oss/Radicale
oss/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-06-26 16:45:52 +00:00
Code Wiki Activity

argon2: preparation

Browse source
This commit is contained in:
Peter Bieringer 2025-04-29 19:15:19 +02:00
parent 323af3368c
commit d5133fccd1
1 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

12
radicale/auth/htpasswd.py
View file

@ -75,8 +75,10 @@ class Auth(auth.BaseAuth):
_htpasswd_not_ok_time: float _htpasswd_not_ok_time: float
_htpasswd_not_ok_reminder_seconds: int _htpasswd_not_ok_reminder_seconds: int
_htpasswd_bcrypt_use: int _htpasswd_bcrypt_use: int
_htpasswd_argon2_use: int
_htpasswd_cache: bool _htpasswd_cache: bool
_has_bcrypt: bool _has_bcrypt: bool
_has_argon2: bool
_encryption: str _encryption: str
_lock: threading.Lock _lock: threading.Lock
@ -92,9 +94,10 @@ class Auth(auth.BaseAuth):
logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s'", self._encryption) logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s'", self._encryption)
self._has_bcrypt = False self._has_bcrypt = False
self._has_argon2 = False
self._htpasswd_ok = False self._htpasswd_ok = False
self._htpasswd_not_ok_reminder_seconds = 60 # currently hardcoded self._htpasswd_not_ok_reminder_seconds = 60 # currently hardcoded
(self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False) (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd_argon2_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False)
self._lock = threading.Lock() self._lock = threading.Lock()
if self._encryption == "plain": if self._encryption == "plain":
@ -192,6 +195,7 @@ class Auth(auth.BaseAuth):
""" """
htpasswd_ok = True htpasswd_ok = True
bcrypt_use = 0 bcrypt_use = 0
argon2_use = 0
if (init is True) or (suppress is True): if (init is True) or (suppress is True):
info = "Read" info = "Read"
else: else:
@ -262,7 +266,7 @@ class Auth(auth.BaseAuth):
self._htpasswd_not_ok_time = 0 self._htpasswd_not_ok_time = 0
else: else:
self._htpasswd_not_ok_time = time.time() self._htpasswd_not_ok_time = time.time()
return (htpasswd_ok, bcrypt_use, htpasswd, htpasswd_size, htpasswd_mtime_ns) return (htpasswd_ok, bcrypt_use, argon2_use, htpasswd, htpasswd_size, htpasswd_mtime_ns)
def _login(self, login: str, password: str) -> str: def _login(self, login: str, password: str) -> str:
"""Validate credentials. """Validate credentials.
@ -283,7 +287,7 @@ class Auth(auth.BaseAuth):
htpasswd_size = os.stat(self._filename).st_size htpasswd_size = os.stat(self._filename).st_size
htpasswd_mtime_ns = os.stat(self._filename).st_mtime_ns htpasswd_mtime_ns = os.stat(self._filename).st_mtime_ns
if (htpasswd_size != self._htpasswd_size) or (htpasswd_mtime_ns != self._htpasswd_mtime_ns): if (htpasswd_size != self._htpasswd_size) or (htpasswd_mtime_ns != self._htpasswd_mtime_ns):
(self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(False, False) (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd_argon2_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(False, False)
self._htpasswd_not_ok_time = 0 self._htpasswd_not_ok_time = 0
# log reminder of problemantic file every interval # log reminder of problemantic file every interval
@ -301,7 +305,7 @@ class Auth(auth.BaseAuth):
login_ok = True login_ok = True
else: else:
# read file on every request # read file on every request
(htpasswd_ok, htpasswd_bcrypt_use, htpasswd, htpasswd_size, htpasswd_mtime_ns) = self._read_htpasswd(False, True) (htpasswd_ok, htpasswd_bcrypt_use, htpasswd_argon2_use, htpasswd, htpasswd_size, htpasswd_mtime_ns) = self._read_htpasswd(False, True)
if htpasswd.get(login): if htpasswd.get(login):
digest = htpasswd[login] digest = htpasswd[login]
login_ok = True login_ok = True