YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Passwords can be set interactively

Browse source
This commit is contained in:
theo@manjaro 2022-07-04 10:07:30 +02:00
parent 02a4a5fecf
commit 1506146450
3 changed files with 28 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
share/actionsmap.yml
View file

@ -459,6 +459,8 @@ domain:
action: store_true
-p:
full: --password
nargs: "?"
const: 0
help: Subscribe to the DynDNS service with a password, used to later delete the domain
extra:
pattern: *pattern_password
@ -483,6 +485,8 @@ domain:
action: store_true
-p:
full: --password
nargs: "?"
const: 0
help: Password used to delete the domain from DynDNS
extra:
pattern: *pattern_password
@ -1419,6 +1423,8 @@ dyndns:
help: Public DNS key
-p:
full: --password
nargs: "?"
const: 0
help: Password used to later delete the domain
extra:
pattern: *pattern_password
@ -1436,9 +1442,10 @@ dyndns:
required: True
-p:
full: --password
nargs: "?"
const: 0
help: Password used to delete the domain
extra:
required: True
pattern: *pattern_password
### dyndns_update()

2
src/domain.py
View file

@ -356,7 +356,7 @@ def domain_remove(operation_logger, domain, remove_apps=False, force=False, pass
hook_callback("post_domain_remove", args=[domain])
# If a password is provided, delete the DynDNS record
if password:
if password!=None:
from yunohost.dyndns import dyndns_unsubscribe
# Actually unsubscribe

22
src/dyndns.py
View file

@ -31,7 +31,7 @@ import base64
import subprocess
import hashlib
from moulinette import m18n
from moulinette import Moulinette, m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger
from moulinette.utils.filesystem import write_to_file, rm, chown, chmod
@ -144,7 +144,14 @@ def dyndns_subscribe(operation_logger, domain=None, key=None, password=None):
# Yeah the secret is already a base64-encoded but we double-bas64-encode it, whatever...
b64encoded_key = base64.b64encode(secret.encode()).decode()
data = {"subdomain": domain}
if password:
if password!=None:
from yunohost.utils.password import assert_password_is_strong_enough
# Ensure sufficiently complex password
if Moulinette.interface.type == "cli" and password==0:
password = Moulinette.prompt(
m18n.n("ask_password"), is_password=True, confirm=True
)
assert_password_is_strong_enough("admin", password)
data["recovery_password"]=hashlib.sha256((domain+":"+password.strip()).encode('utf-8')).hexdigest()
r = requests.post(
f"https://{DYNDNS_PROVIDER}/key/{b64encoded_key}?key_algo=hmac-sha512",
@ -179,7 +186,7 @@ def dyndns_subscribe(operation_logger, domain=None, key=None, password=None):
@is_unit_operation()
def dyndns_unsubscribe(operation_logger, domain, password):
def dyndns_unsubscribe(operation_logger, domain, password=None):
"""
Unsubscribe from a DynDNS service
@ -189,6 +196,15 @@ def dyndns_unsubscribe(operation_logger, domain, password):
"""
operation_logger.start()
from yunohost.utils.password import assert_password_is_strong_enough
# Ensure sufficiently complex password
if Moulinette.interface.type == "cli" and not password:
password = Moulinette.prompt(
m18n.n("ask_password"), is_password=True, confirm=True
)
assert_password_is_strong_enough("admin", password)
# '165' is the convention identifier for hmac-sha512 algorithm
# '1234' is idk? doesnt matter, but the old format contained a number here...