author | zecke <zecke> | 2003-09-19 13:34:19 (UTC) |
---|---|---|
committer | zecke <zecke> | 2003-09-19 13:34:19 (UTC) |
commit | 6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0 (patch) (unidiff) | |
tree | 6a5511175042d599142c1686289487cc4e74c19a | |
parent | ff7423735a1effb0aad3f79b8a4e1ee2ed24750d (diff) | |
download | opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.zip opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.gz opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.bz2 |
if the password is wrong but 'rootme' prompt the user again to either accept
or deny the connection
-rw-r--r-- | core/launcher/transferserver.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index 371400e..fde6f8b 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp | |||
@@ -1,476 +1,480 @@ | |||
1 | /********************************************************************** | 1 | /********************************************************************** |
2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. | 2 | ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. |
3 | ** | 3 | ** |
4 | ** This file is part of the Qtopia Environment. | 4 | ** This file is part of the Qtopia Environment. |
5 | ** | 5 | ** |
6 | ** This file may be distributed and/or modified under the terms of the | 6 | ** This file may be distributed and/or modified under the terms of the |
7 | ** GNU General Public License version 2 as published by the Free Software | 7 | ** GNU General Public License version 2 as published by the Free Software |
8 | ** Foundation and appearing in the file LICENSE.GPL included in the | 8 | ** Foundation and appearing in the file LICENSE.GPL included in the |
9 | ** packaging of this file. | 9 | ** packaging of this file. |
10 | ** | 10 | ** |
11 | ** This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE | 11 | ** This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE |
12 | ** WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. | 12 | ** WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
13 | ** | 13 | ** |
14 | ** See http://www.trolltech.com/gpl/ for GPL licensing information. | 14 | ** See http://www.trolltech.com/gpl/ for GPL licensing information. |
15 | ** | 15 | ** |
16 | ** Contact info@trolltech.com if any conditions of this licensing are | 16 | ** Contact info@trolltech.com if any conditions of this licensing are |
17 | ** not clear to you. | 17 | ** not clear to you. |
18 | ** | 18 | ** |
19 | **********************************************************************/ | 19 | **********************************************************************/ |
20 | //#define _XOPEN_SOURCE | 20 | //#define _XOPEN_SOURCE |
21 | 21 | ||
22 | #include <qtopia/global.h> | 22 | #include <qtopia/global.h> |
23 | #include <qtopia/qpeapplication.h> | 23 | #include <qtopia/qpeapplication.h> |
24 | 24 | ||
25 | #ifndef Q_OS_WIN32 | 25 | #ifndef Q_OS_WIN32 |
26 | #include <pwd.h> | 26 | #include <pwd.h> |
27 | #include <sys/types.h> | 27 | #include <sys/types.h> |
28 | #include <unistd.h> | 28 | #include <unistd.h> |
29 | #include <stdlib.h> | 29 | #include <stdlib.h> |
30 | #include <time.h> | 30 | #include <time.h> |
31 | #include <shadow.h> | 31 | #include <shadow.h> |
32 | #include <crypt.h> | 32 | #include <crypt.h> |
33 | 33 | ||
34 | #else | 34 | #else |
35 | #include <stdlib.h> | 35 | #include <stdlib.h> |
36 | #include <time.h> | 36 | #include <time.h> |
37 | #endif | 37 | #endif |
38 | 38 | ||
39 | 39 | ||
40 | #if defined(_OS_LINUX_) | 40 | #if defined(_OS_LINUX_) |
41 | #include <shadow.h> | 41 | #include <shadow.h> |
42 | #endif | 42 | #endif |
43 | 43 | ||
