Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-08-03 17:39:27 +02:00
Code Issues Projects Releases Wiki Activity

2020-11-06 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Consolidated ticket processing operations in new
	'RDUser::createTicket()' and 'RDUser::ticketIsValid()' methods.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason 2020-11-06 16:42:10 -05:00
parent 6d8e3f0fb7
commit b4002b2357
5 changed files with 108 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -20544,3 +20544,6 @@
2020-11-06 Fred Gleason <fredg@paravelsystems.com> 2020-11-06 Fred Gleason <fredg@paravelsystems.com>
* Fixed a bug in Webget that caused authentication to fail * Fixed a bug in Webget that caused authentication to fail
when using PAM. when using PAM.
2020-11-06 Fred Gleason <fredg@paravelsystems.com>
* Consolidated ticket processing operations in new
'RDUser::createTicket()' and 'RDUser::ticketIsValid()' methods.

13
lib/rdformpost.cpp
View File

@ -323,7 +323,7 @@ bool RDFormPost::authenticate(bool *used_ticket)
{ {
QString ticket; QString ticket;
QString sql; QString sql;
RDSqlQuery *q; RDSqlQuery *q=NULL;
QString name; QString name;
QString passwd; QString passwd;
@ -334,20 +334,13 @@ bool RDFormPost::authenticate(bool *used_ticket)
*used_ticket=false; *used_ticket=false;
} }
if(getValue("TICKET",&ticket)) { if(getValue("TICKET",&ticket)) {
sql=QString("select LOGIN_NAME from WEBAPI_AUTHS where ")+ if(RDUser::ticketIsValid(ticket,clientAddress(),&name)) {
"(TICKET=\""+RDEscapeString(ticket)+"\")&&"+ rda->user()->setName(name);
"(IPV4_ADDRESS=\""+clientAddress().toString()+"\")&&"+
"(EXPIRATION_DATETIME>now())";
q=new RDSqlQuery(sql);
if(q->first()) {
rda->user()->setName(q->value(0).toString());
delete q;
if(used_ticket!=NULL) { if(used_ticket!=NULL) {
*used_ticket=true; *used_ticket=true;
} }
return true; return true;
} }
delete q;
} }
// //

80
lib/rduser.cpp
View File

@ -19,6 +19,9 @@
// //
#include <stdlib.h> #include <stdlib.h>
#include <sys/time.h>
#include <openssl/sha.h>
#include <rdconf.h> #include <rdconf.h>
#include <rdpam.h> #include <rdpam.h>
@ -607,6 +610,83 @@ QStringList RDUser::services() const
} }
bool RDUser::createTicket(QString *ticket,QDateTime *expire_dt,
const QHostAddress &client_addr,
const QDateTime &start_dt) const
{
*ticket=QString();
*expire_dt=QDateTime();
if(exists()) {
char rawstr[1024];
unsigned char sha1[SHA_DIGEST_LENGTH];
QString sql;
struct timeval tv;
memset(&tv,0,sizeof(tv));
gettimeofday(&tv,NULL);
srandom(tv.tv_usec);
for(int i=0;i<5;i++) {
long r=random();
unsigned ipv4_addr=client_addr.toIPv4Address();
snprintf(rawstr+i*8,8,"%c%c%c%c%c%c%c%c",
0xff&((int)r>>24),0xff&(ipv4_addr>>24),
0xff&((int)r>>16),0xff&(ipv4_addr>>16),
0xff&((int)r>>8),0xff&(ipv4_addr>>8),
0xff&(int)r,0xff&ipv4_addr);
}
SHA1((const unsigned char *)rawstr,40,sha1);
*ticket="";
for(int i=0;i<SHA_DIGEST_LENGTH;i++) {
*ticket+=QString().sprintf("%02x",0xFF&rawstr[i]);
}
*expire_dt=start_dt.addSecs(webapiAuthTimeout());
sql=QString("insert into WEBAPI_AUTHS set ")+
"TICKET=\""+RDEscapeString(*ticket)+"\","+
"LOGIN_NAME=\""+RDEscapeString(name())+"\","+
"IPV4_ADDRESS=\""+client_addr.toString()+"\","+
"EXPIRATION_DATETIME=\""+
expire_dt->toString("yyyy-MM-dd hh:mm:ss")+"\"";
RDSqlQuery::apply(sql);
return true;
}
return false;
}
bool RDUser::ticketIsValid(const QString &ticket,
const QHostAddress &client_addr,
QString *username,QDateTime *expire_dt)
{
QString sql;
RDSqlQuery *q=NULL;
sql=QString("select ")+
"LOGIN_NAME,"+ // 00
"EXPIRATION_DATETIME "+ // 01
"from WEBAPI_AUTHS where "+
"(TICKET=\""+RDEscapeString(ticket)+"\")&&"+
"(IPV4_ADDRESS=\""+client_addr.toString()+"\")&&"+
"(EXPIRATION_DATETIME>now())";
q=new RDSqlQuery(sql);
if(q->first()) {
if(username!=NULL) {
*username=q->value(0).toString();
}
if(expire_dt!=NULL) {
*expire_dt=q->value(1).toDateTime();
}
delete q;
return true;
}
delete q;
return false;
}
bool RDUser::emailIsValid(const QString &addr) bool RDUser::emailIsValid(const QString &addr)
{ {
QStringList f0=addr.split("@",QString::KeepEmptyParts); QStringList f0=addr.split("@",QString::KeepEmptyParts);

