1 files changed, 153 insertions, 54 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index 7294f9c..a6dab07 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -1,6 +1,6 @@
 /**********************************************************************
-** Copyright (C) 2000 Trolltech AS.  All rights reserved.
+** Copyright (C) 2000-2002 Trolltech AS.  All rights reserved.
 **
-** This file is part of Qtopia Environment.
+** This file is part of the Qtopia Environment.
 **
 ** This file may be distributed and/or modified under the terms of the
@@ -23,4 +23,11 @@
 #include <unistd.h>
 #include <stdlib.h>
+#include <time.h>
+#include <shadow.h>
+extern "C" {
+#include <uuid/uuid.h>
+#define UUID_H_INCLUDED
+}
 #if defined(_OS_LINUX_)
@@ -38,6 +45,12 @@
 //#include <qpe/qcopchannel_qws.h>
 #include <qpe/process.h>
+#include <qpe/global.h>
 #include <qpe/config.h>
+#include <qpe/contact.h>
+#include <qpe/quuid.h>
+#include <qpe/version.h>
+#ifdef QWS
 #include <qpe/qcopenvelope_qws.h>
+#endif
 #include "transferserver.h"
@@ -64,22 +77,128 @@ void TransferServer::newConnection( int socket )
 }
-bool accessAuthorized(QHostAddress peeraddress)
+QString SyncAuthentication::serverId()
+{
+    Config cfg("Security");
+    cfg.setGroup("Sync");
+    QString r=cfg.readEntry("serverid");
+    if ( r.isEmpty() ) {
+        uuid_t uuid;
+        uuid_generate( uuid );
+        cfg.writeEntry("serverid",(r = QUuid( uuid ).toString()));
+    }
+    return r;
+}
+QString SyncAuthentication::ownerName()
+{
+    QString vfilename = Global::applicationFileName("addressbook",
+                "businesscard.vcf");
+    if (QFile::exists(vfilename)) {
+        Contact c;
+        c = Contact::readVCard( vfilename )[0];
+        return c.fullName();
+    }
+    return "";
+}
+QString SyncAuthentication::loginName()
+{
+    struct passwd *pw;
+    pw = getpwuid( geteuid() );
+    return QString::fromLocal8Bit( pw->pw_name );
+}
+int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
 {
    Config cfg("Security");
    cfg.setGroup("Sync");
-    uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100);
+    QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
+    QHostAddress allowed;
+    allowed.setAddress(allowedstr);
+    uint auth_peer = allowed.ip4Addr();
    uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);
-    bool ok = (peeraddress.ip4Addr() & (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)))
+    uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
-                    == auth_peer;
+        ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits));
-    /* Allows denial-of-service attack.
+    return (peeraddress.ip4Addr() & mask) == auth_peer;
-    if ( !ok ) {
+}
-        QMessageBox::warning(0,tr("Security"),
-            tr("<p>An attempt to access this device from %1 has been denied.")
+bool SyncAuthentication::checkUser( const QString& user )
-                .arg(peeraddress.toString()));
+{
+    if ( user.isEmpty() ) return FALSE;
+    QString euser = loginName();
+    return user == euser;
+}
+bool SyncAuthentication::checkPassword( const QString& password )
+{
+#ifdef ALLOW_UNIX_USER_FTP
+    // First, check system password...
+    struct passwd *pw = 0;
+    struct spwd *spw = 0;
+    pw = getpwuid( geteuid() );
+    spw = getspnam( pw->pw_name );
+    QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
+    if ( cpwd == "x" && spw )
+        cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
+    // Note: some systems use more than crypt for passwords.
+    QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
+    if ( cpwd == cpassword )
+        return TRUE;
+#endif
+    static int lastdenial=0;
+    static int denials=0;
+    int now = time(0);
+    // Detect old Qtopia Desktop (no password)
+    if ( password.isEmpty() ) {
+        if ( denials < 1 || now > lastdenial+600 ) {
+            QMessageBox::warning( 0,tr("Sync Connection"),
+                tr("<p>An unauthorized system is requesting access to this device."
+                    "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
+                    "please upgrade."),
+                tr("Deny") );
+            denials++;
+            lastdenial=now;
    }
-    */
+        return FALSE;
-    return ok;
 }
+    // Second, check sync password...
