| author | llornkcor <llornkcor> | 2002-09-06 17:46:33 (UTC) |
|---|---|---|
| committer | llornkcor <llornkcor> | 2002-09-06 17:46:33 (UTC) |
| commit | 4acfa3f53762b6c786e421444d23c49c279e556f (patch) (unidiff) | |
| tree | ff4522ecadcbdcd0410f91e9b88aa2205948b692 | |
| parent | d4257a0388d3444b5318436449423d27cdd85acf (diff) | |
| download | opie-4acfa3f53762b6c786e421444d23c49c279e556f.zip opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.gz opie-4acfa3f53762b6c786e421444d23c49c279e556f.tar.bz2 | |
TT gave us the wrong sync password! ^#$^@&^
| -rw-r--r-- | core/launcher/transferserver.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index ed3e2c6..28b7b49 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp | |||
| @@ -111,129 +111,131 @@ QString SyncAuthentication::loginName() | |||
| 111 | 111 | ||
| 112 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) | 112 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) |
| 113 | { | 113 | { |
| 114 | Config cfg("Security"); | 114 | Config cfg("Security"); |
| 115 | cfg.setGroup("Sync"); | 115 | cfg.setGroup("Sync"); |
| 116 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); | 116 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); |
| 117 | uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); | 117 | uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); |
| 118 | 118 | ||
| 119 | // QHostAddress allowed; | 119 | // QHostAddress allowed; |
| 120 | // allowed.setAddress(allowedstr); | 120 | // allowed.setAddress(allowedstr); |
| 121 | // uint auth_peer = allowed.ip4Addr(); | 121 | // uint auth_peer = allowed.ip4Addr(); |
| 122 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); | 122 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); |
| 123 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined | 123 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined |
| 124 | ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); | 124 | ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); |
| 125 | return (peeraddress.ip4Addr() & mask) == auth_peer; | 125 | return (peeraddress.ip4Addr() & mask) == auth_peer; |
| 126 | } | 126 | } |
| 127 | 127 | ||
| 128 | bool SyncAuthentication::checkUser( const QString& user ) | 128 | bool SyncAuthentication::checkUser( const QString& user ) |
| 129 | { | 129 | { |
| 130 | if ( user.isEmpty() ) return FALSE; | 130 | if ( user.isEmpty() ) return FALSE; |
| 131 | QString euser = loginName(); | 131 | QString euser = loginName(); |
| 132 | return user == euser; | 132 | return user == euser; |
| 133 | } | 133 | } |
| 134 | 134 | ||
| 135 | bool SyncAuthentication::checkPassword( const QString& password ) | 135 | bool SyncAuthentication::checkPassword( const QString& password ) |
| 136 | { | 136 | { |
| 137 | #ifdef ALLOW_UNIX_USER_FTP | 137 | #ifdef ALLOW_UNIX_USER_FTP |
| 138 | // First, check system password... | 138 | // First, check system password... |
| 139 | 139 | ||
| 140 | struct passwd *pw = 0; | 140 | struct passwd *pw = 0; |
| 141 | struct spwd *spw = 0; | 141 | struct spwd *spw = 0; |
| 142 | 142 | ||
| 143 | pw = getpwuid( geteuid() ); | 143 | pw = getpwuid( geteuid() ); |
| 144 | spw = getspnam( pw->pw_name ); | 144 | spw = getspnam( pw->pw_name ); |
| 145 | 145 | ||
| 146 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | 146 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); |
| 147 | if ( cpwd == "x" && spw ) | 147 | if ( cpwd == "x" && spw ) |
| 148 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | 148 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); |
| 149 | 149 | ||
| 150 | // Note: some systems use more than crypt for passwords. | 150 | // Note: some systems use more than crypt for passwords. |
| 151 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | 151 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); |
| 152 | if ( cpwd == cpassword ) | 152 | if ( cpwd == cpassword ) |
| 153 | return TRUE; | 153 | return TRUE; |
| 154 | #endif | 154 | #endif |
| 155 | 155 | ||
| 156 | static int lastdenial=0; | 156 | static int lastdenial=0; |
| 157 | static int denials=0; | 157 | static int denials=0; |
| 158 | int now = time(0); | 158 | int now = time(0); |
| 159 | 159 | ||
| 160 | // Detect old Qtopia Desktop (no password) | 160 | // Detect old Qtopia Desktop (no password) |
| 161 | if ( password.isEmpty() ) { | 161 | if ( password.isEmpty() ) { |
| 162 | if ( denials < 1 || now > lastdenial+600 ) { | 162 | if ( denials < 1 || now > lastdenial+600 ) { |
| 163 | QMessageBox::warning( 0,tr("Sync Connection"), | 163 | QMessageBox::warning( 0,tr("Sync Connection"), |
| 164 | tr("<p>An unauthorized system is requesting access to this device." | 164 | tr("<p>An unauthorized system is requesting access to this device." |