44 | #include <qdir.h> | 44 | #include <qdir.h> |
45 | #include <qfile.h> | 45 | #include <qfile.h> |
46 | #include <qtextstream.h> | 46 | #include <qtextstream.h> |
47 | #include <qdatastream.h> | 47 | #include <qdatastream.h> |
48 | #include <qmessagebox.h> | 48 | #include <qmessagebox.h> |
49 | #include <qstringlist.h> | 49 | #include <qstringlist.h> |
50 | #include <qfileinfo.h> | 50 | #include <qfileinfo.h> |
51 | #include <qregexp.h> | 51 | #include <qregexp.h> |
52 | //#include <qtopia/qcopchannel_qws.h> | 52 | //#include <qtopia/qcopchannel_qws.h> |
53 | #include <qtopia/process.h> | 53 | #include <qtopia/process.h> |
54 | #include <qtopia/global.h> | 54 | #include <qtopia/global.h> |
55 | #include <qtopia/config.h> | 55 | #include <qtopia/config.h> |
56 | #include <qtopia/private/contact.h> | 56 | #include <qtopia/private/contact.h> |
57 | #include <qtopia/quuid.h> | 57 | #include <qtopia/quuid.h> |
58 | #include <qtopia/version.h> | 58 | #include <qtopia/version.h> |
59 | #ifdef Q_WS_QWS | 59 | #ifdef Q_WS_QWS |
60 | #include <qtopia/qcopenvelope_qws.h> | 60 | #include <qtopia/qcopenvelope_qws.h> |
61 | #endif | 61 | #endif |
62 | 62 | ||
63 | #include "launcherglobal.h" | 63 | #include "launcherglobal.h" |
64 | 64 | ||
65 | #include "transferserver.h" | 65 | #include "transferserver.h" |
66 | #include <qtopia/qprocess.h> | 66 | #include <qtopia/qprocess.h> |
67 | 67 | ||
68 | const int block_size = 51200; | 68 | const int block_size = 51200; |
69 | 69 | ||
70 | TransferServer::TransferServer( Q_UINT16 port, QObject *parent, | 70 | TransferServer::TransferServer( Q_UINT16 port, QObject *parent, |
71 | const char* name) | 71 | const char* name) |
72 | : QServerSocket( port, 1, parent, name ) | 72 | : QServerSocket( port, 1, parent, name ) |
73 | { | 73 | { |
74 | connections.setAutoDelete( TRUE ); | 74 | connections.setAutoDelete( TRUE ); |
75 | if ( !ok() ) | 75 | if ( !ok() ) |
76 | qWarning( "Failed to bind to port %d", port ); | 76 | qWarning( "Failed to bind to port %d", port ); |
77 | } | 77 | } |
78 | 78 | ||
79 | void TransferServer::authorizeConnections() | 79 | void TransferServer::authorizeConnections() |
80 | { | 80 | { |
81 | QListIterator<ServerPI> it(connections); | 81 | QListIterator<ServerPI> it(connections); |
82 | while ( it.current() ) { | 82 | while ( it.current() ) { |
83 | if ( !it.current()->verifyAuthorised() ) { | 83 | if ( !it.current()->verifyAuthorised() ) { |
84 | disconnect( it.current(), SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) ); | 84 | disconnect( it.current(), SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) ); |
85 | connections.removeRef( it.current() ); | 85 | connections.removeRef( it.current() ); |
86 | } else | 86 | } else |
87 | ++it; | 87 | ++it; |
88 | } | 88 | } |
89 | } | 89 | } |
90 | 90 | ||
91 | void TransferServer::closed(ServerPI *item) | 91 | void TransferServer::closed(ServerPI *item) |
92 | { | 92 | { |
93 | connections.removeRef(item); | 93 | connections.removeRef(item); |
94 | } | 94 | } |
95 | 95 | ||
96 | TransferServer::~TransferServer() | 96 | TransferServer::~TransferServer() |
97 | { | 97 | { |
98 | } | 98 | } |
99 | 99 | ||
100 | void TransferServer::newConnection( int socket ) | 100 | void TransferServer::newConnection( int socket ) |
101 | { | 101 | { |
102 | ServerPI *ptr = new ServerPI( socket, this ); | 102 | ServerPI *ptr = new ServerPI( socket, this ); |
103 | connect( ptr, SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) ); | 103 | connect( ptr, SIGNAL(connectionClosed(ServerPI *)), this, SLOT( closed(ServerPI *)) ); |
104 | connections.append( ptr ); | 104 | connections.append( ptr ); |
