Context Navigation

source: storage_xml.c @ 5bcf70a

Last change on this file since 5bcf70a was 8320a7a, checked in by Wilmer van der Gaast <wilmer@…>, at 2006-09-17T15:30:35Z
Strings passed to xml_text aren't necessarily \0-terminated, so don't count on that anymore.
Property mode set to `100644`
File size: 14.7 KB

Line
1	/********************************************************************\
2	* BitlBee -- An IRC to other IM-networks gateway *
3	* *
4	* Copyright 2002-2006 Wilmer van der Gaast and others *
5	\********************************************************************/
6
7	/* Storage backend that uses an XMLish format for all data. */
8
9	/*
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License as published by
12	the Free Software Foundation; either version 2 of the License, or
13	(at your option) any later version.
14
15	This program is distributed in the hope that it will be useful,
16	but WITHOUT ANY WARRANTY; without even the implied warranty of
17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	GNU General Public License for more details.
19
20	You should have received a copy of the GNU General Public License with
21	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
22	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
23	Suite 330, Boston, MA 02111-1307 USA
24	*/
25
26	#define BITLBEE_CORE
27	#include "bitlbee.h"
28	#include "base64.h"
29	#include "rc4.h"
30	#include "md5.h"
31
32	typedef enum
33	{
34	XML_PASS_CHECK_ONLY = -1,
35	XML_PASS_UNKNOWN = 0,
36	XML_PASS_WRONG,
37	XML_PASS_OK
38	} xml_pass_st;
39
40	/* To make it easier later when extending the format: */
41	#define XML_FORMAT_VERSION 1
42
43	struct xml_parsedata
44	{
45	irc_t *irc;
46	char *current_setting;
47	account_t *current_account;
48	char *given_nick;
49	char *given_pass;
50	xml_pass_st pass_st;
51	};
52
53	static char xml_attr( const gchar attr_names, const gchar attr_values, const gchar key )
54	{
55	int i;
56
57	for( i = 0; attr_names[i]; i ++ )
58	if( g_strcasecmp( attr_names[i], key ) == 0 )
59	return (char*) attr_values[i];
60
61	return NULL;
62	}
63
64	static void xml_destroy_xd( gpointer data )
65	{
66	struct xml_parsedata *xd = data;
67
68	g_free( xd->given_nick );
69	g_free( xd->given_pass );
70	g_free( xd );
71	}
72
73	static void xml_start_element( GMarkupParseContext ctx, const gchar element_name, const gchar attr_names, const gchar attr_values, gpointer data, GError **error )
74	{
75	struct xml_parsedata *xd = data;
76	irc_t *irc = xd->irc;
77
78	if( g_strcasecmp( element_name, "user" ) == 0 )
79	{
80	char *nick = xml_attr( attr_names, attr_values, "nick" );
81	char *pass = xml_attr( attr_names, attr_values, "password" );
82	md5_byte_t *pass_dec = NULL;
83
84	if( !nick \|\| !pass )
85	{
86	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
87	"Missing attributes for %s element", element_name );
88	}
89	else if( base64_decode( pass, &pass_dec ) != 21 )
90	{
91	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
92	"Error while decoding password attribute" );
93	}
94	else
95	{
96	md5_byte_t pass_md5[16];
97	md5_state_t md5_state;
98	int i;
99
100	md5_init( &md5_state );
101	md5_append( &md5_state, (md5_byte_t*) xd->given_pass, strlen( xd->given_pass ) );
102	md5_append( &md5_state, (md5_byte_t) pass_dec + 16, 5 ); / Hmmm, salt! */
103	md5_finish( &md5_state, pass_md5 );
104
105	for( i = 0; i < 16; i ++ )
106	{
107	if( pass_dec[i] != pass_md5[i] )
108	{
109	xd->pass_st = XML_PASS_WRONG;
110	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
111	"Password mismatch" );
112	break;
113	}
114	}
115
116	/* If we reached the end of the loop, it was a match! */
117	if( i == 16 )
118	{
119	if( xd->pass_st != XML_PASS_CHECK_ONLY )
120	xd->pass_st = XML_PASS_OK;
121	}
122	}
123
124	g_free( pass_dec );
125	}
126	else if( xd->pass_st < XML_PASS_OK )
127	{
128	/* Let's not parse anything else if we only have to check
129	the password. */
130	}
131	else if( g_strcasecmp( element_name, "account" ) == 0 )
132	{
