-rw-r--r-- | core/launcher/desktop.cpp | 4 | ||||
-rw-r--r-- | core/launcher/launcher.pro | 2 | ||||
-rw-r--r-- | core/launcher/qcopbridge.cpp | 100 | ||||
-rw-r--r-- | core/launcher/qcopbridge.h | 7 | ||||
-rw-r--r-- | core/launcher/transferserver.cpp | 207 | ||||
-rw-r--r-- | core/launcher/transferserver.h | 23 |
6 files changed, 227 insertions, 116 deletions
diff --git a/core/launcher/desktop.cpp b/core/launcher/desktop.cpp index 24dce73..541b4be 100644 --- a/core/launcher/desktop.cpp +++ b/core/launcher/desktop.cpp | |||
@@ -567,6 +567,6 @@ void Desktop::execAutoStart() { | |||
567 | QCopEnvelope e("QPE/System", "execute(QString)"); | 567 | QCopEnvelope e("QPE/System", "execute(QString)"); |
568 | e << QString(appName); | 568 | e << QString(appName); |
569 | } else { | 569 | } //else { |
570 | } | 570 | //} |
571 | } | 571 | } |
572 | 572 | ||
diff --git a/core/launcher/launcher.pro b/core/launcher/launcher.pro index ccf8231..169edc1 100644 --- a/core/launcher/launcher.pro +++ b/core/launcher/launcher.pro | |||
@@ -100,5 +100,5 @@ INCLUDEPATH += $(OPIEDIR)/rsync | |||
100 | DEPENDPATH+= $(OPIEDIR)/rsync | 100 | DEPENDPATH+= $(OPIEDIR)/rsync |
101 | TARGET = qpe | 101 | TARGET = qpe |
102 | LIBS += -lqpe -lcrypt -lopie | 102 | LIBS += -lqpe -lcrypt -lopie -luuid |
103 | 103 | ||
104 | TRANSLATIONS = ../../i18n/de/qpe.ts \ | 104 | TRANSLATIONS = ../../i18n/de/qpe.ts \ |
diff --git a/core/launcher/qcopbridge.cpp b/core/launcher/qcopbridge.cpp index 2d084fc..85993ee 100644 --- a/core/launcher/qcopbridge.cpp +++ b/core/launcher/qcopbridge.cpp | |||
@@ -1,6 +1,6 @@ | |||
1 | /********************************************************************** | 1 | /********************************************************************** |
2 | ** Copyright (C) 2000 Trolltech AS. All rights reserved. | 2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. |
3 | ** | 3 | ** |
4 | ** This file is part of Qtopia Environment. | 4 | ** This file is part of the Qtopia Environment. |
5 | ** | 5 | ** |
6 | ** This file may be distributed and/or modified under the terms of the | 6 | ** This file may be distributed and/or modified under the terms of the |
@@ -22,6 +22,9 @@ | |||
22 | #include "transferserver.h" | 22 | #include "transferserver.h" |
23 | 23 | ||
24 | #ifdef QWS | ||
24 | #include <qpe/qcopenvelope_qws.h> | 25 | #include <qpe/qcopenvelope_qws.h> |
26 | #endif | ||
25 | #include <qpe/qpeapplication.h> | 27 | #include <qpe/qpeapplication.h> |
28 | #include <qpe/version.h> | ||
26 | 29 | ||
27 | #include <qdir.h> | 30 | #include <qdir.h> |
@@ -32,11 +35,9 @@ | |||
32 | #include <qfileinfo.h> | 35 | #include <qfileinfo.h> |
33 | #include <qregexp.h> | 36 | #include <qregexp.h> |
37 | #ifdef QWS | ||
34 | #include <qcopchannel_qws.h> | 38 | #include <qcopchannel_qws.h> |
39 | #endif | ||
35 | 40 | ||
36 | // actually this is wrong, _XOPEN_SOURCE should get defined on the commandline | ||
37 | // and it should have a proper value assigned. (Simon) | ||
38 | #if !defined(_XOPEN_SOURCE) | ||
39 | #define _XOPEN_SOURCE | 41 | #define _XOPEN_SOURCE |
40 | #endif | ||
41 | #include <pwd.h> | 42 | #include <pwd.h> |
42 | #include <sys/types.h> | 43 | #include <sys/types.h> |
@@ -60,4 +61,5 @@ QCopBridge::QCopBridge( Q_UINT16 port, QObject *parent, | |||
60 | qWarning( "Failed to bind to port %d", port ); | 61 | qWarning( "Failed to bind to port %d", port ); |
