geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Security Audit - Marshal export file to CASAManager for saving.

Browse Source
This commit is contained in:
Jim Norman 2006-12-20 10:22:27 +00:00
parent 98c12387a6
commit 43009ada4f
4 changed files with 198 additions and 207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CASA/gui/ExportSecrets.cs
View File

@ -108,7 +108,6 @@ namespace Novell.CASA.GUI
#endif #endif
//Store off this location for next export //Store off this location for next export
int iLastSlash = sFileName.LastIndexOf("/"); int iLastSlash = sFileName.LastIndexOf("/");
if (Common.IS_WINDOWS) if (Common.IS_WINDOWS)
iLastSlash = sFileName.LastIndexOf("\\"); iLastSlash = sFileName.LastIndexOf("\\");
@ -125,25 +124,28 @@ namespace Novell.CASA.GUI
m_config.WriteConfig(); m_config.WriteConfig();
// call our daemon to get the users secrets // call our daemon to get the users secrets
ExportXMLSecrets exportSecrets = new ExportXMLSecrets(sMasterPWD, sEncryptString, sFileName); ExportXMLSecrets exportSecrets = new ExportXMLSecrets(sMasterPWD, sEncryptString, null);
byte[] baSecrets = (byte[])Novell.CASA.MiCasa.Communication.MiCasaRequestReply.Send(MiCasaRequestReply.VERB_EXPORT_SECRETS, null, null, null, exportSecrets);
object obj = Novell.CASA.MiCasa.Communication.MiCasaRequestReply.Send(MiCasaRequestReply.VERB_EXPORT_SECRETS, null, null, null, exportSecrets);
/*
byte[] theSecrets = (byte[])Novell.CASA.MiCasa.Communication.MiCasaRequestReply.Send(MiCasaRequestReply.VERB_EXPORT_SECRETS, null, null, null, exportSecrets);
// write em out.
FileStream fs = new FileStream(sFileName, FileMode.Create);
fs.Write(theSecrets, 0, theSecrets.Length);
fs.Flush();
fs.Close();
*/
CommonGUI.DisplayMessage(MessageType.Info, "Secrets saved to: \r\n" + sFileName);
if (baSecrets != null)
{
try
{
FileStream fs = new FileStream(sFileName, FileMode.Create);
fs.Write(baSecrets, 0, baSecrets.Length);
fs.Flush();
fs.Close();
CommonGUI.DisplayMessage(MessageType.Info, "Secrets saved to: \r\n" + sFileName);
}
catch
{
CommonGUI.DisplayMessage(MessageType.Error, "Failed to save secrets");
}
}
else
{
CommonGUI.DisplayMessage(MessageType.Error, "No Secrets found");
}
} }
} }
else else

8
CASA/micasad/cache/SecretStore.cs vendored
View File

@ -1030,7 +1030,7 @@ namespace sscs.cache
return persistDir + ConstStrings.MICASA_SERVER_VALIDATION_FILE; return persistDir + ConstStrings.MICASA_SERVER_VALIDATION_FILE;
} }
internal string GetSecretsForExport(string sEncryptionString) internal byte[] GetSecretsForExport(string sEncryptionString)
{ {
byte[] baIV = null; byte[] baIV = null;
byte[] baSecrets = GetSecrets(sEncryptionString, ref baIV); byte[] baSecrets = GetSecrets(sEncryptionString, ref baIV);
@ -1040,13 +1040,11 @@ namespace sscs.cache
byte[] baCombined = new byte[baIV.Length + baSecrets.Length]; byte[] baCombined = new byte[baIV.Length + baSecrets.Length];
baIV.CopyTo(baCombined, 0); baIV.CopyTo(baCombined, 0);
baSecrets.CopyTo(baCombined, baIV.Length); baSecrets.CopyTo(baCombined, baIV.Length);
return baCombined;
string sB64 = Convert.ToBase64String(baCombined);
return sB64;
} }
else else
{ {
return Convert.ToBase64String(baSecrets); return baSecrets;
} }
} }