133	char protocol, handle, server, password = NULL, *autoconnect;
134	char pass_b64 = NULL, pass_rc4 = NULL;
135	int pass_len;
136	struct prpl *prpl = NULL;
137
138	handle = xml_attr( attr_names, attr_values, "handle" );
139	pass_b64 = xml_attr( attr_names, attr_values, "password" );
140	server = xml_attr( attr_names, attr_values, "server" );
141	autoconnect = xml_attr( attr_names, attr_values, "autoconnect" );
142
143	protocol = xml_attr( attr_names, attr_values, "protocol" );
144	if( protocol )
145	prpl = find_protocol( protocol );
146
147	if( !handle \|\| !pass_b64 \|\| !protocol )
148	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
149	"Missing attributes for %s element", element_name );
150	else if( !prpl )
151	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
152	"Unknown protocol: %s", protocol );
153	else if( ( pass_len = base64_decode( pass_b64, (unsigned char**) &pass_rc4 ) ) &&
154	rc4_decode( (unsigned char*) pass_rc4, pass_len,
155	(unsigned char**) &password, xd->given_pass ) )
156	{
157	xd->current_account = account_add( irc, prpl, handle, password );
158	if( server )
159	set_setstr( &xd->current_account->set, "server", server );
160	if( autoconnect )
161	set_setstr( &xd->current_account->set, "auto_connect", autoconnect );
162	}
163	else
164	{
165	/* Actually the _decode functions don't even return error codes,
166	but maybe they will later... */
167	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
168	"Error while decrypting account password" );
169	}
170
171	g_free( pass_rc4 );
172	g_free( password );
173	}
174	else if( g_strcasecmp( element_name, "setting" ) == 0 )
175	{
176	char *setting;
177
178	if( xd->current_setting )
179	{
180	g_free( xd->current_setting );
181	xd->current_setting = NULL;
182	}
183
184	if( ( setting = xml_attr( attr_names, attr_values, "name" ) ) )
185	xd->current_setting = g_strdup( setting );
186	else
187	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
188	"Missing attributes for %s element", element_name );
189	}
190	else if( g_strcasecmp( element_name, "buddy" ) == 0 )
191	{
192	char handle, nick;
193
194	handle = xml_attr( attr_names, attr_values, "handle" );
195	nick = xml_attr( attr_names, attr_values, "nick" );
196
197	if( xd->current_account && handle && nick )
198	{
199	nick_set( xd->current_account, handle, nick );
200	}
201	else
202	{
203	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_INVALID_CONTENT,
204	"Missing attributes for %s element", element_name );
205	}
206	}
207	else
208	{
209	g_set_error( error, G_MARKUP_ERROR, G_MARKUP_ERROR_UNKNOWN_ELEMENT,
210	"Unkown element: %s", element_name );
211	}
212	}
213
214	static void xml_end_element( GMarkupParseContext ctx, const gchar element_name, gpointer data, GError **error )
215	{
216	struct xml_parsedata *xd = data;
217
218	if( g_strcasecmp( element_name, "setting" ) == 0 && xd->current_setting )
219	{
220	g_free( xd->current_setting );
221	xd->current_setting = NULL;
222	}
223	else if( g_strcasecmp( element_name, "account" ) == 0 )
224	{
225	xd->current_account = NULL;
226	}
227	}
228
229	static void xml_text( GMarkupParseContext ctx, const gchar text_orig, gsize text_len, gpointer data, GError **error )
230	{
231	char text[text_len+1];
232	struct xml_parsedata *xd = data;
233	irc_t *irc = xd->irc;
234
235	strncpy( text, text_orig, text_len );
236	text[text_len] = 0;
237
238	if( xd->pass_st < XML_PASS_OK )
239	{
240	/* Let's not parse anything else if we only have to check
241	the password, or if we didn't get the chance to check it
242	yet. */
243	}
244	else if( g_strcasecmp( g_markup_parse_context_get_element( ctx ), "setting" ) == 0 && xd->current_setting )
245	{
246	set_setstr( xd->current_account ? &xd->current_account->set : &irc->set,
247	xd->current_setting, (char*) text );
248	g_free( xd->current_setting );
249	xd->current_setting = NULL;
250	}
251	}
252
253	GMarkupParser xml_parser =
254	{
255	xml_start_element,
256	xml_end_element,
257	xml_text,
258	NULL,
259	NULL
260	};
261
