X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=cgi-auth-flexible.pm;h=a2975199a14a65cbbf5266759e9de6b92bf62cc9;hb=8fdc8b3c4aafee033887c600384a7a78521b9a18;hp=a141877df270f8c6a111fe125ffd85230ad50b57;hpb=ec2fdb61f044bb0db25602faae2a4f2c1400791e;p=cgi-auth-flexible.git

diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm
index a141877..a297519 100644
--- a/cgi-auth-flexible.pm
+++ b/cgi-auth-flexible.pm
@@ -387,7 +387,8 @@ sub srcdump_dirscan_prepare ($$) {
     close $reportfh or die $!;
     srcdump_install($c,$v, $dumpdir, 'licence', 'text/plain');
     $!=0;
-    my @cmd = (qw(tar -zvvcf), "$dumpdir/source.tmp",
+    my @cmd = (qw(sh -ec), 'exec >&2 "$@"', qw(x),
+               qw(tar -zvvcf), "$dumpdir/source.tmp",
 	       "-C", $dumpdir, qw(  --), @srcfiles);
     my $r = system(@cmd);
     if ($r) {
@@ -843,7 +844,7 @@ sub _check_divert_core ($) {
                                          " enabled.  You must enable cookies".
                                          " as we use them for login."),
                       _CookieRaw => $r->_fresh_secret(),
-                      Params => $r->_chain_params() })
+                      Params => $r->chain_params() })
         }
         if (!$cookt || $cookt eq 'n' || $cookh ne $parmh) {
             $r->_db_revoke($cookh);
@@ -861,13 +862,13 @@ sub _check_divert_core ($) {
             return ({ Kind => 'LOGIN-BAD',
                       Message => $login_errormessage,
                       _CookieRaw => $cooks,
-                      Params => $r->_chain_params() })
+                      Params => $r->chain_params() })
         }
 	$r->_db_record_login_ok($parmh,$username);
 	return ({ Kind => 'REDIRECT-LOGGEDIN',
 		  Message => $r->_gt("Logging in..."),
 		  _CookieRaw => $cooks,
-		  Params => $r->_chain_params() });
+		  Params => $r->chain_params() });
     }
     if ($cookt eq 't') {
 	$cookt = '';
@@ -887,7 +888,7 @@ sub _check_divert_core ($) {
 	    return ({ Kind => 'LOGIN-INCOMINGLINK',
 		      Message => $r->_gt("You need to log in."),
 		      _CookieRaw => $news,
-		      Params => $r->_chain_params() });
+		      Params => $r->chain_params() });
 	} else {
 	    $r->_db_revoke($parmh);
 	    return ({ Kind => 'LOGIN-FRESH',
@@ -921,14 +922,7 @@ sub _check_divert_core ($) {
     return undef;
 }
 
-sub _chain_params ($) {
-# =item C<< $authreq->_chain_params() >>
-#
-# Returns a hash of the "relevant" parameters to this request, in a form
-# used by C<url_with_query_params>.  This is all of the query parameters
-# which are not related to CGI::Auth::Flexible.  The PATH_INFO from the
-# request is returned as the parameter C<< '' >>.
-
+sub chain_params ($) {
     my ($r) = @_;
     my %p = %{ $r->_ch('get_params') };
     foreach my $pncn (keys %{ $r->{S} }) {
@@ -1035,16 +1029,17 @@ sub check_divert ($) {
     $r->{Divert} = $r->_db_transaction(sub { $r->_check_divert_core(); });
     $dbh->commit();
 
-    my $cookraw = $r->{_CookieRaw};
-    $r->{CookieSecret} = $r->_blind($cookraw);
+    my $divert = $r->{Divert};
+    my $cookraw = $divert && $divert->{_CookieRaw};
     if ($cookraw) {
-	$r->{Params}{$r->{S}{assoc_param_name}} = [
+        $divert->{CookieSecret} = $r->_blind($cookraw);
+	$divert->{Params}{$r->{S}{assoc_param_name}} = [
 	    $r->_blind($r->hash($cookraw))
 	    ];
     }
 
-    $r->_debug(Data::Dumper->Dump([$r->{Divert}],[qw(divert)]));
-    return $r->{Divert};
+    $r->_debug(Data::Dumper->Dump([$divert],[qw(divert)]));
+    return $divert;
 }
 
 sub get_divert ($) {
@@ -1183,13 +1178,13 @@ sub _blind ($$) {
     my $mask = $r->_random(($l+1)>>1);
     $mask = substr $mask, 0, $l;
     my $blound = $r->_blind_combine($in, $mask);
-    return "$blound/$mask";
+    return "$blound.$mask";
 }
 
 sub _unblind ($$) {
     my ($r, $in) = @_;
     return $in unless $in;
-    my ($blound,$mask) = ($in =~ m#^(.*)/([0-9a-f]+)$#) or die "$in ?";
+    my ($blound,$mask) = ($in =~ m#^(.*)\.([0-9a-f]+)$#) or die "$in ?";
     my $l = $r->_blind_len($blound);
     $l == length($mask) or die "$in ?";
     return $r->_blind_combine($blound, $mask);