From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Thu, 10 Jan 2013 12:28:21 +0000 (+0000)
Subject: wip
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=commitdiff_plain;h=3bd820f25e36c43f0596f20f04a9bc2267053feb;hp=e224b3902cd0d5d67dff020dd87cb8db633e7c2d

wip
---

diff --git a/TODO b/TODO
index 9f0b1fd..e2ceefc 100644
--- a/TODO
+++ b/TODO
@@ -1,10 +1,8 @@
 REQUEST_METHOD=post CAHTEST_HOME=`pwd` ./test.cgi ; echo
 
 
-make parameter values hash of cookie values
-
-<input type="submit" name="ARRAY(0x9742318)" value="Login"></td></tr>
+sort out debugging
 
-cookie header not generated
+make parameter values hash of cookie values
 
 missing hidden parameter
diff --git a/cgi-auth-hybrid.pm b/cgi-auth-hybrid.pm
index 6453779..21a8fb5 100644
--- a/cgi-auth-hybrid.pm
+++ b/cgi-auth-hybrid.pm
@@ -119,7 +119,7 @@ sub gen_plain_login_form ($$) {
 		 ' name="'.$r->{S}{password_param_name}.'"></td></tr>');
     push @form, ('<tr><td colspan="2">',
 		 '<input type="submit"'.
-		 ' name="'.$r->{S}{login_submit_name}.'"'.
+		 ' name="'.$r->{S}{login_submit_name}[0].'"'.
 		 ' value="'.$r->_gt('Login').'"></td></tr>',
 		 '</table>');
     foreach my $n (keys %$params) {
@@ -154,6 +154,7 @@ sub new_verifier {
 	    associdlen => 128, # bits
 	    login_timeout => 86400, # seconds
 	    assoc_param_name => 'cah_associd',
+	    cookie_name => "cah_associd",
 	    password_param_name => 'password',
 	    username_param_names => [qw(username)],
 	    form_entry_size => 60,
@@ -176,7 +177,7 @@ sub new_verifier {
 	    do_redirect => \&do_redirect_cgi, # this hook is allowed to throw
 	    cookie_path => "/",
 	    get_cookie_domain => \&get_cookie_domain,
-	    encrypted_only => 0,
+	    encrypted_only => 1,
 	    gen_start_html => sub { $_[0]->start_html($_[2]); },
 	    gen_end_html => sub { $_[0]->end_html(); },
 	    gen_login_form => \&gen_plain_login_form,
@@ -305,13 +306,14 @@ sub construct_cookie ($$$) {
     my ($r, $cookv) = @_;
     return undef unless $cookv;
     my $c = $r->{Cgi};
-    my $cookie = $c->cookie(-name => $r->{S}{cookie_name},
+my @ca = (-name => $r->{S}{cookie_name},
                              -value => $cookv,
                              -path => $r->{S}{cookie_path},
                              -domain => $r->_ch('get_cookie_domain'),
                              -expires => '+'.$r->{S}{login_timeout}.'s',
                              -secure => $r->{S}{encrypted_only});
-print STDERR "CC $r $c $cookv $cookie\n";
+    my $cookie = $c->cookie(@ca);
+print STDERR "CC $r $c $cookv $cookie (@ca).\n";
     return $cookie;
 }
 
@@ -678,7 +680,7 @@ sub check_ok ($) {
 
     $r->_print($r->{Cgi}->header($r->_cgi_header_args($cookie)),
 	       $r->_ch('gen_start_html',$title),
-	       @body,
+	       (join "\n", @body),
 	       $r->_ch('gen_end_html'));
     return 0;
 }
diff --git a/test.cgi b/test.cgi
index 59b7976..05cc46f 100755
--- a/test.cgi
+++ b/test.cgi
@@ -11,6 +11,7 @@ my $dump = "$ENV{'CAHTEST_HOME'}/dump";
 my $verifier = CGI::Auth::Hybrid->new_verifier(
    assocdb_path => "$dump/assoc.db",
    username_password_ok => sub { my ($c,$r,$u,$p)=@_; return $p eq 'sesame'; },
+   encrypted_only => 0,
 );
 
 END { $verifier->disconnect() if $verifier; }
