Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 06:40:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

add, optional, in memory password caching

Browse Source 
Verifying argon2 passwords has a high memory and computational cost,
by enabling, in memory, password caching you reduce this cost
This commit is contained in:
Nicola Murino
2021-04-20 09:39:36 +02:00
parent bc88503f25
commit 6ef85d6026
10 changed files with 160 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
common/protocol_test.go
View File

@@ -2043,6 +2043,65 @@ func TestDelayedQuotaUpdater(t *testing.T) {
assert.NoError(t, err)
}
func TestPasswordCaching(t *testing.T) {
user, _, err := httpdtest.AddUser(getTestUser(), http.StatusCreated)
assert.NoError(t, err)
found, match := dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.False(t, found)
assert.False(t, match)
user.Password = "wrong"
_, err = getSftpClient(user)
assert.Error(t, err)
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.False(t, found)
assert.False(t, match)
user.Password = ""
client, err := getSftpClient(user)
if assert.NoError(t, err) {
defer client.Close()
err = checkBasicSFTP(client)
assert.NoError(t, err)
}
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.True(t, found)
assert.True(t, match)
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword+"_")
assert.True(t, found)
assert.False(t, match)
found, match = dataprovider.CheckCachedPassword(user.Username+"_", defaultPassword)
assert.False(t, found)
assert.False(t, match)
user, _, err = httpdtest.UpdateUser(user, http.StatusOK, "")
assert.NoError(t, err)
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.False(t, found)
assert.False(t, match)
client, err = getSftpClient(user)
if assert.NoError(t, err) {
defer client.Close()
err = checkBasicSFTP(client)
assert.NoError(t, err)
}
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.True(t, found)
assert.True(t, match)
_, err = httpdtest.RemoveUser(user, http.StatusOK)
assert.NoError(t, err)
err = os.RemoveAll(user.GetHomeDir())
assert.NoError(t, err)
found, match = dataprovider.CheckCachedPassword(user.Username, defaultPassword)
assert.False(t, found)
assert.False(t, match)
}
func TestQuotaTrackDisabled(t *testing.T) {
err := dataprovider.Close()
assert.NoError(t, err)