summaryrefslogtreecommitdiff
authorzecke <zecke>2003-09-19 13:34:19 (UTC)
committer zecke <zecke>2003-09-19 13:34:19 (UTC)
commit6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0 (patch) (unidiff)
tree6a5511175042d599142c1686289487cc4e74c19a
parentff7423735a1effb0aad3f79b8a4e1ee2ed24750d (diff)
downloadopie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.zip
opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.gz
opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.bz2
if the password is wrong but 'rootme' prompt the user again to either accept
or deny the connection
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--core/launcher/transferserver.cpp6
1 files changed, 5 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index 371400e..fde6f8b 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -156,129 +156,133 @@ int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
156 uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined 156 uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
157 ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits)); 157 ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
158 158
159 return (peeraddress.ip4Addr() & mask) == auth_peer; 159 return (peeraddress.ip4Addr() & mask) == auth_peer;
160} 160}
161 161
162bool SyncAuthentication::checkUser( const QString& user ) 162bool SyncAuthentication::checkUser( const QString& user )
163{ 163{
164 if ( user.isEmpty() ) return FALSE; 164 if ( user.isEmpty() ) return FALSE;
165 QString euser = loginName(); 165 QString euser = loginName();
166 return user == euser; 166 return user == euser;
167} 167}
168 168
169bool SyncAuthentication::checkPassword( const QString& password ) 169bool SyncAuthentication::checkPassword( const QString& password )
170{ 170{
171#ifdef ALLOW_UNIX_USER_FTP 171#ifdef ALLOW_UNIX_USER_FTP
172 // First, check system password... 172 // First, check system password...
173 173
174 struct passwd *pw = 0; 174 struct passwd *pw = 0;
175 struct spwd *spw = 0; 175 struct spwd *spw = 0;
176 176
177 pw = getpwuid( geteuid() ); 177 pw = getpwuid( geteuid() );
178 spw = getspnam( pw->pw_name ); 178 spw = getspnam( pw->pw_name );
179 179
180 QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); 180 QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
181 if ( cpwd == "x" && spw ) 181 if ( cpwd == "x" && spw )
182 cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); 182 cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
183 183
184 // Note: some systems use more than crypt for passwords. 184 // Note: some systems use more than crypt for passwords.
185 QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); 185 QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
186 if ( cpwd == cpassword ) 186 if ( cpwd == cpassword )
187 return TRUE; 187 return TRUE;
188#endif 188#endif
189 189
190 static int lastdenial=0; 190 static int lastdenial=0;
191 static int denials=0; 191 static int denials=0;
192 int now = time(0); 192 int now = time(0);
193 193
194 // Detect old Qtopia Desktop (no password) 194 // Detect old Qtopia Desktop (no password)
195 if ( password.isEmpty() ) { 195 if ( password.isEmpty() ) {
196 if ( denials < 1 || now > lastdenial+600 ) { 196 if ( denials < 1 || now > lastdenial+600 ) {
197 QMessageBox unauth( 197 QMessageBox unauth(
198 tr("Sync Connection"), 198 tr("Sync Connection"),
199 tr("<p>An unauthorized system is requesting access to this device." 199 tr("<p>An unauthorized system is requesting access to this device."
200 "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " 200 "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
201 "please upgrade."), 201 "please upgrade."),
202 QMessageBox::Warning, 202 QMessageBox::Warning,
203 QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton, 203 QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
204 0, QString::null, TRUE, WStyle_StaysOnTop); 204 0, QString::null, TRUE, WStyle_StaysOnTop);
205 unauth.setButtonText(QMessageBox::Cancel, tr("Deny")); 205 unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
206 unauth.exec(); 206 unauth.exec();
207 207
208 denials++; 208 denials++;
209 lastdenial=now; 209 lastdenial=now;
210 } 210 }
211 return FALSE; 211 return FALSE;
212 } 212 }
213 213
214 // Second, check sync password... 214 // Second, check sync password...
