-rw-r--r-- | core/launcher/transferserver.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp index ed3e2c6..28b7b49 100644 --- a/core/launcher/transferserver.cpp +++ b/core/launcher/transferserver.cpp | |||
@@ -79,193 +79,195 @@ void TransferServer::newConnection( int socket ) | |||
79 | QString SyncAuthentication::serverId() | 79 | QString SyncAuthentication::serverId() |
80 | { | 80 | { |
81 | Config cfg("Security"); | 81 | Config cfg("Security"); |
82 | cfg.setGroup("Sync"); | 82 | cfg.setGroup("Sync"); |
83 | QString r=cfg.readEntry("serverid"); | 83 | QString r=cfg.readEntry("serverid"); |
84 | if ( r.isEmpty() ) { | 84 | if ( r.isEmpty() ) { |
85 | uuid_t uuid; | 85 | uuid_t uuid; |
86 | uuid_generate( uuid ); | 86 | uuid_generate( uuid ); |
87 | cfg.writeEntry("serverid",(r = QUuid( uuid ).toString())); | 87 | cfg.writeEntry("serverid",(r = QUuid( uuid ).toString())); |
88 | } | 88 | } |
89 | return r; | 89 | return r; |
90 | } | 90 | } |
91 | 91 | ||
92 | QString SyncAuthentication::ownerName() | 92 | QString SyncAuthentication::ownerName() |
93 | { | 93 | { |
94 | QString vfilename = Global::applicationFileName("addressbook", | 94 | QString vfilename = Global::applicationFileName("addressbook", |
95 | "businesscard.vcf"); | 95 | "businesscard.vcf"); |
96 | if (QFile::exists(vfilename)) { | 96 | if (QFile::exists(vfilename)) { |
97 | Contact c; | 97 | Contact c; |
98 | c = Contact::readVCard( vfilename )[0]; | 98 | c = Contact::readVCard( vfilename )[0]; |
99 | return c.fullName(); | 99 | return c.fullName(); |
100 | } | 100 | } |
101 | 101 | ||
102 | return ""; | 102 | return ""; |
103 | } | 103 | } |
104 | 104 | ||
105 | QString SyncAuthentication::loginName() | 105 | QString SyncAuthentication::loginName() |
106 | { | 106 | { |
107 | struct passwd *pw; | 107 | struct passwd *pw; |
108 | pw = getpwuid( geteuid() ); | 108 | pw = getpwuid( geteuid() ); |
109 | return QString::fromLocal8Bit( pw->pw_name ); | 109 | return QString::fromLocal8Bit( pw->pw_name ); |
110 | } | 110 | } |
111 | 111 | ||
112 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) | 112 | int SyncAuthentication::isAuthorized(QHostAddress peeraddress) |
113 | { | 113 | { |
114 | Config cfg("Security"); | 114 | Config cfg("Security"); |
115 | cfg.setGroup("Sync"); | 115 | cfg.setGroup("Sync"); |
116 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); | 116 | // QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); |
117 | uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); | 117 | uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); |
118 | 118 | ||
119 | // QHostAddress allowed; | 119 | // QHostAddress allowed; |
120 | // allowed.setAddress(allowedstr); | 120 | // allowed.setAddress(allowedstr); |
121 | // uint auth_peer = allowed.ip4Addr(); | 121 | // uint auth_peer = allowed.ip4Addr(); |
122 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); | 122 | uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); |
123 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined | 123 | uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined |
124 | ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); | 124 | ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); |
125 | return (peeraddress.ip4Addr() & mask) == auth_peer; | 125 | return (peeraddress.ip4Addr() & mask) == auth_peer; |
126 | } | 126 | } |
127 | 127 | ||
128 | bool SyncAuthentication::checkUser( const QString& user ) | 128 | bool SyncAuthentication::checkUser( const QString& user ) |
129 | { | 129 | { |
130 | if ( user.isEmpty() ) return FALSE; | 130 | if ( user.isEmpty() ) return FALSE; |
131 | QString euser = loginName(); | 131 | QString euser = loginName(); |
132 | return user == euser; | 132 | return user == euser; |
133 | } | 133 | } |
134 | 134 | ||
135 | bool SyncAuthentication::checkPassword( const QString& password ) | 135 | bool SyncAuthentication::checkPassword( const QString& password ) |
136 | { | 136 | { |
137 | #ifdef ALLOW_UNIX_USER_FTP | 137 | #ifdef ALLOW_UNIX_USER_FTP |
138 | // First, check system password... | 138 | // First, check system password... |
