balki/mail4one
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases 5 Wiki Activity

add pepper

Browse Source
This commit is contained in:
Balakrishnan Balasubramanian
2018-12-27 22:43:28 -05:00
parent 15ddc53ff5
commit 98b4ea7c95
1 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
mail4one/pop3.py
View File

@@ -1,17 +1,21 @@
import asyncio
import logging
import os
import ssl
from _contextvars import ContextVar
from dataclasses import dataclass
from hashlib import sha256
from pathlib import Path
from typing import ClassVar, List, Set
from hashlib import sha256
from secrets import compare_digest
from .poputils import InvalidCommand, parse_command, err, Command, ClientQuit, ClientError, AuthError, ok, msg, end, \
Request, MailEntry, get_mail, get_mails_list, MailList
def add_season(content: bytes, season: bytes):
return sha256(season + content).digest()
# noinspection PyProtectedMember
@dataclass
class Session:
@@ -23,6 +27,13 @@ class Session:
mails_path: ClassVar[Path] = Path("")
current_session: ClassVar = ContextVar("session")
password_hash: ClassVar[str] = ""
SALT: ClassVar[bytes] = b"balki is awesome+"
pepper: ClassVar[bytes]
@classmethod
def init_password(cls, salted_hash: str):
cls.pepper = os.urandom(32)
cls.password_hash = add_season(bytes.fromhex(salted_hash), cls.pepper)
@classmethod
def get(cls):
@@ -69,9 +80,7 @@ def write(data):
def validate_password(password):
salt = "balki is awesome+"
salted = f"{salt}{password}"
if not compare_digest(Session.password_hash, sha256(salted.encode()).hexdigest()):
if Session.password_hash != add_season(add_season(password.encode(), Session.SALT), Session.pepper):
raise AuthError("Invalid user pass")
@@ -268,7 +277,7 @@ async def timed_cb(stream_reader: asyncio.StreamReader, stream_writer: asyncio.S
async def create_pop_server(dirpath: Path, port: int, password_hash: str, host="", context: ssl.SSLContext = None):
Session.mails_path = dirpath
Session.password_hash = password_hash
Session.init_password(password_hash)
logging.info(
f"Starting POP3 server Maildir={dirpath}, host={host}, port={port}, context={context}")
return await asyncio.start_server(timed_cb, host=host, port=port, ssl=context)
@@ -280,4 +289,4 @@ async def a_main(*args, **kwargs):
if __name__ == "__main__":
asyncio.run(a_main(Path("/tmp/mails"), 9995, password_hash=sha256("dummy".encode()).hexdigest()))
asyncio.run(a_main(Path("/tmp/mails"), 9995, password_hash=add_season(b"dummy", Session.SALT).hexdigest()))