105 | } | 105 | } |
106 | 106 | ||
107 | QString SyncAuthentication::serverId() | 107 | QString SyncAuthentication::serverId() |
108 | { | 108 | { |
109 | Config cfg("Security"); | 109 | Config cfg("Security"); |
110 | cfg.setGroup("Sync"); | 110 | cfg.setGroup("Sync"); |
111 | QString r = cfg.readEntry("serverid"); | 111 | QString r = cfg.readEntry("serverid"); |
112 | 112 | ||
113 | if ( r.isEmpty() ) { | 113 | if ( r.isEmpty() ) { |
114 | r = Opie::Global::uuid(); | 114 | r = Opie::Global::uuid(); |
115 | cfg.writeEntry("serverid", r ); | 115 | cfg.writeEntry("serverid", r ); |
116 | } | 116 | } |
117 | return r; | 117 | return r; |
118 | } | 118 | } |
119 | 119 | ||
120 | QString SyncAuthentication::ownerName() | 120 | QString SyncAuthentication::ownerName() |
121 | { | 121 | { |
122 | QString vfilename = Global::applicationFileName("addressbook", | 122 | QString vfilename = Global::applicationFileName("addressbook", |
123 | "businesscard.vcf"); | 123 | "businesscard.vcf"); |
124 | if (QFile::exists(vfilename)) { | 124 | if (QFile::exists(vfilename)) { |
125 | Contact c; | 125 | Contact c; |
126 | c = Contact::readVCard( vfilename )[0]; | 126 | c = Contact::readVCard( vfilename )[0]; |
127 | return c.fullName(); | 127 | return c.fullName(); |
128 | } | 128 | } |
129 | 129 | ||
130 | return QString::null; | 130 | return QString::null; |
131 | } | 131 | } |
132 | 132 | ||
133 | QString SyncAuthentication::loginName() | 133 | QString SyncAuthentication::loginName() |
134 | { | 134 | { |
135 | struct passwd *pw = 0L; | 135 | struct passwd *pw = 0L; |
136 | #ifndef Q_OS_WIN32 | 136 | #ifndef Q_OS_WIN32 |
137 | pw = getpwuid( geteuid() ); | 137 | pw = getpwuid( geteuid() ); |
138 | return QString::fromLocal8Bit( pw->pw_name ); | 138 | return QString::fromLocal8Bit( pw->pw_name ); |
139 | #else | 139 | #else |
140 | //### revise | 140 | //### revise |
141 | return QString(); | 141 | return QString(); |
142 | #endif | 142 | #endif |
143 | } | 143 | } |
144 | 144 | ||
145 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) | 145 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) |
146 | { | 146 | { |
147 | Config cfg("Security"); | 147 | Config cfg("Security"); |
148 | cfg.setGroup("Sync"); | 148 | cfg.setGroup("Sync"); |
149 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); | 149 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); |
150 | uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100); | 150 | uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100); |
151 | 151 | ||
152 | // QHostAddress allowed; | 152 | // QHostAddress allowed; |
153 | // allowed.setAddress(allowedstr); | 153 | // allowed.setAddress(allowedstr); |
154 | // uint auth_peer = allowed.ip4Addr(); | 154 | // uint auth_peer = allowed.ip4Addr(); |
155 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24); | 155 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24); |
156 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined | 156 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined |
157 | ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits)); | 157 | ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits)); |
158 | 158 | ||
159 | return (peeraddress.ip4Addr() & mask) == auth_peer; | 159 | return (peeraddress.ip4Addr() & mask) == auth_peer; |
160 | } | 160 | } |
161 | 161 | ||
162 | bool SyncAuthentication::checkUser( const QString& user ) | 162 | bool SyncAuthentication::checkUser( const QString& user ) |
163 | { | 163 | { |
164 | if ( user.isEmpty() ) return FALSE; | 164 | if ( user.isEmpty() ) return FALSE; |
165 | QString euser = loginName(); | 165 | QString euser = loginName(); |
