Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Added authentication subsystem and updated example configuration file to reflect this change. Integrated authentication subsystem into backuppcd |
|---|---|
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | e944300f698143c0ce1379722cf347848cbeee67 |
| User & Date: | rkeene 2006-01-12 00:01:01 |
Context
|
2006-01-18
| ||
| 08:09 | Fixed issue where LIBS were not deleted by the makefile's "clean" target check-in: f2b1c00980 user: rkeene tags: trunk | |
|
2006-01-12
| ||
| 00:01 | Added authentication subsystem and updated example configuration file to reflect this change. Integrated authentication subsystem into backuppcd check-in: e944300f69 user: rkeene tags: trunk | |
|
2005-12-06
| ||
| 13:37 | Fixed bug where large files would only send the lower 32bits of their filesize. BackupPCd 0.1.1 check-in: e2af50db14 user: rkeene tags: trunk | |
Changes
Changes to Makefile.in.
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
BINS = backuppcd$(EXEEXT) backuppcd-client$(EXEEXT) backuppcd-tar$(EXEEXT) tools/file_sync$(EXEEXT) LIBS = libbackuppcd$(AREXT) libbackuppc$(AREXT) all: $(BINS) $(LIBS) backuppcd$(EXEEXT): Makefile.dep backuppcd.o net.o backuppcd-common.o sha1.o md4.o md5.o @LIBOBJS@ $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd$(EXEEXT) backuppcd.o net.o backuppcd-common.o sha1.o md4.o md5.o @LIBOBJS@ $(LDFLAGS) backuppcd-client$(EXEEXT): Makefile.dep libbackuppcd$(AREXT) libbackuppc$(AREXT) backuppcd-client.o $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd-client$(EXEEXT) backuppcd-client.o -L. -lbackuppcd -lbackuppc $(LDFLAGS) backuppcd-tar$(EXEEXT): Makefile.dep backuppcd-tar.o net.o backuppcd-common.o sha1.o @LIBOBJS@ $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd-tar$(EXEEXT) backuppcd-tar.o net.o backuppcd-common.o sha1.o @LIBOBJS@ $(LDFLAGS) |
| | |
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
BINS = backuppcd$(EXEEXT) backuppcd-client$(EXEEXT) backuppcd-tar$(EXEEXT) tools/file_sync$(EXEEXT) LIBS = libbackuppcd$(AREXT) libbackuppc$(AREXT) all: $(BINS) $(LIBS) backuppcd$(EXEEXT): Makefile.dep backuppcd.o net.o backuppcd-common.o sha1.o md4.o md5.o backuppcd-auth.o @LIBOBJS@ $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd$(EXEEXT) backuppcd.o net.o backuppcd-common.o sha1.o md4.o md5.o backuppcd-auth.o @LIBOBJS@ $(LDFLAGS) backuppcd-client$(EXEEXT): Makefile.dep libbackuppcd$(AREXT) libbackuppc$(AREXT) backuppcd-client.o $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd-client$(EXEEXT) backuppcd-client.o -L. -lbackuppcd -lbackuppc $(LDFLAGS) backuppcd-tar$(EXEEXT): Makefile.dep backuppcd-tar.o net.o backuppcd-common.o sha1.o @LIBOBJS@ $(CC) $(CPPFLAGS) $(CFLAGS) -o backuppcd-tar$(EXEEXT) backuppcd-tar.o net.o backuppcd-common.o sha1.o @LIBOBJS@ $(LDFLAGS) |
Added backuppcd-auth.c.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 |
