[thirdparty/cups.git] / scheduler / cert.c

/*
 * "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $"
 *
 *   Authentication certificate routines for the Common UNIX
 *   Printing System (CUPS).
 *
 *   Copyright 1997-2002 by Easy Software Products.
 *
 *   These coded instructions, statements, and computer programs are the
 *   property of Easy Software Products and are protected by Federal
 *   copyright law.  Distribution and use rights are outlined in the file
 *   "LICENSE.txt" which should have been included with this file.  If this
 *   file is missing or damaged please contact Easy Software Products
 *   at:
 *
 *       Attn: CUPS Licensing Information
 *       Easy Software Products
 *       44141 Airport View Drive, Suite 204
 *       Hollywood, Maryland 20636-3111 USA
 *
 *       Voice: (301) 373-9603
 *       EMail: cups-info@cups.org
 *         WWW: http://www.cups.org
 *
 * Contents:
 *
 *   AddCert()        - Add a certificate.
 *   DeleteCert()     - Delete a single certificate.
 *   DeleteAllCerts() - Delete all certificates...
 *   FindCert()       - Find a certificate.
 *   InitCerts()      - Initialize the certificate "system" and root
 *                      certificate.
 */

/*
 * Include necessary headers...
 */

#include "cupsd.h"
#include <grp.h>


/*
 * 'AddCert()' - Add a certificate.
 */

void
AddCert(int        pid,			/* I - Process ID */
        const char *username)		/* I - Username */
{
  int		i;			/* Looping var */
  cert_t	*cert;			/* Current certificate */
  FILE		*fp;			/* Certificate file */
  char		filename[1024];		/* Certificate filename */
  struct group	*grp;			/* System group */
  static const char *hex = "0123456789ABCDEF";
					/* Hex constants... */


 /*
  * Allocate memory for the certificate...
  */

  if ((cert = calloc(sizeof(cert_t), 1)) == NULL)
    return;

 /*
  * Fill in the certificate information...
  */

  cert->pid = pid;
  strncpy(cert->username, username, sizeof(cert->username) - 1);

  for (i = 0; i < 32; i ++)
    cert->certificate[i] = hex[random() & 15];

 /*
  * Save the certificate to a file readable only by the User and Group
  * (or root and SystemGroup for PID == 0)...
  */

  snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid);

  if ((fp = fopen(filename, "w")) == NULL)
  {
    free(cert);
    return;
  }

  if (pid == 0)
  {
   /*
    * Root certificate...
    */

    fchmod(fileno(fp), 0440);

    if ((grp = getgrnam(SystemGroups[0])) == NULL)
      fchown(fileno(fp), getuid(), 0);
    else
      fchown(fileno(fp), getuid(), grp->gr_gid);

    endgrent();

    RootCertTime = time(NULL);
  }
  else
  {
   /*
    * CGI certificate...
    */

    fchmod(fileno(fp), 0400);
    fchown(fileno(fp), User, Group);
  }

  fputs(cert->certificate, fp);
  fclose(fp);

 /*
  * Insert the certificate at the front of the list...
  */

  cert->next = Certs;
  Certs      = cert;
}


/*
 * 'DeleteCert()' - Delete a single certificate.
 */

void
DeleteCert(int pid)			/* I - Process ID */
{
  cert_t	*cert,			/* Current certificate */
		*prev;			/* Previous certificate */
  char		filename[1024];		/* Certificate file */


  for (prev = NULL, cert = Certs; cert != NULL; prev = cert, cert = cert->next)
    if (cert->pid == pid)
    {
     /*
      * Remove this certificate from the list...
      */

      if (prev == NULL)
        Certs = cert->next;
      else
        prev->next = cert->next;

      free(cert);

     /*
      * Delete the file and return...
      */

      snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid);
      unlink(filename);
      return;
    }
}


/*
 * 'DeleteAllCerts()' - Delete all certificates...
 */

void
DeleteAllCerts(void)
{
  cert_t	*cert,			/* Current certificate */
		*next;			/* Next certificate */
  char		filename[1024];		/* Certificate file */


 /*
  * Loop through each certificate, deleting them...
  */

  for (cert = Certs; cert != NULL; cert = next)
  {
   /*
    * Delete the file...
    */

    snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, cert->pid);
    unlink(filename);

