mirrors/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-04-05 06:07:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

make encryption visible to other functions

Browse source
This commit is contained in:
Peter Bieringer 2025-03-08 17:26:28 +01:00
parent 30664f9346
commit a284d18c16
1 changed files with 15 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

29
radicale/auth/htpasswd.py
View file

@ -73,6 +73,7 @@ class Auth(auth.BaseAuth):
_htpasswd_bcrypt_use: int _htpasswd_bcrypt_use: int
_htpasswd_cache: bool _htpasswd_cache: bool
_has_bcrypt: bool _has_bcrypt: bool
_encryption: str
_lock: threading.Lock _lock: threading.Lock
def __init__(self, configuration: config.Configuration) -> None: def __init__(self, configuration: config.Configuration) -> None:
@ -83,8 +84,8 @@ class Auth(auth.BaseAuth):
logger.info("auth htpasswd file encoding: %r", self._encoding) logger.info("auth htpasswd file encoding: %r", self._encoding)
self._htpasswd_cache = configuration.get("auth", "htpasswd_cache") self._htpasswd_cache = configuration.get("auth", "htpasswd_cache")
logger.info("auth htpasswd cache: %s", self._htpasswd_cache) logger.info("auth htpasswd cache: %s", self._htpasswd_cache)
encryption: str = configuration.get("auth", "htpasswd_encryption") self._encryption: str = configuration.get("auth", "htpasswd_encryption")
logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s'", encryption) logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s'", self._encryption)
self._has_bcrypt = False self._has_bcrypt = False
self._htpasswd_ok = False self._htpasswd_ok = False
@ -92,31 +93,31 @@ class Auth(auth.BaseAuth):
(self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False) (self._htpasswd_ok, self._htpasswd_bcrypt_use, self._htpasswd, self._htpasswd_size, self._htpasswd_mtime_ns) = self._read_htpasswd(True, False)
self._lock = threading.Lock() self._lock = threading.Lock()
if encryption == "plain": if self._encryption == "plain":
self._verify = self._plain self._verify = self._plain
elif encryption == "md5": elif self._encryption == "md5":
self._verify = self._md5apr1 self._verify = self._md5apr1
elif encryption == "sha256": elif self._encryption == "sha256":
self._verify = self._sha256 self._verify = self._sha256
elif encryption == "sha512": elif self._encryption == "sha512":
self._verify = self._sha512 self._verify = self._sha512
elif encryption == "bcrypt" or encryption == "autodetect": elif self._encryption == "bcrypt" or self._encryption == "autodetect":
try: try:
import bcrypt import bcrypt
except ImportError as e: except ImportError as e:
if (encryption == "autodetect") and (self._htpasswd_bcrypt_use == 0): if (self._encryption == "autodetect") and (self._htpasswd_bcrypt_use == 0):
logger.warning("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' which can require bycrypt module, but currently no entries found", encryption) logger.warning("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' which can require bycrypt module, but currently no entries found", self._encryption)
else: else:
raise RuntimeError( raise RuntimeError(
"The htpasswd encryption method 'bcrypt' or 'autodetect' requires " "The htpasswd encryption method 'bcrypt' or 'autodetect' requires "
"the bcrypt module (entries found: %d)." % self._htpasswd_bcrypt_use) from e "the bcrypt module (entries found: %d)." % self._htpasswd_bcrypt_use) from e
else: else:
if encryption == "autodetect": if self._encryption == "autodetect":
if self._htpasswd_bcrypt_use == 0: if self._htpasswd_bcrypt_use == 0:
logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' and bycrypt module found, but currently not required", encryption) logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' and bycrypt module found, but currently not required", self._encryption)
else: else:
logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' and bycrypt module found (bcrypt entries found: %d)", encryption, self._htpasswd_bcrypt_use) logger.info("auth htpasswd encryption is 'radicale.auth.htpasswd_encryption.%s' and bycrypt module found (bcrypt entries found: %d)", self._encryption, self._htpasswd_bcrypt_use)
if encryption == "bcrypt": if self._encryption == "bcrypt":
self._verify = functools.partial(self._bcrypt, bcrypt) self._verify = functools.partial(self._bcrypt, bcrypt)
else: else:
self._verify = self._autodetect self._verify = self._autodetect
@ -124,7 +125,7 @@ class Auth(auth.BaseAuth):
self._has_bcrypt = True self._has_bcrypt = True
else: else:
raise RuntimeError("The htpasswd encryption method %r is not " raise RuntimeError("The htpasswd encryption method %r is not "
"supported." % encryption) "supported." % self._encryption)
def _plain(self, hash_value: str, password: str) -> tuple[str, bool]: def _plain(self, hash_value: str, password: str) -> tuple[str, bool]:
"""Check if ``hash_value`` and ``password`` match, plain method.""" """Check if ``hash_value`` and ``password`` match, plain method."""