]>
Commit | Line | Data |
---|---|---|
a4ad3a11 | 1 | /* |
efb2f309 | 2 | * "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $" |
a4ad3a11 | 3 | * |
4 | * Authentication certificate routines for the Common UNIX | |
5 | * Printing System (CUPS). | |
6 | * | |
efb2f309 | 7 | * Copyright 1997-2002 by Easy Software Products. |
a4ad3a11 | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
10 | * property of Easy Software Products and are protected by Federal | |
11 | * copyright law. Distribution and use rights are outlined in the file | |
12 | * "LICENSE.txt" which should have been included with this file. If this | |
13 | * file is missing or damaged please contact Easy Software Products | |
14 | * at: | |
15 | * | |
16 | * Attn: CUPS Licensing Information | |
17 | * Easy Software Products | |
18 | * 44141 Airport View Drive, Suite 204 | |
19 | * Hollywood, Maryland 20636-3111 USA | |
20 | * | |
21 | * Voice: (301) 373-9603 | |
22 | * EMail: cups-info@cups.org | |
23 | * WWW: http://www.cups.org | |
24 | * | |
25 | * Contents: | |
26 | * | |
27 | * AddCert() - Add a certificate. | |
28 | * DeleteCert() - Delete a single certificate. | |
29 | * DeleteAllCerts() - Delete all certificates... | |
30 | * FindCert() - Find a certificate. | |
31 | * InitCerts() - Initialize the certificate "system" and root | |
32 | * certificate. | |
33 | */ | |
34 | ||
35 | /* | |
36 | * Include necessary headers... | |
37 | */ | |
38 | ||
39 | #include "cupsd.h" | |
40 | #include <grp.h> | |
41 | ||
42 | ||
43 | /* | |
44 | * 'AddCert()' - Add a certificate. | |
45 | */ | |
46 | ||
47 | void | |
48 | AddCert(int pid, /* I - Process ID */ | |
49 | const char *username) /* I - Username */ | |
50 | { | |
51 | int i; /* Looping var */ | |
52 | cert_t *cert; /* Current certificate */ | |
53 | FILE *fp; /* Certificate file */ | |
54 | char filename[1024]; /* Certificate filename */ | |
55 | struct group *grp; /* System group */ | |
56 | static const char *hex = "0123456789ABCDEF"; | |
57 | /* Hex constants... */ | |
58 | ||
59 | ||
60 | /* | |
61 | * Allocate memory for the certificate... | |
62 | */ | |
63 | ||
64 | if ((cert = calloc(sizeof(cert_t), 1)) == NULL) | |
65 | return; | |
66 | ||
67 | /* | |
68 | * Fill in the certificate information... | |
69 | */ | |
70 | ||
71 | cert->pid = pid; | |
72 | strncpy(cert->username, username, sizeof(cert->username) - 1); | |
73 | ||
74 | for (i = 0; i < 32; i ++) | |
75 | cert->certificate[i] = hex[random() & 15]; | |
76 | ||
77 | /* | |
78 | * Save the certificate to a file readable only by the User and Group | |
79 | * (or root and SystemGroup for PID == 0)... | |
80 | */ | |
81 | ||
a6988fb1 | 82 | snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid); |
a4ad3a11 | 83 | |
84 | if ((fp = fopen(filename, "w")) == NULL) | |
85 | { | |
86 | free(cert); | |
87 | return; | |
88 | } | |
89 | ||
90 | if (pid == 0) | |
91 | { | |
92 | /* | |
93 | * Root certificate... | |
94 | */ | |
95 | ||
96 | fchmod(fileno(fp), 0440); | |
97 | ||
b1e1ae04 | 98 | if ((grp = getgrnam(SystemGroups[0])) == NULL) |
b6b2ed2a | 99 | fchown(fileno(fp), getuid(), 0); |
a4ad3a11 | 100 | else |
b6b2ed2a | 101 | fchown(fileno(fp), getuid(), grp->gr_gid); |
a4ad3a11 | 102 | |
103 | endgrent(); | |
104 | ||
105 | RootCertTime = time(NULL); | |
106 | } | |
107 | else | |
108 | { | |
109 | /* | |
110 | * CGI certificate... | |
111 | */ | |
112 | ||
113 | fchmod(fileno(fp), 0400); | |
114 | fchown(fileno(fp), User, Group); | |
115 | } | |
116 | ||
117 | fputs(cert->certificate, fp); | |
118 | fclose(fp); | |
119 | ||
120 | /* | |
121 | * Insert the certificate at the front of the list... | |
122 | */ | |
123 | ||
124 | cert->next = Certs; | |
125 | Certs = cert; | |
126 | } | |
127 | ||
128 | ||
129 | /* | |
130 | * 'DeleteCert()' - Delete a single certificate. | |
