argon2: preparation

2025-06-26 16:45:52 +00:00 · 2025-04-29 19:15:19 +02:00 · 2025-04-29 19:15:19 +02:00 · d5133fccd1
commit d5133fccd1
parent 323af3368c
1 changed files with 8 additions and 4 deletions
--- a/radicale/auth/htpasswd.py
+++ b/radicale/auth/htpasswd.py
@ -75,8 +75,10 @@ class Auth(auth.BaseAuth):
    _htpasswd_not_ok_time: float
    _htpasswd_not_ok_reminder_seconds: int
    _htpasswd_bcrypt_use: int
+    _htpasswd_argon2_use: int
    _htpasswd_cache: bool
    _has_bcrypt: bool
+    _has_argon2: bool
    _encryption: str
    _lock: threading.Lock

@ -92,9 +94,10 @@ class Auth(auth.BaseAuth):
        logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s'", self._encryption)

        self._has_bcrypt = False
+        self._has_argon2 = False
        self._htpasswd_ok = False
        self._htpasswd_not_ok_reminder_seconds = 60 # currently hardcoded
-        (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False)
+        (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd_argon2_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False)
        self._lock = threading.Lock()

        if self._encryption == "plain":
@ -192,6 +195,7 @@ class Auth(auth.BaseAuth):
        """
        htpasswd_ok = True
        bcrypt_use = 0
+        argon2_use = 0
        if (init is True) or (suppress is True):
            info = "Read"
        else:
@ -262,7 +266,7 @@ class Auth(auth.BaseAuth):
            self._htpasswd_not_ok_time = 0
        else:
            self._htpasswd_not_ok_time = time.time()
-        return (htpasswd_ok, bcrypt_use, htpasswd, htpasswd_size, htpasswd_mtime_ns)
+        return (htpasswd_ok, bcrypt_use, argon2_use, htpasswd, htpasswd_size, htpasswd_mtime_ns)

    def _login(self, login: str, password: str) -> str:
        """Validate credentials.
@ -283,7 +287,7 @@ class Auth(auth.BaseAuth):
                htpasswd_size = os.stat(self._filename).st_size
                htpasswd_mtime_ns = os.stat(self._filename).st_mtime_ns
                if (htpasswd_size != self._htpasswd_size) or (htpasswd_mtime_ns != self._htpasswd_mtime_ns):
-                    (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(False, False)
+                    (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd_argon2_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(False, False)
                    self._htpasswd_not_ok_time = 0

            # log reminder of problemantic file every interval
@ -301,7 +305,7 @@ class Auth(auth.BaseAuth):
                login_ok = True
        else:
            # read file on every request
-            (htpasswd_ok, htpasswd_bcrypt_use, htpasswd, htpasswd_size, htpasswd_mtime_ns) = self._read_htpasswd(False, True)
+            (htpasswd_ok, htpasswd_bcrypt_use, htpasswd_argon2_use, htpasswd, htpasswd_size, htpasswd_mtime_ns) = self._read_htpasswd(False, True)
            if htpasswd.get(login):
                digest = htpasswd[login]
                login_ok = True