139 | 139 | ||
140 | struct passwd *pw = 0; | 140 | struct passwd *pw = 0; |
141 | struct spwd *spw = 0; | 141 | struct spwd *spw = 0; |
142 | 142 | ||
143 | pw = getpwuid( geteuid() ); | 143 | pw = getpwuid( geteuid() ); |
144 | spw = getspnam( pw->pw_name ); | 144 | spw = getspnam( pw->pw_name ); |
145 | 145 | ||
146 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); | 146 | QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); |
147 | if ( cpwd == "x" && spw ) | 147 | if ( cpwd == "x" && spw ) |
148 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); | 148 | cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); |
149 | 149 | ||
150 | // Note: some systems use more than crypt for passwords. | 150 | // Note: some systems use more than crypt for passwords. |
151 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); | 151 | QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); |
152 | if ( cpwd == cpassword ) | 152 | if ( cpwd == cpassword ) |
153 | return TRUE; | 153 | return TRUE; |
154 | #endif | 154 | #endif |
155 | 155 | ||
156 | static int lastdenial=0; | 156 | static int lastdenial=0; |
157 | static int denials=0; | 157 | static int denials=0; |
158 | int now = time(0); | 158 | int now = time(0); |
159 | 159 | ||
160 | // Detect old Qtopia Desktop (no password) | 160 | // Detect old Qtopia Desktop (no password) |
161 | if ( password.isEmpty() ) { | 161 | if ( password.isEmpty() ) { |
162 | if ( denials < 1 || now > lastdenial+600 ) { | 162 | if ( denials < 1 || now > lastdenial+600 ) { |
163 | QMessageBox::warning( 0,tr("Sync Connection"), | 163 | QMessageBox::warning( 0,tr("Sync Connection"), |
164 | tr("<p>An unauthorized system is requesting access to this device." | 164 | tr("<p>An unauthorized system is requesting access to this device." |
165 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " | 165 | "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " |
166 | "please upgrade."), | 166 | "please upgrade."), |
167 | tr("Deny") ); | 167 | tr("Deny") ); |
168 | denials++; | 168 | denials++; |
169 | lastdenial=now; | 169 | lastdenial=now; |
170 | } | 170 | } |
171 | return FALSE; | 171 | return FALSE; |
172 | } | 172 | } |
173 | 173 | ||
174 | // Second, check sync password... | 174 | // Second, check sync password... |
175 | if ( password.left(6) == "Qtopia" ) { | 175 | if ( password.left(6) == "rootme" ) { |
176 | // fuckin TT gave us the wrong sync password. | ||
177 | // what a dumbassed password is rootme anyway. | ||
176 | QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); | 178 | QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); |
177 | Config cfg("Security"); | 179 | Config cfg("Security"); |
178 | cfg.setGroup("Sync"); | 180 | cfg.setGroup("Sync"); |
179 | QString pwds = cfg.readEntry("Passwords"); | 181 | QString pwds = cfg.readEntry("Passwords"); |
180 | if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) | 182 | if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) |
181 | return TRUE; | 183 | return TRUE; |
182 | 184 | ||
183 | // Unrecognized system. Be careful... | 185 | // Unrecognized system. Be careful... |
184 | 186 | ||
185 | if ( (denials > 2 && now < lastdenial+600) | 187 | if ( (denials > 2 && now < lastdenial+600) |
186 | || QMessageBox::warning(0,tr("Sync Connection"), | 188 | || QMessageBox::warning(0,tr("Sync Connection"), |
187 | tr("<p>An unrecognized system is requesting access to this device." | 189 | tr("<p>An unrecognized system is requesting access to this device." |
188 | "<p>If you have just initiated a Sync for the first time, this is normal."), | 190 | "<p>If you have just initiated a Sync for the first time, this is normal."), |
189 | tr("Allow"),tr("Deny"))==1 ) | 191 | tr("Allow"),tr("Deny"))==1 ) |
190 | { | 192 | { |
191 | denials++; | 193 | denials++; |
192 | lastdenial=now; | 194 | lastdenial=now; |
193 | return FALSE; | 195 | return FALSE; |
194 | } else { | 196 | } else { |
195 | denials=0; | 197 | denials=0; |
196 | cfg.writeEntry("Passwords",pwds+" "+cpassword); | 198 | cfg.writeEntry("Passwords",pwds+" "+cpassword); |
