hardlounge/src/helper.js

"use strict";

const pkg = require("../package.json");
const _ = require("lodash");
const path = require("path");
const os = require("os");
const fs = require("fs");
const net = require("net");
const bcrypt = require("bcryptjs");
const crypto = require("crypto");

const Helper = {
	expandHome,
	getVersion,
	getVersionCacheBust,
	getVersionNumber,
	getGitCommit,
	ip2hex,
	parseHostmask,
	compareHostmask,
	compareWithWildcard,

	password: {
		hash: passwordHash,
		compare: passwordCompare,
		requiresUpdate: passwordRequiresUpdate,
	},
};

module.exports = Helper;

function getVersion() {
	const gitCommit = getGitCommit();
	const version = `v${pkg.version}`;
	return gitCommit ? `source (${gitCommit} / ${version})` : version;
}

function getVersionNumber() {
	return pkg.version;
}

let _gitCommit;

function getGitCommit() {
	if (_gitCommit !== undefined) {
		return _gitCommit;
	}

	if (!fs.existsSync(path.resolve(__dirname, "..", ".git"))) {
		_gitCommit = null;
		return null;
	}

	try {
		_gitCommit = require("child_process")
			.execSync(
				"git rev-parse --short HEAD", // Returns hash of current commit
				{stdio: ["ignore", "pipe", "ignore"]}
			)
			.toString()
			.trim();
		return _gitCommit;
	} catch (e) {
		// Not a git repository or git is not installed
		_gitCommit = null;
		return null;
	}
}

function getVersionCacheBust() {
	const hash = crypto.createHash("sha256").update(Helper.getVersion()).digest("hex");

	return hash.substring(0, 10);
}

function ip2hex(address) {
	// no ipv6 support
	if (!net.isIPv4(address)) {
		return "00000000";
	}

	return address
		.split(".")
		.map(function (octet) {
			let hex = parseInt(octet, 10).toString(16);

			if (hex.length === 1) {
				hex = "0" + hex;
			}

			return hex;
		})
		.join("");
}

// Expand ~ into the current user home dir.
// This does *not* support `~other_user/tmp` => `/home/other_user/tmp`.
function expandHome(shortenedPath) {
	if (!shortenedPath) {
		return "";
	}

	const home = os.homedir().replace("$", "$$$$");
	return path.resolve(shortenedPath.replace(/^~($|\/|\\)/, home + "$1"));
}

function passwordRequiresUpdate(password) {
	return bcrypt.getRounds(password) !== 11;
}

function passwordHash(password) {
	return bcrypt.hashSync(password, bcrypt.genSaltSync(11));
}

function passwordCompare(password, expected) {
	return bcrypt.compare(password, expected);
}

function parseHostmask(hostmask) {
	let nick = "";
	let ident = "*";
	let hostname = "*";
	let parts = [];

	// Parse hostname first, then parse the rest
	parts = hostmask.split("@");

	if (parts.length >= 2) {
		hostname = parts[1] || "*";
		hostmask = parts[0];
	}

	hostname = hostname.toLowerCase();

	parts = hostmask.split("!");

	if (parts.length >= 2) {
		ident = parts[1] || "*";
		hostmask = parts[0];
	}

	ident = ident.toLowerCase();

	nick = hostmask.toLowerCase() || "*";

	const result = {
		nick: nick,
		ident: ident,
		hostname: hostname,
	};

	return result;
}

function compareHostmask(a, b) {
	return (
		compareWithWildcard(a.nick, b.nick) &&
		compareWithWildcard(a.ident, b.ident) &&
		compareWithWildcard(a.hostname, b.hostname)
	);
}

function compareWithWildcard(a, b) {
	// we allow '*' and '?' wildcards in our comparison.
	// this is mostly aligned with https://modern.ircdocs.horse/#wildcard-expressions
	// but we do not support the escaping. The ABNF does not seem to be clear as to
	// how to escape the escape char '\', which is valid in a nick,
	// whereas the wildcards tend not to be (as per RFC1459).

	// The "*" wildcard is ".*" in regex, "?" is "."
	// so we tokenize and join with the proper char back together,
	// escaping any other regex modifier
	const wildmany_split = a.split("*").map((sub) => {
		const wildone_split = sub.split("?").map((p) => _.escapeRegExp(p));
		return wildone_split.join(".");
	});
	const user_regex = wildmany_split.join(".*");
	const re = new RegExp(`^${user_regex}$`, "i"); // case insensitive
	return re.test(b);
}
Enforce strict mode across all JS files with ESLint Several ES6 additions are only available in strict mode. Example: > SyntaxError: Block-scoped declarations (let, const, function, class) not yet supported outside strict mode Strict mode was also enabled in a few of our files already, and it is a good thing to have anyway. 2016-10-09 19:14:02 +00:00			`"use strict";`

consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`const pkg = require("../package.json");`
Enable no-var rule Fixes #1961 2018-01-11 11:33:36 +00:00			`const _ = require("lodash");`
			`const path = require("path");`
			`const os = require("os");`
			`const fs = require("fs");`
			`const net = require("net");`
			`const bcrypt = require("bcryptjs");`
Implement cache busting based on version hash 2019-03-08 10:29:49 +00:00			`const crypto = require("crypto");`
Allow relative '--home' path 2014-10-04 23:22:23 +00:00
Only use helpers and not shared variables around path helpers This refactor has a few benefits, for example there cannot be a rogue update of `Helper.CONFIG_PATH` or something. 2017-12-07 03:54:54 +00:00			`const Helper = {`
			`expandHome,`
			`getVersion,`
Implement cache busting based on version hash 2019-03-08 10:29:49 +00:00			`getVersionCacheBust,`
Add version support for packages. 2020-08-21 11:26:35 +00:00			`getVersionNumber,`
Only use helpers and not shared variables around path helpers This refactor has a few benefits, for example there cannot be a rogue update of `Helper.CONFIG_PATH` or something. 2017-12-07 03:54:54 +00:00			`getGitCommit,`
			`ip2hex,`
Add support for /ignore, /unignore and /ignorelist commands 2018-03-11 18:17:57 +00:00			`parseHostmask,`
			`compareHostmask,`
Allow wildcards in hostmask According to https://modern.ircdocs.horse/#wildcard-expressions masks should support "" and "?" wildcards. Within TL this only impacts the /ignore functionality. The reasoning for doing this is to ignore say GuestNNNN!@* with guest!@* and be done with it if someone spams a gateway. 2021-11-02 20:42:17 +00:00			`compareWithWildcard,`
Change bcrypt rounds from 8 to 11 2016-10-21 19:00:43 +00:00
			`password: {`
			`hash: passwordHash,`
			`compare: passwordCompare,`
			`requiresUpdate: passwordRequiresUpdate,`
			`},`
Load home directory from helper and make it configurable. 2014-09-13 12:23:17 +00:00			`};`

Fix overriding home folder 2016-05-09 16:19:16 +00:00			`module.exports = Helper;`

consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`function getVersion() {`
			`const gitCommit = getGitCommit();`
Add project version in outputs that mention source SHA 2018-04-15 22:19:25 +00:00			const version = `v${pkg.version}`;
			return gitCommit ? `source (${gitCommit} / ${version})` : version;
consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`}`

Add version support for packages. 2020-08-21 11:26:35 +00:00			`function getVersionNumber() {`
			`return pkg.version;`
			`}`

consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`let _gitCommit;`
Auto-fix code for padding-line-between-statements rule 2018-02-20 07:28:04 +00:00
consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`function getGitCommit() {`
			`if (_gitCommit !== undefined) {`
			`return _gitCommit;`
			`}`
Auto-fix code for padding-line-between-statements rule 2018-02-20 07:28:04 +00:00
getGitCommit: allow git worktrees Change the short circuit logic to only test for a .git path. With worktrees that's just a file, not a directory and we really shouldn't play git anyhow and not rely on implementation details. 2021-12-03 17:14:26 +00:00			`if (!fs.existsSync(path.resolve(__dirname, "..", ".git"))) {`
Check if working directory is a git repo itself before getting commit hash 2018-04-16 14:08:30 +00:00			`_gitCommit = null;`
			`return null;`
			`}`

consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`try {`
			`_gitCommit = require("child_process")`
Ignore stderr of git version check instead of redirecting it to /dev/null 2018-04-16 13:35:17 +00:00			`.execSync(`
			`"git rev-parse --short HEAD", // Returns hash of current commit`
			`{stdio: ["ignore", "pipe", "ignore"]}`
			`)`
consolidate version numbers throughout all interfaces 2016-09-05 12:37:27 +00:00			`.toString()`
			`.trim();`
			`return _gitCommit;`
			`} catch (e) {`
			`// Not a git repository or git is not installed`
			`_gitCommit = null;`
			`return null;`
			`}`
			`}`

Implement cache busting based on version hash 2019-03-08 10:29:49 +00:00			`function getVersionCacheBust() {`
Run format after updating to prettier 2.0 2020-03-21 20:55:36 +00:00			`const hash = crypto.createHash("sha256").update(Helper.getVersion()).digest("hex");`
Implement cache busting based on version hash 2019-03-08 10:29:49 +00:00
			`return hash.substring(0, 10);`
			`}`

Add support for hexip ilines 2016-11-19 18:32:47 +00:00			`function ip2hex(address) {`
			`// no ipv6 support`
			`if (!net.isIPv4(address)) {`
			`return "00000000";`
			`}`

Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`return address`
			`.split(".")`
Run format after updating to prettier 2.0 2020-03-21 20:55:36 +00:00			`.map(function (octet) {`
Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`let hex = parseInt(octet, 10).toString(16);`
Add support for hexip ilines 2016-11-19 18:32:47 +00:00
Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`if (hex.length === 1) {`
			`hex = "0" + hex;`
			`}`
Add support for hexip ilines 2016-11-19 18:32:47 +00:00
Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`return hex;`
			`})`
			`.join("");`
Add support for hexip ilines 2016-11-19 18:32:47 +00:00			`}`

