X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=command.c;h=5da5833ba3fb953d7ccdfe521ddc5f14632fb4f8;hp=55070a3d7a89950051a1374c400511527c19b7a9;hb=c2708c767b300a33c8636681ed4550d4f3be0ce0;hpb=c5fa571f434b45ab8f786cf20e8c22d197a00da2 diff --git a/command.c b/command.c index 55070a3d..5da5833b 100644 --- a/command.c +++ b/command.c @@ -19,7 +19,6 @@ /** \file command.c does client authentication and executes server commands */ #include /* gettimeofday */ -#include "crypt.h" #include "server.cmdline.h" #include "db.h" #include "server.h" @@ -31,6 +30,8 @@ #include "net.h" #include "daemon.h" #include "string.h" +#include "fd.h" +#include "user_list.h" static RC4_KEY rc4_recv_key; static RC4_KEY rc4_send_key; @@ -991,73 +992,6 @@ long int para_rand(long unsigned max) return (long int) ((max + 0.0) * (random() / (RAND_MAX + 1.0))); } -/* Open user_list file, returns pointer to opened file on success, - * NULL on errors - */ -static FILE *open_user_list(char *file) -{ - PARA_DEBUG_LOG("opening user list %s\n", file); - return fopen(file, "r"); -} - -/* - * lookup user in user_list file. Fills in a user struct containing - * filename of the user's public key as well as the permissions of that user. - * Returns 1 on success, 0 if user does not exist and < 0 on errors. - */ -static int get_user(struct user *user) { - FILE *file_ptr; - char *char_ptr; - char line[MAXLINE]; - /* keyword, user, key, perms */ - char w[MAXLINE], n[MAXLINE], k[MAXLINE], p[MAXLINE], tmp[4][MAXLINE]; - int num; - - file_ptr = open_user_list(user_list); - if (!file_ptr) - return -E_USERLIST; - while (fgets(line, MAXLINE, file_ptr)) { -// PARA_DEBUG_LOG("%s: Read line (%i bytes) " -// "from config file\n", __func__, strlen(line)); - if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3) - continue; - if (!strcmp(w, "user") && !strcmp(user->name, n)) { - PARA_DEBUG_LOG("found entry for %s\n", n); - strcpy(user->name, n); - strcpy(user->pubkey_file, k); - user->perms = 0; - char_ptr = p; - num = sscanf(char_ptr, "%200[A-Z_],%200[A-Z_],%200[A-Z_],%200[A-Z_]", - tmp[0], tmp[1], tmp[2], tmp[3]); - PARA_DEBUG_LOG("found %i perm entries\n", - num); - user->perms = 0; - while (num > 0) { - num--; - //PARA_DEBUG_LOG("%s: tmp[%i]=%s\n", __func__, - // num, tmp[num]); - if (!strcmp(tmp[num], "AFS_READ")) - user->perms = - user->perms | AFS_READ; - else if (!strcmp(tmp[num], "AFS_WRITE")) - user->perms = - user->perms | AFS_WRITE; - else if (!strcmp(tmp[num], "DB_READ")) - user->perms = user->perms | DB_READ; - else if (!strcmp(tmp[num], "DB_WRITE")) - user->perms = user->perms | DB_WRITE; - else /* unknown permission */ - PARA_WARNING_LOG("unknown permission:" - "%s\n", tmp[num]); - } - fclose(file_ptr); - return 1; - } - } - fclose(file_ptr); - return 0; -} - static void init_rc4_keys(void) { int i; @@ -1121,15 +1055,13 @@ int handle_connect(int fd, struct sockaddr_in *addr) goto err_out; if (numbytes < 9 || strncmp(buf, "auth rc4 ", 9)) - strcpy(u.name, buf + 5); /* client version < 0.2.6 */ + u.name = para_strdup(buf + 5); /* client version < 0.2.6 */ else { - strcpy(u.name, buf + 9); /* client version >= 0.2.6 */ + u.name = para_strdup(buf + 9); /* client version >= 0.2.6 */ use_rc4 = 1; } -// strcpy(u.name, buf + 5); /* ok, but ugly */ PARA_DEBUG_LOG("received %s request for user %s\n", use_rc4? "rc4" : "auth", u.name); - /* lookup user in list file */ if ((ret = get_user(&u)) < 0) goto err_out; if (!ret) { /* user not found */ @@ -1137,7 +1069,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) ret = -E_BAD_USER; goto err_out; } - ret = para_encrypt_challenge(u.pubkey_file, challenge_nr, crypt_buf); + ret = para_encrypt_challenge(u.rsa, challenge_nr, crypt_buf); if (ret <= 0) goto err_out; numbytes = ret; @@ -1162,7 +1094,7 @@ int handle_connect(int fd, struct sockaddr_in *addr) sprintf(buf, "%s", PROCEED_MSG); if (use_rc4) { init_rc4_keys(); - ret = para_encrypt_buffer(u.pubkey_file, rc4_buf, 2 * RC4_KEY_LEN, + ret = para_encrypt_buffer(u.rsa, rc4_buf, 2 * RC4_KEY_LEN, (unsigned char *)buf + PROCEED_MSG_LEN + 1); if (ret <= 0) goto err_out;