From 4c06854897e6579e8e8410ff01853e59bf1f2700 Mon Sep 17 00:00:00 2001 From: coderaiser Date: Tue, 24 Mar 2015 07:07:03 -0400 Subject: [PATCH] feature(config) add algo --- HELP.md | 1 + json/config.json | 1 + lib/server/auth.js | 18 ++++++------------ lib/server/config.js | 25 ++++++++----------------- lib/server/password.js | 20 ++++++++++++++++++++ 5 files changed, 36 insertions(+), 29 deletions(-) create mode 100644 lib/server/password.js diff --git a/HELP.md b/HELP.md index d47a041d..782e8355 100644 --- a/HELP.md +++ b/HELP.md @@ -183,6 +183,7 @@ Here is description of options: "auth" : false, /* enable http authentication */ "username" : "root", /* username for authentication */ "password" : "toor", /* password hash in sha-1 for authentication*/ + "algo" : "sha512WithRSAEncryption", /* cryptographic algorithm */ "editor" : "edward", /* default, could be "dword" or "edward" */ "diff" : true, /* when save - send patch, not whole file */ "zip" : true, /* zip text before send / unzip before save */ diff --git a/json/config.json b/json/config.json index a9f00535..ca24cae6 100644 --- a/json/config.json +++ b/json/config.json @@ -2,6 +2,7 @@ "auth": false, "username": "root", "password": "2b64f2e3f9fee1942af9ff60d40aa5a719db33b8ba8dd4864bb4f11e25ca2bee00907de32a59429602336cac832c8f2eeff5177cc14c864dd116c8bf6ca5d9a9", + "algo": "sha512WithRSAEncryption", "editor": "edward", "diff": true, "zip" : true, diff --git a/lib/server/auth.js b/lib/server/auth.js index c2dd9065..1dcf357d 100644 --- a/lib/server/auth.js +++ b/lib/server/auth.js @@ -3,10 +3,9 @@ var DIR = './', - crypto = require('crypto'), - tryRequire = require('tryrequire'), config = require(DIR + 'config'), + cryptPassword = require(DIR + 'password'), oldPass, oldName; @@ -32,11 +31,11 @@ var auth = httpAuth.basic({ realm: 'Cloud Commander' }, function (username, password, callback) { - var hash, sha, + var hash, name = config('username'), pass = config('password'), equal = username === name, - algo = 'sha512WithRSAEncryption'; + algo = config('algo'); if (!oldPass) oldPass = pass; @@ -47,17 +46,12 @@ if (!equal) username === oldName; - sha = crypto.createHash(algo); - sha.update(password); - - hash = sha.digest('hex'); + hash = cryptPassword(algo, password); equal = pass === hash && equal; if (!equal) { - sha = crypto.createHash(algo); - sha.update(oldPass); - hash = sha.digest('hex'); - equal = pass === hash && equal; + hash = cryptPassword(algo, oldPass); + equal = pass === hash && equal; } callback(equal); diff --git a/lib/server/config.js b/lib/server/config.js index f5a4aa6d..210b5cad 100644 --- a/lib/server/config.js +++ b/lib/server/config.js @@ -11,14 +11,13 @@ HOME = (HOME_UNIX || HOME_WIN) + '/', fs = require('fs'), - crypto = require('crypto'), + password = require(DIR_SERVER + 'password'), Util = require(DIR_LIB + 'util'), CloudFunc = require(DIR_LIB + 'cloudfunc'), + check = require('checkup'), - tryRequire = require('tryrequire'), - pipe = require('pipe-io'), ponse = require('ponse'), json = require('jonny'), @@ -32,11 +31,11 @@ tryRequire(ConfigHome) || tryRequire(ConfigPath, {log: true}) || {}; - module.exports = set; + module.exports = manage; module.exports.save = save; module.exports.socket = socket; - function set(key, value) { + function manage(key, value) { var result; if (key) @@ -154,25 +153,17 @@ Object.keys(json).forEach(function(name) { data = CloudFunc.formatMsg('config', name); - set(name, json[name]); + manage(name, json[name]); }); return data; } function cryptoPass(json) { + var algo = manage('algo'); + if (json && json.password) - json.password = crypt(json.password); - } - - function crypt(password) { - var result, - sha = crypto.createHash('sha512WithRSAEncryption'); - - sha.update(password); - result = sha.digest('hex'); - - return result; + json.password = password(algo, json.password); } })(); diff --git a/lib/server/password.js b/lib/server/password.js new file mode 100644 index 00000000..56db2b92 --- /dev/null +++ b/lib/server/password.js @@ -0,0 +1,20 @@ +(function() { + 'use strict'; + + var crypto = require('crypto'); + + module.exports = function(algo, password) { + var result, sha; + + if (!algo) + algo = 'sha512WithRSAEncryption'; + + sha = crypto.createHash(algo); + + sha.update(password); + result = sha.digest('hex'); + + return result; + }; + +})();