2021-06-25 04:39:05 +02:00
|
|
|
use std::collections::HashSet;
|
2020-03-22 02:31:02 +01:00
|
|
|
use std::time::{Duration, SystemTime};
|
2019-10-15 04:34:07 +02:00
|
|
|
use uuid::{Builder, Uuid};
|
2019-09-06 05:04:58 +02:00
|
|
|
|
133 limit to human readable characters. (#174)
Implements #133, limit password generators to distict human readable characters. This removes the common confusions such as I,l, 1, 0, O, o, m,rn, etc . This in mind, they may not all have been found, but it should be easier now to improve upon.
2020-01-27 03:56:15 +01:00
|
|
|
use rand::distributions::Distribution;
|
2019-10-07 00:41:30 +02:00
|
|
|
use rand::{thread_rng, Rng};
|
|
|
|
|
|
2021-06-27 03:30:40 +02:00
|
|
|
use std::fs::Metadata;
|
|
|
|
|
#[cfg(target_os = "linux")]
|
|
|
|
|
use std::os::linux::fs::MetadataExt;
|
|
|
|
|
#[cfg(target_os = "macos")]
|
|
|
|
|
use std::os::macos::fs::MetadataExt;
|
|
|
|
|
|
|
|
|
|
use users::{get_current_gid, get_current_uid};
|
|
|
|
|
|
133 limit to human readable characters. (#174)
Implements #133, limit password generators to distict human readable characters. This removes the common confusions such as I,l, 1, 0, O, o, m,rn, etc . This in mind, they may not all have been found, but it should be easier now to improve upon.
2020-01-27 03:56:15 +01:00
|
|
|
#[derive(Debug)]
|
|
|
|
|
pub struct DistinctAlpha;
|
|
|
|
|
|
2021-05-21 08:35:09 +02:00
|
|
|
pub type Sid = [u8; 4];
|
2019-09-06 05:04:58 +02:00
|
|
|
|
2019-11-30 00:39:31 +01:00
|
|
|
pub fn uuid_to_gid_u32(u: &Uuid) -> u32 {
|
|
|
|
|
let b_ref = u.as_bytes();
|
|
|
|
|
let mut x: [u8; 4] = [0; 4];
|
|
|
|
|
x.clone_from_slice(&b_ref[12..16]);
|
|
|
|
|
u32::from_be_bytes(x)
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-21 08:35:09 +02:00
|
|
|
fn uuid_from_u64_u32(a: u64, b: u32, sid: Sid) -> Uuid {
|
2019-09-06 05:04:58 +02:00
|
|
|
let mut v: Vec<u8> = Vec::with_capacity(16);
|
|
|
|
|
v.extend_from_slice(&a.to_be_bytes());
|
|
|
|
|
v.extend_from_slice(&b.to_be_bytes());
|
2020-01-09 11:07:14 +01:00
|
|
|
v.extend_from_slice(&sid);
|
2019-09-06 05:04:58 +02:00
|
|
|
|
2020-08-04 04:58:11 +02:00
|
|
|
#[allow(clippy::expect_used)]
|
|
|
|
|
Builder::from_slice(v.as_slice())
|
|
|
|
|
.expect("invalid slice for uuid builder")
|
|
|
|
|
.build()
|
2019-09-06 05:04:58 +02:00
|
|
|
}
|
|
|
|
|
|
2021-05-21 08:35:09 +02:00
|
|
|
pub fn uuid_from_duration(d: Duration, sid: Sid) -> Uuid {
|
2019-09-06 05:04:58 +02:00
|
|
|
uuid_from_u64_u32(d.as_secs(), d.subsec_nanos(), sid)
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-07 00:41:30 +02:00
|
|
|
pub fn password_from_random() -> String {
|
133 limit to human readable characters. (#174)
Implements #133, limit password generators to distict human readable characters. This removes the common confusions such as I,l, 1, 0, O, o, m,rn, etc . This in mind, they may not all have been found, but it should be easier now to improve upon.
