TT gave us the wrong sync password! ^#$^@&^

author: llornkcor <llornkcor> 2002-09-06 17:46:33 (UTC)
committer: llornkcor <llornkcor> 2002-09-06 17:46:33 (UTC)
commit: 4acfa3f53762b6c786e421444d23c49c279e556f (patch) (unidiff)
tree: ff4522ecadcbdcd0410f91e9b88aa2205948b692
parent: d4257a0388d3444b5318436449423d27cdd85acf (diff)
download: opie-4acfa3f53762b6c786e421444d23c49c279e556f.zip
opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.gz
opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.bz2
1 files changed, 3 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index ed3e2c6..28b7b49 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -47,257 +47,259 @@ extern "C" {
 #include <qpe/global.h>
 #include <qpe/config.h>
 #include <qpe/contact.h>
 #include <qpe/quuid.h>
 #include <qpe/version.h>
 #ifdef QWS
 #include <qpe/qcopenvelope_qws.h>
 #endif
 #include "transferserver.h"
 #include "qprocess.h"
 const int block_size = 51200;
 TransferServer::TransferServer( Q_UINT16 port, QObject *parent ,
        const char* name )
    : QServerSocket( port, 1, parent, name )
 {
    if ( !ok() )
  qWarning( "Failed to bind to port %d", port );
 }
 TransferServer::~TransferServer()
 {
 }
 void TransferServer::newConnection( int socket )
 {
    (void) new ServerPI( socket, this );
 }
 QString SyncAuthentication::serverId()
 {
    Config cfg("Security");
    cfg.setGroup("Sync");
    QString r=cfg.readEntry("serverid");
    if ( r.isEmpty() ) {
  uuid_t uuid;
  uuid_generate( uuid );
  cfg.writeEntry("serverid",(r = QUuid( uuid ).toString()));
    }
    return r;
 }
 QString SyncAuthentication::ownerName()
 {
    QString vfilename = Global::applicationFileName("addressbook",
                "businesscard.vcf");
    if (QFile::exists(vfilename)) {
  Contact c;
  c = Contact::readVCard( vfilename )[0];
  return c.fullName();
    }
    return "";
 }
 QString SyncAuthentication::loginName()
 {
    struct passwd *pw;
    pw = getpwuid( geteuid() );
    return QString::fromLocal8Bit( pw->pw_name );
 }
 int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
 {
    Config cfg("Security");
    cfg.setGroup("Sync");
 //    QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
     uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100);
    
 //    QHostAddress allowed;
 //    allowed.setAddress(allowedstr);
 //    uint auth_peer = allowed.ip4Addr();
    uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);
    uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
  ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits));
    return (peeraddress.ip4Addr() & mask) == auth_peer;
 }
 bool SyncAuthentication::checkUser( const QString& user )
 {
    if ( user.isEmpty() ) return FALSE;
    QString euser = loginName();
    return user == euser;
 }
 bool SyncAuthentication::checkPassword( const QString& password )
 {
 #ifdef ALLOW_UNIX_USER_FTP
    // First, check system password...
    struct passwd *pw = 0;
    struct spwd *spw = 0;
    pw = getpwuid( geteuid() );
    spw = getspnam( pw->pw_name );
    QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
    if ( cpwd == "x" && spw )
  cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
    // Note: some systems use more than crypt for passwords.
    QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
    if ( cpwd == cpassword )
  return TRUE;
 #endif
    static int lastdenial=0;
    static int denials=0;
    int now = time(0);
    // Detect old Qtopia Desktop (no password)
    if ( password.isEmpty() ) {
  if ( denials < 1 || now > lastdenial+600 ) {
      QMessageBox::warning( 0,tr("Sync Connection"),
    tr("<p>An unauthorized system is requesting access to this device."
        "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
        "please upgrade."),
    tr("Deny") );
      denials++;
      lastdenial=now;
  }
  return FALSE;
    }
    // Second, check sync password...
-    if ( password.left(6) == "Qtopia" ) {
+    if ( password.left(6) == "rootme" ) {
+          // fuckin TT gave us the wrong sync password.
+          // what a dumbassed password is rootme anyway.
  QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) );
  Config cfg("Security");
  cfg.setGroup("Sync");
  QString pwds = cfg.readEntry("Passwords");
  if ( QStringList::split(QChar(' '),pwds).contains(cpassword) )
      return TRUE;
  // Unrecognized system. Be careful...
  if ( (denials > 2 && now < lastdenial+600)
      || QMessageBox::warning(0,tr("Sync Connection"),
    tr("<p>An unrecognized system is requesting access to this device."
        "<p>If you have just initiated a Sync for the first time, this is normal."),
    tr("Allow"),tr("Deny"))==1 )
  {
      denials++;
      lastdenial=now;
      return FALSE;
  } else {
      denials=0;
      cfg.writeEntry("Passwords",pwds+" "+cpassword);
      return TRUE;
  }
    }
    return FALSE;
 }
 ServerPI::ServerPI( int socket, QObject *parent , const char* name  )
    : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )
 {
    state = Connected;
    setSocket( socket );
    peerport = peerPort();
    peeraddress = peerAddress();
 #ifndef INSECURE
    if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
  state = Forbidden;
  startTimer( 0 );
    } else
 #endif  
    {
  connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
  connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
  
  passiv = FALSE;
  for( int i = 0; i < 4; i++ )
      wait[i] = FALSE;
  send( "220 Qtopia " QPE_VERSION " FTP Server" );
  state = Wait_USER;
  dtp = new ServerDTP( this );
  connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
  connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
  connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
  directory = QDir::currentDirPath();
  static int p = 1024;
  while ( !serversocket || !serversocket->ok() ) {
      delete serversocket;
      serversocket = new ServerSocket( ++p, this );
  }
  connect( serversocket, SIGNAL( newIncomming( int ) ),
     SLOT( newConnection( int ) ) );
    }
 }
 ServerPI::~ServerPI()
 {
 }
 void ServerPI::connectionClosed()
 {
    // qDebug( "Debug: Connection closed" );
    delete this;
 }
 void ServerPI::send( const QString& msg )
 {
    QTextStream os( this );
    os << msg << endl;
    //qDebug( "Reply: %s", msg.latin1() );
 }
 void ServerPI::read()
 {
    while ( canReadLine() )
  process( readLine().stripWhiteSpace() );
 }
 bool ServerPI::checkReadFile( const QString& file )
 {
    QString filename;
    if ( file[0] != "/" )
  filename = directory.path() + "/" + file;
    else
  filename = file;
    QFileInfo fi( filename );
    return ( fi.exists() && fi.isReadable() );
 }
 bool ServerPI::checkWriteFile( const QString& file )
 {
    QString filename;
    if ( file[0] != "/" )
  filename = directory.path() + "/" + file;
    else
  filename = file;
    QFileInfo fi( filename );
    if ( fi.exists() )
  if ( !QFile( filename ).remove() )
      return FALSE;
    return TRUE;
 }
author	llornkcor <llornkcor>	2002-09-06 17:46:33 (UTC)
committer	llornkcor <llornkcor>	2002-09-06 17:46:33 (UTC)
commit	4acfa3f53762b6c786e421444d23c49c279e556f (patch) (unidiff)
tree	ff4522ecadcbdcd0410f91e9b88aa2205948b692
parent	d4257a0388d3444b5318436449423d27cdd85acf (diff)
download	opie-4acfa3f53762b6c786e421444d23c49c279e556f.zip opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.gz opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.bz2