/*
* This file is part of DisOrder
- * Copyright (C) 2007 Richard Kettlewell
+ * Copyright (C) 2007, 2008 Richard Kettlewell
*
- * This program is free software; you can redistribute it and/or modify
+ * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
* You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/** @file lib/cookies.c
* @brief Cookie support
*/
-#include <config.h>
-#include "types.h"
+#include "common.h"
-#include <stdlib.h>
-#include <string.h>
-#include <stdio.h>
#include <errno.h>
#include <time.h>
#include <gcrypt.h>
#include <pcre.h>
-#include "rights.h"
#include "cookies.h"
#include "hash.h"
#include "mem.h"
#include "base64.h"
#include "configuration.h"
#include "kvp.h"
-#include "rights.h"
#include "trackdb.h"
+#include "syscalls.h"
/** @brief Hash function used in signing HMAC */
#define ALGO GCRY_MD_SHA1
static void newkey(void) {
time_t now;
- time(&now);
+ xtime(&now);
memcpy(old_signing_key, signing_key, HASHSIZE);
gcry_randomize(signing_key, HASHSIZE, GCRY_STRONG_RANDOM);
signing_key_validity_limit = now + config->cookie_key_lifetime;
return 0;
}
/* make sure we have a valid signing key */
- time(&now);
+ xtime(&now);
if(now >= signing_key_validity_limit)
newkey();
/* construct the subject */
/* Extract the username */
user = xstrndup(c1 + 1, c2 - (c1 + 1));
/* check expiry */
- time(&now);
+ xtime(&now);
if(now >= t) {
error(0, "cookie has expired");
return 0;