authsrv: use plan9 key for http authentication

in addition to /sys/lib/httppasswords, allow http authentication
to use the plan9 password, which can be changed by the user.

1 files changed, 19 insertions, 23 deletions

diff --git a/sys/src/cmd/auth/authsrv.c b/sys/src/cmd/auth/authsrv.c
index 8255b02ee..bef741a37 100644
--- a/sys/src/cmd/auth/authsrv.c
+++ b/sys/src/cmd/auth/authsrv.c
@@ -297,32 +297,28 @@ http(Ticketreq *tr)
 	Biobuf *b;
 	int n;
 
+	randombytes((uchar*)key, DESKEYLEN);
+
+	/* use plan9 key when there is any */
+	findkey(KEYDB, tr->uid, key);
+
 	n = strlen(tr->uid);
 	b = Bopen("/sys/lib/httppasswords", OREAD);
-	if(b == nil){
-		replyerror("no password file", raddr);
-		return;
-	}
-
-	/* find key */
-	for(;;){
-		p = Brdline(b, '\n');
-		if(p == nil)
-			break;
-		p[Blinelen(b)-1] = 0;
-		if(strncmp(p, tr->uid, n) == 0)
-		if(p[n] == ' ' || p[n] == '\t'){
-			p += n;
-			break;
+	if(b != nil){
+		for(;;){
+			p = Brdline(b, '\n');
+			if(p == nil)
+				break;
+			p[Blinelen(b)-1] = 0;
+			if(strncmp(p, tr->uid, n) == 0)
+			if(p[n] == ' ' || p[n] == '\t'){
+				p += n;
+				while(*p == ' ' || *p == '\t')
+					p++;
+				passtokey(key, p);
+			}
 		}
-	}
-	Bterm(b);
-	if(p == nil) {
-		randombytes((uchar*)key, DESKEYLEN);
-	} else {
-		while(*p == ' ' || *p == '\t')
-			p++;
-		passtokey(key, p);
+		Bterm(b);
 	}
 
 	/* send back a ticket encrypted with the key */