106
CASA/micasad/lib/communication/UnixIPCClientChannel.cs
View File

@ -45,28 +45,28 @@ namespace Novell.CASA.MiCasa.Communication
public void Open() public void Open()
{ {
mSocket = new Socket( AddressFamily.Unix, mSocket = new Socket(AddressFamily.Unix,
SocketType.Stream, SocketType.Stream,
ProtocolType.IP ); ProtocolType.IP);
if (mSocket == null) if (mSocket == null)
{ {
throw new Exception("could not get socket"); throw new Exception("could not get socket");
} }
sockEndPoint = new UnixEndPoint(socketFileName); sockEndPoint = new UnixEndPoint(socketFileName);
UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName); UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName);
UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser; UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser;
// root is the owner of the file "/tmp/.novellCASA" // root is the owner of the file "/tmp/.novellCASA"
if (sockFileOwner.UserId == 0) if (sockFileOwner.UserId == 0)
{ {
mSocket.Connect(sockEndPoint); mSocket.Connect(sockEndPoint);
} }
else else
{ {
throw new Exception("not a valid miCASA service"); throw new Exception("not a valid miCASA service");
} }
} }
@ -96,55 +96,59 @@ namespace Novell.CASA.MiCasa.Communication
byte[] msgIdBytes = new byte[2]; byte[] msgIdBytes = new byte[2];
bytesRecvd = mSocket.Receive(msgIdBytes); bytesRecvd = mSocket.Receive(msgIdBytes);
if( 0 == bytesRecvd ) if (0 == bytesRecvd)
{ {
return null; return null;
} }
byte[] msgLenBytes = new byte[4]; byte[] msgLenBytes = new byte[4];
bytesRecvd = mSocket.Receive(msgLenBytes); bytesRecvd = mSocket.Receive(msgLenBytes);
if( 0 == bytesRecvd ) if (0 == bytesRecvd)
{ {
return null; return null;
} }
uint msgLen = BitConverter.ToUInt32(msgLenBytes,0); uint msgLen = BitConverter.ToUInt32(msgLenBytes, 0);
if( msgLen > 6 ) if (msgLen > 6)
{ {
System.Text.Encoding encoding = System.Text.Encoding.ASCII;
byte[] buf = null; byte[] buf = null;
int bytesAvailable; int bytesAvailable;
int totalBytes = 0; int totalBytes = 0;
int msgLencount = 0; int msgLencount = 0;
string bufstring = null; string bufstring = null;
byte[] temp = null;
while(totalBytes<(msgLen-6))
{
bytesAvailable = mSocket.Available;
if( 0 == bytesAvailable)
{
break;
}
buf = new byte[bytesAvailable];
bytesRecvd = mSocket.Receive (buf);
bufstring = bufstring + encoding.GetString(buf); //keep buffering in a string
totalBytes = totalBytes + bytesAvailable;
}
if(totalBytes==0)
return null;
byte[] finalbuf = encoding.GetBytes(bufstring);//finally, convert the string to a byte array of size 'totalBytes' // buffer for data
int returnBufferLen = msgIdBytes.Length+msgLenBytes.Length+totalBytes; MemoryStream ms = new MemoryStream();
returnBuffer = new byte[returnBufferLen];
Array.Copy(msgIdBytes,returnBuffer,2); while (totalBytes < (msgLen - 6))
Array.Copy(msgLenBytes,0,returnBuffer,2,4); {
Array.Copy(finalbuf,0,returnBuffer,6,finalbuf.Length); bytesAvailable = mSocket.Available;
return returnBuffer; if (0 == bytesAvailable)
{
break;
}
buf = new byte[bytesAvailable];
bytesRecvd = mSocket.Receive(buf);
ms.Write(buf, 0, bytesRecvd);
totalBytes = totalBytes + bytesAvailable;
}
if (totalBytes == 0)
return null;
byte[] finalbuf = ms.ToArray();
int returnBufferLen = msgIdBytes.Length + msgLenBytes.Length + totalBytes;
returnBuffer = new byte[returnBufferLen];
Array.Copy(msgIdBytes, returnBuffer, 2);
Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
Array.Copy(finalbuf, 0, returnBuffer, 6, finalbuf.Length);
return returnBuffer;
} }
else else
{ {
returnBuffer = new byte[6]; returnBuffer = new byte[6];
Array.Copy(msgIdBytes,returnBuffer,2); Array.Copy(msgIdBytes, returnBuffer, 2);
Array.Copy(msgLenBytes,0,returnBuffer,2,4); Array.Copy(msgLenBytes, 0, returnBuffer, 2, 4);
return returnBuffer; return returnBuffer;
} }
} }
@ -160,7 +164,7 @@ namespace Novell.CASA.MiCasa.Communication
try try
{ {
mSocket.Send(buf); mSocket.Send(buf);
//Console.WriteLine("Bytes written = " + buf.Length); //Console.WriteLine("Bytes written = " + buf.Length);
return buf.Length; return buf.Length;
} }
catch (Exception e) catch (Exception e)

31
CASA/micasad/verbs/ObjectSerialization.cs
View File

@ -411,31 +411,18 @@ namespace sscs.verbs
string sEncrpyptionPassphrase = secrets.GetPassphrase(); string sEncrpyptionPassphrase = secrets.GetPassphrase();
// get all secrets // get all secrets
//byte[] baSecrets = ssStore.GetSecrets(sEncrpyptionPassphrase, ref baIV); byte[] baSecrets = ssStore.GetSecretsForExport(sEncrpyptionPassphrase);
string baSecrets = ssStore.GetSecretsForExport(sEncrpyptionPassphrase);
string sFilePath = secrets.GetFilePath(); if (baSecrets != null)
if (sFilePath != null) {
{
// write em out
FileStream fs = new FileStream(sFilePath, FileMode.Create);
// write the secrets now
//fs.Write(baSecrets, 0, baSecrets.Length);
fs.Flush();
fs.Close();
#if LINUX
// change file ownership to the user
Mono.Unix.Native.Syscall.chown(sFilePath, (uint)userId.GetUID(), (uint)userId.GetUID());
#endif
}
else
{
wo.SetObject(baSecrets); wo.SetObject(baSecrets);
} wo.SetError(constants.RetCodes.SUCCESS, "");
}
else
{
wo.SetError(constants.RetCodes.FAILURE, "No Secrets for Export");
}
wo.SetError(constants.RetCodes.SUCCESS, "");
return wo; return wo;
} }