bool CUserList::addUser( const wxString& user, const wxString& password, const wxString& fullname, const wxString& strNote, const vscpEventFilter *pFilter, const wxString& userRights, const wxString& allowedRemotes, const wxString& allowedEvents, uint32_t bFlags ) { char buf[ 512 ]; char *pErrMsg = 0; sqlite3_stmt *ppStmt; // Cant add user with name that is already defined. if ( NULL!= m_userhashmap[ user ] ) { return false; } // Check if database is open if ( NULL == gpobj->m_db_vscp_daemon ) { gpobj->logMsg( _("Failed to read VSCP settings database - not open.") ); return false; } // New user item CUserItem *pItem = new CUserItem; if (NULL == pItem) return false; pItem->setUserID( 0 ); if ( VSCP_ADD_USER_FLAG_LOCAL & bFlags ) { pItem->setUserID( m_cntLocaluser ); // Never save to DB m_cntLocaluser--; } if ( VSCP_ADD_USER_FLAG_ADMIN & bFlags ) { pItem->setUserID( 0 ); // The one and only admin user bFlags |= VSCP_ADD_USER_FLAG_LOCAL; // Admin users should not be added to database } if ( VSCP_ADD_USER_FLAG_ADMIN & bFlags ) { pItem->setUserID( 0 ); // The one and only admin user } // Check if user is defined already if ( pItem->isUserInDB( user ) ) { delete pItem; return false; } // MD5 Token wxString driverhash = user; driverhash += _(":"); driverhash += wxString::FromUTF8( gpobj->m_authDomain ); driverhash += _(":"); driverhash += password; memset( buf, 0, sizeof( buf ) ); strncpy( buf, (const char *)driverhash.mbc_str(), driverhash.Length() ); char digest[33]; memset( digest, 0, sizeof( digest ) ); cs_md5( digest, buf, strlen(buf), NULL ); pItem->setPasswordDomain( wxString::FromUTF8( digest ) ); pItem->setUser( user ); pItem->fixName(); pItem->setPassword( password ); pItem->setFullname( fullname ); pItem->setNote( strNote ); pItem->setFilter( pFilter ); pItem->setUserRightsFromString( userRights ); pItem->setAllowedRemotesFromString( allowedRemotes ); pItem->setAllowedEventsFromString( allowedEvents ); // Add to the map m_userhashmap[ user ] = pItem; // Clear filter if (NULL != pFilter) { pItem->setFilter( pFilter ); } // Save to database if ( !( VSCP_ADD_USER_FLAG_LOCAL & bFlags ) ) { pItem->saveToDatabase(); } return true; }
// Generate session ID. buf must be 33 bytes in size. // Note that it is easy to steal session cookies by sniffing traffic. // This is why all communication must be SSL-ed. static void generate_session_id(char *buf, const char *random, const char *user) { cs_md5(buf, random, strlen(random), user, strlen(user), NULL); }