Context Navigation

source: storage_xml.c @ fd03770

Last change on this file since fd03770 was 6ee9d2d, checked in by Wilmer van der Gaast <wilmer@…>, at 2006-06-25T18:25:13Z
Forgot to initialize pass_rc4 (which caused memory management mess when trying to load a damaged XML-file).
Property mode set to `100644`
File size: 14.0 KB

Rev	Line
[a312b6b]	1	/********************************************************************\
	2	* BitlBee -- An IRC to other IM-networks gateway *
	3	* *
	4	* Copyright 2002-2006 Wilmer van der Gaast and others *
	5	\********************************************************************/
	6
	7	/* Storage backend that uses an XMLish format for all data. */
	8
	9	/*
	10	This program is free software; you can redistribute it and/or modify
	11	it under the terms of the GNU General Public License as published by
	12	the Free Software Foundation; either version 2 of the License, or
	13	(at your option) any later version.
	14
	15	This program is distributed in the hope that it will be useful,
	16	but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	18	GNU General Public License for more details.
	19
	20	You should have received a copy of the GNU General Public License with
	21	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
	22	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
	23	Suite 330, Boston, MA 02111-1307 USA
	24	*/
	25
	26	#define BITLBEE_CORE
	27	#include "bitlbee.h"
[6e1fed7]	28	#include "base64.h"
	29	#include "rc4.h"
[d28f3b35]	30	#include "md5.h"
[a312b6b]	31
[c121f89]	32	typedef enum
	33	{
	34	XML_PASS_CHECK_ONLY = -1,
	35	XML_PASS_UNKNOWN = 0,
	36	XML_PASS_OK
	37	} xml_pass_st;
	38
[84e9cea]	39	/* This isn't very clean, probably making a separate error class + code for
	40	BitlBee would be a better solution. But this will work for now... */
[c121f89]	41	#define XML_PASS_ERRORMSG "Wrong username or password"
[88086db]	42	#define XML_FORMAT_VERSION 1
[c121f89]	43
[a312b6b]	44	struct xml_parsedata
	45	{
	46	irc_t *irc;
	47	char *current_setting;
	48	account_t *current_account;
[c121f89]	49	char *given_nick;
	50	char *given_pass;
	51	xml_pass_st pass_st;
[a312b6b]	52	};
	53
	54	static char xml_attr( const gchar attr_names, const gchar attr_values, const gchar key )
	55	{
	56	int i;
	57
	58	for( i = 0; attr_names[i]; i ++ )
	59	if( g_strcasecmp( attr_names[i], key ) == 0 )
[c121f89]	60	return (char*) attr_values[i];
[a312b6b]	61
	62	return NULL;
	63	}
	64
[c121f89]	65	static void xml_destroy_xd( gpointer data )
	66	{
	67	struct xml_parsedata *xd = data;
	68
	69	g_free( xd->given_nick );
	70	g_free( xd->given_pass );
	71	g_free( xd );
	72	}
	73
[a312b6b]	74	static void xml_start_element( GMarkupParseContext ctx, const gchar element_name, const gchar attr_names, const gchar attr_values, gpointer data, GError **error )
	75	{
	76	struct xml_parsedata *xd = data;
[c121f89]	77	irc_t *irc = xd->irc;
[a312b6b]	78
	79	if( g_strcasecmp( element_name, "user" ) == 0 )
	80	{
	81	char *nick = xml_attr( attr_names, attr_values, "nick" );
[c121f89]	82	char *pass = xml_attr( attr_names, attr_values, "password" );
[6e1fed7]	83	md5_byte_t *pass_dec = NULL;
[a312b6b]	84
[c121f89]	85	if( !nick \|\| !pass )
[a312b6b]	86	{
[c121f89]	87	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	88	"Missing attributes for %s element", element_name );
[a312b6b]	89	}
[6e1fed7]	90	else if( base64_decode( pass, &pass_dec ) != 21 )
	91	{
