Changed password hashing method to bcrypt

This commit is contained in:
ed@djsu.me 2016-03-07 00:28:47 -05:00 committed by Harry Jeffery
parent c5165c37e6
commit 5fe27abec3
3 changed files with 6 additions and 9 deletions

View File

@ -49,7 +49,7 @@ func main() {
fields := strings.Fields(line) fields := strings.Fields(line)
if len(fields) == 2 { if len(fields) == 2 {
server.operatorMap[fields[0]] = fields[1] server.operatorMap[fields[0]] = []byte(fields[1])
} }
} }
} }

View File

@ -12,7 +12,7 @@ type Server struct {
name string name string
clientMap map[string]*Client //Map of nicks → clients clientMap map[string]*Client //Map of nicks → clients
channelMap map[string]*Channel //Map of channel names → channels channelMap map[string]*Channel //Map of channel names → channels
operatorMap map[string]string //Map of usernames → SHA1 hashed passwords operatorMap map[string][]byte //Map of usernames → bcrypt hashed passwords
motd string motd string
} }

View File

@ -1,9 +1,8 @@
package main package main
import ( import (
"crypto/sha1"
"fmt" "fmt"
"io" "golang.org/x/crypto/bcrypt"
"log" "log"
"net" "net"
"regexp" "regexp"
@ -20,7 +19,7 @@ func NewServer() *Server {
name: "rosella", name: "rosella",
clientMap: make(map[string]*Client), clientMap: make(map[string]*Client),
channelMap: make(map[string]*Channel), channelMap: make(map[string]*Channel),
operatorMap: make(map[string]string), operatorMap: make(map[string][]byte),
motd: "Welcome to IRC. Powered by Rosella."} motd: "Welcome to IRC. Powered by Rosella."}
} }
@ -315,10 +314,8 @@ func (s *Server) handleCommand(client *Client, command string, args []string) {
password := args[1] password := args[1]
if hashedPassword, exists := s.operatorMap[username]; exists { if hashedPassword, exists := s.operatorMap[username]; exists {
h := sha1.New() //nil means the passwords matched
io.WriteString(h, password) if err := bcrypt.CompareHashAndPassword(hashedPassword, []byte(password)); err == nil {
pass := fmt.Sprintf("%x", h.Sum(nil))
if hashedPassword == pass {
client.operator = true client.operator = true
client.reply(rplOper) client.reply(rplOper)
return return