   /*
    * Free memory...
    */

    next = cert->next;
    free(cert);
  }

  Certs = NULL;
}


/*
 * 'FindCert()' - Find a certificate.
 */

const char *				/* O - Matching username or NULL */
FindCert(const char *certificate)	/* I - Certificate */
{
  cert_t	*cert;			/* Current certificate */


  for (cert = Certs; cert != NULL; cert = cert->next)
    if (strcasecmp(certificate, cert->certificate) == 0)
      return (cert->username);

  return (NULL);
}


/*
 * 'InitCerts()' - Initialize the certificate "system" and root certificate.
 */

void
InitCerts(void)
{
  FILE		*fp;			/* /dev/random file */
  unsigned	seed;			/* Seed for random number generator */
  struct timeval tod;			/* Time of day */


 /*
  * Initialize the random number generator using the random device or
  * the current time, as available...
  */

  if ((fp = fopen("/dev/urandom", "rb")) == NULL)
  {
   /*
    * Get the time in usecs and use it as the initial seed...
    */

    gettimeofday(&tod, NULL);

    seed = (unsigned)(tod.tv_sec + tod.tv_usec);
  }
  else
  {
   /*
    * Read 4 random characters from the random device and use
    * them as the seed...
    */

    seed = getc(fp);
    seed = (seed << 8) | getc(fp);
    seed = (seed << 8) | getc(fp);
    seed = (seed << 8) | getc(fp);

    fclose(fp);
  }

  srandom(seed);

