geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Patches sent by India based on Security review.

Browse Source
This commit is contained in:
Jim Norman
2006-04-06 20:09:26 +00:00
parent 861619e231
commit b2b5903126
7 changed files with 816 additions and 686 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
c_micasad/lss/LocalStorage.cs
View File

@@ -27,6 +27,9 @@ using System.Collections;
using System.Threading;
using System.Security.Cryptography;
using System.Xml;
#if LINUX
using Mono.Unix.Native;
#endif
using sscs.cache;
using sscs.crypto;
using sscs.common;
@@ -60,7 +63,12 @@ namespace sscs.lss
private SecretStore userStore = null;
private int persistThreadSleepTime = 1000 * 60 * 5; //1000 * 30;
private Thread persistThread = null;
private Thread persistThread = null;
#if LINUX
Mono.Unix.UnixFileSystemInfo sockFileInfo;
Mono.Unix.UnixUserInfo sockFileOwner;
#endif
private static string LINUXID = "Unix";
@@ -120,23 +128,59 @@ namespace sscs.lss
}
return true;
}
public bool IsOwnedByRoot(string fileName)
{
#if LINUX
sockFileInfo = new Mono.Unix.UnixFileInfo(fileName);
sockFileOwner = sockFileInfo.OwnerUser;
if(0==sockFileOwner.UserId)
return true;
else
return false;
#else
return true;
#endif
}
private string GetDecryptedXml()
{
try
{
string fileName = userStore.GetPersistenceFilePath();
if(!File.Exists(fileName))
{
// check for tmp file
if (File.Exists(fileName+".tmp"))
File.Move(fileName+".tmp", fileName);
else
return null;
string fileName = userStore.GetPersistenceFilePath();
string tempFile = fileName;
int count = 0;
if(!File.Exists(fileName))
{
while(true)
{
// check for tmp file
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Move(tempFile+".tmp", fileName);
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
return null;
}
// delete tmp file if there
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
// delete tmp file if there
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
byte[] baPasscode = null;
if (null != m_baGeneratedKey)
@@ -235,7 +279,7 @@ namespace sscs.lss
{
attrColl = keyNode.Attributes;
string key;
try
try
{
key = (attrColl[XmlConsts.idAttr]).Value;
}
@@ -427,28 +471,46 @@ namespace sscs.lss
byte[] key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath());
string fileName = userStore.GetPersistenceFilePath();
// rename existing file
if(File.Exists(fileName))
{
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
File.Move(fileName, fileName+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(fileName+".tmp"))
{
File.Delete(fileName+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
string tempFile = fileName;
int count=0;
// rename existing file
if(File.Exists(fileName))
{
while(true)
{
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Delete(tempFile+".tmp");
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
break;
}
File.Move(fileName, tempFile+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
}
}
}