61 | else { | 62 | else { |
63 | #ifndef QT_NO_COP | ||
62 | desktopChannel = new QCopChannel( "QPE/Desktop", this ); | 64 | desktopChannel = new QCopChannel( "QPE/Desktop", this ); |
63 | connect( desktopChannel, SIGNAL(received(const QCString &, const QByteArray &)), | 65 | connect( desktopChannel, SIGNAL(received(const QCString &, const QByteArray &)), |
@@ -66,4 +68,5 @@ QCopBridge::QCopBridge( Q_UINT16 port, QObject *parent, | |||
66 | connect( cardChannel, SIGNAL(received(const QCString &, const QByteArray &)), | 68 | connect( cardChannel, SIGNAL(received(const QCString &, const QByteArray &)), |
67 | this, SLOT(desktopMessage( const QCString &, const QByteArray &)) ); | 69 | this, SLOT(desktopMessage( const QCString &, const QByteArray &)) ); |
70 | #endif | ||
68 | } | 71 | } |
69 | sendSync = FALSE; | 72 | sendSync = FALSE; |
@@ -72,5 +75,7 @@ QCopBridge::QCopBridge( Q_UINT16 port, QObject *parent, | |||
72 | QCopBridge::~QCopBridge() | 75 | QCopBridge::~QCopBridge() |
73 | { | 76 | { |
77 | #ifndef QT_NO_COP | ||
74 | delete desktopChannel; | 78 | delete desktopChannel; |
79 | #endif | ||
75 | } | 80 | } |
76 | 81 | ||
@@ -80,5 +85,7 @@ void QCopBridge::newConnection( int socket ) | |||
80 | openConnections.append( pi ); | 85 | openConnections.append( pi ); |
81 | connect ( pi, SIGNAL( connectionClosed( QCopBridgePI *) ), this, SLOT( connectionClosed( QCopBridgePI *) ) ); | 86 | connect ( pi, SIGNAL( connectionClosed( QCopBridgePI *) ), this, SLOT( connectionClosed( QCopBridgePI *) ) ); |
87 | #ifndef QT_NO_COP | ||
82 | QCopEnvelope( "QPE/System", "setScreenSaverMode(int)" ) << QPEApplication::DisableSuspend; | 88 | QCopEnvelope( "QPE/System", "setScreenSaverMode(int)" ) << QPEApplication::DisableSuspend; |
89 | #endif | ||
83 | 90 | ||
84 | if ( sendSync ) { | 91 | if ( sendSync ) { |
@@ -92,5 +99,7 @@ void QCopBridge::connectionClosed( QCopBridgePI *pi ) | |||
92 | openConnections.remove( pi ); | 99 | openConnections.remove( pi ); |
93 | if ( openConnections.count() == 0 ) { | 100 | if ( openConnections.count() == 0 ) { |
101 | #ifndef QT_NO_COP | ||
94 | QCopEnvelope( "QPE/System", "setScreenSaverMode(int)" ) << QPEApplication::Enable; | 102 | QCopEnvelope( "QPE/System", "setScreenSaverMode(int)" ) << QPEApplication::Enable; |
103 | #endif | ||
95 | } | 104 | } |
96 | } | 105 | } |
@@ -143,12 +152,30 @@ void QCopBridge::desktopMessage( const QCString &command, const QByteArray &args | |||
143 | str = QString::number( i ); | 152 | str = QString::number( i ); |
144 | } else { | 153 | } else { |
145 | qDebug(" cannot route the argument type %s through the qcop bridge", (*it).latin1() ); | 154 | qDebug(" cannot route the argument type %s throught the qcop bridge", (*it).latin1() ); |
146 | return; | 155 | return; |
147 | } | 156 | } |
148 | str.replace( QRegExp("&"), "&" ); | 157 | QString estr; |
149 | str.replace( QRegExp(" "), "&0x20;" ); | 158 | for (int i=0; i<(int)str.length(); i++) { |
150 | str.replace( QRegExp("\n"), "&0x0d;" ); | 159 | QChar ch = str[i]; |
151 | str.replace( QRegExp("\r"), "&0x0a;" ); | 160 | if ( ch.row() ) |
152 | data += " " + str; | 161 | goto quick; |
162 | switch (ch.cell()) { | ||
163 | case '&': | ||
164 | estr.append( "&" ); | ||
165 | break; | ||
166 | case ' ': | ||
167 | estr.append( "&0x20;" ); | ||
