summaryrefslogtreecommitdiffabout
path: root/src/eyetil.cc
authorMichael Krelin <hacker@klever.net>2009-04-06 20:27:39 (UTC)
committer Michael Krelin <hacker@klever.net>2009-04-06 20:27:39 (UTC)
commit51d8a8a4ac6ef6096c393fd602df34c6bf8f6366 (patch) (unidiff)
tree8126f60fac6562b14c965e41d19983d81312638a /src/eyetil.cc
parentde964540e5a58b3a9195c642ef7a0745ee3b2344 (diff)
downloadiii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.zip
iii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.tar.gz
iii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.tar.bz2
better nonce generation and session credentials verification
based on the patch from Chris Davies Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (limited to 'src/eyetil.cc') (more/less context) (ignore whitespace changes)
-rw-r--r--src/eyetil.cc17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/eyetil.cc b/src/eyetil.cc
index fe816a6..7669cb6 100644
--- a/src/eyetil.cc
+++ b/src/eyetil.cc
@@ -1,146 +1,163 @@
1#include <stdlib.h> 1#include <stdlib.h>
2#include <sys/stat.h> 2#include <sys/stat.h>
3#include <syslog.h> 3#include <syslog.h>
4#include <iostream> 4#include <iostream>
5#include <cassert> 5#include <cassert>
6#include <stdexcept> 6#include <stdexcept>
7#include <algorithm> 7#include <algorithm>
8#include <numeric> 8#include <numeric>
9#include <openssl/md5.h> 9#include <openssl/md5.h>
10#include "eyetil.h" 10#include "eyetil.h"
11 11
12#include "config.h"
13#ifdef HAVE_LIBUUID
14# include <uuid/uuid.h>
15#endif
16
12binary_t& binary_t::from_hex(const std::string& h) { 17binary_t& binary_t::from_hex(const std::string& h) {
13 std::string::size_type hs = h.length(); 18 std::string::size_type hs = h.length();
14 if(hs&1) 19 if(hs&1)
15 throw std::runtime_error("odd number of characters in hexadecimal number"); 20 throw std::runtime_error("odd number of characters in hexadecimal number");
16 int rvs = hs>>1; 21 int rvs = hs>>1;
17 resize(rvs); 22 resize(rvs);
18 const unsigned char *hp = (const unsigned char*)h.data(); 23 const unsigned char *hp = (const unsigned char*)h.data();
19 iterator oi=begin(); 24 iterator oi=begin();
20 char t[3] = { 0,0,0 }; 25 char t[3] = { 0,0,0 };
21 for(int i=0;i<rvs;++i) { 26 for(int i=0;i<rvs;++i) {
22 t[0]=*(hp++); t[1]=*(hp++); 27 t[0]=*(hp++); t[1]=*(hp++);
23 *(oi++) = strtol(t,0,16); 28 *(oi++) = strtol(t,0,16);
24 } 29 }
25 return *this; 30 return *this;
26} 31}
27 32
28binary_t& binary_t::from_data(const void *d,size_t s) { 33binary_t& binary_t::from_data(const void *d,size_t s) {
29 resize(s); 34 resize(s);
30 std::copy((const unsigned char*)d,(const unsigned char *)d+s, 35 std::copy((const unsigned char*)d,(const unsigned char *)d+s,
31 begin() ); 36 begin() );
32 return *this; 37 return *this;
33} 38}
34 39
40binary_t& binary_t::make_nonce() {
41#ifdef HAVE_LIBUUID
42 uuid_t uuid;
43 uuid_generate(uuid);
44 from_data((unsigned char*)uuid,sizeof(uuid));
45#else
46 resize(16);
47 std::generate_n(begin(),16,rand);
48#endif /* HAVE_LIBUUID */
49 return *this;
50}
51
35std::string binary_t::hex() const { 52std::string binary_t::hex() const {
36 std::string rv; 53 std::string rv;
