Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix sharedsecret authentication #46809

Merged
merged 2 commits into from
Apr 3, 2018
Merged

Fix sharedsecret authentication #46809

merged 2 commits into from
Apr 3, 2018

Conversation

ezh
Copy link
Contributor

@ezh ezh commented Apr 1, 2018

What does this PR do?

Fix sharedsecret authentication

What issues does this PR fix or reference?

#46808

Previous Behavior

for salt -a sharedsecret test.ping for example

  1. cli ask username
  2. cli skip password because of this https://github.com/saltstack/salt/blob/develop/salt/auth/__init__.py#L699
  3. minion send request to master with username only
  4. master compare sharedsecret with sharedsecret which is always true
    Authentication could fail only if there was no such user.

New Behavior

  1. cli ask username
  2. cli ask password
  3. minion send request to master with username and password
  4. master compare password with sharedsecret which is always true

Tests written?

No

Commits signed with GPG?

No

Please review Salt's Contributing Guide for best practices.

See GitHub's page on GPG signing for more information about signing commits with GPG.

@ezh ezh requested a review from a team as a code owner April 1, 2018 21:03
@terminalmage terminalmage mentioned this pull request Apr 2, 2018
Merged
@terminalmage terminalmage added the ZZZ[Done]-back-ported-bf RETIRED The pull request has been back-ported to an older branch. label Apr 2, 2018
thatch45
thatch45 approved these changes Apr 2, 2018
View reviewed changes
Copy link
Contributor

@thatch45 thatch45 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is correct.
While I understand the nature of this module, it would be a good idea to allow the shared secret to be a proper password viable hash with a salt, iterations etc.

rallytime pushed a commit that referenced this pull request Apr 2, 2018
Merge pull request #46815 from terminalmage/bp-46809
4083e7c 
Backport #46809 to 2017.7
@rallytime rallytime merged commit 4a35821 into saltstack:2018.3 Apr 3, 2018
@thatch45
Copy link
Contributor

thatch45 commented Apr 3, 2018
edited
Loading

For the record, a function to verify and gen secure passwords would look SOMETHING LIKE this:

class Passwd():
    def __init__(self):
        self.algo = 'sha512'

    def gen_phash(self, passwd):
        '''
        Return a bytestring to be verified in verify phash
        '''
        salt = os.urandom(32)
        raw = hashlib.pbkdf2_hmac(self.algo, passwd, salt, self.iterations)
        return b':'.join([
            self.algo.encode('utf-8'),
            binascii.hexlify(raw),
            binascii.hexlify(salt),
            str(self.iterations).encode('utf-8')
])

    def verify_phash(self, passwd, phash):
        '''
        Verify the given phash and password combination
        '''
        passwd = passwd.encode('utf-8')
        phash = phash.encode('utf-8')
        comps = phash.split(b':')
        if len(comps) != 4:
            return False
        algo = comps[0].decode('utf-8')
        raw = binascii.unhexlify(comps[1])
        salt = binascii.unhexlify(comps[2])
        iterations = int(comps[3])
        new_raw = hashlib.pbkdf2_hmac(algo, passwd, salt, iterations)
        good = True
        for idx, part in enumerate(raw):
            if part != new_raw[idx]:
                good = False
        if not good:
            rsleep()
return good

I don not claim that this is a secure setup, just that it is a framework to start with

@sebastian-philipp sebastian-philipp mentioned this pull request Mar 12, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terminalmage terminalmage terminalmage approved these changes

@thatch45 thatch45 thatch45 approved these changes

Assignees
No one assigned
Labels
ZZZ[Done]-back-ported-bf RETIRED The pull request has been back-ported to an older branch.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ezh @thatch45 @terminalmage @rallytime