commit - a0993bddf38dffabddd7d5b9a246f35cc00121ef
commit + 9588300b2310754aad4bb34786bb9b0351f459f5
blob - d0f886fe876d26c60a5fe6f31cf305ca77299395
blob + 2c9b4c7b9ec28cf3ae4da688e73c2b199a61c175
--- gotwebd/auth.c
+++ gotwebd/auth.c
/*
* The token format is:
*
- * "v1\0"[issued at/64bit][expire/64bit][username]"\0"[host]"\0"
+ * "v1\0"[issued at/64bit][expire/64bit][uid/64bit][host]"\0"
*
* followed by the HMAC-SHA256 of it, all encoded in base64.
*/
/* xxx check for overflow */
len = (strlen(token) / 4) * 3;
- if (len < 21 + 32) /* min length assuming empty username and host */
+ if (len < 28 + 32) /* min length assuming empty username and host */
return -1;
data = malloc(len);
/* */
static char *
-auth_gen_token(const char *username, const char *hostname)
+auth_gen_token(uint64_t uid, const char *hostname)
{
BIO *bmem, *b64;
BUF_MEM *bufm;
FILE *fp;
char *tok;
uint64_t issued, expire; /* assume size_t(time_t) == 8 */
- size_t siz, ulen, hlen;
+ size_t siz, hlen;
unsigned int hmaclen; /* openssl... */
issued = time(NULL);
return NULL;
/* include NUL */
- ulen = strlen(username) + 1;
hlen = strlen(hostname) + 1;
if (fwrite("v1", 1, 3, fp) != 3 ||
fwrite(&issued, 1, 8, fp) != 8 ||
fwrite(&expire, 1, 8, fp) != 8 ||
- fwrite(username, 1, ulen, fp) != ulen ||
+ fwrite(&uid, 1, 8, fp) != 8 ||
fwrite(hostname, 1, hlen, fp) != hlen) {
fclose(fp);
free(tok);
hostname = cmd;
/* XXX */
- code = auth_gen_token("op", hostname);
+ code = auth_gen_token(1000, hostname);
if (code == NULL) {
log_warn("%s: auth_gen_token failed", __func__);
client_err(bev, EVBUFFER_READ, client);
