static authn_status ga_check_password(request_rec *r, const char *user,
const char *password)
{
/* Per Apache mod_auth.h:
* Given a username and password, expected to return AUTH_GRANTED
* if we can validate this user/password combination.
*/
authn_google_config_rec *conf = ap_get_module_config(r->per_dir_config,
&authn_google_module);
apr_status_t status=0;
int tm;
int i;
unsigned int truncatedHash = 0;
char *static_pw=0L;
char *correctpw=0L;
if (conf->debugLevel)
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"**** PW AUTH at T=%lu user \"%s\"",apr_time_now()/1000000,user);
int secretLen;
uint8_t *secret = getUserSecret(r,user,&secretLen,&static_pw);
if (!secret)
return AUTH_DENIED;
/***
*** Perform Google Authentication
***/
tm = get_timestamp();
//int code = (int) apr_atoi64(password);
for (i = -(conf->entryWindow); i <= (conf->entryWindow); ++i) {
truncatedHash = computeTimeCode(tm+i,secret,secretLen);
if (static_pw) {
correctpw = apr_pstrcat(r->pool,static_pw,
apr_psprintf(r->pool,"%6.6d",truncatedHash),NULL);
} else {
correctpw = apr_psprintf(r->pool,"%6.6d",truncatedHash);
}
if (conf->debugLevel)
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
"Comparing Authentication @ T=%d Code=%d \"%s\" vs. \"%s\"",tm,truncatedHash,password,correctpw);
if (!apr_strnatcmp(correctpw,password)) {
/**\todo - check to see if time-based code has been invalidated */
addCookie(r,secret,secretLen);
return AUTH_GRANTED;
}
}
if (conf->debugLevel)
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
"DENYING for \"%s\"",password);
return AUTH_DENIED;
}
void Display::start() {
// check flag
if (m_started)
return;
// generate cookie
std::random_device rd;
std::mt19937 gen(rd());
std::uniform_int_distribution<> dis(0, 15);
// resever 32 bytes
m_cookie.reserve(32);
// create a random hexadecimal number
const char *digits = "0123456789abcdef";
for (int i = 0; i < 32; ++i)
m_cookie[i] = digits[dis(gen)];
// generate auth file
addCookie(m_authPath);
// set display server params
m_displayServer->setDisplay(m_display);
m_displayServer->setAuthPath(m_authPath);
// start display server
m_displayServer->start();
if ((daemonApp->configuration()->first || daemonApp->configuration()->autoRelogin()) &&
!daemonApp->configuration()->autoUser().isEmpty() && !daemonApp->configuration()->lastSession().isEmpty()) {
// reset first flag
daemonApp->configuration()->first = false;
// set flags
m_started = true;
// start session
m_authenticator->start(daemonApp->configuration()->autoUser(), daemonApp->configuration()->lastSession());
// return
return;
}
// set socket server name
m_socketServer->setSocket(m_socket);
// start socket server
m_socketServer->start();
// set greeter params
m_greeter->setDisplay(m_display);
m_greeter->setAuthPath(m_authPath);
m_greeter->setSocket(m_socket);
m_greeter->setTheme(QString("%1/%2").arg(daemonApp->configuration()->themesDir()).arg(daemonApp->configuration()->currentTheme()));
// start greeter
m_greeter->start();
// reset first flag
daemonApp->configuration()->first = false;
// set flags
m_started = true;
}
//------------------------------------------------------------------------------
void ofxHTTPBaseRequest::addCookie(const HTTPCookie& cookie) {
addCookie(ofxHTTPCookie(cookie));
}
CookieManager::CookieManager(QWidget *parent)
: QDialog(parent)
, ui(new Ui::CookieManager)
{
setAttribute(Qt::WA_DeleteOnClose);
ui->setupUi(this);
QzTools::centerWidgetOnScreen(this);
if (isRightToLeft()) {
ui->cookieTree->headerItem()->setTextAlignment(0, Qt::AlignRight | Qt::AlignVCenter);
ui->cookieTree->headerItem()->setTextAlignment(1, Qt::AlignRight | Qt::AlignVCenter);
ui->cookieTree->setLayoutDirection(Qt::LeftToRight);
ui->whiteList->setLayoutDirection(Qt::LeftToRight);
ui->blackList->setLayoutDirection(Qt::LeftToRight);
}
// Stored Cookies
connect(ui->cookieTree, SIGNAL(currentItemChanged(QTreeWidgetItem*,QTreeWidgetItem*)), this, SLOT(currentItemChanged(QTreeWidgetItem*,QTreeWidgetItem*)));
connect(ui->removeAll, SIGNAL(clicked()), this, SLOT(removeAll()));
connect(ui->removeOne, SIGNAL(clicked()), this, SLOT(remove()));
connect(ui->close, SIGNAL(clicked(QAbstractButton*)), this, SLOT(close()));
connect(ui->close2, SIGNAL(clicked(QAbstractButton*)), this, SLOT(close()));
connect(ui->close3, SIGNAL(clicked(QAbstractButton*)), this, SLOT(close()));
connect(ui->search, SIGNAL(textChanged(QString)), this, SLOT(filterString(QString)));
// Cookie Filtering
connect(ui->whiteAdd, SIGNAL(clicked()), this, SLOT(addWhitelist()));
connect(ui->whiteRemove, SIGNAL(clicked()), this, SLOT(removeWhitelist()));
connect(ui->blackAdd, SIGNAL(clicked()), this, SLOT(addBlacklist()));
connect(ui->blackRemove, SIGNAL(clicked()), this, SLOT(removeBlacklist()));
// Cookie Settings
Settings settings;
settings.beginGroup("Cookie-Settings");
ui->saveCookies->setChecked(settings.value("allowCookies", true).toBool());
ui->filter3rdParty->setChecked(settings.value("filterThirdPartyCookies", false).toBool());
ui->filterTracking->setChecked(settings.value("filterTrackingCookie", false).toBool());
ui->deleteCookiesOnClose->setChecked(settings.value("deleteCookiesOnClose", false).toBool());
ui->whiteList->addItems(settings.value("whitelist", QStringList()).toStringList());
ui->blackList->addItems(settings.value("blacklist", QStringList()).toStringList());
settings.endGroup();
#if QT_VERSION < QT_VERSION_CHECK(5, 11, 0)
ui->filter3rdParty->hide();
#endif
ui->search->setPlaceholderText(tr("Search"));
ui->cookieTree->setDefaultItemShowMode(TreeWidget::ItemsCollapsed);
ui->cookieTree->sortItems(0, Qt::AscendingOrder);
ui->cookieTree->header()->setDefaultSectionSize(220);
ui->cookieTree->setFocus();
QShortcut* removeShortcut = new QShortcut(QKeySequence("Del"), this);
connect(removeShortcut, SIGNAL(activated()), this, SLOT(deletePressed()));
connect(ui->search, SIGNAL(textChanged(QString)), this, SLOT(filterString(QString)));
connect(mApp->cookieJar(), &CookieJar::cookieAdded, this, &CookieManager::addCookie);
connect(mApp->cookieJar(), &CookieJar::cookieRemoved, this, &CookieManager::removeCookie);
// Load cookies
foreach (const QNetworkCookie &cookie, mApp->cookieJar()->getAllCookies())
addCookie(cookie);
QzTools::setWmClass("Cookies", this);
}
//------------------------------------------------------------------------------
void ofxHTTPBaseRequest::addCookie(const string& name, const string& value, bool isValueEscaped) {
addCookie(HTTPCookie(name, isValueEscaped ? value : HTTPCookie::escape(value)));
}
//
// Reloads all cookies from the file '_filename'.
// On succes 'true' is returned.
// On failure 'false' is returned.
bool KCookieJar::loadCookies(const QString &_filename)
{
FILE *fStream = fopen( QFile::encodeName(_filename), "r");
if (fStream == 0)
{
return false;
}
time_t curTime = time(0);
char *buffer = new char[READ_BUFFER_SIZE];
bool err = false;
err = (fgets(buffer, READ_BUFFER_SIZE, fStream) == 0);
int version = 1;
if (!err)
{
if (strcmp(buffer, "# KDE Cookie File\n") == 0)
{
// version 1
}
else if (sscanf(buffer, "# KDE Cookie File v%d\n", &version) != 1)
{
err = true;
}
}
if (!err)
{
while(fgets(buffer, READ_BUFFER_SIZE, fStream) != 0)
{
char *line = buffer;
// Skip lines which begin with '#' or '['
if ((line[0] == '#') || (line[0] == '['))
continue;
const char *host( parseField(line) );
const char *domain( parseField(line) );
const char *path( parseField(line) );
const char *expStr( parseField(line) );
if (!expStr) continue;
int expDate = (time_t) strtoul(expStr, 0, 10);
const char *verStr( parseField(line) );
if (!verStr) continue;
int protVer = (time_t) strtoul(verStr, 0, 10);
const char *name( parseField(line) );
bool keepQuotes = false;
bool secure = false;
bool httpOnly = false;
bool explicitPath = false;
const char *value = 0;
if ((version == 2) || (protVer >= 200))
{
if (protVer >= 200)
protVer -= 200;
int i = atoi( parseField(line) );
secure = i & 1;
httpOnly = i & 2;
explicitPath = i & 4;
if (i & 8)
name = "";
line[strlen(line)-1] = '\0'; // Strip LF.
