summaryrefslogtreecommitdiffstats
path: root/net-ftp/bsdftpd-ssl/files/auth.sslftp
diff options
context:
space:
mode:
Diffstat (limited to 'net-ftp/bsdftpd-ssl/files/auth.sslftp')
-rw-r--r--net-ftp/bsdftpd-ssl/files/auth.sslftp43
1 files changed, 43 insertions, 0 deletions
diff --git a/net-ftp/bsdftpd-ssl/files/auth.sslftp b/net-ftp/bsdftpd-ssl/files/auth.sslftp
new file mode 100644
index 0000000..539140d
--- /dev/null
+++ b/net-ftp/bsdftpd-ssl/files/auth.sslftp
@@ -0,0 +1,43 @@
+#! /usr/bin/perl
+
+# Output must be at least 8 bytes
+
+sub return_error {
+ print STDOUT "200\r\n\r\n";
+ exit;
+}
+
+sub return_ok {
+ $user=@_[0];
+ print STDOUT "100\r\n$user\r\n";
+ exit;
+}
+
+$/="\r\n";
+$user=<STDIN>;chomp($user);
+$/="\n";
+$mode=0;
+while (<>) {
+ if (($mode==0)&&($_ =~ /-----BEGIN CERTIFICATE-----/)) { $mode = 1; }
+ elsif (($mode==1)&&($_ =~ /-----END CERTIFICATE-----/)) { $mode = 2; }
+ if ($mode) {
+ $_ =~ /^(.*)[\n\r]+$/;
+ $cert.=$1;
+ }
+ if ($mode==2) { last; }
+}
+
+#$cert=join "", @cert_lines;
+$cert =~ m/-----BEGIN CERTIFICATE-----(.*)-----END CERTIFICATE-----/;
+$client_cert = $1;
+
+open(ucf, "/opt/ssl/user_certs/$user.crt") or return_error();
+@cert_lines=<ucf>;
+chomp(@cert_lines);
+$cert=join "", @cert_lines;
+close(ucf);
+$cert =~ m/-----BEGIN CERTIFICATE-----(.*)-----END CERTIFICATE-----/;
+$user_cert = $1;
+
+if (($user_cert cmp $client_cert) == 0) { return_ok($user); }
+return_error();