haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-04-27 11:10:49 +00:00
Code Issues Releases Wiki Activity

Create repo add pwd_hash and don't read pwd_hash from seafile.conf (#665)

Browse Source 
Co-authored-by: 杨赫然 <heran.yang@seafile.com>
This commit is contained in:
feiniks 2024-07-16 16:42:37 +08:00 committed by GitHub
parent 06851a12c1
commit ba9476d67b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
11 changed files with 27 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
common/rpc-service.c
View File

@ -715,40 +715,19 @@ seafile_generate_magic_and_random_key(int enc_version,
return NULL;
}
const char *algo = NULL;
const char *params = NULL;
algo = seafile_crypt_get_default_pwd_hash_algo ();
params = seafile_crypt_get_default_pwd_hash_params ();
if (algo != NULL) {
seafile_generate_pwd_hash (repo_id, passwd, salt, algo, params, pwd_hash);
} else {
seafile_generate_magic (enc_version, repo_id, passwd, salt, magic);
}
seafile_generate_magic (enc_version, repo_id, passwd, salt, magic);
if (seafile_generate_random_key (passwd, enc_version, salt, random_key) < 0) {
return NULL;
}
SeafileEncryptionInfo *sinfo;
if (algo != NULL) {
sinfo = g_object_new (SEAFILE_TYPE_ENCRYPTION_INFO,
"repo_id", repo_id,
"passwd", passwd,
"enc_version", enc_version,
"pwd_hash", pwd_hash,
"pwd_hash_algo", algo,
"pwd_hash_params", params,
"random_key", random_key,
NULL);
} else {
sinfo = g_object_new (SEAFILE_TYPE_ENCRYPTION_INFO,
"repo_id", repo_id,
"passwd", passwd,
"enc_version", enc_version,
"magic", magic,
"random_key", random_key,
NULL);
}
sinfo = g_object_new (SEAFILE_TYPE_ENCRYPTION_INFO,
"repo_id", repo_id,
"passwd", passwd,
"enc_version", enc_version,
"magic", magic,
"random_key", random_key,
NULL);
if (enc_version >= 3)
g_object_set (sinfo, "salt", salt, NULL);
@ -3080,6 +3059,8 @@ seafile_create_repo (const char *repo_name,
const char *owner_email,
const char *passwd,
int enc_version,
const char *pwd_hash_algo,
const char *pwd_hash_params,
GError **error)
{
if (!repo_name || !repo_desc || !owner_email) {
@ -3094,6 +3075,8 @@ seafile_create_repo (const char *repo_name,
owner_email,
passwd,
enc_version,
pwd_hash_algo,
pwd_hash_params,
error);
return repo_id;
}

20
common/seafile-crypt.c
View File

@ -23,14 +23,6 @@
/* Should generate random salt for each repo. */
static unsigned char salt[8] = { 0xda, 0x90, 0x45, 0xc3, 0x06, 0xc7, 0xcc, 0x26 };
static PwdHashParams default_params;
void
seafile_crypt_init (const char *algo, const char *params)
{
parse_pwd_hash_params (algo, params, &default_params);
}
SeafileCrypt *
seafile_crypt_new (int version, unsigned char *key, unsigned char *iv)
{
@ -44,18 +36,6 @@ seafile_crypt_new (int version, unsigned char *key, unsigned char *iv)
return crypt;
}
const char *
seafile_crypt_get_default_pwd_hash_algo ()
{
return default_params.algo;
}
const char *
seafile_crypt_get_default_pwd_hash_params ()
{
return default_params.params_str;
}
int
seafile_derive_key (const char *data_in, int in_len, int version,
const char *repo_salt,

9
common/seafile-crypt.h
View File

@ -27,18 +27,9 @@ struct SeafileCrypt {
typedef struct SeafileCrypt SeafileCrypt;
void
seafile_crypt_init (const char *algo, const char *params);
SeafileCrypt *
seafile_crypt_new (int version, unsigned char *key, unsigned char *iv);
const char *
seafile_crypt_get_default_pwd_hash_algo ();
const char *
seafile_crypt_get_default_pwd_hash_params ();
/*
Derive key and iv used by AES encryption from @data_in.
key and iv is 16 bytes for version 1, and 32 bytes for version 2.

