summaryrefslogtreecommitdiff
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--core/launcher/transferserver.cpp4
1 files changed, 3 insertions, 1 deletions
diff --git a/core/launcher/transferserver.cpp b/core/launcher/transferserver.cpp
index ed3e2c6..28b7b49 100644
--- a/core/launcher/transferserver.cpp
+++ b/core/launcher/transferserver.cpp
@@ -79,193 +79,195 @@ void TransferServer::newConnection( int socket )
79QString SyncAuthentication::serverId() 79QString SyncAuthentication::serverId()
80{ 80{
81 Config cfg("Security"); 81 Config cfg("Security");
82 cfg.setGroup("Sync"); 82 cfg.setGroup("Sync");
83 QString r=cfg.readEntry("serverid"); 83 QString r=cfg.readEntry("serverid");
84 if ( r.isEmpty() ) { 84 if ( r.isEmpty() ) {
85 uuid_t uuid; 85 uuid_t uuid;
86 uuid_generate( uuid ); 86 uuid_generate( uuid );
87 cfg.writeEntry("serverid",(r = QUuid( uuid ).toString())); 87 cfg.writeEntry("serverid",(r = QUuid( uuid ).toString()));
88 } 88 }
89 return r; 89 return r;
90} 90}
91 91
92QString SyncAuthentication::ownerName() 92QString SyncAuthentication::ownerName()
93{ 93{
94 QString vfilename = Global::applicationFileName("addressbook", 94 QString vfilename = Global::applicationFileName("addressbook",
95 "businesscard.vcf"); 95 "businesscard.vcf");
96 if (QFile::exists(vfilename)) { 96 if (QFile::exists(vfilename)) {
97 Contact c; 97 Contact c;
98 c = Contact::readVCard( vfilename )[0]; 98 c = Contact::readVCard( vfilename )[0];
99 return c.fullName(); 99 return c.fullName();
100 } 100 }
101 101
102 return ""; 102 return "";
103} 103}
104 104
105QString SyncAuthentication::loginName() 105QString SyncAuthentication::loginName()
106{ 106{
107 struct passwd *pw; 107 struct passwd *pw;
108 pw = getpwuid( geteuid() ); 108 pw = getpwuid( geteuid() );
109 return QString::fromLocal8Bit( pw->pw_name ); 109 return QString::fromLocal8Bit( pw->pw_name );
110} 110}
111 111
112int SyncAuthentication::isAuthorized(QHostAddress peeraddress) 112int SyncAuthentication::isAuthorized(QHostAddress peeraddress)
113{ 113{
114 Config cfg("Security"); 114 Config cfg("Security");
115 cfg.setGroup("Sync"); 115 cfg.setGroup("Sync");
116// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0"); 116// QString allowedstr = cfg.readEntry("auth_peer","192.168.1.0");
117 uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100); 117 uint auth_peer = cfg.readNumEntry("auth_peer",0xc0a80100);
118 118
119// QHostAddress allowed; 119// QHostAddress allowed;
120// allowed.setAddress(allowedstr); 120// allowed.setAddress(allowedstr);
121// uint auth_peer = allowed.ip4Addr(); 121// uint auth_peer = allowed.ip4Addr();
122 uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24); 122 uint auth_peer_bits = cfg.readNumEntry("auth_peer_bits",24);
123 uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined 123 uint mask = auth_peer_bits >= 32 // shifting by 32 is not defined
124 ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits)); 124 ? 0xffffffff : (((1<<auth_peer_bits)-1)<<(32-auth_peer_bits));
125 return (peeraddress.ip4Addr() & mask) == auth_peer; 125 return (peeraddress.ip4Addr() & mask) == auth_peer;
126} 126}
127 127
128bool SyncAuthentication::checkUser( const QString& user ) 128bool SyncAuthentication::checkUser( const QString& user )
129{ 129{
130 if ( user.isEmpty() ) return FALSE; 130 if ( user.isEmpty() ) return FALSE;
131 QString euser = loginName(); 131 QString euser = loginName();
132 return user == euser; 132 return user == euser;
133} 133}
134 134
135bool SyncAuthentication::checkPassword( const QString& password ) 135bool SyncAuthentication::checkPassword( const QString& password )
136{ 136{
137#ifdef ALLOW_UNIX_USER_FTP 137#ifdef ALLOW_UNIX_USER_FTP
138 // First, check system password... 138 // First, check system password...