#include <libconfig.h> #include "compat.h" #include "backuppcd-auth.h" struct bpcd_auth_userinfo; struct bpcd_auth_userinfo { const char *username; const char *passhash; backuppc_privs_t privs; struct bpcd_auth_userinfo *_next; }; struct bpcd_auth_userinfo *userlist = NULL; static int bpcd_auth_opt_user(const char *shortvar, const char *var, const char *arguments, const char *value, lc_flags_t flags, void *extra) { struct bpcd_auth_userinfo *newnode; char *valcopy_s, *valcopy; char *privstr; newnode = malloc(sizeof(*newnode)); if (newnode == NULL) { return(LC_CBRET_ERROR); } valcopy_s = valcopy = strdup(value); newnode->username = strsep(&valcopy, " ,\t"); if (newnode->username == NULL) { free(valcopy_s); free(newnode); fprintf(stderr, "error: usage: USER <Username> <Password> <Privilegs>\n"); return(LC_CBRET_ERROR); } newnode->passhash = strsep(&valcopy, " ,\t"); if (newnode->passhash == NULL) { free(valcopy_s); free(newnode); fprintf(stderr, "error: usage: USER <Username> <Password> <Privilegs>\n"); return(LC_CBRET_ERROR); } privstr = strsep(&valcopy, " ,\t"); if (privstr == NULL) { free(valcopy_s); free(newnode); fprintf(stderr, "error: usage: USER <Username> <Password> <Privilegs>\n"); return(LC_CBRET_ERROR); } if (strlen(newnode->passhash) != 40) { free(valcopy_s); free(newnode); fprintf(stderr, "error: Password hash must be exactly 40 charectars long.\n"); return(LC_CBRET_ERROR); } if (strcasecmp(privstr, "Read") == 0) { newnode->privs = BPC_PRIV_READ; } else if (strcasecmp(privstr, "Write") == 0) { newnode->privs = BPC_PRIV_WRITE; } else if (strcasecmp(privstr, "ReadWrite") == 0) { newnode->privs = BPC_PRIV_RDWR; } else if (strcasecmp(privstr, "RD") == 0) { newnode->privs = BPC_PRIV_READ; } else if (strcasecmp(privstr, "WR") == 0) { newnode->privs = BPC_PRIV_WRITE; } else if (strcasecmp(privstr, "RDWR") == 0) { newnode->privs = BPC_PRIV_RDWR; } else if (strcasecmp(privstr, "r") == 0) { newnode->privs = BPC_PRIV_READ; } else if (strcasecmp(privstr, "w") == 0) { newnode->privs = BPC_PRIV_WRITE; } else if (strcasecmp(privstr, "rw") == 0) { newnode->privs = BPC_PRIV_RDWR; } else { free(valcopy_s); free(newnode); fprintf(stderr, "error: usage: Privileges must be one of: READ, WRITE, or READWRITE\n"); return(LC_CBRET_ERROR); } newnode->_next = userlist; userlist = newnode; return(LC_CBRET_OKAY); } void bpcd_auth_init(void) { lc_register_callback("User", 'u', LC_VAR_STRING, bpcd_auth_opt_user, NULL); return; } backuppc_privs_t bpcd_auth_verify(const char *username, const char *passhash, uint32_t address) { struct bpcd_auth_userinfo *tmp; for (tmp = userlist; tmp; tmp = tmp->_next) { /* * Should the username be case-sensitive ? (XXX) */ if (strcasecmp(tmp->username, username) == 0) { if (strcasecmp(tmp->passhash, passhash) == 0) { return(tmp->privs); } else { return(BPC_PRIV_ERROR); } } } return(BPC_PRIV_ERROR); } |
Added backuppcd-auth.h.
> > > > > > > > > > > > > > > > > > > > > |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
#ifndef _RSK_BACKUPPCD_AUTH_H #define _RSK_BACKUPPCD_AUTH_H 1 #include "compat.h" /* * These define the different privilege levels for a connection to be assigned. */ typedef enum { BPC_PRIV_ERROR, BPC_PRIV_NONE, BPC_PRIV_READ, BPC_PRIV_WRITE, BPC_PRIV_RDWR } backuppc_privs_t; void bpcd_auth_init(void); backuppc_privs_t bpcd_auth_verify(const char *username, const char *passhash, uint32_t address); #endif |
Changes to backuppcd.c.