	92	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	93	"Error while decoding password attribute" );
	94	}
[c121f89]	95	else
	96	{
[d28f3b35]	97	md5_byte_t pass_md5[16];
	98	md5_state_t md5_state;
[6e1fed7]	99	int i;
[d28f3b35]	100
	101	md5_init( &md5_state );
[d028a77]	102	md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) );
[6e1fed7]	103	md5_append( &md5_state, (md5_byte_t) pass_dec + 16, 5 ); / Hmmm, salt! */
[d28f3b35]	104	md5_finish( &md5_state, pass_md5 );
	105
[d028a77]	106	for( i = 0; i < 16; i ++ )
[d28f3b35]	107	{
[6e1fed7]	108	if( pass_dec[i] != pass_md5[i] )
[d028a77]	109	{
	110	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	111	XML_PASS_ERRORMSG );
[d28f3b35]	112	break;
[d028a77]	113	}
[d28f3b35]	114	}
	115
[d028a77]	116	/* If we reached the end of the loop, it was a match! */
	117	if( i == 16 )
[d28f3b35]	118	{
	119	if( xd->pass_st != XML_PASS_CHECK_ONLY )
	120	xd->pass_st = XML_PASS_OK;
	121	}
[c121f89]	122	}
[6e1fed7]	123
	124	g_free( pass_dec );
[c121f89]	125	}
	126	else if( xd->pass_st < XML_PASS_OK )
	127	{
	128	/* Let's not parse anything else if we only have to check
	129	the password. */
[a312b6b]	130	}
	131	else if( g_strcasecmp( element_name, "account" ) == 0 )
	132	{
[6ee9d2d]	133	char protocol, handle, server, password = NULL, *autoconnect;
[6e1fed7]	134	char pass_b64 = NULL, pass_rc4 = NULL;
	135	int pass_len;
[a312b6b]	136	struct prpl *prpl = NULL;
	137
	138	handle = xml_attr( attr_names, attr_values, "handle" );
[6e1fed7]	139	pass_b64 = xml_attr( attr_names, attr_values, "password" );
[c121f89]	140	server = xml_attr( attr_names, attr_values, "server" );
[2b14eef]	141	autoconnect = xml_attr( attr_names, attr_values, "autoconnect" );
[a312b6b]	142
	143	protocol = xml_attr( attr_names, attr_values, "protocol" );
	144	if( protocol )
	145	prpl = find_protocol( protocol );
	146
[6e1fed7]	147	if( !handle \|\| !pass_b64 \|\| !protocol )
[c121f89]	148	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	149	"Missing attributes for %s element", element_name );
	150	else if( !prpl )
	151	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
[9b46b64]	152	"Unknown protocol: %s", protocol );
[6e1fed7]	153	else if( ( pass_len = base64_decode( pass_b64, (unsigned char**) &pass_rc4 ) ) &&
	154	rc4_decode( (unsigned char*) pass_rc4, pass_len,
	155	(unsigned char**) &password, xd->given_pass ) )
[a312b6b]	156	{
[c121f89]	157	xd->current_account = account_add( irc, prpl, handle, password );
	158	if( server )
	159	xd->current_account->server = g_strdup( server );
[2b14eef]	160	if( autoconnect )
	161	/* Return value doesn't matter, since account_add() already sets
	162	a default! */
	163	sscanf( autoconnect, "%d", &xd->current_account->auto_connect );
[a312b6b]	164	}
[6e1fed7]	165	else
	166	{
	167	/* Actually the _decode functions don't even return error codes,
	168	but maybe they will later... */
	169	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	170	"Error while decrypting account password" );
	171	}
	172
	173	g_free( pass_rc4 );
	174	g_free( password );
[a312b6b]	175	}
	176	else if( g_strcasecmp( element_name, "setting" ) == 0 )
	177	{
	178	if( xd->current_account == NULL )
	179	{
[c121f89]	180	char *setting;
	181
	182	if( xd->current_setting )
	183	{
	184	g_free( xd->current_setting );
	185	xd->current_setting = NULL;
	186	}
	187
	188	if( ( setting = xml_attr( attr_names, attr_values, "name" ) ) )
	189	xd->current_setting = g_strdup( setting );
	190	else
