X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=blobdiff_plain;f=cgi-auth-flexible.pm;h=79e12d3e80e308a31eca672bd04c42c156331919;hp=7542b21afeba6eea6e80f6f90b222fb44c3e4b74;hb=d4cf8c70946f34cc9f46f9b5fe25962df77154ba;hpb=5cdffac4f5d68ed78abe24d045f02cc33ea07ee5 diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm index 7542b21..79e12d3 100644 --- a/cgi-auth-flexible.pm +++ b/cgi-auth-flexible.pm @@ -387,7 +387,8 @@ sub srcdump_dirscan_prepare ($$) { close $reportfh or die $!; srcdump_install($c,$v, $dumpdir, 'licence', 'text/plain'); $!=0; - my @cmd = (qw(tar -zvvcf), "$dumpdir/source.tmp", + my @cmd = (qw(sh -ec), 'exec >&2 "$@"', qw(x), + qw(tar -zvvcf), "$dumpdir/source.tmp", "-C", $dumpdir, qw( --), @srcfiles); my $r = system(@cmd); if ($r) { @@ -791,7 +792,8 @@ sub _check_divert_core ($) { Params => { } }); } - my $cooks = $r->_ch('get_cookie'); + my $cooksraw = $r->_ch('get_cookie'); + my $cooks = $r->_unblind($cooksraw); if ($r->{S}{encrypted_only} && !$r->_ch('is_https')) { return ({ Kind => 'REDIRECT-HTTPS', @@ -801,7 +803,8 @@ sub _check_divert_core ($) { } my $meth = $r->_ch('get_method'); - my $parmh = $r->_rp('assoc_param_name'); + my $parmhraw = $r->_rp('assoc_param_name'); + my $parmh = $r->_unblind($parmhraw); my $cookh = defined $cooks ? $r->hash($cooks) : undef; my ($cookt,$cooku) = $r->_identify($cookh, $cooks); @@ -819,7 +822,9 @@ sub _check_divert_core ($) { return ({ Kind => 'REDIRECT-LOGGEDOUT', Message => $r->_gt("Logging out..."), _CookieRaw => '', - Params => { } }); + Params => { + $r->{S}{loggedout_param_names}[0] => [ 1 ], + } }); } if ($r->_ch('is_loggedout')) { die unless $meth eq 'GET'; @@ -839,7 +844,7 @@ sub _check_divert_core ($) { " enabled. You must enable cookies". " as we use them for login."), _CookieRaw => $r->_fresh_secret(), - Params => $r->_chain_params() }) + Params => $r->chain_params() }) } if (!$cookt || $cookt eq 'n' || $cookh ne $parmh) { $r->_db_revoke($cookh); @@ -857,13 +862,13 @@ sub _check_divert_core ($) { return ({ Kind => 'LOGIN-BAD', Message => $login_errormessage, _CookieRaw => $cooks, - Params => $r->_chain_params() }) + Params => $r->chain_params() }) } $r->_db_record_login_ok($parmh,$username); return ({ Kind => 'REDIRECT-LOGGEDIN', Message => $r->_gt("Logging in..."), _CookieRaw => $cooks, - Params => $r->_chain_params() }); + Params => $r->chain_params() }); } if ($cookt eq 't') { $cookt = ''; @@ -883,7 +888,7 @@ sub _check_divert_core ($) { return ({ Kind => 'LOGIN-INCOMINGLINK', Message => $r->_gt("You need to log in."), _CookieRaw => $news, - Params => $r->_chain_params() }); + Params => $r->chain_params() }); } else { $r->_db_revoke($parmh); return ({ Kind => 'LOGIN-FRESH', @@ -911,20 +916,13 @@ sub _check_divert_core ($) { die unless $cookh eq $parmh; } $r->{ParmT} = $parmt; - $r->{AssocSecret} = $cooks; + $r->{AssocRaw} = $cooks; $r->{UserOK} = $cooku; #print STDERR "C-D-C