Lines 39-44
Link Here
|
39 |
* |
39 |
* |
40 |
* all str commands are 0x00 terminated string of chars. |
40 |
* all str commands are 0x00 terminated string of chars. |
41 |
* |
41 |
* |
|
|
42 |
* Patched by Chris Jensen - 22 Sep 2004 |
43 |
* Expire cached passwords after short timeout |
44 |
* Add flush and flushall requests |
45 |
* Rename shared functions to avoid naming collisions |
42 |
* Patched by Chris Jensen - 19 Aug 2004 |
46 |
* Patched by Chris Jensen - 19 Aug 2004 |
43 |
* Clear passwords after first use |
47 |
* Clear passwords after first use |
44 |
* Overwrite passwords with 0x00 before freeing memory |
48 |
* Overwrite passwords with 0x00 before freeing memory |
Lines 55-60
Link Here
|
55 |
#include "smbpw.h" |
59 |
#include "smbpw.h" |
56 |
#include <stdarg.h> |
60 |
#include <stdarg.h> |
57 |
#include <syslog.h> |
61 |
#include <syslog.h> |
|
|
62 |
#include <time.h> |
58 |
|
63 |
|
59 |
/* Reference counter is necissary otherwise |
64 |
/* Reference counter is necissary otherwise |
60 |
* the sequence store, store, retrieve, retrieve |
65 |
* the sequence store, store, retrieve, retrieve |
Lines 67-72
Link Here
|
67 |
char *key; |
72 |
char *key; |
68 |
char *value; |
73 |
char *value; |
69 |
int ref; /* reference counter */ |
74 |
int ref; /* reference counter */ |
|
|
75 |
time_t mtime; /* time the value was last modified */ |
70 |
} *root = 0; |
76 |
} *root = 0; |
71 |
|
77 |
|
72 |
/* clean_free_str |
78 |
/* clean_free_str |
Lines 95-101
Link Here
|
95 |
if(strcmp((*entry)->key, key) == 0) |
101 |
if(strcmp((*entry)->key, key) == 0) |
96 |
{ |
102 |
{ |
97 |
(*entry)->ref++; |
103 |
(*entry)->ref++; |
98 |
//printf("Already an entry for key %s\n", key); |
104 |
(*entry)->mtime=time(NULL); |
99 |
clean_free_str(&((*entry)->value)); |
105 |
clean_free_str(&((*entry)->value)); |
100 |
|
106 |
|
101 |
(*entry)->value = strdup(value); |
107 |
(*entry)->value = strdup(value); |
Lines 108-113
Link Here
|
108 |
new = malloc(sizeof(struct entry_t)); |
114 |
new = malloc(sizeof(struct entry_t)); |
109 |
new->next = 0; |
115 |
new->next = 0; |
110 |
new->ref=1; |
116 |
new->ref=1; |
|
|
117 |
new->mtime=time(NULL); |
111 |
new->key = strdup(key); |
118 |
new->key = strdup(key); |
112 |
new->value = strdup(value); |
119 |
new->value = strdup(value); |
113 |
*entry = new; |
120 |
*entry = new; |
Lines 115-135
Link Here
|
115 |
return 0; |
122 |
return 0; |
116 |
} |
123 |
} |
117 |
|
124 |
|
118 |
/* scrub_memory |
|
|
119 |
Write 0x00 over all passwords stored in memory before shutting down |
120 |
*/ |
121 |
void scrub_memory(void) |
122 |
{ |
123 |
struct entry_t *entry = root; |
124 |
|
125 |
while (entry) |
126 |
{ |
127 |
clean_free_str(&(entry->key)); |
128 |
clean_free_str(&(entry->value)); |
129 |
|
130 |
entry = entry->next; |
131 |
} |
132 |
} |
133 |
|
125 |
|
134 |
#ifdef DEBUG |
126 |
#ifdef DEBUG |
