1 files changed, 1 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index 2180577..c69df2d 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -33,385 +33,385 @@
 #else
 #include <stdlib.h>
 #include <time.h>
 #endif
 #if defined(_OS_LINUX_)
 #include <shadow.h>
 #endif
 #include <qdir.h>
 #include <qfile.h>
 #include <qtextstream.h>
 #include <qdatastream.h>
 #include <qmessagebox.h>
 #include <qstringlist.h>
 #include <qfileinfo.h>
 #include <qregexp.h>
 //#include <qtopia/qcopchannel_qws.h>
 #include <qtopia/process.h>
 #include <qtopia/global.h>
 #include <qtopia/config.h>
 #include <qtopia/private/contact.h>
 #include <qtopia/quuid.h>
 #include <qtopia/version.h>
 #ifdef Q_WS_QWS
 #include <qtopia/qcopenvelope_qws.h>
 #endif
 #include "launcherglobal.h"
 #include "transferserver.h"
 #include <qtopia/qprocess.h>
 const int block_size = 51200;
 TransferServer::TransferServer( Q_UINT16 port, QObject *parent,
        const char* name)
    : QServerSocket( port, 1, parent, name )
 {
    connections.setAutoDelete( TRUE );
    if ( !ok() )
        qWarning( "Failed to bind to port %d", port );
 }
 void TransferServer::authorizeConnections()
 {
    QListIterator<ServerPI> it(connections);
    while ( it.current() ) {
        if ( !it.current()->verifyAuthorised() ) {
            disconnect( it.current(), SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) );
            connections.removeRef( it.current() );
        } else
            ++it;
    }
 }
 void TransferServer::closed(ServerPI *item)
 {
    connections.removeRef(item);
 }
 TransferServer::~TransferServer()
 {
 }
 void TransferServer::newConnection( int socket )
 {
    ServerPI *ptr = new ServerPI( socket, this );
    connect( ptr, SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) );
    connections.append( ptr );
 }
 QString SyncAuthentication::serverId()
 {
    Config cfg("Security");
    cfg.setGroup("Sync");
    QString r = cfg.readEntry("serverid");
    if ( r.isEmpty() ) {
        r = Opie::Global::uuid();
        cfg.writeEntry("serverid", r );
    }
   return r;
 }
 QString SyncAuthentication::ownerName()
 {
    QString vfilename = Global::applicationFileName("addressbook",
                "businesscard.vcf");
    if (QFile::exists(vfilename)) {
        Contact c;
        c = Contact::readVCard( vfilename )[0];
        return c.fullName();
    }
    return QString::null;
 }
 QString SyncAuthentication::loginName()
 {
    struct passwd *pw = 0L;
 #ifndef Q_OS_WIN32
    pw = getpwuid( geteuid() );
    return QString::fromLocal8Bit( pw->pw_name );
 #else
    //### revise
    return QString();
 #endif
 }
 int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
 {
    Config cfg("Security");
        cfg.setGroup("Sync");
        //    QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
        uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);
        //    QHostAddress allowed;
        //    allowed.setAddress(allowedstr);
        //    uint auth_peer = allowed.ip4Addr();
        uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);
        uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
                    ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
        return (peeraddress.ip4Addr() & mask) == auth_peer;
 }
 bool SyncAuthentication::checkUser( const QString& user )
 {
    if ( user.isEmpty() ) return FALSE;
    QString euser = loginName();
    return user == euser;
 }
 bool SyncAuthentication::checkPassword( const QString& password )
 {
 #ifdef ALLOW_UNIX_USER_FTP
    // First, check system password...
    struct passwd *pw = 0;
    struct spwd *spw = 0;
    pw = getpwuid( geteuid() );
    spw = getspnam( pw->pw_name );
    QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
    if ( cpwd == "x" && spw )
        cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
    // Note: some systems use more than crypt for passwords.
    QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
    if ( cpwd == cpassword )
        return TRUE;
 #endif
    static int lastdenial=0;
    static int denials=0;
    int now = time(0);
    // Detect old Qtopia Desktop (no password)
    if ( password.isEmpty() ) {
        if ( denials < 1 || now > lastdenial+600 ) {
            QMessageBox unauth(
                tr("Sync Connection"),
                tr("<p>An unauthorized system is requesting access to this device."
