YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #84 from YunoHost/caching_for_hash

Browse source 
[enh] uses caching for hash to avoid heavy recalculation and process spawning
This commit is contained in:
Laurent Peuch 2017-05-23 21:40:30 +02:00 committed by GitHub
commit c1a388ccf0
1 changed files with 24 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
helpers.lua
View file

@ -72,23 +72,31 @@ end
-- Hash a string using hmac_sha512, return a hexa string -- Hash a string using hmac_sha512, return a hexa string
function hmac_sha512(key, message) function hmac_sha512(key, message)
-- lua ecosystem is a disaster and it was not possible to find a good local cache_key = key..":"..message
-- easily multiplatform integrable code for this
-- Python has this buildin, so we call it directly
--
-- this is a bad and probably leak the key and the message in the process list
-- but if someone got there I guess we really have other problems
-- and also this is way better than the previous situation
local pipe = io.popen("echo -n '" ..message.. "' | openssl sha512 -hmac '" ..key.. "'")
-- openssl returns something like this: if not cache:get(cache_key) then
-- root@yunohost:~# echo -n "qsd" | openssl sha512 -hmac "key" -- lua ecosystem is a disaster and it was not possible to find a good
-- (stdin)= f1c2b1658fe64c5a3d16459f2f4eea213e4181905c190235b060ab2a4e7d6a41c15ea2c246828537a1e32ae524b7a7ed309e6d296089194c3e3e3efb98c1fbe3 -- easily multiplatform integrable code for this
-- -- Python has this buildin, so we call it directly
-- so we need to remove the "(stdin)= " at the beginning --
local hash = pipe:read():sub(string.len("(stdin)= ") + 1) -- this is a bad and probably leak the key and the message in the process list
pipe:close() -- but if someone got there I guess we really have other problems
return hash -- and also this is way better than the previous situation
local pipe = io.popen("echo -n '" ..message.. "' | openssl sha512 -hmac '" ..key.. "'")
-- openssl returns something like this:
-- root@yunohost:~# echo -n "qsd" | openssl sha512 -hmac "key"
-- (stdin)= f1c2b1658fe64c5a3d16459f2f4eea213e4181905c190235b060ab2a4e7d6a41c15ea2c246828537a1e32ae524b7a7ed309e6d296089194c3e3e3efb98c1fbe3
--
-- so we need to remove the "(stdin)= " at the beginning
local hash = pipe:read():sub(string.len("(stdin)= ") + 1)
pipe:close()
cache:set(cache_key, hash, conf["session_timeout"])
return hash
else
return cache:get(cache_key)
end
end end