+    if ( password.left(6) == "Qtopia" ) {
+        QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) );
+        Config cfg("Security");
+        cfg.setGroup("Sync");
+        QString pwds = cfg.readEntry("Passwords");
+        if ( QStringList::split(QChar(' '),pwds).contains(cpassword) )
+            return TRUE;
+        // Unrecognized system. Be careful...
+        if ( (denials > 2 && now < lastdenial+600)
+            || QMessageBox::warning(0,tr("Sync Connection"),
+                tr("<p>An unrecognized system is requesting access to this device."
+                    "<p>If you have just initiated a Sync for the first time, this is normal."),
+                tr("Allow"),tr("Deny"))==1 )
+        {
+            denials++;
+            lastdenial=now;
+            return FALSE;
+        } else {
+            denials=0;
+            cfg.writeEntry("Passwords",pwds+" "+cpassword);
+            return TRUE;
+        }
+    }
+    return FALSE;
+}
 ServerPI::ServerPI( int socket, QObject *parent, const char* name )
    : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )
@@ -93,5 +212,5 @@ ServerPI::ServerPI( int socket, QObject *parent, const char* name )
 #ifndef INSECURE
-    if ( !accessAuthorized(peeraddress) ) {
+    if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
        state = Forbidden;
        startTimer( 0 );
@@ -106,5 +225,5 @@ ServerPI::ServerPI( int socket, QObject *parent, const char* name )
            wait[i] = FALSE;
-        send( "220 Qtopia transfer service ready!" );
+        send( "220 Qtopia " QPE_VERSION " FTP Server" );
        state = Wait_USER;
@@ -152,35 +271,4 @@ void ServerPI::read()
 }
-bool ServerPI::checkUser( const QString& user )
-{
-    if ( user.isEmpty() ) return FALSE;
-    struct passwd *pw;
-    pw = getpwuid( geteuid() );
-    QString euser = QString::fromLocal8Bit( pw->pw_name );
-    return user == euser;
-}
-bool ServerPI::checkPassword( const QString& /* password */ )
-{
-    // ### HACK for testing on local host
-    return true;
-    /*
-    struct passwd *pw = 0;
-    struct spwd *spw = 0;
-    pw = getpwuid( geteuid() );
-    spw = getspnam( pw->pw_name );
-    QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
-    if ( cpwd == "x" && spw )
-        cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
-    QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
-    return cpwd == cpassword;
-*/
-}
 bool ServerPI::checkReadFile( const QString& file )
 {
@@ -255,5 +343,5 @@ void ServerPI::process( const QString& message )
    if ( Wait_USER == state ) {
-        if ( cmd != "USER" || msg.count() < 2 || !checkUser( arg ) ) {
+        if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) {
            send( "530 Please login with USER and PASS" );
            return;
@@ -267,6 +355,5 @@ void ServerPI::process( const QString& message )
    if ( Wait_PASS == state ) {
-        if ( cmd != "PASS" || !checkPassword( arg ) ) {
+        if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) {
-        //if ( cmd != "PASS" || msg.count() < 2 || !checkPassword( arg ) ) {
            send( "530 Please login with USER and PASS" );
            return;
@@ -455,10 +542,13 @@ void ServerPI::process( const QString& message )
        else {
            QFile file( absFilePath( args ) ) ;
-            if ( file.remove() )
+            if ( file.remove() ) {
                send( "250 Requested file action okay, completed" );
-            else
+                QCopEnvelope e("QPE/System", "linkChanged(QString)" );
+                e << file.name();
+            } else {
                send( "550 Requested action not taken" );
        }
    }
+    }
    // remove directory (RMD)
@@ -635,7 +725,14 @@ bool ServerPI::parsePort( const QString& pp )
 void ServerPI::dtpCompleted()
 {
-    dtp->close();
-    waitsocket = 0;
    send( "226 Closing data connection, file transfer successful" );
+    if ( dtp->dtpMode() == ServerDTP::RetrieveFile ) {
+        QString fn = dtp->fileName();
+        if ( fn.right(8)==".desktop" && fn.find("/Documents/")>=0 ) {
+            QCopEnvelope e("QPE/System", "linkChanged(QString)" );
+            e << fn;
+        }
+    }
+    waitsocket = 0;
+    dtp->close();
 }
@@ -853,5 +950,5 @@ void ServerPI::timerEvent( QTimerEvent * )
-ServerDTP::ServerDTP( QObject *parent, const char* name )
+ServerDTP::ServerDTP( QObject *parent = 0, const char* name = 0)
  : QSocket( parent, name ), mode( Idle ), createTargzProc( 0 ),
 retrieveTargzProc( 0 ), gzipProc( 0 )
@@ -892,6 +989,8 @@ void ServerDTP::extractTarDone()
 {
    qDebug("extract done");
+#ifndef QT_NO_COP
    QCopEnvelope e( "QPE/Desktop", "restoreDone(QString)" );
    e << file.name();
+#endif
 }

diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index 7294f9c..a6dab07 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp
@@ -1,6 +1,6 @@
1	/**********************************************************************	1	/**********************************************************************
2	** Copyright (C) 2000 Trolltech AS. All rights reserved.	2	** Copyright (C) 2000-2002 Trolltech AS. All rights reserved.