135 |
/* cache_dump |
127 |
/* cache_dump |
Lines 141-155
Link Here
|
141 |
{ |
133 |
{ |
142 |
struct entry_t *entry = root; |
134 |
struct entry_t *entry = root; |
143 |
int count = 0; |
135 |
int count = 0; |
|
|
136 |
char *mtime; |
144 |
|
137 |
|
145 |
while (entry) |
138 |
while (entry) |
146 |
{ |
139 |
{ |
147 |
count++; |
140 |
count++; |
148 |
printf("%i, User: %s, Password: %s, Ref: %i\n", |
141 |
mtime = ctime(&(entry->mtime)); |
|
|
142 |
printf("%i, User: %s, Password: %s, Ref: %i, mtime: %s\n", |
149 |
count, entry->key, entry->value, |
143 |
count, entry->key, entry->value, |
150 |
entry->ref); |
144 |
entry->ref, mtime); |
151 |
|
145 |
|
152 |
entry = entry->next; |
146 |
entry = entry->next; |
|
|
147 |
free(mtime); |
153 |
} |
148 |
} |
154 |
|
149 |
|
155 |
printf("Total: %i\n", count); |
150 |
printf("Total: %i\n", count); |
Lines 161-184
Link Here
|
161 |
struct entry_t *entry = root; |
156 |
struct entry_t *entry = root; |
162 |
char *password = NULL; |
157 |
char *password = NULL; |
163 |
struct entry_t **prev = &root; |
158 |
struct entry_t **prev = &root; |
|
|
159 |
time_t now = time(NULL); |
160 |
int expired; |
164 |
|
161 |
|
165 |
while(entry) |
162 |
while(entry) |
166 |
{ |
163 |
{ |
167 |
//printf("%s, %s\n", entry->key, entry->value); |
164 |
//printf("%s, %s\n", entry->key, entry->value); |
168 |
if(strcmp(key, entry->key) == 0) |
165 |
if(strcmp(key, entry->key) == 0) |
169 |
{ |
166 |
{ |
|
|
167 |
expired = (difftime(now, entry->mtime) > |
168 |
MAX_CACHE_AGE); |
169 |
|
170 |
if (entry->value) |
170 |
if (entry->value) |
171 |
{ |
171 |
{ |
172 |
password = strdup(entry->value); |
172 |
if (!expired) |
173 |
|
173 |
{ |
174 |
if ((--(entry->ref)) < 1) |
174 |
password = strdup(entry->value); |
175 |
{ |
175 |
(entry->ref)--; |
176 |
clean_free_str(&(entry->value)); |
|
|
177 |
|
178 |
*prev=entry->next; |
179 |
free(entry); |
180 |
} |
176 |
} |
181 |
} |
177 |
} |
|
|
178 |
|
179 |
/* If the entry has expired, or has |
180 |
no more processes waiting to read on it |
181 |
remove it */ |
182 |
if (expired || (entry->ref < 1)) |
183 |
{ |
184 |
clean_free_str(&(entry->value)); |
185 |
free(&(entry->key)); |
186 |
|
187 |
*prev=entry->next; |
188 |
free(entry); |
189 |
} |
182 |
return password; |
190 |
return password; |
183 |
} |
191 |
} |
184 |
prev = &entry->next; |
192 |
prev = &entry->next; |
Lines 187-192
Link Here
|
187 |
return 0; |
195 |
return 0; |
188 |
} |
196 |
} |
189 |
|
197 |
|
|
|
198 |
static void cache_flush(int flushall) |
199 |
{ |
200 |
struct entry_t *entry = root; |
201 |
struct entry_t **prev = &root; |
202 |
time_t now = time(NULL); |
203 |
|
204 |
while(entry) |
205 |
{ |
206 |
if ((flushall) || (difftime(now, entry->mtime) > |
207 |
MAX_CACHE_AGE)) |
208 |
{ |
209 |
clean_free_str(&(entry->value)); |
210 |
clean_free_str(&(entry->key)); |
211 |
|
212 |
