generate htpasswd files, understand apr1 hashes in confirmation script

process/epasswd.py

@@ -3,8 +3,15 @@
 from string import split
 from string import strip
 from string import lower
+import subprocess
 
 class EPasswd:
+	def _check_apr1(self, pwhash, pw):
+		spl = split(pwhash, '$')
+		salt = spl[2]
+		hash = subprocess.check_output(['openssl', 'passwd', '-apr1', '-salt', salt, pw]).decode('utf-8').strip()
+		return hash==pwhash
+
 	def __init__(self, file):
 		self.data = {}
 		try:
@@ -16,32 +23,23 @@ class EPasswd:
 				line = fp.readline()
 				if not line: break
 				line = strip(line)
-				[id, email, passwd, overri] = split(line, ":")[0:4]
+				[id, email, passwd] = split(line, ":")[0:3]
 				lc_id = lower(id)
 				self.data[lc_id] = {}
 				self.data[lc_id]["id"] = id
 				self.data[lc_id]["email"] = email
 				self.data[lc_id]["passwd"] = passwd
-				self.data[lc_id]["overri"] = overri
 			fp.close()
 
 	def check(self, id, passwd):
 		pw = self.get_passwd(id)
 		if pw[0:6]=='$apr1$':
-			# htpasswd hashes, cannot check, assume correct
-			return 1
-		if lower(pw) == lower(passwd):
-			return 1
-		if lower(self.get_overri(id)) == lower(passwd):
-			return 1
-		return 0
+			return self._check_apr1(pw, passwd)
+		return pw == passwd
 
 	def get_passwd(self, id):
 		return self.data[lower(id)]["passwd"]
 	
-	def get_overri(self, id):
-		return self.data[lower(id)]["overri"]
-
 	def get_email(self, id):
 		return self.data[lower(id)]["email"]
 	
@@ -49,6 +47,4 @@ class EPasswd:
 		return self.data[lower(id)]["id"]
 
 	def fac_exists(self, id):
-		if self.data.has_key(lower(id)):
-			return 1
-		return 0
+		return self.data.has_key(lower(id))

scripts/run-turn.lua

@@ -59,11 +59,16 @@ local function write_emails(locales)
   end
 end
 
+local function join_path(a, b)
+    if a then return a .. '/' .. b end
+    return b
+end
+
 local function write_addresses()
   local file
   local faction
 
-  file = io.open(config.basepath .. "/adressen", "w")
+  file = io.open(join_path(config.basepath, "adressen"), "w")
   for faction in factions() do
     -- print(faction.id .. " - " .. faction.locale)
     file:write(tostring(faction) .. ":" .. faction.email .. ":" .. faction.info .. "\n")
@@ -76,7 +81,7 @@ local function write_aliases()
   local file
   local faction
 
-  file = io.open(config.basepath .. "/aliases", "w")
+  file = io.open(join_path(config.basepath, "aliases"), "w")
   for faction in factions() do
     local unit
     if faction.email ~= "" then
@@ -90,8 +95,21 @@ local function write_aliases()
   file:close()
 end
 
+local function write_htpasswd()
+    local out = io.open(join_path(config.basepath, "htpasswd"), "w")
+    if out then
+        for f in factions() do
+            if f.password then
+                out:write(itoa36(f.id) .. ":" .. f.password .. "\n")
+            end
+        end
+        out:close()
+    end
+end
+
 local function write_files(locales)
     write_passwords()
+    write_htpasswd()
     write_reports()
     write_summary()
 end

tests/run-turn.sh

@@ -1,4 +1,4 @@
-NEWFILES="data/185.dat datum parteien parteien.full passwd score turn"
+NEWFILES="data/185.dat datum parteien parteien.full passwd htpasswd score turn"
 cleanup () {
 rm -rf reports $NEWFILES
 }