168 | break; | ||
169 | case '\n': | ||
170 | estr.append( "&0x0d;" ); | ||
171 | break; | ||
172 | case '\r': | ||
173 | estr.append( "&0x0a;" ); | ||
174 | break; | ||
175 | default: quick: | ||
176 | estr.append(ch); | ||
177 | } | ||
178 | } | ||
179 | data += " " + estr; | ||
153 | } | 180 | } |
154 | } | 181 | } |
@@ -183,5 +210,5 @@ QCopBridgePI::QCopBridgePI( int socket, QObject *parent, const char* name ) | |||
183 | 210 | ||
184 | #ifndef INSECURE | 211 | #ifndef INSECURE |
185 | if ( !accessAuthorized(peeraddress) ) { | 212 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { |
186 | state = Forbidden; | 213 | state = Forbidden; |
187 | startTimer( 0 ); | 214 | startTimer( 0 ); |
@@ -194,5 +221,10 @@ QCopBridgePI::QCopBridgePI( int socket, QObject *parent, const char* name ) | |||
194 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); | 221 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); |
195 | 222 | ||
196 | send( "220 Qtopia QCop bridge ready!" ); | 223 | QString intro="220 Qtopia "; |
224 | intro += QPE_VERSION; intro += ";"; | ||
225 | intro += "challenge="; intro += SyncAuthentication::serverId(); intro += ";"; | ||
226 | intro += "loginname="; intro += SyncAuthentication::loginName(); intro += ";"; | ||
227 | intro += "displayname="; intro += SyncAuthentication::ownerName(); intro += ";"; | ||
228 | send( intro ); | ||
197 | state = Wait_USER; | 229 | state = Wait_USER; |
198 | 230 | ||
@@ -236,35 +268,4 @@ void QCopBridgePI::read() | |||
236 | } | 268 | } |
237 | 269 | ||
238 | bool QCopBridgePI::checkUser( const QString& user ) | ||
239 | { | ||
240 | if ( user.isEmpty() ) return FALSE; | ||
241 | |||
242 | struct passwd *pw; | ||
243 | pw = getpwuid( geteuid() ); | ||
244 | QString euser = QString::fromLocal8Bit( pw->pw_name ); | ||
245 | return user == euser; | ||
246 | } | ||
247 | |||
248 | bool QCopBridgePI::checkPassword( const QString& password ) | ||
249 | { | ||
250 | // ### HACK for testing on local host | ||
251 | return true; | ||
252 | |||
253 | /* | ||
254 | struct passwd *pw = 0; | ||
255 | struct spwd *spw = 0; | ||
256 | |||
257 | pw = getpwuid( geteuid() ); | ||
258 | spw = getspnam( pw->pw_name ); | ||
259 | |||
260 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | ||
261 | if ( cpwd == "x" && spw ) | ||
262 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | ||
263 | |||
264 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | ||
265 | return cpwd == cpassword; | ||
266 | */ | ||
267 | } | ||
268 | |||
269 | void QCopBridgePI::process( const QString& message ) | 270 | void QCopBridgePI::process( const QString& message ) |
270 | { | 271 | { |
@@ -297,5 +298,5 @@ void QCopBridgePI::process( const QString& message ) | |||
297 | if ( Wait_USER == state ) { | 298 | if ( Wait_USER == state ) { |
298 | 299 | ||
299 | if ( cmd != "USER" || msg.count() < 2 || !checkUser( arg ) ) { | 300 | if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) { |
300 | send( "530 Please login with USER and PASS" ); | 301 | send( "530 Please login with USER and PASS" ); |
301 | return; | 302 | return; |
@@ -309,6 +310,5 @@ void QCopBridgePI::process( const QString& message ) | |||
309 | if ( Wait_PASS == state ) { | 310 | if ( Wait_PASS == state ) { |
310 | 311 | ||
311 | if ( cmd != "PASS" || !checkPassword( arg ) ) { | 312 | if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) { |
