Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
  • 1 commit
  • 2 files changed
  • 1 commit comment
  • 1 contributor
Showing with 37 additions and 22 deletions.
  1. +14 −22 baron.py
  2. +23 −0 converter.py
View
36 baron.py
@@ -11,7 +11,7 @@
# jesse
# mct
-import urllib, urllib2, json
+import urllib, urllib2, json, hashlib
import logging
import serial
import argparse
@@ -22,7 +22,7 @@
keypad = None
codes_path = None
-codes = []
+codes = {}
promiscuous = False
def open_serial(filename):
@@ -44,16 +44,14 @@ def open_serial(filename):
last_mtime = 0
def load_codes(filename=None):
"""
- Loads a list of valid access codes from the specified filename. Lines
- starting with '#' are comments. All other lines must contain numeric codes
- which grant access, one code per line.
-
Each time this function is called, it will only re-open the codes file it's
mtime since the last call has changed.
"""
global codes_path, codes, last_mtime
+ old_count = len(codes)
+
if not filename:
filename = codes_path
@@ -65,20 +63,12 @@ def load_codes(filename=None):
else:
last_mtime = mtime
- new_codes = []
- lineno = 0
-
- for line in open(filename):
- lineno += 1
- code = line.split("#")[0].strip().rstrip()
- if not code:
- continue
- if not code.isdigit():
- logging.warning("%s:%d: Ignoring malformed line" % (filename, lineno))
- new_codes.append(code)
-
- logging.info("Loaded %d codes from %s" % (len(new_codes), filename))
- codes = new_codes
+ try:
+ codes = json.load( file( filename ) )
+ except:
+ logging.warning("Failed to parse json from %s; continuing to use %s loaded codes" % (filename, len(codes)))
+ else:
+ logging.info("Loaded %d codes from %s (had %s before)" % (len(codes), filename, old_count))
except Exception as e:
logging.error("Error loading %s: %s: %s" % (filename, type(e), str(e)))
@@ -112,8 +102,10 @@ def check_code(code, reload_codes=True):
if reload_codes:
load_codes()
- if code and code in codes:
- logging.info("Opening the door for code %s" % code)
+ hashedcode = hashlib.sha1( code ).hexdigest()
+
+ if code in codes:
+ logging.info("Opening the door for %s (%s)" % (codes[hashedcode]['nickname'], hashedcode))
if open_gate():
keypad.write('BH') # Blue LED, Happy sound
View
23 converter.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+
+"""
+This converts the old flatfile format to the new json format
+"""
+
+import sys, json, hashlib
+
+data = {}
+
+for line in sys.stdin:
+ if '#' in line:
+ code, comment = line.strip().split('#', 1)
+ else:
+ code = line
+ comment = ''
+ code = code.strip()
+ if code:
+ hashedcode = hashlib.sha1( code ).hexdigest()
+ nickname = "pseudonym %s" % hashlib.sha1( comment + code ).hexdigest()[:7]
+ data[ hashedcode ] = dict( comment=comment, nickname=nickname )
+
+print json.dumps( data, indent=2 )

Showing you all comments on commits in this comparison.

@leif
Owner

Note: I am totally aware that this (unsalted!) hashing of the codes provides absolutely minimal security, and don't actually intend to deploy it like this. Maybe we should do enough rounds of scrypt that it takes a second or two to recognize a valid code. Or maybe we should just not bother trying to secure the codes on the server at all.

Something went wrong with that request. Please try again.