From: Andre <maan@meins.(none)>
Date: Wed, 1 Nov 2006 12:00:58 +0000 (+0100)
Subject: switch to the in-memory user list
X-Git-Tag: v0.2.15~126^2~8
X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=commitdiff_plain;h=a27ec6094608c05a9f87e445902c29d15ca11547;ds=sidebyside

switch to the in-memory user list

In order to do so, the crypt functions had to be changed so that they
take an rsa key instead of the filename of that key. Also, make _get_user()
return -E_BAD_USER if the user was not found and move the corresponding error
codes from COMMAND_ERRORS to SERVER_ERRORS in error.h.
---

diff --git a/command.c b/command.c
index ad3f5041..4b9782f8 100644
--- a/command.c
+++ b/command.c
@@ -1086,7 +1086,7 @@ int handle_connect(int fd, struct sockaddr_in *addr)
 	int numbytes, ret, argc, use_rc4 = 0;
 	char buf[STRINGSIZE];
 	unsigned char crypt_buf[MAXLINE];
-	struct user u;
+	struct _user u;
 	struct server_command *cmd = NULL;
 	long unsigned challenge_nr, chall_response;
 	char **argv = NULL;
@@ -1119,23 +1119,21 @@ int handle_connect(int fd, struct sockaddr_in *addr)
 		goto err_out;
 
 	if (numbytes < 9 || strncmp(buf, "auth rc4 ", 9))
-		strcpy(u.name, buf + 5); /* client version < 0.2.6 */
+		u.name = para_strdup(buf + 5); /* client version < 0.2.6 */
 	else {
-		strcpy(u.name, buf + 9); /* client version >= 0.2.6 */
+		u.name = para_strdup(buf + 9); /* client version >= 0.2.6 */
 		use_rc4 = 1;
 	}
-//	strcpy(u.name, buf + 5); /* ok, but ugly */
 	PARA_DEBUG_LOG("received %s request for user %s\n",
 		use_rc4? "rc4" : "auth", u.name);
-	/* lookup user in list file */
-	if ((ret = get_user(&u)) < 0)
+	if ((ret = _get_user(&u)) < 0)
 		goto err_out;
 	if (!ret) { /* user not found */
 		PARA_WARNING_LOG("auth request for unknown user %s\n", u.name);
 		ret = -E_BAD_USER;
 		goto err_out;
 	}
-	ret = para_encrypt_challenge(u.pubkey_file, challenge_nr, crypt_buf);
+	ret = para_encrypt_challenge(u.rsa, challenge_nr, crypt_buf);
 	if (ret <= 0)
 		goto err_out;
 	numbytes = ret;
@@ -1160,7 +1158,7 @@ int handle_connect(int fd, struct sockaddr_in *addr)
 	sprintf(buf, "%s", PROCEED_MSG);
 	if (use_rc4) {
 		init_rc4_keys();
-		ret = para_encrypt_buffer(u.pubkey_file, rc4_buf, 2 * RC4_KEY_LEN,
+		ret = para_encrypt_buffer(u.rsa, rc4_buf, 2 * RC4_KEY_LEN,
 			(unsigned char *)buf + PROCEED_MSG_LEN + 1);
 		if (ret <= 0)
 			goto err_out;
diff --git a/crypt.c b/crypt.c
index c2b50a7e..34eeb407 100644
--- a/crypt.c
+++ b/crypt.c
@@ -116,7 +116,7 @@ int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr,
 /**
  * encrypt a buffer using an RSA key
  *
- * \param key_file full path of the rsa key
+ * \param rsa: public rsa key
  * \param inbuf the input buffer
  * \param len the length of \a inbuf
  * \param outbuf the output buffer
@@ -125,22 +125,18 @@ int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr,
  *
  * \sa RSA_public_encrypt(3)
  */
-int para_encrypt_buffer(char *key_file, unsigned char *inbuf,
+int para_encrypt_buffer(RSA *rsa, unsigned char *inbuf,
 		const unsigned len, unsigned char *outbuf)
 {
-	RSA *rsa;
-	int ret = get_rsa_key(key_file, &rsa, LOAD_PUBLIC_KEY);
-
-	if (ret < 0)
-		return ret;
-	ret = RSA_public_encrypt(len, inbuf, outbuf, rsa, RSA_PKCS1_PADDING);
+	int ret = RSA_public_encrypt(len, inbuf, outbuf, rsa,
+		RSA_PKCS1_PADDING);
 	return ret < 0?  -E_ENCRYPT : ret;
 }
 