166 | return user == euser; | 166 | return user == euser; |
167 | } | 167 | } |
168 | 168 | ||
169 | bool SyncAuthentication::checkPassword( const QString& password ) | 169 | bool SyncAuthentication::checkPassword( const QString& password ) |
170 | { | 170 | { |
171 | #ifdef ALLOW_UNIX_USER_FTP | 171 | #ifdef ALLOW_UNIX_USER_FTP |
172 | // First, check system password... | 172 | // First, check system password... |
173 | 173 | ||
174 | struct passwd *pw = 0; | 174 | struct passwd *pw = 0; |
175 | struct spwd *spw = 0; | 175 | struct spwd *spw = 0; |
176 | 176 | ||
177 | pw = getpwuid( geteuid() ); | 177 | pw = getpwuid( geteuid() ); |
178 | spw = getspnam( pw->pw_name ); | 178 | spw = getspnam( pw->pw_name ); |
179 | 179 | ||
180 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | 180 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); |
181 | if ( cpwd == "x" && spw ) | 181 | if ( cpwd == "x" && spw ) |
182 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | 182 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); |
183 | 183 | ||
184 | // Note: some systems use more than crypt for passwords. | 184 | // Note: some systems use more than crypt for passwords. |
185 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | 185 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); |
186 | if ( cpwd == cpassword ) | 186 | if ( cpwd == cpassword ) |
187 | return TRUE; | 187 | return TRUE; |
188 | #endif | 188 | #endif |
189 | 189 | ||
190 | static int lastdenial=0; | 190 | static int lastdenial=0; |
191 | static int denials=0; | 191 | static int denials=0; |
192 | int now = time(0); | 192 | int now = time(0); |
193 | 193 | ||
194 | // Detect old Qtopia Desktop (no password) | 194 | // Detect old Qtopia Desktop (no password) |
195 | if ( password.isEmpty() ) { | 195 | if ( password.isEmpty() ) { |
196 | if ( denials < 1 || now > lastdenial+600 ) { | 196 | if ( denials < 1 || now > lastdenial+600 ) { |
197 | QMessageBox unauth( | 197 | QMessageBox unauth( |
198 | tr("Sync Connection"), | 198 | tr("Sync Connection"), |
199 | tr("<p>An unauthorized system is requesting access to this device." | 199 | tr("<p>An unauthorized system is requesting access to this device." |
200 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " | 200 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " |
201 | "please upgrade."), | 201 | "please upgrade."), |
202 | QMessageBox::Warning, | 202 | QMessageBox::Warning, |
203 | QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton, | 203 | QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton, |
204 | 0, QString::null, TRUE, WStyle_StaysOnTop); | 204 | 0, QString::null, TRUE, WStyle_StaysOnTop); |
205 | unauth.setButtonText(QMessageBox::Cancel, tr("Deny")); | 205 | unauth.setButtonText(QMessageBox::Cancel, tr("Deny")); |
206 | unauth.exec(); | 206 | unauth.exec(); |
207 | 207 | ||
208 | denials++; | 208 | denials++; |
209 | lastdenial=now; | 209 | lastdenial=now; |
210 | } | 210 | } |
211 | return FALSE; | 211 | return FALSE; |
212 | } | 212 | } |
213 | 213 | ||
214 | // Second, check sync password... | 214 | // Second, check sync password... |
215 | 215 | ||
216 | static int lock=0; | 216 | static int lock=0; |
217 | if ( lock ) return FALSE; | 217 | if ( lock ) return FALSE; |
218 | 218 | ||
219 | ++lock; | 219 | ++lock; |
220 | if ( password.left(6) == "Qtopia" ) { | 220 | |
221 | /* | ||
222 | * we need to support old Sync software and QtopiaDesktop | ||
223 | */ | ||
224 | if ( password.left(6) == "Qtopia" || password.left(6) == "rootme" ) { | ||
221 | Config cfg( QPEApplication::qpeDir()+"/etc/Security.conf", Config::File ); | 225 | Config cfg( QPEApplication::qpeDir()+"/etc/Security.conf", Config::File ); |
