#include <errno.h>
#include <time.h>
#include <gcrypt.h>
+#include <pcre.h>
#include "cookies.h"
#include "hash.h"
#include "mime.h"
#include "configuration.h"
#include "kvp.h"
+#include "trackdb.h"
/** @brief Hash function used in signing HMAC */
#define ALGO GCRY_MD_SHA1
* @return Cookie or NULL
*/
char *make_cookie(const char *user) {
- char *password;
+ const char *password;
time_t now;
char *b, *bp, *c, *g;
- int n;
/* semicolons aren't allowed in usernames */
if(strchr(user, ';')) {
return 0;
}
/* look up the password */
- for(n = 0; n < config->allow.n
- && strcmp(config->allow.s[n].s[0], user); ++n)
- ;
- if(n >= config->allow.n) {
+ password = trackdb_get_password(user);
+ if(!password) {
error(0, "make_cookie for nonexistent user");
return 0;
}
- password = config->allow.s[n].s[1];
/* make sure we have a valid signing key */
time(&now);
if(now >= signing_key_validity_limit)
char *c1, *c2;
intmax_t t;
time_t now;
- char *user, *bp, *password, *sig;
- int n;
+ char *user, *bp, *sig;
+ const char *password;
/* check the revocation list */
if(revoked && hash_find(revoked, cookie)) {
return 0;
}
/* look up the password */
- for(n = 0; n < config->allow.n
- && strcmp(config->allow.s[n].s[0], user); ++n)
- ;
- if(n >= config->allow.n) {
+ password = trackdb_get_password(user);
+ if(!password) {
error(0, "verify_cookie for nonexistent user");
return 0;
}
- password = config->allow.s[n].s[1];
/* construct the expected subject. We re-encode the timestamp and the
* password. */
byte_xasprintf(&bp, "%jx;%s;%s", t, urlencodestring(user), password);