1#! /bin/sh
2#
3# Copyright 2007. Petar Zhivkov Petrov 
4# pesho.petrov@gmail.com
5#
6# $FreeBSD$
7
8usage() {
9	echo "Usage: $0 clientName serverName"
10	echo "       $0 -v"
11}
12
13countChars() {
14    _count="`echo "$1" | sed -e "s/[^$2]//g" | tr -d "\n" | wc -c`"
15	return 0
16}
17
18readPassword() {
19	while [ true ]; do
20		stty -echo
21		read -p "$1" _password
22		stty echo
23		echo ""
24		countChars "$_password" ":"
25		if [ $_count != 0 ]; then
26			echo "Sorry, password must not contain \":\" characters"
27			echo ""
28		else
29			break
30		fi
31	done
32	return 0
33}
34
35makeSecret() {
36	local clientLower="`echo "$1" | tr "[:upper:]" "[:lower:]"`"
37	local serverLower="`echo "$2" | tr "[:upper:]" "[:lower:]"`"
38	local secret="`md5 -qs "$clientLower:$serverLower:$3"`"
39	_secret="\$md5\$$secret"
40}
41
42if [ $# -eq 1 -a "X$1" = "X-v" ]; then
43	echo "Csup authentication key generator"
44	usage
45	exit
46elif [ $# -ne 2 ]; then
47	usage
48	exit
49fi
50
51clientName=$1
52serverName=$2
53
54#
55# Client name must contain exactly one '@' and at least one '.'.
56# It must not contain a ':'.
57#
58
59countChars "$clientName" "@"
60aCount=$_count
61
62countChars "$clientName" "."
63dotCount=$_count
64if [ $aCount -ne 1 -o $dotCount -eq 0 ]; then
65	echo "Client name must have the form of an e-mail address,"
66	echo "e.g., \"user@domain.com\""
67	exit
68fi
69
70countChars "$clientName" ":"
71colonCount=$_count
72if [ $colonCount -gt 0 ]; then
73	echo "Client name must not contain \":\" characters"
74	exit
75fi
76
77#
78# Server name must not contain '@' and must have at least one '.'.
79# It also must not contain a ':'.
80#
81
82countChars "$serverName" "@"
83aCount=$_count
84
85countChars "$serverName" "."
86dotCount=$_count
87if [ $aCount != 0 -o $dotCount = 0 ]; then
88	echo "Server name must be a fully-qualified domain name."
89	echo "e.g., \"host.domain.com\""
90	exit
91fi
92
93countChars "$serverName" ":"
94colonCount=$_count
95if [ $colonCount -gt 0 ]; then
96	echo "Server name must not contain \":\" characters"
97	exit
98fi
99
100#
101# Ask for password and generate secret.
102#
103
104while [ true ]; do
105	readPassword "Enter password: "
106	makeSecret "$clientName" "$serverName" "$_password"
107	secret=$_secret
108
109	readPassword "Enter same password again: "
110	makeSecret "$clientName" "$serverName" "$_password"
111	secret2=$_secret
112
113	if [ "X$secret" = "X$secret2" ]; then
114		break
115	else
116		echo "Passwords did not match.  Try again."
117		echo ""
118	fi
119done
120
121echo ""
122echo "Send this line to the server administrator at $serverName:"
123echo "-------------------------------------------------------------------------------"
124echo "$clientName:$secret::"
125echo "-------------------------------------------------------------------------------"
126echo "Be sure to send it using a secure channel!"
127echo ""
128echo "Add this line to your file \"$HOME/.csup/auth\", replacing \"XXX\""
129echo "with the password you typed in:"
130echo "-------------------------------------------------------------------------------"
131echo "$serverName:$clientName:XXX:"
132echo "-------------------------------------------------------------------------------"
133echo "Make sure the file is readable and writable only by you!"
134echo ""
135
136