Restart git history without references to work email

Previous commits: Author: Nat Lasseter <user@4574.co.uk> Date: 2025-02-18 15:15:27 +0000 [3.2] Tickets have fixed 8-hour lifetimes now Author: Nat Lasseter <user@4574.co.uk> Date: 2025-02-18 15:15:27 +0000 [3.11] Added .keytab file, got rid of get_ticket. Author: Nat Lasseter <user@4574.co.uk> Date: 2025-02-18 15:15:27 +0000 [3.1] Added the TGS Author: Nat Lasseter <user@4574.co.uk> Date: 2025-02-18 15:15:27 +0000 Add readme Author: Nat Lasseter <user@4574.co.uk> Date: 2025-02-18 15:15:27 +0000 Up to end of scene 2
author: Nat Lasseter <user@4574.co.uk> 2025-02-18 15:25:49 +0000
committer: Nat Lasseter <user@4574.co.uk> 2025-02-18 15:25:49 +0000
commit: b50766d496010bf2856dac88d97c236cf5944ae6 (patch)
tree: d8db60dce038de43876ff5544828b92614315e9d /2.1
4 files changed, 117 insertions, 0 deletions
diff --git a/2.1/charon.rb b/2.1/charon.rb
new file mode 100755
index 0000000..f41bfa5
--- /dev/null
+++ b/2.1/charon.rb
@@ -0,0 +1,38 @@
+#!/usr/bin/env ruby
+
+require 'openssl'
+require 'securerandom'
+require 'sinatra'
+
+Users = {
+  "Athena" => "Passw0rd!"
+}
+
+Services = {
+  "Mail" => "{FvM<kgG}VpHxKJO;6Zo"
+}
+
+def ticket(username, service, password)
+  cipher = OpenSSL::Cipher::AES.new(256, :CBC).encrypt
+  cipher.key = Digest::SHA2.digest(password)
+  s = cipher.update("#{username}:#{service}") + cipher.final
+
+  s.unpack('H*')[0].upcase + ?\n
+end
+
+def noleak(msg, ul, sl)
+  puts "Error: #{msg}, returning nonsense to avoid leakage."
+  ticket(SecureRandom.alphanumeric(ul), SecureRandom.alphanumeric(sl), SecureRandom.alphanumeric(16))
+end
+
+post '/ticket' do
+  request.body.rewind
+  data = JSON.parse(request.body.read)
+  next "Invalid request\n" unless data.keys.sort == %w(password service username)
+  ul = data["username"].length
+  sl = data["service"].length
+  next noleak("Invalid service", ul, sl) unless Services.keys.include?(data["service"])
+  next noleak("Invalid username", ul, sl) unless Users.keys.include?(data["username"])
+  next noleak("Invalid password", ul, sl) unless Users[data["username"]] == data["password"]
+  next ticket(data["username"], data["service"], Services[data["service"]])
+end
diff --git a/2.1/get_mail.rb b/2.1/get_mail.rb
new file mode 100755
index 0000000..b212aed
--- /dev/null
+++ b/2.1/get_mail.rb
@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+
+require 'net/http'
+require 'uri'
+require 'json'
+
+uri = URI.parse("http://localhost:4568/login")
+
+header = {'Content-Type': 'text/json'}
+
+print "Username: "; un = gets.strip
+print "Ticket: "; t = gets.strip
+
+login = {
+  "username": un,
+  "ticket": t
+}
+
+http = Net::HTTP.new(uri.host, uri.port)
+request = Net::HTTP::Post.new(uri.request_uri, header)
+request.body = login.to_json
+
+response = http.request(request)
+puts response.body
diff --git a/2.1/get_ticket.rb b/2.1/get_ticket.rb
new file mode 100755
index 0000000..932bac1
--- /dev/null
+++ b/2.1/get_ticket.rb
@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+
+require 'net/http'
+require 'uri'
+require 'json'
+require 'io/console'
+
+uri = URI.parse("http://localhost:4567/ticket")
+
+header = {'Content-Type': 'text/json'}
+
+print "Username: "; un = gets.strip
+print "Password: "; pw = STDIN.noecho(&:gets).strip; puts
+print "Service: "; s = gets.strip
+
+login = {
+  "username": un,
+  "password": pw,
+  "service": s
+}
+
+http = Net::HTTP.new(uri.host, uri.port)
+request = Net::HTTP::Post.new(uri.request_uri, header)
+request.body = login.to_json
+
+response = http.request(request)
+puts response.body
diff --git a/2.1/mail.rb b/2.1/mail.rb
new file mode 100755
index 0000000..7a71ffd
--- /dev/null
+++ b/2.1/mail.rb
@@ -0,0 +1,28 @@
+#!/usr/bin/env ruby
+
+require 'openssl'
+require 'securerandom'
+require 'sinatra'
+
+set :port, 4568
+
+Service = "Mail"
+ServicePassword = "{FvM<kgG}VpHxKJO;6Zo"
+
+def decrypt(ticket)
+  ticket = [ticket].pack("H*").unpack("C*").pack("c*")
+  cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt
+  cipher.key = Digest::SHA2.digest(ServicePassword)
+  p = cipher.update(ticket) + cipher.final
+  p.split(?:)
+end
+
+post '/login' do
+  request.body.rewind
+  data = JSON.parse(request.body.read)
+  next "Invalid request\n" unless data.keys.sort == %w(ticket username)
+  un, sn = decrypt(data["ticket"])
+  next "Invalid ticket\n" unless sn == Service
+  next "Invalid ticket\n" unless un == data["username"]
+  "Login okay! You have no mail.\n"
+end
author	Nat Lasseter <user@4574.co.uk>	2025-02-18 15:25:49 +0000
committer	Nat Lasseter <user@4574.co.uk>	2025-02-18 15:25:49 +0000
commit	b50766d496010bf2856dac88d97c236cf5944ae6 (patch)
tree	d8db60dce038de43876ff5544828b92614315e9d /2.1