/* * This file is part of the UCB release of Plan 9. It is subject to the license * terms in the LICENSE file found in the top-level directory of this * distribution and at http://akaros.cs.berkeley.edu/files/Plan9License. No * part of the UCB release of Plan 9, including this file, may be copied, * modified, propagated, or distributed except according to the terms contained * in the LICENSE file. */ #include #include #include #include /* deprecated. This is the mechanism that put entries in /sys/lib/httpd.rewrite and passwords on the authserver in /sys/lib/httppasswords, which was awkward to administer. Instead, use local .httplogin files, which are implemented in sys/src/cmd/ip/httpd/authorize.c */ int httpauth(char *name, char *password) { int afd; Ticketreq tr; Ticket t; char key[DESKEYLEN]; char buf[512]; afd = authdial(nil, nil); if(afd < 0) return -1; /* send ticket request to AS */ memset(&tr, 0, sizeof(tr)); strcpy(tr.uid, name); tr.type = AuthHttp; convTR2M(&tr, buf); if(write(afd, buf, TICKREQLEN) != TICKREQLEN){ close(afd); return -1; } if(_asrdresp(afd, buf, TICKETLEN) < 0){ close(afd); return -1; } close(afd); /* * use password and try to decrypt the * ticket. If it doesn't work we've got a bad password, * give up. */ passtokey(key, password); convM2T(buf, &t, key); if(t.num != AuthHr || strcmp(t.cuid, tr.uid)) return -1; return 0; }