use new keyhash format file
This commit is contained in:
parent
fbec34f6fa
commit
74d6cefadd
|
@ -4,18 +4,6 @@ header() {
|
||||||
echo -e 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n'
|
echo -e 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n'
|
||||||
}
|
}
|
||||||
|
|
||||||
# let nginx do it!
|
|
||||||
#header_redir_display() {
|
|
||||||
# header
|
|
||||||
# echo "<head><meta http-equiv=\"Refresh\" content=\"0; $SCRIPT_NAME?secret=$secret\"></head>"
|
|
||||||
#}
|
|
||||||
|
|
||||||
## enforce SSL
|
|
||||||
#if [ $SERVER_PORT -ne 443 ]; then
|
|
||||||
# header_redir_display
|
|
||||||
# exit
|
|
||||||
#fi
|
|
||||||
|
|
||||||
# extract parameters
|
# extract parameters
|
||||||
# tr -dc removes all characters, this prevents things like xss
|
# tr -dc removes all characters, this prevents things like xss
|
||||||
getp() {
|
getp() {
|
||||||
|
@ -23,15 +11,15 @@ getp() {
|
||||||
| tr "?&" "\n" | tr --complement --delete "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//"
|
| tr "?&" "\n" | tr --complement --delete "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//"
|
||||||
}
|
}
|
||||||
secret=$(getp secret)
|
secret=$(getp secret)
|
||||||
hashed_secret=$(echo "$secret" | md5sum | cut -f1 -d\ )
|
hashed_secret=$(echo "$secret" | sha512sum | cut -f1 -d\ )
|
||||||
cmd=$(getp cmd)
|
cmd=$(getp cmd)
|
||||||
|
|
||||||
# check secret
|
# check secret
|
||||||
# the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines
|
# the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines
|
||||||
# secrets can only contain the characters that are allowed in getp() with tr -dc
|
# secrets can only contain the characters that are allowed in getp() with tr -dc
|
||||||
if [ -z "$secret" ] || ! grep -q "^$hashed_secret$" /etc/door-token-hashs; then
|
if [ -z "$secret" ] || ! grep -q ";$hashed_secret$" /etc/tuer3.0/door_access_list; then
|
||||||
header
|
header
|
||||||
[ -z "$secret" ] || echo "<html><p>Ich bin mir nicht sicher. Mir scheint, du bist doch ein Kohlkopf oder Anderes!</p>"
|
[ -z "$secret" ] || echo "<html><p>Ich bin mir nicht sicher. Mir scheint, du bist doch ein Kohlkopf oder Anderes!</p> $hashed_secret"
|
||||||
cat /var/www/tpl/secret.html
|
cat /var/www/tpl/secret.html
|
||||||
exit
|
exit
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in a new issue