	191	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	192	"Missing attributes for %s element", element_name );
[a312b6b]	193	}
	194	}
	195	else if( g_strcasecmp( element_name, "buddy" ) == 0 )
	196	{
[c121f89]	197	char handle, nick;
	198
	199	handle = xml_attr( attr_names, attr_values, "handle" );
	200	nick = xml_attr( attr_names, attr_values, "nick" );
	201
	202	if( xd->current_account && handle && nick )
	203	{
	204	nick_set( irc, handle, xd->current_account->prpl, nick );
	205	}
	206	else
	207	{
	208	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
	209	"Missing attributes for %s element", element_name );
	210	}
[a312b6b]	211	}
	212	else
	213	{
[c121f89]	214	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_UNKNOWN_ELEMENT,
	215	"Unkown element: %s", element_name );
[a312b6b]	216	}
	217	}
	218
	219	static void xml_end_element( GMarkupParseContext ctx, const gchar element_name, gpointer data, GError **error )
	220	{
[5898ef8]	221	struct xml_parsedata *xd = data;
	222
	223	if( g_strcasecmp( element_name, "setting" ) == 0 && xd->current_setting )
	224	{
	225	g_free( xd->current_setting );
	226	xd->current_setting = NULL;
	227	}
	228	else if( g_strcasecmp( element_name, "account" ) == 0 )
	229	{
	230	xd->current_account = NULL;
	231	}
[a312b6b]	232	}
	233
	234	static void xml_text( GMarkupParseContext ctx, const gchar text, gsize text_len, gpointer data, GError **error )
	235	{
	236	struct xml_parsedata *xd = data;
[c121f89]	237	irc_t *irc = xd->irc;
[a312b6b]	238
[c121f89]	239	if( xd->pass_st < XML_PASS_OK )
	240	{
	241	/* Let's not parse anything else if we only have to check
[84e9cea]	242	the password, or if we didn't get the chance to check it
	243	yet. */
[c121f89]	244	}
	245	else if( g_strcasecmp( g_markup_parse_context_get_element( ctx ), "setting" ) == 0 &&
	246	xd->current_setting && xd->current_account == NULL )
[a312b6b]	247	{
[c121f89]	248	set_setstr( irc, xd->current_setting, (char*) text );
	249	g_free( xd->current_setting );
	250	xd->current_setting = NULL;
[a312b6b]	251	}
	252	}
	253
	254	GMarkupParser xml_parser =
	255	{
	256	xml_start_element,
	257	xml_end_element,
	258	xml_text,
	259	NULL,
[5898ef8]	260	NULL
[a312b6b]	261	};
	262
	263	static void xml_init( void )
	264	{
	265	if( access( global.conf->configdir, F_OK ) != 0 )
	266	log_message( LOGLVL_WARNING, "The configuration directory %s does not exist. Configuration won't be saved.", CONFIG );
	267	else if( access( global.conf->configdir, R_OK ) != 0 \|\| access( global.conf->configdir, W_OK ) != 0 )
	268	log_message( LOGLVL_WARNING, "Permission problem: Can't read/write from/to %s.", global.conf->configdir );
	269	}
	270
[84e9cea]	271	static storage_status_t xml_load_real( const char my_nick, const char password, irc_t *irc, xml_pass_st action )
[a312b6b]	272	{
	273	GMarkupParseContext *ctx;
[c121f89]	274	struct xml_parsedata *xd;
	275	char *fn, buf[512];
	276	GError *gerr = NULL;
	277	int fd, st;
[a312b6b]	278
[84e9cea]	279	if( irc && irc->status & USTATUS_IDENTIFIED )
[a312b6b]	280	return( 1 );
	281
[c121f89]	282	xd = g_new0( struct xml_parsedata, 1 );
	283	xd->irc = irc;
	284	xd->given_nick = g_strdup( my_nick );
	285	xd->given_pass = g_strdup( password );
[84e9cea]	286	xd->pass_st = action;
[c121f89]	287	nick_lc( xd->given_nick );
[a312b6b]	288
[c121f89]	289	fn = g_strdup_printf( "%s%s%s", global.conf->configdir, xd->given_nick, ".xml" );
	290	if( ( fd = open( fn, O_RDONLY ) ) < 0 )
[a312b6b]	291	{
[c121f89]	292	xml_destroy_xd( xd );
