From: Richard Kettlewell <rjk@greenend.org.uk>
Date: Thu, 10 Jan 2008 21:11:02 +0000 (+0000)
Subject: Web UI nonces are now base64-encoded, and have a shorter key.
X-Git-Tag: 3.0~68
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/commitdiff_plain/f902253a124bd45a5011204ea4f9e6226b12d561

Web UI nonces are now base64-encoded, and have a shorter key.
---

diff --git a/server/dcgi.c b/server/dcgi.c
index 81b6943..b7a8508 100644
--- a/server/dcgi.c
+++ b/server/dcgi.c
@@ -57,6 +57,7 @@
 #include "url.h"
 #include "mime.h"
 #include "sendmail.h"
+#include "base64.h"
 
 char *login_cookie;
 
@@ -73,15 +74,23 @@ struct entry {
   const char *display;
 };
 
+static const char nonce_base64_table[] =
+  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-/*";
+
 static const char *nonce(void) {
-  static unsigned long count;
-  char *s;
-
-  byte_xasprintf(&s, "%lx%lx%lx",
-	   (unsigned long)time(0),
-	   (unsigned long)getpid(),
-	   count++);
-  return s;
+  static uint32_t count;
+
+  struct ndata {
+    uint16_t count;
+    uint16_t pid;
+    uint32_t when;
+  } nd;
+
+  nd.count = count++;
+  nd.pid = (uint32_t)getpid();
+  nd.when = (uint32_t)time(0);
+  return generic_to_base64((void *)&nd, sizeof nd,
+			   nonce_base64_table);
 }
 
 static int compare_entry(const void *a, const void *b) {
diff --git a/templates/choose.html b/templates/choose.html
index db8c257..e466975 100644
--- a/templates/choose.html
+++ b/templates/choose.html
@@ -118,7 +118,7 @@ USA
    @if{@ne{@arg:directory@}{}@}{
    <p class=directoryname>@navigate{@arg:directory@}{/<a
    class=thisdirectory
-   href="@url@?action=choose&#38;directory=@urlquote{@fullname@}@&#38;nonce=@nonce@">@basename@</a>}@:</p>
+   href="@url@?action=choose&#38;directory=@urlquote{@fullname@}@&#38;n=@nonce@">@basename@</a>}@:</p>
    }@
 
    @if{@isdirectories@}{
@@ -129,7 +129,7 @@ USA
     @choose{directories}{
     <p class=directory>
      <a class=directory
-     href="@url@?action=choose&#38;directory=@urlquote{@file@}@&#38;nonce=@nonce@"
+     href="@url@?action=choose&#38;directory=@urlquote{@file@}@&#38;n=@nonce@"
      title="@label:choose.directory@">
      <img class=button
       src="@image:directory@"
@@ -148,13 +148,13 @@ USA
     @choose{files}{
     <p class=file>
     @right{prefs}{<a class=imgprefs
-     href="@url@?action=prefs&#38;0_file=@urlquote{@resolve{@file@}@}@&#38;nonce=@nonce@"
+     href="@url@?action=prefs&#38;0_file=@urlquote{@resolve{@file@}@}@&#38;n=@nonce@"
      ><img class=button
       src="@image:edit@"
       title="@label:choose.prefsverbose@"
       alt="@label:choose.prefs@"></a>}@
      <a class=file
-     href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@"
+     href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@"
      title="@label:choose.play@">@transform{@file@}{track}{display}@</a>
      @if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
      @if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
@@ -162,12 +162,12 @@ USA
     }@
     <p class=allfiles>
      @right{prefs}{<a class=imgprefs
-     href="@url@?action=prefs&#38;directory=@urlquote{@arg:directory@}@&#38;nonce=@nonce@&#38;back=@urlquote{@thisurl@}@"
+     href="@url@?action=prefs&#38;directory=@urlquote{@arg:directory@}@&#38;n=@nonce@&#38;back=@urlquote{@thisurl@}@"
      ><img class=button 
       src="@image:edit@"
       title="@label:choose.allprefsverbose@"
       alt="@label:choose.allprefs@"></a>}@
-     <a class=allfiles href="@url@?action=play&#38;directory=@urlquote{@arg:directory@}@&#38;nonce=@nonce@&#38;back=@urlquote{@thisurl@}@">
+     <a class=allfiles href="@url@?action=play&#38;directory=@urlquote{@arg:directory@}@&#38;n=@nonce@&#38;back=@urlquote{@thisurl@}@">
       @label:choose.playall@
      </a>
     </p>
diff --git a/templates/help.html b/templates/help.html
index 53c6169..135c037 100644
--- a/templates/help.html
+++ b/templates/help.html
@@ -192,9 +192,9 @@ USA
     </table>
 