 /*
  * Create a root certificate and return...
  */

  AddCert(0, "root");
}


/*
 * End of "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $".
 */
Commit	Line	Data
a4ad3a11	1	/*
efb2f309	2	* "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $"
a4ad3a11	3	*
	4	* Authentication certificate routines for the Common UNIX
	5	* Printing System (CUPS).
	6	*
efb2f309	7	* Copyright 1997-2002 by Easy Software Products.
a4ad3a11	8	*
	9	* These coded instructions, statements, and computer programs are the
	10	* property of Easy Software Products and are protected by Federal
	11	* copyright law. Distribution and use rights are outlined in the file
	12	* "LICENSE.txt" which should have been included with this file. If this
	13	* file is missing or damaged please contact Easy Software Products
	14	* at:
	15	*
	16	* Attn: CUPS Licensing Information
	17	* Easy Software Products
	18	* 44141 Airport View Drive, Suite 204
	19	* Hollywood, Maryland 20636-3111 USA
	20	*
	21	* Voice: (301) 373-9603
	22	* EMail: cups-info@cups.org
	23	* WWW: http://www.cups.org
	24	*
	25	* Contents:
	26	*
	27	* AddCert() - Add a certificate.
	28	* DeleteCert() - Delete a single certificate.
	29	* DeleteAllCerts() - Delete all certificates...
	30	* FindCert() - Find a certificate.
	31	* InitCerts() - Initialize the certificate "system" and root
	32	* certificate.
	33	*/
	34
	35	/*
	36	* Include necessary headers...
	37	*/
	38
	39	#include "cupsd.h"
	40	#include <grp.h>
	41
	42
	43	/*
	44	* 'AddCert()' - Add a certificate.
	45	*/
	46
	47	void
	48	AddCert(int pid, /* I - Process ID */
	49	const char username) / I - Username */
	50	{
	51	int i; /* Looping var */
	52	cert_t cert; / Current certificate */
	53	FILE fp; / Certificate file */
	54	char filename[1024]; /* Certificate filename */
	55	struct group grp; / System group */
	56	static const char *hex = "0123456789ABCDEF";
	57	/* Hex constants... */
	58
	59
	60	/*
	61	* Allocate memory for the certificate...
	62	*/
	63
	64	if ((cert = calloc(sizeof(cert_t), 1)) == NULL)
	65	return;
	66
	67	/*
	68	* Fill in the certificate information...
	69	*/
	70
	71	cert->pid = pid;
72	strncpy(cert->username, username, sizeof(cert->username) - 1);
73
74	for (i = 0; i < 32; i ++)
75	cert->certificate[i] = hex[random() & 15];
76
77	/*
78	* Save the certificate to a file readable only by the User and Group
79	* (or root and SystemGroup for PID == 0)...
80	*/
81
a6988fb1	82	snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid);
a4ad3a11	83
	84	if ((fp = fopen(filename, "w")) == NULL)
	85	{
	86	free(cert);
	87	return;
	88	}
	89
	90	if (pid == 0)
	91	{
	92	/*
	93	* Root certificate...
	94	*/
	95
	96	fchmod(fileno(fp), 0440);
	97
b1e1ae04	98	if ((grp = getgrnam(SystemGroups[0])) == NULL)
b6b2ed2a	99	fchown(fileno(fp), getuid(), 0);
a4ad3a11	100	else
b6b2ed2a	101	fchown(fileno(fp), getuid(), grp->gr_gid);
a4ad3a11	102
	103	endgrent();
	104
	105	RootCertTime = time(NULL);
	106	}
	107	else
	108	{
	109	/*
	110	* CGI certificate...
	111	*/
	112
	113	fchmod(fileno(fp), 0400);
	114	fchown(fileno(fp), User, Group);
	115	}
	116
	117	fputs(cert->certificate, fp);
	118	fclose(fp);
	119
	120	/*
	121	* Insert the certificate at the front of the list...
	122	*/
	123
	124	cert->next = Certs;
	125	Certs = cert;
	126	}
	127
	128
	129	/*
	130	* 'DeleteCert()' - Delete a single certificate.
	131	*/
	132
	133	void
	134	DeleteCert(int pid) /* I - Process ID */
	135	{
	136	cert_t cert, / Current certificate */
	137	prev; / Previous certificate */
	138	char filename[1024]; /* Certificate file */
	139
	140
	141	for (prev = NULL, cert = Certs; cert != NULL; prev = cert, cert = cert->next)
	142	if (cert->pid == pid)
	143	{
	144	/*
	145	* Remove this certificate from the list...
	146	*/
	147
	148	if (prev == NULL)
	149	Certs = cert->next;
	150	else
	151	prev->next = cert->next;
	152
	153	free(cert);
	154
	155	/*
	156	* Delete the file and return...
	157	*/
	158
a6988fb1	159	snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid);
a4ad3a11	160	unlink(filename);
	161	return;
	162	}
	163	}
	164
	165
	166	/*
	167	* 'DeleteAllCerts()' - Delete all certificates...
	168	*/
	169
	170	void
	171	DeleteAllCerts(void)
	172	{
	173	cert_t cert, / Current certificate */
	174	next; / Next certificate */
	175	char filename[1024]; /* Certificate file */
	176
	177
	178	/*
	179	* Loop through each certificate, deleting them...
	180	*/
	181
	182	for (cert = Certs; cert != NULL; cert = next)
	183	{
	184	/*
	185	* Delete the file...
	186	*/
	187
a6988fb1	188	snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, cert->pid);
a4ad3a11	189	unlink(filename);
	190
	191	/*
	192	* Free memory...
	193	*/
	194
	195	next = cert->next;
	196	free(cert);
	197	}
	198
	199	Certs = NULL;
	200	}
	201
	202
	203	/*
	204	* 'FindCert()' - Find a certificate.
	205	*/
	206
	207	const char * /* O - Matching username or NULL */
	208	FindCert(const char certificate) / I - Certificate */
	209	{
	210	cert_t cert; / Current certificate */
	211
	212
	213	for (cert = Certs; cert != NULL; cert = cert->next)
	214	if (strcasecmp(certificate, cert->certificate) == 0)
	215	return (cert->username);
	216
	217	return (NULL);
	218	}
	219
	220
	221	/*
	222	* 'InitCerts()' - Initialize the certificate "system" and root certificate.
	223	*/
	224
	225	void
	226	InitCerts(void)
	227	{
9ddb6565	228	FILE fp; / /dev/random file */
9ddb6565	229	unsigned seed; /* Seed for random number generator */
502b2e4a	230	struct timeval tod; /* Time of day */
	231
	232
	233	/*
9ddb6565	234	* Initialize the random number generator using the random device or
9ddb6565	235	* the current time, as available...
502b2e4a	236	*/
502b2e4a	237
23bba0c3	238	if ((fp = fopen("/dev/urandom", "rb")) == NULL)
9ddb6565	239	{
	240	/*
	241	* Get the time in usecs and use it as the initial seed...
	242	*/
	243
	244	gettimeofday(&tod, NULL);
	245
	246	seed = (unsigned)(tod.tv_sec + tod.tv_usec);
	247	}
	248	else
	249	{
	250	/*
	251	* Read 4 random characters from the random device and use
	252	* them as the seed...
	253	*/
	254
	255	seed = getc(fp);
	256	seed = (seed << 8) \| getc(fp);
	257	seed = (seed << 8) \| getc(fp);
	258	seed = (seed << 8) \| getc(fp);
	259
	260	fclose(fp);
	261	}
502b2e4a	262
9ddb6565	263	srandom(seed);
502b2e4a	264
a4ad3a11	265	/*
	266	* Create a root certificate and return...
	267	*/
	268
	269	AddCert(0, "root");
	270	}
	271
	272
	273	/*
efb2f309	274	* End of "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $".
a4ad3a11	275	*/