From 831a4854d08f61d103218e09b9a3b3d0ad003190 Mon Sep 17 00:00:00 2001 From: unknown Date: Tue, 22 Oct 2019 18:42:52 +0200 Subject: [PATCH] Add hardcoded keys to user, still need to generate --- Cargo.lock | 1 - Cargo.toml | 8 +++++--- src/ldap.rs | 13 ++++++++++--- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e12ef60f..aa04f749 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -108,7 +108,6 @@ dependencies = [ "num-traits 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", "oath 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)", "openssl 0.10.25 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl-sys 0.9.51 (registry+https://github.com/rust-lang/crates.io-index)", "percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "quoted_printable 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", diff --git a/Cargo.toml b/Cargo.toml index 4c5410a5..30a153bd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,7 +14,7 @@ build = "build.rs" # Empty to keep compatibility, prefer to set USE_SYSLOG=true enable_syslog = [] mysql = ["diesel/mysql", "diesel_migrations/mysql"] -postgresql = ["diesel/postgres", "diesel_migrations/postgres"] +postgresql = ["diesel/postgres", "diesel_migrations/postgres", "openssl"] sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"] [target."cfg(not(windows))".dependencies] @@ -109,10 +109,12 @@ regex = "1.3.1" # URL encoding library percent-encoding = "2.1.0" +# openssl for postgre +openssl = {version="0.10.25", optional=true} + # LDAP ldap3 = "0.6.1" -openssl = "0.10.25" -openssl-sys = "*" + [patch.crates-io] # Add support for Timestamp type diff --git a/src/ldap.rs b/src/ldap.rs index 1cd28a44..02af994b 100644 --- a/src/ldap.rs +++ b/src/ldap.rs @@ -1,6 +1,7 @@ use crate::db; use crate::CONFIG; use ldap3::{DerefAliases, LdapConn, Scope, SearchEntry, SearchOptions}; +//use openssl::rsa::{Padding, Rsa}; use ring::{digest, pbkdf2}; use std::collections::HashSet; use std::convert::TryInto; @@ -33,9 +34,10 @@ fn sync_from_ldap(conn: &db::DbConn) -> Result<(), Box> { println!("Try to add user: {}", user_email); // Add user let mut user = db::models::User::new(user_email.to_string()); - let mut password_bytes = vec![0u8; 16]; - password_bytes = crate::crypto::get_random(password_bytes); - let password = std::str::from_utf8(password_bytes.as_slice()).unwrap(); + //let mut password_bytes = vec![0u8; 16]; + //password_bytes = crate::crypto::get_random(password_bytes); + //let password = std::str::from_utf8(password_bytes.as_slice()).unwrap(); + let password = "T4mWB£rp3pU[µ:93"; user.set_password(password); user.client_kdf_iter = 100000; let key = &mut [0u8; digest::SHA256_OUTPUT_LEN]; @@ -47,6 +49,11 @@ fn sync_from_ldap(conn: &db::DbConn) -> Result<(), Box> { key, ); user.akey = String::from_utf8(key.to_vec()).unwrap(); + // Generate RSA keypair with openssl + let encrypted_private_key = Some(String::from("2.OePZ1iws1FGn+POKtdgusQ==|YrYwp1+GE3J4zad9eI2HrE55CE0UqsMrbL2NR1GDP1s/P/WBFK4RQA5eUWcykXopj0QjY6/Ei6LX0cwpDophBLBQben9W7dVY1LoujGIF6DVTK7kSWu1bgLyn5UT6PdYtrfD2bByCeF5Ygh6KdcfqbYq7R2MxDjpZAtUe4NzxqOQH9wwmFT3R4PXUeNebKDLa9Uzn69kaXUkLhIqDZzVkJ1yAhbRdrXo3YNNrapplvDYSioa3l1KroUXiO2FBilAcpgIMlfJSVQd7tY7S9aY1eCBvhCtRiIozRTYzP6v6AvM8EgKneJ6mF6dPoI71g8xsA0/nSh13SMeB98gEzyOjbngCEzpqaalWgrCI5Qig3M/sfi7pvmIXaI9KoZxZ4wvqq4uism8pSHLMTAvWpP4TZTiOUC+Kt9GAifl9n/4rDdW+fUE+oP3ohJBexSuP3SeH6qIgcK+OHIKkT0mAkTTUq2jlLPXI5MYPiqMsE5qVLMkXkowbDQtolIoi16zHOFK7GZZnOTZANM2n1EKTrPQQubPV51zV5DZiTA6i89SYzDne6+VFk9eu7UbaP/pvXQBEDgmHUjJIBsNDTVN5Wd93GzQ9FnaqCATj64OHoinObVpzl4/tNc60hMLc/3hTx5R5CU4Q4/Ea9tN7QNjNeB6gCWJcjEnwm0/6FojPKO7QTbPCbIzbRzGEY/R2f8ByZ3IIcDb2NA+cm1DMTfdwztyyPjJsqUmUyuFWEJBUI6++cxVkpt9TS2JUEb3liNVN4jkUOJxAEGz4EbCihqjQwb9ojJs58Gj1u1IyjsE/WhcKNCIxSbX+/vr6mS9fxokR9JcGb2ACuCVeGWL/wlQsQFf6z9nHjiG9LmsmnJzk8gVqSC++wTw2DXRnarLRpzPqDJAMSSJHjDqjv2teR0WcvhbEj7v0m2EW7n73WjKccnPQKl5C4Vkjah80uFywjNCt8zJQq6BbrH2SyFOmun7rZThtRRu035TZzV20m8ZSqp0kfPIAcCFJckOQ5Pvk/6av4k8zgw537z41p0SU656Xe0Fsy3X6ibHDf1ZZYPmHboJlP5PCTaLGPJF6w6cD6tK/UktNQI2N5uMcBKvUYvDd8NNdjhuRPaOTszoLT68Bj7aTF8KTRvSQimJWglt+fRqEMGWnw+OfyO12/3Sv5o3iyz3H5JQUZFJwO8Zm1i7mLmKPp70YrPRWPDTUNWWPGQ6B1Qh7AQrL/0ywMQAxL++SB2jrv6Lc6pDgs3wy0drNiPQVnK8UfL1RSQE4xm4tnFaPGmYy7WF4lrSSCFrHz7Jq7Tw+4zZCOT+jFOvRAlSB0H68Gj3vTYN5cPMeFJPy6/04JNwp+D2Gi3Egu/AhzVAZO4OxiI/jLXB4NqhO4AB7iaj4nIDjNzjLpu59Uttwf5K71+fVUV8iBMKl3PVrB+o6GY/eiV4TfBzU0W351uGQ0xbXjsE93NXtIzBUUvU6rMaBIEJZDX2PmutG42FJkHIjqPvgFmeVCK7kr7upyA33eryQzWvwWMQNB3nmsJ4O19SxXfRDEbSdAl7lVpnucPh5gYvRx0Brmz0ZzaSw7UbMppy47irGjGoOzaCj394vWxKtIkR4AHxfvn6X93IFUanQsnsiswU13TLVzLD28QEg/WPxUg=|uag+TmENC8PNdiWsiSWobwpN7tXnC+NMMuRAxMkP3Po=")); + let public_key = Some(String::from("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxJI7FZhQCGHdRwiqvAzpU4gYWNJ5JNVWeO9DPT5jy4ejx38ogRlsqSfdxaDwTufNcil7XBSDZgdUkPh1IizKQhn55Y2e4XxF5RQ8Aoi/Yp4efpYxG6m5DoAfFS7OWdXdwtlbluUTc3VeRYV80uHzjOUp89XPyfFjVRMkQB57SBiRubvCzZJ5C667PyVmwhkn/wTJuYT7F3OWQMPUokj67wGFzNBtEOSoN1MrM5B/tmyZGUMLfosGT3BUuBj4Z/Igyk4NCStgAyqJDIKzcNpIhgUJ7W9oMFw1lMfST9qyZ/fV7nG/iaH+J2dUr0mZ8nOs4jL+CUkbWiL83ekwYeTiwIDAQAB")); + user.private_key = encrypted_private_key; + user.public_key = public_key; user.save(conn)?; num_users = num_users + 1; }