215 215
216 static int lock=0; 216 static int lock=0;
217 if ( lock ) return FALSE; 217 if ( lock ) return FALSE;
218 218
219 ++lock; 219 ++lock;
220 if ( password.left(6) == "Qtopia" ) { 220
221 /*
222 * we need to support old Sync software and QtopiaDesktop
223 */
224 if ( password.left(6) == "Qtopia" || password.left(6) == "rootme" ) {
221 Config cfg( QPEApplication::qpeDir()+"/etc/Security.conf", Config::File ); 225 Config cfg( QPEApplication::qpeDir()+"/etc/Security.conf", Config::File );
222 cfg.setGroup("Sync"); 226 cfg.setGroup("Sync");
223 QStringList pwds = cfg.readListEntry("Passwords",' '); 227 QStringList pwds = cfg.readListEntry("Passwords",' ');
224 for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) { 228 for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
225#ifndef Q_OS_WIN32 229#ifndef Q_OS_WIN32
226 QString cpassword = QString::fromLocal8Bit( 230 QString cpassword = QString::fromLocal8Bit(
227 crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) ); 231 crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
228#else 232#else
229 // ### revise 233 // ### revise
230 QString cpassword(""); 234 QString cpassword("");
231#endif 235#endif
232 if ( *it == cpassword ) { 236 if ( *it == cpassword ) {
233 lock--; 237 lock--;
234 return TRUE; 238 return TRUE;
235 } 239 }
236 } 240 }
237 241
238 // Unrecognized system. Be careful... 242 // Unrecognized system. Be careful...
239 QMessageBox unrecbox( 243 QMessageBox unrecbox(
240 tr("Sync Connection"), 244 tr("Sync Connection"),
241 tr("<p>An unrecognized system is requesting access to this device." 245 tr("<p>An unrecognized system is requesting access to this device."
242 "<p>If you have just initiated a Sync for the first time, this is normal."), 246 "<p>If you have just initiated a Sync for the first time, this is normal."),
243 QMessageBox::Warning, 247 QMessageBox::Warning,
244 QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton, 248 QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
245 0, QString::null, TRUE, WStyle_StaysOnTop); 249 0, QString::null, TRUE, WStyle_StaysOnTop);
246 unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny")); 250 unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
247 unrecbox.setButtonText(QMessageBox::Yes, tr("Allow")); 251 unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
248 252
249 if ( (denials > 2 && now < lastdenial+600) 253 if ( (denials > 2 && now < lastdenial+600)
250 || unrecbox.exec() != QMessageBox::Yes) 254 || unrecbox.exec() != QMessageBox::Yes)
251 { 255 {
252 denials++; 256 denials++;
253 lastdenial=now; 257 lastdenial=now;
254 lock--; 258 lock--;
255 return FALSE; 259 return FALSE;
256 } else { 260 } else {
257 const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/."; 261 const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
258 char salt[2]; 262 char salt[2];
259 salt[0]= salty[rand() % (sizeof(salty)-1)]; 263 salt[0]= salty[rand() % (sizeof(salty)-1)];
260 salt[1]= salty[rand() % (sizeof(salty)-1)]; 264 salt[1]= salty[rand() % (sizeof(salty)-1)];
261#ifndef Q_OS_WIN32 265#ifndef Q_OS_WIN32
262 QString cpassword = QString::fromLocal8Bit( 266 QString cpassword = QString::fromLocal8Bit(
263 crypt( password.mid(8).local8Bit(), salt ) ); 267 crypt( password.mid(8).local8Bit(), salt ) );
264#else 268#else
265 //### revise 269 //### revise
266 QString cpassword(""); 270 QString cpassword("");
267#endif 271#endif
268 denials=0; 272 denials=0;
269 pwds.prepend(cpassword); 273 pwds.prepend(cpassword);
270 cfg.writeEntry("Passwords",pwds,' '); 274 cfg.writeEntry("Passwords",pwds,' ');
271 lock--; 275 lock--;
272 return TRUE; 276 return TRUE;
273 } 277 }
274 } 278 }
275 lock--; 279 lock--;
276 280
277 return FALSE; 281 return FALSE;
278} 282}
279 283
280 284
281ServerPI::ServerPI( int socket, QObject *parent, const char* name ) 285ServerPI::ServerPI( int socket, QObject *parent, const char* name )
282 : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ), 286 : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ),
283 storFileSize(-1) 287 storFileSize(-1)
284{ 288{