chiark / gitweb /
wip
authorIan Jackson <ian.jackson@eu.citrix.com>
Thu, 10 Jan 2013 12:28:21 +0000 (12:28 +0000)
committerIan Jackson <Ian.Jackson@eu.citrix.com>
Thu, 10 Jan 2013 12:28:21 +0000 (12:28 +0000)
TODO
cgi-auth-hybrid.pm
test.cgi

diff --git a/TODO b/TODO
index 9f0b1fd..e2ceefc 100644 (file)
--- a/TODO
+++ b/TODO
@@ -1,10 +1,8 @@
 REQUEST_METHOD=post CAHTEST_HOME=`pwd` ./test.cgi ; echo
 
 
-make parameter values hash of cookie values
-
-<input type="submit" name="ARRAY(0x9742318)" value="Login"></td></tr>
+sort out debugging
 
-cookie header not generated
+make parameter values hash of cookie values
 
 missing hidden parameter
index 6453779..21a8fb5 100644 (file)
@@ -119,7 +119,7 @@ sub gen_plain_login_form ($$) {
                 ' name="'.$r->{S}{password_param_name}.'"></td></tr>');
     push @form, ('<tr><td colspan="2">',
                 '<input type="submit"'.
-                ' name="'.$r->{S}{login_submit_name}.'"'.
+                ' name="'.$r->{S}{login_submit_name}[0].'"'.
                 ' value="'.$r->_gt('Login').'"></td></tr>',
                 '</table>');
     foreach my $n (keys %$params) {
@@ -154,6 +154,7 @@ sub new_verifier {
            associdlen => 128, # bits
            login_timeout => 86400, # seconds
            assoc_param_name => 'cah_associd',
+           cookie_name => "cah_associd",
            password_param_name => 'password',
            username_param_names => [qw(username)],
            form_entry_size => 60,
@@ -176,7 +177,7 @@ sub new_verifier {
            do_redirect => \&do_redirect_cgi, # this hook is allowed to throw
            cookie_path => "/",
            get_cookie_domain => \&get_cookie_domain,
-           encrypted_only => 0,
+           encrypted_only => 1,
            gen_start_html => sub { $_[0]->start_html($_[2]); },
            gen_end_html => sub { $_[0]->end_html(); },
            gen_login_form => \&gen_plain_login_form,
@@ -305,13 +306,14 @@ sub construct_cookie ($$$) {
     my ($r, $cookv) = @_;
     return undef unless $cookv;
     my $c = $r->{Cgi};
-    my $cookie = $c->cookie(-name => $r->{S}{cookie_name},
+my @ca = (-name => $r->{S}{cookie_name},
                              -value => $cookv,
                              -path => $r->{S}{cookie_path},
                              -domain => $r->_ch('get_cookie_domain'),
                              -expires => '+'.$r->{S}{login_timeout}.'s',
                              -secure => $r->{S}{encrypted_only});
-print STDERR "CC $r $c $cookv $cookie\n";
+    my $cookie = $c->cookie(@ca);
+print STDERR "CC $r $c $cookv $cookie (@ca).\n";
     return $cookie;
 }
 
@@ -678,7 +680,7 @@ sub check_ok ($) {
 
     $r->_print($r->{Cgi}->header($r->_cgi_header_args($cookie)),
               $r->_ch('gen_start_html',$title),
-              @body,
+              (join "\n", @body),
               $r->_ch('gen_end_html'));
     return 0;
 }
index 59b7976..05cc46f 100755 (executable)
--- a/test.cgi
+++ b/test.cgi
@@ -11,6 +11,7 @@ my $dump = "$ENV{'CAHTEST_HOME'}/dump";
 my $verifier = CGI::Auth::Hybrid->new_verifier(
    assocdb_path => "$dump/assoc.db",
    username_password_ok => sub { my ($c,$r,$u,$p)=@_; return $p eq 'sesame'; },
+   encrypted_only => 0,
 );
 
 END { $verifier->disconnect() if $verifier; }