1 files changed, 30 insertions, 20 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index 439e110..eea9f3a 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -148,123 +148,133 @@ QString SyncAuthentication::loginName()
 int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
 {
    Config cfg("Security");
        cfg.setGroup("Sync");
        //    QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
        uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);
        //    QHostAddress allowed;
        //    allowed.setAddress(allowedstr);
        //    uint auth_peer = allowed.ip4Addr();
        uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);
        uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
                    ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
        return (peeraddress.ip4Addr() & mask) == auth_peer;
 }
 bool SyncAuthentication::checkUser( const QString& user )
 {
    if ( user.isEmpty() ) return FALSE;
    QString euser = loginName();
    return user == euser;
 }
 bool SyncAuthentication::checkPassword( const QString& password )
 {
 #ifdef ALLOW_UNIX_USER_FTP
    // First, check system password...
    struct passwd *pw = 0;
    struct spwd *spw = 0;
    pw = getpwuid( geteuid() );
    spw = getspnam( pw->pw_name );
    QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
    if ( cpwd == "x" && spw )
        cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
    // Note: some systems use more than crypt for passwords.
    QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
    if ( cpwd == cpassword )
        return TRUE;
 #endif
    static int lastdenial=0;
    static int denials=0;
    int now = time(0);
+ 
+    Config cfg("Security");
+    cfg.setGroup("Sync");    
+    QString syncapp = cfg.readEntry("syncapp","Qtopia");
+    
+    //No password needed if the user really wants it
+    if (syncapp == "IntelliSync") {
+            return TRUE;
+            }
+      
    // Detect old Qtopia Desktop (no password)
-    if ( password.isEmpty() ) {
+            if ( password.isEmpty() ) {
-        if ( denials < 1 || now > lastdenial+600 ) {
+                if ( denials < 3 || now > lastdenial+600 ) {
-            QMessageBox unauth(
+                    QMessageBox unauth(
-                tr("Sync Connection"),
+                        tr("Sync Connection"),
-                tr("<p>An unauthorized system is requesting access to this device."
+                        tr("<p>An unauthorized system is requesting access to this device."
-                    "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
+                            "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
-                    "please upgrade."),
+                            "please upgrade or change the security setting to use IntelliSync." ),
-                QMessageBox::Warning,
+                        QMessageBox::Warning,
-                QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
+                        QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
-                0, QString::null, TRUE, WStyle_StaysOnTop);
+                        0, QString::null, TRUE, WStyle_StaysOnTop);
-            unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
+                    unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
-            unauth.exec();
+                    unauth.exec();
-            denials++;
+                    denials++;
-            lastdenial=now;
+                    lastdenial=now;
-        }
+                 } 
-        return FALSE;
+                return FALSE;
-    }
+           
+    } 
    // Second, check sync password...
    static int lock=0;
    if ( lock ) return FALSE;
-    ++lock;
+    ++lock;    
    /*
     *  we need to support old Sync software and QtopiaDesktop
     */
    if ( password.left(6) == "Qtopia" || password.left(6) == "rootme" ) {
        Config cfg( "Security" );
        cfg.setGroup("Sync");
        QStringList pwds = cfg.readListEntry("Passwords",' ');
        for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
 #ifndef Q_OS_WIN32
            QString cpassword = QString::fromLocal8Bit(
                crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
 #else
            // ### revise
            QString cpassword("");
 #endif
            if ( *it == cpassword ) {
                lock--;
                return TRUE;
            }
        }
        // Unrecognized system. Be careful...
        QMessageBox unrecbox(
            tr("Sync Connection"),
                    tr("<p>An unrecognized system is requesting access to this device."