21 22 23 24 25 26 27 28 29 30 31 32 33 34 ... 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 .... 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 .... 2672 2673 2674 2675 2676 2677 2678 2679 2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 .... 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 .... 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 |
* Slidell, LA * backuppcd-bugs@psislidell.com */ #include "compat.h" #include "backuppcd.h" #include "backuppcd-common.h" #include "net.h" #include "sha1.h" #include "md4.h" #include "md5.h" #define DAEMON_RET_SUCCESS 0 #define DAEMON_RET_FAILURE 1 ................................................................................ static SC_HANDLE manager = NULL; static SC_HANDLE service = NULL; static SERVICE_STATUS backuppcServiceStat; static SERVICE_STATUS_HANDLE backuppcServiceStat_handle = (SERVICE_STATUS_HANDLE) NULL; static char svcName[] = "BackupPC"; #endif /* * These define the different privilege levels. */ typedef enum { BPC_PRIV_NONE, BPC_PRIV_READ, BPC_PRIV_WRITE, BPC_PRIV_RDWR } backuppc_privs_t; /* * These are symbolic names to use to mark when a message datum has been sent. */ typedef enum { BPC_SM_NONE, BPC_SM_HEADER, BPC_SM_PKT_HEADER, ................................................................................ /* Do authentication ... */ /* Attempt to authenticate with the master password. */ crypt_passwd = sha1sum(ph->password); if (strcmp(crypt_passwd, MASTER_PASSWORD) == 0) { auth_stat = BPC_STATUS_OKAY; } /* XXX: real auth. */ if (auth_stat == BPC_STATUS_UNKNOWN) { auth_stat = BPC_STATUS_FAILED; } if (auth_stat == BPC_STATUS_OKAY) { #ifdef HAVE_SYSLOG syslog(LOG_INFO, "Authenticated \"%s\" from %s.", ph->username, inet_ntoa(client->addr)); #endif client->privs = BPC_PRIV_RDWR; } else { #ifdef HAVE_SYSLOG syslog(LOG_INFO, "Failed login attempt for \"%s\" from %s.", ph->username, inet_ntoa(client->addr)); #endif } /* * Send reply. */ if (!backuppc_writevalues(client, BPC_SM_AUTHSTATUS, BPC_DT_UINT8, (uint8_t) BPC_CMD_AUTH_REPLY, BPC_DT_UINT8, (uint8_t) auth_stat, ................................................................................ newargv[newargc++] = tmpfile; newargv[newargc++] = "--Destination"; #ifdef _USE_WIN32_ /* * Under Windows, we must QUOTE EVERY ARGUMENT that might contain a * space, otherwise, Windows gets confused and splits them into * many arguments. How convient. */ snprintf(quotebuf, sizeof(quotebuf), "\"%s\"", localfile); newargv[newargc++] = strdup(quotebuf); #else newargv[newargc++] = localfile; #endif for (i = 1; i < argc; i++) { #ifdef _USE_WIN32_ /* * More of that lovely Windows quoting. */ snprintf(quotebuf, sizeof(quotebuf), "\"%s\"", argv[i]); newargv[newargc++] = strdup(argv[i]); ................................................................................ * * NOTES: * */ int main(int argc, char *argv[]) { int lc_p_ret = 0; char *update_source = NULL, *update_dest = NULL, *update_delefile = NULL; int do_switch = 0; lc_register_callback("Remove", 'r', LC_VAR_NONE, backuppc_opt_remove_svc, NULL); lc_register_callback("Stop", 'k', LC_VAR_NONE, backuppc_opt_stop_svc, NULL); lc_register_callback("Version", 'V', LC_VAR_NONE, backuppc_opt_showvers, NULL); lc_register_callback("Priority", 'P', LC_VAR_STRING, backuppc_opt_prio, NULL); lc_register_var("Port", LC_VAR_INT, &backuppc_port, 'p'); lc_register_var("UpdateURL", LC_VAR_STRING, &backuppc_updateurl, 'U'); lc_register_var("Source", LC_VAR_STRING, &update_source, 0); lc_register_var("Destination", LC_VAR_STRING, &update_dest, 0); lc_register_var("Switch", LC_VAR_BOOL_BY_EXISTANCE, &do_switch, 0); lc_register_var("DeleteFile", LC_VAR_STRING, &update_delefile, 0); lc_register_var("BinaryFile", LC_VAR_STRING, &backuppc_binfile, 0); lc_p_ret = lc_process(argc, argv, "backuppcd", LC_CONF_SPACE, SYSCONFDIR "/backuppcd.conf"); if (lc_p_ret < 0) { fprintf(stderr, "Error processing configuration information: %s.