value = line;
}
else
{
if (protVer >= 100)
{
protVer -= 100;
keepQuotes = true;
}
value = parseField(line, keepQuotes);
secure = atoi( parseField(line) );
}
// Parse error
if (!value) continue;
// Expired or parse error
if ((expDate == 0) || (expDate < curTime))
continue;
KHttpCookie *cookie = new KHttpCookie(QString::fromLatin1(host),
QString::fromLatin1(domain),
QString::fromLatin1(path),
QString::fromLatin1(name),
QString::fromLatin1(value),
expDate, protVer,
secure, httpOnly, explicitPath);
addCookie(cookie);
}
}
delete [] buffer;
m_cookiesChanged = false;
fclose( fStream);
return err;
}
/////////////////////////////////////////////////////////////////////////////////////////
// static
void LLViewerMedia::removeCookie(const std::string &name, const std::string &domain, const std::string &path )
{
// To remove a cookie, add one with the same name, domain, and path that expires in the past.
addCookie(name, "", domain, LLDate(LLDate::now().secondsSinceEpoch() - 1.0), path);
}
/////////////////////////////////////////////////////////////////////////////////////////
// static
void LLViewerMedia::addSessionCookie(const std::string &name, const std::string &value, const std::string &domain, const std::string &path, bool secure)
{
// A session cookie just has a NULL date.
addCookie(name, value, domain, LLDate(), path, secure);
}
bool HttpMime::addToCookieJar(Url *currentUrl, SafeBuf *sb) {
/// @note Slightly modified from Netscape HTTP Cookie File format
/// Difference is we only have one column for name/value
// http://www.cookiecentral.com/faq/#3.5
// The layout of Netscape's cookies.txt file is such that each line contains one name-value pair.
// An example cookies.txt file may have an entry that looks like this:
// .netscape.com TRUE / FALSE 946684799 NETSCAPE_ID 100103
//
// Each line represents a single piece of stored information. A tab is inserted between each of the fields.
// From left-to-right, here is what each field represents:
//
// domain - The domain that created AND that can read the variable.
// flag - A TRUE/FALSE value indicating if all machines within a given domain can access the variable. This value is set automatically by the browser, depending on the value you set for domain.
// path - The path within the domain that the variable is valid for.
// secure - A TRUE/FALSE value indicating if a secure connection with the domain is needed to access the variable.
// expiration - The UNIX time that the variable will expire on. UNIX time is defined as the number of seconds since Jan 1, 1970 00:00:00 GMT.
// name/value - The name/value of the variable.
/// @todo ALC we should sort cookie-list
// The user agent SHOULD sort the cookie-list in the following order:
// * Cookies with longer paths are listed before cookies with shorter paths.
// * Among cookies that have equal-length path fields, cookies with earlier creation-times are listed
// before cookies with later creation-times.
// fill in cookies from cookieJar
std::map<std::string, httpcookie_t> oldCookies;
const char *cookieJar = sb->getBufStart();
int32_t cookieJarLen = sb->length();
const char *lineStartPos = cookieJar;
const char *lineEndPos = NULL;
while ((lineEndPos = (const char*)memchr(lineStartPos, '\n', cookieJarLen - (lineStartPos - cookieJar))) != NULL) {
const char *currentPos = lineStartPos;
const char *tabPos = NULL;
unsigned fieldCount = 0;
httpcookie_t cookie = {};
while (fieldCount < 5 && (tabPos = (const char*)memchr(currentPos, '\t', lineEndPos - currentPos)) != NULL) {
switch (fieldCount) {
case 0:
// domain
cookie.m_domain = currentPos;
cookie.m_domainLen = tabPos - currentPos;
break;
case 1:
// flag
if (memcmp(currentPos, "TRUE", 4) != 0) {
cookie.m_defaultDomain = true;
}
break;
case 2: {
// path
cookie.m_path = currentPos;
cookie.m_pathLen = tabPos - currentPos;
} break;
case 3:
// secure
cookie.m_secure = (memcmp(currentPos, "TRUE", 4) == 0);
break;
case 4:
// expiration
break;
}
currentPos = tabPos + 1;
++fieldCount;
}
cookie.m_cookie = currentPos;
cookie.m_cookieLen = lineEndPos - currentPos;
const char *equalPos = (const char *)memchr(cookie.m_cookie, '=', cookie.m_cookieLen);
if (equalPos) {
cookie.m_nameLen = equalPos - cookie.m_cookie;
oldCookies[std::string(cookie.m_cookie, cookie.m_nameLen)] = cookie;
}
lineStartPos = lineEndPos + 1;
}
// we don't need to care about the last line (we always end on \n)
SafeBuf newCookieJar;
// add old cookies
for (auto &pair : oldCookies) {
if (m_cookies.find(pair.first) == m_cookies.end()) {
addCookie(pair.second, *currentUrl, &newCookieJar);
}
}
// add new cookies
for (auto &pair : m_cookies) {
addCookie(pair.second, *currentUrl, &newCookieJar);
}
newCookieJar.nullTerm();
// replace old with new
sb->reset();
sb->safeMemcpy(&newCookieJar);
sb->nullTerm();
return true;
}
