aboutsummaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-10-03 18:59:16 +0200
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>2012-10-03 18:59:16 +0200
commit08b9ee11fe5e5a54af866a061c9e8d7782cac3c7 (patch)
tree5715109aa14dee38c368118abec0495d8d3e91fd /www
parent72abba77573c3583dc373526f6ce86b895eacc6d (diff)
Make /etc/aliases optional. Add configurability through setup.pl.
Diffstat (limited to 'www')
-rw-r--r--www/common.pl24
-rwxr-xr-xwww/logged_in_p.pl13
-rwxr-xr-xwww/login.pl23
-rwxr-xr-xwww/sign.pl25
4 files changed, 50 insertions, 35 deletions
diff --git a/www/common.pl b/www/common.pl
new file mode 100644
index 0000000..7590fba
--- /dev/null
+++ b/www/common.pl
@@ -0,0 +1,24 @@
+#! /usr/bin/env perl
+# Copyright 2012, Matthias Andreas Benkard <code@mail.matthias.benkard.de>.
+
+use common::sense;
+#use Modern::Perl 2011;
+use Modern::Perl;
+
+use Mail::ExpandAliases;
+
+
+sub email_users($$) {
+ ($config, $email) = @_;
+ my $alias;
+ if ($email =~ /^(.*?)@/) { $alias = $1; }
+ my $aliases_file = $config->{aliases};
+ if (not ($aliases_file eq ".")) {
+ my $aliases = Mail::ExpandAliases->new($aliases_file);
+ my $session_user = $session->param('user');
+ my $email_users = $aliases->expand($alias) or die "User not found";
+ return @$email_users;
+ } else {
+ return ($alias);
+ }
+}
diff --git a/www/logged_in_p.pl b/www/logged_in_p.pl
index a79d790..61b06c5 100755
--- a/www/logged_in_p.pl
+++ b/www/logged_in_p.pl
@@ -13,10 +13,13 @@ use CGI;
use CGI::Fast;
use CGI::Session;
-use Mail::ExpandAliases;
+do "common.pl";
while (my $cgi = new CGI::Fast) {
+ local $::MULKONF = { };
+ do "config.pl";
+
print $cgi->header(-content_type => 'application/json; charset=UTF-8');
my $cookie = $cgi->cookie('mulkid_session');
@@ -31,15 +34,9 @@ while (my $cgi = new CGI::Fast) {
exit(0);
}
- my $aliases = Mail::ExpandAliases->new("/etc/aliases");
my $email = $cgi->param('email') or die "No email address supplied";
my $session_user = $session->param('user');
-
- my $alias;
- if ($email =~ /^(.*?)@/) { $alias = $1; }
- my $email_users = $aliases->expand($alias) or die "User not found";
-
- if ($session_user ~~ @$email_users) {
+ if ($session_user ~~ email_users($::MULKONF, $email)) {
say encode_json({logged_in_p => 1});
} else {
say encode_json({logged_in_p => 0});
diff --git a/www/login.pl b/www/login.pl
index 630d5df..9f6831d 100755
--- a/www/login.pl
+++ b/www/login.pl
@@ -5,8 +5,6 @@ use common::sense;
#use Modern::Perl 2011;
use Modern::Perl;
-use Mail::ExpandAliases;
-
use JSON;
use CGI;
@@ -16,14 +14,16 @@ use CGI::Session;
use Mail::IMAPTalk ;
#use IO::Socket::SSL;
+do "common.pl";
-sub check_password($$) {
- my ($user, $password) = @_;
+sub check_password($$$) {
+ my ($config, $user, $password) = @_;
#my $socket = IO::Socket::SSL->new('imap.googlemail.com:imaps');
my $imap = Mail::IMAPTalk->new(
# Socket => $socket,
- Server => 'localhost',
+ Server => $config->{imap_server},
+ Port => $config->{imap_port},
Username => $user,
Password => $password,
Uid => 1
@@ -38,6 +38,9 @@ sub check_password($$) {
while (my $cgi = new CGI::Fast) {
+ local $::MULKONF = { };
+ do "config.pl";
+
my $cookie = $cgi->cookie('mulkid_session');
my $session;
if ($cookie) {
@@ -56,18 +59,12 @@ while (my $cgi = new CGI::Fast) {
-cookie => $cookie);
}
- my $aliases = Mail::ExpandAliases->new("/etc/aliases");
-
my $email = $cgi->param('email') or die "No email address provided";
my $password = $cgi->param('password') or die "Empty password";
- my $alias;
- if ($email =~ /^(.*?)@/) { $alias = $1; }
- my $users = $aliases->expand($alias);
-
- for my $user (@$users) {
+ for my $user (email_users($::MULKONF, $email)) {
#say STDERR "Trying user: $user";
- if (check_password($user, $password)) {
+ if (check_password($::MULKONF, $user, $password)) {
$session->param('user', $user);
say encode_json({user => $user});
exit 0;
diff --git a/www/sign.pl b/www/sign.pl
index 85f75b3..d936303 100755
--- a/www/sign.pl
+++ b/www/sign.pl
@@ -15,12 +15,12 @@ use CGI;
use CGI::Fast;
use CGI::Session;
-use Mail::ExpandAliases;
-
use MIME::Base64 qw(encode_base64 decode_base64);
use Time::HiRes qw(time);
+do "common.pl";
+
sub decode_base64_url($) {
# From: https://github.com/ptarjan/base64url/blob/master/perl.pl
@@ -39,14 +39,14 @@ sub encode_base64_url($) {
}
-sub sign($$$$) {
+sub sign($$$$$) {
# NB. Treating the jwcrypto code as the spec here.
- my ($key, $client_pubkey, $email, $duration) = @_;
+ my ($key, $client_pubkey, $email, $duration, $domain) = @_;
my $issued_at = int(1000*time);
my $cert = {
- iss => "mulk.eu",
+ iss => $domain,
exp => $issued_at + 1000*$duration,
iat => $issued_at,
"public-key" => $client_pubkey,
@@ -65,31 +65,28 @@ sub sign($$$$) {
}
-our $MULKONF;
-do "config.pl";
-
while (my $cgi = new CGI::Fast) {
+ local $::MULKONF = { };
+ do "config.pl";
+
my $cookie = $cgi->cookie('mulkid_session') or die "No session cookie";
my $session = new CGI::Session("driver:File", $cookie, {Directory=>"/tmp"}) or die "Invalid session cookie";
print $cgi->header(-content_type => 'application/json; charset=UTF-8');
- my $key = Crypt::OpenSSL::RSA->new_private_key(scalar read_file($MULKONF->{pemfile}));
+ my $key = Crypt::OpenSSL::RSA->new_private_key(scalar read_file($::MULKONF->{pemfile}));
$key->use_pkcs1_padding();
$key->use_sha256_hash();
- my $aliases = Mail::ExpandAliases->new("/etc/aliases");
my $user_pubkey = $cgi->param('pubkey') or die "Nothing to sign";
my $duration = $cgi->param('duration') || 24*3600;
my $email = $cgi->param('email') or die "No email address supplied";
my $session_user = $session->param('user');
- my $alias;
my $domain;
- if ($email =~ /^(.*?)@(.*)/) { $alias = $1; $domain = $2; }
- my $email_users = $aliases->expand($alias) or die "User not found";
+ if ($email =~ /^(.*?)@(.*)/) { $domain = $2; }
die "User is not authorized to use this email address"
- unless ($session_user ~~ @$email_users);
+ unless ($session_user ~~ email_users($::MULKONF, $email));
my $sig = sign $key, decode_json($user_pubkey), $email, $duration, $domain;
say encode_json({signature => $sig});