- added password checking

- added command line option --mkpasswd to class argparser to hash a password - added a method to generate a SHA512-hash to asrc-server.py
2013-06-25 11:51:19 +02:00 · 2013-06-25 11:51:19 +02:00 · 4259e5836b
parent 25d3344104
commit 4259e5836b
4 changed files with 29 additions and 9 deletions
--- a/asrc-server.py
+++ b/asrc-server.py
@ -33,7 +33,7 @@


 import sys, os, socket, socketserver, threading, time
-from include import argparser, comm
+from include import argparser, comm, auth


 class ThreadedRequestHandler(socketserver.StreamRequestHandler):
@ -53,6 +53,9 @@ class ThreadedRequestHandler(socketserver.StreamRequestHandler):
        # send motd
        self.request.sendall(bytes((comm.motd(MOTD) + "\n"), ENCODING))
        
+        if not auth.check_passwd(self.rfile.readline().strip()):
+            return
+        
        repeat = True
        
        while repeat:
@ -75,11 +78,17 @@ def main():
    
    
    comm.init(ServerVersion, ProtocolVersion, VERBOSITY, aliases, PASSWORD)
+    auth.init(PASSWORD)
    
    # parse arguments
    parser = argparser
    args = parser.parse(ServerVersion, ProtocolVersion)
    
+    # hash a given password
+    if args.mkpasswd:
+        import getpass
+        print(auth.mkpasswd(bytes((getpass.getpass().strip()), 'utf-8')))
+        return
    
    # set settings if command line options are given
    if args.host: HOST = args.host
@ -175,7 +184,7 @@ if __name__ == '__main__':
    ENCODING = 'utf-8'
    
    # SHA512-encoded Password for authentication with the server
-    PASSWORD = 'a52fb4e552326fd8216f52a96f3d037309ef25acb22e5ead60bf258d2ea6652ab9fd5ab1117eb4bafe7476224d081ad7737132c4c096e9e8287a3c3f9d7d14f6'
+    PASSWORD = '78ddc8555bb1677ff5af75ba5fc02cb30bb592b0610277ae15055e189b77fe3fda496e5027a3d99ec85d54941adee1cc174b50438fdc21d82d0a79f85b58cf44'
    
    # Dictionary of aliases. Use python syntax. You can use
    # the variable send for text to send to the client.
--- a/include/argparser.py
+++ b/include/argparser.py
@ -74,4 +74,9 @@ class argparser:
            "--encoding",
            help = "encoding to be used when communicating with clients")
        
+        parser.add_argument(
+            "--mkpasswd",
+            action = "store_true",
+            help = "encode a password with SHA512")
+        
        return parser.parse_args()
--- a/include/auth.py
+++ b/include/auth.py
@ -4,12 +4,14 @@
 #    for protocol version 0.2.20130617
 #

+import hashlib
+
 class auth:
+    
    passwd = ""
    
    def init(password):
        #from Crypto.Hash import Hash
-        import hashlib
        
        global passwd
        passwd = password
@ -19,5 +21,12 @@ class auth:
        """
        checks a given password
        """
-        if hashlib.sha512(bytearray(incpass)).hexdigest() == passwd: return True
+        #return hashlib.sha512(incpass).hexdigest()
+        if hashlib.sha512(incpass).hexdigest() == passwd: return True
        else: return False
+
+    def mkpasswd(incpass):
+        """
+        encodes a password with SHA512
+        """
+        return hashlib.sha512(incpass).hexdigest()
--- a/include/comm.py
+++ b/include/comm.py
@ -6,7 +6,7 @@


 from .statuscodes import statuscodes
-from .auth import auth
+#from .auth import auth


 class comm:
@ -29,10 +29,7 @@ class comm:
        protocol_version = ProtocolVersion
        verbosity = Verbosity
        
-        auth.init(Password)
-    
-    def authenticate():
-        pass
+        #auth.init(Password)
    
    # builds an header
    def header(CodeList, AdditionalHeaderLines = ""):