@@ -7,28 +7,26 @@ module Framework
7
7
module Varnish
8
8
module Client
9
9
10
+ auth_required_regex = /107 \d +\s \s \s \s \s \s \n (\w +)\n \n Authentication required./ # 107 auth
11
+ auth_success_regex = /200 \d +/ # 200 ok
10
12
11
13
def login ( pass )
14
+ # based on https://www.varnish-cache.org/trac/wiki/CLI
12
15
begin
13
- if require_auth?
14
- sock . put ( "auth #{ Rex ::Text . rand_text_alphanumeric ( 3 ) } \n " ) # Cause a login fail to get the challenge
15
- res = sock . get_once ( -1 , 3 ) # grab challenge
16
- if res && res =~ /107 \d +\s \s \s \s \s \s \n (\w +)\n \n Authentication required./ # 107 auth
17
- challenge = $1
18
- response = challenge + "\n "
19
- response << pass + "\n "
20
- response << challenge + "\n "
21
- response = Digest ::SHA256 . hexdigest ( response )
22
- sock . put ( "auth #{ response } \n " )
23
- res = sock . get_once ( -1 , 3 )
24
- if res && res =~ /200 \d +/ # 200 ok
25
- return true
26
- else
27
- return false
28
- end
16
+ auth = require_auth? . to_s
17
+ if not auth == 'false'
18
+ #raise RuntimeError, $1 + "\n" + pass.strip + "\n" + $1 + "\n" + "auth " + Digest::SHA256.hexdigest("#{$1}\n#{pass.strip}\n#{$1}\n")
19
+ response = Digest ::SHA256 . hexdigest ( "#{ $1} \n #{ pass . strip } \n #{ $1} \n " )
20
+ sock . put ( "auth #{ response } \n " )
21
+ res = sock . get_once ( -1 , 3 )
22
+ raise RuntimeError , res
23
+ if res && res =~ @auth_success_regex
24
+ return true
29
25
else
30
- raise RuntimeError , "Varnish Login timeout"
26
+ return false
31
27
end
28
+ else
29
+ raise RuntimeError , "No Auth Required"
32
30
end
33
31
rescue Timeout ::Error
34
32
raise RuntimeError , "Varnish Login timeout"
@@ -40,13 +38,14 @@ def close_session
40
38
end
41
39
42
40
def require_auth?
41
+ # function returns false if no auth is required, else
43
42
sock . put ( "auth #{ Rex ::Text . rand_text_alphanumeric ( 3 ) } \n " ) # Cause a login fail to get the challenge
44
43
res = sock . get_once ( -1 , 3 ) # grab challenge
45
- if res && res =~ /107 \d + \s \s \s \s \s \s \n ( \w +) \n \n Authentication required./ # 107 auth
46
- return true
47
- else
48
- return false
49
- end
44
+ if res && res =~ @auth_required_regex
45
+ return $1
46
+ else
47
+ return false
48
+ end
50
49
end
51
50
52
51
end
0 commit comments