222 | cfg.setGroup("Sync"); | 226 | cfg.setGroup("Sync"); |
223 | QStringList pwds = cfg.readListEntry("Passwords",' '); | 227 | QStringList pwds = cfg.readListEntry("Passwords",' '); |
224 | for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) { | 228 | for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) { |
225 | #ifndef Q_OS_WIN32 | 229 | #ifndef Q_OS_WIN32 |
226 | QString cpassword = QString::fromLocal8Bit( | 230 | QString cpassword = QString::fromLocal8Bit( |
227 | crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) ); | 231 | crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) ); |
228 | #else | 232 | #else |
229 | // ### revise | 233 | // ### revise |
230 | QString cpassword(""); | 234 | QString cpassword(""); |
231 | #endif | 235 | #endif |
232 | if ( *it == cpassword ) { | 236 | if ( *it == cpassword ) { |
233 | lock--; | 237 | lock--; |
234 | return TRUE; | 238 | return TRUE; |
235 | } | 239 | } |
236 | } | 240 | } |
237 | 241 | ||
238 | // Unrecognized system. Be careful... | 242 | // Unrecognized system. Be careful... |
239 | QMessageBox unrecbox( | 243 | QMessageBox unrecbox( |
240 | tr("Sync Connection"), | 244 | tr("Sync Connection"), |
241 | tr("<p>An unrecognized system is requesting access to this device." | 245 | tr("<p>An unrecognized system is requesting access to this device." |
242 | "<p>If you have just initiated a Sync for the first time, this is normal."), | 246 | "<p>If you have just initiated a Sync for the first time, this is normal."), |
243 | QMessageBox::Warning, | 247 | QMessageBox::Warning, |
244 | QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton, | 248 | QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton, |
245 | 0, QString::null, TRUE, WStyle_StaysOnTop); | 249 | 0, QString::null, TRUE, WStyle_StaysOnTop); |
246 | unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny")); | 250 | unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny")); |
247 | unrecbox.setButtonText(QMessageBox::Yes, tr("Allow")); | 251 | unrecbox.setButtonText(QMessageBox::Yes, tr("Allow")); |
248 | 252 | ||
249 | if ( (denials > 2 && now < lastdenial+600) | 253 | if ( (denials > 2 && now < lastdenial+600) |
250 | || unrecbox.exec() != QMessageBox::Yes) | 254 | || unrecbox.exec() != QMessageBox::Yes) |
251 | { | 255 | { |
252 | denials++; | 256 | denials++; |
253 | lastdenial=now; | 257 | lastdenial=now; |
254 | lock--; | 258 | lock--; |
255 | return FALSE; | 259 | return FALSE; |
256 | } else { | 260 | } else { |
257 | const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/."; | 261 | const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/."; |
258 | char salt[2]; | 262 | char salt[2]; |
259 | salt[0]= salty[rand() % (sizeof(salty)-1)]; | 263 | salt[0]= salty[rand() % (sizeof(salty)-1)]; |
260 | salt[1]= salty[rand() % (sizeof(salty)-1)]; | 264 | salt[1]= salty[rand() % (sizeof(salty)-1)]; |
261 | #ifndef Q_OS_WIN32 | 265 | #ifndef Q_OS_WIN32 |
262 | QString cpassword = QString::fromLocal8Bit( | 266 | QString cpassword = QString::fromLocal8Bit( |
263 | crypt( password.mid(8).local8Bit(), salt ) ); | 267 | crypt( password.mid(8).local8Bit(), salt ) ); |
264 | #else | 268 | #else |
265 | //### revise | 269 | //### revise |
266 | QString cpassword(""); | 270 | QString cpassword(""); |
267 | #endif | 271 | #endif |
268 | denials=0; | 272 | denials=0; |
269 | pwds.prepend(cpassword); | 273 | pwds.prepend(cpassword); |
270 | cfg.writeEntry("Passwords",pwds,' '); | 274 | cfg.writeEntry("Passwords",pwds,' '); |
271 | lock--; | 275 | lock--; |
272 | return TRUE; | 276 | return TRUE; |
