+void get_xsrf_token(const char *username, const char *pass,
+ const char *formname, time_t xsrf_time, char token_str[33])
+{
+ struct MD5Context md5_ctx;
+ uint8_t token[16];
+ int i;
+
+ token_str[0] = '\0';
+ ZERO_STRUCT(md5_ctx);
+ MD5Init(&md5_ctx);
+
+ MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
+ MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
+ if (username != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
+ }
+ if (pass != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
+ }
+
+ MD5Final(token, &md5_ctx);
+
+ for(i = 0; i < sizeof(token); i++) {
+ char tmp[3];
+
+ snprintf(tmp, sizeof(tmp), "%02x", token[i]);
+ strlcat(token_str, tmp, sizeof(tmp));
+ }
+}
+
+void print_xsrf_token(const char *username, const char *pass,
+ const char *formname)
+{
+ char token[33];
+ time_t xsrf_time = time(NULL);
+
+ get_xsrf_token(username, pass, formname, xsrf_time, token);
+ printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
+ XSRF_TOKEN, token);
+ printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
+ XSRF_TIME, (long long int)xsrf_time);
+}
+
+bool verify_xsrf_token(const char *formname)
+{
+ char expected[33];
+ const char *username = cgi_user_name();
+ const char *pass = cgi_user_pass();
+ const char *token = cgi_variable_nonull(XSRF_TOKEN);
+ const char *time_str = cgi_variable_nonull(XSRF_TIME);
+ char *p = NULL;
+ long long xsrf_time_ll = 0;
+ time_t xsrf_time = 0;
+ time_t now = time(NULL);
+
+ errno = 0;
+ xsrf_time_ll = strtoll(time_str, &p, 10);
+ if (errno != 0) {
+ return false;
+ }
+ if (p == NULL) {
+ return false;
+ }
+ if (PTR_DIFF(p, time_str) > strlen(time_str)) {
+ return false;
+ }
+ if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
+ return false;
+ }
+ if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
+ return false;
+ }
+ xsrf_time = xsrf_time_ll;
+
+ if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
+ return false;
+ }
+
+ get_xsrf_token(username, pass, formname, xsrf_time, expected);
+ return (strncmp(expected, token, sizeof(expected)) == 0);
+}
+
+