| -rw-r--r-- | core/qws/transferserver.cpp | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/core/qws/transferserver.cpp b/core/qws/transferserver.cpp index 7bf6719..42ac917 100644 --- a/core/qws/transferserver.cpp +++ b/core/qws/transferserver.cpp @@ -1,798 +1,799 @@ /********************************************************************** ** Copyright (C) 2000-2002 Trolltech AS. All rights reserved. ** ** This file is part of the Qtopia Environment. ** ** This file may be distributed and/or modified under the terms of the ** GNU General Public License version 2 as published by the Free Software ** Foundation and appearing in the file LICENSE.GPL included in the ** packaging of this file. ** ** This file is provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE ** WARRANTY OF DESIGN, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ** ** See http://www.trolltech.com/gpl/ for GPL licensing information. ** ** Contact info@trolltech.com if any conditions of this licensing are ** not clear to you. ** **********************************************************************/ /* OPIE */ #include <opie2/odebug.h> /* STD */ #define _XOPEN_SOURCE #include <pwd.h> #include <sys/types.h> #include <unistd.h> #include <stdlib.h> #include <time.h> +#include <crypt.h> #ifndef Q_OS_MACX #include <shadow.h> #endif /* Q_OS_MACX */ /* we need the _OS_LINUX stuff first ! */ #ifndef _OS_LINUX_ // Is anybody able to review this ? The include "uuid/uuid.h" couldn't be found // anywhere ? Therfore I removed it completely.. // I think it should be made permanentyl !? (eilers) #warning "Where should uuid/uuid.h be found ? Removed this part .. (eilers)" #if 0 extern "C" { #include <uuid/uuid.h> #define UUID_H_INCLUDED } #endif #endif // not defined linux #if defined(_OS_LINUX_) #include <shadow.h> #elif defined(Q_OS_MACX) #include <stdlib.h> #endif #include <qtextstream.h> #include <qmessagebox.h> //#include <qpe/qcopchannel_qws.h> #include <qpe/process.h> #include <qpe/global.h> #include <qpe/config.h> #include <qpe/contact.h> #include <qpe/version.h> #include <qpe/qcopenvelope_qws.h> #include "transferserver.h" #include <opie2/oprocess.h> using namespace Opie::Core; const int block_size = 51200; TransferServer::TransferServer( Q_UINT16 port, QObject *parent , const char* name ) : QServerSocket( port, 1, parent, name ) { if ( !ok() ) owarn << "Failed to bind to port " << port << "" << oendl; } TransferServer::~TransferServer() { } void TransferServer::newConnection( int socket ) { (void) new ServerPI( socket, this ); } /* * small class in anonymous namespace * to generate a QUUid for us */ namespace { struct UidGen { QString uuid(); }; #if defined(Q_OS_MACX) QString UidGen::uuid() { srandom( random() ); QString numStr = QString::number( random() ); return "{" + numStr + "}"; } #elif defined(_OS_LINUX_) /* * linux got a /proc/sys/kernel/random/uuid file * it'll generate the uuids for us */ QString UidGen::uuid() { QFile file( "/proc/sys/kernel/random/uuid" ); if (!file.open(IO_ReadOnly ) ) return QString::null; QTextStream stream(&file); return "{" + stream.read().stripWhiteSpace() + "}"; } #else QString UidGen::uuid() { uuid_t uuid; ::uuid_generate( uuid ); return QUUid( uuid ).toString(); } #endif } QString SyncAuthentication::serverId() { Config cfg("Security"); cfg.setGroup("Sync"); QString r = cfg.readEntry("serverid"); if ( r.isEmpty() ) { UidGen gen; r = gen.uuid(); cfg.writeEntry("serverid", r ); } return r; } QString SyncAuthentication::ownerName() { QString vfilename = Global::applicationFileName("addressbook", "businesscard.vcf"); if (QFile::exists(vfilename)) { Contact c; c = Contact::readVCard( vfilename )[0]; return c.fullName(); } return ""; } QString SyncAuthentication::loginName() { struct passwd *pw; pw = getpwuid( geteuid() ); return QString::fromLocal8Bit( pw->pw_name ); } int SyncAuthentication::isAuthorized(QHostAddress peeraddress) { Config cfg("Security"); cfg.setGroup("Sync"); // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); uint auth_peer = cfg.readNumEntry("auth_peer", 0xc0a80100); // QHostAddress allowed; // allowed.setAddress(allowedstr); // uint auth_peer = allowed.ip4Addr(); uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits", 24); uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined ? 