Changeset 4398
- Timestamp:
- 01/10/11 22:10:52 (13 years ago)
- Location:
- trunk
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/globals.h
r4394 r4398 1240 1240 extern void *cs_realloc(void *result, size_t size, int quiterror); 1241 1241 #ifdef WEBIF 1242 extern int x2i(int i);1243 extern void urldecode(char *s);1244 1242 extern char to_hex(char code); 1245 extern char *urlencode(char *str); 1246 extern void char_to_hex(const unsigned char* p_array, unsigned int p_array_len, unsigned char *result, char hex2ascii[256][2]); 1243 extern void char_to_hex(const unsigned char* p_array, unsigned int p_array_len, unsigned char *result); 1247 1244 extern void create_rand_str(char *dst, int size); 1248 1245 #endif -
trunk/oscam-http-helpers.c
r4388 r4398 295 295 unsigned char md5tmp[MD5_DIGEST_LENGTH]; 296 296 sprintf(noncetmp, "%d:%s", (int)time(NULL)/AUTHNONCEVALIDSECS, noncekey); 297 char_to_hex(MD5((unsigned char*)noncetmp, strlen(noncetmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)result , hex2ascii);297 char_to_hex(MD5((unsigned char*)noncetmp, strlen(noncetmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)result); 298 298 } 299 299 … … 345 345 unsigned char md5tmp[MD5_DIGEST_LENGTH]; 346 346 sprintf(A1tmp, "%s:%s:%s", username, AUTHREALM, expectedPassword); 347 char_to_hex(MD5((unsigned char*)A1tmp, strlen(A1tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A1 , hex2ascii);347 char_to_hex(MD5((unsigned char*)A1tmp, strlen(A1tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A1); 348 348 349 349 char A2tmp[2 + strlen(method) + strlen(uri)]; 350 350 sprintf(A2tmp, "%s:%s", method, uri); 351 char_to_hex(MD5((unsigned char*)A2tmp, strlen(A2tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A2 , hex2ascii);351 char_to_hex(MD5((unsigned char*)A2tmp, strlen(A2tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A2); 352 352 353 353 char A3tmp[10 + strlen(A1) + strlen(A2) + strlen(authnonce) + strlen(authnc) + strlen(authcnonce)]; 354 354 sprintf(A3tmp, "%s:%s:%s:%s:auth:%s", A1, authnonce, authnc, authcnonce, A2); 355 char_to_hex(MD5((unsigned char*)A3tmp, strlen(A3tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A3 , hex2ascii);355 char_to_hex(MD5((unsigned char*)A3tmp, strlen(A3tmp), md5tmp), MD5_DIGEST_LENGTH, (unsigned char*)A3); 356 356 357 357 if(strcmp(A3, authresponse) == 0) { … … 387 387 } 388 388 389 void send_headers(FILE *f, int status, char *title, char *extra, char *mime){ 390 389 void send_headers(FILE *f, int status, char *title, char *extra, char *mime, int cache){ 391 390 time_t now; 392 391 char timebuf[32]; … … 407 406 pos += sprintf(pos, "Content-Type: %s\r\n", mime); 408 407 409 pos += sprintf(pos, "Cache-Control: no-store, no-cache, must-revalidate\r\n"); 410 pos += sprintf(pos, "Expires: Sat, 26 Jul 1997 05:00:00 GMT\r\n"); 408 if(!cache){ 409 pos += sprintf(pos, "Cache-Control: no-store, no-cache, must-revalidate\r\n"); 410 pos += sprintf(pos, "Expires: Sat, 26 Jul 1997 05:00:00 GMT\r\n"); 411 } else { 412 pos += sprintf(pos, "Cache-Control: public, max-age=7200"); 413 } 411 414 pos += sprintf(pos, "Last-Modified: %s\r\n", timebuf); 412 415 pos += sprintf(pos, "Connection: close\r\n"); … … 452 455 char buf[(2* strlen(title)) + strlen(text) + 128]; 453 456 char *pos = buf; 454 send_headers(f, status, title, extra, "text/html" );457 send_headers(f, status, title, extra, "text/html", 0); 455 458 pos += sprintf(pos, "<HTML><HEAD><TITLE>%d %s</TITLE></HEAD>\r\n", status, title); 456 459 pos += sprintf(pos, "<BODY><H4>%d %s</H4>\r\n", status, title); … … 472 475 } 473 476 474 char *getParamDef(struct uriparams *params, char *name, char* def){ 475 int i; 476 for(i=(*params).paramcount-1; i>=0; --i){ 477 if(strcmp((*params).params[i], name) == 0) return (*params).values[i]; 478 } 479 return def; 477 /* Helper function for urldecode.*/ 478 int x2i(int i){ 479 i=toupper(i); 480 i = i - '0'; 481 if(i > 9) i = i - 'A' + '9' + 1; 482 return i; 483 } 484 485 /* Decodes values in a http url. Note: The original value is modified! */ 486 void urldecode(char *s){ 487 int c, c1, n; 488 char *s0,*t; 489 t = s0 = s; 490 n = strlen(s); 491 while(n >0){ 492 c = *s++; 493 if(c == '+') c = ' '; 494 else if(c == '%' && n > 2){ 495 c = *s++; 496 c1 = c; 497 c = *s++; 498 c = 16*x2i(c1) + x2i(c); 499 n -= 2; 500 } 501 *t++ = c; 502 n--; 503 } 504 *t = 0; 505 } 506 507 /* Encode values in a http url. Do not call free() or realloc on the returned reference or you will get memory corruption! */ 508 char *urlencode(struct templatevars *vars, char *str){ 509 char buf[strlen(str) * 3 + 1]; 510 char *pstr = str, *pbuf = buf; 511 while (*pstr) { 512 if (isalnum(*pstr) || *pstr == '-' || *pstr == '_' || *pstr == '.' || *pstr == '~') *pbuf++ = *pstr; 513 else if (*pstr == ' ') *pbuf++ = '+'; 514 else { 515 *pbuf++ = '%'; 516 *pbuf++ = to_hex(*pstr >> 4); 517 *pbuf++ = to_hex(*pstr & 15); 518 } 519 ++pstr; 520 } 521 *pbuf = '\0'; 522 /* Allocate the needed memory size and store it in the templatevars */ 523 if(!cs_malloc(&pbuf, strlen(buf) + 1, -1)) return ""; 524 memcpy(pbuf, buf, strlen(buf) + 1); 525 return tpl_addTmp(vars, pbuf); 480 526 } 481 527 -
trunk/oscam-http.c
r4395 r4398 729 729 730 730 tpl_addVar(vars, 0, "READERNAME", xml_encode(vars, rdr->label)); 731 tpl_addVar(vars, 0, "READERNAMEENC", tpl_addTmp(vars, urlencode(rdr->label)));731 tpl_addVar(vars, 0, "READERNAMEENC", urlencode(vars, rdr->label)); 732 732 tpl_printf(vars, 0, "EMMERRORUK", "%d", rdr->emmerror[UNKNOWN]); 733 733 tpl_printf(vars, 0, "EMMERRORG", "%d", rdr->emmerror[GLOBAL]); … … 1708 1708 tpl_addVar(vars, 0, "CLASSNAME", classname); 1709 1709 tpl_addVar(vars, 0, "USER", xml_encode(vars, account->usr)); 1710 tpl_addVar(vars, 0, "USERENC", tpl_addTmp(vars, urlencode(account->usr)));1710 tpl_addVar(vars, 0, "USERENC", urlencode(vars, account->usr)); 1711 1711 tpl_addVar(vars, 0, "DESCRIPTION", xml_encode(vars, account->description)); 1712 1712 tpl_addVar(vars, 0, "STATUS", status); … … 1969 1969 } 1970 1970 1971 if(getParamDef(params, "hide", NULL)) { 1971 char *hide = getParam(params, "hide"); 1972 