312 | //if ( cmd != "PASS" || msg.count() < 2 || !checkPassword( arg ) ) { | ||
313 | send( "530 Please login with USER and PASS" ); | 313 | send( "530 Please login with USER and PASS" ); |
314 | return; | 314 | return; |
@@ -390,4 +390,5 @@ void QCopBridgePI::process( const QString& message ) | |||
390 | } | 390 | } |
391 | 391 | ||
392 | #ifndef QT_NO_COP | ||
392 | if ( !QCopChannel::isRegistered( channel.latin1() ) ) { | 393 | if ( !QCopChannel::isRegistered( channel.latin1() ) ) { |
393 | // send message back about it | 394 | // send message back about it |
@@ -396,5 +397,7 @@ void QCopBridgePI::process( const QString& message ) | |||
396 | return; | 397 | return; |
397 | } | 398 | } |
399 | #endif | ||
398 | 400 | ||
401 | #ifndef QT_NO_COP | ||
399 | if ( paramList.count() ) | 402 | if ( paramList.count() ) |
400 | QCopChannel::send( channel.latin1(), command.latin1(), buffer ); | 403 | QCopChannel::send( channel.latin1(), command.latin1(), buffer ); |
@@ -403,4 +406,5 @@ void QCopBridgePI::process( const QString& message ) | |||
403 | 406 | ||
404 | send( "200 Command okay" ); | 407 | send( "200 Command okay" ); |
408 | #endif | ||
405 | } | 409 | } |
406 | } | 410 | } |
diff --git a/core/launcher/qcopbridge.h b/core/launcher/qcopbridge.h index 114b3ee..408d10d 100644 --- a/core/launcher/qcopbridge.h +++ b/core/launcher/qcopbridge.h | |||
@@ -1,6 +1,6 @@ | |||
1 | /********************************************************************** | 1 | /********************************************************************** |
2 | ** Copyright (C) 2000 Trolltech AS. All rights reserved. | 2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. |
3 | ** | 3 | ** |
4 | ** This file is part of Qtopia Environment. | 4 | ** This file is part of the Qtopia Environment. |
5 | ** | 5 | ** |
6 | ** This file may be distributed and/or modified under the terms of the | 6 | ** This file may be distributed and/or modified under the terms of the |
@@ -80,7 +80,4 @@ protected slots: | |||
80 | 80 | ||
81 | protected: | 81 | protected: |
82 | bool checkUser( const QString& user ); | ||
83 | bool checkPassword( const QString& pw ); | ||
84 | |||
85 | void timerEvent( QTimerEvent *e ); | 82 | void timerEvent( QTimerEvent *e ); |
86 | 83 | ||
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index 7294f9c..a6dab07 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp | |||
@@ -1,6 +1,6 @@ | |||
1 | /********************************************************************** | 1 | /********************************************************************** |
2 | ** Copyright (C) 2000 Trolltech AS. All rights reserved. | 2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. |
3 | ** | 3 | ** |
4 | ** This file is part of Qtopia Environment. | 4 | ** This file is part of the Qtopia Environment. |
5 | ** | 5 | ** |
6 | ** This file may be distributed and/or modified under the terms of the | 6 | ** This file may be distributed and/or modified under the terms of the |
@@ -23,4 +23,11 @@ | |||
23 | #include <unistd.h> | 23 | #include <unistd.h> |
24 | #include <stdlib.h> | 24 | #include <stdlib.h> |
25 | #include <time.h> | ||
26 | #include <shadow.h> | ||
27 | |||
28 | extern "C" { | ||
29 | #include <uuid/uuid.h> | ||
30 | #define UUID_H_INCLUDED | ||
31 | } | ||
25 | 32 | ||