3	**	3	**
4	** This file is part of Qtopia Environment.	4	** This file is part of the Qtopia Environment.
5	**	5	**
6	** This file may be distributed and/or modified under the terms of the	6	** This file may be distributed and/or modified under the terms of the
@@ -23,4 +23,11 @@
23	#include <unistd.h>	23	#include <unistd.h>
24	#include <stdlib.h>	24	#include <stdlib.h>
		25	#include <time.h>
		26	#include <shadow.h>
		27
		28	extern "C" {
		29	#include <uuid/uuid.h>
		30	#define UUID_H_INCLUDED
		31	}
25		32
26	#if defined(_OS_LINUX_)	33	#if defined(_OS_LINUX_)
@@ -38,6 +45,12 @@
38	//#include <qpe/qcopchannel_qws.h>	45	//#include <qpe/qcopchannel_qws.h>
39	#include <qpe/process.h>	46	#include <qpe/process.h>
		47	#include <qpe/global.h>
40	#include <qpe/config.h>	48	#include <qpe/config.h>
		49	#include <qpe/contact.h>
		50	#include <qpe/quuid.h>
		51	#include <qpe/version.h>
		52	#ifdef QWS
41	#include <qpe/qcopenvelope_qws.h>	53	#include <qpe/qcopenvelope_qws.h>
		54	#endif
42		55
43	#include "transferserver.h"	56	#include "transferserver.h"
@@ -64,22 +77,128 @@ void TransferServer::newConnection( int socket )
64	}	77	}
65		78
66	bool accessAuthorized(QHostAddress peeraddress)	79	QString SyncAuthentication::serverId()
		80	{
		81	Config cfg("Security");
		82	cfg.setGroup("Sync");
		83	QString r=cfg.readEntry("serverid");
		84	if ( r.isEmpty() ) {
		85	uuid_t uuid;
		86	uuid_generate( uuid );
		87	cfg.writeEntry("serverid",(r = QUuid( uuid ).toString()));
		88	}
		89	return r;
		90	}
		91
		92	QString SyncAuthentication::ownerName()
		93	{
		94	QString vfilename = Global::applicationFileName("addressbook",
		95	"businesscard.vcf");
		96	if (QFile::exists(vfilename)) {
		97	Contact c;
		98	c = Contact::readVCard( vfilename )[0];
		99	return c.fullName();
		100	}
		101
		102	return "";
		103	}
		104
		105	QString SyncAuthentication::loginName()
		106	{
		107	struct passwd *pw;
		108	pw = getpwuid( geteuid() );
		109	return QString::fromLocal8Bit( pw->pw_name );
		110	}
		111
		112	int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
67	{	113	{
68	Config cfg("Security");	114	Config cfg("Security");
69	cfg.setGroup("Sync");	115	cfg.setGroup("Sync");
70	uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100);	116	QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
		117	QHostAddress allowed;
		118	allowed.setAddress(allowedstr);
		119	uint auth_peer = allowed.ip4Addr();
71	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);	120	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);
72	bool ok = (peeraddress.ip4Addr() & (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)))	121	uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
73	== auth_peer;	122	? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits));
74	/* Allows denial-of-service attack.	123	return (peeraddress.ip4Addr() & mask) == auth_peer;
75	if ( !ok ) {	124	}
76	QMessageBox::warning(0,tr("Security"),	125
77	tr("<p>An attempt to access this device from %1 has been denied.")	126	bool SyncAuthentication::checkUser( const QString& user )
78	.arg(peeraddress.toString()));	127	{
		128	if ( user.isEmpty() ) return FALSE;
		129	QString euser = loginName();
		130	return user == euser;
		131	}
		132
		133	bool SyncAuthentication::checkPassword( const QString& password )
		134	{
		135	#ifdef ALLOW_UNIX_USER_FTP
		136	// First, check system password...
