Ejemplo n.º 1
0
        public static string digest_passwd(string user, string passwd)
        {
            string sessionkey;

            AuthDigest.digest_ha1(user, MyMain.realm(), passwd, out sessionkey);
            return("{dig}" + sessionkey);
        }
Ejemplo n.º 2
0
        public static bool check_basic_digest(
            string method_name,
            string hdr,
            out string auth_user,
            out string reason)
        {
            auth_user = "";
            reason    = "";
            if (hdr == null || hdr.Length == 0)
            {
                return(false);
            }
            if (hdr.StartsWith("digest ", StringComparison.OrdinalIgnoreCase))
            {
                auth_user = hdr.get_param("username");
                string user = Vuser.add_domain(auth_user);
                string pass = Vuser.get_pass(user);
                if (pass.Length == 0)
                {
                    reason = "No account or no password set";
                    return(false);
                }
                string sessionkey;
                AuthDigest.digest_ha1(hdr.get_param("username"), MyMain.realm(), pass, out sessionkey);
                string response;
                AuthDigest.digest_response(sessionkey, hdr.get_param("nonce"), hdr.get_param("nc"), hdr.get_param("cnonce"), hdr.get_param("qop"), method_name, hdr.get_param("uri"), "", out response);
                if (response == hdr.get_param("response"))
                {
                    auth_user = user;
                    return(true);
                }
                clib.imsg("Authorization failed {0} {1} {2}", (object)hdr.get_param("username"), (object)response, (object)hdr.get_param("response"));
                reason = "digest didn't match";
                return(false);
            }
            int num = hdr.IndexOf("basic ", StringComparison.OrdinalIgnoreCase);

            if (num >= 0)
            {
                string str    = clib.decode_base64(hdr.Substring(num + 6));
                int    length = str.IndexOf(":");
                if (length < 0)
                {
                    return(false);
                }
                auth_user = str.Substring(0, length);
                string pass = str.Substring(length + 1);
                auth_user = Vuser.add_domain(auth_user);
                return(Vuser.check(auth_user, pass, out reason));
            }
            clib.imsg("NO AUTHENTICATION HEADER");
            return(false);
        }
Ejemplo n.º 3
0
        public static void need_auth(Websvc w)
        {
            Random random = new Random();

            byte[] numArray = new byte[10];
            random.NextBytes(numArray);
            Web.any_header(w, "text/plain", "401 Authorization required");
            Web.wh(w, "WWW-Authenticate: Basic realm=\"{0}\"\r\n", (object)MyMain.realm());
            Web.wh(w, "WWW-Authenticate: Digest");
            Web.wh(w, " realm=\"{0}\",", (object)MyMain.realm());
            Web.wh(w, " qop=\"auth\",");
            Web.wh(w, " nonce=\"{0}\",", (object)clib.byte_to_hex(numArray, ((IEnumerable <byte>)numArray).Count <byte>()));
            Web.wh(w, " opaque=\"placeholder\"\r\n");
            Web.wp(w, "Authorization required");
            w.body_send();
            if (!Ini.istrue(En.debug_http))
            {
                return;
            }
            clib.imsg("http: requesting authentication");
        }