26 | #if defined(_OS_LINUX_) | 33 | #if defined(_OS_LINUX_) |
@@ -38,6 +45,12 @@ | |||
38 | //#include <qpe/qcopchannel_qws.h> | 45 | //#include <qpe/qcopchannel_qws.h> |
39 | #include <qpe/process.h> | 46 | #include <qpe/process.h> |
47 | #include <qpe/global.h> | ||
40 | #include <qpe/config.h> | 48 | #include <qpe/config.h> |
49 | #include <qpe/contact.h> | ||
50 | #include <qpe/quuid.h> | ||
51 | #include <qpe/version.h> | ||
52 | #ifdef QWS | ||
41 | #include <qpe/qcopenvelope_qws.h> | 53 | #include <qpe/qcopenvelope_qws.h> |
54 | #endif | ||
42 | 55 | ||
43 | #include "transferserver.h" | 56 | #include "transferserver.h" |
@@ -64,22 +77,128 @@ void TransferServer::newConnection( int socket ) | |||
64 | } | 77 | } |
65 | 78 | ||
66 | bool accessAuthorized(QHostAddress peeraddress) | 79 | QString SyncAuthentication::serverId() |
80 | { | ||
81 | Config cfg("Security"); | ||
82 | cfg.setGroup("Sync"); | ||
83 | QString r=cfg.readEntry("serverid"); | ||
84 | if ( r.isEmpty() ) { | ||
85 | uuid_t uuid; | ||
86 | uuid_generate( uuid ); | ||
87 | cfg.writeEntry("serverid",(r = QUuid( uuid ).toString())); | ||
88 | } | ||
89 | return r; | ||
90 | } | ||
91 | |||
92 | QString SyncAuthentication::ownerName() | ||
93 | { | ||
94 | QString vfilename = Global::applicationFileName("addressbook", | ||
95 | "businesscard.vcf"); | ||
96 | if (QFile::exists(vfilename)) { | ||
97 | Contact c; | ||
98 | c = Contact::readVCard( vfilename )[0]; | ||
99 | return c.fullName(); | ||
100 | } | ||
101 | |||
102 | return ""; | ||
103 | } | ||
104 | |||
105 | QString SyncAuthentication::loginName() | ||
106 | { | ||
107 | struct passwd *pw; | ||
108 | pw = getpwuid( geteuid() ); | ||
109 | return QString::fromLocal8Bit( pw->pw_name ); | ||
110 | } | ||
111 | |||
112 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) | ||
67 | { | 113 | { |
68 | Config cfg("Security"); | 114 | Config cfg("Security"); |
69 | cfg.setGroup("Sync"); | 115 | cfg.setGroup("Sync"); |
70 | uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); | 116 | QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); |
117 | QHostAddress allowed; | ||
118 | allowed.setAddress(allowedstr); | ||
119 | uint auth_peer = allowed.ip4Addr(); | ||
71 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); | 120 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); |
72 | bool ok = (peeraddress.ip4Addr() & (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits))) | 121 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined |
73 | == auth_peer; | 122 | ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); |
74 | /* Allows denial-of-service attack. | 123 | return (peeraddress.ip4Addr() & mask) == auth_peer; |
75 | if ( !ok ) { | 124 | } |
76 | QMessageBox::warning(0,tr("Security"), | 125 | |
77 | tr("<p>An attempt to access this device from %1 has been denied.") | 126 | bool SyncAuthentication::checkUser( const QString& user ) |
78 | .arg(peeraddress.toString())); | 127 | { |
128 | if ( user.isEmpty() ) return FALSE; | ||
129 | QString euser = loginName(); | ||
130 | return user == euser; | ||
131 | } | ||
132 | |||
133 | bool SyncAuthentication::checkPassword( const QString& password ) | ||
134 | { | ||
135 | #ifdef ALLOW_UNIX_USER_FTP | ||
136 | // First, check system password... | ||
137 | |||
138 | struct passwd *pw = 0; | ||