*prev=entry->next; |
213 |
free(entry); |
214 |
} |
215 |
|
216 |
prev = &entry->next; |
217 |
entry = entry->next; |
218 |
} |
219 |
} |
220 |
|
190 |
static void log(int err, const char *format, ...) |
221 |
static void log(int err, const char *format, ...) |
191 |
{ |
222 |
{ |
192 |
va_list args; |
223 |
va_list args; |
Lines 234-247
Link Here
|
234 |
return 1; |
265 |
return 1; |
235 |
} |
266 |
} |
236 |
|
267 |
|
237 |
if(verify_socket_path(SOCKET_NAME) < 0) |
268 |
if(smbpw_verify_socket_path(SOCKET_NAME) < 0) |
238 |
{ |
269 |
{ |
239 |
print_version(); |
270 |
print_version(); |
240 |
fprintf(stderr, "Socket path %s is insecure\n", SOCKET_NAME); |
271 |
fprintf(stderr, "Socket path %s is insecure\n", SOCKET_NAME); |
241 |
return 1; |
272 |
return 1; |
242 |
} |
273 |
} |
243 |
|
274 |
|
244 |
ss = open_unix_socket(SOCKET_NAME); |
275 |
ss = smbpw_open_unix_socket(SOCKET_NAME); |
245 |
if(ss < 0) |
276 |
if(ss < 0) |
246 |
{ |
277 |
{ |
247 |
print_version(); |
278 |
print_version(); |
Lines 307-319
Link Here
|
307 |
{ |
338 |
{ |
308 |
printf("STORE\n"); |
339 |
printf("STORE\n"); |
309 |
} |
340 |
} |
310 |
username = readstring(cs); |
341 |
username = smbpw_readstring(cs); |
311 |
if(!username) |
342 |
if(!username) |
312 |
{ |
343 |
{ |
313 |
close(cs); |
344 |
close(cs); |
314 |
continue; |
345 |
continue; |
315 |
} |
346 |
} |
316 |
password = readstring(cs); |
347 |
password = smbpw_readstring(cs); |
317 |
if(!password) |
348 |
if(!password) |
318 |
{ |
349 |
{ |
319 |
close(cs); |
350 |
close(cs); |
Lines 331-337
Link Here
|
331 |
{ |
362 |
{ |
332 |
printf("RETRIEVE\n"); |
363 |
printf("RETRIEVE\n"); |
333 |
} |
364 |
} |
334 |
username = readstring(cs); |
365 |
username = smbpw_readstring(cs); |
335 |
if(!username) |
366 |
if(!username) |
336 |
{ |
367 |
{ |
337 |
close(cs); |
368 |
close(cs); |
Lines 360-366
Link Here
|
360 |
printf("SHUTDOWN\n"); |
391 |
printf("SHUTDOWN\n"); |
361 |
} |
392 |
} |
362 |
log(LOG_INFO, "shutdown request. daemon terminating\n"); |
393 |
log(LOG_INFO, "shutdown request. daemon terminating\n"); |
363 |
scrub_memory(); |
394 |
cache_flush(1); |
364 |
return 0; |
395 |
return 0; |
365 |
break; |
396 |
break; |
366 |
#ifdef DEBUG |
397 |
#ifdef DEBUG |
Lines 373-379
Link Here
|
373 |
} |
404 |
} |
374 |
break; |
405 |
break; |
375 |
#endif /* DEBUG */ |
406 |
#endif /* DEBUG */ |
376 |
|
407 |
case 0x05: |
|
|
408 |
if(verbose) |
409 |
{ |
410 |
printf("FLUSH\n"); |
411 |
} |
412 |
log(LOG_INFO, "Buffer flush requested. All old entries being cleaned.\n"); |
413 |
cache_flush(0); |
414 |
break; |
415 |
case 0x06: |
416 |
if(verbose) |
417 |
{ |
418 |
printf("FLUSH ALL\n"); |
419 |
} |
420 |
log(LOG_INFO, "Full buffer flush requested. All entries are being removed.\n"); |
421 |
cache_flush(1); |
422 |
break; |
377 |
default: |
423 |
default: |
378 |
break; |
424 |
break; |
379 |
} |
425 |
} |