From 86af3194e5f648cb36b58b96a1a955245a170dd5 Mon Sep 17 00:00:00 2001 From: _ <_@_> Date: Sat, 17 Apr 2021 17:43:13 -0500 Subject: [PATCH] :boom: breaking: remove password_is_bad from ptth_server The password checking is not necessary with the new process of generating high-entropy Base64 passwords and then approving them on the relay. The password file takes a lot of space and this doesn't need to be part of ptth_server's public API, if there is one, anyway. --- Cargo.lock | 2 +- crates/ptth_server/Cargo.toml | 4 +- .../ptth_server/src/file_server/internal.rs | 7 ++- crates/ptth_server/src/lib.rs | 48 +++---------------- 4 files changed, 12 insertions(+), 49 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index cf0a737..cc26eaf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1559,7 +1559,7 @@ dependencies = [ [[package]] name = "ptth_server" -version = "1.2.1" +version = "2.0.0" dependencies = [ "aho-corasick", "always_equal", diff --git a/crates/ptth_server/Cargo.toml b/crates/ptth_server/Cargo.toml index ca4754d..5bcd92e 100644 --- a/crates/ptth_server/Cargo.toml +++ b/crates/ptth_server/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "ptth_server" -version = "1.2.1" +version = "2.0.0" authors = ["Trish"] edition = "2018" license = "AGPL-3.0" @@ -43,7 +43,7 @@ toml = "0.5.7" uom = "0.30.0" always_equal = { path = "../always_equal", version = "1.0.0" } -ptth_core = { path = "../ptth_core", version = "1.3.0" } +ptth_core = { path = "../ptth_core", version = "1.4.0" } [dev-dependencies] diff --git a/crates/ptth_server/src/file_server/internal.rs b/crates/ptth_server/src/file_server/internal.rs index 2d2bebd..b14b812 100644 --- a/crates/ptth_server/src/file_server/internal.rs +++ b/crates/ptth_server/src/file_server/internal.rs @@ -25,7 +25,6 @@ use always_equal::prod::AlwaysEqual; use ptth_core::{ http_serde::Method, - prefix_match, prelude::*, }; @@ -211,7 +210,7 @@ async fn serve_api ( // API versioning will be major-only, so I'll keep adding stuff to v1 // until I need to deprecate or break something. - if let Some (path) = prefix_match ("/v1/dir/", path) { + if let Some (path) = path.strip_prefix ("/v1/dir/") { let encoded_path = &path [0..]; let path_s = percent_decode (encoded_path.as_bytes ()).decode_utf8 ().map_err (FileServerError::PathNotUtf8)?; @@ -283,11 +282,11 @@ pub async fn serve_all ( return Ok (Root); } - if let Some (path) = prefix_match ("/api", path) { + if let Some (path) = path.strip_prefix ("/api") { return serve_api (root, &uri, hidden_path, path).await; } - let path = match prefix_match ("/files/", path) { + let path = match path.strip_prefix ("/files/") { Some (x) => x, None => return Ok (NotFound), }; diff --git a/crates/ptth_server/src/lib.rs b/crates/ptth_server/src/lib.rs index 85f364b..89a49b0 100644 --- a/crates/ptth_server/src/lib.rs +++ b/crates/ptth_server/src/lib.rs @@ -1,3 +1,9 @@ +//! # PTTH Server +//! +//! The PTTH server makes an outgoing HTTP connection to a +//! PTTH relay, and then serves incoming HTTP requests through +//! the relay. + #![warn (clippy::pedantic)] // I don't see the point in documenting the errors outside of where the @@ -34,21 +40,6 @@ pub mod load_toml; use errors::ServerError; -// Thanks to https://github.com/robsheldon/bad-passwords-index - -const BAD_PASSWORDS: &[u8] = include_bytes! ("bad_passwords.txt"); - -#[must_use] -pub fn password_is_bad (mut password: String) -> bool { - password.make_ascii_lowercase (); - - let ac = aho_corasick::AhoCorasick::new (&[ - password - ]); - - ac.find (BAD_PASSWORDS).is_some () -} - struct State { file_server: file_server::State, config: Config, @@ -223,10 +214,6 @@ pub async fn run_server ( let asset_root = asset_root.unwrap_or_else (PathBuf::new); - if password_is_bad (config_file.api_key.clone ()) { - return Err (ServerError::WeakApiKey); - } - info! ("Server name is {}", config_file.name); info! ("Tripcode is {}", config_file.tripcode ()); @@ -374,27 +361,4 @@ mod tests { assert_eq! (config.tripcode (), "A9rPwZyY89Ag4TJjMoyYA2NeGOm99Je6rq1s0rg8PfY=".to_string ()); } - - #[test] - fn check_bad_passwords () { - for pw in &[ - "", - " ", - "user", - "password", - "pAsSwOrD", - "secret", - "123123", - ] { - assert! (password_is_bad (pw.to_string ())); - } - - use rand::prelude::*; - - let mut entropy = [0u8; 32]; - thread_rng ().fill_bytes (&mut entropy); - let good_password = base64::encode (entropy); - - assert! (! password_is_bad (good_password)); - } }