From 808806f654048ed8bf050f63cdacbc0670a27c50 Mon Sep 17 00:00:00 2001 From: paulr Date: Fri, 24 Dec 2010 03:22:09 +1100 Subject: [PATCH] it actually works, fuck me --- authserver/authd/authd.php | 407 ----------------------------------------- authserver/lib/authClient.php | 22 --- authserver/lib/lib.php | 4 - 3 files changed, 0 insertions(+), 433 deletions(-) diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php index 6156a5e..eb21dfe 100644 --- a/authserver/authd/authd.php +++ b/authserver/authd/authd.php @@ -31,14 +31,6 @@ if($pid == -1) { // a forked process thingy should be fully self contained and capable of dealing // with "problems", i.e. the parent doesnt want to have to clean up children - /* TCP TEST - global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT; - - - $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT'); - $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT'); - */ - // Here goes the tcp equivalent global $TCP_PORT_NUMBER; $res = socket_create(AF_INET, SOCK_STREAM, SOL_TCP); @@ -484,404 +476,5 @@ if($pid == -1) { // otherwise return to the accept loop } } - /* - - $myga = new gaasGA(); - global $myga; - - - while(true) { - msg_receive($sr_queue, 0, $msg_type, 16384, $msg); - echo "got message of type $msg_type\n"; - switch($msg_type) { - case MSG_GET_RADIUS_CLIENTS: - $sql = "select * from radclients"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $clients = ""; - $i=0; - foreach($res as $row) { - // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);'; - $clients[$i]["name"] = $row["rad_name"]; - $clients[$i]["ip"] = $row["rad_ip"]; - $clients[$i]["secret"] = $row["rad_secret"]; - $clients[$i]["desc"] = $row["rad_desc"]; - $i++; - } - msg_send($cl_queue, MSG_GET_RADIUS_CLIENTS, $clients); - break; - case MSG_REMOVE_RADIUS_CLIENT: - // it should send us a client by rad_name - doesnt work yet - $client = $msg["clientname"]; - $sql = "delete from radclients where rad_name='$client'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - updateRadius(); - msg_send($cl_queue, MSG_REMOVE_RADIUS_CLIENT, true); - break; - case MSG_ADD_RADIUS_CLIENT: - echo "in addradclient\n"; - $client = $msg["clientname"]; - $clientsecret = $msg["clientsecret"]; - $clientip = $msg["clientip"]; - $clientdesc = $msg["clientdescription"]; - $dbo = getDatabase(); - - // check for existing clients with same name - $sql = "select * from radclients where rad_name='$client'"; - echo "doing select, $sql\n"; - $res = $dbo->query($sql); - if($res->fetchColumn() > 0) { - msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "name"); - - } else { - // check for existing clients with same ip - $sql = "select * from radclients where rad_ip='$clientip'"; - $res = $dbo->query($sql); - echo "doing select, $sql\n"; - if($res->fetchColumn() > 0) { - msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "ip"); - - } else { - $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')"; - $res = $dbo->query($sql); - updateRadius(); - msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, true); - break; - } - } - break; - case MSG_DELETE_USER_TOKEN: - $username = $msg["username"]; - - $sql = "select users_otk from users where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $otkid = ""; - foreach($res as $row) { - $otkid = $row["users_otk"]; - } - if($otkid!="") { - global $BASE_DIR; - unlink("$BASE_DIR/authserver/authd/otks/$otkid.png"); - } - - $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - - msg_send($cl_queue, MSG_DELETE_USER_TOKEN, true); - break; - case MSG_AUTH_USER_TOKEN: - echo "Call to auth user token\n"; - // minimal checking, we leav it up to authenticateUser to do the real - // checking - if(!isset($msg["username"])) $msg["username"] = ""; - if(!isset($msg["passcode"])) $msg["passcode"] = ""; - $username = $msg["username"]; - $passcode = $msg["passcode"]; - global $myga; - $authval = $myga->authenticateUser($username, $passcode); - msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval); - break; - case MSG_GET_OTK_ID: - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_GET_OTK_ID, false); - } else { - $username = $msg["username"]; - $sql = "select users_otk from users where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $otkid = ""; - foreach($res as $row) { - $otkid = $row["users_otk"]; - } - - if($otkid == "") { - msg_send($cl_queue, MSG_GET_OTK_ID, false); - } else { - msg_send($cl_queue, MSG_GET_OTK_ID, $otkid); - } - } - break; - case MSG_GET_OTK_PNG: - if(!isset($msg["otk"])) { - msg_send($cl_queue, MSG_GET_OTK_PNG, false); - } else { - $otk = $msg["otk"]; - $sql = "select users_username from users where users_otk='$otk'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $username = ""; - foreach($res as $row) { - $username = $row["users_username"]; - } - - if($username == "") { - msg_send($cl_queue, MSG_GET_OTK_PNG, false); - } else if($username != $msg["username"]) { - msg_send($cl_queue, MSG_GET_OTK_PNG, false); - } else { - global $BASE_DIR; - $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb"); - $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png")); - fclose($hand); - unlink("$BASE_DIR/authserver/authd/otks/$otk.png"); - $sql = "update users set users_otk='' where users_username='$username'"; - $dbo->query($sql); - error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk "); - msg_send($cl_queue, MSG_GET_OTK_PNG, $data); - } - } - - break; - case MSG_SYNC_TOKEN: - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_SYNC_TOKEN, false); - } else { - $tokenone = $msg["tokenone"]; - $tokentwo = $msg["tokentwo"]; - - msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo)); - } - - break; - case MSG_GET_TOKEN_TYPE: - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false); - } else { - msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"])); - } - break; - case MSG_ADD_USER_TOKEN: - echo "Call to add user token\n"; - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_ADD_USER_TOKEN, false); - } else { - global $BASE_DIR; - $username = $msg["username"]; - $tokentype="TOTP"; - if(isset($msg["tokentype"])) { - $tokentype=$msg["tokentype"]; - } - $hexkey = ""; - if(isset($msg["hexkey"])) { - $hexkey = $msg["hexkey"]; - } - global $myga; - $myga->setUser($username, $tokentype, "", $hexkey); - - $url = $myga->createUrl($username); - echo "Url was: $url\n"; - if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks"); - $otk = generateRandomString(); - system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'"); - - $sql = "update users set users_otk='$otk' where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - - msg_send($cl_queue, MSG_ADD_USER_TOKEN, true); - } - break; - case MSG_DELETE_USER: - echo "Call to del user\n"; - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_DELETE_USER, false); - } else { - $username = $msg["username"]; - global $myga; - - $sql = "select users_otk from users where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $otkid = ""; - foreach($res as $row) { - $otkid = $row["users_otk"]; - } - if($otkid!="") { - unlink("otks/$otkid.png"); - } - - - $sql = "delete from users where users_username='$username'"; - $dbo = getDatabase(); - $dbo->query($sql); - - msg_send($cl_queue, MSG_DELETE_USER, true); - } - break; - case MSG_AUTH_USER_PASSWORD: - // TODO - echo "Call to auth user pass\n"; - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false); - break; - } - if(!isset($msg["password"])) { - msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false); - break; - } - - $username = $msg["username"]; - $password = $msg["password"]; - $sql = "select users_password from users where users_username='$username'"; - $dbo = getDatabase(); - $res = $dbo->query($sql); - $pass = ""; - foreach($res as $row) { - $pass = $row["users_password"]; - } - - // TODO now do auth - $ourpass = hash('sha512', $password); - echo "ourpass: $ourpass\nourhash: $pass\n"; - if($ourpass == $pass) { - msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, true); - - } else { - msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false); - - } - - break; - case MSG_SET_USER_PASSWORD: - echo "how on earth is that happening Call to set user pass, wtf?