if(strlen(hide) > 0) { 1972 1973 ulong clidx; 1973 clidx = atol( getParamDef(params, "hide", NULL));1974 clidx = atol(hide); 1974 1975 struct s_client *hideidx = get_client_by_tid(clidx); 1975 1976 if(hideidx) … … 2064 2065 else if((cl->typ == 'p') && !cfg->http_readonly) { 2065 2066 if(cfg->http_js_icons) 2066 tpl_printf(vars, 0, "CSIDX", "<A HREF=\"status.html?action=restart&label=%s\" TITLE=\"Restart this reader/ proxy\"><IMG HEIGHT=\"16\" WIDTH=\"16\" ID=\"ICKIL\" SRC=\"\" ALT=\"Restart\"></A>", cl->reader->label);2067 tpl_printf(vars, 0, "CSIDX", "<A HREF=\"status.html?action=restart&label=%s\" TITLE=\"Restart this reader/ proxy\"><IMG HEIGHT=\"16\" WIDTH=\"16\" ID=\"ICKIL\" SRC=\"\" ALT=\"Restart\"></A>", urlencode(vars, cl->reader->label)); 2067 2068 else 2068 tpl_printf(vars, 0, "CSIDX", "<A HREF=\"status.html?action=restart&label=%s\" TITLE=\"Restart this reader/ proxy\"><IMG HEIGHT=\"16\" WIDTH=\"16\" ID=\"ICKIL\" SRC=\"%s\" ALT=\"Restart\"></A>", cl->reader->label, ICKIL);2069 tpl_printf(vars, 0, "CSIDX", "<A HREF=\"status.html?action=restart&label=%s\" TITLE=\"Restart this reader/ proxy\"><IMG HEIGHT=\"16\" WIDTH=\"16\" ID=\"ICKIL\" SRC=\"%s\" ALT=\"Restart\"></A>", urlencode(vars, cl->reader->label), ICKIL); 2069 2070 } 2070 2071 else { … … 2220 2221 struct s_reader *rdr = cl->reader; 2221 2222 if (rdr->lbvalue) 2222 tpl_printf(vars, 0, "CLIENTLBVALUE", "<A HREF=\"status.html?action=resetstat&label=%s\" TITLE=\"Reset statistics for this reader/ proxy\">%d</A>", rdr->label, rdr->lbvalue);2223 tpl_printf(vars, 0, "CLIENTLBVALUE", "<A HREF=\"status.html?action=resetstat&label=%s\" TITLE=\"Reset statistics for this reader/ proxy\">%d</A>", urlencode(vars, rdr->label), rdr->lbvalue); 2223 2224 else 2224 tpl_printf(vars, 0, "CLIENTLBVALUE", "<A HREF=\"status.html?action=resetstat&label=%s\" TITLE=\"Reset statistics for this reader/ proxy\">%s</A>", rdr->label, "no data");2225 tpl_printf(vars, 0, "CLIENTLBVALUE", "<A HREF=\"status.html?action=resetstat&label=%s\" TITLE=\"Reset statistics for this reader/ proxy\">%s</A>", urlencode(vars, rdr->label), "no data"); 2225 2226 2226 2227 switch(rdr->card_status) … … 2369 2370 2370 2371 tpl_addVar(vars, 0, "LABEL", sidtab->label); 2371 tpl_addVar(vars, 0, "LABELENC", tpl_addTmp(vars, urlencode(sidtab->label)));2372 tpl_addVar(vars, 0, "LABELENC", urlencode(vars, sidtab->label)); 2372 2373 2373 2374 … … 2432 2433 } else { 2433 2434 tpl_printf(vars, 0, "SIDCLASS",""); 2434 tpl_printf(vars, 0, "SID","<A HREF=\"services.html?service=%s&action=list\">Show Services</A>", tpl_addTmp(vars, urlencode(sidtab->label)));2435 } 2436 tpl_addVar(vars, 0, "LABELENC", tpl_addTmp(vars, urlencode(sidtab->label)));2435 tpl_printf(vars, 0, "SID","<A HREF=\"services.html?service=%s&action=list\">Show Services</A>", urlencode(vars, sidtab->label)); 2436 } 2437 tpl_addVar(vars, 0, "LABELENC", urlencode(vars, sidtab->label)); 2437 2438 tpl_addVar(vars, 0, "LABEL", xml_encode(vars, sidtab->label)); 2438 2439 tpl_addVar(vars, 0, "SIDLIST", tpl_getTpl(vars, "SERVICECONFIGSIDBIT")); … … 