# This file is part of Radicale Server - Calendar Server # Copyright © 2008 Nicolas Kandel # Copyright © 2008 Pascal Halter # Copyright © 2008-2016 Guillaume Ayoub # # This library is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Radicale. If not, see . """ Authentication management. Default is htpasswd authentication. Apache's htpasswd command (httpd.apache.org/docs/programs/htpasswd.html) manages a file for storing user credentials. It can encrypt passwords using different methods, e.g. BCRYPT, MD5-APR1 (a version of MD5 modified for Apache), SHA1, or by using the system's CRYPT routine. The CRYPT and SHA1 encryption methods implemented by htpasswd are considered as insecure. MD5-APR1 provides medium security as of 2015. Only BCRYPT can be considered secure by current standards. MD5-APR1-encrypted credentials can be written by all versions of htpasswd (its the default, in fact), whereas BCRYPT requires htpasswd 2.4.x or newer. The `is_authenticated(user, password)` function provided by this module verifies the user-given credentials by parsing the htpasswd credential file pointed to by the ``htpasswd_filename`` configuration value while assuming the password encryption method specified via the ``htpasswd_encryption`` configuration value. The following htpasswd password encrpytion methods are supported by Radicale out-of-the-box: - plain-text (created by htpasswd -p...) -- INSECURE - CRYPT (created by htpasswd -d...) -- INSECURE - SHA1 (created by htpasswd -s...) -- INSECURE When passlib (https://pypi.python.org/pypi/passlib) is importable, the following significantly more secure schemes are parsable by Radicale: - MD5-APR1 (htpasswd -m...) -- htpasswd's default method - BCRYPT (htpasswd -B...) -- Requires htpasswd 2.4.x """ import base64 import hashlib import os import sys from . import config, log def _load(): """Load the authentication manager chosen in configuration.""" auth_type = config.get("auth", "type") log.LOGGER.debug("Authentication type is %s" % auth_type) if auth_type == "None": sys.modules[__name__].is_authenticated = lambda user, password: True elif auth_type == "htpasswd": pass # is_authenticated is already defined else: __import__(auth_type) sys.modules[__name__].is_authenticated = ( sys.modules[auth_type].is_authenticated) FILENAME = os.path.expanduser(config.get("auth", "htpasswd_filename")) ENCRYPTION = config.get("auth", "htpasswd_encryption") def _plain(hash_value, password): """Check if ``hash_value`` and ``password`` match, using plain method.""" return hash_value == password def _crypt(hash_value, password): """Check if ``hash_value`` and ``password`` match, using crypt method.""" return crypt.crypt(password, hash_value) == hash_value def _sha1(hash_value, password): """Check if ``hash_value`` and ``password`` match, using sha1 method.""" hash_value = hash_value.replace("{SHA}", "").encode("ascii") password = password.encode(config.get("encoding", "stock")) sha1 = hashlib.sha1() # pylint: disable=E1101 sha1.update(password) return sha1.digest() == base64.b64decode(hash_value) def _ssha(hash_salt_value, password): """Check if ``hash_salt_value`` and ``password`` match, using salted sha1 method. This method is not directly supported by htpasswd, but it can be written with e.g. openssl, and nginx can parse it.""" hash_salt_value = hash_salt_value.replace( "{SSHA}", "").encode("ascii").decode('base64') password = password.encode(config.get("encoding", "stock")) hash_value = hash_salt_value[:20] salt_value = hash_salt_value[20:] sha1 = hashlib.sha1() # pylint: disable=E1101 sha1.update(password) sha1.update(salt_value) return sha1.digest() == hash_value def _bcrypt(hash_value, password): return _passlib_bcrypt.verify(password, hash_value) def _md5apr1(hash_value, password): return _passlib_md5apr1.verify(password, hash_value) # Prepare mapping between encryption names and verification functions. # Pre-fill with methods that do not have external dependencies. _verifuncs = { "ssha": _ssha, "sha1": _sha1, "plain": _plain} # Conditionally attempt to import external dependencies. if ENCRYPTION == "md5": try: from passlib.hash import apr_md5_crypt as _passlib_md5apr1 except ImportError: raise RuntimeError(("The htpasswd_encryption method 'md5' requires " "availability of the passlib module.")) _verifuncs["md5"] = _md5apr1 elif ENCRYPTION == "bcrypt": try: from passlib.hash import bcrypt as _passlib_bcrypt except ImportError: raise RuntimeError(("The htpasswd_encryption method 'bcrypt' requires " "availability of the passlib module with bcrypt support.")) # A call to `encrypt` raises passlib.exc.MissingBackendError with a good # error message if bcrypt backend is not available. Trigger this here. _passlib_bcrypt.encrypt("test-bcrypt-backend") _verifuncs["bcrypt"] = _bcrypt elif ENCRYPTION == "crypt": try: import crypt except ImportError: raise RuntimeError(("The htpasswd_encryption method 'crypt' requires " "crypt() system support.")) _verifuncs["crypt"] = _crypt # Validate initial configuration. if ENCRYPTION not in _verifuncs: raise RuntimeError(("The htpasswd encryption method '%s' is not " "supported." % ENCRYPTION)) def is_authenticated(user, password): """Validate credentials. Iterate through htpasswd credential file until user matches, extract hash (encrypted password) and check hash against user-given password, using the method specified in the Radicale config. """ with open(FILENAME) as f: for line in f: strippedline = line.strip() if strippedline: login, hash_value = strippedline.split(":") if login == user: # Allow encryption method to be overridden at runtime. return _verifuncs[ENCRYPTION](hash_value, password) return False