262	static void xml_init( void )
263	{
264	if( access( global.conf->configdir, F_OK ) != 0 )
265	log_message( LOGLVL_WARNING, "The configuration directory %s does not exist. Configuration won't be saved.", CONFIG );
266	else if( access( global.conf->configdir, R_OK ) != 0 \|\| access( global.conf->configdir, W_OK ) != 0 )
267	log_message( LOGLVL_WARNING, "Permission problem: Can't read/write from/to %s.", global.conf->configdir );
268	}
269
270	static storage_status_t xml_load_real( const char my_nick, const char password, irc_t *irc, xml_pass_st action )
271	{
272	GMarkupParseContext *ctx;
273	struct xml_parsedata *xd;
274	char *fn, buf[512];
275	GError *gerr = NULL;
276	int fd, st;
277
278	if( irc && irc->status & USTATUS_IDENTIFIED )
279	return( 1 );
280
281	xd = g_new0( struct xml_parsedata, 1 );
282	xd->irc = irc;
283	xd->given_nick = g_strdup( my_nick );
284	xd->given_pass = g_strdup( password );
285	xd->pass_st = action;
286	nick_lc( xd->given_nick );
287
288	fn = g_strdup_printf( "%s%s%s", global.conf->configdir, xd->given_nick, ".xml" );
289	if( ( fd = open( fn, O_RDONLY ) ) < 0 )
290	{
291	xml_destroy_xd( xd );
292	g_free( fn );
293	return STORAGE_NO_SUCH_USER;
294	}
295	g_free( fn );
296
297	ctx = g_markup_parse_context_new( &xml_parser, 0, xd, xml_destroy_xd );
298
299	while( ( st = read( fd, buf, sizeof( buf ) ) ) > 0 )
300	{
301	if( !g_markup_parse_context_parse( ctx, buf, st, &gerr ) \|\| gerr )
302	{
303	xml_pass_st pass_st = xd->pass_st;
304
305	g_markup_parse_context_free( ctx );
306	close( fd );
307
308	if( pass_st == XML_PASS_WRONG )
309	{
310	g_clear_error( &gerr );
311	return STORAGE_INVALID_PASSWORD;
312	}
313	else
314	{
315	if( gerr && irc )
316	irc_usermsg( irc, "Error from XML-parser: %s", gerr->message );
317
318	g_clear_error( &gerr );
319	return STORAGE_OTHER_ERROR;
320	}
321	}
322	}
323	/* Just to be sure... */
324	g_clear_error( &gerr );
325
326	g_markup_parse_context_free( ctx );
327	close( fd );
328
329	if( action == XML_PASS_CHECK_ONLY )
330	return STORAGE_OK;
331
332	irc->status \|= USTATUS_IDENTIFIED;
333
334	return STORAGE_OK;
335	}
336
337	static storage_status_t xml_load( const char my_nick, const char password, irc_t *irc )
338	{
339	return xml_load_real( my_nick, password, irc, XML_PASS_UNKNOWN );
340	}
341
342	static storage_status_t xml_check_pass( const char my_nick, const char password )
343	{
344	/* This is a little bit risky because we have to pass NULL for the
345	irc_t argument. This should be fine, if I didn't miss anything... */
346	return xml_load_real( my_nick, password, NULL, XML_PASS_CHECK_ONLY );
347	}
348
349	static int xml_printf( int fd, int indent, char *fmt, ... )
350	{
351	va_list params;
352	char *out;
353	char tabs[9] = "\t\t\t\t\t\t\t\t";
354	int len;
355
356	/* Maybe not very clean, but who needs more than 8 levels of indentation anyway? */
357	if( write( fd, tabs, indent <= 8 ? indent : 8 ) != indent )
358	return 0;
359
360	va_start( params, fmt );
361	out = g_markup_vprintf_escaped( fmt, params );
362	va_end( params );
363
364	len = strlen( out );
365	len -= write( fd, out, len );
366	g_free( out );
367
368	return len == 0;
369	}
370
371	static gboolean xml_save_nick( gpointer key, gpointer value, gpointer data );
372
373	static storage_status_t xml_save( irc_t *irc, int overwrite )
374	{
375	char path[512], path2, pass_buf = NULL;
376	set_t *set;
377	account_t *acc;
378	int fd;
379	md5_byte_t pass_md5[21];
380	md5_state_t md5_state;
381
382	if( irc->password == NULL )
383	{
384	irc_usermsg( irc, "Please register yourself if you want to save your settings." );
385	return STORAGE_OTHER_ERROR;
386	}
387
388	path2 = g_strdup( irc->nick );
389	nick_lc( path2 );
390	g_snprintf( path, sizeof( path ) - 2, "%s%s%s", global.conf->configdir, path2, ".xml" );
391	g_free( path2 );
392
393	if( !overwrite && access( path, F_OK ) != -1 )
394	return STORAGE_ALREADY_EXISTS;
395
396	strcat( path, "~" );
397	if( ( fd = open( path, O_WRONLY \| O_CREAT, 0600 ) ) < 0 )
398	{
