]>
git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/cert.c
2 * "$Id: cert.c 4719 2005-09-28 21:12:44Z mike $"
4 * Authentication certificate routines for the Common UNIX
5 * Printing System (CUPS).
7 * Copyright 1997-2005 by Easy Software Products.
9 * These coded instructions, statements, and computer programs are the
10 * property of Easy Software Products and are protected by Federal
11 * copyright law. Distribution and use rights are outlined in the file
12 * "LICENSE.txt" which should have been included with this file. If this
13 * file is missing or damaged please contact Easy Software Products
16 * Attn: CUPS Licensing Information
17 * Easy Software Products
18 * 44141 Airport View Drive, Suite 204
19 * Hollywood, Maryland 20636 USA
21 * Voice: (301) 373-9600
22 * EMail: cups-info@cups.org
23 * WWW: http://www.cups.org
27 * cupsdAddCert() - Add a certificate.
28 * cupsdDeleteCert() - Delete a single certificate.
29 * cupsdDeleteAllCerts() - Delete all certificates...
30 * cupsdFindCert() - Find a certificate.
31 * cupsdInitCerts() - Initialize the certificate "system" and root
36 * Include necessary headers...
43 * 'cupsdAddCert()' - Add a certificate.
47 cupsdAddCert(int pid
, /* I - Process ID */
48 const char *username
) /* I - Username */
50 int i
; /* Looping var */
51 cupsd_cert_t
*cert
; /* Current certificate */
52 int fd
; /* Certificate file */
53 char filename
[1024]; /* Certificate filename */
54 static const char hex
[] = "0123456789ABCDEF";
55 /* Hex constants... */
58 cupsdLogMessage(CUPSD_LOG_DEBUG2
,
59 "cupsdAddCert: adding certificate for pid %d", pid
);
62 * Allocate memory for the certificate...
65 if ((cert
= calloc(sizeof(cupsd_cert_t
), 1)) == NULL
)
69 * Fill in the certificate information...
73 strlcpy(cert
->username
, username
, sizeof(cert
->username
));
75 for (i
= 0; i
< 32; i
++)
76 cert
->certificate
[i
] = hex
[random() & 15];
79 * Save the certificate to a file readable only by the User and Group
80 * (or root and SystemGroup for PID == 0)...
83 snprintf(filename
, sizeof(filename
), "%s/certs/%d", StateDir
, pid
);
86 if ((fd
= open(filename
, O_WRONLY
| O_CREAT
| O_EXCL
, 0400)) < 0)
88 cupsdLogMessage(CUPSD_LOG_ERROR
,
89 "cupsdAddCert: Unable to create certificate file %s - %s",
90 filename
, strerror(errno
));
102 fchown(fd
, RunUser
, SystemGroupIDs
[0]);
104 RootCertTime
= time(NULL
);
113 fchown(fd
, User
, Group
);
116 DEBUG_printf(("ADD pid=%d, username=%s, cert=%s\n", pid
, username
,
119 write(fd
, cert
->certificate
, strlen(cert
->certificate
));
123 * Insert the certificate at the front of the list...
132 * 'cupsdDeleteCert()' - Delete a single certificate.
136 cupsdDeleteCert(int pid
) /* I - Process ID */
138 cupsd_cert_t
*cert
, /* Current certificate */
139 *prev
; /* Previous certificate */
140 char filename
[1024]; /* Certificate file */
143 for (prev
= NULL
, cert
= Certs
; cert
!= NULL
; prev
= cert
, cert
= cert
->next
)
144 if (cert
->pid
== pid
)
147 * Remove this certificate from the list...
150 cupsdLogMessage(CUPSD_LOG_DEBUG2
,
151 "cupsdDeleteCert: removing certificate for pid %d", pid
);
153 DEBUG_printf(("DELETE pid=%d, username=%s, cert=%s\n", cert
->pid
,
154 cert
->username
, cert
->certificate
));
159 prev
->next
= cert
->next
;
164 * Delete the file and return...
167 snprintf(filename
, sizeof(filename
), "%s/certs/%d", StateDir
, pid
);
168 if (unlink(filename
))
169 cupsdLogMessage(CUPSD_LOG_ERROR
,
170 "cupsdDeleteCert: Unable to remove %s!\n", filename
);
178 * 'cupsdDeleteAllCerts()' - Delete all certificates...
182 cupsdDeleteAllCerts(void)
184 cupsd_cert_t
*cert
, /* Current certificate */
185 *next
; /* Next certificate */
186 char filename
[1024]; /* Certificate file */
190 * Loop through each certificate, deleting them...
193 for (cert
= Certs
; cert
!= NULL
; cert
= next
)
199 snprintf(filename
, sizeof(filename
), "%s/certs/%d", StateDir
, cert
->pid
);
200 if (unlink(filename
))
201 cupsdLogMessage(CUPSD_LOG_ERROR
,
202 "cupsdDeleteAllCerts: Unable to remove %s!\n", filename
);
217 * 'cupsdFindCert()' - Find a certificate.
220 const char * /* O - Matching username or NULL */
221 cupsdFindCert(const char *certificate
) /* I - Certificate */
223 cupsd_cert_t
*cert
; /* Current certificate */
226 DEBUG_printf(("cupsdFindCert(certificate=%s)\n", certificate
));
227 for (cert
= Certs
; cert
!= NULL
; cert
= cert
->next
)
228 if (!strcasecmp(certificate
, cert
->certificate
))
230 DEBUG_printf((" returning %s...\n", cert
->username
));
231 return (cert
->username
);
234 DEBUG_puts(" certificate not found!");
241 * 'cupsdInitCerts()' - Initialize the certificate "system" and root
248 cups_file_t
*fp
; /* /dev/random file */
249 unsigned seed
; /* Seed for random number generator */
250 struct timeval tod
; /* Time of day */
254 * Initialize the random number generator using the random device or
255 * the current time, as available...
258 if ((fp
= cupsFileOpen("/dev/urandom", "rb")) == NULL
)
261 * Get the time in usecs and use it as the initial seed...
264 gettimeofday(&tod
, NULL
);
266 seed
= (unsigned)(tod
.tv_sec
+ tod
.tv_usec
);
271 * Read 4 random characters from the random device and use
272 * them as the seed...
275 seed
= cupsFileGetChar(fp
);
276 seed
= (seed
<< 8) | cupsFileGetChar(fp
);
277 seed
= (seed
<< 8) | cupsFileGetChar(fp
);
278 seed
= (seed
<< 8) | cupsFileGetChar(fp
);
286 * Create a root certificate and return...
290 cupsdAddCert(0, "root");
295 * End of "$Id: cert.c 4719 2005-09-28 21:12:44Z mike $".