37 rv.reserve((size()<<1)+1); 54 rv.reserve((size()<<1)+1);
38 char t[3] = {0,0,0}; 55 char t[3] = {0,0,0};
39 for(const_iterator i=begin(),ie=end();i!=ie;++i) { 56 for(const_iterator i=begin(),ie=end();i!=ie;++i) {
40 int rc = snprintf(t,sizeof(t),"%02x",*i); 57 int rc = snprintf(t,sizeof(t),"%02x",*i);
41 assert(rc<sizeof(t)); 58 assert(rc<sizeof(t));
42 rv += t; 59 rv += t;
43 } 60 }
44 return rv; 61 return rv;
45} 62}
46 63
47binary_t binary_t::md5() const { 64binary_t binary_t::md5() const {
48 binary_t rv(MD5_DIGEST_LENGTH); 65 binary_t rv(MD5_DIGEST_LENGTH);
49 if(!MD5( 66 if(!MD5(
50 (const unsigned char*)&(front()),size(), 67 (const unsigned char*)&(front()),size(),
51 (unsigned char*)&(rv.front()) )) 68 (unsigned char*)&(rv.front()) ))
52 throw std::runtime_error("failed to md5()"); 69 throw std::runtime_error("failed to md5()");
53 return rv; 70 return rv;
54} 71}
55 72
56static void make_path_for_template(const std::string& p,mode_t m) { 73static void make_path_for_template(const std::string& p,mode_t m) {
57 struct stat st; 74 struct stat st;
58 std::string pp; 75 std::string pp;
59 for(std::string::size_type sl=p.find('/',1); 76 for(std::string::size_type sl=p.find('/',1);
60 sl!=std::string::npos; 77 sl!=std::string::npos;
61 sl=p.find('/',sl+1)) { 78 sl=p.find('/',sl+1)) {
62 if(stat( (pp=p.substr(0,sl)).c_str() ,&st) 79 if(stat( (pp=p.substr(0,sl)).c_str() ,&st)
63 || !S_ISDIR(st.st_mode)) { 80 || !S_ISDIR(st.st_mode)) {
64 if(mkdir(pp.c_str(),m)) 81 if(mkdir(pp.c_str(),m))
65 throw std::runtime_error("failed to mkdir()"); 82 throw std::runtime_error("failed to mkdir()");
66 } 83 }
67 } 84 }
68} 85}
69 86
70tmpdir_t::tmpdir_t(const std::string& dt) : dir(dt) { 87tmpdir_t::tmpdir_t(const std::string& dt) : dir(dt) {
71 make_path_for_template(dt,0777); 88 make_path_for_template(dt,0777);
72 if(!mkdtemp((char*)dir.data())) 89 if(!mkdtemp((char*)dir.data()))
73 throw std::runtime_error("failed to mkdtmp()"); 90 throw std::runtime_error("failed to mkdtmp()");
74} 91}
75tmpdir_t::~tmpdir_t() { 92tmpdir_t::~tmpdir_t() {
76 assert(!dir.empty()); 93 assert(!dir.empty());
77 if(rmdir(dir.c_str())) { 94 if(rmdir(dir.c_str())) {
78 syslog(LOG_WARNING,"Failed to remove '%s' directory",dir.c_str()); 95 syslog(LOG_WARNING,"Failed to remove '%s' directory",dir.c_str());
79 } 96 }
80} 97}
81 98
82std::string tmpdir_t::get_file(const std::string& f) { 99std::string tmpdir_t::get_file(const std::string& f) {
83 std::string::size_type ls = f.rfind('/'); 100 std::string::size_type ls = f.rfind('/');
84 return dir+'/'+( 101 return dir+'/'+(
85 (ls==std::string::npos) 102 (ls==std::string::npos)
86 ? f 103 ? f
87 : f.substr(ls+1) 104 : f.substr(ls+1)
88 ); 105 );
89} 106}
90 107
91tarchive_t::tarchive_t(void *p,size_t s) : a(archive_read_new()), e(0) { 108tarchive_t::tarchive_t(void *p,size_t s) : a(archive_read_new()), e(0) {
92 if(!a) throw std::runtime_error("failed to archive_read_new()"); 109 if(!a) throw std::runtime_error("failed to archive_read_new()");
93 if(archive_read_support_format_tar(a)) { 110 if(archive_read_support_format_tar(a)) {
94 archive_read_finish(a); 111 archive_read_finish(a);