6
lib/rduser.h
View File

@ -96,6 +96,12 @@ class RDUser
bool feedAuthorized(const QString &keyname); bool feedAuthorized(const QString &keyname);
QString serviceCheckDefault(QString serv) const; QString serviceCheckDefault(QString serv) const;
QStringList services() const; QStringList services() const;
bool createTicket(QString *ticket,QDateTime *expire_dt,
const QHostAddress &client_addr,
const QDateTime &start_dt) const;
static bool ticketIsValid(const QString &ticket,
const QHostAddress &client_addr,
QString *username=NULL,QDateTime *expire_dt=NULL);
static bool emailIsValid(const QString &addr); static bool emailIsValid(const QString &addr);
static QString emailContact(const QString &addr,const QString &fullname); static QString emailContact(const QString &addr,const QString &fullname);

58
web/rdxport/rdxport.cpp
View File

@ -23,7 +23,6 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <syslog.h> #include <syslog.h>
#include <openssl/sha.h>
#include <sys/time.h> #include <sys/time.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
@ -402,52 +401,27 @@ bool Xport::Authenticate()
void Xport::TryCreateTicket(const QString &name) void Xport::TryCreateTicket(const QString &name)
{ {
QString ticket;
QString passwd;
int command; int command;
char rawstr[1024];
unsigned char sha1[SHA_DIGEST_LENGTH];
QString sql;
RDSqlQuery *q;
if(xport_post->getValue("COMMAND",&command)) { if(xport_post->getValue("COMMAND",&command)) {
if(command==RDXPORT_COMMAND_CREATETICKET) { if(command==RDXPORT_COMMAND_CREATETICKET) {
struct timeval tv;
memset(&tv,0,sizeof(tv));
gettimeofday(&tv,NULL);
srandom(tv.tv_usec);
for(int i=0;i<5;i++) {
long r=random();
unsigned ipv4_addr=xport_post->clientAddress().toIPv4Address();
snprintf(rawstr+i*8,8,"%c%c%c%c%c%c%c%c",
0xff&((int)r>>24),0xff&(ipv4_addr>>24),
0xff&((int)r>>16),0xff&(ipv4_addr>>16),
0xff&((int)r>>8),0xff&(ipv4_addr>>8),
0xff&(int)r,0xff&ipv4_addr);
}
SHA1((const unsigned char *)rawstr,40,sha1);
ticket="";
for(int i=0;i<SHA_DIGEST_LENGTH;i++) {
ticket+=QString().sprintf("%02x",0xFF&rawstr[i]);
}
QDateTime now=QDateTime::currentDateTime(); QDateTime now=QDateTime::currentDateTime();
sql=QString("insert into WEBAPI_AUTHS set ")+ QString ticket;
"TICKET=\""+RDEscapeString(ticket)+"\","+ QDateTime expire_datetime;
"LOGIN_NAME=\""+RDEscapeString(name)+"\","+ if(rda->user()->createTicket(&ticket,&expire_datetime,
"IPV4_ADDRESS=\""+xport_post->clientAddress().toString()+"\","+ xport_post->clientAddress(),now)) {
"EXPIRATION_DATETIME=\""+ printf("Content-type: application/xml\n\n");
now.addSecs(rda->user()->webapiAuthTimeout()). printf("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n");
toString("yyyy-MM-dd hh:mm:ss")+"\""; printf("<ticketInfo>\n");
q=new RDSqlQuery(sql); printf(" %s\n",RDXmlField("ticket",ticket).utf8().constData());
delete q; printf(" %s\n",
printf("Content-type: application/xml\n\n"); (const char *)RDXmlField("expires",expire_datetime).utf8());
printf("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"); printf("</ticketInfo>\n");
printf("<ticketInfo>\n"); exit(0);
printf(" %s\n",(const char *)RDXmlField("ticket",ticket).utf8()); }
printf(" %s\n",(const char *) else {
RDXmlField("expires",now.addSecs(rda->user()->webapiAuthTimeout())).utf8()); XmlExit("Ticket creation failed",500,"rdxport.cpp",LINE_NUMBER);
printf("</ticketInfo>\n"); }
exit(0);
} }
} }
} }