                "<p>If you have just initiated a Sync for the first time, this is normal."),
                QMessageBox::Warning,
                QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
                0, QString::null, TRUE, WStyle_StaysOnTop);
        unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
        unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
        if ( (denials > 2 && now < lastdenial+600)
            || unrecbox.exec() != QMessageBox::Yes)
        {
            denials++;
            lastdenial=now;
            lock--;
            return FALSE;
        } else {
            const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
            char salt[2];
            salt[0]= salty[rand() % (sizeof(salty)-1)];
            salt[1]= salty[rand() % (sizeof(salty)-1)];
 #ifndef Q_OS_WIN32
            QString cpassword = QString::fromLocal8Bit(
                crypt( password.mid(8).local8Bit(), salt ) );

diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index 439e110..eea9f3a 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp
@@ -148,123 +148,133 @@ QString SyncAuthentication::loginName()
148	int SyncAuthentication::isAuthorized(QHostAddress peeraddress)	148	int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
149	{	149	{
150	Config cfg("Security");	150	Config cfg("Security");
151	cfg.setGroup("Sync");	151	cfg.setGroup("Sync");
152	// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");	152	// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
153	uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);	153	uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);
154		154
155	// QHostAddress allowed;	155	// QHostAddress allowed;
156	// allowed.setAddress(allowedstr);	156	// allowed.setAddress(allowedstr);
157	// uint auth_peer = allowed.ip4Addr();	157	// uint auth_peer = allowed.ip4Addr();
158	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);	158	uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);
159	uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined	159	uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
160	? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));	160	? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
161		161
162	return (peeraddress.ip4Addr() & mask) == auth_peer;	162	return (peeraddress.ip4Addr() & mask) == auth_peer;
163	}	163	}
164		164
165	bool SyncAuthentication::checkUser( const QString& user )	165	bool SyncAuthentication::checkUser( const QString& user )
166	{	166	{
167	if ( user.isEmpty() ) return FALSE;	167	if ( user.isEmpty() ) return FALSE;
168	QString euser = loginName();	168	QString euser = loginName();
169	return user == euser;	169	return user == euser;
170	}	170	}
171		171
172	bool SyncAuthentication::checkPassword( const QString& password )	172	bool SyncAuthentication::checkPassword( const QString& password )
173	{	173	{
174	#ifdef ALLOW_UNIX_USER_FTP	174	#ifdef ALLOW_UNIX_USER_FTP
175	// First, check system password...	175	// First, check system password...
176		176
177	struct passwd *pw = 0;	177	struct passwd *pw = 0;
178	struct spwd *spw = 0;	178	struct spwd *spw = 0;
179		179
180	pw = getpwuid( geteuid() );	180	pw = getpwuid( geteuid() );
181	spw = getspnam( pw->pw_name );	181	spw = getspnam( pw->pw_name );
182		182
183	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );	183	QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
184	if ( cpwd == "x" && spw )	184	if ( cpwd == "x" && spw )
185	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );	185	cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
186		186
187	// Note: some systems use more than crypt for passwords.	187	// Note: some systems use more than crypt for passwords.
188	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );	188	QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
189	if ( cpwd == cpassword )	189	if ( cpwd == cpassword )
190	return TRUE;	190	return TRUE;
191	#endif	191	#endif
192		192
193	static int lastdenial=0;	193	static int lastdenial=0;
194	static int denials=0;	194	static int denials=0;
195	int now = time(0);	195	int now = time(0);
196		196
		197	Config cfg("Security");
		198	cfg.setGroup("Sync");
		199	QString syncapp = cfg.readEntry("syncapp","Qtopia");
		200
		201	//No password needed if the user really wants it
		202	if (syncapp == "IntelliSync") {
		203	return TRUE;
		204	}
		205
197	// Detect old Qtopia Desktop (no password)	206	// Detect old Qtopia Desktop (no password)
198	if ( password.isEmpty() ) {	207	if ( password.isEmpty() ) {
199	if ( denials < 1 \|\| now > lastdenial+600 ) {	208	if ( denials < 3 \|\| now > lastdenial+600 ) {
200	QMessageBox unauth(	209	QMessageBox unauth(
201	tr("Sync Connection"),	210	tr("Sync Connection"),
202	tr("<p>An unauthorized system is requesting access to this device."	211	tr("<p>An unauthorized system is requesting access to this device."
