src/include/sessionauth.global.class.in

# $Id$

provide auth ssl

PASSWD="@@SYSCONFDIR@@/mcoredpasswd"

md5crypt()
{
	local pass="$1"
	md5sum << EOF | sed 's:\(.*\)\ \ .*-.*:\1:'
${pass}
EOF
}

mcorepasswd()
{
	local user="$1"
	local pass
	local validate

	if [[ -z ${user} ]]
	then
		echo "No username given! Aborting."
		return 1
	fi

	# get pass
	echo -n "Enter Password: "
	stty -echo
	read pass
	stty echo
	echo

	echo -n "Retype Password: "
	stty -echo
	read validate
	stty echo
	echo

	if [[ ${pass} == ${validate} ]]
	then
		# encrypt and save
		echo "${user}:$(md5crypt ${pass})" > ${PASSWD}
		echo "Password for user '${user}' changed by $(id -u -n)."
	else
		echo "Passwords don't match!"
		echo "Password for user '${user}' is unchanged."
		return 1
	fi

}

validate_auth()
{
	local user="$1"
	local pass="$2"

	local passwduser
	local passwdpass

	# return 0 if ${valid_auth=yes} - user alread authenticated
	valid_session && return 0

	if [[ ! -f ${PASSWD} ]]
	then
		eecho "passwd '${PASSWD}' does not exist!"
		return 1
	fi

	passwduser=$(grep "^${user}:" ${PASSWD} | cut -d: -f1)
	passwdpass=$(grep "^${user}:" ${PASSWD} | cut -d: -f2)

	if [[ -n ${passwduser} ]]
	then
		if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
		then
			[[ ${SILENT} = 1 ]] || mecho "password for user '${user}' is valid!"
			[[ ${SILENT} = 1 ]] || mecho "Successfully logged in. Type 'help' for more information."
			export valid_session="yes"
			return 0
		else
			mecho "password for user '${user}' is invalid!"
			export valid_session="no"
			return 1
		fi
	else
		eecho "User '${user}' unknown."
		export valid_session="no"
		return 1
	fi
}

validate_auth_certificate()
{
	local cert_fingerprint="$1"
	local key_fingerprint

	# return 0 if ${valid_auth=yes} - user alread authenticated
	valid_session && return 0

	if [[ ! -e ${MCORE_KEY_FILE} ]]
	then
		eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist"
	fi

	if [[ -z ${cert_fingerprint} ]]
	then
		eecho "no certificate fingerprint given"
		return 1
	fi

	key_fingerprint="$(key_fingerprint)"

	if [[ ${cert_fingerprint} == ${key_fingerprint} ]]
	then
		[[ ${SILENT} = 1 ]] || mecho "certificate fingerprint is valid!"
		[[ ${SILENT} = 1 ]] || mecho "Successfully logged in. Type 'help' for more information."
		export valid_session="yes"
		return 0
	else
		mecho "certificate fingerprint is invalid!"
		export valid_session="no"
		return 1
	fi
}

valid_session()
{
	if [[ ${valid_session} = yes ]]
	then
		return 0
	else
		return 1
	fi
}

invalid_session()
{
	if [[ ${valid_session} != yes ]]
	then
		eecho "not logged in..."
		# export quit signal
		export run=quit
	fi
}
1	niro	1248	# $Id$
2
3			provide auth ssl
4
5	niro	2236	PASSWD="@@SYSCONFDIR@@/mcoredpasswd"
6	niro	1248
7			md5crypt()
8			{
9			local pass="$1"
10			md5sum << EOF \| sed 's:\(.\)\ \ .-.*:\1:'
11			${pass}
12			EOF
13			}
14
15			mcorepasswd()
16			{
17			local user="$1"
18			local pass
19			local validate
20
21			if [[ -z ${user} ]]
22			then
23			echo "No username given! Aborting."
24			return 1
25			fi
26
27			# get pass
28			echo -n "Enter Password: "
29			stty -echo
30			read pass
31			stty echo
32			echo
33
34			echo -n "Retype Password: "
35			stty -echo
36			read validate
37			stty echo
38			echo
39
40			if [[ ${pass} == ${validate} ]]
41			then
42			# encrypt and save
43			echo "${user}:$(md5crypt ${pass})" > ${PASSWD}
44			echo "Password for user '${user}' changed by $(id -u -n)."
45			else
46			echo "Passwords don't match!"
47			echo "Password for user '${user}' is unchanged."
48			return 1
49			fi
50
51			}
52
53			validate_auth()
54			{
55			local user="$1"
56			local pass="$2"
57
58			local passwduser
59			local passwdpass
60
61			# return 0 if ${valid_auth=yes} - user alread authenticated
62	niro	1306	valid_session && return 0
63	niro	1248
64			if [[ ! -f ${PASSWD} ]]
65			then
66	niro	1640	eecho "passwd '${PASSWD}' does not exist!"
67	niro	1248	return 1
68			fi
69
70			passwduser=$(grep "^${user}:" ${PASSWD} \| cut -d: -f1)
71			passwdpass=$(grep "^${user}:" ${PASSWD} \| cut -d: -f2)
72
73			if [[ -n ${passwduser} ]]
74			then
75			if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
76			then
77	niro	2480	[[ ${SILENT} = 1 ]] \|\| mecho "password for user '${user}' is valid!"
78			[[ ${SILENT} = 1 ]] \|\| mecho "Successfully logged in. Type 'help' for more information."
79	niro	1248	export valid_session="yes"
80			return 0
81			else
82	niro	1640	mecho "password for user '${user}' is invalid!"
83	niro	1248	export valid_session="no"
84			return 1
85			fi
86			else
87	niro	2243	eecho "User '${user}' unknown."
88	niro	1248	export valid_session="no"
89			return 1
90			fi
91			}
92
93	niro	2423	validate_auth_certificate()
94			{
95	niro	2425	local cert_fingerprint="$1"
96	niro	2423	local key_fingerprint
97
98			# return 0 if ${valid_auth=yes} - user alread authenticated
99			valid_session && return 0
100
101			if [[ ! -e ${MCORE_KEY_FILE} ]]
102			then
103			eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist"
104			fi
105
106	niro	2427	if [[ -z ${cert_fingerprint} ]]
107	niro	2423	then
108	niro	2425	eecho "no certificate fingerprint given"
109	niro	2423	return 1
110			fi
111
112	niro	2428	key_fingerprint="$(key_fingerprint)"
113	niro	2423
114			if [[ ${cert_fingerprint} == ${key_fingerprint} ]]
115			then
116	niro	2480	[[ ${SILENT} = 1 ]] \|\| mecho "certificate fingerprint is valid!"
117			[[ ${SILENT} = 1 ]] \|\| mecho "Successfully logged in. Type 'help' for more information."
118	niro	2423	export valid_session="yes"
119			return 0
120			else
121	niro	2425	mecho "certificate fingerprint is invalid!"
122	niro	2423	export valid_session="no"
123			return 1
124			fi
125			}
126
127	niro	1306	valid_session()
128	niro	1248	{
129			if [[ ${valid_session} = yes ]]
130			then
131			return 0
132			else
133			return 1
134			fi
135			}
136
137			invalid_session()
138			{
139			if [[ ${valid_session} != yes ]]
140			then
141	niro	1640	eecho "not logged in..."
142	niro	1248	# export quit signal
143			export run=quit
144			fi
145			}