1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
#include <u.h>
#include <libc.h>
#include <authsrv.h>
int
httpauth(char *name, char *password)
{
int afd;
Ticketreq tr;
Ticket t;
char key[DESKEYLEN];
char buf[512];
afd = authdial(nil, nil);
if(afd < 0)
return -1;
/* send ticket request to AS */
memset(&tr, 0, sizeof(tr));
strcpy(tr.uid, name);
tr.type = AuthHttp;
convTR2M(&tr, buf);
if(write(afd, buf, TICKREQLEN) != TICKREQLEN){
close(afd);
return -1;
}
if(_asrdresp(afd, buf, TICKETLEN) < 0){
close(afd);
return -1;
}
close(afd);
/*
* use password and try to decrypt the
* ticket. If it doesn't work we've got a bad password,
* give up.
*/
passtokey(key, password);
convM2T(buf, &t, key);
if(t.num != AuthHr || strcmp(t.cuid, tr.uid))
return -1;
return 0;
}
void
usage(void)
{
fprint(2, "Usage:\n\t%s user pass\n\t%s authorization\n", argv0, argv0);
exits("usage");
}
void
main(int argc, char *argv[])
{
char *a, *s;
int n;
ARGBEGIN {
} ARGEND
switch(argc){
default:
usage();
return;
case 2:
s = argv[0];
a = argv[1];
break;
case 1:
a = argv[0];
if(cistrncmp(a, "Basic ", 6) == 0)
a += 6;
n = strlen(a);
if((s = malloc(n+1)) == nil)
sysfatal("out of memory");
if((n = dec64((uchar*)s, n, a, n)) <= 0)
sysfatal("bad base64");
s[n] = '\0';
if((a = strchr(s, ':')) == nil)
sysfatal("bad format");
*a++ = '\0';
break;
}
if(*s == '\0')
sysfatal("empty username");
if(httpauth(s, a))
sysfatal("bad password");
print("%s\n", s);
exits(nil);
}
|