	293	g_free( fn );
	294	return STORAGE_NO_SUCH_USER;
[a312b6b]	295	}
[c121f89]	296	g_free( fn );
[a312b6b]	297
[c121f89]	298	ctx = g_markup_parse_context_new( &xml_parser, 0, xd, xml_destroy_xd );
[a312b6b]	299
[c121f89]	300	while( ( st = read( fd, buf, sizeof( buf ) ) ) > 0 )
[a312b6b]	301	{
[c121f89]	302	if( !g_markup_parse_context_parse( ctx, buf, st, &gerr ) \|\| gerr )
	303	{
	304	g_markup_parse_context_free( ctx );
[5898ef8]	305	close( fd );
[c121f89]	306
[5898ef8]	307	/* Slightly dirty... */
[c121f89]	308	if( gerr && strcmp( gerr->message, XML_PASS_ERRORMSG ) == 0 )
[00ab350]	309	{
	310	g_clear_error( &gerr );
[c121f89]	311	return STORAGE_INVALID_PASSWORD;
[00ab350]	312	}
[c121f89]	313	else
[5898ef8]	314	{
[84e9cea]	315	if( gerr && irc )
[5898ef8]	316	irc_usermsg( irc, "Error from XML-parser: %s", gerr->message );
	317
[00ab350]	318	g_clear_error( &gerr );
[c121f89]	319	return STORAGE_OTHER_ERROR;
[5898ef8]	320	}
[c121f89]	321	}
[a312b6b]	322	}
[00ab350]	323	/* Just to be sure... */
	324	g_clear_error( &gerr );
[a312b6b]	325
[c121f89]	326	g_markup_parse_context_free( ctx );
[5898ef8]	327	close( fd );
[c121f89]	328
[84e9cea]	329	if( action == XML_PASS_CHECK_ONLY )
	330	return STORAGE_OK;
	331
[5898ef8]	332	irc->status \|= USTATUS_IDENTIFIED;
[a312b6b]	333
	334	if( set_getint( irc, "auto_connect" ) )
	335	{
[c121f89]	336	/* Can't do this directly because r_c_s alters the string */
	337	strcpy( buf, "account on" );
	338	root_command_string( irc, NULL, buf, 0 );
[a312b6b]	339	}
	340
	341	return STORAGE_OK;
	342	}
	343
[84e9cea]	344	static storage_status_t xml_load( const char my_nick, const char password, irc_t *irc )
	345	{
	346	return xml_load_real( my_nick, password, irc, XML_PASS_UNKNOWN );
	347	}
	348
	349	static storage_status_t xml_check_pass( const char my_nick, const char password )
	350	{
	351	/* This is a little bit risky because we have to pass NULL for the
	352	irc_t argument. This should be fine, if I didn't miss anything... */
	353	return xml_load_real( my_nick, password, NULL, XML_PASS_CHECK_ONLY );
	354	}
	355
[5898ef8]	356	static int xml_printf( int fd, char *fmt, ... )
	357	{
	358	va_list params;
	359	char *out;
	360	int len;
	361
	362	va_start( params, fmt );
	363	out = g_markup_vprintf_escaped( fmt, params );
	364	va_end( params );
	365
	366	len = strlen( out );
	367	len -= write( fd, out, len );
	368	g_free( out );
	369
	370	return len == 0;
	371	}
	372
[c121f89]	373	static storage_status_t xml_save( irc_t *irc, int overwrite )
[a312b6b]	374	{
[6e1fed7]	375	char path[512], path2, pass_buf = NULL;
[5898ef8]	376	set_t *set;
	377	nick_t *nick;
	378	account_t *acc;
[ece2cd2]	379	int fd, i;
[6e1fed7]	380	md5_byte_t pass_md5[21];
[ece2cd2]	381	md5_state_t md5_state;
	382
	383	if( irc->password == NULL )
	384	{
	385	irc_usermsg( irc, "Please register yourself if you want to save your settings." );
	386	return STORAGE_OTHER_ERROR;
	387	}
[a312b6b]	388
[5898ef8]	389	g_snprintf( path, sizeof( path ) - 2, "%s%s%s", global.conf->configdir, irc->nick, ".xml" );
	390
	391	if( !overwrite && access( path, F_OK ) != -1 )
	392	return STORAGE_ALREADY_EXISTS;
	393
	394	strcat( path, "~" );
	395	if( ( fd = open( path, O_WRONLY \| O_CREAT, 0600 ) ) < 0 )
	396	{
	397	irc_usermsg( irc, "Error while opening configuration file." );
	398	return STORAGE_OTHER_ERROR;
[a312b6b]	399	}
[5898ef8]	400
[6e1fed7]	401	/* Generate a salted md5sum of the password. Use 5 bytes for the salt