\n"; - // TODO - print_r($msg); - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); - echo "in break 1\n"; - break; - } - if(!isset($msg["password"])) { - msg_send($cl_queue, MSG_SET_USER_PASSWORD, false); - echo "in break 1\n"; - break; - } - - $username = $msg["username"]; - $password = $msg["password"]; - - echo "would set pass for $username, to $password\n"; - if($password == "") $pass = ""; - else $pass = hash('sha512', $password); - - $dbo = getDatabase(); - echo "in set user pass for $username, $pass\n"; - $sql = "update users set users_password='$pass' where users_username='$username'"; - - $dbo->query($sql); - - msg_send($cl_queue, MSG_SET_USER_REALNAME, true); - - - // these are irrelavent yet - // TODO now set pass - break; - case MSG_SET_USER_REALNAME: - echo "Call to set user realname\n"; - // TODO - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_SET_USER_REALNAME, false); - break; - } - if(!isset($msg["realname"])) { - msg_send($cl_queue, MSG_SET_USER_REALNAME, false); - break; - } - - $username = $msg["username"]; - $realname = $msg["realname"]; - $sql = "update users set users_realname='$realname' where users_username='$username'"; - $dbo = getDatabase(); - - $dbo->query($sql); - - msg_send($cl_queue, MSG_SET_USER_REALNAME, true); - - // TODO now set real name - break; - case MSG_SET_USER_TOKEN: - // TODO - echo "Call to set user token\n"; - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_SET_USER_TOKEN, false); - break; - } - if(!isset($msg["tokenstring"])) { - msg_send($cl_queue, MSG_SET_USER_TOKEN, false); - break; - } - - global $myga; - $username = $msg["username"]; - $token = $msg["tokenstring"]; - $return = $myga->setUserKey($username, $token); - msg_send($cl_queue, MSG_SET_USER_TOKEN, $return); - - // TODO now set token - break; - case MSG_SET_USER_TOKEN_TYPE: - // TODO - echo "Call to set user token type\n"; - if(!isset($msg["username"])) { - msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false); - break; - } - if(!isset($msg["tokentype"])) { - msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false); - break; - } - - $username = $msg["username"]; - $tokentype = $msg["tokentype"]; - global $myga; - msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, $myga->setTokenType($username, $tokentype)); - - // TODO now set token - break; - case MSG_GET_USERS: - // TODO this needs to be better - $sql = "select * from users order by users_username"; - - $dbo = getDatabase(); - $res = $dbo->query($sql); - - $users = ""; - $i = 0; - foreach($res as $row) { - $users[$i]["username"] = $row["users_username"]; - $users[$i]["realname"] = $row["users_realname"]; - if($row["users_password"]!="") { - $users[$i]["haspass"] = true; - } else { - $users[$i]["haspass"] = false; - } - echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n"; - if($row["users_tokendata"]!="") { - $users[$i]["hastoken"] = true; - } else { - $users[$i]["hastoken"] = false; - } - - if($row["users_otk"]!="") { - $users[$i]["otk"] = $row["users_otk"]; - } else { - $users[$i]["otk"] = ""; - } - $i++; - } - msg_send($cl_queue, MSG_GET_USERS, $users); - - // TODO now set token - break; - - } - - } - -} -*/ ?> diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php index 4f398ac..81143ae 100644 --- a/authserver/lib/authClient.php +++ b/authserver/lib/authClient.php @@ -71,28 +71,6 @@ class GAAuthClient { return $component["data"]; } - function sendReceiveIPC($message_type, $message) { - global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT; - - - if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) { - return false; - } - - if(!msg_queue_exists($MSG_QUEUE_KEY_ID_CLIENT)) { - return false; - } - // TODO we need to setup a client queue sem lock here - - $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT); - $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER); - - msg_send($sr_queue, $message_type, $message, true, true, $msg_err); - msg_receive($cl_queue, 0, $msg_type, 131072, $msg); - - return $msg; - } - function addRadiusClient($clientname, $clientip, $clientsecret, $clientdesc) { $message["clientname"] = $clientname; diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php index 3a55a6c..d0856b0 100644 --- a/authserver/lib/lib.php +++ b/authserver/lib/lib.php @@ -1,9 +1,5 @@