                    "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
                    "please upgrade."),
                QMessageBox::Warning,
                QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
                0, QString::null, TRUE, WStyle_StaysOnTop);
            unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
            unauth.exec();
            denials++;
            lastdenial=now;
        }
        return FALSE;
    }
    // Second, check sync password...
    static int lock=0;
    if ( lock ) return FALSE;
    ++lock;
    /*
     *  we need to support old Sync software and QtopiaDesktop
     */
    if ( password.left(6) == "Qtopia" || password.left(6) == "rootme" ) {
-        Config cfg( "Security.conf" );
+        Config cfg( "Security" );
        cfg.setGroup("Sync");
        QStringList pwds = cfg.readListEntry("Passwords",' ');
        for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
 #ifndef Q_OS_WIN32
            QString cpassword = QString::fromLocal8Bit(
                crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
 #else
            // ### revise
            QString cpassword("");
 #endif
            if ( *it == cpassword ) {
                lock--;
                return TRUE;
            }
        }
        // Unrecognized system. Be careful...
        QMessageBox unrecbox(
            tr("Sync Connection"),
                    tr("<p>An unrecognized system is requesting access to this device."
                "<p>If you have just initiated a Sync for the first time, this is normal."),
                QMessageBox::Warning,
                QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
                0, QString::null, TRUE, WStyle_StaysOnTop);
        unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
        unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
        if ( (denials > 2 && now < lastdenial+600)
            || unrecbox.exec() != QMessageBox::Yes)
        {
            denials++;
            lastdenial=now;
            lock--;
            return FALSE;
        } else {
            const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
            char salt[2];
            salt[0]= salty[rand() % (sizeof(salty)-1)];
            salt[1]= salty[rand() % (sizeof(salty)-1)];
 #ifndef Q_OS_WIN32
            QString cpassword = QString::fromLocal8Bit(
                crypt( password.mid(8).local8Bit(), salt ) );
 #else
            //### revise
            QString cpassword("");
 #endif
            denials=0;
            pwds.prepend(cpassword);
            cfg.writeEntry("Passwords",pwds,' ');
            lock--;
            return TRUE;
        }
    }
    lock--;
    return FALSE;
 }
 ServerPI::ServerPI( int socket, QObject *parent, const char* name )
    : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ),
      storFileSize(-1)
 {
    state = Connected;
    setSocket( socket );
    peerport = peerPort();
    peeraddress = peerAddress();
 #ifndef INSECURE
    if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
        state = Forbidden;
        startTimer( 0 );
    } else
 #endif
    {
        connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
        connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
        passiv = FALSE;
        for( int i = 0; i < 4; i++ )
            wait[i] = FALSE;
        send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr
        state = Wait_USER;
        dtp = new ServerDTP( this );
        connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
        connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
        connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
        directory = QDir::currentDirPath();
        static int p = 1024;
        while ( !serversocket || !serversocket->ok() ) {
            delete serversocket;
            serversocket = new ServerSocket( ++p, this );
        }
        connect( serversocket, SIGNAL( newIncomming( int ) ),
                 SLOT( newConnection( int ) ) );
    }
 }
 ServerPI::~ServerPI()
 {
    close();
    dtp->close();
    delete dtp;
    delete serversocket;
 }
 bool ServerPI::verifyAuthorised()
 {
    if ( !SyncAuthentication::isAuthorized(peerAddress()) ) {
        state = Forbidden;
        return FALSE;
    }
    return TRUE;
 }