139 | struct spwd *spw = 0; | ||
140 | |||
141 | pw = getpwuid( geteuid() ); | ||
142 | spw = getspnam( pw->pw_name ); | ||
143 | |||
144 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | ||
145 | if ( cpwd == "x" && spw ) | ||
146 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | ||
147 | |||
148 | // Note: some systems use more than crypt for passwords. | ||
149 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | ||
150 | if ( cpwd == cpassword ) | ||
151 | return TRUE; | ||
152 | #endif | ||
153 | |||
154 | static int lastdenial=0; | ||
155 | static int denials=0; | ||
156 | int now = time(0); | ||
157 | |||
158 | // Detect old Qtopia Desktop (no password) | ||
159 | if ( password.isEmpty() ) { | ||
160 | if ( denials < 1 || now > lastdenial+600 ) { | ||
161 | QMessageBox::warning( 0,tr("Sync Connection"), | ||
162 | tr("<p>An unauthorized system is requesting access to this device." | ||
163 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " | ||
164 | "please upgrade."), | ||
165 | tr("Deny") ); | ||
166 | denials++; | ||
167 | lastdenial=now; | ||
79 | } | 168 | } |
80 | */ | 169 | return FALSE; |
81 | return ok; | ||
82 | } | 170 | } |
83 | 171 | ||
172 | // Second, check sync password... | ||
173 | if ( password.left(6) == "Qtopia" ) { | ||
174 | QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); | ||
175 | Config cfg("Security"); | ||
176 | cfg.setGroup("Sync"); | ||
177 | QString pwds = cfg.readEntry("Passwords"); | ||
178 | if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) | ||
179 | return TRUE; | ||
180 | |||
181 | // Unrecognized system. Be careful... | ||
182 | |||
183 | if ( (denials > 2 && now < lastdenial+600) | ||
184 | || QMessageBox::warning(0,tr("Sync Connection"), | ||
185 | tr("<p>An unrecognized system is requesting access to this device." | ||
186 | "<p>If you have just initiated a Sync for the first time, this is normal."), | ||
187 | tr("Allow"),tr("Deny"))==1 ) | ||
188 | { | ||
189 | denials++; | ||
190 | lastdenial=now; | ||
191 | return FALSE; | ||
192 | } else { | ||
193 | denials=0; | ||
194 | cfg.writeEntry("Passwords",pwds+" "+cpassword); | ||
195 | return TRUE; | ||
196 | } | ||
197 | } | ||
198 | |||
199 | return FALSE; | ||
200 | } | ||
201 | |||
202 | |||
84 | ServerPI::ServerPI( int socket, QObject *parent, const char* name ) | 203 | ServerPI::ServerPI( int socket, QObject *parent, const char* name ) |
85 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) | 204 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) |
@@ -93,5 +212,5 @@ ServerPI::ServerPI( int socket, QObject *parent, const char* name ) | |||
93 | 212 | ||
94 | #ifndef INSECURE | 213 | #ifndef INSECURE |
95 | if ( !accessAuthorized(peeraddress) ) { | 214 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { |
96 | state = Forbidden; | 215 | state = Forbidden; |
97 | startTimer( 0 ); | 216 | startTimer( 0 ); |
@@ -106,5 +225,5 @@ ServerPI::ServerPI( int socket, QObject *parent, const char* name ) | |||
106 | wait[i] = FALSE; | 225 | wait[i] = FALSE; |
107 | 226 | ||
108 | send( "220 Qtopia transfer service ready!" ); | 227 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); |
109 | state = Wait_USER; | 228 | state = Wait_USER; |
110 | 229 | ||
@@ -152,35 +271,4 @@ void ServerPI::read() | |||
152 | } | 271 | } |
153 | 272 | ||