2
include/seafile-rpc.h
View File

@ -912,6 +912,8 @@ seafile_create_repo (const char *repo_name,
const char *owner_email,
const char *passwd,
int enc_version,
const char *pwd_hash_algo,
const char *pwd_hash_params,
GError **error);
char *

1
lib/rpc_table.py
View File

@ -56,6 +56,7 @@ func_table = [
[ "string", ["string", "string", "string", "int"] ],
[ "string", ["string", "string", "string", "string"] ],
[ "string", ["string", "string", "string", "string", "int"] ],
[ "string", ["string", "string", "string", "string", "int", "string", "string"] ],
[ "string", ["string", "string", "string", "string", "string"] ],
[ "string", ["string", "string", "string", "string", "string", "int"] ],
[ "string", ["string", "string", "string", "int", "string", "string"] ],

4
python/seafile/rpcclient.py
View File

@ -6,8 +6,8 @@ class SeafServerThreadedRpcClient(NamedPipeClient):
NamedPipeClient.__init__(self, pipe_path, "seafserv-threaded-rpcserver")
# repo manipulation
@searpc_func("string", ["string", "string", "string", "string", "int"])
def seafile_create_repo(name, desc, owner_email, passwd, enc_version):
@searpc_func("string", ["string", "string", "string", "string", "int", "string", "string"])
def seafile_create_repo(name, desc, owner_email, passwd, enc_version, pwd_hash_algo, pwd_hash_params):
pass
create_repo = seafile_create_repo

4
python/seaserv/api.py
View File

@ -86,8 +86,8 @@ class SeafileAPI(object):
# repo manipulation
def create_repo(self, name, desc, username, passwd=None, enc_version=2, storage_id=None):
return seafserv_threaded_rpc.create_repo(name, desc, username, passwd, enc_version)
def create_repo(self, name, desc, username, passwd=None, enc_version=2, storage_id=None, pwd_hash_algo=None, pwd_hash_params=None):
return seafserv_threaded_rpc.create_repo(name, desc, username, passwd, enc_version, pwd_hash_algo, pwd_hash_params)
def create_enc_repo(self, repo_id, name, desc, username, magic, random_key, salt, enc_version, pwd_hash=None, pwd_hash_algo=None, pwd_hash_params=None):
return seafserv_threaded_rpc.create_enc_repo(repo_id, name, desc, username, magic, random_key, salt, enc_version, pwd_hash, pwd_hash_algo, pwd_hash_params)

6
server/repo-mgr.c
View File

@ -3927,12 +3927,14 @@ seaf_repo_manager_create_new_repo (SeafRepoManager *mgr,
const char *owner_email,
const char *passwd,
int enc_version,
const char *pwd_hash_algo,
const char *pwd_hash_params,
GError **error)
{
char *repo_id = NULL;
char salt[65], magic[65], pwd_hash[65], random_key[97];
const char *algo = seafile_crypt_get_default_pwd_hash_algo ();
const char *params = seafile_crypt_get_default_pwd_hash_params ();
const char *algo = pwd_hash_algo;
const char *params = pwd_hash_params;
repo_id = gen_uuid ();

2
server/repo-mgr.h
View File

@ -505,6 +505,8 @@ seaf_repo_manager_create_new_repo (SeafRepoManager *mgr,
const char *owner_email,
const char *passwd,
int enc_version,
const char *pwd_hash_algo,
const char *pwd_hash_params,
GError **error);
char *

2
server/seaf-server.c
View File

@ -222,7 +222,7 @@ static void start_rpc_service (const char *seafile_dir,
searpc_server_register_function ("seafserv-threaded-rpcserver",
seafile_create_repo,
"seafile_create_repo",
searpc_signature_string__string_string_string_string_int());
searpc_signature_string__string_string_string_string_int_string_string());
searpc_server_register_function ("seafserv-threaded-rpcserver",
seafile_create_enc_repo,

17
server/seafile-session.c
View File

@ -122,8 +122,6 @@ seafile_session_new(const char *central_config_dir,
char *notif_server = NULL;
int notif_port = 8083;
char *private_key = NULL;
char *pwd_hash_algo = NULL;
char *pwd_hash_params = NULL;
abs_ccnet_dir = ccnet_expand_path (ccnet_dir);
abs_seafile_dir = ccnet_expand_path (seafile_dir);
@ -210,17 +208,6 @@ seafile_session_new(const char *central_config_dir,
session->private_key = private_key;
}
pwd_hash_algo = g_key_file_get_string (config,
"password_hash", "pwd_hash_algo",
NULL);
pwd_hash_params = g_key_file_get_string (config,
"password_hash", "pwd_hash_params",
NULL);
seafile_crypt_init (pwd_hash_algo, pwd_hash_params);
g_free (pwd_hash_algo);
g_free (pwd_hash_params);
if (load_database_config (session) < 0) {
seaf_warning ("Failed to load database config.\n");
goto onerror;
@ -322,8 +309,6 @@ onerror:
free (abs_seafile_dir);
free (abs_ccnet_dir);
g_free (tmp_file_dir);
g_free (pwd_hash_algo);
g_free (pwd_hash_params);
g_free (session);
return NULL;
}
@ -534,7 +519,7 @@ create_system_default_repo (void *data)
"My Library Template",
"Template for creating 'My Library' for users",
"System",
NULL, -1, NULL);
NULL, -1, NULL, NULL, NULL);
if (!repo_id) {
seaf_warning ("Failed to create system default repo.\n");
return data;