src/include/sessionauth.global.class.in

# $Id$

provide auth ssl

PASSWD="@@SYSCONFDIR@@/mcoredpasswd"

md5crypt()
{
	local pass="$1"
	md5sum << EOF | sed 's:\(.*\)\ \ .*-.*:\1:'
${pass}
EOF
}

mcorepasswd()
{
	local user="$1"
	local pass
	local validate

	if [[ -z ${user} ]]
	then
		echo "No username given! Aborting."
		return 1
	fi

	# get pass
	echo -n "Enter Password: "
	stty -echo
	read pass
	stty echo
	echo

	echo -n "Retype Password: "
	stty -echo
	read validate
	stty echo
	echo

	if [[ ${pass} == ${validate} ]]
	then
		# encrypt and save
		echo "${user}:$(md5crypt ${pass})" > ${PASSWD}
		echo "Password for user '${user}' changed by $(id -u -n)."
	else
		echo "Passwords don't match!"
		echo "Password for user '${user}' is unchanged."
		return 1
	fi

}

validate_auth()
{
	local user="$1"
	local pass="$2"

	local passwduser
	local passwdpass

	# return 0 if ${valid_auth=yes} - user alread authenticated
	valid_session && return 0

	if [[ ! -f ${PASSWD} ]]
	then
		eecho "passwd '${PASSWD}' does not exist!"
		return 1
	fi

	passwduser=$(grep "^${user}:" ${PASSWD} | cut -d: -f1)
	passwdpass=$(grep "^${user}:" ${PASSWD} | cut -d: -f2)

	if [[ -n ${passwduser} ]]
	then
		if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
		then
			mecho "password for user '${user}' is valid!"
			mecho "Successfully logged in. Type 'help' for more information."
			export valid_session="yes"
			return 0
		else
			mecho "password for user '${user}' is invalid!"
			export valid_session="no"
			return 1
		fi
	else
		eecho "User '${user}' unknown."
		export valid_session="no"
		return 1
	fi
}

validate_auth_certificate()
{
	local cert_fingerprint="$1"
	local key_fingerprint

	# return 0 if ${valid_auth=yes} - user alread authenticated
	valid_session && return 0

	if [[ ! -e ${MCORE_KEY_FILE} ]]
	then
		eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist"
	fi

	if [[ -z ${cert_fingerprint} ]]
	then
		eecho "no certificate fingerprint given"
		return 1
	fi

	key_fingerprint="$(key_fingerprint)"

	if [[ ${cert_fingerprint} == ${key_fingerprint} ]]
	then
		mecho "certificate fingerprint is valid!"
		mecho "Successfully logged in. Type 'help' for more information."
		export valid_session="yes"
		return 0
	else
		mecho "certificate fingerprint is invalid!"
		export valid_session="no"
		return 1
	fi
}

valid_session()
{
	if [[ ${valid_session} = yes ]]
	then
		return 0
	else
		return 1
	fi
}

invalid_session()
{
	if [[ ${valid_session} != yes ]]
	then
		eecho "not logged in..."
		# export quit signal
		export run=quit
	fi
}
1	# $Id$
2
3	provide auth ssl
4
5	PASSWD="@@SYSCONFDIR@@/mcoredpasswd"
6
7	md5crypt()
8	{
9	local pass="$1"
10	md5sum << EOF \| sed 's:\(.\)\ \ .-.*:\1:'
11	${pass}
12	EOF
13	}
14
15	mcorepasswd()
16	{
17	local user="$1"
18	local pass
19	local validate
20
21	if [[ -z ${user} ]]
22	then
23	echo "No username given! Aborting."
24	return 1
25	fi
26
27	# get pass
28	echo -n "Enter Password: "
29	stty -echo
30	read pass
31	stty echo
32	echo
33
34	echo -n "Retype Password: "
35	stty -echo
36	read validate
37	stty echo
38	echo
39
40	if [[ ${pass} == ${validate} ]]
41	then
42	# encrypt and save
43	echo "${user}:$(md5crypt ${pass})" > ${PASSWD}
44	echo "Password for user '${user}' changed by $(id -u -n)."
45	else
46	echo "Passwords don't match!"
47	echo "Password for user '${user}' is unchanged."
48	return 1
49	fi
50
51	}
52
53	validate_auth()
54	{
55	local user="$1"
56	local pass="$2"
57
58	local passwduser
59	local passwdpass
60
61	# return 0 if ${valid_auth=yes} - user alread authenticated
62	valid_session && return 0
63
64	if [[ ! -f ${PASSWD} ]]
65	then
66	eecho "passwd '${PASSWD}' does not exist!"
67	return 1
68	fi
69
70	passwduser=$(grep "^${user}:" ${PASSWD} \| cut -d: -f1)
71	passwdpass=$(grep "^${user}:" ${PASSWD} \| cut -d: -f2)
72
73	if [[ -n ${passwduser} ]]
74	then
75	if [[ $(md5crypt ${pass}) == ${passwdpass} ]]
76	then
77	mecho "password for user '${user}' is valid!"
78	mecho "Successfully logged in. Type 'help' for more information."
79	export valid_session="yes"
80	return 0
81	else
82	mecho "password for user '${user}' is invalid!"
83	export valid_session="no"
84	return 1
85	fi
86	else
87	eecho "User '${user}' unknown."
88	export valid_session="no"
89	return 1
90	fi
91	}
92
93	validate_auth_certificate()
94	{
95	local cert_fingerprint="$1"
96	local key_fingerprint
97
98	# return 0 if ${valid_auth=yes} - user alread authenticated
99	valid_session && return 0
100
101	if [[ ! -e ${MCORE_KEY_FILE} ]]
102	then
103	eecho "MCORE_KEY_FILE '${MCORE_KEY_FILE}' does not exist"
104	fi
105
106	if [[ -z ${cert_fingerprint} ]]
107	then
108	eecho "no certificate fingerprint given"
109	return 1
110	fi
111
112	key_fingerprint="$(key_fingerprint)"
113
114	if [[ ${cert_fingerprint} == ${key_fingerprint} ]]
115	then
116	mecho "certificate fingerprint is valid!"
117	mecho "Successfully logged in. Type 'help' for more information."
118	export valid_session="yes"
119	return 0
120	else
121	mecho "certificate fingerprint is invalid!"
122	export valid_session="no"
123	return 1
124	fi
125	}
126
127	valid_session()
128	{
129	if [[ ${valid_session} = yes ]]
130	then
131	return 0
132	else
133	return 1
134	fi
135	}
136
137	invalid_session()
138	{
139	if [[ ${valid_session} != yes ]]
140	then
141	eecho "not logged in..."
142	# export quit signal
143	export run=quit
144	fi
145	}