changelog shortlog tags branches files raw gz bz2 help

Mercurial > hg > plan9front / changeset: httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server

changeset 4341: fb57cf510d2b
parent 4340: fae283fb56dd
child 4342: 74455da2d86a
author: cinap_lenrek@felloff.net
date: Sat, 14 Mar 2015 01:00:26 +0100
files: sys/src/cmd/auth/httpauth.c sys/src/cmd/auth/mkfile
description: httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server
     1.1new file mode 100644
     1.2--- /dev/null
     1.3+++ b/sys/src/cmd/auth/httpauth.c
     1.4@@ -0,0 +1,91 @@
     1.5+#include <u.h>
     1.6+#include <libc.h>
     1.7+#include <authsrv.h>
     1.8+
     1.9+int
    1.10+httpauth(char *name, char *password)
    1.11+{
    1.12+	int afd;
    1.13+	Ticketreq tr;
    1.14+	Ticket	t;
    1.15+	char key[DESKEYLEN];
    1.16+	char buf[512];
    1.17+
    1.18+	afd = authdial(nil, nil);
    1.19+	if(afd < 0)
    1.20+		return -1;
    1.21+
    1.22+	/* send ticket request to AS */
    1.23+	memset(&tr, 0, sizeof(tr));
    1.24+	strcpy(tr.uid, name);
    1.25+	tr.type = AuthHttp;
    1.26+	convTR2M(&tr, buf);
    1.27+	if(write(afd, buf, TICKREQLEN) != TICKREQLEN){
    1.28+		close(afd);
    1.29+		return -1;
    1.30+	}
    1.31+	if(_asrdresp(afd, buf, TICKETLEN) < 0){
    1.32+		close(afd);
    1.33+		return -1;
    1.34+	}
    1.35+	close(afd);
    1.36+
    1.37+	/*
    1.38+	 *  use password and try to decrypt the
    1.39+	 *  ticket.  If it doesn't work we've got a bad password,
    1.40+	 *  give up.
    1.41+	 */
    1.42+	passtokey(key, password);
    1.43+	convM2T(buf, &t, key);
    1.44+	if(t.num != AuthHr || strcmp(t.cuid, tr.uid))
    1.45+		return -1;
    1.46+
    1.47+	return 0;
    1.48+}
    1.49+
    1.50+void
    1.51+usage(void)
    1.52+{
    1.53+	fprint(2, "Usage:\n\t%s user pass\n\t%s authorization\n", argv0, argv0);
    1.54+	exits("usage");
    1.55+}
    1.56+
    1.57+void
    1.58+main(int argc, char *argv[])
    1.59+{
    1.60+	char *a, *s;
    1.61+	int n;
    1.62+
    1.63+	ARGBEGIN {
    1.64+	} ARGEND
    1.65+
    1.66+	switch(argc){
    1.67+	default:
    1.68+		usage();
    1.69+		return;
    1.70+	case 2:
    1.71+		s = argv[0];
    1.72+		a = argv[1];
    1.73+		break;
    1.74+	case 1:
    1.75+		a = argv[0];
    1.76+		if(cistrncmp(a, "Basic ", 6) == 0)
    1.77+			a += 6;
    1.78+		n = strlen(a);
    1.79+		if((s = malloc(n+1)) == nil)
    1.80+			sysfatal("out of memory");
    1.81+		if((n = dec64((uchar*)s, n, a, n)) <= 0)
    1.82+			sysfatal("bad base64");
    1.83+		s[n] = '\0';
    1.84+		if((a = strchr(s, ':')) == nil)
    1.85+			sysfatal("bad format");
    1.86+		*a++ = '\0';
    1.87+		break;
    1.88+	}
    1.89+	if(*s == '\0')
    1.90+		sysfatal("empty username");
    1.91+	if(httpauth(s, a))
    1.92+		sysfatal("bad password");
    1.93+	print("%s\n", s);
    1.94+	exits(nil);
    1.95+}
     2.1--- a/sys/src/cmd/auth/mkfile
     2.2+++ b/sys/src/cmd/auth/mkfile
     2.3@@ -16,6 +16,7 @@ TARG=\
     2.4 	dsa2ssh\
     2.5 	dsagen\
     2.6 	guard.srv\
     2.7+	httpauth\
     2.8 	keyfs\
     2.9 	login\
    2.10 	netkey\