plan9fox/sys/src/cmd/auth/httpauth.c

#include <u.h>
#include <libc.h>
#include <authsrv.h>

int
httpauth(char *name, char *password)
{
	int afd;
	Ticketreq tr;
	Ticket	t;
	Authkey key;

	afd = authdial(nil, nil);
	if(afd < 0)
		return -1;

	passtokey(&key, password);

	/* send ticket request to AS */
	memset(&tr, 0, sizeof(tr));
	strcpy(tr.uid, name);
	tr.type = AuthHttp;
	if(_asrequest(afd, &tr) < 0){
		close(afd);
		return -1;
	}
	_asgetresp(afd, &t, nil, &key);
	close(afd);
	if(t.num != AuthHr || strcmp(t.cuid, tr.uid) != 0)
		return -1;

	return 0;
}

void
usage(void)
{
	fprint(2, "Usage:\n\t%s user pass\n\t%s authorization\n", argv0, argv0);
	exits("usage");
}

void
main(int argc, char *argv[])
{
	char *a, *s;
	int n;

	ARGBEGIN {
	} ARGEND

	switch(argc){
	default:
		usage();
		return;
	case 2:
		s = argv[0];
		a = argv[1];
		break;
	case 1:
		a = argv[0];
		if(cistrncmp(a, "Basic ", 6) == 0)
			a += 6;
		n = strlen(a);
		if((s = malloc(n+1)) == nil)
			sysfatal("out of memory");
		if((n = dec64((uchar*)s, n, a, n)) <= 0)
			sysfatal("bad base64");
		s[n] = '\0';
		if((a = strchr(s, ':')) == nil)
			sysfatal("bad format");
		*a++ = '\0';
		break;
	}
	if(*s == '\0')
		sysfatal("empty username");
	if(httpauth(s, a))
		sysfatal("bad password");
	print("%s\n", s);
	exits(nil);
}
httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00			`#include <u.h>`
			`#include <libc.h>`
			`#include <authsrv.h>`

			`int`
			`httpauth(char name, char password)`
			`{`
			`int afd;`
			`Ticketreq tr;`
			`Ticket t;`
libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption this is in preparation for replacing DES ticket encryption with something better. but first need to make the code stop making assumptions. the wire encoding of the Ticket might be variable length with TICKETLEN just giving an upper bound. the details will be handled by libauthsrv _asgetticket() and _asgetresp() funciotns. the Authenticator and Passwordreq structures are encrypted with the random ticket key. The encryption schmeme will depend on the Ticket format used, so we pass the Ticket* structure instead of the DES key. introduce Authkey structure that will hold all the required cryptographic keys instead of passing DES key. 2015-08-19 19:06:17 +00:00			`Authkey key;`
httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00
			`afd = authdial(nil, nil);`
			`if(afd < 0)`
			`return -1;`

libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption this is in preparation for replacing DES ticket encryption with something better. but first need to make the code stop making assumptions. the wire encoding of the Ticket might be variable length with TICKETLEN just giving an upper bound. the details will be handled by libauthsrv _asgetticket() and _asgetresp() funciotns. the Authenticator and Passwordreq structures are encrypted with the random ticket key. The encryption schmeme will depend on the Ticket format used, so we pass the Ticket* structure instead of the DES key. introduce Authkey structure that will hold all the required cryptographic keys instead of passing DES key. 2015-08-19 19:06:17 +00:00			`passtokey(&key, password);`

httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00			`/* send ticket request to AS */`
			`memset(&tr, 0, sizeof(tr));`
			`strcpy(tr.uid, name);`
			`tr.type = AuthHttp;`
libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption this is in preparation for replacing DES ticket encryption with something better. but first need to make the code stop making assumptions. the wire encoding of the Ticket might be variable length with TICKETLEN just giving an upper bound. the details will be handled by libauthsrv _asgetticket() and _asgetresp() funciotns. the Authenticator and Passwordreq structures are encrypted with the random ticket key. The encryption schmeme will depend on the Ticket format used, so we pass the Ticket* structure instead of the DES key. introduce Authkey structure that will hold all the required cryptographic keys instead of passing DES key. 2015-08-19 19:06:17 +00:00			`if(_asrequest(afd, &tr) < 0){`
httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00			`close(afd);`
			`return -1;`
			`}`
libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption this is in preparation for replacing DES ticket encryption with something better. but first need to make the code stop making assumptions. the wire encoding of the Ticket might be variable length with TICKETLEN just giving an upper bound. the details will be handled by libauthsrv _asgetticket() and _asgetresp() funciotns. the Authenticator and Passwordreq structures are encrypted with the random ticket key. The encryption schmeme will depend on the Ticket format used, so we pass the Ticket* structure instead of the DES key. introduce Authkey structure that will hold all the required cryptographic keys instead of passing DES key. 2015-08-19 19:06:17 +00:00			`_asgetresp(afd, &t, nil, &key);`
httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00			`close(afd);`
libauthsrv: generalize ticket service, not hardcoding ticket format and DES encryption this is in preparation for replacing DES ticket encryption with something better. but first need to make the code stop making assumptions. the wire encoding of the Ticket might be variable length with TICKETLEN just giving an upper bound. the details will be handled by libauthsrv _asgetticket() and _asgetresp() funciotns. the Authenticator and Passwordreq structures are encrypted with the random ticket key. The encryption schmeme will depend on the Ticket format used, so we pass the Ticket* structure instead of the DES key. introduce Authkey structure that will hold all the required cryptographic keys instead of passing DES key. 2015-08-19 19:06:17 +00:00			`if(t.num != AuthHr \|\| strcmp(t.cuid, tr.uid) != 0)`
httpauth: little helper for rc-httpd to do http basic authentication with plan9 auth server 2015-03-14 00:00:26 +00:00			`return -1;`

			`return 0;`
			`}`

			`void`
			`usage(void)`
			`{`
			`fprint(2, "Usage:\n\t%s user pass\n\t%s authorization\n", argv0, argv0);`
			`exits("usage");`
			`}`

			`void`
			`main(int argc, char *argv[])`
			`{`
			`char a, s;`
			`int n;`

			`ARGBEGIN {`
			`} ARGEND`

			`switch(argc){`
			`default:`
			`usage();`
			`return;`
			`case 2:`
			`s = argv[0];`
			`a = argv[1];`
			`break;`
			`case 1:`
			`a = argv[0];`
			`if(cistrncmp(a, "Basic ", 6) == 0)`
			`a += 6;`
			`n = strlen(a);`
			`if((s = malloc(n+1)) == nil)`
			`sysfatal("out of memory");`
			`if((n = dec64((uchar*)s, n, a, n)) <= 0)`
			`sysfatal("bad base64");`
			`s[n] = '\0';`
			`if((a = strchr(s, ':')) == nil)`
			`sysfatal("bad format");`
			`*a++ = '\0';`
			`break;`
			`}`
			`if(*s == '\0')`
			`sysfatal("empty username");`
			`if(httpauth(s, a))`
			`sysfatal("bad password");`
			`print("%s\n", s);`
			`exits(nil);`
			`}`