399	irc_usermsg( irc, "Error while opening configuration file." );
400	return STORAGE_OTHER_ERROR;
401	}
402
403	/* Generate a salted md5sum of the password. Use 5 bytes for the salt
404	(to prevent dictionary lookups of passwords) to end up with a 21-
405	byte password hash, more convenient for base64 encoding. */
406	random_bytes( pass_md5 + 16, 5 );
407	md5_init( &md5_state );
408	md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) );
409	md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
410	md5_finish( &md5_state, pass_md5 );
411	/* Save the hash in base64-encoded form. */
412	pass_buf = base64_encode( (char*) pass_md5, 21 );
413
414	if( !xml_printf( fd, 0, "<user nick=\"%s\" password=\"%s\" version=\"%d\">\n", irc->nick, pass_buf, XML_FORMAT_VERSION ) )
415	goto write_error;
416
417	g_free( pass_buf );
418
419	for( set = irc->set; set; set = set->next )
420	if( set->value && set->def )
421	if( !xml_printf( fd, 1, "<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
422	goto write_error;
423
424	for( acc = irc->accounts; acc; acc = acc->next )
425	{
426	char pass_rc4, pass_b64;
427	int pass_len;
428
429	pass_len = rc4_encode( (unsigned char) acc->pass, strlen( acc->pass ), (unsigned char*) &pass_rc4, irc->password );
430	pass_b64 = base64_encode( pass_rc4, pass_len );
431	g_free( pass_rc4 );
432
433	if( !xml_printf( fd, 1, "<account protocol=\"%s\" handle=\"%s\" password=\"%s\" autoconnect=\"%d\"", acc->prpl->name, acc->user, pass_b64, acc->auto_connect ) )
434	{
435	g_free( pass_b64 );
436	goto write_error;
437	}
438	g_free( pass_b64 );
439
440	if( acc->server && acc->server[0] && !xml_printf( fd, 0, " server=\"%s\"", acc->server ) )
441	goto write_error;
442	if( !xml_printf( fd, 0, ">\n" ) )
443	goto write_error;
444
445	for( set = acc->set; set; set = set->next )
446	if( set->value && set->def && !( set->flags & ACC_SET_NOSAVE ) )
447	if( !xml_printf( fd, 2, "<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
448	goto write_error;
449
450	/* This probably looks pretty strange. g_hash_table_foreach
451	is quite a PITA already (but it can't get much better in
452	C without using #define, I'm afraid), and since it
453	doesn't seem to be possible to abort the foreach on write
454	errors, so instead let's use the _find function and
455	return TRUE on write errors. Which means, if we found
456	something, there was an error. :-) */
457	if( g_hash_table_find( acc->nicks, xml_save_nick, (gpointer) fd ) )
458	goto write_error;
459
460	if( !xml_printf( fd, 1, "</account>\n" ) )
461	goto write_error;
462	}
463
464	if( !xml_printf( fd, 0, "</user>\n" ) )
465	goto write_error;
466
467	close( fd );
468
469	path2 = g_strndup( path, strlen( path ) - 1 );
470	if( rename( path, path2 ) != 0 )
471	{
472	irc_usermsg( irc, "Error while renaming temporary configuration file." );
473
474	g_free( path2 );
475	unlink( path );
476
477	return STORAGE_OTHER_ERROR;
478	}
479
480	g_free( path2 );
481
482	return STORAGE_OK;
483
484	write_error:
485	g_free( pass_buf );
486
487	irc_usermsg( irc, "Write error. Disk full?" );
488	close( fd );
489
490	return STORAGE_OTHER_ERROR;
491	}
492
493	static gboolean xml_save_nick( gpointer key, gpointer value, gpointer data )
494	{
495	return !xml_printf( (int) data, 2, "<buddy handle=\"%s\" nick=\"%s\" />\n", key, value );
496	}
497
498	static storage_status_t xml_remove( const char nick, const char password )
499	{
500	char s[512];
501	storage_status_t status;
502
503	status = xml_check_pass( nick, password );
504	if( status != STORAGE_OK )
505	return status;
506
507	g_snprintf( s, 511, "%s%s%s", global.conf->configdir, nick, ".xml" );
508	if( unlink( s ) == -1 )
509	return STORAGE_OTHER_ERROR;
510
511	return STORAGE_OK;
512	}
513
514	storage_t storage_xml = {
515	.name = "xml",
516	.init = xml_init,
517	.check_pass = xml_check_pass,
518	.remove = xml_remove,
519	.load = xml_load,
520	.save = xml_save
521	};

Note: See TracBrowser for help on using the repository browser.

Download in other formats: