Ejemplo n.º 1
0
static const char *			/* O - New session ID */
cgi_set_sid(void)
{
  char			buffer[512],	/* SID data */
			sid[33];	/* SID string */
  _cups_md5_state_t	md5;		/* MD5 state */
  unsigned char		sum[16];	/* MD5 sum */
  const char		*remote_addr,	/* REMOTE_ADDR */
			*server_name,	/* SERVER_NAME */
			*server_port;	/* SERVER_PORT */


  if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
    remote_addr = "REMOTE_ADDR";
  if ((server_name = getenv("SERVER_NAME")) == NULL)
    server_name = "SERVER_NAME";
  if ((server_port = getenv("SERVER_PORT")) == NULL)
    server_port = "SERVER_PORT";

  CUPS_SRAND(time(NULL));
  snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
           remote_addr, server_name, server_port,
	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255);
  _cupsMD5Init(&md5);
  _cupsMD5Append(&md5, (unsigned char *)buffer, (int)strlen(buffer));
  _cupsMD5Finish(&md5, sum);

  cgiSetCookie(CUPS_SID, httpMD5String(sum, sid), "/", NULL, 0, 0);

  return (cupsGetOption(CUPS_SID, num_cookies, cookies));
}
Ejemplo n.º 2
0
char *					/* O - MD5 sum */
httpMD5(const char *username,		/* I - User name */
        const char *realm,		/* I - Realm name */
        const char *passwd,		/* I - Password string */
	char       md5[33])		/* O - MD5 string */
{
  _cups_md5_state_t	state;		/* MD5 state info */
  unsigned char		sum[16];	/* Sum data */
  char			line[256];	/* Line to sum */


 /*
  * Compute the MD5 sum of the user name, group name, and password.
  */

  snprintf(line, sizeof(line), "%s:%s:%s", username, realm, passwd);
  _cupsMD5Init(&state);
  _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
  _cupsMD5Finish(&state, sum);

 /*
  * Return the sum...
  */

  return (httpMD5String(sum, md5));
}
Ejemplo n.º 3
0
char *					/* O - New sum */
httpMD5Final(const char *nonce,		/* I - Server nonce value */
             const char *method,	/* I - METHOD (GET, POST, etc.) */
	     const char *resource,	/* I - Resource path */
             char       md5[33])	/* IO - MD5 sum */
{
  _cups_md5_state_t	state;		/* MD5 state info */
  unsigned char		sum[16];	/* Sum data */
  char			line[1024];	/* Line of data */
  char			a2[33];		/* Hash of method and resource */


 /*
  * First compute the MD5 sum of the method and resource...
  */

  snprintf(line, sizeof(line), "%s:%s", method, resource);
  _cupsMD5Init(&state);
  _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
  _cupsMD5Finish(&state, sum);
  httpMD5String(sum, a2);

 /*
  * Then combine A1 (MD5 of username, realm, and password) with the nonce
  * and A2 (method + resource) values to get the final MD5 sum for the
  * request...
  */

  snprintf(line, sizeof(line), "%s:%s:%s", md5, nonce, a2);

  _cupsMD5Init(&state);
  _cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
  _cupsMD5Finish(&state, sum);

  return (httpMD5String(sum, md5));
}
Ejemplo n.º 4
0
size_t					/* O - Total size of credentials string */
httpCredentialsString(
    cups_array_t *credentials,		/* I - Credentials */
    char         *buffer,		/* I - Buffer or @code NULL@ */
    size_t       bufsize)		/* I - Size of buffer */
{
  http_credential_t	*first;		/* First certificate */
  gnutls_x509_crt_t	cert;		/* Certificate */


  DEBUG_printf(("httpCredentialsString(credentials=%p, buffer=%p, bufsize=" CUPS_LLFMT ")", credentials, buffer, CUPS_LLCAST bufsize));

  if (!buffer)
    return (0);

  if (buffer && bufsize > 0)
    *buffer = '\0';

  if ((first = (http_credential_t *)cupsArrayFirst(credentials)) != NULL &&
      (cert = http_gnutls_create_credential(first)) != NULL)
  {
    char		name[256];	/* Common name associated with cert */
    size_t		namelen;	/* Length of name */
    time_t		expiration;	/* Expiration date of cert */
    _cups_md5_state_t	md5_state;	/* MD5 state */
    unsigned char	md5_digest[16];	/* MD5 result */

    namelen = sizeof(name) - 1;
    if (gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, name, &namelen) >= 0)
      name[namelen] = '\0';
    else
      strlcpy(name, "unknown", sizeof(name));

    expiration = gnutls_x509_crt_get_expiration_time(cert);

    _cupsMD5Init(&md5_state);
    _cupsMD5Append(&md5_state, first->data, (int)first->datalen);
    _cupsMD5Finish(&md5_state, md5_digest);

    snprintf(buffer, bufsize, "%s / %s / %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X", name, httpGetDateString(expiration), md5_digest[0], md5_digest[1], md5_digest[2], md5_digest[3], md5_digest[4], md5_digest[5], md5_digest[6], md5_digest[7], md5_digest[8], md5_digest[9], md5_digest[10], md5_digest[11], md5_digest[12], md5_digest[13], md5_digest[14], md5_digest[15]);

    gnutls_x509_crt_deinit(cert);
  }

  DEBUG_printf(("1httpCredentialsString: Returning \"%s\".", buffer));

  return (strlen(buffer));
}