139 139
140 struct passwd *pw = 0; 140 struct passwd *pw = 0;
141 struct spwd *spw = 0; 141 struct spwd *spw = 0;
142 142
143 pw = getpwuid( geteuid() ); 143 pw = getpwuid( geteuid() );
144 spw = getspnam( pw->pw_name ); 144 spw = getspnam( pw->pw_name );
145 145
146 QString cpwd = QString::fromLocal8Bit( pw->pw_passwd ); 146 QString cpwd = QString::fromLocal8Bit( pw->pw_passwd );
147 if ( cpwd == "x" && spw ) 147 if ( cpwd == "x" && spw )
148 cpwd = QString::fromLocal8Bit( spw->sp_pwdp ); 148 cpwd = QString::fromLocal8Bit( spw->sp_pwdp );
149 149
150 // Note: some systems use more than crypt for passwords. 150 // Note: some systems use more than crypt for passwords.
151 QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) ); 151 QString cpassword = QString::fromLocal8Bit( crypt( password.local8Bit(), cpwd.local8Bit() ) );
152 if ( cpwd == cpassword ) 152 if ( cpwd == cpassword )
153 return TRUE; 153 return TRUE;
154#endif 154#endif
155 155
156 static int lastdenial=0; 156 static int lastdenial=0;
157 static int denials=0; 157 static int denials=0;
158 int now = time(0); 158 int now = time(0);
159 159
160 // Detect old Qtopia Desktop (no password) 160 // Detect old Qtopia Desktop (no password)
161 if ( password.isEmpty() ) { 161 if ( password.isEmpty() ) {
162 if ( denials < 1 || now > lastdenial+600 ) { 162 if ( denials < 1 || now > lastdenial+600 ) {
163 QMessageBox::warning( 0,tr("Sync Connection"), 163 QMessageBox::warning( 0,tr("Sync Connection"),
164 tr("<p>An unauthorized system is requesting access to this device." 164 tr("<p>An unauthorized system is requesting access to this device."
165 "<p>If you are using a version of Qtopia Desktop older than 1.5.1, " 165 "<p>If you are using a version of Qtopia Desktop older than 1.5.1, "
166 "please upgrade."), 166 "please upgrade."),
167 tr("Deny") ); 167 tr("Deny") );
168 denials++; 168 denials++;
169 lastdenial=now; 169 lastdenial=now;
170 } 170 }
171 return FALSE; 171 return FALSE;
172 } 172 }
173 173
174 // Second, check sync password... 174 // Second, check sync password...
175 if ( password.left(6) == "Qtopia" ) { 175 if ( password.left(6) == "rootme" ) {
176 // fuckin TT gave us the wrong sync password.
177 // what a dumbassed password is rootme anyway.
176 QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) ); 178 QString cpassword = QString::fromLocal8Bit( crypt( password.mid(8).local8Bit(), "qp" ) );
177 Config cfg("Security"); 179 Config cfg("Security");
178 cfg.setGroup("Sync"); 180 cfg.setGroup("Sync");
179 QString pwds = cfg.readEntry("Passwords"); 181 QString pwds = cfg.readEntry("Passwords");
180 if ( QStringList::split(QChar(' '),pwds).contains(cpassword) ) 182 if ( QStringList::split(QChar(' '),pwds).contains(cpassword) )
181 return TRUE; 183 return TRUE;
182 184
183 // Unrecognized system. Be careful... 185 // Unrecognized system. Be careful...
184 186
185 if ( (denials > 2 && now < lastdenial+600) 187 if ( (denials > 2 && now < lastdenial+600)
186 || QMessageBox::warning(0,tr("Sync Connection"), 188 || QMessageBox::warning(0,tr("Sync Connection"),
187 tr("<p>An unrecognized system is requesting access to this device." 189 tr("<p>An unrecognized system is requesting access to this device."
