[4.1] Complete

author: Nat Lasseter <user@4574.co.uk> 2025-02-19 22:59:46 +0000
committer: Nat Lasseter <user@4574.co.uk> 2025-02-19 22:59:46 +0000
commit: e532f817c53589de47ead76618677db1ddbb2e48 (patch)
tree: 5dfddef80feae4f9a77d0c79fd2b5c09f3c6a90f /4.1/charon.rb
parent: e160be0ebd55a130d37129714d340726882aac07 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/4.1/charon.rb b/4.1/charon.rb
index ee2a514..a335d50 100755
--- a/4.1/charon.rb
+++ b/4.1/charon.rb
@@ -32,7 +32,7 @@ def ticket(username, ws_address, service)
   sk = SecureRandom.hex.upcase
   p = [sk, username, ws_address, service, 28800, ts].join(?\0)
   s = encrypt(p, Services[service])
-  "#{sk}:28800:#{ts}:#{s}"
+  "#{sk},#{ws_address},28800,#{ts},#{s}"
 end
 
 def noleak(msg, ul, ws)
@@ -65,7 +65,7 @@ post '/ticket' do
   next "Invalid ticket\n" unless Time.now.to_i >= ts
   next "Ticket expired\n" unless Time.now.to_i < (ts + ls)
   begin
-    aun, aws = decrypt(data["authenticator"], sk)
+    aun, aws = decrypt(data["authenticator"], sk).split(?,)
   rescue OpenSSL::Cipher::CipherError
     next "Invalid session key\n"
   end
author	Nat Lasseter <user@4574.co.uk>	2025-02-19 22:59:46 +0000
committer	Nat Lasseter <user@4574.co.uk>	2025-02-19 22:59:46 +0000
commit	e532f817c53589de47ead76618677db1ddbb2e48 (patch)
tree	5dfddef80feae4f9a77d0c79fd2b5c09f3c6a90f /4.1/charon.rb
parent	e160be0ebd55a130d37129714d340726882aac07 (diff)