static const char * /* O - New session ID */
cgi_set_sid(void)
{
char buffer[512], /* SID data */
sid[33]; /* SID string */
_cups_md5_state_t md5; /* MD5 state */
unsigned char sum[16]; /* MD5 sum */
const char *remote_addr, /* REMOTE_ADDR */
*server_name, /* SERVER_NAME */
*server_port; /* SERVER_PORT */
if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
remote_addr = "REMOTE_ADDR";
if ((server_name = getenv("SERVER_NAME")) == NULL)
server_name = "SERVER_NAME";
if ((server_port = getenv("SERVER_PORT")) == NULL)
server_port = "SERVER_PORT";
CUPS_SRAND(time(NULL));
snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
remote_addr, server_name, server_port,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
(unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255);
_cupsMD5Init(&md5);
_cupsMD5Append(&md5, (unsigned char *)buffer, (int)strlen(buffer));
_cupsMD5Finish(&md5, sum);
cgiSetCookie(CUPS_SID, httpMD5String(sum, sid), "/", NULL, 0, 0);
return (cupsGetOption(CUPS_SID, num_cookies, cookies));
}
char * /* O - MD5 sum */
httpMD5(const char *username, /* I - User name */
const char *realm, /* I - Realm name */
const char *passwd, /* I - Password string */
char md5[33]) /* O - MD5 string */
{
_cups_md5_state_t state; /* MD5 state info */
unsigned char sum[16]; /* Sum data */
char line[256]; /* Line to sum */
/*
* Compute the MD5 sum of the user name, group name, and password.
*/
snprintf(line, sizeof(line), "%s:%s:%s", username, realm, passwd);
_cupsMD5Init(&state);
_cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
_cupsMD5Finish(&state, sum);
/*
* Return the sum...
*/
return (httpMD5String(sum, md5));
}
char * /* O - New sum */
httpMD5Final(const char *nonce, /* I - Server nonce value */
const char *method, /* I - METHOD (GET, POST, etc.) */
const char *resource, /* I - Resource path */
char md5[33]) /* IO - MD5 sum */
{
_cups_md5_state_t state; /* MD5 state info */
unsigned char sum[16]; /* Sum data */
char line[1024]; /* Line of data */
char a2[33]; /* Hash of method and resource */
/*
* First compute the MD5 sum of the method and resource...
*/
snprintf(line, sizeof(line), "%s:%s", method, resource);
_cupsMD5Init(&state);
_cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
_cupsMD5Finish(&state, sum);
httpMD5String(sum, a2);
/*
* Then combine A1 (MD5 of username, realm, and password) with the nonce
* and A2 (method + resource) values to get the final MD5 sum for the
* request...
*/
snprintf(line, sizeof(line), "%s:%s:%s", md5, nonce, a2);
_cupsMD5Init(&state);
_cupsMD5Append(&state, (unsigned char *)line, (int)strlen(line));
_cupsMD5Finish(&state, sum);
return (httpMD5String(sum, md5));
}
size_t /* O - Total size of credentials string */
httpCredentialsString(
cups_array_t *credentials, /* I - Credentials */
char *buffer, /* I - Buffer or @code NULL@ */
size_t bufsize) /* I - Size of buffer */
{
http_credential_t *first; /* First certificate */
gnutls_x509_crt_t cert; /* Certificate */
DEBUG_printf(("httpCredentialsString(credentials=%p, buffer=%p, bufsize=" CUPS_LLFMT ")", credentials, buffer, CUPS_LLCAST bufsize));
if (!buffer)
return (0);
if (buffer && bufsize > 0)
*buffer = '\0';
if ((first = (http_credential_t *)cupsArrayFirst(credentials)) != NULL &&
(cert = http_gnutls_create_credential(first)) != NULL)
{
char name[256]; /* Common name associated with cert */
size_t namelen; /* Length of name */
time_t expiration; /* Expiration date of cert */
_cups_md5_state_t md5_state; /* MD5 state */
unsigned char md5_digest[16]; /* MD5 result */
namelen = sizeof(name) - 1;
if (gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, name, &namelen) >= 0)
name[namelen] = '\0';
else
strlcpy(name, "unknown", sizeof(name));
expiration = gnutls_x509_crt_get_expiration_time(cert);
_cupsMD5Init(&md5_state);
_cupsMD5Append(&md5_state, first->data, (int)first->datalen);
_cupsMD5Finish(&md5_state, md5_digest);
snprintf(buffer, bufsize, "%s / %s / %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X", name, httpGetDateString(expiration), md5_digest[0], md5_digest[1], md5_digest[2], md5_digest[3], md5_digest[4], md5_digest[5], md5_digest[6], md5_digest[7], md5_digest[8], md5_digest[9], md5_digest[10], md5_digest[11], md5_digest[12], md5_digest[13], md5_digest[14], md5_digest[15]);
gnutls_x509_crt_deinit(cert);
}
DEBUG_printf(("1httpCredentialsString: Returning \"%s\".", buffer));
return (strlen(buffer));
}
