This stores a hash of the username + password in map which is indexed by
the username. Indexing by username avoids accidentally introducing a
timing side-channel as a successful/failed lookup only provides
information on whether a cache entry exists for a username or not.
Hashing the username and password together makes it simple to get a
constant-time string comparison as we no longer have to worry about
string length differences.
Expriy is done by a goroutine which every few seconds checks for expired
cache entries and removes those.
"/" is valid char in HTTP authorization headers, but is also used in
rest-server to map usernames to private repos.
This commit prevents loading maliciously composed usernames like
"/foo/config" by restricting the allowed characters to the unicode
character class, numbers, "-", "." and "@".
Closes#131
Admittedly, in some places just document the fact that we ignore error
return values, 'cause we don't know what to do with it. At least, the
linter is happy.
If htpasswd was modified, it will be automatically reloaded. This check
happens at most once per second and only on incoming requests.
Note that this removes the public `NewHtpasswd()` function.
The Linux kernel page cache ALWAYS knows better. Fighting it brings
only worse performance. Usage of fadvise() is wrong 9 out of 10 times.
Removing the whole fs package brings a nice 100% speedup when running
costly prune command. And that is measured on localhost, the improvement
could be much bigger when using network with higher latency.
