discouraged adduser command

This commit is contained in:
Ted Unangst 2019-05-22 15:11:39 -04:00
parent ca3460186a
commit 5c06453f53
3 changed files with 81 additions and 59 deletions

View File

@ -65,6 +65,10 @@ One may occasionally run `honk cleanup` to free up internal space in the
database. (This does not run vacuum, so the file size will not immediately
shrink.)
-- add user
Running `honk adduser` can add additional users. This is discouraged.
-- proxy
honk requires a TLS terminating reverse proxy be configured. It communicates

25
honk.go
View File

@ -17,8 +17,6 @@ package main
import (
"bytes"
"crypto/rand"
"crypto/rsa"
"database/sql"
"fmt"
"html"
@ -1364,27 +1362,6 @@ func prepareStatements(db *sql.DB) {
func ElaborateUnitTests() {
}
func finishusersetup() error {
db := opendatabase()
k, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return err
}
pubkey, err := zem(&k.PublicKey)
if err != nil {
return err
}
seckey, err := zem(k)
if err != nil {
return err
}
_, err = db.Exec("update users set displayname = username, about = ?, pubkey = ?, seckey = ? where userid = 1", "what about me?", pubkey, seckey)
if err != nil {
return err
}
return nil
}
func main() {
cmd := "run"
if len(os.Args) > 1 {
@ -1405,6 +1382,8 @@ func main() {
getconfig("servername", &serverName)
prepareStatements(db)
switch cmd {
case "adduser":
adduser()
case "cleanup":
cleanupdb()
case "ping":

111
util.go
View File

@ -35,6 +35,7 @@ import "C"
import (
"bufio"
"crypto/rand"
"crypto/rsa"
"crypto/sha512"
"database/sql"
"fmt"
@ -108,41 +109,13 @@ func initdb() {
}
defer db.Close()
r := bufio.NewReader(os.Stdin)
fmt.Printf("username: ")
name, err := r.ReadString('\n')
if err != nil {
log.Print(err)
return
}
name = name[:len(name)-1]
if len(name) < 1 {
log.Print("that's way too short")
return
}
C.termecho(0)
fmt.Printf("password: ")
pass, err := r.ReadString('\n')
C.termecho(1)
fmt.Printf("\n")
if err != nil {
log.Print(err)
return
}
pass = pass[:len(pass)-1]
if len(pass) < 6 {
log.Print("that's way too short")
return
}
hash, err := bcrypt.GenerateFromPassword([]byte(pass), 12)
if err != nil {
log.Print(err)
return
}
_, err = db.Exec("insert into users (username, hash) values (?, ?)", name, hash)
err = createuser(db, r)
if err != nil {
log.Print(err)
return
}
fmt.Printf("listen address: ")
addr, err := r.ReadString('\n')
if err != nil {
@ -188,17 +161,83 @@ func initdb() {
log.Print(err)
return
}
err = finishusersetup()
if err != nil {
log.Print(err)
return
}
prepareStatements(db)
db.Close()
fmt.Printf("done.\n")
os.Exit(0)
}
func adduser() {
db := opendatabase()
defer func() {
os.Exit(1)
}()
c := make(chan os.Signal)
signal.Notify(c, os.Interrupt)
go func() {
<-c
C.termecho(1)
fmt.Printf("\n")
os.Exit(1)
}()
r := bufio.NewReader(os.Stdin)
err := createuser(db, r)
if err != nil {
log.Print(err)
return
}
db.Close()
os.Exit(0)
}
func createuser(db *sql.DB, r *bufio.Reader) error {
fmt.Printf("username: ")
name, err := r.ReadString('\n')
if err != nil {
return err
}
name = name[:len(name)-1]
if len(name) < 1 {
return fmt.Errorf("that's way too short")
}
C.termecho(0)
fmt.Printf("password: ")
pass, err := r.ReadString('\n')
C.termecho(1)
fmt.Printf("\n")
if err != nil {
return err
}
pass = pass[:len(pass)-1]
if len(pass) < 6 {
return fmt.Errorf("that's way too short")
}
hash, err := bcrypt.GenerateFromPassword([]byte(pass), 12)
if err != nil {
return err
}
k, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return err
}
pubkey, err := zem(&k.PublicKey)
if err != nil {
return err
}
seckey, err := zem(k)
if err != nil {
return err
}
_, err = db.Exec("insert into users (username, displayname, about, hash, pubkey, seckey) values (?, ?, ?, ?, ?, ?)", name, name, "what about me?", hash, pubkey, seckey)
if err != nil {
return err
}
return nil
}
func opendatabase() *sql.DB {
if alreadyopendb != nil {
return alreadyopendb