2020-01-27 03:56:15 +01:00
|
|
|
let rand_string: String = thread_rng().sample_iter(&DistinctAlpha).take(48).collect();
|
2019-10-07 00:41:30 +02:00
|
|
|
rand_string
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-25 04:39:05 +02:00
|
|
|
pub fn backup_code_from_random() -> HashSet<String> {
|
|
|
|
|
(0..8)
|
|
|
|
|
.into_iter()
|
|
|
|
|
.map(|_| readable_password_from_random())
|
|
|
|
|
.collect()
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-31 01:48:15 +01:00
|
|
|
pub fn readable_password_from_random() -> String {
|
2021-01-10 04:41:56 +01:00
|
|
|
let mut trng = thread_rng();
|
2019-10-31 01:48:15 +01:00
|
|
|
format!(
|
|
|
|
|
"{}-{}-{}-{}",
|
2021-01-10 04:41:56 +01:00
|
|
|
(&mut trng)
|
|
|
|
|
.sample_iter(&DistinctAlpha)
|
|
|
|
|
.take(4)
|
|
|
|
|
.collect::<String>(),
|
|
|
|
|
(&mut trng)
|
|
|
|
|
.sample_iter(&DistinctAlpha)
|
|
|
|
|
.take(4)
|
|
|
|
|
.collect::<String>(),
|
|
|
|
|
(&mut trng)
|
|
|
|
|
.sample_iter(&DistinctAlpha)
|
|
|
|
|
.take(4)
|
|
|
|
|
.collect::<String>(),
|
|
|
|
|
(&mut trng)
|
|
|
|
|
.sample_iter(&DistinctAlpha)
|
|
|
|
|
.take(4)
|
|
|
|
|
.collect::<String>(),
|
2019-10-31 01:48:15 +01:00
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-22 02:31:02 +01:00
|
|
|
pub fn duration_from_epoch_now() -> Duration {
|
2020-08-04 04:58:11 +02:00
|
|
|
#[allow(clippy::expect_used)]
|
2020-03-22 02:31:02 +01:00
|
|
|
SystemTime::now()
|
|
|
|
|
.duration_since(SystemTime::UNIX_EPOCH)
|
2020-08-04 04:58:11 +02:00
|
|
|
.expect("invalid duration from epoch now")
|
2020-03-22 02:31:02 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2019-10-10 11:42:33 +02:00
|
|
|
#[allow(dead_code)]
|
2021-05-21 08:35:09 +02:00
|
|
|
pub fn uuid_from_now(sid: Sid) -> Uuid {
|
2019-10-15 04:34:07 +02:00
|
|
|
let d = SystemTime::now()
|
|
|
|
|
.duration_since(SystemTime::UNIX_EPOCH)
|
|
|
|
|
.unwrap();
|
2019-10-10 11:42:33 +02:00
|
|
|
uuid_from_duration(d, sid)
|
|
|
|
|
}
|
2020-03-22 02:31:02 +01:00
|
|
|
*/
|
2019-10-10 11:42:33 +02:00
|
|
|
|
133 limit to human readable characters. (#174)
Implements #133, limit password generators to distict human readable characters. This removes the common confusions such as I,l, 1, 0, O, o, m,rn, etc . This in mind, they may not all have been found, but it should be easier now to improve upon.
2020-01-27 03:56:15 +01:00
|
|
|
impl Distribution<char> for DistinctAlpha {
|
|
|
|
|
fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> char {
|
|
|
|
|
const RANGE: u32 = 55;
|
|
|
|
|
const GEN_ASCII_STR_CHARSET: &[u8] = b"ABCDEFGHJKLMNPQRSTUVWXYZ\
|
|
|
|
|
abcdefghjkpqrstuvwxyz\
|
|
|
|
|
0123456789";
|
|
|
|
|
// This probably needs to be checked for entropy/quality
|
|
|
|
|
loop {
|
|
|
|
|
let var = rng.next_u32() >> (32 - 6);
|
|
|
|
|
if var < RANGE {
|
|
|
|
|
return GEN_ASCII_STR_CHARSET[var as usize] as char;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-27 03:30:40 +02:00
|
|
|
#[cfg(target_family = "unix")]
|
|
|
|
|
pub fn file_permissions_readonly(meta: &Metadata) -> bool {
|
|
|
|
|
// Who are we running as?
