2 |
|
|
3 |
provide auth ssl |
provide auth ssl |
4 |
|
|
5 |
PASSWD="/etc/mcoredpasswd" |
PASSWD="@@SYSCONFDIR@@/mcoredpasswd" |
6 |
|
|
7 |
md5crypt() |
md5crypt() |
8 |
{ |
{ |
84 |
return 1 |
return 1 |
85 |
fi |
fi |
86 |
else |
else |
87 |
eecho "User '${user}' unkown." |
eecho "User '${user}' unknown." |
88 |
|
export valid_session="no" |
89 |
|
return 1 |
90 |
|
fi |
91 |
|
} |
92 |
|
|
93 |
|
validate_auth_certificate() |
94 |
|
{ |
95 |
|
local cert_fingerprint="$1" |
96 |
|
local key_fingerprint |
97 |
|
|
98 |
|
# return 0 if ${valid_auth=yes} - user alread authenticated |
99 |
|
valid_session && return 0 |
100 |
|
|
101 |
|
if [[ ! -e ${MCORE_KEY_FILE} ]] |
102 |
|
then |
103 |
|
eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist" |
104 |
|
fi |
105 |
|
|
106 |
|
if [[ -z ${cert} ]] |
107 |
|
then |
108 |
|
eecho "no certificate fingerprint given" |
109 |
|
return 1 |
110 |
|
fi |
111 |
|
|
112 |
|
key_fingerprint=$(openssl rsa -noout -modulus -in "${MCORE_KEY_FILE}" | openssl sha1 | sed 's:(stdin)=\ ::') |
113 |
|
|
114 |
|
if [[ ${cert_fingerprint} == ${key_fingerprint} ]] |
115 |
|
then |
116 |
|
mecho "certificate fingerprint is valid!" |
117 |
|
mecho "Successfully logged in. Type 'help' for more information." |
118 |
|
export valid_session="yes" |
119 |
|
return 0 |
120 |
|
else |
121 |
|
mecho "certificate fingerprint is invalid!" |
122 |
export valid_session="no" |
export valid_session="no" |
123 |
return 1 |
return 1 |
124 |
fi |
fi |