Ver código fonte

update to v1.31

master
Rafal Kupiec 5 anos atrás
pai
commit
27b78ae986
3 arquivos alterados com 49 adições e 59 exclusões
  1. 8
    2
      Makefile
  2. 40
    55
      sessmgr.c
  3. 1
    2
      sessmgr.h

+ 8
- 2
Makefile Ver arquivo

@@ -4,6 +4,12 @@ LDLIBS =	-lcrypt
4 4
 PREFIX =
5 5
 BINDIR =	$(PREFIX)/usr/sbin
6 6
 
7
+ifeq ($(USE_SHADOW), 1)
8
+	DEFS:=-DUSE_SHADOW
9
+else
10
+	DEFS:=
11
+endif
12
+
7 13
 all: sessmgr
8 14
 	@echo "All done!"
9 15
 
@@ -11,10 +17,10 @@ sessmgr: sessmgr.o sha256.o
11 17
 	$(CC) $(CFLAGS) $(LDLIBS) sessmgr.o sha256.o -o sessmgr
12 18
 
13 19
 sessmgr.o: sessmgr.c
14
-	$(CC) $(CFLAGS) -c sessmgr.c
20
+	$(CC) $(CFLAGS) $(DEFS) -c sessmgr.c
15 21
 
16 22
 sha256.o: sha256.c
17
-	$(CC) $(CFLAGS) -c sha256.c
23
+	$(CC) $(CFLAGS) $(DEFS) -c sha256.c
18 24
 
19 25
 install:
20 26
 	mkdir -p $(BINDIR)

+ 40
- 55
sessmgr.c Ver arquivo

@@ -11,13 +11,36 @@
11 11
 #include <stdlib.h>
12 12
 #include <string.h>
13 13
 #include <unistd.h>
14
-#include <pwd.h>
15 14
 #include <stdarg.h>
16 15
 #include <time.h>
16
+#include <pwd.h>
17
+#ifdef USE_SHADOW
18
+	#include <shadow.h>
19
+#endif
17 20
 
18 21
 #include "sessmgr.h"
19 22
 #include "sha256.h"
20 23
 
24
+
25
+char* get_admin_hash(const char* username) {
26
+	char* admin_hash = NULL;
27
+
28
+	if(username) {
29
+#ifdef USE_SHADOW
30
+		struct spwd* pw;
31
+		if((pw = getspnam(username)) != NULL) {
32
+			admin_hash = strdup(pw->sp_pwdp);
33
+		}
34
+#else
35
+		struct passwd* pw;
36
+		if((pw = getpwnam(username)) != NULL) {
37
+			admin_hash = strdup(pw->pw_passwd);
38
+		}
39
+#endif
40
+	}
41
+	return admin_hash;
42
+}
43
+
21 44
 char* get_cookie_time(time_t t) {
22 45
 	struct tm* utc = gmtime(&t);
23 46
 	char wday[4];
@@ -88,42 +111,9 @@ char* get_cookie_time(time_t t) {
88 111
 	return safe_strdup(utc_str);
89 112
 }
90 113
 
91
-char* get_root_hash(void) {
92
-	char* root_hash = get_root_hash_from_file("/etc/shadow");
93
-	if(root_hash == NULL) {
94
-		root_hash = get_root_hash_from_file("/etc/passwd");
95
-	}
96
-	return root_hash;
97
-}
98
-
99
-char* get_root_hash_from_file(const char* passwd_file) {
100
-	int found = 0;
101
-	FILE *pw = fopen(passwd_file, "r");
102
-	char* root_hash = NULL;
103
-	if(pw != NULL) {
104
-		char line[512];
105
-		char* test = fgets(line, 511, pw);
106
-		while(test != NULL && !found) {
107
-			if(strlen(test) > 5) {
108
-				test[4] = '\0';
109
-				if(strcmp(test, "root") == 0) {
110
-					char* hash_end;
111
-					found = 1;
112
-					test = test + 5;
113
-					hash_end = strchr(test, ':');
114
-					*hash_end = '\0';
115
-					root_hash = safe_strdup(test);
116
-				}
117
-			}
118
-			test = fgets(line, 511, pw);
119
-		}
120
-		fclose(pw);
121
-	}
122
-	return root_hash;
123
-}
124
-
125 114
 int main(int argc, char **argv) {
126 115
 	char *password = NULL;
116
+	char *username = NULL;
127 117
 	char *cookie_hash = NULL;
128 118
 	char *cookie_exp = NULL;
129 119
 	char *user_agent = NULL;
@@ -132,16 +122,19 @@ int main(int argc, char **argv) {
132 122
 	int timeout_minutes = DEFAULT_SESSION_TIMEOUT;
133 123
 	unsigned long browser_time = 0;
134 124
 	int loggedout = 0;
135
-	int unconditionally_generate = 0;
136 125
 	int next_opt;
137 126
 	int read;
138 127
 
