .. "/adressen", "w") file = io.open(join_path(config.basepath, "adressen"), "w")
for faction in factions() do for faction in factions() do
-- print(faction.id .. " - " .. faction.locale) -- print(faction.id .. " - " .. faction.locale)
file:write(tostring(faction) .. ":" .. faction.email .. ":" .. faction.info .. "\n") file:write(tostring(faction) .. ":" .. faction.email .. ":" .. faction.info .. "\n")
@ -76,7 +81,7 @@ local function write_aliases()
local file local file
local faction local faction
file = io.open(config.basepath .. "/aliases", "w") file = io.open(join_path(config.basepath, "aliases"), "w")
for faction in factions() do for faction in factions() do
local unit local unit
if faction.email ~= "" then if faction.email ~= "" then
@ -90,10 +95,23 @@ local function write_aliases()
file:close() file:close()
end end
local function write_htpasswd()
local out = io.open(join_path(config.basepath, "htpasswd"), "w")
if out then
for f in factions() do
if f.password then
out:write(itoa36(f.id) .. ":" .. f.password .. "\n")
end
end
out:close()
end
end
local function write_files(locales) local function write_files(locales)
write_passwords() write_passwords()
write_reports() write_htpasswd()
write_summary() write_reports()
write_summary()
end end
local function write_scores() local function write_scores()

View File

@ -1,4 +1,4 @@
NEWFILES="data/185.dat datum parteien parteien.full passwd score turn" NEWFILES="data/185.dat datum parteien parteien.full passwd htpasswd score turn"
cleanup () { cleanup () {
rm -rf reports $NEWFILES rm -rf reports $NEWFILES
} }