From f8bd5b00df47b5db57910e820706eae9bd79ec5b Mon Sep 17 00:00:00 2001
From: Simon <simon@adlem.net>
Date: Sat, 23 Jan 2021 11:43:56 +0000
Subject: [PATCH] Allow null passphrase for MASTER logins

New config options for this in GLOBAL config section

If pashphrase is null and this option is set, login will always succeed
---
 config.py |  4 +++-
 hblink.py | 19 ++++++++++++-------
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/config.py b/config.py
index 4ee710a..e6a7825 100755
--- a/config.py
+++ b/config.py
@@ -122,7 +122,9 @@ def build_config(_config_file):
                     'SUB_ACL': config.get(section, 'SUB_ACL'),
                     'TG1_ACL': config.get(section, 'TGID_TS1_ACL'),
                     'TG2_ACL': config.get(section, 'TGID_TS2_ACL'),
-                    'GEN_STAT_BRIDGES': config.getboolean(section, 'GEN_STAT_BRIDGES')
+                    'GEN_STAT_BRIDGES': config.getboolean(section, 'GEN_STAT_BRIDGES'),
+                    'ALLOW_NULL_PASSPHRASE': config.getboolean(section, 'ALLOW_NULL_PASSPHRASE')
+                    
                 })
 
             elif section == 'REPORTS':
diff --git a/hblink.py b/hblink.py
index 25065d3..6b553ce 100755
--- a/hblink.py
+++ b/hblink.py
@@ -465,17 +465,22 @@ class HBSYSTEM(DatagramProtocol):
                 self._peer_sema.release()
                 _sent_hash = _data[8:]
                 _salt_str = bytes_4(_this_peer['SALT'])
-                _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
-                if _sent_hash == _calc_hash:
+                if self._CONFIG['GLOBAL']['ALLOW_NULL_PASSPHRASE'] and len(self._config['PASSPHRASE']) == 0:
                     _this_peer['CONNECTION'] = 'WAITING_CONFIG'
                     self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
                     logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])
                 else:
-                    logger.info('(%s) Peer %s has FAILED the login exchange successfully', self._system, _this_peer['RADIO_ID'])
-                    self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
-                    self._peer_sema.acquire(blocking=True)
-                    del self._peers[_peer_id]
-                    self._peer_sema.release()
+                    _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())                
+                    if _sent_hash == _calc_hash:
+                        _this_peer['CONNECTION'] = 'WAITING_CONFIG'
+                        self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
+                        logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])
+                    else:
+                        logger.info('(%s) Peer %s has FAILED the login exchange successfully', self._system, _this_peer['RADIO_ID'])
+                        self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
+                        self._peer_sema.acquire(blocking=True)
+                        del self._peers[_peer_id]
+                        self._peer_sema.release()
             else:
                 self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
                 logger.warning('(%s) Login challenge from Radio ID that has not logged in: %s', self._system, int_id(_peer_id))