X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/blobdiff_plain/82c01b317cd1892f4376c68be88a74f971493428..5f624baebe43889bb2810720cb9cc6d0812f49cb:/lib/cookies.c

diff --git a/lib/cookies.c b/lib/cookies.c
index 70c8097..c216d86 100644
--- a/lib/cookies.c
+++ b/lib/cookies.c
@@ -1,38 +1,30 @@
 /*
  * This file is part of DisOrder
- * Copyright (C) 2007 Richard Kettlewell
+ * Copyright (C) 2007, 2008 Richard Kettlewell
  *
- * This program is free software; you can redistribute it and/or modify
+ * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * General Public License for more details.
- *
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
  * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 /** @file lib/cookies.c
  * @brief Cookie support
  */
 
-#include <config.h>
-#include "types.h"
+#include "common.h"
 
-#include <stdlib.h>
-#include <string.h>
-#include <stdio.h>
 #include <errno.h>
 #include <time.h>
 #include <gcrypt.h>
-#include <pcre.h>
 
-#include "rights.h"
 #include "cookies.h"
 #include "hash.h"
 #include "mem.h"
@@ -41,8 +33,8 @@
 #include "base64.h"
 #include "configuration.h"
 #include "kvp.h"
-#include "rights.h"
 #include "trackdb.h"
+#include "syscalls.h"
 
 /** @brief Hash function used in signing HMAC */
 #define ALGO GCRY_MD_SHA1
@@ -74,7 +66,7 @@ static int revoked_cleanup_callback(const char *key, void *value,
 static void newkey(void) {
   time_t now;
 
-  time(&now);
+  xtime(&now);
   memcpy(old_signing_key, signing_key, HASHSIZE);
   gcry_randomize(signing_key, HASHSIZE, GCRY_STRONG_RANDOM);
   signing_key_validity_limit = now + config->cookie_key_lifetime;
@@ -106,11 +98,11 @@ static char *sign(const uint8_t *key,
   char *sig64;
 
   if((e = gcry_md_open(&h, ALGO, GCRY_MD_FLAG_HMAC))) {
-    error(0, "gcry_md_open: %s", gcry_strerror(e));
+    disorder_error(0, "gcry_md_open: %s", gcry_strerror(e));
     return 0;
   }
   if((e = gcry_md_setkey(h, key, HASHSIZE))) {
-    error(0, "gcry_md_setkey: %s", gcry_strerror(e));
+    disorder_error(0, "gcry_md_setkey: %s", gcry_strerror(e));
     gcry_md_close(h);
     return 0;
   }
@@ -132,17 +124,17 @@ char *make_cookie(const char *user) {
 
   /* dollar signs aren't allowed in usernames */
   if(strchr(user, '$')) {
-    error(0, "make_cookie for username with dollar sign");
+    disorder_error(0, "make_cookie for username with dollar sign");
     return 0;
   }
   /* look up the password */
   password = trackdb_get_password(user);
   if(!password) {
-    error(0, "make_cookie for nonexistent user");
+    disorder_error(0, "make_cookie for nonexistent user");
     return 0;
   }
   /* make sure we have a valid signing key */
-  time(&now);
+  xtime(&now);
   if(now >= signing_key_validity_limit)
     newkey();
   /* construct the subject */
@@ -172,38 +164,38 @@ char *verify_cookie(const char *cookie, rights_type *rights) {
 
   /* check the revocation list */
   if(revoked && hash_find(revoked, cookie)) {
-    error(0, "attempt to log in with revoked cookie");
+    disorder_error(0, "attempt to log in with revoked cookie");
     return 0;
   }
   /* parse the cookie */
   errno = 0;
   t = strtoimax(cookie, &c1, 16);
   if(errno) {
-    error(errno, "error parsing cookie timestamp");
+    disorder_error(errno, "error parsing cookie timestamp");
     return 0;
   }
   if(*c1 != '$') {
-    error(0, "invalid cookie timestamp");
+    disorder_error(0, "invalid cookie timestamp");
     return 0;
   }
   /* There'd better be two dollar signs */
   c2 = strchr(c1 + 1, '$');
   if(c2 == 0) {
-    error(0, "invalid cookie syntax");
+    disorder_error(0, "invalid cookie syntax");
     return 0;
   }
   /* Extract the username */
   user = xstrndup(c1 + 1, c2 - (c1 + 1));
   /* check expiry */
-  time(&now);
+  xtime(&now);
   if(now >= t) {
-    error(0, "cookie has expired");
+    disorder_error(0, "cookie has expired");
     return 0;
   }
   /* look up the password */
   k = trackdb_getuserinfo(user);
   if(!k) {
-    error(0, "verify_cookie for nonexistent user");
+    disorder_error(0, "verify_cookie for nonexistent user");
     return 0;
   }
   password = kvp_get(k, "password");
@@ -225,7 +217,7 @@ char *verify_cookie(const char *cookie, rights_type *rights) {
   if(!strcmp(sig, c2 + 1))
     return user;
   /* that didn't match either */
-  error(0, "cookie signature does not match");
+  disorder_error(0, "cookie signature does not match");
   return 0;
 }