OK\n"; return undef; } -sub _chain_params ($) { -# =item C<< $authreq->_chain_params() >> -# -# Returns a hash of the "relevant" parameters to this request, in a form -# used by C. This is all of the query parameters -# which are not related to CGI::Auth::Flexible. The PATH_INFO from the -# request is returned as the parameter C<< '' >>. - +sub chain_params ($) { my ($r) = @_; my %p = %{ $r->_ch('get_params') }; foreach my $pncn (keys %{ $r->{S} }) { @@ -1031,16 +1029,17 @@ sub check_divert ($) { $r->{Divert} = $r->_db_transaction(sub { $r->_check_divert_core(); }); $dbh->commit(); - my $cookraw = $r->{_CookieRaw}; - $r->{CookieSecret} = $$cookraw; + my $divert = $r->{Divert}; + my $cookraw = $divert->{_CookieRaw}; + $divert->{CookieSecret} = $r->_blind($cookraw); if ($cookraw) { - $r->{Params}{$r->{S}{assoc_param_name}} = [ - $r->hash($cookraw) + $divert->{Params}{$r->{S}{assoc_param_name}} = [ + $r->_blind($r->hash($cookraw)) ]; } - $r->_debug(Data::Dumper->Dump([$r->{Divert}],[qw(divert)])); - return $r->{Divert}; + $r->_debug(Data::Dumper->Dump([$divert],[qw(divert)])); + return $divert; } sub get_divert ($) { @@ -1100,9 +1099,6 @@ sub check_ok ($) { # for redirects, we honour stored Params and Cookie, # as we would for non-divert if ($kind eq 'REDIRECT-LOGGEDOUT') { - $params->{$r->{S}{loggedout_param_names}[0]} = [ 1 ]; - } elsif ($kind eq 'REDIRECT-LOGOUT') { - $params->{$r->{S}{logout_param_names}[0]} = [ 1 ]; } elsif ($kind =~ m/REDIRECT-(?:LOGGEDIN|HTTPS)/) { } else { die; @@ -1160,6 +1156,40 @@ sub _random ($$) { return $out; } +sub _blind_len ($$) { + my ($r, $str) = @_; + return length($str =~ y/0-9a-f//cdr); +} + +sub _blind_combine ($$$) { + my ($r, $in, $mask) = @_; + my @mask = split //, $mask; + $in =~ s{[0-9a-f]}{ + my $m = shift @mask; + sprintf "%x", hex($m) ^ hex($&); + }ge; + return $in; +} + +sub _blind ($$) { + my ($r, $in) = @_; + return $in unless $in; + my $l = $r->_blind_len($in); + my $mask = $r->_random(($l+1)>>1); + $mask = substr $mask, 0, $l; + my $blound = $r->_blind_combine($in, $mask); + return "$blound.$mask"; +} + +sub _unblind ($$) { + my ($r, $in) = @_; + return $in unless $in; + my ($blound,$mask) = ($in =~ m#^(.*)\.([0-9a-f]+)$#) or die "$in ?"; + my $l = $r->_blind_len($blound); + $l == length($mask) or die "$in ?"; + return $r->_blind_combine($blound, $mask); +} + sub _random_key ($) { my ($r) = @_; #print STDERR "_random_key\n"; @@ -1341,13 +1371,13 @@ sub check_nonpage ($$) { sub secret_cookie_val ($) { my ($r) = @_; $r->_assert_checked(); - return defined $r->{AssocSecret} ? $r->{AssocSecret} : ''; + return defined $r->{AssocRaw} ? $r->_blind($r->{AssocRaw}) : ''; } sub secret_hidden_val ($) { my ($r) = @_; $r->_assert_checked(); - return defined $r->{AssocSecret} ? $r->hash($r->{AssocSecret}) : ''; + return defined $r->{AssocRaw} ? $r->_blind($r->hash($r->{AssocRaw})) : ''; } sub secret_hidden_html ($) {