		137
		138	struct passwd *pw = 0;
		139	struct spwd *spw = 0;
		140
		141	pw = getpwuid( geteuid() );
		142	spw = getspnam( pw->pw_name );
		143
		144	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
		145	if ( cpwd == "x" && spw )
		146	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
		147
		148	// Note: some systems use more than crypt for passwords.
		149	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
		150	if ( cpwd == cpassword )
		151	return TRUE;
		152	#endif
		153
		154	static int lastdenial=0;
		155	static int denials=0;
		156	int now = time(0);
		157
		158	// Detect old Qtopia Desktop (no password)
		159	if ( password.isEmpty() ) {
		160	if ( denials < 1 \|\| now > lastdenial+600 ) {
		161	QMessageBox::warning( 0,tr("Sync Connection"),
		162	tr("<p>An unauthorized system is requesting access to this device."
		163	"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
		164	"please upgrade."),
		165	tr("Deny") );
		166	denials++;
		167	lastdenial=now;
79	}	168	}
80	*/	169	return FALSE;
81	return ok;
82	}	170	}
83		171
		172	// Second, check sync password...
		173	if ( password.left(6) == "Qtopia" ) {
		174	QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) );
		175	Config cfg("Security");
		176	cfg.setGroup("Sync");
		177	QString pwds = cfg.readEntry("Passwords");
		178	if ( QStringList::split(QChar(' '),pwds).contains(cpassword) )
		179	return TRUE;
		180
		181	// Unrecognized system. Be careful...
		182
		183	if ( (denials > 2 && now < lastdenial+600)
		184	\|\| QMessageBox::warning(0,tr("Sync Connection"),
		185	tr("<p>An unrecognized system is requesting access to this device."
		186	"<p>If you have just initiated a Sync for the first time, this is normal."),
		187	tr("Allow"),tr("Deny"))==1 )
		188	{
		189	denials++;
		190	lastdenial=now;
		191	return FALSE;
		192	} else {
		193	denials=0;
		194	cfg.writeEntry("Passwords",pwds+" "+cpassword);
		195	return TRUE;
		196	}
		197	}
		198
		199	return FALSE;
		200	}
		201
		202
84	ServerPI::ServerPI( int socket, QObject parent, const char name )	203	ServerPI::ServerPI( int socket, QObject parent, const char name )
85	: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )	204	: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )
@@ -93,5 +212,5 @@ ServerPI::ServerPI( int socket, QObject parent, const char name )
93		212
94	#ifndef INSECURE	213	#ifndef INSECURE
95	if ( !accessAuthorized(peeraddress) ) {	214	if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
96	state = Forbidden;	215	state = Forbidden;
97	startTimer( 0 );	216	startTimer( 0 );
@@ -106,5 +225,5 @@ ServerPI::ServerPI( int socket, QObject parent, const char name )
106	wait[i] = FALSE;	225	wait[i] = FALSE;
107		226
108	send( "220 Qtopia transfer service ready!" );	227	send( "220 Qtopia " QPE_VERSION " FTP Server" );
109	state = Wait_USER;	228	state = Wait_USER;
110		229
@@ -152,35 +271,4 @@ void ServerPI::read()
152	}	271	}
153		272
154	bool ServerPI::checkUser( const QString& user )
155	{
156	if ( user.isEmpty() ) return FALSE;
157
158	struct passwd *pw;
159	pw = getpwuid( geteuid() );
160	QString euser = QString::fromLocal8Bit( pw->pw_name );
161	return user == euser;
162	}
163
164	bool ServerPI::checkPassword( const QString& /* password */ )
165	{
166	// ### HACK for testing on local host
167	return true;
168
169	/*
170	struct passwd *pw = 0;
171	struct spwd *spw = 0;
172
