summaryrefslogtreecommitdiff
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--core/launcher/transferserver.cpp3
1 files changed, 3 insertions, 0 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index f9204ab..d2f5501 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -1,411 +1,414 @@
/**********************************************************************
** Copyright (C) 2000-2002 Trolltech AS. All rights reserved.
**
** This file is part of the Qtopia Environment.
**
** This file may be distributed and/or modified under the terms of the
** GNU General Public License version 2 as published by the Free Software
** Foundation and appearing in the file LICENSE.GPL included in the
** packaging of this file.
**
** This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE
** WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
**
** See http://www.trolltech.com/gpl/ for GPL licensing information.
**
** Contact info@trolltech.com if any conditions of this licensing are
** not clear to you.
**
**********************************************************************/
#define _XOPEN_SOURCE
#include <pwd.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <time.h>
#include <shadow.h>
+/* we need the _OS_LINUX stuff first ! */
+#include <qglobal.h>
+
#ifndef _OS_LINUX_
extern "C" {
#include <uuid/uuid.h>
#define UUID_H_INCLUDED
}
#endif // not defined linux
#if defined(_OS_LINUX_)
#include <shadow.h>
#endif
#include <qdir.h>
#include <qfile.h>
#include <qtextstream.h>
#include <qdatastream.h>
#include <qmessagebox.h>
#include <qstringlist.h>
#include <qfileinfo.h>
#include <qregexp.h>
//#include <qpe/qcopchannel_qws.h>
#include <qpe/process.h>
#include <qpe/global.h>
#include <qpe/config.h>
#include <qpe/contact.h>
#include <qpe/quuid.h>
#include <qpe/version.h>
#ifdef QWS
#include <qpe/qcopenvelope_qws.h>
#endif
#include "transferserver.h"
#include "qprocess.h"
const int block_size = 51200;
TransferServer::TransferServer( Q_UINT16 port, QObject *parent ,
const char* name )
: QServerSocket( port, 1, parent, name )
{
if ( !ok() )
qWarning( "Failed to bind to port %d", port );
}
TransferServer::~TransferServer()
{
}
void TransferServer::newConnection( int socket )
{
(void) new ServerPI( socket, this );
}
/*
* small class in anonymous namespace
* to generate a QUUid for us
*/
namespace {
struct UidGen {
QString uuid();
};
#if !defined(_OS_LINUX_)
QString UidGen::uuid() {
uuid_t uuid;
uuid_generate( uuid );
return QUUid( uuid ).toString();
}
#else
/*
* linux got a /proc/sys/kernel/random/uuid file
* it'll generate the uuids for us
*/
QString UidGen::uuid() {
QFile file( "/proc/sys/kernel/random/uuid" );
if (!file.open(IO_ReadOnly ) )
return QString::null;
QTextStream stream(&file);
return "{" + stream.read().stripWhiteSpace() + "}";
}
#endif
}
QString SyncAuthentication::serverId()
{
Config cfg("Security");
cfg.setGroup("Sync");
QString r=cfg.readEntry("serverid");
if ( r.isEmpty() ) {
UidGen gen;
r = gen.uuid();
cfg.writeEntry("serverid", r );
}
return r;
}
QString SyncAuthentication::ownerName()
{
QString vfilename = Global::applicationFileName("addressbook",
"businesscard.vcf");
if (QFile::exists(vfilename)) {
Contact c;
c = Contact::readVCard( vfilename )[0];
return c.fullName();
}
return "";
}
QString SyncAuthentication::loginName()
{
struct passwd *pw;
pw = getpwuid( geteuid() );
return QString::fromLocal8Bit( pw->pw_name );
}
int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
{
Config cfg("Security");
cfg.setGroup("Sync");
// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100);
// QHostAddress allowed;
// allowed.setAddress(allowedstr);
// uint auth_peer = allowed.ip4Addr();
uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);
uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits));
return (peeraddress.ip4Addr() & mask) == auth_peer;
}
bool SyncAuthentication::checkUser( const QString& user )
{
if ( user.isEmpty() ) return FALSE;
QString euser = loginName();
return user == euser;
}
bool SyncAuthentication::checkPassword( const QString& password )
{
#ifdef ALLOW_UNIX_USER_FTP
// First, check system password...
struct passwd *pw = 0;
struct spwd *spw = 0;
pw = getpwuid( geteuid() );
spw = getspnam( pw->pw_name );
QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
if ( cpwd == "x" && spw )
cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
// Note: some systems use more than crypt for passwords.
QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
if ( cpwd == cpassword )
return TRUE;
#endif
static int lastdenial=0;
static int denials=0;
int now = time(0);
// Detect old Qtopia Desktop (no password)
if ( password.isEmpty() ) {
if ( denials < 1 || now > lastdenial+600 ) {
QMessageBox::warning( 0,tr("Sync Connection"),
tr("<p>An unauthorized system is requesting access to this device."
"<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
"please upgrade."),
tr("Deny") );
denials++;
lastdenial=now;
}
return FALSE;
}
// Second, check sync password...
QString pass = password.left(6);
/* old QtopiaDesktops are sending
* rootme newer versions got a Qtopia
* prefixed. Qtopia prefix will suceed
* until the sync software syncs up
* FIXME
*/
if ( pass == "rootme" || pass == "Qtopia") {
QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) );
Config cfg("Security");
cfg.setGroup("Sync");
QString pwds = cfg.readEntry("Passwords");
if ( QStringList::split(QChar(' '),pwds).contains(cpassword) )
return TRUE;
// Unrecognized system. Be careful...
if ( (denials > 2 && now < lastdenial+600)
|| QMessageBox::warning(0,tr("Sync Connection"),
tr("<p>An unrecognized system is requesting access to this device."
"<p>If you have just initiated a Sync for the first time, this is normal."),
tr("Allow"),tr("Deny"))==1 )
{
denials++;
lastdenial=now;
return FALSE;
} else {
denials=0;
cfg.writeEntry("Passwords",pwds+" "+cpassword);
return TRUE;
}
}
return FALSE;
}
ServerPI::ServerPI( int socket, QObject *parent , const char* name )
: QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )
{
state = Connected;
setSocket( socket );
peerport = peerPort();
peeraddress = peerAddress();
#ifndef INSECURE
if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
state = Forbidden;
startTimer( 0 );
} else
#endif
{
connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
passiv = FALSE;
for( int i = 0; i < 4; i++ )
wait[i] = FALSE;
send( "220 Qtopia " QPE_VERSION " FTP Server" );
state = Wait_USER;
dtp = new ServerDTP( this );
connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
directory = QDir::currentDirPath();
static int p = 1024;
while ( !serversocket || !serversocket->ok() ) {
delete serversocket;
serversocket = new ServerSocket( ++p, this );
}
connect( serversocket, SIGNAL( newIncomming( int ) ),
SLOT( newConnection( int ) ) );
}
}
ServerPI::~ServerPI()
{
}
void ServerPI::connectionClosed()
{
// qDebug( "Debug: Connection closed" );
delete this;
}
void ServerPI::send( const QString& msg )
{
QTextStream os( this );
os << msg << endl;
//qDebug( "Reply: %s", msg.latin1() );
}
void ServerPI::read()
{
while ( canReadLine() )
process( readLine().stripWhiteSpace() );
}
bool ServerPI::checkReadFile( const QString& file )
{
QString filename;
if ( file[0] != "/" )
filename = directory.path() + "/" + file;
else
filename = file;
QFileInfo fi( filename );
return ( fi.exists() && fi.isReadable() );
}
bool ServerPI::checkWriteFile( const QString& file )
{
QString filename;
if ( file[0] != "/" )
filename = directory.path() + "/" + file;
else
filename = file;
QFileInfo fi( filename );
if ( fi.exists() )
if ( !QFile( filename ).remove() )
return FALSE;
return TRUE;
}
void ServerPI::process( const QString& message )
{
//qDebug( "Command: %s", message.latin1() );
// split message using "," as separator
QStringList msg = QStringList::split( " ", message );
if ( msg.isEmpty() ) return;
// command token
QString cmd = msg[0].upper();
// argument token
QString arg;
if ( msg.count() >= 2 )
arg = msg[1];
// full argument string
QString args;
if ( msg.count() >= 2 ) {
QStringList copy( msg );
// FIXME: for Qt3
// copy.pop_front()
copy.remove( copy.begin() );
args = copy.join( " " );
}
//qDebug( "args: %s", args.latin1() );
// we always respond to QUIT, regardless of state
if ( cmd == "QUIT" ) {
send( "211 Good bye!" );
delete this;
return;
}
// connected to client
if ( Connected == state )
return;
// waiting for user name
if ( Wait_USER == state ) {
if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) {
send( "530 Please login with USER and PASS" );
return;
}
send( "331 User name ok, need password" );
state = Wait_PASS;
return;
}
// waiting for password
if ( Wait_PASS == state ) {
if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) {
send( "530 Please login with USER and PASS" );
return;
}
send( "230 User logged in, proceed" );
state = Ready;
return;
}
// ACCESS CONTROL COMMANDS