 void ServerPI::connectionClosed()
 {
    // qDebug( "Debug: Connection closed" );
    emit connectionClosed(this);
 }
 void ServerPI::send( const QString& msg )
 {
    QTextStream os( this );
    os << msg << endl;
    //qDebug( "Reply: %s", msg.latin1() );
 }
 void ServerPI::read()
 {
    while ( canReadLine() )
        process( readLine().stripWhiteSpace() );
 }
 bool ServerPI::checkReadFile( const QString& file )
 {
    QString filename;
    if ( file[0] != "/" )
        filename = directory.path() + "/" + file;
    else
        filename = file;
    QFileInfo fi( filename );
    return ( fi.exists() && fi.isReadable() );
 }
 bool ServerPI::checkWriteFile( const QString& file )
 {
    QString filename;
    if ( file[0] != "/" )
        filename = directory.path() + "/" + file;
    else
        filename = file;
    QFileInfo fi( filename );
    if ( fi.exists() )
        if ( !QFile( filename ).remove() )
            return FALSE;
    return TRUE;
 }
 void ServerPI::process( const QString& message )
 {
    //qDebug( "Command: %s", message.latin1() );
    // split message using "," as separator
    QStringList msg = QStringList::split( " ", message );
    if ( msg.isEmpty() ) return;
    // command token
    QString cmd = msg[0].upper();
    // argument token
    QString arg;
    if ( msg.count() >= 2 )
        arg = msg[1];
    // full argument string
    QString args;
    if ( msg.count() >= 2 ) {
        QStringList copy( msg );

diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index 2180577..c69df2d 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp
@@ -33,385 +33,385 @@
33		33
34	#else	34	#else
35	#include <stdlib.h>	35	#include <stdlib.h>
36	#include <time.h>	36	#include <time.h>
37	#endif	37	#endif
38		38
39		39
40	#if defined(_OS_LINUX_)	40	#if defined(_OS_LINUX_)
41	#include <shadow.h>	41	#include <shadow.h>
42	#endif	42	#endif
43		43
44	#include <qdir.h>	44	#include <qdir.h>
45	#include <qfile.h>	45	#include <qfile.h>
46	#include <qtextstream.h>	46	#include <qtextstream.h>
47	#include <qdatastream.h>	47	#include <qdatastream.h>
48	#include <qmessagebox.h>	48	#include <qmessagebox.h>
49	#include <qstringlist.h>	49	#include <qstringlist.h>
50	#include <qfileinfo.h>	50	#include <qfileinfo.h>
51	#include <qregexp.h>	51	#include <qregexp.h>
52	//#include <qtopia/qcopchannel_qws.h>	52	//#include <qtopia/qcopchannel_qws.h>
53	#include <qtopia/process.h>	53	#include <qtopia/process.h>
54	#include <qtopia/global.h>	54	#include <qtopia/global.h>
55	#include <qtopia/config.h>	55	#include <qtopia/config.h>
56	#include <qtopia/private/contact.h>	56	#include <qtopia/private/contact.h>
57	#include <qtopia/quuid.h>	57	#include <qtopia/quuid.h>
58	#include <qtopia/version.h>	58	#include <qtopia/version.h>
59	#ifdef Q_WS_QWS	59	#ifdef Q_WS_QWS
60	#include <qtopia/qcopenvelope_qws.h>	60	#include <qtopia/qcopenvelope_qws.h>
61	#endif	61	#endif
62		62
63	#include "launcherglobal.h"	63	#include "launcherglobal.h"
64		64
65	#include "transferserver.h"	65	#include "transferserver.h"
66	#include <qtopia/qprocess.h>	66	#include <qtopia/qprocess.h>
67		67
68	const int block_size = 51200;	68	const int block_size = 51200;
69		69
70	TransferServer::TransferServer( Q_UINT16 port, QObject *parent,	70	TransferServer::TransferServer( Q_UINT16 port, QObject *parent,
71	const char* name)	71	const char* name)
72	: QServerSocket( port, 1, parent, name )	72	: QServerSocket( port, 1, parent, name )
73	{	73	{
74	connections.setAutoDelete( TRUE );	74	connections.setAutoDelete( TRUE );
75	if ( !ok() )	75	if ( !ok() )
76	qWarning( "Failed to bind to port %d", port );	76	qWarning( "Failed to bind to port %d", port );
77	}	77	}
78		78
79	void TransferServer::authorizeConnections()	79	void TransferServer::authorizeConnections()
80	{	80	{
81	QListIterator<ServerPI> it(connections);	81	QListIterator<ServerPI> it(connections);
82	while ( it.current() ) {	82	while ( it.current() ) {
83	if ( !it.current()->verifyAuthorised() ) {	83	if ( !it.current()->verifyAuthorised() ) {
84	disconnect( it.current(), SIGNAL(connectionClosed(ServerPI )), this, SLOT( closed(ServerPI )) );	84	disconnect( it.current(), SIGNAL(connectionClosed(ServerPI )), this, SLOT( closed(ServerPI )) );
85	connections.removeRef( it.current() );	85	connections.removeRef( it.current() );
86	} else	86	} else
87	++it;	87	++it;
