X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FApache2%2FAuthen%2FPassphrase.pm;h=d2be6625e24e91abd3686f283749595821bb0441;hb=6cc050780f61085034eac2f9ab11bfb42ef34537;hp=2d1a7917bd7362e384193cf83a24cba3955717ad;hpb=de5adf1e6475d08d08692eee1a38ce69649dc76e;p=apache2-authen-passphrase.git diff --git a/lib/Apache2/Authen/Passphrase.pm b/lib/Apache2/Authen/Passphrase.pm index 2d1a791..d2be662 100644 --- a/lib/Apache2/Authen/Passphrase.pm +++ b/lib/Apache2/Authen/Passphrase.pm @@ -29,56 +29,56 @@ our $rootdir; $rootdir //= $ENV{AAP_ROOTDIR}; sub pwhash{ - my ($pass)=@_; + my ($pass)=@_; - my $ppr=Authen::Passphrase::BlowfishCrypt->new( - cost => 10, - passphrase => $pass, - salt_random => 1, - ); + my $ppr=Authen::Passphrase::BlowfishCrypt->new( + cost => 10, + passphrase => $pass, + salt_random => 1, + ); - $ppr->as_rfc2307 + $ppr->as_rfc2307 } sub pwset{ - my ($user, $pass)=@_; + my ($user, $pass)=@_; - my $file = "$rootdir/$user.yml"; - my $conf = eval { LoadFile $file } // undef; - $conf->{passphrase}=pwhash $pass; - $conf->{passphrase_version}=PASSPHRASE_VERSION; - DumpFile $file, $conf; + my $file = "$rootdir/$user.yml"; + my $conf = eval { LoadFile $file } // undef; + $conf->{passphrase}=pwhash $pass; + $conf->{passphrase_version}=PASSPHRASE_VERSION; + DumpFile $file, $conf; - chmod 0660, $file; + chmod 0660, $file; } sub pwcheck{ - my ($user, $pass)=@_; - die INVALID_USER unless $user =~ USER_REGEX; ## no critic (RequireCarping) - $user=${^MATCH};# Make taint shut up - my $conf=LoadFile "$rootdir/$user.yml"; - - ## no critic (RequireCarping) - die BAD_PASSWORD unless keys $conf;# Empty hash means no such user - die BAD_PASSWORD unless Authen::Passphrase->from_rfc2307($conf->{passphrase})->match($pass); - ## use critic - pwset $user, $pass if $conf->{passphrase_version} < PASSPHRASE_VERSION + my ($user, $pass)=@_; + die INVALID_USER unless $user =~ USER_REGEX; ## no critic (RequireCarping) + $user=${^MATCH}; # Make taint shut up + my $conf=LoadFile "$rootdir/$user.yml"; + + ## no critic (RequireCarping) + die BAD_PASSWORD unless keys $conf; # Empty hash means no such user + die BAD_PASSWORD unless Authen::Passphrase->from_rfc2307($conf->{passphrase})->match($pass); + ## use critic + pwset $user, $pass if $conf->{passphrase_version} < PASSPHRASE_VERSION } sub handler{ - my $r=shift; - local $rootdir = $r->dir_config('AuthenPassphraseRootdir'); + my $r=shift; + local $rootdir = $r->dir_config('AuthenPassphraseRootdir'); - my ($rc, $pass) = $r->get_basic_auth_pw; - return $rc unless $rc == OK; + my ($rc, $pass) = $r->get_basic_auth_pw; + return $rc unless $rc == OK; - my $user=$r->user; - unless (eval { pwcheck $user, $pass; 1 }) { - $r->note_basic_auth_failure; - return HTTP_UNAUTHORIZED - } + my $user=$r->user; + unless (eval { pwcheck $user, $pass; 1 }) { + $r->note_basic_auth_failure; + return HTTP_UNAUTHORIZED + } - OK + OK } 1;