"Fossies" - the Fresh Open Source Software Archive
Member "tin-2.4.1/libcanlock/HOWTO" (28 Aug 2013, 2464 Bytes) of archive /linux/misc/tin-2.4.1.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard
) with prefixed line numbers.
Alternatively you can here view
the uninterpreted source code file.
1 Here are some sort-of plain language descriptions of how to use the
4 First, your news posting program needs to generate its own Message-ID
5 headers, or some other unique per-article header if IDs aren't allowed
6 by your server. If this isn't already the case, fix that first.
8 You will also need to add a facility for storing a user password; see
9 the included RFCs about recommended lengths. This can be user-generated
10 or built automatically from random cruft, but however you generate the
11 password you do have to save it. This password is the only thing that
12 will allow you to cancel articles later.
14 An alternative approach is to generate a unique password for each
15 article, but then you would need to build a whole little database
21 Generate a Message-ID. Now, pass the pointers and lengths of the
22 password and message id to sha_lock(). It will return a pointer to your
23 cancel lock. For example:
25 fprintf(art, "Message-ID: %s\n", msgid);
26 fprintf(art, "Cancel-Lock: sha1:%s\n",
27 sha_lock(password, strlen(password), msgid, strlen(msgid));
32 This time, you use the Message-ID of the article to be canceled. We
33 use sha_key this time to complete the cycle.
35 fprintf(art, "Control: cancel %s\n", msg_can);
36 fprintf(art, "Cancel-Key: sha1:%s\n",
37 sha_key(password, strlen(password), msgid, strlen(msgid));
42 This is purely optional at the newsreader level; only servers should
43 really need to bother.
45 Extract the Cancel-Key: header from the cancel message. Fetch the
46 original article from the server and extract its Cancel-Lock: header.
47 Chop off the keywords; we are only interested in the Base64 thingies.
49 - If the original article has no lock (or is missing), you can ignore
50 the cancel key and use traditional verification, or abort the cancel
51 operation if you don't want to trust unauthenticated cancels.
53 - If the original article has a lock and the cancel has no key, abort
54 the cancel operation.
56 - If both a key and lock are present, strip off the type numbers and
57 make sure they're both type sha1 (the only kind this library handles).
58 You can use the lock_strip() function to make this a bit easier.
60 - Finally, you can send pointers to each stripped lock on to
61 sha_verify(). If it returns zero, your may delete the article. Remember
62 that there may be more than one lock in the header. Be sure to check
63 all locks against the key before giving up.