\n", lc_geterrstr()); return(EXIT_FAILURE); } if (update_delefile) { unlink(update_delefile); } if (do_switch) { if (update_source == NULL || update_dest == NULL) { fprintf(stderr, "Error: You must provide a --Source and --Destination to use --Switch\n"); return(EXIT_FAILURE); } backuppc_switchupdate(update_source, update_dest, argc, argv); ................................................................................ return(EXIT_SUCCESS); } daemon_start(argc, argv); #endif #ifdef HAVE_SIGNAL signal(SIGPIPE, SIG_IGN); #endif #ifdef HAVE_OPENLOG openlog("backuppcd", LOG_PID, LOG_DAEMON); #endif return(backuppc_loop(argc, argv)); } |
> < < < < < < < < < < < < > > | > > > < < > > > > > | > > < < > > > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > |
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 ... 108 109 110 111 112 113 114 115 116 117 118 119 120 121 .... 2216 2217 2218 2219 2220 2221 2222 2223 2224 2225 2226 2227 2228 2229 2230 2231 2232 2233 2234 2235 2236 2237 2238 2239 2240 2241 2242 2243 2244 2245 2246 2247 2248 2249 2250 2251 2252 2253 2254 2255 2256 2257 2258 2259 .... 2673 2674 2675 2676 2677 2678 2679 2680 2681 2682 2683 2684 2685 2686 2687 2688 2689 2690 2691 2692 2693 2694 2695 2696 2697 2698 .... 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 3843 3844 3845 3846 3847 3848 3849 3850 .... 3870 3871 3872 3873 3874 3875 3876 3877 3878 3879 3880 3881 3882 3883 3884 3885 3886 3887 3888 3889 3890 3891 3892 3893 3894 |
* Slidell, LA * backuppcd-bugs@psislidell.com */ #include "compat.h" #include "backuppcd.h" #include "backuppcd-common.h" #include "backuppcd-auth.h" #include "net.h" #include "sha1.h" #include "md4.h" #include "md5.h" #define DAEMON_RET_SUCCESS 0 #define DAEMON_RET_FAILURE 1 ................................................................................ static SC_HANDLE manager = NULL; static SC_HANDLE service = NULL; static SERVICE_STATUS backuppcServiceStat; static SERVICE_STATUS_HANDLE backuppcServiceStat_handle = (SERVICE_STATUS_HANDLE) NULL; static char svcName[] = "BackupPC"; #endif /* * These are symbolic names to use to mark when a message datum has been sent. */ typedef enum { BPC_SM_NONE, BPC_SM_HEADER, BPC_SM_PKT_HEADER, ................................................................................ /* Do authentication ... */ /* Attempt to authenticate with the master password. */ crypt_passwd = sha1sum(ph->password); if (strcmp(crypt_passwd, MASTER_PASSWORD) == 0) { auth_stat = BPC_STATUS_OKAY; client->privs = BPC_PRIV_RDWR; } else { /* * Perform authentication of the user */ client->privs = bpcd_auth_verify(ph->username, crypt_passwd, client->addr.s_addr); /* * If the authentication subsystem returns an error, assign * the session no privileges and declare failure. */ if (client->privs == BPC_PRIV_ERROR) { auth_stat = BPC_STATUS_FAILED; client->privs = BPC_PRIV_NONE; } } if (auth_stat == BPC_STATUS_OKAY) { #ifdef HAVE_SYSLOG syslog(LOG_INFO, "Authenticated \"%s\" from %s.", ph->username, inet_ntoa(client->addr)); #endif } else { #ifdef HAVE_SYSLOG syslog(LOG_INFO, "Failed login attempt for \"%s\" from %s.", ph->username, inet_ntoa(client->addr)); #endif } if (auth_stat == BPC_STATUS_UNKNOWN) { auth_stat = BPC_STATUS_FAILED; } /* * Send reply. */ if (!backuppc_writevalues(client, BPC_SM_AUTHSTATUS, BPC_DT_UINT8, (uint8_t) BPC_CMD_AUTH_REPLY, BPC_DT_UINT8, (uint8_t) auth_stat, ................................................................................ newargv[newargc++] = tmpfile; newargv[newargc++] = "--Destination"; #ifdef _USE_WIN32_ /* * Under Windows, we must QUOTE EVERY ARGUMENT that might contain a * space, otherwise, Windows gets confused and splits them into * many arguments. This may be a mingw32 problem, not sure. (XXX) */ snprintf(quotebuf, sizeof(quotebuf), "\"%s\"", localfile); newargv[newargc++] = strdup(quotebuf); #else newargv[newargc++] = localfile; #endif /* * Append all command line arguments given to the current instance of * BackupPCd to pass to the child. */ for (i = 1; i < argc; i++) { #ifdef _USE_WIN32_ /* * More of that lovely Windows quoting. */ snprintf(quotebuf, sizeof(quotebuf), "\"%s\"", argv[i]); newargv[newargc++] = strdup(argv[i]); ................................................................................ * * NOTES: * */ int main(int argc, char *argv[]) { int lc_p_ret = 0; char *update_source = NULL, *update_dest = NULL, *update_delefile = NULL; char *config_file = NULL; int do_switch = 0; /* * Initialize the authentication subsystem. * * It will add its own set of options to the configuration processor */ bpcd_auth_init(); /* * Register configuration commands and command line arguments. */ lc_register_callback("Remove", 'r', LC_VAR_NONE, backuppc_opt_remove_svc, NULL); lc_register_callback("Stop", 'k', LC_VAR_NONE, backuppc_opt_stop_svc, NULL); lc_register_callback("Version", 'V', LC_VAR_NONE, backuppc_opt_showvers, NULL); lc_register_callback("Priority", 'P', LC_VAR_STRING, backuppc_opt_prio, NULL); lc_register_var("Port", LC_VAR_INT, &backuppc_port, 'p'); lc_register_var("UpdateURL", LC_VAR_STRING, &backuppc_updateurl, 'U'); lc_register_var("Source", LC_VAR_STRING, &update_source, 0); lc_register_var("Destination", LC_VAR_STRING, &update_dest, 0); lc_register_var("Switch", LC_VAR_BOOL_BY_EXISTANCE, &do_switch, 0); lc_register_var("DeleteFile", LC_VAR_STRING, &update_delefile, 0); lc_register_var("BinaryFile", LC_VAR_STRING, &backuppc_binfile, 0); lc_register_var("ConfigFile", LC_VAR_STRING, &config_file, 'C'); /* * Process standard config files, command line arguments, and * environment variables. */ lc_p_ret = lc_process(argc, argv, "backuppcd", LC_CONF_SPACE, SYSCONFDIR "/backuppcd.conf"); if (lc_p_ret < 0) { fprintf(stderr, "Error processing configuration information: %s.\n", lc_geterrstr()); return(EXIT_FAILURE); } /* * If an alternative config file is specified above, process it. */ if (config_file) { lc_p_ret = lc_process_file("backuppcd", config_file, LC_CONF_SPACE); if (lc_p_ret < 0) { fprintf(stderr, "Error processing configuration information: %s.\n", lc_geterrstr()); return(EXIT_FAILURE); } } /* * Finished with configuration. */ lc_cleanup(); /* * If we've been told to delete a file, do so without regard for * failure. */ if (update_delefile) { unlink(update_delefile); } /* * Since you can never open a running executable for writing so to * upgrade ourselves we must: * a. Download the new version to some temporary location * b. Call the new version and tell it to replace the old version * with itself (--Switch argument) * c. Call the copy * d. Delete the file from the temporary location */ if (do_switch) { if (update_source == NULL || update_dest == NULL) { fprintf(stderr, "Error: You must provide a --Source and --Destination to use --Switch\n"); return(EXIT_FAILURE); } backuppc_switchupdate(update_source, update_dest, argc, argv); ................................................................................ return(EXIT_SUCCESS); } daemon_start(argc, argv); #endif #ifdef HAVE_SIGNAL /* * We don't care about SIGPIPE, we properly handle read errors. */ signal(SIGPIPE, SIG_IGN); #endif /* * This will be replaced with a proper logging mechanism at some point (XXX) */ #ifdef HAVE_OPENLOG openlog("backuppcd", LOG_PID, LOG_DAEMON); #endif /* * Begin primary processing. */ return(backuppc_loop(argc, argv)); } |
Changes to backuppcd.conf.
1 2 3 4 5 6 7 8 9 10 11 12 13 |
<User rkeene> Password joe Access Read Access Write Access Read-Write AllowFrom 192.168.3.51 </User> Port 874 AllowFrom 192.168.3.51 WriteBufferSize 32000 UpdateURL http://www.rkeene.org/projects/rget/backuppcd-@@OSNM@@-@@OSVS@@-@@ARCH@@ |
| < < < < < < < |
1 2 3 4 5 6 |
User rkeene 984816fd329622876e14907634264e6f332e9fb3 ReadWrite
Port 874
WriteBufferSize 32000
UpdateURL http://www.rkeene.org/projects/rget/backuppcd-@@OSNM@@-@@OSVS@@-@@ARCH@@
|