 /**
  * encrypt the given challenge number
  *
- * \param key_file full path of the rsa key
+ * \param rsa: public rsa key
  * \param challenge_nr the number to be encrypted
  * \param outbuf the output buffer
  *
@@ -151,11 +147,11 @@ int para_encrypt_buffer(char *key_file, unsigned char *inbuf,
  * \sa para_encrypt_buffer()
  *
  */
-int para_encrypt_challenge(char *key_file, long unsigned challenge_nr,
+int para_encrypt_challenge(RSA* rsa, long unsigned challenge_nr,
 	unsigned char *outbuf)
 {
 	unsigned char *inbuf = (unsigned char*) make_message("%lu", challenge_nr);
-	int ret = para_encrypt_buffer(key_file, inbuf, strlen((char *)inbuf), outbuf);
+	int ret = para_encrypt_buffer(rsa, inbuf, strlen((char *)inbuf), outbuf);
 	free(inbuf);
 	return ret;
 }
diff --git a/crypt.h b/crypt.h
index d658f89b..c670755c 100644
--- a/crypt.h
+++ b/crypt.h
@@ -2,9 +2,9 @@
 /** \file crypt.h prototypes for the RSA crypt functions */
 int para_decrypt_challenge(char *key_file, long unsigned *challenge_nr,
 	unsigned char *buf, int rsa_inlen);
-int para_encrypt_challenge(char *key_file, long unsigned challenge_nr,
+int para_encrypt_challenge(RSA* rsa, long unsigned challenge_nr,
 	unsigned char *outbuf);
-int para_encrypt_buffer(char *key_file, unsigned char *inbuf, const unsigned len,
+int para_encrypt_buffer(RSA* rsa, unsigned char *inbuf, const unsigned len,
 	unsigned char *outbuf);
 int para_decrypt_buffer(char *key_file, unsigned char *outbuf, unsigned char *inbuf,
 	int rsa_inlen);
diff --git a/error.h b/error.h
index 05efb790..54d9426f 100644
--- a/error.h
+++ b/error.h
@@ -78,7 +78,6 @@ enum para_subsystem {
 };
 
 /* these do not need error handling (yet) */
-#define SERVER_ERRORS
 #define CLIENT_ERRORS
 #define WAV_ERRORS
 #define COMPRESS_ERRORS
@@ -94,6 +93,11 @@ enum para_subsystem {
 extern const char **para_errlist[];
 /** \endcond */
 
+#define SERVER_ERRORS \
+	PARA_ERROR(USERLIST, "failed to open user list file"), \
+	PARA_ERROR(BAD_USER, "you don't exist. Go away."), \
+
+
 #define OSX_WRITE_ERRORS \
 	PARA_ERROR(STREAM_FORMAT, "could not set stream format"), \
 	PARA_ERROR(ADD_CALLBACK, "can not add callback"), \
@@ -354,8 +358,6 @@ extern const char **para_errlist[];
 	PARA_ERROR(NO_AUDIO_FILE, "no audio file"), \
 	PARA_ERROR(BAD_CMD, "invalid command"), \
 	PARA_ERROR(PERM, "permission denied"), \
-	PARA_ERROR(USERLIST, "failed to open user list file"), \
-	PARA_ERROR(BAD_USER, "you don't exist. Go away."), \
 	PARA_ERROR(LOCK, "lock error"), \
 	PARA_ERROR(SENDER_CMD, "command not supported by this sender"), \
 	PARA_ERROR(SERVER_CRASH, "para_server crashed -- can not live without it"), \
diff --git a/server.c b/server.c
index 2b597147..b7334fc5 100644
--- a/server.c
+++ b/server.c
@@ -360,6 +360,14 @@ static void init_user_list(void)
 	populate_user_list();
 }
 
+/**
+ * lookup user in user_list.
+ *
+ * \param user: must initially contain the name of the user and is filled
+ * in by this function on success.
+ *
+ * \return 1 on success and < 0 on errors.
+ */
 int _get_user(struct _user *user)
 {
 	struct _user *u;
@@ -369,7 +377,7 @@ int _get_user(struct _user *user)
 		*user = *u;
 		return 1;
 	}
-	return 0;
+	return -E_BAD_USER;
 }
 
 static void init_selector(void)