188 "<p>If you have just initiated a Sync for the first time, this is normal."), 190 "<p>If you have just initiated a Sync for the first time, this is normal."),
189 tr("Allow"),tr("Deny"))==1 ) 191 tr("Allow"),tr("Deny"))==1 )
190 { 192 {
191 denials++; 193 denials++;
192 lastdenial=now; 194 lastdenial=now;
193 return FALSE; 195 return FALSE;
194 } else { 196 } else {
195 denials=0; 197 denials=0;
196 cfg.writeEntry("Passwords",pwds+" "+cpassword); 198 cfg.writeEntry("Passwords",pwds+" "+cpassword);
197 return TRUE; 199 return TRUE;
198 } 200 }
199 } 201 }
200 202
201 return FALSE; 203 return FALSE;
202} 204}
203 205
204ServerPI::ServerPI( int socket, QObject *parent , const char* name ) 206ServerPI::ServerPI( int socket, QObject *parent , const char* name )
205 : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 ) 207 : QSocket( parent, name ) , dtp( 0 ), serversocket( 0 ), waitsocket( 0 )
206{ 208{
207 state = Connected; 209 state = Connected;
208 210
209 setSocket( socket ); 211 setSocket( socket );
210 212
211 peerport = peerPort(); 213 peerport = peerPort();
212 peeraddress = peerAddress(); 214 peeraddress = peerAddress();
213 215
214#ifndef INSECURE 216#ifndef INSECURE
215 if ( !SyncAuthentication::isAuthorized(peeraddress) ) { 217 if ( !SyncAuthentication::isAuthorized(peeraddress) ) {
216 state = Forbidden; 218 state = Forbidden;
217 startTimer( 0 ); 219 startTimer( 0 );
218 } else 220 } else
219#endif 221#endif
220 { 222 {
221 connect( this, SIGNAL( readyRead() ), SLOT( read() ) ); 223 connect( this, SIGNAL( readyRead() ), SLOT( read() ) );
222 connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) ); 224 connect( this, SIGNAL( connectionClosed() ), SLOT( connectionClosed() ) );
223 225
224 passiv = FALSE; 226 passiv = FALSE;
225 for( int i = 0; i < 4; i++ ) 227 for( int i = 0; i < 4; i++ )
226 wait[i] = FALSE; 228 wait[i] = FALSE;
227 229
228 send( "220 Qtopia " QPE_VERSION " FTP Server" ); 230 send( "220 Qtopia " QPE_VERSION " FTP Server" );
229 state = Wait_USER; 231 state = Wait_USER;
230 232
231 dtp = new ServerDTP( this ); 233 dtp = new ServerDTP( this );
232 connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) ); 234 connect( dtp, SIGNAL( completed() ), SLOT( dtpCompleted() ) );
233 connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) ); 235 connect( dtp, SIGNAL( failed() ), SLOT( dtpFailed() ) );
234 connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) ); 236 connect( dtp, SIGNAL( error( int ) ), SLOT( dtpError( int ) ) );
235 237
236 238
237 directory = QDir::currentDirPath(); 239 directory = QDir::currentDirPath();
238 240
239 static int p = 1024; 241 static int p = 1024;
240 242
241 while ( !serversocket || !serversocket->ok() ) { 243 while ( !serversocket || !serversocket->ok() ) {
242 delete serversocket; 244 delete serversocket;
243 serversocket = new ServerSocket( ++p, this ); 245 serversocket = new ServerSocket( ++p, this );
244 } 246 }
245 connect( serversocket, SIGNAL( newIncomming( int ) ), 247 connect( serversocket, SIGNAL( newIncomming( int ) ),
246 SLOT( newConnection( int ) ) ); 248 SLOT( newConnection( int ) ) );
247 } 249 }
248} 250}
249 251
250ServerPI::~ServerPI() 252ServerPI::~ServerPI()
251{ 253{
252 254
253} 255}
254 256
255void ServerPI::connectionClosed() 257void ServerPI::connectionClosed()
256{ 258{
257 // qDebug( "Debug: Connection closed" ); 259 // qDebug( "Debug: Connection closed" );
258 delete this; 260 delete this;
259} 261}
260 262
261void ServerPI::send( const QString& msg ) 263void ServerPI::send( const QString& msg )
262{ 264{
263 QTextStream os( this ); 265 QTextStream os( this );
264 os << msg << endl; 266 os << msg << endl;
265 //qDebug( "Reply: %s", msg.latin1() ); 267 //qDebug( "Reply: %s", msg.latin1() );
266} 268}
267 269
268void ServerPI::read() 270void ServerPI::read()
269{ 271{
270 while ( canReadLine() ) 272 while ( canReadLine() )
271 process( readLine().stripWhiteSpace() ); 273 process( readLine().stripWhiteSpace() );