From 1b976129dd92bee124df052cfdbc895e7b3c5c5c Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Sun, 20 Jun 2010 18:26:54 -0700 Subject: [PATCH] require basic auth for getting too --- camlistored/camlistored.go | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/camlistored/camlistored.go b/camlistored/camlistored.go index d77890fd3..abbf8240d 100644 --- a/camlistored/camlistored.go +++ b/camlistored/camlistored.go @@ -18,7 +18,7 @@ import "regexp" var listen *string = flag.String("listen", "0.0.0.0:3179", "host:port to listen on") var storageRoot *string = flag.String("root", "/tmp/camliroot", "Root directory to store files") -var sharedSecret string +var putPassword string var kGetPutPattern *regexp.Regexp = regexp.MustCompile(`^/camli/(sha1)-([a-f0-9]+)$`) var kBasicAuthPattern *regexp.Regexp = regexp.MustCompile(`^Basic ([a-zA-Z0-9\+/=]+)`) @@ -88,9 +88,18 @@ func putAllowed(req *http.Request) bool { } var outBuf []byte = make([]byte, base64.StdEncoding.DecodedLen(len(matches[1]))) bytes, err := base64.StdEncoding.Decode(outBuf, []uint8(matches[1])) + if err != nil { + return false + } + password := string(outBuf) fmt.Println("Decoded bytes:", bytes, " error: ", err) - fmt.Println("Got userPass:", string(outBuf)) - return false + fmt.Println("Got userPass:", password) + return password != "" && password == putPassword; +} + +func getAllowed(req *http.Request) bool { + // For now... + return putAllowed(req) } func handleCamli(conn *http.Conn, req *http.Request) { @@ -108,6 +117,13 @@ func handleCamli(conn *http.Conn, req *http.Request) { } func handleGet(conn *http.Conn, req *http.Request) { + if !getAllowed(req) { + conn.SetHeader("WWW-Authenticate", "Basic realm=\"camlistored\"") + conn.WriteHeader(http.StatusUnauthorized) + fmt.Fprintf(conn, "Authentication required.") + return + } + objRef := ParsePath(req.URL.Path) if objRef == nil { badRequestError(conn, "Malformed GET URL.") @@ -239,8 +255,8 @@ This is camlistored, a Camlistore storage daemon. func main() { flag.Parse() - sharedSecret = os.Getenv("CAMLI_PASSWORD") - if len(sharedSecret) == 0 { + putPassword = os.Getenv("CAMLI_PASSWORD") + if len(putPassword) == 0 { fmt.Fprintf(os.Stderr, "No CAMLI_PASSWORD environment variable set.\n") os.Exit(1)