88	}	88	}
89	}	89	}
90		90
91	void TransferServer::closed(ServerPI *item)	91	void TransferServer::closed(ServerPI *item)
92	{	92	{
93	connections.removeRef(item);	93	connections.removeRef(item);
94	}	94	}
95		95
96	TransferServer::~TransferServer()	96	TransferServer::~TransferServer()
97	{	97	{
98	}	98	}
99		99
100	void TransferServer::newConnection( int socket )	100	void TransferServer::newConnection( int socket )
101	{	101	{
102	ServerPI *ptr = new ServerPI( socket, this );	102	ServerPI *ptr = new ServerPI( socket, this );
103	connect( ptr, SIGNAL(connectionClosed(ServerPI )), this, SLOT( closed(ServerPI )) );	103	connect( ptr, SIGNAL(connectionClosed(ServerPI )), this, SLOT( closed(ServerPI )) );
104	connections.append( ptr );	104	connections.append( ptr );
105	}	105	}
106		106
107	QString SyncAuthentication::serverId()	107	QString SyncAuthentication::serverId()
108	{	108	{
109	Config cfg("Security");	109	Config cfg("Security");
110	cfg.setGroup("Sync");	110	cfg.setGroup("Sync");
111	QString r = cfg.readEntry("serverid");	111	QString r = cfg.readEntry("serverid");
112		112
113	if ( r.isEmpty() ) {	113	if ( r.isEmpty() ) {
114	r = Opie::Global::uuid();	114	r = Opie::Global::uuid();
115	cfg.writeEntry("serverid", r );	115	cfg.writeEntry("serverid", r );
116	}	116	}
117	return r;	117	return r;
118	}	118	}
119		119
120	QString SyncAuthentication::ownerName()	120	QString SyncAuthentication::ownerName()
121	{	121	{
122	QString vfilename = Global::applicationFileName("addressbook",	122	QString vfilename = Global::applicationFileName("addressbook",
123	"businesscard.vcf");	123	"businesscard.vcf");
124	if (QFile::exists(vfilename)) {	124	if (QFile::exists(vfilename)) {
125	Contact c;	125	Contact c;
126	c = Contact::readVCard( vfilename )[0];	126	c = Contact::readVCard( vfilename )[0];
127	return c.fullName();	127	return c.fullName();
128	}	128	}
129		129
130	return QString::null;	130	return QString::null;
131	}	131	}
132		132
133	QString SyncAuthentication::loginName()	133	QString SyncAuthentication::loginName()
134	{	134	{
135	struct passwd *pw = 0L;	135	struct passwd *pw = 0L;
136	#ifndef Q_OS_WIN32	136	#ifndef Q_OS_WIN32
137	pw = getpwuid( geteuid() );	137	pw = getpwuid( geteuid() );
138	return QString::fromLocal8Bit( pw->pw_name );	138	return QString::fromLocal8Bit( pw->pw_name );
139	#else	139	#else
140	//### revise	140	//### revise
141	return QString();	141	return QString();
142	#endif	142	#endif
143	}	143	}
144		144
145	int SyncAuthentication::isAuthorized(QHostAddress peeraddress)	145	int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
146	{	146	{
147	Config cfg("Security");	147	Config cfg("Security");
148	cfg.setGroup("Sync");	148	cfg.setGroup("Sync");
149	// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");	149	// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
150	uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);	150	uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);
151		151
152	// QHostAddress allowed;	152	// QHostAddress allowed;
153	// allowed.setAddress(allowedstr);	153	// allowed.setAddress(allowedstr);
154	// uint auth_peer = allowed.ip4Addr();	154	// uint auth_peer = allowed.ip4Addr();
155	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);	155	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);
156	uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined	156	uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
157	? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));	157	? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
158		158
159	return (peeraddress.ip4Addr() & mask) == auth_peer;	159	return (peeraddress.ip4Addr() & mask) == auth_peer;
160	}	160	}
161		161
162	bool SyncAuthentication::checkUser( const QString& user )	162	bool SyncAuthentication::checkUser( const QString& user )
163	{	163	{
164	if ( user.isEmpty() ) return FALSE;	164	if ( user.isEmpty() ) return FALSE;
165	QString euser = loginName();	165	QString euser = loginName();
166	return user == euser;	166	return user == euser;
167	}	167	}
168		168
169	bool SyncAuthentication::checkPassword( const QString& password )	169	bool SyncAuthentication::checkPassword( const QString& password )
170	{	170	{
171	#ifdef ALLOW_UNIX_USER_FTP	171	#ifdef ALLOW_UNIX_USER_FTP
172	// First, check system password...	172	// First, check system password...