197 | return TRUE; | 199 | return TRUE; |
198 | } | 200 | } |
199 | } | 201 | } |
200 | 202 | ||
201 | return FALSE; | 203 | return FALSE; |
202 | } | 204 | } |
203 | 205 | ||
204 | ServerPI::ServerPI( int socket, QObject *parent , const char* name ) | 206 | ServerPI::ServerPI( int socket, QObject *parent , const char* name ) |
205 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) | 207 | : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) |
206 | { | 208 | { |
207 | state = Connected; | 209 | state = Connected; |
208 | 210 | ||
209 | setSocket( socket ); | 211 | setSocket( socket ); |
210 | 212 | ||
211 | peerport = peerPort(); | 213 | peerport = peerPort(); |
212 | peeraddress = peerAddress(); | 214 | peeraddress = peerAddress(); |
213 | 215 | ||
214 | #ifndef INSECURE | 216 | #ifndef INSECURE |
215 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { | 217 | if ( !SyncAuthentication::isAuthorized(peeraddress) ) { |
216 | state = Forbidden; | 218 | state = Forbidden; |
217 | startTimer( 0 ); | 219 | startTimer( 0 ); |
218 | } else | 220 | } else |
219 | #endif | 221 | #endif |
220 | { | 222 | { |
221 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); | 223 | connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); |
222 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); | 224 | connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); |
223 | 225 | ||
224 | passiv = FALSE; | 226 | passiv = FALSE; |
225 | for( int i = 0; i < 4; i++ ) | 227 | for( int i = 0; i < 4; i++ ) |
226 | wait[i] = FALSE; | 228 | wait[i] = FALSE; |
227 | 229 | ||
228 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); | 230 | send( "220 Qtopia " QPE_VERSION " FTP Server" ); |
229 | state = Wait_USER; | 231 | state = Wait_USER; |
230 | 232 | ||
231 | dtp = new ServerDTP( this ); | 233 | dtp = new ServerDTP( this ); |
232 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); | 234 | connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); |
233 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); | 235 | connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); |
234 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); | 236 | connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); |
235 | 237 | ||
236 | 238 | ||
237 | directory = QDir::currentDirPath(); | 239 | directory = QDir::currentDirPath(); |
238 | 240 | ||
239 | static int p = 1024; | 241 | static int p = 1024; |
240 | 242 | ||
241 | while ( !serversocket || !serversocket->ok() ) { | 243 | while ( !serversocket || !serversocket->ok() ) { |
242 | delete serversocket; | 244 | delete serversocket; |
243 | serversocket = new ServerSocket( ++p, this ); | 245 | serversocket = new ServerSocket( ++p, this ); |
244 | } | 246 | } |
245 | connect( serversocket, SIGNAL( newIncomming( int ) ), | 247 | connect( serversocket, SIGNAL( newIncomming( int ) ), |
246 | SLOT( newConnection( int ) ) ); | 248 | SLOT( newConnection( int ) ) ); |
247 | } | 249 | } |
248 | } | 250 | } |
249 | 251 | ||
250 | ServerPI::~ServerPI() | 252 | ServerPI::~ServerPI() |
251 | { | 253 | { |
252 | 254 | ||
253 | } | 255 | } |
254 | 256 | ||
255 | void ServerPI::connectionClosed() | 257 | void ServerPI::connectionClosed() |
256 | { | 258 | { |
257 | // qDebug( "Debug: Connection closed" ); | 259 | // qDebug( "Debug: Connection closed" ); |
258 | delete this; | 260 | delete this; |
259 | } | 261 | } |
260 | 262 | ||
261 | void ServerPI::send( const QString& msg ) | 263 | void ServerPI::send( const QString& msg ) |
262 | { | 264 | { |
263 | QTextStream os( this ); | 265 | QTextStream os( this ); |
264 | os << msg << endl; | 266 | os << msg << endl; |
265 | //qDebug( "Reply: %s", msg.latin1() ); | 267 | //qDebug( "Reply: %s", msg.latin1() ); |
266 | } | 268 | } |
267 | 269 | ||
268 | void ServerPI::read() | 270 | void ServerPI::read() |
269 | { | 271 | { |
270 | while ( canReadLine() ) | 272 | while ( canReadLine() ) |
271 | process( readLine().stripWhiteSpace() ); | 273 | process( readLine().stripWhiteSpace() ); |