Allow null passphrase for MASTER logins

New config options for this in GLOBAL config section If pashphrase is null and this option is set, login will always succeed
2021-01-23 11:43:56 +00:00 · 2021-01-23 11:43:56 +00:00 · f8bd5b00df
parent f300e61192
commit f8bd5b00df
2 changed files with 15 additions and 8 deletions
--- a/config.py
+++ b/config.py
@ -122,7 +122,9 @@ def build_config(_config_file):
                    'SUB_ACL': config.get(section, 'SUB_ACL'),
                    'TG1_ACL': config.get(section, 'TGID_TS1_ACL'),
                    'TG2_ACL': config.get(section, 'TGID_TS2_ACL'),
-                    'GEN_STAT_BRIDGES': config.getboolean(section, 'GEN_STAT_BRIDGES')
+                    'GEN_STAT_BRIDGES': config.getboolean(section, 'GEN_STAT_BRIDGES'),
+                    'ALLOW_NULL_PASSPHRASE': config.getboolean(section, 'ALLOW_NULL_PASSPHRASE')
+                    
                })

            elif section == 'REPORTS':
--- a/hblink.py
+++ b/hblink.py
@ -465,17 +465,22 @@ class HBSYSTEM(DatagramProtocol):
                self._peer_sema.release()
                _sent_hash = _data[8:]
                _salt_str = bytes_4(_this_peer['SALT'])
-                _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
-                if _sent_hash == _calc_hash:
+                if self._CONFIG['GLOBAL']['ALLOW_NULL_PASSPHRASE'] and len(self._config['PASSPHRASE']) == 0:
                    _this_peer['CONNECTION'] = 'WAITING_CONFIG'
                    self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
                    logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])
                else:
-                    logger.info('(%s) Peer %s has FAILED the login exchange successfully', self._system, _this_peer['RADIO_ID'])
-                    self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
-                    self._peer_sema.acquire(blocking=True)
-                    del self._peers[_peer_id]
-                    self._peer_sema.release()
+                    _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())                
+                    if _sent_hash == _calc_hash:
+                        _this_peer['CONNECTION'] = 'WAITING_CONFIG'
+                        self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
+                        logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])
+                    else:
+                        logger.info('(%s) Peer %s has FAILED the login exchange successfully', self._system, _this_peer['RADIO_ID'])
+                        self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
+                        self._peer_sema.acquire(blocking=True)
+                        del self._peers[_peer_id]
+                        self._peer_sema.release()
            else:
                self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
                logger.warning('(%s) Login challenge from Radio ID that has not logged in: %s', self._system, int_id(_peer_id))