173		173
174	struct passwd *pw = 0;	174	struct passwd *pw = 0;
175	struct spwd *spw = 0;	175	struct spwd *spw = 0;
176		176
177	pw = getpwuid( geteuid() );	177	pw = getpwuid( geteuid() );
178	spw = getspnam( pw->pw_name );	178	spw = getspnam( pw->pw_name );
179		179
180	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );	180	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
181	if ( cpwd == "x" && spw )	181	if ( cpwd == "x" && spw )
182	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );	182	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
183		183
184	// Note: some systems use more than crypt for passwords.	184	// Note: some systems use more than crypt for passwords.
185	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );	185	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
186	if ( cpwd == cpassword )	186	if ( cpwd == cpassword )
187	return TRUE;	187	return TRUE;
188	#endif	188	#endif
189		189
190	static int lastdenial=0;	190	static int lastdenial=0;
191	static int denials=0;	191	static int denials=0;
192	int now = time(0);	192	int now = time(0);
193		193
194	// Detect old Qtopia Desktop (no password)	194	// Detect old Qtopia Desktop (no password)
195	if ( password.isEmpty() ) {	195	if ( password.isEmpty() ) {
196	if ( denials < 1 \|\| now > lastdenial+600 ) {	196	if ( denials < 1 \|\| now > lastdenial+600 ) {
197	QMessageBox unauth(	197	QMessageBox unauth(
198	tr("Sync Connection"),	198	tr("Sync Connection"),
199	tr("<p>An unauthorized system is requesting access to this device."	199	tr("<p>An unauthorized system is requesting access to this device."
200	"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "	200	"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
201	"please upgrade."),	201	"please upgrade."),
202	QMessageBox::Warning,	202	QMessageBox::Warning,
203	QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,	203	QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
204	0, QString::null, TRUE, WStyle_StaysOnTop);	204	0, QString::null, TRUE, WStyle_StaysOnTop);
205	unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));	205	unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
206	unauth.exec();	206	unauth.exec();
207		207
208	denials++;	208	denials++;
209	lastdenial=now;	209	lastdenial=now;
210	}	210	}
211	return FALSE;	211	return FALSE;
212	}	212	}
213		213
214	// Second, check sync password...	214	// Second, check sync password...
215		215
216	static int lock=0;	216	static int lock=0;
217	if ( lock ) return FALSE;	217	if ( lock ) return FALSE;
218		218
219	++lock;	219	++lock;
220		220
221	/*	221	/*
222	* we need to support old Sync software and QtopiaDesktop	222	* we need to support old Sync software and QtopiaDesktop
223	*/	223	*/
224	if ( password.left(6) == "Qtopia" \|\| password.left(6) == "rootme" ) {	224	if ( password.left(6) == "Qtopia" \|\| password.left(6) == "rootme" ) {
225	Config cfg( "Security.conf" );	225	Config cfg( "Security" );
226	cfg.setGroup("Sync");	226	cfg.setGroup("Sync");
227	QStringList pwds = cfg.readListEntry("Passwords",' ');	227	QStringList pwds = cfg.readListEntry("Passwords",' ');
228	for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {	228	for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
229	#ifndef Q_OS_WIN32	229	#ifndef Q_OS_WIN32
230	QString cpassword = QString::fromLocal8Bit(	230	QString cpassword = QString::fromLocal8Bit(
231	crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );	231	crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
232	#else	232	#else
233	// ### revise	233	// ### revise
234	QString cpassword("");	234	QString cpassword("");
235	#endif	235	#endif
236	if ( *it == cpassword ) {	236	if ( *it == cpassword ) {
237	lock--;	237	lock--;
238	return TRUE;	238	return TRUE;
239	}	239	}
240	}	240	}
241		241
242	// Unrecognized system. Be careful...	242	// Unrecognized system. Be careful...
243	QMessageBox unrecbox(	243	QMessageBox unrecbox(
244	tr("Sync Connection"),	244	tr("Sync Connection"),
245	tr("<p>An unrecognized system is requesting access to this device."	245	tr("<p>An unrecognized system is requesting access to this device."