|
|
|
|
|
let cuid = get_current_uid();
|
|
|
|
|
let cgid = get_current_gid();
|
|
|
|
|
|
|
|
|
|
// Who owns the file?
|
|
|
|
|
// Who is the group owner of the file?
|
|
|
|
|
let f_gid = meta.st_gid();
|
|
|
|
|
let f_uid = meta.st_uid();
|
|
|
|
|
|
|
|
|
|
let f_mode = meta.st_mode();
|
|
|
|
|
|
|
|
|
|
!(
|
|
|
|
|
// If we are the owner, we have write perms as we can alter the DAC rights
|
|
|
|
|
cuid == f_uid ||
|
|
|
|
|
// If we are the group owner, check the mode bits do not have write.
|
|
|
|
|
(cgid == f_gid && (f_mode & 0o0020) != 0) ||
|
|
|
|
|
// Finally, check that everyone bits don't have write.
|
|
|
|
|
((f_mode & 0o0002) != 0)
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-06 05:04:58 +02:00
|
|
|
#[cfg(test)]
|
|
|
|
|
mod tests {
|
2019-11-30 00:39:31 +01:00
|
|
|
use crate::utils::{uuid_from_duration, uuid_to_gid_u32};
|
2019-09-06 05:04:58 +02:00
|
|
|
use std::time::Duration;
|
2019-11-30 00:39:31 +01:00
|
|
|
use uuid::Uuid;
|
2019-09-06 05:04:58 +02:00
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
fn test_utils_uuid_from_duration() {
|
2020-01-09 11:07:14 +01:00
|
|
|
let u1 = uuid_from_duration(Duration::from_secs(1), [0xff; 4]);
|
2019-09-06 05:04:58 +02:00
|
|
|
assert_eq!(
|
|
|
|
|
"00000000-0000-0001-0000-0000ffffffff",
|
|
|
|
|
u1.to_hyphenated().to_string()
|
|
|
|
|
);
|
|
|
|
|
|
2020-01-09 11:07:14 +01:00
|
|
|
let u2 = uuid_from_duration(Duration::from_secs(1000), [0xff; 4]);
|
2019-09-06 05:04:58 +02:00
|
|
|
assert_eq!(
|
|
|
|
|
"00000000-0000-03e8-0000-0000ffffffff",
|
|
|
|
|
u2.to_hyphenated().to_string()
|
|
|
|
|
);
|
|
|
|
|
}
|
2019-11-30 00:39:31 +01:00
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
|
fn test_utils_uuid_to_gid_u32() {
|
|
|
|
|
let u1 = Uuid::parse_str("00000000-0000-0001-0000-000000000000").unwrap();
|
|
|
|
|
let r1 = uuid_to_gid_u32(&u1);
|
|
|
|
|
assert!(r1 == 0);
|
|
|
|
|
|
|
|
|
|
let u2 = Uuid::parse_str("00000000-0000-0001-0000-0000ffffffff").unwrap();
|
|
|
|
|
let r2 = uuid_to_gid_u32(&u2);
|
|
|
|
|
assert!(r2 == 0xffffffff);
|
|
|
|
|
|
|
|
|
|
let u3 = Uuid::parse_str("00000000-0000-0001-0000-ffff12345678").unwrap();
|
|
|
|
|
let r3 = uuid_to_gid_u32(&u3);
|
|
|
|
|
assert!(r3 == 0x12345678);
|
|
|
|
|
}
|
2019-09-06 05:04:58 +02:00
|
|
|
}
|