95 throw std::runtime_error("failed to archive_read_support_format_tar()"); 112 throw std::runtime_error("failed to archive_read_support_format_tar()");
96 } 113 }
97 if(archive_read_open_memory(a,p,s)) { 114 if(archive_read_open_memory(a,p,s)) {
98 archive_read_finish(a); 115 archive_read_finish(a);
99 throw std::runtime_error("failed to archive_read_open_memory()"); 116 throw std::runtime_error("failed to archive_read_open_memory()");
100 } 117 }
101} 118}
102tarchive_t::~tarchive_t() { 119tarchive_t::~tarchive_t() {
103 assert(a); 120 assert(a);
104 archive_read_finish(a); 121 archive_read_finish(a);
105} 122}
106 123
107bool tarchive_t::read_next_header() { 124bool tarchive_t::read_next_header() {
108 assert(a); 125 assert(a);
109 return archive_read_next_header(a,&e)==ARCHIVE_OK; 126 return archive_read_next_header(a,&e)==ARCHIVE_OK;
110} 127}
111 128
112std::string tarchive_t::entry_pathname() { 129std::string tarchive_t::entry_pathname() {
113 assert(a); assert(e); 130 assert(a); assert(e);
114 return archive_entry_pathname(e); 131 return archive_entry_pathname(e);
115} 132}
116 133
117bool tarchive_t::read_data_into_fd(int fd) { 134bool tarchive_t::read_data_into_fd(int fd) {
118 assert(a); 135 assert(a);
119 return archive_read_data_into_fd(a,fd)==ARCHIVE_OK; 136 return archive_read_data_into_fd(a,fd)==ARCHIVE_OK;
120} 137}
121 138
122#pragma pack(1) 139#pragma pack(1)
123struct block512_t { 140struct block512_t {
124 enum { words = 512 / sizeof(uint16_t) }; 141 enum { words = 512 / sizeof(uint16_t) };
125 uint16_t data[words]; 142 uint16_t data[words];
126 143
127 static uint16_t tcpcksum(block512_t& data) { 144 static uint16_t tcpcksum(block512_t& data) {
128 uint32_t sum = std::accumulate(data.data,data.data+words,0); 145 uint32_t sum = std::accumulate(data.data,data.data+words,0);
129 while(uint32_t hw = sum>>16) sum = (sum&0xffff)+hw; 146 while(uint32_t hw = sum>>16) sum = (sum&0xffff)+hw;
130 return ~sum; 147 return ~sum;
131 } 148 }
132 149
133}; 150};
134#pragma pack() 151#pragma pack()
135 152
136binary_t integrity_digest(const void *ptr,size_t size,const std::string& ukey) { 153binary_t integrity_digest(const void *ptr,size_t size,const std::string& ukey) {
137 binary_t key; key.from_hex(ukey); 154 binary_t key; key.from_hex(ukey);
138 std::vector<uint16_t> blksums; blksums.reserve(size/sizeof(block512_t)); 155 std::vector<uint16_t> blksums; blksums.reserve(size/sizeof(block512_t));
139 block512_t *db = (block512_t*)ptr, 156 block512_t *db = (block512_t*)ptr,
140 *de = db + size/sizeof(block512_t); 157 *de = db + size/sizeof(block512_t);
141 std::transform( db, de, std::back_inserter(blksums), block512_t::tcpcksum ); 158 std::transform( db, de, std::back_inserter(blksums), block512_t::tcpcksum );
142 binary_t subject; 159 binary_t subject;
143 subject.from_data((void*)&(blksums.front()),blksums.size()*sizeof(uint16_t)); 160 subject.from_data((void*)&(blksums.front()),blksums.size()*sizeof(uint16_t));
144 std::copy( key.begin(), key.end(), std::back_inserter(subject) ); 161 std::copy( key.begin(), key.end(), std::back_inserter(subject) );
145 return subject.md5(); 162 return subject.md5();
146} 163}