Magellan Linux

  • Back to homepage
    • /[mcore-svn]/mcore-src/trunk/mcore-tools/src/include/sessionauth.global.class.in

    Diff of /mcore-src/trunk/mcore-tools/src/include/sessionauth.global.class.in

    Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

    mcore-src/trunk/mcore-tools/daemon/include/sessionauth.global.class revision 1248 by niro, Wed Feb 2 20:20:24 2011 UTC mcore-src/trunk/mcore-tools/src/include/sessionauth.global.class.in revision 2423 by niro, Thu Sep 3 07:29:19 2015 UTC
    # Line 2  Line 2 
    2    
    3  provide auth ssl  provide auth ssl
    4    
    5  PASSWD="/etc/mcoredpasswd"  PASSWD="@@SYSCONFDIR@@/mcoredpasswd"
    6    
    7  md5crypt()  md5crypt()
    8  {  {
    # Line 50  mcorepasswd() Line 50  mcorepasswd()
    50    
    51  }  }
    52    
     ## validate_auth $user $pass  
     #validate_auth()  
     #{  
     # local user="$1"  
     # local pass="$2"  
     # local dbuser  
     #  
     # # return 0 if ${valid_auth=yes} - user alread authenticated  
     # validate_session && return 0  
     #  
     # if [[ ${DEBUG} = 1 ]]  
     # then  
     # echo "user=${user}" >> /root/lala.log  
     # echo "pass=${pass}" >> /root/lala.log  
     # echo "mysqldo \"select user from control_auth where pass=MD5('${pass}')\"" >> /root/lala.log  
     # echo $(mysqldo "select user from control_auth where pass=MD5('${pass}')") >> /root/lala.log  
     # fi  
     #  
     # dbuser=$(mysqldo "select user from control_auth where pass=MD5('${pass}')")  
     # if [[ ! -z ${dbuser} ]]  
     # then  
     # # check if the returned username is equal the given one  
     # if [[ ${dbuser} = ${user} ]]  
     # then  
     # # register a valid session  
     # echo "auth valid"  
     # export valid_session=yes  
     # return 0  
     # fi  
     # fi  
     #  
     # # if we get here, the auth is invalid  
     # echo "auth invalid"  
     # export valid_session=no  
     # return 1  
     #}  
       
       
    53  validate_auth()  validate_auth()
    54  {  {
    55   local user="$1"   local user="$1"
    # Line 97  validate_auth() Line 59  validate_auth()
    59   local passwdpass   local passwdpass
    60    
    61   # return 0 if ${valid_auth=yes} - user alread authenticated   # return 0 if ${valid_auth=yes} - user alread authenticated
    62   validate_session && return 0   valid_session && return 0
    63    
    64   if [[ ! -f ${PASSWD} ]]   if [[ ! -f ${PASSWD} ]]
    65   then   then
    66   echo "passwd '${PASSWD}' does not exist!"   eecho "passwd '${PASSWD}' does not exist!"
    67   return 1   return 1
    68   fi   fi
    69    
    # Line 112  validate_auth() Line 74  validate_auth()
    74   then   then
    75   if [[ $(md5crypt ${pass}) == ${passwdpass} ]]   if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
    76   then   then
    77   echo "password for user '${user}' is valid!"   mecho "password for user '${user}' is valid!"
    78   mecho "Successfully logged in. Type 'help' for more information."   mecho "Successfully logged in. Type 'help' for more information."
    79   export valid_session="yes"   export valid_session="yes"
    80   return 0   return 0
    81   else   else
    82   echo "password for user '${user}' is invalid!"   mecho "password for user '${user}' is invalid!"
    83   export valid_session="no"   export valid_session="no"
    84   return 1   return 1
    85   fi   fi
    86   else   else
    87   echo "User '${user}' unkown."   eecho "User '${user}' unknown."
    88     export valid_session="no"
    89     return 1
    90     fi
    91    }
    92    
    93    validate_auth_certificate()
    94    {
    95     local cert="$1"
    96     local cert_fingerprint
    97     local key_fingerprint
    98    
    99     # return 0 if ${valid_auth=yes} - user alread authenticated
    100     valid_session && return 0
    101    
    102     if [[ ! -e ${MCORE_KEY_FILE} ]]
    103     then
    104     eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist"
    105     fi
    106    
    107     if [[ -z ${cert} ]]
    108     then
    109     eecho "no certificate given"
    110     return 1
    111     fi
    112    
    113     cert_fingerprint=$(echo "${cert}" | openssl x509 -noout -modulus | openssl sha1)
    114     key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1)
    115    
    116     if [[ ${cert_fingerprint} == ${key_fingerprint} ]]
    117     then
    118     mecho "certificate is valid!"
    119     mecho "Successfully logged in. Type 'help' for more information."
    120     export valid_session="yes"
    121     return 0
    122     else
    123     mecho "certificate is invalid!"
    124   export valid_session="no"   export valid_session="no"
    125   return 1   return 1
    126   fi   fi
    127  }  }
    128    
    129  validate_session()  valid_session()
    130  {  {
    131   if [[ ${valid_session} = yes ]]   if [[ ${valid_session} = yes ]]
    132   then   then
    # Line 142  invalid_session() Line 140  invalid_session()
    140  {  {
    141   if [[ ${valid_session} != yes ]]   if [[ ${valid_session} != yes ]]
    142   then   then
    143   echo "not logged in..."   eecho "not logged in..."
    144   # export quit signal   # export quit signal
    145   export run=quit   export run=quit
    146   fi   fi
    Legend:
    Removed from v.1248  
    changed lines
      Added in v.2423