154 | bool ServerPI::checkUser( const QString& user ) | ||
155 | { | ||
156 | if ( user.isEmpty() ) return FALSE; | ||
157 | |||
158 | struct passwd *pw; | ||
159 | pw = getpwuid( geteuid() ); | ||
160 | QString euser = QString::fromLocal8Bit( pw->pw_name ); | ||
161 | return user == euser; | ||
162 | } | ||
163 | |||
164 | bool ServerPI::checkPassword( const QString& /* password */ ) | ||
165 | { | ||
166 | // ### HACK for testing on local host | ||
167 | return true; | ||
168 | |||
169 | /* | ||
170 | struct passwd *pw = 0; | ||
171 | struct spwd *spw = 0; | ||
172 | |||
173 | pw = getpwuid( geteuid() ); | ||
174 | spw = getspnam( pw->pw_name ); | ||
175 | |||
176 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | ||
177 | if ( cpwd == "x" && spw ) | ||
178 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | ||
179 | |||
180 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | ||
181 | return cpwd == cpassword; | ||
182 | */ | ||
183 | } | ||
184 | |||
185 | bool ServerPI::checkReadFile( const QString& file ) | 273 | bool ServerPI::checkReadFile( const QString& file ) |
186 | { | 274 | { |
@@ -255,5 +343,5 @@ void ServerPI::process( const QString& message ) | |||
255 | if ( Wait_USER == state ) { | 343 | if ( Wait_USER == state ) { |
256 | 344 | ||
257 | if ( cmd != "USER" || msg.count() < 2 || !checkUser( arg ) ) { | 345 | if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) { |
258 | send( "530 Please login with USER and PASS" ); | 346 | send( "530 Please login with USER and PASS" ); |
259 | return; | 347 | return; |
@@ -267,6 +355,5 @@ void ServerPI::process( const QString& message ) | |||
267 | if ( Wait_PASS == state ) { | 355 | if ( Wait_PASS == state ) { |
268 | 356 | ||
269 | if ( cmd != "PASS" || !checkPassword( arg ) ) { | 357 | if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) { |
270 | //if ( cmd != "PASS" || msg.count() < 2 || !checkPassword( arg ) ) { | ||
271 | send( "530 Please login with USER and PASS" ); | 358 | send( "530 Please login with USER and PASS" ); |
272 | return; | 359 | return; |
@@ -455,10 +542,13 @@ void ServerPI::process( const QString& message ) | |||
455 | else { | 542 | else { |
456 | QFile file( absFilePath( args ) ) ; | 543 | QFile file( absFilePath( args ) ) ; |
457 | if ( file.remove() ) | 544 | if ( file.remove() ) { |
458 | send( "250 Requested file action okay, completed" ); | 545 | send( "250 Requested file action okay, completed" ); |
459 | else | 546 | QCopEnvelope e("QPE/System", "linkChanged(QString)" ); |
547 | e << file.name(); | ||
548 | } else { | ||
460 | send( "550 Requested action not taken" ); | 549 | send( "550 Requested action not taken" ); |
461 | } | 550 | } |
462 | } | 551 | } |
552 | } | ||
463 | 553 | ||
464 | // remove directory (RMD) | 554 | // remove directory (RMD) |
@@ -635,7 +725,14 @@ bool ServerPI::parsePort( const QString& pp ) | |||
635 | void ServerPI::dtpCompleted() | 725 | void ServerPI::dtpCompleted() |
636 | { | 726 | { |
637 | dtp->close(); | ||
638 | waitsocket = 0; | ||
639 | send( "226 Closing data connection, file transfer successful" ); | 727 | send( "226 Closing data connection, file transfer successful" ); |
728 | if ( dtp->dtpMode() == ServerDTP::RetrieveFile ) { | ||
729 | QString fn = dtp->fileName(); | ||
730 | if ( fn.right(8)==".desktop" && fn.find("/Documents/")>=0 ) { | ||