131 | */ | |
132 | ||
133 | void | |
134 | DeleteCert(int pid) /* I - Process ID */ | |
135 | { | |
136 | cert_t *cert, /* Current certificate */ | |
137 | *prev; /* Previous certificate */ | |
138 | char filename[1024]; /* Certificate file */ | |
139 | ||
140 | ||
141 | for (prev = NULL, cert = Certs; cert != NULL; prev = cert, cert = cert->next) | |
142 | if (cert->pid == pid) | |
143 | { | |
144 | /* | |
145 | * Remove this certificate from the list... | |
146 | */ | |
147 | ||
148 | if (prev == NULL) | |
149 | Certs = cert->next; | |
150 | else | |
151 | prev->next = cert->next; | |
152 | ||
153 | free(cert); | |
154 | ||
155 | /* | |
156 | * Delete the file and return... | |
157 | */ | |
158 | ||
a6988fb1 | 159 | snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, pid); |
a4ad3a11 | 160 | unlink(filename); |
161 | return; | |
162 | } | |
163 | } | |
164 | ||
165 | ||
166 | /* | |
167 | * 'DeleteAllCerts()' - Delete all certificates... | |
168 | */ | |
169 | ||
170 | void | |
171 | DeleteAllCerts(void) | |
172 | { | |
173 | cert_t *cert, /* Current certificate */ | |
174 | *next; /* Next certificate */ | |
175 | char filename[1024]; /* Certificate file */ | |
176 | ||
177 | ||
178 | /* | |
179 | * Loop through each certificate, deleting them... | |
180 | */ | |
181 | ||
182 | for (cert = Certs; cert != NULL; cert = next) | |
183 | { | |
184 | /* | |
185 | * Delete the file... | |
186 | */ | |
187 | ||
a6988fb1 | 188 | snprintf(filename, sizeof(filename), "%s/certs/%d", ServerRoot, cert->pid); |
a4ad3a11 | 189 | unlink(filename); |
190 | ||
191 | /* | |
192 | * Free memory... | |
193 | */ | |
194 | ||
195 | next = cert->next; | |
196 | free(cert); | |
197 | } | |
198 | ||
199 | Certs = NULL; | |
200 | } | |
201 | ||
202 | ||
203 | /* | |
204 | * 'FindCert()' - Find a certificate. | |
205 | */ | |
206 | ||
207 | const char * /* O - Matching username or NULL */ | |
208 | FindCert(const char *certificate) /* I - Certificate */ | |
209 | { | |
210 | cert_t *cert; /* Current certificate */ | |
211 | ||
212 | ||
213 | for (cert = Certs; cert != NULL; cert = cert->next) | |
214 | if (strcasecmp(certificate, cert->certificate) == 0) | |
215 | return (cert->username); | |
216 | ||
217 | return (NULL); | |
218 | } | |
219 | ||
220 | ||
221 | /* | |
222 | * 'InitCerts()' - Initialize the certificate "system" and root certificate. | |
223 | */ | |
224 | ||
225 | void | |
226 | InitCerts(void) | |
227 | { | |
9ddb6565 | 228 | FILE *fp; /* /dev/random file */ |
229 | unsigned seed; /* Seed for random number generator */ | |
502b2e4a | 230 | struct timeval tod; /* Time of day */ |
231 | ||
232 | ||
233 | /* | |
9ddb6565 | 234 | * Initialize the random number generator using the random device or |
235 | * the current time, as available... | |
502b2e4a | 236 | */ |
237 | ||
23bba0c3 | 238 | if ((fp = fopen("/dev/urandom", "rb")) == NULL) |
9ddb6565 | 239 | { |
240 | /* | |
241 | * Get the time in usecs and use it as the initial seed... | |
242 | */ | |
243 | ||
244 | gettimeofday(&tod, NULL); | |
245 | ||
246 | seed = (unsigned)(tod.tv_sec + tod.tv_usec); | |
247 | } | |
248 | else | |
249 | { | |
250 | /* | |
251 | * Read 4 random characters from the random device and use | |
252 | * them as the seed... | |
253 | */ | |
254 | ||
255 | seed = getc(fp); | |
256 | seed = (seed << 8) | getc(fp); | |
257 | seed = (seed << 8) | getc(fp); | |
258 | seed = (seed << 8) | getc(fp); | |
259 | ||
260 | fclose(fp); | |
261 | } | |
502b2e4a | 262 | |
9ddb6565 | 263 | srandom(seed); |
502b2e4a | 264 | |
a4ad3a11 | 265 | /* |
266 | * Create a root certificate and return... | |
267 | */ | |
268 | ||
269 | AddCert(0, "root"); | |
270 | } | |
271 | ||
272 | ||
273 | /* | |
efb2f309 | 274 | * End of "$Id: cert.c,v 1.10 2002/01/02 17:59:13 mike Exp $". |
a4ad3a11 | 275 | */ |