     <p>This screen has two forms: <a
-    href="@url@?action=choose&#38;nonce=@nonce@">choose</a>, which give
+    href="@url@?action=choose&#38;n=@nonce@">choose</a>, which give
     you all the top-level directories at once, and <a
-    href="@url@?action=choosealpha&#38;nonce=@nonce@">choosealpha</a>,
+    href="@url@?action=choosealpha&#38;n=@nonce@">choosealpha</a>,
     which breaks them down by initial letter.</p>
 
     <p>This screen will may not be available if you are not logged in
diff --git a/templates/new.html b/templates/new.html
index 49746ce..52bac0e 100644
--- a/templates/new.html
+++ b/templates/new.html
@@ -54,14 +54,14 @@ USA
        >@part{short}{album}@</span>}@</td>
      <td class=title>@right{play}{<a class=file
        title="@part{title}@"
-       href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@"
+       href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@"
        >@part{short}{title}@</a>}{<span class=file
        title="@part{title}@"
        >@part{short}{title}@</span>}@</td>
      <td class=length>@length@</td>
 @right{prefs}{
      <td class=imgbutton><a class=imgbutton
-      href="@url@?action=prefs&#38;nonce=@nonce@&#38;0_file=@urlquote{@file@}@"><img
+      href="@url@?action=prefs&#38;n=@nonce@&#38;0_file=@urlquote{@file@}@"><img
        class=button src="@image:edit@"
        title="@label:choose.prefsverbose@"
        alt="@label:choose.prefs@"></a></td>
diff --git a/templates/playing.html b/templates/playing.html
index b53c2c0..c75a7d6 100644
--- a/templates/playing.html
+++ b/templates/playing.html
@@ -35,7 +35,7 @@ USA
     <!-- paused -->
     <span class=button>
     <a class=button
-    href="@url@?action=resume&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=resume&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.resumeverbose@">@label:playing.pause@</a>
     </a>
     </span>
@@ -44,7 +44,7 @@ USA
     <!-- not paused -->
     <span class=button>
     <a class=button
-    href="@url@?action=pause&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=pause&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.pauseverbose@">@label:playing.pause@</a>
     </a>
     </span>
@@ -54,7 +54,7 @@ USA
     <!-- random played enabled -->
     <span class=button>
     <a class=button
-    href="@url@?action=random-disable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=random-disable&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.randomdisableverbose@">@label:playing.random@</a>
     </a>
     </span>
@@ -63,7 +63,7 @@ USA
     <!-- random played disabled -->
     <span class=button>
     <a class=button
-    href="@url@?action=random-enable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=random-enable&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.randomenableverbose@">@label:playing.random@</a>
     </a>
     </span>
@@ -73,7 +73,7 @@ USA
     <!-- playing enabled -->
     <span class=button>
     <a class=button
-    href="@url@?action=disable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=disable&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.disableverbose@">@label:playing.playing@</a>
     </a>
     </span>
@@ -82,7 +82,7 @@ USA
     <!-- playing disabled -->
     <span class=button>
     <a class=button
-    href="@url@?action=enable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=enable&#38;n=@nonce@&#38;mgmt=true"
      title="@label:playing.enableverbose@">@label:playing.playing@</a>
     </a>
     </span>
@@ -157,7 +157,7 @@ USA
        title="@part{title}@">@part{short}{title}@</span></td>
       <td class=length>@length@</td>
       <td class=imgbutton>@if{@scratchable@}{<a class=imgbutton
-       href="@url@?action=scratch&#38;nonce=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
+       href="@url@?action=scratch&#38;n=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
        class=button src="@image:scratch@"
        title="@label:playing.scratchverbose@"
        alt="@label:playing.scratch@"></a>}{<img
@@ -196,7 +196,7 @@ USA
        title="@part{title}@">@part{short}{title}@</span></td>
       <td class=length>@length@</td>
       <td class=imgbutton>@if{@removable@}{<a class=imgbutton
-       href="@url@?action=remove&#38;nonce=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
+       href="@url@?action=remove&#38;n=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
        class=button src="@image:scratch@"
        title="@label:playing.removeverbose@" 
        alt="@label:playing.remove@"></a>}{<img
@@ -220,13 +220,13 @@ USA
      <!-- can move up -->
      <td class=imgbutton>
       <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=2147483647&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=2147483647&#38;mgmt=true"><img
        class=button src="@image:upall@"