0xffffffff : (((1 << auth_peer_bits) - 1) << (32 - auth_peer_bits)); return (peeraddress.ip4Addr() & mask) == auth_peer; } bool SyncAuthentication::checkUser( const QString& user ) { if ( user.isEmpty() ) return FALSE; QString euser = loginName(); return user == euser; } bool SyncAuthentication::checkPassword( const QString& password ) { #ifdef ALLOW_UNIX_USER_FTP // First, check system password... struct passwd *pw = 0; struct spwd *spw = 0; pw = getpwuid( geteuid() ); spw = getspnam( pw->pw_name ); QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); if ( cpwd == "x" && spw ) cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); // Note: some systems use more than crypt for passwords. QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); if ( cpwd == cpassword ) return TRUE; #endif static int lastdenial = 0; static int denials = 0; int now = time(0); // Detect old Qtopia Desktop (no password) if ( password.isEmpty() ) { if ( denials < 1 || now > lastdenial + 600 ) { QMessageBox::warning( 0, tr("Sync Connection"), tr("<p>An unauthorized system is requesting access to this device." "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " "please upgrade."), tr("Deny") ); denials++; lastdenial = now; } return FALSE; } // Second, check sync password... QString pass = password.left(6); /* old QtopiaDesktops are sending * rootme newer versions got a Qtopia * prefixed. Qtopia prefix will suceed * until the sync software syncs up * FIXME */ if ( pass == "rootme" || pass == "Qtopia") { QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); Config cfg("Security"); cfg.setGroup("Sync"); QString pwds = cfg.readEntry("Passwords"); if ( QStringList::split(QChar(' '), pwds).contains(cpassword) ) return TRUE; // Unrecognized system. Be careful... if ( (denials > 2 && now < lastdenial + 600) || QMessageBox::warning(0, tr("Sync Connection"), tr("<p>An unrecognized system is requesting access to this device." "<p>If you have just initiated a Sync for the first time, this is normal."), tr("Allow"), tr("Deny"), 0, 1, 1 ) == 1 ) { denials++; lastdenial = now; return FALSE; } else { denials = 0; cfg.writeEntry("Passwords", pwds + " " + cpassword); return TRUE; } } return FALSE; } ServerPI::ServerPI( int socket, QObject *parent , const char* name ) : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) { state = Connected; setSocket( socket ); peerport = peerPort(); peeraddress = peerAddress(); #ifndef INSECURE if ( !SyncAuthentication::isAuthorized(peeraddress) ) { state = Forbidden; startTimer( 0 ); } else #endif { connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); passiv = FALSE; for ( int i = 0; i < 4; i++ ) wait[i] = FALSE; send( "220 Qtopia " QPE_VERSION " FTP Server" ); state = Wait_USER; dtp = new ServerDTP( this ); connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); connect( dtp, SIGNAL( error(int) ), SLOT( dtpError(int) ) ); directory = QDir::currentDirPath(); static int p = 1024; while ( !serversocket || !serversocket->ok() ) { delete serversocket; serversocket = new ServerSocket( ++p, this ); } connect( serversocket, SIGNAL( newIncomming(int) ), SLOT( newConnection(int) ) ); } } ServerPI::~ServerPI() { } void ServerPI::connectionClosed() { // odebug << "Debug: Connection closed" << oendl; delete this; } void ServerPI::send( const QString& msg ) { QTextStream os( this ); os << msg << endl; //odebug << "Reply: " << msg << "" << oendl; } void ServerPI::read() { while ( canReadLine() ) process( readLine().stripWhiteSpace() ); } bool ServerPI::checkReadFile( const QString& file ) { QString filename; if ( file[0] != "/" ) filename = directory.path() + "/" + file; else filename = file; QFileInfo fi( filename ); return ( fi.exists() && fi.isReadable() ); } bool ServerPI::checkWriteFile( const QString& file ) { QString filename; if ( file[0] != "/" ) filename = directory.path() + "/" + file; else filename = file; QFileInfo fi( filename ); if ( fi.exists() ) if ( !QFile( filename ).remove() ) return FALSE; return TRUE; } void ServerPI::process( const QString& message ) { //odebug << "Command: " << message << "" << oendl; // split message using "," as separator QStringList msg = QStringList::split( " ", message ); if ( msg.isEmpty() ) return ; // command token QString cmd = msg[0].upper(); // argument token QString arg; if ( msg.count() >= 2 ) arg = msg[1]; // full argument string QString args; if ( msg.count() >= 2 ) { QStringList copy( msg ); // FIXME: for Qt3 // copy.pop_front() copy.remove( copy.begin() ); args = copy.join( " " ); } //odebug << "args: " << args << "" << oendl; // we always respond to QUIT, regardless of state if ( cmd == "QUIT" ) { send( "211 Good bye!" ); delete this; return ; } // connected to client if ( Connected == state ) return ; // waiting for user name if ( Wait_USER == state ) { if ( cmd != "USER" || msg.count() < 2 || !SyncAuthentication::checkUser( arg ) ) { send( "530 Please login with USER and PASS" ); return ; } send( "331 User name ok, need password" ); state = Wait_PASS; return ; } // waiting for password if ( Wait_PASS == state ) { if ( cmd != "PASS" || !SyncAuthentication::checkPassword( arg ) ) { send( "530 Please login with USER and PASS" ); return ; } send( "230 User logged in, proceed" ); state = Ready; return ; } // ACCESS CONTROL COMMANDS // account (ACCT) if ( cmd == "ACCT" ) { // even wu-ftp does not support it send( "502 Command not implemented" ); } // change working directory (CWD) else if ( cmd == "CWD" ) { if ( !args.isEmpty() ) { if ( directory.cd( args, TRUE ) ) send( "250 Requested file action okay, completed" ); else send( "550 Requested action not taken" ); } else send( "500 Syntax error, command unrecognized" ); } // change to parent directory (CDUP) else if ( cmd == "CDUP" ) { if ( directory.cdUp() ) send( "250 Requested file action okay, completed" ); else send( "550 Requested action not taken" ); } // structure mount (SMNT) else if ( cmd == "SMNT" ) { // even wu-ftp does not support it send( "502 Command not implemented" ); } // reinitialize (REIN) else if ( cmd == "REIN" ) { // even wu-ftp does not support it send( "502 Command not implemented" ); } // TRANSFER PARAMETER COMMANDS // data port (PORT) else if ( cmd == "PORT" ) { if ( parsePort( arg ) ) send( "200 Command okay" ); else send( "500 Syntax error, command unrecognized" ); } // passive (PASV) else if ( cmd == "PASV" ) { passiv = TRUE; send( "227 Entering Passive Mode (" + address().toString().replace( QRegExp( "\\." ), "," ) + "," + QString::number( ( serversocket->port() ) >> 8 ) + "," + QString::number( ( serversocket->port() ) & 0xFF ) + ")" ); } // representation type (TYPE) else if ( cmd == "TYPE" ) { if ( arg.upper() == "A" || arg.upper() == "I" ) send( "200 Command okay" ); else send( "504 Command not implemented for that parameter" ); } // file structure (STRU) else if ( cmd == "STRU" ) { if ( arg.upper() == "F" ) send( "200 Command okay" ); else send( "504 Command not implemented for that parameter" ); } // transfer mode (MODE) else if ( cmd == "MODE" ) { if ( arg.upper() == "S" ) send( "200 Command okay" ); else send( "504 Command not implemented for that parameter" ); } // FTP SERVICE COMMANDS // retrieve (RETR) else if ( cmd == "RETR" ) if ( !args.isEmpty() && checkReadFile( absFilePath( args ) ) || backupRestoreGzip( absFilePath( args ) ) ) { send( "150 File status okay" ); sendFile( absFilePath( args ) ); } else { odebug << "550 Requested action not taken" << oendl; send( "550 Requested action not taken" ); } // store (STOR) else if ( cmd == "STOR" ) if ( !args.isEmpty() && checkWriteFile( absFilePath( args ) ) ) { send( "150 File status okay" ); retrieveFile( absFilePath( args ) ); } else send( "550 Requested action not taken" ); // store unique (STOU) else if ( cmd == "STOU" ) { send( "502 Command not implemented" ); } // append (APPE) else if ( cmd == "APPE" ) { send( "502 Command not implemented" ); } // allocate (ALLO) else if ( cmd == "ALLO" ) { send( "200 Command okay" ); } // restart (REST) else if ( cmd == "REST" ) { send( "502 Command not implemented" ); } // rename from (RNFR) else if ( cmd == "RNFR" ) { renameFrom = QString::null; if ( args.isEmpty() ) send( "500 Syntax error, command unrecognized" ); else { QFile file( absFilePath( args ) ); if ( file.exists() ) { send( "350 File exists, ready for destination name" ); renameFrom = absFilePath( args ); } else send( "550 Requested action not taken" ); } } // rename to (RNTO) else if ( cmd == "RNTO" ) { if ( lastCommand != "RNFR" ) send( "503 Bad sequence of commands" ); else if ( args.isEmpty() ) send( "500 Syntax error, command unrecognized" ); else { QDir dir( absFilePath( args ) ); if ( dir.rename( renameFrom, absFilePath( args ), TRUE ) ) send( "250 Requested file action okay, completed." ); else send( "550 Requested action not taken" ); } } // abort (ABOR) else if ( cmd.contains( "ABOR" ) ) { dtp->close(); if ( dtp->dtpMode() != ServerDTP::Idle ) send( "426 Connection closed; transfer aborted" ); else send( "226 Closing data connection" ); } // delete (DELE) else if ( cmd == "DELE" ) { if ( args.isEmpty() ) send( "500 Syntax error, command unrecognized" ); else { QFile file( absFilePath( args ) ) ; if ( file.remove() ) { send( "250 Requested file action okay, completed" ); QCopEnvelope e("QPE/System", "linkChanged(QString)" ); e << file.name(); } else { send( "550 Requested action not taken" ); } } } // remove directory (RMD) else if ( cmd == "RMD" ) { if ( args.isEmpty() ) send( "500 Syntax error, command unrecognized" ); else { QDir dir; if ( dir.rmdir( absFilePath( args ), TRUE ) ) send( "250 Requested file action okay, completed" ); else send( "550 Requested action not taken" ); } } // make directory (MKD) else if ( cmd == "MKD" ) { if ( args.isEmpty() ) { odebug << " Error: no arg" << oendl; send( "500 Syntax error, command unrecognized" ); } else { QDir dir; if ( dir.mkdir( absFilePath( args ), TRUE ) ) send( "250 Requested file action okay, completed." ); else send( "550 Requested action not taken" ); } } // print working directory (PWD) else if ( cmd == "PWD" ) { send( "257 \"" + directory.path() + "\"" ); } // list (LIST) else if ( cmd == "LIST" ) { if ( sendList( absFilePath( args ) ) ) send( "150 File status okay" ); else send( "500 Syntax error, command unrecognized" ); } // size (SIZE) else if ( cmd == "SIZE" ) { QString filePath = absFilePath( args ); QFileInfo fi( filePath ); bool gzipfile = backupRestoreGzip( filePath ); if ( !fi.exists() && !gzipfile ) send( "500 Syntax error, command unrecognized" ); else { if ( !gzipfile ) send( "213 " + QString::number( fi.size() ) ); else { Process duproc( QString("du") ); duproc.addArgument("-s"); QString in, out; if ( !duproc.exec(in, out) ) { odebug << "du process failed; just sending back 1K" << oendl; send( "213 1024"); } else { QString size = out.left( out.find("\t") ); int guess = size.toInt() / 5; if ( filePath.contains("doc") ) guess *= 1000; odebug << "sending back gzip guess of " << guess << "" << oendl; send( "213 " + QString::number(guess) ); } } } } // name list (NLST) else if ( cmd == "NLST" ) { send( "502 Command not implemented" ); } // site parameters (SITE) else if ( cmd == "SITE" ) { send( "502 Command not implemented" ); } // system (SYST) else if ( cmd == "SYST" ) { send( "215 UNIX Type: L8" ); } // status (STAT) else if ( cmd == "STAT" ) { send( "502 Command not implemented" ); } // help (HELP ) else if ( cmd == "HELP" ) { send( "502 Command not implemented" ); } // noop (NOOP) else if ( cmd == "NOOP" ) { send( "200 Command okay" ); } // not implemented else send( "502 Command not implemented" ); lastCommand = cmd; } bool ServerPI::backupRestoreGzip( const QString &file ) { return (file.find( "backup" ) != -1 && file.findRev( ".tgz" ) == (int)file.length() - 4 ); } bool ServerPI::backupRestoreGzip( const QString &file, QStringList &targets ) { if ( file.find( "backup" ) != -1 && file.findRev( ".tgz" ) == (int)file.length() - 4 ) { QFileInfo info( file ); targets = info.dirPath( TRUE ); odebug << "ServerPI::backupRestoreGzip for " << file.latin1() << " = " << targets.join(" ").latin1() << oendl; return true; } return false; } void ServerPI::sendFile( const QString& file ) { if ( passiv ) { wait[SendFile] = TRUE; waitfile = file; if ( waitsocket ) newConnection( waitsocket ); } else { QStringList targets; if ( backupRestoreGzip( file, targets ) ) dtp->sendGzipFile( file, targets, peeraddress, peerport ); else dtp->sendFile( file, peeraddress, peerport ); } } void ServerPI::retrieveFile( const QString& file ) { if ( passiv ) { wait[RetrieveFile] = TRUE; waitfile = file; if ( waitsocket ) newConnection( waitsocket ); } else { QStringList targets; if ( backupRestoreGzip( file, targets ) ) dtp->retrieveGzipFile( file, peeraddress, peerport ); else dtp->retrieveFile( file, peeraddress, peerport ); } } bool ServerPI::parsePort( const QString& pp ) { QStringList p = QStringList::split( ",", pp ); if ( p.count() != 6 ) return FALSE; // h1,h2,h3,h4,p1,p2 peeraddress = QHostAddress( ( p[0].toInt() << 24 ) + ( p[1].toInt() << 16 ) + ( p[2].toInt() << 8 ) + p[3].toInt() ); peerport = ( p[4].toInt() << 8 ) + p[5].toInt(); return TRUE; } void ServerPI::dtpCompleted() |