246	"<p>If you have just initiated a Sync for the first time, this is normal."),	246	"<p>If you have just initiated a Sync for the first time, this is normal."),
247	QMessageBox::Warning,	247	QMessageBox::Warning,
248	QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,	248	QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
249	0, QString::null, TRUE, WStyle_StaysOnTop);	249	0, QString::null, TRUE, WStyle_StaysOnTop);
250	unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));	250	unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
251	unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));	251	unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
252		252
253	if ( (denials > 2 && now < lastdenial+600)	253	if ( (denials > 2 && now < lastdenial+600)
254	\|\| unrecbox.exec() != QMessageBox::Yes)	254	\|\| unrecbox.exec() != QMessageBox::Yes)
255	{	255	{
256	denials++;	256	denials++;
257	lastdenial=now;	257	lastdenial=now;
258	lock--;	258	lock--;
259	return FALSE;	259	return FALSE;
260	} else {	260	} else {
261	const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";	261	const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
262	char salt[2];	262	char salt[2];
263	salt[0]= salty[rand() % (sizeof(salty)-1)];	263	salt[0]= salty[rand() % (sizeof(salty)-1)];
264	salt[1]= salty[rand() % (sizeof(salty)-1)];	264	salt[1]= salty[rand() % (sizeof(salty)-1)];
265	#ifndef Q_OS_WIN32	265	#ifndef Q_OS_WIN32
266	QString cpassword = QString::fromLocal8Bit(	266	QString cpassword = QString::fromLocal8Bit(
267	crypt( password.mid(8).local8Bit(), salt ) );	267	crypt( password.mid(8).local8Bit(), salt ) );
268	#else	268	#else
269	//### revise	269	//### revise
270	QString cpassword("");	270	QString cpassword("");
271	#endif	271	#endif
272	denials=0;	272	denials=0;
273	pwds.prepend(cpassword);	273	pwds.prepend(cpassword);
274	cfg.writeEntry("Passwords",pwds,' ');	274	cfg.writeEntry("Passwords",pwds,' ');
275	lock--;	275	lock--;
276	return TRUE;	276	return TRUE;
277	}	277	}
278	}	278	}
279	lock--;	279	lock--;
280		280
281	return FALSE;	281	return FALSE;
282	}	282	}
283		283
284		284
285	ServerPI::ServerPI( int socket, QObject parent, const char name )	285	ServerPI::ServerPI( int socket, QObject parent, const char name )
286	: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ),	286	: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ),
287	storFileSize(-1)	287	storFileSize(-1)
288	{	288	{
289	state = Connected;	289	state = Connected;
290		290
291	setSocket( socket );	291	setSocket( socket );
292		292
293	peerport = peerPort();	293	peerport = peerPort();
294	peeraddress = peerAddress();	294	peeraddress = peerAddress();
295		295
296	#ifndef INSECURE	296	#ifndef INSECURE
297	if ( !SyncAuthentication::isAuthorized(peeraddress) ) {	297	if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
298	state = Forbidden;	298	state = Forbidden;
299	startTimer( 0 );	299	startTimer( 0 );
300	} else	300	} else
301	#endif	301	#endif
302	{	302	{
303	connect( this, SIGNAL( readyRead() ), SLOT( read() ) );	303	connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
304	connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );	304	connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
305		305
306	passiv = FALSE;	306	passiv = FALSE;
307	for( int i = 0; i < 4; i++ )	307	for( int i = 0; i < 4; i++ )
308	wait[i] = FALSE;	308	wait[i] = FALSE;
309		309
310	send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr	310	send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr
311	state = Wait_USER;	311	state = Wait_USER;
312		312
313	dtp = new ServerDTP( this );	313	dtp = new ServerDTP( this );
314	connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );	314	connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
315	connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );	315	connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
316	connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );	316	connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
317		317
318		318
319	directory = QDir::currentDirPath();	319	directory = QDir::currentDirPath();
320		320
321	static int p = 1024;	321	static int p = 1024;