        title="@label:playing.upallverbose@"
        alt="@label:playing.upall@"></a>
      <td class=imgbutton>
      <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=1&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=1&#38;mgmt=true"><img
        class=button src="@image:up@"
        title="@label:playing.upverbose@" alt="@label:playing.up@"></a>
          }@
@@ -246,13 +246,13 @@ USA
      <!-- can move down -->
      <td class=imgbutton>
       <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=-2147483647&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=-2147483647&#38;mgmt=true"><img
        class=button src="@image:downall@"
        title="@label:playing.downallverbose@"
        alt="@label:playing.downall@"></a>
      <td class=imgbutton>
      <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=-1&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=-1&#38;mgmt=true"><img
        class=button src="@image:down@"
        title="@label:playing.downverbose@" alt="@label:playing.down@"></a>
          }@
diff --git a/templates/recent.html b/templates/recent.html
index c9e1674..9b46d78 100644
--- a/templates/recent.html
+++ b/templates/recent.html
@@ -61,7 +61,7 @@ USA
      <td class=length>@length@</td>
 @right{prefs}{
      <td class=imgbutton><a class=imgbutton
-      href="@url@?action=prefs&#38;nonce=@nonce@&#38;0_file=@urlquote{@file@}@"><img
+      href="@url@?action=prefs&#38;n=@nonce@&#38;0_file=@urlquote{@file@}@"><img
        class=button src="@image:edit@"
        title="@label:choose.prefsverbose@"
        alt="@label:choose.prefs@"></a></td>
diff --git a/templates/search.html b/templates/search.html
index b534591..ea7a632 100644
--- a/templates/search.html
+++ b/templates/search.html
@@ -52,7 +52,7 @@ USA
       @search{title}{
       <div class="search_title">
        <p class="search_title">Title:
-	<a href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@">@part:title@</a>
+	<a href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@">@part:title@</a>
 	@if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
 	@if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
        </p>
diff --git a/templates/topbar.html b/templates/topbar.html
index 5c6c515..f7019b1 100644
--- a/templates/topbar.html
+++ b/templates/topbar.html
@@ -3,29 +3,29 @@
  href="@url@"
  title="@label:sidebar.playingverbose@">@label:sidebar.playing@</a>
   <a class=@if{@eq{@action@}{recent}@}{activemenu}{inactivemenu}@
- href="@url@?action=recent&amp;nonce=@nonce@"
+ href="@url@?action=recent&amp;n=@nonce@"
  title="@label:sidebar.recentverbose@">@label:sidebar.recent@</a>
   <a class=@if{@eq{@action@}{new}@}{activemenu}{inactivemenu}@
- href="@url@?action=new&amp;nonce=@nonce@"
+ href="@url@?action=new&amp;n=@nonce@"
  title="@label:sidebar.newverbose@">@label:sidebar.new@</a>
 @right{play}{
   <a class=@if{@or{@eq{@action@}{choose}@}
                   {@eq{@action@}{choosealpha}@}@}
               {activemenu}
               {inactivemenu}@
- href="@url@?action=@label:sidebar.choosewhich@&amp;nonce=@nonce@"
+ href="@url@?action=@label:sidebar.choosewhich@&amp;n=@nonce@"
  title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</a>}{
   <span class=invalidmenu
    title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</span>}@
 @right{play}{
   <a class=@if{@eq{@action@}{search}@}{activemenu}{inactivemenu}@
- href="@url@?action=search&amp;nonce=@nonce@"
+ href="@url@?action=search&amp;n=@nonce@"
  title="@label:sidebar.searchverbose@">@label:sidebar.search@</a>}{
   <span class=invalidmenu
    title="@label:sidebar.searchverbose@">@label:sidebar.search@</span>}@
 <!-- disabled by default since now available from 'manage'
   <a class=@if{@eq{@action@}{volume}@}{activemenu}{inactivemenu}@
- href="@url@?action=volume&amp;nonce=@nonce@"
+ href="@url@?action=volume&amp;n=@nonce@"
  title="@label:sidebar.volumeverbose@">@label:sidebar.volume@</a>
 -->
   <a class=@if{@eq{@action@}{manage}@}{activemenu}{inactivemenu}@
@@ -36,13 +36,13 @@
                   {@eq{@action@}{register}@}
                   {@eq{@action@}{reminder}@}
                   {@eq{@action@}{edituser}@}@}{activemenu}{inactivemenu}@
- href="@url@?action=login&amp;nonce=@nonce@"
+ href="@url@?action=login&amp;n=@nonce@"
  title="@label:sidebar.loginverbose@">@label:sidebar.login@</a>
   <a class=@if{@eq{@action@}{help}@}{activemenu}{inactivemenu}@
- href="@url@?action=help&amp;nonce=@nonce@"
+ href="@url@?action=help&amp;n=@nonce@"
  title="@label:sidebar.helpverbose@">@label:sidebar.help@</a>
   <a class=@if{@eq{@action@}{about}@}{activemenu}{inactivemenu}@
- href="@url@?action=about&amp;nonce=@nonce@"
+ href="@url@?action=about&amp;n=@nonce@"
  title="@label:sidebar.aboutverbose@">@label:sidebar.about@</a>
 </p>
 <hr>