2018-11-24 14:59:42 +01:00
|
|
|
// Copyright (c) 2018, Andreas Schneider
|
|
|
|
// All rights reserved.
|
|
|
|
//
|
|
|
|
// Redistribution and use in source and binary forms, with or without
|
|
|
|
// modification, are permitted provided that the following conditions are met:
|
|
|
|
// * Redistributions of source code must retain the above copyright
|
|
|
|
// notice, this list of conditions and the following disclaimer.
|
|
|
|
// * Redistributions in binary form must reproduce the above copyright
|
|
|
|
// notice, this list of conditions and the following disclaimer in the
|
|
|
|
// documentation and/or other materials provided with the distribution.
|
|
|
|
// * Neither the name of the <organization> nor the
|
|
|
|
// names of its contributors may be used to endorse or promote products
|
|
|
|
// derived from this software without specific prior written permission.
|
|
|
|
//
|
|
|
|
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
|
|
|
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
|
|
|
|
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
|
|
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
|
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
|
|
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2018-11-24 18:10:06 +01:00
|
|
|
"flag"
|
2018-11-24 18:28:58 +01:00
|
|
|
"fmt"
|
|
|
|
pwgen "github.com/sethvargo/go-password/password"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
2018-11-24 14:59:42 +01:00
|
|
|
"golang.org/x/net/webdav"
|
2018-11-24 18:28:58 +01:00
|
|
|
"math/rand"
|
2018-11-24 14:59:42 +01:00
|
|
|
"net/http"
|
2018-11-24 18:28:58 +01:00
|
|
|
"time"
|
2018-11-24 14:59:42 +01:00
|
|
|
)
|
|
|
|
|
2018-11-24 18:10:06 +01:00
|
|
|
var configFile = flag.String("config", "sharedav.toml", "Config file to be used.")
|
2018-11-24 18:28:58 +01:00
|
|
|
var genPassword = flag.Bool("genpass", false, "If set, a password will be generated and hashed.")
|
|
|
|
var hashPassword = flag.String("hashpass", "", "If set, the given password will be hashed.")
|
2018-11-24 18:10:06 +01:00
|
|
|
|
2018-11-24 14:59:42 +01:00
|
|
|
func main() {
|
2018-11-24 18:10:06 +01:00
|
|
|
flag.Parse()
|
|
|
|
|
2018-11-24 18:28:58 +01:00
|
|
|
if *genPassword {
|
|
|
|
// math.rand is not secure. For determining the number of digits in a password
|
|
|
|
// it should suffice, though.
|
|
|
|
rand.Seed(time.Now().UnixNano())
|
|
|
|
pwLen := 32
|
|
|
|
pw, err := pwgen.Generate(pwLen, rand.Intn(pwLen/2), 0, false, true)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(pw), 0)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
fmt.Printf("Password: %s\n", pw)
|
|
|
|
fmt.Printf(" Hash: %s\n", hash)
|
|
|
|
return
|
|
|
|
} else if *hashPassword != "" {
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(*hashPassword), 0)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
fmt.Println(string(hash))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2018-11-24 18:10:06 +01:00
|
|
|
c := LoadConfig(*configFile)
|
|
|
|
|
2018-11-24 14:59:42 +01:00
|
|
|
h := &webdav.Handler{}
|
|
|
|
h.LockSystem = webdav.NewMemLS()
|
2018-11-24 18:10:06 +01:00
|
|
|
h.FileSystem = BaseDir(c.BaseDirectory)
|
2018-11-24 14:59:42 +01:00
|
|
|
|
|
|
|
authenticatedWebdavHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
username, password, ok := r.BasicAuth()
|
2018-11-24 18:10:06 +01:00
|
|
|
directory := ""
|
|
|
|
if ok {
|
|
|
|
ok, directory = c.ValidateDAVUser(username, password)
|
|
|
|
}
|
|
|
|
if !ok {
|
2018-11-24 14:59:42 +01:00
|
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="ShareDAV"`)
|
|
|
|
http.Error(w, "unauthorized", http.StatusUnauthorized)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2018-11-24 18:10:06 +01:00
|
|
|
// Use the WebDAV handler to actually serve the request. Also enhance the context
|
|
|
|
// to contain the subdirectory (of the base directory) which contains the data for
|
|
|
|
// the authenticated user.
|
|
|
|
h.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), "dir", directory)))
|
2018-11-24 14:59:42 +01:00
|
|
|
})
|
|
|
|
|
2018-11-24 18:10:06 +01:00
|
|
|
http.ListenAndServe(c.ListenAddress, authenticatedWebdavHandler)
|
2018-11-24 14:59:42 +01:00
|
|
|
}
|