X-Git-Url: http://git.tuebingen.mpg.de/?a=blobdiff_plain;f=user_list.c;h=c9d265e55af7cdcddcb03fcb8dbfaeba86a92906;hb=85f77d8944779bfac7f65271a7f5c5986700b648;hp=1d3f21cfa248a9b950ea57fd86877682ae75e152;hpb=03d45daad787b8f2ced3070e80c4550bf4b02931;p=paraslash.git diff --git a/user_list.c b/user_list.c index 1d3f21cf..c9d265e5 100644 --- a/user_list.c +++ b/user_list.c @@ -1,14 +1,9 @@ -/* - * Copyright (C) 2006-2009 Andre Noll - * - * Licensed under the GPL v2. For licencing details see COPYING. - */ +/* Copyright (C) 2006 Andre Noll , see file COPYING. */ /** \file user_list.c User handling for para_server. */ +#include #include -#include -#include #include "para.h" #include "error.h" @@ -26,7 +21,7 @@ static struct list_head user_list; * Populates a linked list of all users in \a user_list_file. Returns on * success, calls exit() on errors. */ -static void populate_user_list(char *user_list_file) +static void populate(char *user_list_file) { int ret = -E_USERLIST; FILE *file_ptr = fopen(user_list_file, "r"); @@ -39,9 +34,9 @@ static void populate_user_list(char *user_list_file) /* keyword, name, key, perms */ char w[255], n[255], k[255], p[255], tmp[4][255]; struct user *u; - RSA *rsa; + struct asymmetric_key *pubkey; - ret = para_fgets(line, MAXLINE, file_ptr); + ret = para_fgets(line, sizeof(line), file_ptr); if (ret <= 0) break; if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3) @@ -49,20 +44,27 @@ static void populate_user_list(char *user_list_file) if (strcmp(w, "user")) continue; PARA_DEBUG_LOG("found entry for user %s\n", n); - ret = get_rsa_key(k, &rsa, LOAD_PUBLIC_KEY); + ret = get_public_key(k, &pubkey); if (ret < 0) { PARA_NOTICE_LOG("skipping entry for user %s: %s\n", n, para_strerror(-ret)); continue; } - if (ret < CHALLENGE_SIZE + 2 * CHALLENGE_SIZE + 41) { - PARA_WARNING_LOG("rsa key for %s too small\n", n); - rsa_free(rsa); + /* + * In order to encrypt len := CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + * bytes using RSA_public_encrypt() with EME-OAEP padding mode, + * RSA_size(rsa) must be greater than len + 41. So ignore keys + * which are too short. For details see RSA_public_encrypt(3). + */ + if (ret <= CHALLENGE_SIZE + 2 * SESSION_KEY_LEN + 41) { + PARA_WARNING_LOG("public key %s too short (%d)\n", + k, ret); + free_public_key(pubkey); continue; } u = para_malloc(sizeof(*u)); u->name = para_strdup(n); - u->rsa = rsa; + u->pubkey = pubkey; u->perms = 0; num = sscanf(p, "%200[A-Z_],%200[A-Z_],%200[A-Z_],%200[A-Z_]", tmp[0], tmp[1], tmp[2], tmp[3]); @@ -92,14 +94,14 @@ err: } /** - * Initialize the list of users allowed to connect to to para_server. + * Initialize the list of users allowed to connect to para_server. * * \param user_list_file The file containing access information. * * If this function is called for the second time, the contents of the * previous call are discarded, i.e. the user list is reloaded. */ -void init_user_list(char *user_list_file) +void user_list_init(char *user_list_file) { struct user *u, *tmp; static int initialized; @@ -108,13 +110,13 @@ void init_user_list(char *user_list_file) list_for_each_entry_safe(u, tmp, &user_list, node) { list_del(&u->node); free(u->name); - rsa_free(u->rsa); + free_public_key(u->pubkey); free(u); } } else INIT_LIST_HEAD(&user_list); initialized = 1; - populate_user_list(user_list_file); + populate(user_list_file); } /** @@ -125,9 +127,9 @@ void init_user_list(char *user_list_file) * \return A pointer to the corresponding user struct if the user was found, \p * NULL otherwise. */ -struct user *lookup_user(const char *name) +const struct user *user_list_lookup(const char *name) { - struct user *u; + const struct user *u; list_for_each_entry(u, &user_list, node) { if (strcmp(u->name, name)) continue;