322		322
323	while ( !serversocket \|\| !serversocket->ok() ) {	323	while ( !serversocket \|\| !serversocket->ok() ) {
324	delete serversocket;	324	delete serversocket;
325	serversocket = new ServerSocket( ++p, this );	325	serversocket = new ServerSocket( ++p, this );
326	}	326	}
327	connect( serversocket, SIGNAL( newIncomming( int ) ),	327	connect( serversocket, SIGNAL( newIncomming( int ) ),
328	SLOT( newConnection( int ) ) );	328	SLOT( newConnection( int ) ) );
329	}	329	}
330	}	330	}
331		331
332	ServerPI::~ServerPI()	332	ServerPI::~ServerPI()
333	{	333	{
334	close();	334	close();
335	dtp->close();	335	dtp->close();
336	delete dtp;	336	delete dtp;
337	delete serversocket;	337	delete serversocket;
338	}	338	}
339		339
340	bool ServerPI::verifyAuthorised()	340	bool ServerPI::verifyAuthorised()
341	{	341	{
342	if ( !SyncAuthentication::isAuthorized(peerAddress()) ) {	342	if ( !SyncAuthentication::isAuthorized(peerAddress()) ) {
343	state = Forbidden;	343	state = Forbidden;
344	return FALSE;	344	return FALSE;
345	}	345	}
346	return TRUE;	346	return TRUE;
347	}	347	}
348		348
349	void ServerPI::connectionClosed()	349	void ServerPI::connectionClosed()
350	{	350	{
351	// qDebug( "Debug: Connection closed" );	351	// qDebug( "Debug: Connection closed" );
352	emit connectionClosed(this);	352	emit connectionClosed(this);
353	}	353	}
354		354
355	void ServerPI::send( const QString& msg )	355	void ServerPI::send( const QString& msg )
356	{	356	{
357	QTextStream os( this );	357	QTextStream os( this );
358	os << msg << endl;	358	os << msg << endl;
359	//qDebug( "Reply: %s", msg.latin1() );	359	//qDebug( "Reply: %s", msg.latin1() );
360	}	360	}
361		361
362	void ServerPI::read()	362	void ServerPI::read()
363	{	363	{
364	while ( canReadLine() )	364	while ( canReadLine() )
365	process( readLine().stripWhiteSpace() );	365	process( readLine().stripWhiteSpace() );
366	}	366	}
367		367
368	bool ServerPI::checkReadFile( const QString& file )	368	bool ServerPI::checkReadFile( const QString& file )
369	{	369	{
370	QString filename;	370	QString filename;
371		371
372	if ( file[0] != "/" )	372	if ( file[0] != "/" )
373	filename = directory.path() + "/" + file;	373	filename = directory.path() + "/" + file;
374	else	374	else
375	filename = file;	375	filename = file;
376		376
377	QFileInfo fi( filename );	377	QFileInfo fi( filename );
378	return ( fi.exists() && fi.isReadable() );	378	return ( fi.exists() && fi.isReadable() );
379	}	379	}
380		380
381	bool ServerPI::checkWriteFile( const QString& file )	381	bool ServerPI::checkWriteFile( const QString& file )
382	{	382	{
383	QString filename;	383	QString filename;
384		384
385	if ( file[0] != "/" )	385	if ( file[0] != "/" )
386	filename = directory.path() + "/" + file;	386	filename = directory.path() + "/" + file;
387	else	387	else
388	filename = file;	388	filename = file;
389		389
390	QFileInfo fi( filename );	390	QFileInfo fi( filename );
391		391
392	if ( fi.exists() )	392	if ( fi.exists() )
393	if ( !QFile( filename ).remove() )	393	if ( !QFile( filename ).remove() )
394	return FALSE;	394	return FALSE;
395	return TRUE;	395	return TRUE;
396	}	396	}
397		397
398	void ServerPI::process( const QString& message )	398	void ServerPI::process( const QString& message )
399	{	399	{
400	//qDebug( "Command: %s", message.latin1() );	400	//qDebug( "Command: %s", message.latin1() );
401		401
402	// split message using "," as separator	402	// split message using "," as separator
403	QStringList msg = QStringList::split( " ", message );	403	QStringList msg = QStringList::split( " ", message );
404	if ( msg.isEmpty() ) return;	404	if ( msg.isEmpty() ) return;
405		405
406	// command token	406	// command token
407	QString cmd = msg[0].upper();	407	QString cmd = msg[0].upper();
408		408
409	// argument token	409	// argument token
410	QString arg;	410	QString arg;
411	if ( msg.count() >= 2 )	411	if ( msg.count() >= 2 )
412	arg = msg[1];	412	arg = msg[1];
413		413
414	// full argument string	414	// full argument string
415	QString args;	415	QString args;
416	if ( msg.count() >= 2 ) {	416	if ( msg.count() >= 2 ) {
417	QStringList copy( msg );	417	QStringList copy( msg );