1 files changed, 14 insertions, 5 deletions

diff --git a/4.1/mail.rb b/4.1/mail.rb
index e8f9cdd..0f5e979 100755
--- a/4.1/mail.rb
+++ b/4.1/mail.rb
@@ -9,18 +9,18 @@ set :port, 4568
 Service = "Mail"
 ServicePassword = "{FvM<kgG}VpHxKJO;6Zo"
 
-def decrypt(ticket)
-  ticket = [ticket].pack("H*").unpack("C*").pack("c*")
+def decrypt(obj, key)
+  ticket = [obj].pack("H*").unpack("C*").pack("c*")
   cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt
-  cipher.key = Digest::SHA2.digest(ServicePassword)
+  cipher.key = Digest::SHA2.digest(key)
   cipher.update(ticket) + cipher.final
 end
 
 post '/login' do
   request.body.rewind
   data = JSON.parse(request.body.read)
-  next "Invalid request\n" unless data.keys.sort == %w(ticket username)
-  un, ws, sn, ls, ts = decrypt(data["ticket"]).split(?\0)
+  next "Invalid request\n" unless data.keys.sort == %w(authenticator ticket username)
+  sk, un, ws, sn, ls, ts = decrypt(data["ticket"], ServicePassword).split(?\0)
   ls = ls.to_i
   ts = ts.to_i
   next "Invalid ticket\n" unless sn == Service
@@ -28,5 +28,14 @@ post '/login' do
   next "Invalid ticket\n" unless ws == request.ip
   next "Invalid ticket\n" unless Time.now.to_i >= ts
   next "Ticket expired\n" unless Time.now.to_i < (ts + ls)
+
+  begin
+    aun, aws = decrypt(data["authenticator"], sk).split(?,)
+  rescue OpenSSL::Cipher::CipherError
+    next "Invalid session key\n"
+  end
+  next "Invalid authenticator\n" unless aun == un
+  next "Invalid authenticator\n" unless aws == ws
+
   "Login okay! You have no mail.\n"
 end