731 | QCopEnvelope e("QPE/System", "linkChanged(QString)" ); | ||
732 | e << fn; | ||
733 | } | ||
734 | } | ||
735 | waitsocket = 0; | ||
736 | dtp->close(); | ||
640 | } | 737 | } |
641 | 738 | ||
@@ -853,5 +950,5 @@ void ServerPI::timerEvent( QTimerEvent * ) | |||
853 | 950 | ||
854 | 951 | ||
855 | ServerDTP::ServerDTP( QObject *parent, const char* name ) | 952 | ServerDTP::ServerDTP( QObject *parent = 0, const char* name = 0) |
856 | : QSocket( parent, name ), mode( Idle ), createTargzProc( 0 ), | 953 | : QSocket( parent, name ), mode( Idle ), createTargzProc( 0 ), |
857 | retrieveTargzProc( 0 ), gzipProc( 0 ) | 954 | retrieveTargzProc( 0 ), gzipProc( 0 ) |
@@ -892,6 +989,8 @@ void ServerDTP::extractTarDone() | |||
892 | { | 989 | { |
893 | qDebug("extract done"); | 990 | qDebug("extract done"); |
991 | #ifndef QT_NO_COP | ||
894 | QCopEnvelope e( "QPE/Desktop", "restoreDone(QString)" ); | 992 | QCopEnvelope e( "QPE/Desktop", "restoreDone(QString)" ); |
895 | e << file.name(); | 993 | e << file.name(); |
994 | #endif | ||
896 | } | 995 | } |
897 | 996 | ||
diff --git a/core/launcher/transferserver.h b/core/launcher/transferserver.h index 076e460..a3bb060 100644 --- a/core/launcher/transferserver.h +++ b/core/launcher/transferserver.h | |||
@@ -1,6 +1,6 @@ | |||
1 | /********************************************************************** | 1 | /********************************************************************** |
2 | ** Copyright (C) 2000 Trolltech AS. All rights reserved. | 2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. |
3 | ** | 3 | ** |
4 | ** This file is part of Qtopia Environment. | 4 | ** This file is part of the Qtopia Environment. |
5 | ** | 5 | ** |
6 | ** This file may be distributed and/or modified under the terms of the | 6 | ** This file may be distributed and/or modified under the terms of the |
@@ -37,4 +37,18 @@ public: | |||
37 | }; | 37 | }; |
38 | 38 | ||
39 | class SyncAuthentication : QObject | ||
40 | { | ||
41 | Q_OBJECT | ||
42 | |||
43 | public: | ||
44 | static int isAuthorized(QHostAddress peeraddress); | ||
45 | static bool checkPassword(const QString& pw); | ||
46 | static bool checkUser(const QString& user); | ||
47 | |||
48 | static QString serverId(); | ||
49 | static QString loginName(); | ||
50 | static QString ownerName(); | ||
51 | }; | ||
52 | |||
39 | 53 | ||
40 | class ServerDTP : public QSocket | 54 | class ServerDTP : public QSocket |
@@ -66,4 +80,5 @@ public: | |||
66 | Mode dtpMode() { return mode; } | 80 | Mode dtpMode() { return mode; } |
67 | QByteArray buffer() { return buf.buffer(); } | 81 | QByteArray buffer() { return buf.buffer(); } |
82 | QString fileName() const { return file.name(); } | ||
68 | 83 | ||
69 | void setSocket( int socket ); | 84 | void setSocket( int socket ); |
@@ -132,6 +147,4 @@ protected slots: | |||
132 | 147 | ||
133 | protected: | 148 | protected: |
134 | bool checkUser( const QString& user ); | ||
135 | bool checkPassword( const QString& pw ); | ||
136 | bool checkReadFile( const QString& file ); | 149 | bool checkReadFile( const QString& file ); |
137 | bool checkWriteFile( const QString& file ); | 150 | bool checkWriteFile( const QString& file ); |
@@ -165,4 +178,2 @@ private: | |||
165 | int waitsocket; | 178 | int waitsocket; |
166 | }; | 179 | }; |
167 | |||
168 | bool accessAuthorized(QHostAddress peeraddress); | ||