273 | } | 277 | } |
274 | } | 278 | } |
275 | lock--; | 279 | lock--; |
276 | 280 | ||
277 | return FALSE; | 281 | return FALSE; |
278 | } | 282 | } |
279 | 283 | ||
280 | 284 | ||
281 | ServerPI::ServerPI( int socket, QObject *parent, const char* name ) | 285 | ServerPI::ServerPI( int socket, QObject *parent, const char* name ) |
282 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ), | 286 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ), |
283 | storFileSize(-1) | 287 | storFileSize(-1) |
284 | { | 288 | { |
285 | state = Connected; | 289 | state = Connected; |
286 | 290 | ||
287 | setSocket( socket ); | 291 | setSocket( socket ); |
288 | 292 | ||
289 | peerport = peerPort(); | 293 | peerport = peerPort(); |
290 | peeraddress = peerAddress(); | 294 | peeraddress = peerAddress(); |
291 | 295 | ||
292 | #ifndef INSECURE | 296 | #ifndef INSECURE |
293 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { | 297 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { |
294 | state = Forbidden; | 298 | state = Forbidden; |
295 | startTimer( 0 ); | 299 | startTimer( 0 ); |
296 | } else | 300 | } else |
297 | #endif | 301 | #endif |
298 | { | 302 | { |
299 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); | 303 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); |
300 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); | 304 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); |
301 | 305 | ||
302 | passiv = FALSE; | 306 | passiv = FALSE; |
303 | for( int i = 0; i < 4; i++ ) | 307 | for( int i = 0; i < 4; i++ ) |
304 | wait[i] = FALSE; | 308 | wait[i] = FALSE; |
305 | 309 | ||
306 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr | 310 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr |
307 | state = Wait_USER; | 311 | state = Wait_USER; |
308 | 312 | ||
309 | dtp = new ServerDTP( this ); | 313 | dtp = new ServerDTP( this ); |
310 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); | 314 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); |
311 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); | 315 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); |
312 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); | 316 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); |
313 | 317 | ||
314 | 318 | ||
315 | directory = QDir::currentDirPath(); | 319 | directory = QDir::currentDirPath(); |
316 | 320 | ||
317 | static int p = 1024; | 321 | static int p = 1024; |
318 | 322 | ||
319 | while ( !serversocket || !serversocket->ok() ) { | 323 | while ( !serversocket || !serversocket->ok() ) { |
320 | delete serversocket; | 324 | delete serversocket; |
321 | serversocket = new ServerSocket( ++p, this ); | 325 | serversocket = new ServerSocket( ++p, this ); |
322 | } | 326 | } |
323 | connect( serversocket, SIGNAL( newIncomming( int ) ), | 327 | connect( serversocket, SIGNAL( newIncomming( int ) ), |
324 | SLOT( newConnection( int ) ) ); | 328 | SLOT( newConnection( int ) ) ); |
325 | } | 329 | } |
326 | } | 330 | } |
327 | 331 | ||
328 | ServerPI::~ServerPI() | 332 | ServerPI::~ServerPI() |
329 | { | 333 | { |
330 | close(); | 334 | close(); |
331 | dtp->close(); | 335 | dtp->close(); |
332 | delete dtp; | 336 | delete dtp; |
333 | delete serversocket; | 337 | delete serversocket; |
334 | } | 338 | } |
335 | 339 | ||
336 | bool ServerPI::verifyAuthorised() | 340 | bool ServerPI::verifyAuthorised() |
337 | { | 341 | { |
338 | if ( !SyncAuthentication::isAuthorized(peerAddress()) ) { | 342 | if ( !SyncAuthentication::isAuthorized(peerAddress()) ) { |
339 | state = Forbidden; | 343 | state = Forbidden; |
340 | return FALSE; | 344 | return FALSE; |