Add some unit tests for `Helper.expandHome` 2017-12-08 04:33:43 +00:00			`// Expand ~ into the current user home dir.`
			// This does not support `~other_user/tmp` => `/home/other_user/tmp`.
Replace all concatenated paths with Node's path.join 2016-05-08 06:21:31 +00:00			`function expandHome(shortenedPath) {`
Fix to helper.expandhome to correctly resolve "" and undefined 2017-04-17 19:48:28 +00:00			`if (!shortenedPath) {`
			`return "";`
			`}`
Add support for ~ home folder expansion 2016-04-27 08:13:25 +00:00
Remove os.homedir() polyfill 2017-08-16 07:06:20 +00:00			`const home = os.homedir().replace("$", "$$$$");`
Replace all concatenated paths with Node's path.join 2016-05-08 06:21:31 +00:00			`return path.resolve(shortenedPath.replace(/^~($\|\/\|\\)/, home + "$1"));`
Add support for ~ home folder expansion 2016-04-27 08:13:25 +00:00			`}`
Change bcrypt rounds from 8 to 11 2016-10-21 19:00:43 +00:00
			`function passwordRequiresUpdate(password) {`
			`return bcrypt.getRounds(password) !== 11;`
			`}`

			`function passwordHash(password) {`
			`return bcrypt.hashSync(password, bcrypt.genSaltSync(11));`
			`}`

			`function passwordCompare(password, expected) {`
Switch to bcryptjs and make password comparison async - PasswordCompareAsync prevents timeouts on resource constraint devices - All password.compare calls are now async - Updated tests to accept async functions 2017-03-23 07:47:51 +00:00			`return bcrypt.compare(password, expected);`
Change bcrypt rounds from 8 to 11 2016-10-21 19:00:43 +00:00			`}`
Allow overriding arrays in config, warn about incorrect types Fixes #2176 2018-03-10 11:54:51 +00:00
Add support for /ignore, /unignore and /ignorelist commands 2018-03-11 18:17:57 +00:00			`function parseHostmask(hostmask) {`
			`let nick = "";`
			`let ident = "*";`
			`let hostname = "*";`
			`let parts = [];`

			`// Parse hostname first, then parse the rest`
			`parts = hostmask.split("@");`

			`if (parts.length >= 2) {`
			`hostname = parts[1] \|\| "*";`
			`hostmask = parts[0];`
			`}`

			`hostname = hostname.toLowerCase();`

			`parts = hostmask.split("!");`

			`if (parts.length >= 2) {`
			`ident = parts[1] \|\| "*";`
			`hostmask = parts[0];`
			`}`

			`ident = ident.toLowerCase();`

			`nick = hostmask.toLowerCase() \|\| "*";`

			`const result = {`
			`nick: nick,`
			`ident: ident,`
			`hostname: hostname,`
			`};`

			`return result;`
			`}`

			`function compareHostmask(a, b) {`
Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`return (`
Allow wildcards in hostmask According to https://modern.ircdocs.horse/#wildcard-expressions masks should support "" and "?" wildcards. Within TL this only impacts the /ignore functionality. The reasoning for doing this is to ignore say GuestNNNN!@* with guest!@* and be done with it if someone spams a gateway. 2021-11-02 20:42:17 +00:00			`compareWithWildcard(a.nick, b.nick) &&`
			`compareWithWildcard(a.ident, b.ident) &&`
			`compareWithWildcard(a.hostname, b.hostname)`
Format js/vue with prettier 2019-07-17 09:33:59 +00:00			`);`
Add support for /ignore, /unignore and /ignorelist commands 2018-03-11 18:17:57 +00:00			`}`
Allow wildcards in hostmask According to https://modern.ircdocs.horse/#wildcard-expressions masks should support "" and "?" wildcards. Within TL this only impacts the /ignore functionality. The reasoning for doing this is to ignore say GuestNNNN!@* with guest!@* and be done with it if someone spams a gateway. 2021-11-02 20:42:17 +00:00
			`function compareWithWildcard(a, b) {`
			`// we allow '*' and '?' wildcards in our comparison.`
			`// this is mostly aligned with https://modern.ircdocs.horse/#wildcard-expressions`
			`// but we do not support the escaping. The ABNF does not seem to be clear as to`
			`// how to escape the escape char '\', which is valid in a nick,`
			`// whereas the wildcards tend not to be (as per RFC1459).`

			`// The "" wildcard is "." in regex, "?" is "."`
			`// so we tokenize and join with the proper char back together,`
			`// escaping any other regex modifier`
			`const wildmany_split = a.split("*").map((sub) => {`
			`const wildone_split = sub.split("?").map((p) => _.escapeRegExp(p));`
			`return wildone_split.join(".");`
			`});`
			`const user_regex = wildmany_split.join(".*");`
			const re = new RegExp(`^${user_regex}$`, "i"); // case insensitive
			`return re.test(b);`
			`}`