summaryrefslogtreecommitdiff
authorzecke <zecke>2003-09-19 13:34:19 (UTC)
committer zecke <zecke>2003-09-19 13:34:19 (UTC)
commit6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0 (patch) (side-by-side diff)
tree6a5511175042d599142c1686289487cc4e74c19a
parentff7423735a1effb0aad3f79b8a4e1ee2ed24750d (diff)
downloadopie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.zip
opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.gz
opie-6fc0216161b4ad62cd407d2a36d78d8bd88f4ed0.tar.bz2
if the password is wrong but 'rootme' prompt the user again to either accept
or deny the connection
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--core/launcher/transferserver.cpp6
1 files changed, 5 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index 371400e..fde6f8b 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -124,193 +124,197 @@ QString SyncAuthentication::ownerName()
if (QFile::exists(vfilename)) {
Contact c;
c = Contact::readVCard( vfilename )[0];
return c.fullName();
}
return QString::null;
}
QString SyncAuthentication::loginName()
{
struct passwd *pw = 0L;
#ifndef Q_OS_WIN32
pw = getpwuid( geteuid() );
return QString::fromLocal8Bit( pw->pw_name );
#else
//### revise
return QString();
#endif
}
int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
{
Config cfg("Security");
cfg.setGroup("Sync");
// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100);
// QHostAddress allowed;
// allowed.setAddress(allowedstr);
// uint auth_peer = allowed.ip4Addr();
uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24);
uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits));
return (peeraddress.ip4Addr() & mask) == auth_peer;
}
bool SyncAuthentication::checkUser( const QString& user )
{
if ( user.isEmpty() ) return FALSE;
QString euser = loginName();
return user == euser;
}
bool SyncAuthentication::checkPassword( const QString& password )
{
#ifdef ALLOW_UNIX_USER_FTP
// First, check system password...
struct passwd *pw = 0;
struct spwd *spw = 0;
pw = getpwuid( geteuid() );
spw = getspnam( pw->pw_name );
QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
if ( cpwd == "x" && spw )
cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
// Note: some systems use more than crypt for passwords.
QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
if ( cpwd == cpassword )
return TRUE;
#endif
static int lastdenial=0;
static int denials=0;
int now = time(0);
// Detect old Qtopia Desktop (no password)
if ( password.isEmpty() ) {
if ( denials < 1 || now > lastdenial+600 ) {
QMessageBox unauth(
tr("Sync Connection"),
tr("<p>An unauthorized system is requesting access to this device."
"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
"please upgrade."),
QMessageBox::Warning,
QMessageBox::Cancel, QMessageBox::NoButton, QMessageBox::NoButton,
0, QString::null, TRUE, WStyle_StaysOnTop);
unauth.setButtonText(QMessageBox::Cancel, tr("Deny"));
unauth.exec();
denials++;
lastdenial=now;
}
return FALSE;
}
// Second, check sync password...
static int lock=0;
if ( lock ) return FALSE;
++lock;
- if ( password.left(6) == "Qtopia" ) {
+
+ /*
+ * we need to support old Sync software and QtopiaDesktop
+ */
+ if ( password.left(6) == "Qtopia" || password.left(6) == "rootme" ) {
Config cfg( QPEApplication::qpeDir()+"/etc/Security.conf", Config::File );
cfg.setGroup("Sync");
QStringList pwds = cfg.readListEntry("Passwords",' ');
for (QStringList::ConstIterator it=pwds.begin(); it!=pwds.end(); ++it) {
#ifndef Q_OS_WIN32
QString cpassword = QString::fromLocal8Bit(
crypt( password.mid(8).local8Bit(), (*it).left(2).latin1() ) );
#else
// ### revise
QString cpassword("");
#endif
if ( *it == cpassword ) {
lock--;
return TRUE;
}
}
// Unrecognized system. Be careful...
QMessageBox unrecbox(
tr("Sync Connection"),
tr( "<p>An unrecognized system is requesting access to this device."
"<p>If you have just initiated a Sync for the first time, this is normal."),
QMessageBox::Warning,
QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton,
0, QString::null, TRUE, WStyle_StaysOnTop);
unrecbox.setButtonText(QMessageBox::Cancel, tr("Deny"));
unrecbox.setButtonText(QMessageBox::Yes, tr("Allow"));
if ( (denials > 2 && now < lastdenial+600)
|| unrecbox.exec() != QMessageBox::Yes)
{
denials++;
lastdenial=now;
lock--;
return FALSE;
} else {
const char salty[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/.";
char salt[2];
salt[0]= salty[rand() % (sizeof(salty)-1)];
salt[1]= salty[rand() % (sizeof(salty)-1)];
#ifndef Q_OS_WIN32
QString cpassword = QString::fromLocal8Bit(
crypt( password.mid(8).local8Bit(), salt ) );
#else
//### revise
QString cpassword("");
#endif
denials=0;
pwds.prepend(cpassword);
cfg.writeEntry("Passwords",pwds,' ');
lock--;
return TRUE;
}
}
lock--;
return FALSE;
}
ServerPI::ServerPI( int socket, QObject *parent, const char* name )
: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ),
storFileSize(-1)
{
state = Connected;
setSocket( socket );
peerport = peerPort();
peeraddress = peerAddress();
#ifndef INSECURE
if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
state = Forbidden;
startTimer( 0 );
} else
#endif
{
connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
passiv = FALSE;
for( int i = 0; i < 4; i++ )
wait[i] = FALSE;
send( "220 Qtopia " QPE_VERSION " FTP Server" ); // No tr
state = Wait_USER;
dtp = new ServerDTP( this );
connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
directory = QDir::currentDirPath();