341 | } | 345 | } |
342 | return TRUE; | 346 | return TRUE; |
343 | } | 347 | } |
344 | 348 | ||
345 | void ServerPI::connectionClosed() | 349 | void ServerPI::connectionClosed() |
346 | { | 350 | { |
347 | // qDebug( "Debug: Connection closed" ); | 351 | // qDebug( "Debug: Connection closed" ); |
348 | emit connectionClosed(this); | 352 | emit connectionClosed(this); |
349 | } | 353 | } |
350 | 354 | ||
351 | void ServerPI::send( const QString& msg ) | 355 | void ServerPI::send( const QString& msg ) |
352 | { | 356 | { |
353 | QTextStream os( this ); | 357 | QTextStream os( this ); |
354 | os << msg << endl; | 358 | os << msg << endl; |
355 | //qDebug( "Reply: %s", msg.latin1() ); | 359 | //qDebug( "Reply: %s", msg.latin1() ); |
356 | } | 360 | } |
357 | 361 | ||
358 | void ServerPI::read() | 362 | void ServerPI::read() |
359 | { | 363 | { |
360 | while ( canReadLine() ) | 364 | while ( canReadLine() ) |
361 | process( readLine().stripWhiteSpace() ); | 365 | process( readLine().stripWhiteSpace() ); |
362 | } | 366 | } |
363 | 367 | ||
364 | bool ServerPI::checkReadFile( const QString& file ) | 368 | bool ServerPI::checkReadFile( const QString& file ) |
365 | { | 369 | { |
366 | QString filename; | 370 | QString filename; |
367 | 371 | ||
368 | if ( file[0] != "/" ) | 372 | if ( file[0] != "/" ) |
369 | filename = directory.path() + "/" + file; | 373 | filename = directory.path() + "/" + file; |
370 | else | 374 | else |
371 | filename = file; | 375 | filename = file; |
372 | 376 | ||
373 | QFileInfo fi( filename ); | 377 | QFileInfo fi( filename ); |
374 | return ( fi.exists() && fi.isReadable() ); | 378 | return ( fi.exists() && fi.isReadable() ); |
375 | } | 379 | } |
376 | 380 | ||
377 | bool ServerPI::checkWriteFile( const QString& file ) | 381 | bool ServerPI::checkWriteFile( const QString& file ) |
378 | { | 382 | { |
379 | QString filename; | 383 | QString filename; |
380 | 384 | ||
381 | if ( file[0] != "/" ) | 385 | if ( file[0] != "/" ) |
382 | filename = directory.path() + "/" + file; | 386 | filename = directory.path() + "/" + file; |
383 | else | 387 | else |
384 | filename = file; | 388 | filename = file; |
385 | 389 | ||
386 | QFileInfo fi( filename ); | 390 | QFileInfo fi( filename ); |
387 | 391 | ||
388 | if ( fi.exists() ) | 392 | if ( fi.exists() ) |
389 | if ( !QFile( filename ).remove() ) | 393 | if ( !QFile( filename ).remove() ) |
390 | return FALSE; | 394 | return FALSE; |
391 | return TRUE; | 395 | return TRUE; |
392 | } | 396 | } |
393 | 397 | ||
394 | void ServerPI::process( const QString& message ) | 398 | void ServerPI::process( const QString& message ) |
395 | { | 399 | { |
396 | //qDebug( "Command: %s", message.latin1() ); | 400 | //qDebug( "Command: %s", message.latin1() ); |
397 | 401 | ||
398 | // split message using "," as separator | 402 | // split message using "," as separator |
399 | QStringList msg = QStringList::split( " ", message ); | 403 | QStringList msg = QStringList::split( " ", message ); |
400 | if ( msg.isEmpty() ) return; | 404 | if ( msg.isEmpty() ) return; |
401 | 405 | ||
402 | // command token | 406 | // command token |
403 | QString cmd = msg[0].upper(); | 407 | QString cmd = msg[0].upper(); |
404 | 408 | ||
405 | // argument token | 409 | // argument token |
406 | QString arg; | 410 | QString arg; |
407 | if ( msg.count() >= 2 ) | 411 | if ( msg.count() >= 2 ) |
408 | arg = msg[1]; | 412 | arg = msg[1]; |
409 | 413 | ||
410 | // full argument string | 414 | // full argument string |
411 | QString args; | 415 | QString args; |
412 | if ( msg.count() >= 2 ) { | 416 | if ( msg.count() >= 2 ) { |