2464 2465 tpl_addVar(vars, 0, "REFRESH", tpl_getTpl(vars, "REFRESH")); 2465 2466 tpl_printf(vars, 0, "SECONDS", "%d", SHUTDOWNREFRESH); 2466 send_headers(f, 200, "OK", NULL, "text/html" );2467 send_headers(f, 200, "OK", NULL, "text/html", 0); 2467 2468 webif_write(tpl_getTpl(vars, "SHUTDOWN"), f); 2468 2469 running = 0; … … 2477 2478 tpl_addVar(vars, 0, "REFRESH", tpl_getTpl(vars, "REFRESH")); 2478 2479 tpl_printf(vars, 0, "SECONDS", "%d", 2); 2479 send_headers(f, 200, "OK", NULL, "text/html" );2480 send_headers(f, 200, "OK", NULL, "text/html", 0); 2480 2481 webif_write(tpl_getTpl(vars, "SHUTDOWN"), f); 2481 2482 running = 0; … … 3080 3081 snprintf(temp, sizeof(temp), "WWW-Authenticate: Digest algorithm=\"MD5\", realm=\"%s\", qop=\"auth\", opaque=\"\", nonce=\"%s\"", AUTHREALM, expectednonce); 3081 3082 if(authok == 2) strncat(temp, ", stale=true", sizeof(temp)); 3082 send_headers(f, 401, "Unauthorized", temp, "text/html" );3083 send_headers(f, 401, "Unauthorized", temp, "text/html", 0); 3083 3084 free(filebuf); 3084 3085 return 0; … … 3087 3088 /*build page*/ 3088 3089 if(pgidx == 8) { 3089 send_headers(f, 200, "OK", NULL, "text/css" );3090 send_headers(f, 200, "OK", NULL, "text/css", 1); 3090 3091 send_file(f, "CSS"); 3091 3092 } else if (pgidx == 17) { 3092 send_headers(f, 200, "OK", NULL, "text/javascript" );3093 send_headers(f, 200, "OK", NULL, "text/javascript", 1); 3093 3094 send_file(f, "JS"); 3094 3095 } else { … … 3192 3193 else if (strcmp(result, "1")) { 3193 3194 if (pgidx == 18) 3194 send_headers(f, 200, "OK", NULL, "text/xml" );3195 send_headers(f, 200, "OK", NULL, "text/xml", 0); 3195 3196 else 3196 send_headers(f, 200, "OK", NULL, "text/html" );3197 send_headers(f, 200, "OK", NULL, "text/html", 0); 3197 3198 webif_write(result, f); 3198 3199 } … … 3254 3255 pthread_setspecific(getclient, cl); 3255 3256 cl->typ = 'h'; 3256 int i,sock, reuse = 1;3257 int sock, reuse = 1; 3257 3258 struct sockaddr_in sin; 3258 3259 struct sockaddr_in remote; 3259 3260 socklen_t len = sizeof(remote); 3260 3261 3261 /* Prepare lookup array for conversion between ascii and hex */3262 char tmp[3];3263 for(i = 0; i < 256; i++) {3264 snprintf(tmp, sizeof(tmp),"%02x", i);3265 memcpy(hex2ascii[i], tmp, 2);3266 }3267 3268 3262 /* Create random string for nonce value generation */ 3269 srand(time(NULL));3270 3263 create_rand_str(noncekey,32); 3271 3264 -
trunk/oscam-http.h
r4390 r4398 1658 1658 }; 1659 1659 1660 static char hex2ascii[256][2];1661 1660 static char noncekey[33]; 1662 1661 -
trunk/oscam-simples.c
r4391 r4398 30 30 31 31 // create de AES key entry for the linked list 32 new_entry=malloc(sizeof(AES_ENTRY)); 33 if(!new_entry) { 34 cs_log("Error alocation memory for AES key entry"); 35 return; 36 } 32 if(!cs_malloc(&new_entry, sizeof(AES_ENTRY), -1)) return; 37 33 38 34 memcpy(new_entry->plainkey, aesKey, 16); … … 602 598 603 599 #ifdef WEBIF 604 /* Helper function for urldecode.