author | Michael Krelin <hacker@klever.net> | 2009-04-06 20:27:39 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2009-04-06 20:27:39 (UTC) |
commit | 51d8a8a4ac6ef6096c393fd602df34c6bf8f6366 (patch) (side-by-side diff) | |
tree | 8126f60fac6562b14c965e41d19983d81312638a /src/eyetil.cc | |
parent | de964540e5a58b3a9195c642ef7a0745ee3b2344 (diff) | |
download | iii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.zip iii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.tar.gz iii-51d8a8a4ac6ef6096c393fd602df34c6bf8f6366.tar.bz2 |
better nonce generation and session credentials verification
based on the patch from Chris Davies
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | src/eyetil.cc | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/eyetil.cc b/src/eyetil.cc index fe816a6..7669cb6 100644 --- a/src/eyetil.cc +++ b/src/eyetil.cc @@ -1,146 +1,163 @@ #include <stdlib.h> #include <sys/stat.h> #include <syslog.h> #include <iostream> #include <cassert> #include <stdexcept> #include <algorithm> #include <numeric> #include <openssl/md5.h> #include "eyetil.h" +#include "config.h" +#ifdef HAVE_LIBUUID +# include <uuid/uuid.h> +#endif + binary_t& binary_t::from_hex(const std::string& h) { std::string::size_type hs = h.length(); if(hs&1) throw std::runtime_error("odd number of characters in hexadecimal number"); int rvs = hs>>1; resize(rvs); const unsigned char *hp = (const unsigned char*)h.data(); iterator oi=begin(); char t[3] = { 0,0,0 }; for(int i=0;i<rvs;++i) { t[0]=*(hp++); t[1]=*(hp++); *(oi++) = strtol(t,0,16); } return *this; } binary_t& binary_t::from_data(const void *d,size_t s) { resize(s); std::copy((const unsigned char*)d,(const unsigned char *)d+s, begin() ); return *this; } +binary_t& binary_t::make_nonce() { +#ifdef HAVE_LIBUUID + uuid_t uuid; + uuid_generate(uuid); + from_data((unsigned char*)uuid,sizeof(uuid)); +#else + resize(16); + std::generate_n(begin(),16,rand); +#endif /* HAVE_LIBUUID */ + return *this; +} + std::string binary_t::hex() const { std::string rv; rv.reserve((size()<<1)+1); char t[3] = {0,0,0}; for(const_iterator i=begin(),ie=end();i!=ie;++i) { int rc = snprintf(t,sizeof(t),"%02x",*i); assert(rc<sizeof(t)); rv += t; } return rv; } binary_t binary_t::md5() const { binary_t rv(MD5_DIGEST_LENGTH); if(!MD5( (const unsigned char*)&(front()),size(), (unsigned char*)&(rv.front()) )) throw std::runtime_error("failed to md5()"); return rv; } static void make_path_for_template(const std::string& p,mode_t m) { struct stat st; std::string pp; for(std::string::size_type sl=p.find('/',1); sl!=std::string::npos; sl=p.find('/',sl+1)) { if(stat( (pp=p.substr(0,sl)).c_str() ,&st) || !S_ISDIR(st.st_mode)) { if(mkdir(pp.c_str(),m)) throw std::runtime_error("failed to mkdir()"); } } } tmpdir_t::tmpdir_t(const std::string& dt) : dir(dt) { make_path_for_template(dt,0777); if(!mkdtemp((char*)dir.data())) throw std::runtime_error("failed to mkdtmp()"); } tmpdir_t::~tmpdir_t() { assert(!dir.empty()); if(rmdir(dir.c_str())) { syslog(LOG_WARNING,"Failed to remove '%s' directory",dir.c_str()); } } std::string tmpdir_t::get_file(const std::string& f) { std::string::size_type ls = f.rfind('/'); return dir+'/'+( (ls==std::string::npos) ? f : f.substr(ls+1) ); } tarchive_t::tarchive_t(void *p,size_t s) : a(archive_read_new()), e(0) { if(!a) throw std::runtime_error("failed to archive_read_new()"); if(archive_read_support_format_tar(a)) { archive_read_finish(a); throw std::runtime_error("failed to archive_read_support_format_tar()"); } if(archive_read_open_memory(a,p,s)) { archive_read_finish(a); throw std::runtime_error("failed to archive_read_open_memory()"); } } tarchive_t::~tarchive_t() { assert(a); archive_read_finish(a); } bool tarchive_t::read_next_header() { assert(a); return archive_read_next_header(a,&e)==ARCHIVE_OK; } std::string tarchive_t::entry_pathname() { assert(a); assert(e); return archive_entry_pathname(e); } bool tarchive_t::read_data_into_fd(int fd) { assert(a); return archive_read_data_into_fd(a,fd)==ARCHIVE_OK; } #pragma pack(1) struct block512_t { enum { words = 512 / sizeof(uint16_t) }; uint16_t data[words]; static uint16_t tcpcksum(block512_t& data) { uint32_t sum = std::accumulate(data.data,data.data+words,0); while(uint32_t hw = sum>>16) sum = (sum&0xffff)+hw; return ~sum; } }; #pragma pack() binary_t integrity_digest(const void *ptr,size_t size,const std::string& ukey) { binary_t key; key.from_hex(ukey); std::vector<uint16_t> blksums; blksums.reserve(size/sizeof(block512_t)); block512_t *db = (block512_t*)ptr, *de = db + size/sizeof(block512_t); std::transform( db, de, std::back_inserter(blksums), block512_t::tcpcksum ); binary_t subject; subject.from_data((void*)&(blksums.front()),blksums.size()*sizeof(uint16_t)); std::copy( key.begin(), key.end(), std::back_inserter(subject) ); return subject.md5(); } |