203	"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "	212	"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
204	"please upgrade."),	213	"please upgrade or change the security setting to use IntelliSync." ),
205	QMessageBox::Warning,	214	QMessageBox::Warning,
206	QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,	215	QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
207	0, QString::null, TRUE, WStyle_StaysOnTop);	216	0, QString::null, TRUE, WStyle_StaysOnTop);
208	unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));	217	unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
209	unauth.exec();	218	unauth.exec();
210		219
211	denials++;	220	denials++;
212	lastdenial=now;	221	lastdenial=now;
213	}	222	}
214	return FALSE;	223	return FALSE;
215	}	224
		225	}
216		226
217	// Second, check sync password...	227	// Second, check sync password...
218		228
219	static int lock=0;	229	static int lock=0;
220	if ( lock ) return FALSE;	230	if ( lock ) return FALSE;
221		231
222	++lock;	232	++lock;
223		233
224	/*	234	/*
225	* we need to support old Sync software and QtopiaDesktop	235	* we need to support old Sync software and QtopiaDesktop
226	*/	236	*/
227	if ( password.left(6) == "Qtopia" \|\| password.left(6) == "rootme" ) {	237	if ( password.left(6) == "Qtopia" \|\| password.left(6) == "rootme" ) {
228	Config cfg( "Security" );	238	Config cfg( "Security" );
229	cfg.setGroup("Sync");	239	cfg.setGroup("Sync");
230	QStringList pwds = cfg.readListEntry("Passwords",' ');	240	QStringList pwds = cfg.readListEntry("Passwords",' ');
231	for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {	241	for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
232	#ifndef Q_OS_WIN32	242	#ifndef Q_OS_WIN32
233	QString cpassword = QString::fromLocal8Bit(	243	QString cpassword = QString::fromLocal8Bit(
234	crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );	244	crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
235	#else	245	#else
236	// ### revise	246	// ### revise
237	QString cpassword("");	247	QString cpassword("");
238	#endif	248	#endif
239	if ( *it == cpassword ) {	249	if ( *it == cpassword ) {
240	lock--;	250	lock--;
241	return TRUE;	251	return TRUE;
242	}	252	}
243	}	253	}
244		254
245	// Unrecognized system. Be careful...	255	// Unrecognized system. Be careful...
246	QMessageBox unrecbox(	256	QMessageBox unrecbox(
247	tr("Sync Connection"),	257	tr("Sync Connection"),
248	tr("<p>An unrecognized system is requesting access to this device."	258	tr("<p>An unrecognized system is requesting access to this device."
249	"<p>If you have just initiated a Sync for the first time, this is normal."),	259	"<p>If you have just initiated a Sync for the first time, this is normal."),
250	QMessageBox::Warning,	260	QMessageBox::Warning,
251	QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,	261	QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
252	0, QString::null, TRUE, WStyle_StaysOnTop);	262	0, QString::null, TRUE, WStyle_StaysOnTop);
253	unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));	263	unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
254	unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));	264	unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
255		265
256	if ( (denials > 2 && now < lastdenial+600)	266	if ( (denials > 2 && now < lastdenial+600)
257	\|\| unrecbox.exec() != QMessageBox::Yes)	267	\|\| unrecbox.exec() != QMessageBox::Yes)
258	{	268	{
259	denials++;	269	denials++;
260	lastdenial=now;	270	lastdenial=now;
261	lock--;	271	lock--;
262	return FALSE;	272	return FALSE;
263	} else {	273	} else {
264	const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";	274	const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
265	char salt[2];	275	char salt[2];
266	salt[0]= salty[rand() % (sizeof(salty)-1)];	276	salt[0]= salty[rand() % (sizeof(salty)-1)];
267	salt[1]= salty[rand() % (sizeof(salty)-1)];	277	salt[1]= salty[rand() % (sizeof(salty)-1)];
268	#ifndef Q_OS_WIN32	278	#ifndef Q_OS_WIN32
269	QString cpassword = QString::fromLocal8Bit(	279	QString cpassword = QString::fromLocal8Bit(
270	crypt( password.mid(8).local8Bit(), salt ) );	280	crypt( password.mid(8).local8Bit(), salt ) );