| 165 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " | 165 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " |
| 166 | "please upgrade."), | 166 | "please upgrade."), |
| 167 | tr("Deny") ); | 167 | tr("Deny") ); |
| 168 | denials++; | 168 | denials++; |
| 169 | lastdenial=now; | 169 | lastdenial=now; |
| 170 | } | 170 | } |
| 171 | return FALSE; | 171 | return FALSE; |
| 172 | } | 172 | } |
| 173 | 173 | ||
| 174 | // Second, check sync password... | 174 | // Second, check sync password... |
| 175 | if ( password.left(6) == "Qtopia" ) { | 175 | if ( password.left(6) == "rootme" ) { |
| 176 | // fuckin TT gave us the wrong sync password. | ||
| 177 | // what a dumbassed password is rootme anyway. | ||
| 176 | QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); | 178 | QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); |
| 177 | Config cfg("Security"); | 179 | Config cfg("Security"); |
| 178 | cfg.setGroup("Sync"); | 180 | cfg.setGroup("Sync"); |
| 179 | QString pwds = cfg.readEntry("Passwords"); | 181 | QString pwds = cfg.readEntry("Passwords"); |
| 180 | if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) | 182 | if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) |
| 181 | return TRUE; | 183 | return TRUE; |
| 182 | 184 | ||
| 183 | // Unrecognized system. Be careful... | 185 | // Unrecognized system. Be careful... |
| 184 | 186 | ||
| 185 | if ( (denials > 2 && now < lastdenial+600) | 187 | if ( (denials > 2 && now < lastdenial+600) |
| 186 | || QMessageBox::warning(0,tr("Sync Connection"), | 188 | || QMessageBox::warning(0,tr("Sync Connection"), |
| 187 | tr("<p>An unrecognized system is requesting access to this device." | 189 | tr("<p>An unrecognized system is requesting access to this device." |
| 188 | "<p>If you have just initiated a Sync for the first time, this is normal."), | 190 | "<p>If you have just initiated a Sync for the first time, this is normal."), |
| 189 | tr("Allow"),tr("Deny"))==1 ) | 191 | tr("Allow"),tr("Deny"))==1 ) |
| 190 | { | 192 | { |
| 191 | denials++; | 193 | denials++; |
| 192 | lastdenial=now; | 194 | lastdenial=now; |
| 193 | return FALSE; | 195 | return FALSE; |
| 194 | } else { | 196 | } else { |
| 195 | denials=0; | 197 | denials=0; |
| 196 | cfg.writeEntry("Passwords",pwds+" "+cpassword); | 198 | cfg.writeEntry("Passwords",pwds+" "+cpassword); |
| 197 | return TRUE; | 199 | return TRUE; |
| 198 | } | 200 | } |
| 199 | } | 201 | } |
| 200 | 202 | ||
| 201 | return FALSE; | 203 | return FALSE; |
| 202 | } | 204 | } |
| 203 | 205 | ||
| 204 | ServerPI::ServerPI( int socket, QObject *parent , const char* name ) | 206 | ServerPI::ServerPI( int socket, QObject *parent , const char* name ) |
| 205 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) | 207 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) |
| 206 | { | 208 | { |
| 207 | state = Connected; | 209 | state = Connected; |
| 208 | 210 | ||
| 209 | setSocket( socket ); | 211 | setSocket( socket ); |
| 210 | 212 | ||
| 211 | peerport = peerPort(); | 213 | peerport = peerPort(); |
| 212 | peeraddress = peerAddress(); | 214 | peeraddress = peerAddress(); |
| 213 | 215 | ||
| 214 | #ifndef INSECURE | 216 | #ifndef INSECURE |
| 215 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { | 217 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { |
| 216 | state = Forbidden; | 218 | state = Forbidden; |
| 217 | startTimer( 0 ); | 219 | startTimer( 0 ); |
| 218 | } else | 220 | } else |
| 219 | #endif | 221 | #endif |
| 220 | { | 222 | { |
| 221 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); | 223 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); |
| 222 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); | 224 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); |
| 223 | 225 | ||
| 224 | passiv = FALSE; | 226 | passiv = FALSE; |
| 225 | for( int i = 0; i < 4; i++ ) | 227 | for( int i = 0; i < 4; i++ ) |
| 226 | wait[i] = FALSE; | 228 | wait[i] = FALSE; |
| 227 | 229 | ||
| 228 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); | 230 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); |
| 229 | state = Wait_USER; | 231 | state = Wait_USER; |
| 230 | 232 | ||
| 231 | dtp = new ServerDTP( this ); | 233 | dtp = new ServerDTP( this ); |
| 232 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); | 234 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); |
| 233 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); | 235 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); |
| 234 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); | 236 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); |
| 235 | 237 | ||
| 236 | 238 | ||
| 237 | directory = QDir::currentDirPath(); | 239 | directory = QDir::currentDirPath(); |
| 238 | 240 | ||
| 239 | static int p = 1024; | 241 | static int p = 1024; |