1 files changed, 213 insertions, 0 deletions
diff --git a/mcop/md5auth.cc b/mcop/md5auth.cc
new file mode 100644
index 0000000..1e6fe1a
--- /dev/null
+++ b/mcop/md5auth.cc
@@ -0,0 +1,213 @@
+    /*
+
+    Copyright (C) 2000 Stefan Westerfeld
+                       stefan@space.twc.de
+
+    This library is free software; you can redistribute it and/or
+    modify it under the terms of the GNU Library General Public
+    License as published by the Free Software Foundation; either
+    version 2 of the License, or (at your option) any later version.
+  
+    This library is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+    Library General Public License for more details.
+   
+    You should have received a copy of the GNU Library General Public License
+    along with this library; see the file COPYING.LIB.  If not, write to
+    the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+    Boston, MA 02111-1307, USA.
+
+    */
+
+#include <config.h>
+
+#include <sys/utsname.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <assert.h>
+#include <stdlib.h>
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#elif HAVE_SYS_TIME_H
+# include <sys/time.h>
+#else
+# include <time.h>
+#endif
+
+#include "md5.h"
+#include "md5auth.h"
+#include "debug.h"
+
+// MD5_BINARY_LEN is defined in md5.h
+#define MD5_COOKIE_LEN (MD5_BINARY_LEN*2)
+#define MD5_MANGLE_LEN (MD5_COOKIE_LEN*2)
+
+
+
+struct random_info {
+	struct timeval tv;
+	int pid;
+	struct utsname un;
+	char dev_urandom[MD5_BINARY_LEN];
+	char seed[MD5_COOKIE_LEN+1];
+	int number;
+};
+
+static char md5_seed[MD5_COOKIE_LEN+1];
+static char md5_cookie[MD5_COOKIE_LEN+1];
+static int md5_init = 0;
+static int md5_random_cookie_number = 0;
+
+static char *md5_to_ascii_overwrite(char *md5)
+{
+	char outascii[MD5_COOKIE_LEN+1];
+	char *result;
+	int i;
+
+	// convert to readable text
+	for(i = 0; i < MD5_BINARY_LEN; i++) {
+		sprintf(&outascii[i*2],"%02x",md5[i] & 0xff);
+	}
+	outascii[MD5_COOKIE_LEN] = 0;
+	result = strdup(outascii);
+
+	// try to zero out traces
+	memset(md5,0,MD5_BINARY_LEN);
+	memset(outascii,0,MD5_COOKIE_LEN);
+
+	// well, here it is
+	return result;
+}
+
+char *arts_md5_auth_mangle(const char *cookie)
+{
+	char mangle[MD5_MANGLE_LEN+1];
+	char out[MD5_BINARY_LEN];
+	assert(md5_init);
+        
+	// concat the two cookies and mangle them to a new one
+	strncpy(mangle,md5_cookie, MD5_COOKIE_LEN);
+	mangle[MD5_COOKIE_LEN] = 0;
+	strncat(mangle,cookie, MD5_COOKIE_LEN);
+	mangle[MD5_MANGLE_LEN] = 0;
+	arts_md5sum((unsigned char *)mangle,MD5_MANGLE_LEN,out);
+        
+	// try to zero out traces
+	memset(mangle,0,MD5_MANGLE_LEN);
+
+	return md5_to_ascii_overwrite(out);
+}
+
+char *arts_md5_auth_mkcookie()
+{
+	struct random_info r;
+	char out[MD5_BINARY_LEN];
+	int rndfd;
+
+	memset(&r,0,sizeof(struct random_info));
+
+	// collect some "random" system information
+	gettimeofday(&r.tv,0);
+	r.pid = getpid();
+	uname(&r.un);
+
+	// linux random device ; if that works, we have good random anyway, the
+	// above are just helpers for the case that it doesn't
+	rndfd = open("/dev/urandom",O_RDONLY);
+	if(rndfd != -1)
+	{
+		read(rndfd,r.dev_urandom,MD5_BINARY_LEN);
+		close(rndfd);
+	}
+
+	// ensure that two cookies that are  requested very shortly after each
+	// other (so that it looks like "at the same time") won't be the same
+	r.number = ++md5_random_cookie_number;
+
+	// this is some seed from a file which is updated sometimes with a
+	// new "arts_md5_auth_mkcookie()" after initialization
+	strncpy(r.seed,md5_seed,MD5_COOKIE_LEN);
+
+	// build hash value of all information
+	arts_md5sum((unsigned char *)&r,sizeof(struct random_info),out);
+
+	// zero out traces and return
+	memset(&r,0,sizeof(struct random_info));
+	return md5_to_ascii_overwrite(out);
+}
+
+const char *arts_md5_auth_cookie()
+{
+	assert(md5_init);
+	return md5_cookie;
+}
+
+static int md5_load_cookie(const char *filename, char *cookie)
+{
+	int fd = open(filename,O_RDONLY);
+	int i;
+
+	if(fd != -1) {
+		struct stat st;
+		for(i=0;i<5;i++) {
+			fstat(fd,&st);
+			if(st.st_size == MD5_COOKIE_LEN) {
+				lseek(fd, 0, SEEK_SET); 
+				if(read(fd,cookie,MD5_COOKIE_LEN) == MD5_COOKIE_LEN)
+				{
+					cookie[MD5_COOKIE_LEN] = 0;
+					close(fd);
+					return 1;
+				}
+			}
+			arts_warning("MCOP: "
+					"authority file has wrong size (just being written?)");
+			sleep(1);
+		}
+	}
+	return 0;
+}
+
+void arts_md5_auth_init_seed(const char *seedname)
+{
+	// don't care if it works - no harm is being done if it doesn't
+	md5_load_cookie(seedname,md5_seed);
+
+	/*
+	 * maxage ensures that not everybody will try to update the seed
+	 * at the same time, while it will take at most 5 hours between
+	 * updates (if there are any initialization calls)
+	 */
+	struct stat st;
+	int maxage = 300 + (getpid() & 0xfff)*4;
+	int lstat_result = lstat(seedname,&st);
+	if(lstat_result != 0 || (time(0) - st.st_mtime) > maxage)
+	{
+		int fd = open(seedname,O_TRUNC|O_CREAT|O_WRONLY,S_IRUSR|S_IWUSR);
+		if(fd != -1) {
+			char *cookie = arts_md5_auth_mkcookie();
+			write(fd,cookie,strlen(cookie));
+			memset(cookie,0,strlen(cookie));
+			free(cookie);
+			close(fd);
+		}
+	}
+}
+
+bool arts_md5_auth_set_cookie(const char *cookie)
+{
+	if(strlen(cookie) != MD5_COOKIE_LEN)
+		return false;
+
+	strncpy(md5_cookie,cookie,MD5_COOKIE_LEN);
+	md5_cookie[MD5_COOKIE_LEN] = 0;
+	md5_init = 1;
+	return true;
+}