139
-	while((next_opt = getopt(argc, argv, "p:P:c:C:e:E:a:A:i:I:r:R:t:T:b:B:lL:gG")) != -1) {	
128
+	while((next_opt = getopt(argc, argv, "p:P:u:U:c:C:e:E:a:A:i:I:r:R:t:T:b:B:lL")) != -1) {	
140 129
 		switch(next_opt) {
141 130
 			case 'p':
142 131
 			case 'P':
143 132
 				password = safe_strdup(optarg);
144 133
 				break;
134
+			case 'u':
135
+			case 'U':
136
+				username = safe_strdup(optarg);
137
+				break;
145 138
 			case 'c':
146 139
 			case 'C':
147 140
 				cookie_hash = safe_strdup(optarg);
@@ -181,23 +174,19 @@ int main(int argc, char **argv) {
181 174
 			case 'L':
182 175
 				loggedout = 1;
183 176
 				break;
184
-			case 'g':
185
-			case 'G':
186
-				unconditionally_generate = 1;
187
-				break;
188 177
 		}
189 178
 	}
190 179
 
191 180
 	int expired = 0;
192 181
 	int valid = 0;
193
-	char* root_hash = get_root_hash();
182
+	char* admin_hash = get_admin_hash(username);
194 183
 	if(loggedout == 1) {
195
-		printf("echo \"Set-Cookie:kagera_sid=loggedout;\"; ");
196
-	} else if(root_hash != NULL) {
184
+		printf("echo \"Set-Cookie:kagera_sid=loggedout;\"; echo \"Set-Cookie:kagera_usr=loggedout;\"; ");
185
+	} else if(admin_hash != NULL) {
197 186
 		time_t now;
198 187
 		time(&now);
199 188
 		if(password != NULL) {
200
-			valid = strcmp(crypt(password, root_hash), root_hash) == 0 ? 1 : 0;
189
+			valid = strcmp(crypt(password, admin_hash), admin_hash) == 0 ? 1 : 0;
201 190
 			if(valid) {
202 191
 				printf("logger -t webui \"Kagera Administration Interface authorization succeeded from ${REMOTE_ADDR}\"; ");
203 192
 			}
@@ -210,7 +199,7 @@ int main(int argc, char **argv) {
210 199
 					expired = 0;
211 200
 				}
212 201
 			}
213
-			char *combined = safe_strcat(4, root_hash, cookie_exp, user_agent, src_ip);
202
+			char *combined = safe_strcat(4, admin_hash, cookie_exp, user_agent, src_ip);
214 203
 			char* hashed = get_sha256_hash_hex_str(combined);
215 204
 			if(strcmp(hashed, cookie_hash) == 0) {
216 205
 				if(expired == 0 && read > 0) {
@@ -222,9 +211,6 @@ int main(int argc, char **argv) {
222 211
 			free(hashed);
223 212
 			free(combined);
224 213
 		}
225
-		if(unconditionally_generate == 1) {
226
-			valid = 1;
227
-		}
228 214
 		if(valid == 1 && src_ip != NULL && user_agent != NULL) {
229 215
 			char* new_hash;
230 216
 			char* combined;
@@ -238,20 +224,19 @@ int main(int argc, char **argv) {
238 224
 			} else {
239 225
 				cookie_exp = get_cookie_time(new_exp_t);
240 226
 			}
241
-			combined = safe_strcat(4, root_hash, new_exp, user_agent, src_ip);
227
+			combined = safe_strcat(4, admin_hash, new_exp, user_agent, src_ip);
242 228
 			new_hash = get_sha256_hash_hex_str(combined);
243 229
 			if(browser_time == 0) {
244
-				printf("echo \"Set-Cookie:kagera_sid=%s; Path=/;\"; echo \"Set-Cookie:kagera_exp=%s; Path=/;\"; ", new_hash, new_exp);
230
+				printf("echo \"Set-Cookie:kagera_sid=%s; Path=/;\"; echo \"Set-Cookie:kagera_usr=%s; Path=/;\"; echo \"Set-Cookie:kagera_exp=%s; Path=/;\"; ", new_hash, username, new_exp);
245 231
 			} else {
246
-				printf("echo \"Set-Cookie:kagera_sid=%s; Expires=%s; Path=/;\"; echo \"Set-Cookie:kagera_exp=%s; Expires=%s; Path=/;\"; ", new_hash, cookie_exp, new_exp, cookie_exp);
232
+				printf("echo \"Set-Cookie:kagera_sid=%s; Expires=%s; Path=/;\"; echo \"Set-Cookie:kagera_usr=%s; Expires=%s; Path=/;\"; echo \"Set-Cookie:kagera_exp=%s; Expires=%s; Path=/;\"; ", new_hash, cookie_exp, username, cookie_exp, new_exp, cookie_exp);
247 233
 			}
248 234
 			free(new_hash);
249 235
 			free(combined);
250 236
 			free(cookie_exp);
251
-		} else {
252
-			printf("KAGERA_LOGGEDOUT=1\n");
237
+			printf("VALIDSESS=1\n");
253 238
 		}
254
-		free(root_hash);
239
+		free(admin_hash);
255 240
 	}
256 241
 	if(redirect != NULL) {
257 242
 		char str[20] = "";

+ 1
- 2
sessmgr.h Ver arquivo

@@ -13,9 +13,8 @@
13 13
 #define DEFAULT_SESSION_TIMEOUT 15
14 14
 
15 15
 extern char* crypt(const char* key, const char* setting);
16
+char* get_admin_hash(const char* username);
16 17
 char* get_cookie_time(time_t t);
17
-char* get_root_hash(void);
18
-char* get_root_hash_from_file(const char* passwd_file);
19 18
 void* safe_malloc(size_t size);
20 19
 char* safe_strcat(int num_strs, ...);
21 20
 char* safe_strdup(const char* str);

Carregando…
Cancelar
Salvar