173	pw = getpwuid( geteuid() );
174	spw = getspnam( pw->pw_name );
175
176	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
177	if ( cpwd == "x" && spw )
178	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
179
180	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
181	return cpwd == cpassword;
182	*/
183	}
184
185	bool ServerPI::checkReadFile( const QString& file )	273	bool ServerPI::checkReadFile( const QString& file )
186	{	274	{
@@ -255,5 +343,5 @@ void ServerPI::process( const QString& message )
255	if ( Wait_USER == state ) {	343	if ( Wait_USER == state ) {
256		344
257	if ( cmd != "USER" \|\| msg.count() < 2 \|\| !checkUser( arg ) ) {	345	if ( cmd != "USER" \|\| msg.count() < 2 \|\| !SyncAuthentication::checkUser( arg ) ) {
258	send( "530 Please login with USER and PASS" );	346	send( "530 Please login with USER and PASS" );
259	return;	347	return;
@@ -267,6 +355,5 @@ void ServerPI::process( const QString& message )
267	if ( Wait_PASS == state ) {	355	if ( Wait_PASS == state ) {
268		356
269	if ( cmd != "PASS" \|\| !checkPassword( arg ) ) {	357	if ( cmd != "PASS" \|\| !SyncAuthentication::checkPassword( arg ) ) {
270	//if ( cmd != "PASS" \|\| msg.count() < 2 \|\| !checkPassword( arg ) ) {
271	send( "530 Please login with USER and PASS" );	358	send( "530 Please login with USER and PASS" );
272	return;	359	return;
@@ -455,10 +542,13 @@ void ServerPI::process( const QString& message )
455	else {	542	else {
456	QFile file( absFilePath( args ) ) ;	543	QFile file( absFilePath( args ) ) ;
457	if ( file.remove() )	544	if ( file.remove() ) {
458	send( "250 Requested file action okay, completed" );	545	send( "250 Requested file action okay, completed" );
459	else	546	QCopEnvelope e("QPE/System", "linkChanged(QString)" );
		547	e << file.name();
		548	} else {
460	send( "550 Requested action not taken" );	549	send( "550 Requested action not taken" );
461	}	550	}
462	}	551	}
		552	}
463		553
464	// remove directory (RMD)	554	// remove directory (RMD)
@@ -635,7 +725,14 @@ bool ServerPI::parsePort( const QString& pp )
635	void ServerPI::dtpCompleted()	725	void ServerPI::dtpCompleted()
636	{	726	{
637	dtp->close();
638	waitsocket = 0;
639	send( "226 Closing data connection, file transfer successful" );	727	send( "226 Closing data connection, file transfer successful" );
		728	if ( dtp->dtpMode() == ServerDTP::RetrieveFile ) {
		729	QString fn = dtp->fileName();
		730	if ( fn.right(8)==".desktop" && fn.find("/Documents/")>=0 ) {
		731	QCopEnvelope e("QPE/System", "linkChanged(QString)" );
		732	e << fn;
		733	}
		734	}
		735	waitsocket = 0;
		736	dtp->close();
640	}	737	}
641		738
@@ -853,5 +950,5 @@ void ServerPI::timerEvent( QTimerEvent * )
853		950
854		951
855	ServerDTP::ServerDTP( QObject parent, const char name )	952	ServerDTP::ServerDTP( QObject parent = 0, const char name = 0)
856	: QSocket( parent, name ), mode( Idle ), createTargzProc( 0 ),	953	: QSocket( parent, name ), mode( Idle ), createTargzProc( 0 ),
857	retrieveTargzProc( 0 ), gzipProc( 0 )	954	retrieveTargzProc( 0 ), gzipProc( 0 )
@@ -892,6 +989,8 @@ void ServerDTP::extractTarDone()
892	{	989	{
893	qDebug("extract done");	990	qDebug("extract done");
		991	#ifndef QT_NO_COP
894	QCopEnvelope e( "QPE/Desktop", "restoreDone(QString)" );	992	QCopEnvelope e( "QPE/Desktop", "restoreDone(QString)" );
895	e << file.name();	993	e << file.name();
		994	#endif
896	}	995	}
897		996