mirrors/hysteria
1
0
Fork 0
mirror of https://github.com/apernet/hysteria.git synced 2025-04-03 04:27:39 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1306 from apernet/wip-userpass-ignore-case

Browse source 
Make username of userpass case insensitive
This commit is contained in:
Toby 2025-02-03 18:05:27 -08:00 committed by GitHub
commit 401ed5245d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 32 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/cmd/server.go
View file

@ -755,7 +755,7 @@ func (c *serverConfig) fillAuthenticator(hyConfig *server.Config) error {
if len(c.Auth.UserPass) == 0 { if len(c.Auth.UserPass) == 0 {
return configError{Field: "auth.userpass", Err: errors.New("empty auth userpass")} return configError{Field: "auth.userpass", Err: errors.New("empty auth userpass")}
} }
hyConfig.Authenticator = &auth.UserPassAuthenticator{Users: c.Auth.UserPass} hyConfig.Authenticator = auth.NewUserPassAuthenticator(c.Auth.UserPass)
return nil return nil
case "http", "https": case "http", "https":
if c.Auth.HTTP.URL == "" { if c.Auth.HTTP.URL == "" {

17
extras/auth/userpass.go
View file

@ -16,7 +16,17 @@ var _ server.Authenticator = &UserPassAuthenticator{}
// UserPassAuthenticator checks the provided auth string against a map of username/password pairs. // UserPassAuthenticator checks the provided auth string against a map of username/password pairs.
// The format of the auth string must be "username:password". // The format of the auth string must be "username:password".
type UserPassAuthenticator struct { type UserPassAuthenticator struct {
Users map[string]string users map[string]string
}
func NewUserPassAuthenticator(users map[string]string) *UserPassAuthenticator {
// Usernames are case-insensitive, as they are already lowercased by viper.
// Lowercase it again on our own to make it explicit.
lcUsers := make(map[string]string, len(users))
for user, pass := range users {
lcUsers[strings.ToLower(user)] = pass
}
return &UserPassAuthenticator{users: lcUsers}
} }
func (a *UserPassAuthenticator) Authenticate(addr net.Addr, auth string, tx uint64) (ok bool, id string) { func (a *UserPassAuthenticator) Authenticate(addr net.Addr, auth string, tx uint64) (ok bool, id string) {
@ -24,7 +34,7 @@ func (a *UserPassAuthenticator) Authenticate(addr net.Addr, auth string, tx uint
if !ok { if !ok {
return false, "" return false, ""
} }
rp, ok := a.Users[u] rp, ok := a.users[u]
if !ok || rp != p { if !ok || rp != p {
return false, "" return false, ""
} }
@ -36,5 +46,6 @@ func splitUserPass(auth string) (user, pass string, ok bool) {
if len(rs) != 2 { if len(rs) != 2 {
return "", "", false return "", "", false
} }
return rs[0], rs[1], true // Usernames are case-insensitive
return strings.ToLower(rs[0]), rs[1], true
} }

20
extras/auth/userpass_test.go
View file

@ -85,12 +85,26 @@ func TestUserPassAuthenticator(t *testing.T) {
wantOk: false, wantOk: false,
wantId: "", wantId: "",
}, },
{
name: "case insensitive username",
fields: fields{
Users: map[string]string{
"gawR": "gura",
"fubuki": "shirakami",
},
},
args: args{
addr: nil,
auth: "Gawr:gura",
tx: 0,
},
wantOk: true,
wantId: "gawr",
},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
a := &UserPassAuthenticator{ a := NewUserPassAuthenticator(tt.fields.Users)
Users: tt.fields.Users,
}
gotOk, gotId := a.Authenticate(tt.args.addr, tt.args.auth, tt.args.tx) gotOk, gotId := a.Authenticate(tt.args.addr, tt.args.auth, tt.args.tx)
if gotOk != tt.wantOk { if gotOk != tt.wantOk {
t.Errorf("Authenticate() gotOk = %v, want %v", gotOk, tt.wantOk) t.Errorf("Authenticate() gotOk = %v, want %v", gotOk, tt.wantOk)