diff --git a/sld/trunk/Makefile.am b/sld/trunk/Makefile.am index 655da95537adce99f7f7c8fa576f9e4d0a507040..251a5d14243649f4df5ec32129c3c0f8a61812b9 100644 --- a/sld/trunk/Makefile.am +++ b/sld/trunk/Makefile.am @@ -21,7 +21,8 @@ sld_SOURCES= src/sld.cc \ src/daemon.cc \ src/log.cc \ src/sll/error.cc \ - src/sll/connection.cc + src/sll/connection.cc \ + src/sll/cypher.cc noinst_HEADER= src/sld.hh \ src/options.hh \ @@ -30,7 +31,8 @@ noinst_HEADER= src/sld.hh \ src/sll/slm.hh \ src/sll/error.hh \ src/sll/connection.hh \ - src/sll/connection.hxx + src/sll/connection.hxx \ + src/sll/cypher.hh CLEANFILES= *~ '\#*' .*.swp .*~ diff --git a/sld/trunk/src/daemon.cc b/sld/trunk/src/daemon.cc index 9c0685736b3c9080d60cfdd7ed0e334924502c77..a3e5faba404972c0e300748254e5f9b25b51e68f 100644 --- a/sld/trunk/src/daemon.cc +++ b/sld/trunk/src/daemon.cc @@ -18,6 +18,7 @@ #include "sld.hh" #include "daemon.hh" +#include "sll/cypher.hh" #include #include @@ -32,11 +33,6 @@ #include #include #include -#include -#include -#include -#include -#include SLDaemon *SLDaemon::instance_ = 0; @@ -257,39 +253,14 @@ void SLDaemon::run() { //****************************************************************************** void SLDaemon::auth() { - unsigned char md[SHA_DIGEST_LENGTH]; char buf[MAX_LINE_SIZE]; - char *buf2 = ""; - BIO *bmem, *b64; - BUF_MEM *bptr; - - SHA1((const unsigned char *) options.pass.c_str(), options.pass.length(), md); - - b64 = BIO_new(BIO_f_base64()); - bmem = BIO_new(BIO_s_mem()); - b64 = BIO_push(b64, bmem); - BIO_write(b64, md, SHA_DIGEST_LENGTH); - BIO_flush(b64); - BIO_get_mem_ptr(b64, &bptr); - - if (bptr->length > 0) { - buf2 = new char[bptr->length]; - memcpy(buf2, bptr->data, bptr->length-1); - buf2[bptr->length-1] = 0; - } snprintf(buf, MAX_LINE_SIZE, "HOST %s", options.login.c_str()); c_.sendln(buf); - snprintf(buf, MAX_LINE_SIZE, "PASS %s", buf2); + snprintf(buf, MAX_LINE_SIZE, "PASS %s", + Cypher::sha1_64(options.pass.c_str(), options.pass.length()).c_str()); c_.sendln(buf); - - if (bptr->length > 0) - delete[] buf2; - - BIO_free_all(b64); - - return; } //****************************************************************************** @@ -397,9 +368,6 @@ void SLDaemon::cmd_exec(const char *line) { } void SLDaemon::cmd_file(const char *line) { - string buf; - int ret; - assert(line); // get filename @@ -419,8 +387,8 @@ void SLDaemon::cmd_file(const char *line) { //get size int size; - buf = c_.recvln(); - ret = sscanf(buf.c_str(), "SIZE %i\n", &size); + string buf = c_.recvln(); + int ret = sscanf(buf.c_str(), "SIZE %i\n", &size); if (ret != 1) { c_.sendln("FILE: Invalid size parameter."); return; @@ -447,12 +415,13 @@ void SLDaemon::cmd_file(const char *line) { throw; } - // check MD5 - if (SLDaemon::md5(target) != string(md5)) { + // check local file MD5 + buf = Cypher::md5_16(target); + if (buf == md5) { c_.sendln("FILE: file " + target + ": Invalid MD5."); unlink(target.c_str()); return; - } + } // proceed chown if (chown(target.c_str(), getuid(), getgid())) { @@ -472,22 +441,19 @@ void SLDaemon::cmd_file(const char *line) { } void SLDaemon::cmd_update() { - string buf; - int ret; - // get filename const string &target = getbinpath(); //get size int size; - buf = c_.recvln(); - ret = sscanf(buf.c_str(), "SIZE %i\n", &size); + string buf = c_.recvln(); + int ret = sscanf(buf.c_str(), "SIZE %i\n", &size); if (ret != 1) { c_.sendln("UPDATE: Syntax error."); return; } - //get md5 + //get remote md5 char md5[MAX_LINE_SIZE]; buf = c_.recvln(); ret = sscanf(buf.c_str(), "MD5 %512s\n", md5); //FIXME: bad magic size @@ -519,8 +485,9 @@ void SLDaemon::cmd_update() { throw; } - // check MD5 - if (SLDaemon::md5(tempsld) != string(md5)) { + // check tmp file MD5 + buf = Cypher::md5_16(tempsld); + if (buf == md5) { c_.sendln((string) "UPDATE: file " + tempsld + ": Invalid MD5."); unlink(tempsld); return; @@ -531,13 +498,13 @@ void SLDaemon::cmd_update() { cp(tempsld, target.c_str()); - // check MD5 - if (SLDaemon::md5(target.c_str()) != string(md5)) { + // check final file MD5 + buf = Cypher::md5_16(tempsld); + if (buf == md5) { c_.sendln("UPDATE: file " + target + ": Invalid MD5."); unlink(tempsld); return; - } - + } // proceed chown if (chown(target.c_str(), getuid(), getgid())) { @@ -631,30 +598,6 @@ void SLDaemon::cmd_killall() { // others functions //****************************************************************************** -string SLDaemon::md5(const string &file) const { - MD5_CTX ctx; - FILE *fs; - size_t len; - char buf[512]; - char md[MD5_DIGEST_LENGTH]; - char digest[MD5_DIGEST_LENGTH * 2 + 1]; - - if (!MD5_Init(&ctx)) - return ""; - if ((fs = fopen(file.c_str(), "r")) == 0) - return ""; - while ((len = fread(buf, 1, 512, fs)) > 0) - if (!MD5_Update(&ctx, buf, len)) - break; - if (!MD5_Final((unsigned char*)md, &ctx)) - return ""; - for(len = 0; len < MD5_DIGEST_LENGTH; ++len) { - sprintf(digest + (len * 2), "%02x", (unsigned char) md[len]); - } - digest[MD5_DIGEST_LENGTH * 2] = 0; - return string(digest); -} - void SLDaemon::recv2file(size_t size, const string &filename) { char *data = c_.recv(size); FILE *fs = fopen(filename.c_str(), "w"); diff --git a/sld/trunk/src/daemon.hh b/sld/trunk/src/daemon.hh index 639a25e6c6995825d43ae386b15359b5ff1e6646..a90239e2b8c064018fa22c64f886a85e6da906f5 100644 --- a/sld/trunk/src/daemon.hh +++ b/sld/trunk/src/daemon.hh @@ -97,7 +97,7 @@ protected: void cmd_file(const char *line); // others functions - string md5(const string &file) const; +// string md5(const string &file) const; void recv2file(size_t size, const string &filename); void clean_dir(const string &dir) const; diff --git a/sld/trunk/src/sll/cypher.cc b/sld/trunk/src/sll/cypher.cc new file mode 100644 index 0000000000000000000000000000000000000000..01485946e13cf3d7666353a9ccfe1d7b71a10f29 --- /dev/null +++ b/sld/trunk/src/sll/cypher.cc @@ -0,0 +1,96 @@ +/* + This file is part of SLL. + Copyright (C) 2008 Sebastien LUTTRINGER + + SLL is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + SLL is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with SLL; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#include "slm.hh" +#include "cypher.hh" +#include "error.hh" + +#include +#include +#include +#include +#include + +/** + * return sha1 of data with base64 encoding + * + * @param data data to sha1 and base64 + * @param size size of data + * + * @return malloc'ed sha1 size + */ +string Cypher::sha1_64(const char *data, size_t size) { + unsigned char md[SHA_DIGEST_LENGTH]; + BIO *bmem, *b64; + BUF_MEM *bptr; + string ret; + + // compute sha1 + SHA1((const unsigned char *) data, size, md); + + // compute b64 + b64 = BIO_new(BIO_f_base64()); + bmem = BIO_new(BIO_s_mem()); + b64 = BIO_push(b64, bmem); + BIO_write(b64, md, SHA_DIGEST_LENGTH); + BIO_flush(b64); + BIO_get_mem_ptr(b64, &bptr); + + if (bptr->length > 0) + ret.insert(0, bptr->data, bptr->length); + else + throw Error(ERR_CYPHER, "Unable to compute sha1_64"); + + BIO_free_all(b64); + + return ret; +} + +/** + * return md5 hexa digest of file @param file. + * + * @return malloc'ed md5 digest in hexadecimal + */ +string Cypher::md5_16(const string &file) { + MD5_CTX ctx; + FILE *fs; + size_t len; + char buf[512]; + char md[MD5_DIGEST_LENGTH]; + char digest[MD5_DIGEST_LENGTH * 2 + 1]; + + if (!MD5_Init(&ctx)) + throw Error(ERR_CYPHER, (string) "Unable to compute md5_16 on file " + file); + + if ((fs = fopen(file.c_str(), "r")) == 0) + throw Error(ERR_CYPHER, (string) "Unable to compute md5_16 on file " + file); + + while ((len = fread(buf, 1, 512, fs)) > 0) + if (!MD5_Update(&ctx, buf, len)) + break; + + if (!MD5_Final((unsigned char*)md, &ctx)) + throw Error(ERR_CYPHER, (string) "Unable to compute md5_16 on file " + file); + + for(len = 0; len < MD5_DIGEST_LENGTH; ++len) + sprintf(digest + (len * 2), "%02x", (unsigned char) md[len]); + + digest[MD5_DIGEST_LENGTH * 2] = 0; + + return digest; +} diff --git a/sld/trunk/src/sll/cypher.hh b/sld/trunk/src/sll/cypher.hh new file mode 100644 index 0000000000000000000000000000000000000000..2018228182c04c1fbf390c9a62aae8410d400976 --- /dev/null +++ b/sld/trunk/src/sll/cypher.hh @@ -0,0 +1,33 @@ +/* + This file is part of SLL. + Copyright (C) 2008 Sebastien LUTTRINGER + + SLL is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + SLL is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with SLL; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +#ifndef CYPHER_HH +# define CYPHER_HH + +# include + +class Cypher { +public: + // md5 functions + static string md5_16(const string &file); + + // sha1 functions + static string sha1_64(const char *, size_t); +}; + +#endif diff --git a/sld/trunk/src/sll/slm.hh b/sld/trunk/src/sll/slm.hh index e04a2fd249e5a81fb4182b51a671c873c9131bf1..8c6f809a2bb470be777ecfde23c140fad8b11c10 100644 --- a/sld/trunk/src/sll/slm.hh +++ b/sld/trunk/src/sll/slm.hh @@ -47,6 +47,7 @@ enum { ERR_PARSE = 10, ERR_SCREENSZ = 11, ERR_SIGNAL = 12, + ERR_CYPHER = 13, ERR_NOMEM = 41, ERR_UNKNOWN = 42 };