mirror of
				git://git.psyced.org/git/psyced
				synced 2024-08-15 03:25:10 +00:00 
			
		
		
		
	htchallenge: md5 can handle any regmatch
This commit is contained in:
		
							parent
							
								
									79d7ed3549
								
							
						
					
					
						commit
						9e02ba080c
					
				
					 2 changed files with 11 additions and 7 deletions
				
			
		|  | @ -613,21 +613,24 @@ htget(prot, query, headers, qs) { | |||
| #ifdef CHALLENGE_MATCH | ||||
| #include <sys/regexp.h> | ||||
| 
 | ||||
| // maybe this all belongs into archetype.gen.. chesmo! | ||||
| htget(prot, query, headers, qs, data, noprocess) { | ||||
| 	// could use a hash of the password instead | ||||
| 	if (stringp(headers["cookie"]) && regmatch(headers["cookie"], | ||||
| 		 "challenge=complete&answer=" CHALLENGE_MATCH)) | ||||
| 		 "challenge=complete&answer="+ md5(CHALLENGE_MATCH))) | ||||
| # ifdef HTGET | ||||
| 	    return HTGET; | ||||
| # else | ||||
| 	    return ::htget(prot, query, headers, qs, data, noprocess); | ||||
| # endif | ||||
| 	string item = headers[item] || "/@"+ MYNICK; | ||||
| 	if (stringp(query["answer"]) && | ||||
| 	if (stringp(query["answer"]) && headers["cookie"] && | ||||
| 	    regmatch(headers["cookie"], "challenge=given") && | ||||
| 	    regmatch(lower_case(query["answer"]), CHALLENGE_MATCH, | ||||
| 		     RE_MATCH_SUBS)) { | ||||
| 	    regmatch(lower_case(query["answer"]), CHALLENGE_MATCH)) { | ||||
| 		// lazy me could have used referer here ;) | ||||
| 		string nu = stringp(query["parameters"]) && | ||||
| 			     strlen(query["parameters"]) ? | ||||
| 			 item +"?"+ query["parameters"] : item; | ||||
| 		htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer=" CHALLENGE_MATCH "\"; path="+ item +";\n"); | ||||
| 		htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer="+ md5(CHALLENGE_MATCH) +"\"; path="+ item +";\n"); | ||||
| 		return 1; | ||||
| 	} | ||||
| 	sTextPath(query["layout"], query["lang"], "html"); | ||||
|  | @ -641,7 +644,7 @@ htget(prot, query, headers, qs, data, noprocess) { | |||
| 		    // we maintain the original qs for next attempt: | ||||
| 	       "_parameters" : query["parameters"] || qs, | ||||
| 	       "_nick_place" : MYNICK ]) ); | ||||
| 	printf("%O (%O) in %O\n", query, qs, headers); | ||||
| 	// printf("%O vs %O\n", query, headers); | ||||
| 	return 1; | ||||
| } | ||||
| #endif | ||||
|  |  | |||
|  | @ -670,6 +670,7 @@ htget(prot, query, headers, qs, data, noprocess) { | |||
| 	write("\n\nYou are looking at the "+MYNICK+" default page.\n"); | ||||
| #  endif | ||||
| # endif | ||||
| 	//printf("%O: %O (%O) in %O\n", this_interactive(), query, qs, headers); | ||||
| 	return 1; | ||||
| } | ||||
| #endif | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue