136 lines
3.0 KiB
Bash
136 lines
3.0 KiB
Bash
|
#! /bin/sh
|
||
|
#
|
||
|
# Copyright 2007. Petar Zhivkov Petrov
|
||
|
# pesho.petrov@gmail.com
|
||
|
#
|
||
|
# $FreeBSD$
|
||
|
|
||
|
usage() {
|
||
|
echo "Usage: $0 clientName serverName"
|
||
|
echo " $0 -v"
|
||
|
}
|
||
|
|
||
|
countChars() {
|
||
|
_count="`echo "$1" | sed -e "s/[^$2]//g" | tr -d "\n" | wc -c`"
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
readPassword() {
|
||
|
while [ true ]; do
|
||
|
stty -echo
|
||
|
read -p "$1" _password
|
||
|
stty echo
|
||
|
echo ""
|
||
|
countChars "$_password" ":"
|
||
|
if [ $_count != 0 ]; then
|
||
|
echo "Sorry, password must not contain \":\" characters"
|
||
|
echo ""
|
||
|
else
|
||
|
break
|
||
|
fi
|
||
|
done
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
makeSecret() {
|
||
|
local clientLower="`echo "$1" | tr "[:upper:]" "[:lower:]"`"
|
||
|
local serverLower="`echo "$2" | tr "[:upper:]" "[:lower:]"`"
|
||
|
local secret="`md5 -qs "$clientLower:$serverLower:$3"`"
|
||
|
_secret="\$md5\$$secret"
|
||
|
}
|
||
|
|
||
|
if [ $# -eq 1 -a "X$1" = "X-v" ]; then
|
||
|
echo "Csup authentication key generator"
|
||
|
usage
|
||
|
exit
|
||
|
elif [ $# -ne 2 ]; then
|
||
|
usage
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
clientName=$1
|
||
|
serverName=$2
|
||
|
|
||
|
#
|
||
|
# Client name must contain exactly one '@' and at least one '.'.
|
||
|
# It must not contain a ':'.
|
||
|
#
|
||
|
|
||
|
countChars "$clientName" "@"
|
||
|
aCount=$_count
|
||
|
|
||
|
countChars "$clientName" "."
|
||
|
dotCount=$_count
|
||
|
if [ $aCount -ne 1 -o $dotCount -eq 0 ]; then
|
||
|
echo "Client name must have the form of an e-mail address,"
|
||
|
echo "e.g., \"user@domain.com\""
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
countChars "$clientName" ":"
|
||
|
colonCount=$_count
|
||
|
if [ $colonCount -gt 0 ]; then
|
||
|
echo "Client name must not contain \":\" characters"
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
#
|
||
|
# Server name must not contain '@' and must have at least one '.'.
|
||
|
# It also must not contain a ':'.
|
||
|
#
|
||
|
|
||
|
countChars "$serverName" "@"
|
||
|
aCount=$_count
|
||
|
|
||
|
countChars "$serverName" "."
|
||
|
dotCount=$_count
|
||
|
if [ $aCount != 0 -o $dotCount = 0 ]; then
|
||
|
echo "Server name must be a fully-qualified domain name."
|
||
|
echo "e.g., \"host.domain.com\""
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
countChars "$serverName" ":"
|
||
|
colonCount=$_count
|
||
|
if [ $colonCount -gt 0 ]; then
|
||
|
echo "Server name must not contain \":\" characters"
|
||
|
exit
|
||
|
fi
|
||
|
|
||
|
#
|
||
|
# Ask for password and generate secret.
|
||
|
#
|
||
|
|
||
|
while [ true ]; do
|
||
|
readPassword "Enter password: "
|
||
|
makeSecret "$clientName" "$serverName" "$_password"
|
||
|
secret=$_secret
|
||
|
|
||
|
readPassword "Enter same password again: "
|
||
|
makeSecret "$clientName" "$serverName" "$_password"
|
||
|
secret2=$_secret
|
||
|
|
||
|
if [ "X$secret" = "X$secret2" ]; then
|
||
|
break
|
||
|
else
|
||
|
echo "Passwords did not match. Try again."
|
||
|
echo ""
|
||
|
fi
|
||
|
done
|
||
|
|
||
|
echo ""
|
||
|
echo "Send this line to the server administrator at $serverName:"
|
||
|
echo "-------------------------------------------------------------------------------"
|
||
|
echo "$clientName:$secret::"
|
||
|
echo "-------------------------------------------------------------------------------"
|
||
|
echo "Be sure to send it using a secure channel!"
|
||
|
echo ""
|
||
|
echo "Add this line to your file \"$HOME/.csup/auth\", replacing \"XXX\""
|
||
|
echo "with the password you typed in:"
|
||
|
echo "-------------------------------------------------------------------------------"
|
||
|
echo "$serverName:$clientName:XXX:"
|
||
|
echo "-------------------------------------------------------------------------------"
|
||
|
echo "Make sure the file is readable and writable only by you!"
|
||
|
echo ""
|
||
|
|