	402	(to prevent dictionary lookups of passwords) to end up with a 21-
	403	byte password hash, more convenient for base64 encoding. */
	404	for( i = 0; i < 5; i ++ )
	405	pass_md5[16+i] = rand() & 0xff;
[ece2cd2]	406	md5_init( &md5_state );
	407	md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) );
[6e1fed7]	408	md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
[ece2cd2]	409	md5_finish( &md5_state, pass_md5 );
[6e1fed7]	410	/* Save the hash in base64-encoded form. */
	411	pass_buf = base64_encode( (char*) pass_md5, 21 );
[ece2cd2]	412
[88086db]	413	if( !xml_printf( fd, "<user nick=\"%s\" password=\"%s\" version=\"%d\">\n", irc->nick, pass_buf, XML_FORMAT_VERSION ) )
[5898ef8]	414	goto write_error;
	415
[6e1fed7]	416	g_free( pass_buf );
	417
[5898ef8]	418	for( set = irc->set; set; set = set->next )
	419	if( set->value && set->def )
	420	if( !xml_printf( fd, "\t<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
	421	goto write_error;
	422
	423	for( acc = irc->accounts; acc; acc = acc->next )
	424	{
[6e1fed7]	425	char pass_rc4, pass_b64;
	426	int pass_len;
	427
	428	pass_len = rc4_encode( (unsigned char) acc->pass, strlen( acc->pass ), (unsigned char*) &pass_rc4, irc->password );
	429	pass_b64 = base64_encode( pass_rc4, pass_len );
	430
	431	if( !xml_printf( fd, "\t<account protocol=\"%s\" handle=\"%s\" password=\"%s\" autoconnect=\"%d\"", acc->prpl->name, acc->user, pass_b64, acc->auto_connect ) )
	432	{
	433	g_free( pass_rc4 );
	434	g_free( pass_b64 );
[5898ef8]	435	goto write_error;
[6e1fed7]	436	}
	437	g_free( pass_rc4 );
	438	g_free( pass_b64 );
	439
[5898ef8]	440	if( acc->server && acc->server[0] && !xml_printf( fd, " server=\"%s\"", acc->server ) )
	441	goto write_error;
	442	if( !xml_printf( fd, ">\n" ) )
	443	goto write_error;
	444
	445	for( nick = irc->nicks; nick; nick = nick->next )
	446	if( nick->proto == acc->prpl )
	447	if( !xml_printf( fd, "\t\t<buddy handle=\"%s\" nick=\"%s\" />\n", nick->handle, nick->nick ) )
	448	goto write_error;
	449
	450	if( !xml_printf( fd, "\t</account>\n" ) )
	451	goto write_error;
	452	}
	453
	454	if( !xml_printf( fd, "</user>\n" ) )
	455	goto write_error;
	456
	457	close( fd );
	458
	459	path2 = g_strndup( path, strlen( path ) - 1 );
	460	if( rename( path, path2 ) != 0 )
	461	{
	462	irc_usermsg( irc, "Error while renaming temporary configuration file." );
	463
	464	g_free( path2 );
	465	unlink( path );
	466
	467	return STORAGE_OTHER_ERROR;
	468	}
	469
	470	g_free( path2 );
	471
[a312b6b]	472	return STORAGE_OK;
[5898ef8]	473
	474	write_error:
[6e1fed7]	475	g_free( pass_buf );
	476
[5898ef8]	477	irc_usermsg( irc, "Write error. Disk full?" );
	478	close( fd );
	479
	480	return STORAGE_OTHER_ERROR;
[a312b6b]	481	}
	482
[84e9cea]	483	static storage_status_t xml_remove( const char nick, const char password )
	484	{
	485	char s[512];
	486	storage_status_t status;
	487
	488	status = xml_check_pass( nick, password );
	489	if( status != STORAGE_OK )
	490	return status;
	491
	492	g_snprintf( s, 511, "%s%s%s", global.conf->configdir, nick, ".xml" );
	493	if( unlink( s ) == -1 )
	494	return STORAGE_OTHER_ERROR;
	495
	496	return STORAGE_OK;
	497	}
	498
[a312b6b]	499	storage_t storage_xml = {
	500	.name = "xml",
	501	.init = xml_init,
[84e9cea]	502	.check_pass = xml_check_pass,
	503	.remove = xml_remove,
[a312b6b]	504	.load = xml_load,
	505	.save = xml_save
	506	};

Note: See TracBrowser for help on using the repository browser.

Download in other formats: