+ my ($raw_user, $pass) = split /:/, MIME::Base64::decode_base64($auth);
+ my ($user, $takenby) = extract_takenby($raw_user);
+
+ my $ref = $dbh->selectrow_hashref('SELECT cryptpassword FROM users WHERE username=? AND vhost=?',
+ undef, $user, Sesse::pr0n::Common::get_server_name($r));
+ my $bcrypt_matches = 0;
+ if (!defined($ref) || Crypt::Eksblowfish::Bcrypt::bcrypt($pass, $ref->{'cryptpassword'}) ne $ref->{'cryptpassword'}) {
+ $r->content_type('text/plain; charset=utf-8');
+ log_warn($r, "Authentication failed for $user/$takenby");
+ return undef;
+ }
+ log_info($r, "Authentication succeeded for $user/$takenby");
+
+ return ($user, $takenby);
+}
+
+sub get_pseudorandom_bytes {
+ my $num_left = shift;
+ my $bytes = "";
+ open my $randfh, "<", "/dev/urandom"
+ or die "/dev/urandom: $!";
+ binmode $randfh;
+ while ($num_left > 0) {
+ my $tmp;
+ if (sysread($randfh, $tmp, $num_left) == -1) {
+ die "sysread(/dev/urandom): $!";
+ }
+ $bytes .= $tmp;
+ $num_left -= length($bytes);
+ }
+ close $randfh;
+ return $bytes;
+}
+
+sub extract_takenby {
+ my ($user) = shift;