*/ 605 int x2i(int i){ 606 i=toupper(i); 607 i = i - '0'; 608 if(i > 9) i = i - 'A' + '9' + 1; 609 return i; 610 } 611 612 /* Decodes values in a http url */ 613 void urldecode(char *s){ 614 int c, c1, n; 615 char *s0,*t; 616 t = s0 = s; 617 n = strlen(s); 618 while(n >0){ 619 c = *s++; 620 if(c == '+') c = ' '; 621 else if(c == '%' && n > 2){ 622 c = *s++; 623 c1 = c; 624 c = *s++; 625 c = 16*x2i(c1) + x2i(c); 626 n -= 2; 627 } 628 *t++ = c; 629 n--; 630 } 631 *t = 0; 632 } 633 634 /* Helper function for urlencode.*/ 600 /* Converts a char to it's hex representation. See urlencode and char_to_hex on how to use it.*/ 635 601 char to_hex(char code){ 636 602 static const char hex[] = "0123456789abcdef"; … … 638 604 } 639 605 640 /* Encode values in a http url. Note: Be sure to free() the returned string after use */ 641 char *urlencode(char *str){ 642 char buf[strlen(str) * 3 + 1]; 643 char *pstr = str, *pbuf = buf; 644 while (*pstr) { 645 if (isalnum(*pstr) || *pstr == '-' || *pstr == '_' || *pstr == '.' || *pstr == '~') *pbuf++ = *pstr; 646 else if (*pstr == ' ') *pbuf++ = '+'; 647 else { 648 *pbuf++ = '%'; 649 *pbuf++ = to_hex(*pstr >> 4); 650 *pbuf++ = to_hex(*pstr & 15); 651 } 652 ++pstr; 653 } 654 *pbuf = '\0'; 655 pbuf = (char *) malloc((strlen(buf) + 1) * sizeof(char)); 656 strcpy(pbuf, buf); 657 return pbuf; 658 } 659 660 /* Converts a char array to a char array with hex values (needed for example for md5). The hex2ascii 661 array is a lookup table with the corresponding hex string on the array position of the integer representation 662 of the ascii value. Note that result needs to be at least (p_array_len * 2) + 1 large. */ 663 void char_to_hex(const unsigned char* p_array, unsigned int p_array_len, unsigned char *result, char hex2ascii[256][2]) { 606 /* Converts a char array to a char array with hex values (needed for example for md5). 607 Note that result needs to be at least (p_array_len * 2) + 1 large. */ 608 void char_to_hex(const unsigned char* p_array, unsigned int p_array_len, unsigned char *result) { 664 609 result[p_array_len*2] = '\0'; 665 610 const unsigned char* p_end = p_array + p_array_len; … … 667 612 const unsigned char* p; 668 613 for( p = p_array; p != p_end; p++, pos+=2 ) { 669 result[pos] = hex2ascii[*p][0];670 result[pos+1] = hex2ascii[*p][1];614 result[pos] = to_hex(*p >> 4); 615 result[pos+1] = to_hex(*p & 15); 671 616 } 672 617 } … … 674 619 /* Creates a random string with specified length. Note that dst must be one larger than size to hold the trailing \0*/ 675 620 void create_rand_str(char *dst, int size){ 676 static const char text[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";677 621 int i; 678 622 for (i = 0; i < size; ++i){ 679 dst[i] = text[rand() % (sizeof(text) - 1)];623 dst[i] = (rand() % 94) + 32; 680 624 } 681 625 dst[i] = '\0'; -
trunk/oscam.c
r4397 r4398 3190 3190 { 3191 3191 3192 /* init random number generator with seed. */ 3193 srand((unsigned int)time((time_t *)NULL)); 3194 3192 3195 if (pthread_key_create(&getclient, NULL)) { 3193 3196 fprintf(stderr, "Could not create getclient, exiting...");
Note:
See TracChangeset
for help on using the changeset viewer.