413 | QStringList copy( msg ); | 417 | QStringList copy( msg ); |
414 | // FIXME: for Qt3 | 418 | // FIXME: for Qt3 |
415 | // copy.pop_front() | 419 | // copy.pop_front() |
416 | copy.remove( copy.begin() ); | 420 | copy.remove( copy.begin() ); |
417 | args = copy.join( " " ); | 421 | args = copy.join( " " ); |
418 | } | 422 | } |
419 | 423 | ||
420 | //qDebug( "args: %s", args.latin1() ); | 424 | //qDebug( "args: %s", args.latin1() ); |
421 | 425 | ||
422 | // we always respond to QUIT, regardless of state | 426 | // we always respond to QUIT, regardless of state |
423 | if ( cmd == "QUIT" ) { | 427 | if ( cmd == "QUIT" ) { |
424 | send( "211 Good bye!" ); // No tr | 428 | send( "211 Good bye!" ); // No tr |
425 | close(); | 429 | close(); |
426 | return; | 430 | return; |
427 | } | 431 | } |
428 | 432 | ||
429 | // connected to client | 433 | // connected to client |
430 | if ( Connected == state ) | 434 | if ( Connected == state ) |
431 | return; | 435 | return; |
432 | 436 | ||
433 | // waiting for user name | 437 | // waiting for user name |
434 | if ( Wait_USER == state ) { | 438 | if ( Wait_USER == state ) { |
435 | 439 | ||
436 | if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) { | 440 | if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) { |
437 | send( "530 Please login with USER and PASS" ); // No tr | 441 | send( "530 Please login with USER and PASS" ); // No tr |
438 | return; | 442 | return; |
439 | } | 443 | } |
440 | send( "331 User name ok, need password" ); // No tr | 444 | send( "331 User name ok, need password" ); // No tr |
441 | state = Wait_PASS; | 445 | state = Wait_PASS; |
442 | return; | 446 | return; |
443 | } | 447 | } |
444 | 448 | ||
445 | // waiting for password | 449 | // waiting for password |
446 | if ( Wait_PASS == state ) { | 450 | if ( Wait_PASS == state ) { |
447 | 451 | ||
448 | if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) { | 452 | if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) { |
449 | send( "530 Please login with USER and PASS" ); // No tr | 453 | send( "530 Please login with USER and PASS" ); // No tr |
450 | return; | 454 | return; |
451 | } | 455 | } |
452 | send( "230 User logged in, proceed" ); // No tr | 456 | send( "230 User logged in, proceed" ); // No tr |
453 | state = Ready; | 457 | state = Ready; |
454 | return; | 458 | return; |
455 | } | 459 | } |
456 | 460 | ||
457 | // ACCESS CONTROL COMMANDS | 461 | // ACCESS CONTROL COMMANDS |
458 | 462 | ||
459 | // Only an ALLO sent immediately before STOR is valid. | 463 | // Only an ALLO sent immediately before STOR is valid. |
460 | if ( cmd != "STOR" ) | 464 | if ( cmd != "STOR" ) |
461 | storFileSize = -1; | 465 | storFileSize = -1; |
462 | 466 | ||
463 | // account (ACCT) | 467 | // account (ACCT) |
464 | if ( cmd == "ACCT" ) { | 468 | if ( cmd == "ACCT" ) { |
465 | // even wu-ftp does not support it | 469 | // even wu-ftp does not support it |
466 | send( "502 Command not implemented" ); // No tr | 470 | send( "502 Command not implemented" ); // No tr |
467 | } | 471 | } |
468 | 472 | ||
469 | // change working directory (CWD) | 473 | // change working directory (CWD) |
470 | else if ( cmd == "CWD" ) { | 474 | else if ( cmd == "CWD" ) { |
471 | 475 | ||
472 | if ( !args.isEmpty() ) { | 476 | if ( !args.isEmpty() ) { |
473 | if ( directory.cd( args, TRUE ) ) | 477 | if ( directory.cd( args, TRUE ) ) |
474 | send( "250 Requested file action okay, completed" ); // No tr | 478 | send( "250 Requested file action okay, completed" ); // No tr |
475 | else | 479 | else |
476 | send( "550 Requested action not taken" ); // No tr | 480 | send( "550 Requested action not taken" ); // No tr |