geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Patches sent by India based on Security review.

Browse Source
This commit is contained in:
Jim Norman
2006-04-06 20:09:26 +00:00
parent 861619e231
commit b2b5903126
7 changed files with 816 additions and 686 deletions
Download Patch File Download Diff File Expand all files Collapse all files

272
c_micasad/communication/UnixCommunication.cs
View File

@@ -21,133 +21,145 @@
***********************************************************************/
using System;
using System.Net;
using System.Net.Sockets;
using Mono.Unix.Native;
using System.IO;
using System.Text;
using System.Threading;
using sscs.common;
using sscs.constants;
namespace sscs.communication
{
/* Platform specific class which implements
* the 'Communication' interface.
*/
class UnixCommunication : Communication
{
private Socket listeningSocket;
private Socket connectedSocket;
private string socketFileName = "/tmp/.novellCASA";
private Mono.Unix.UnixEndPoint sockEndPoint;
private ManualResetEvent eventVar = null;
//Methods
internal UnixCommunication()
{
CSSSLogger.ExecutionTrace(this);
Syscall.umask(0);
if(File.Exists(socketFileName))
File.Delete(socketFileName);
listeningSocket = new Socket( AddressFamily.Unix,
SocketType.Stream,
ProtocolType.IP );
sockEndPoint = new Mono.Unix.UnixEndPoint(socketFileName);
eventVar = new ManualResetEvent(true);
}
~UnixCommunication()
{
CSSSLogger.ExecutionTrace(this);
eventVar.Close();
CloseCommunicationEndPoint();
}
// This code executes in the listening thread.
public void StartCommunicationEndPoint()
{
CSSSLogger.ExecutionTrace(this);
try
{
listeningSocket.Bind(sockEndPoint);
listeningSocket.Listen(50);
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
while(true)
{
try
{
eventVar.Reset();
listeningSocket.BeginAccept(new AsyncCallback(ListenCb),
listeningSocket);
eventVar.WaitOne();
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
throw e;
}
}
}
public void CloseCommunicationEndPoint()
{
CSSSLogger.ExecutionTrace(this);
listeningSocket.Close();
if(File.Exists( socketFileName ))
File.Delete(socketFileName);
}
// On receipt of a new client, this method is called.
private void ListenCb (IAsyncResult state)
{
try
{
CSSSLogger.ExecutionTrace(this);
connectedSocket = ((Socket)state.AsyncState).EndAccept (state);
eventVar.Set();
ServiceClient();
}
catch(Exception e)
{
/* All resources would have been cleaned up before reaching
* here.
*/
CSSSLogger.ExpLog(e.ToString());
}
/* End of thread function */
}
private void ServiceClient()
{
CSSSLogger.ExecutionTrace(this);
IPCChannel ipcChannel = IPCChannel.Create(connectedSocket);
AppHandler appHandler = new AppHandler(ipcChannel);
try
{
int retVal = appHandler.ServiceApp();
if( retVal != RetCodes.SUCCESS )
CSSSLogger.DbgLog("Servicing client failed.");
}
catch( Exception e )
{
CSSSLogger.ExpLog(e.ToString());
}
finally
{
ipcChannel.Close();
}
}
}
}
using System;
using System.Net;
using System.Net.Sockets;
using Mono.Unix;
using Mono.Unix.Native;
using System.IO;
using System.Text;
using System.Threading;
using sscs.common;
using sscs.constants;
namespace sscs.communication
{
/* Platform specific class which implements
* the 'Communication' interface.
*/
class UnixCommunication : Communication
{
private Socket listeningSocket;
private Socket connectedSocket;
private string socketFileName = "/tmp/.novellCASA";
private Mono.Unix.UnixEndPoint sockEndPoint;
private ManualResetEvent eventVar = null;
//Methods
internal UnixCommunication()
{
CSSSLogger.ExecutionTrace(this);
Syscall.umask(0);
if(File.Exists(socketFileName))
{
File.Delete(socketFileName);
}
listeningSocket = new Socket( AddressFamily.Unix,
SocketType.Stream,
ProtocolType.IP );
sockEndPoint = new Mono.Unix.UnixEndPoint(socketFileName);
eventVar = new ManualResetEvent(true);
}
~UnixCommunication()
{
CSSSLogger.ExecutionTrace(this);
eventVar.Close();
CloseCommunicationEndPoint();
}
// This code executes in the listening thread.
public void StartCommunicationEndPoint()
{
CSSSLogger.ExecutionTrace(this);
try
{
UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName);
UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser;
// check if ROOT is the owner of the file: /tmp/.novellCASA
if (sockFileOwner.UserId != 0)
{
File.Delete(socketFileName);
}
listeningSocket.Bind(sockEndPoint);
listeningSocket.Listen(50);
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
while(true)
{
try
{
eventVar.Reset();
listeningSocket.BeginAccept(new AsyncCallback(ListenCb),
listeningSocket);
eventVar.WaitOne();
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
throw e;
}
}
}
public void CloseCommunicationEndPoint()
{
CSSSLogger.ExecutionTrace(this);
listeningSocket.Close();
if(File.Exists( socketFileName ))
File.Delete(socketFileName);
}
// On receipt of a new client, this method is called.
private void ListenCb (IAsyncResult state)
{
try
{
CSSSLogger.ExecutionTrace(this);
connectedSocket = ((Socket)state.AsyncState).EndAccept (state);
eventVar.Set();
ServiceClient();
}
catch(Exception e)
{
/* All resources would have been cleaned up before reaching
* here.
*/
CSSSLogger.ExpLog(e.ToString());
}
/* End of thread function */
}
private void ServiceClient()
{
CSSSLogger.ExecutionTrace(this);
IPCChannel ipcChannel = IPCChannel.Create(connectedSocket);
AppHandler appHandler = new AppHandler(ipcChannel);
try
{
int retVal = appHandler.ServiceApp();
if( retVal != RetCodes.SUCCESS )
CSSSLogger.DbgLog("Servicing client failed.");
}
catch( Exception e )
{
CSSSLogger.ExpLog(e.ToString());
}
finally
{
ipcChannel.Close();
}
}
}
}

407
c_micasad/init/Main.cs
View File

@@ -20,205 +20,208 @@
*
***********************************************************************/
using System;
using System.IO;
using System.Text;
using System.Threading;
using System.Diagnostics;
using sscs.communication;
using sscs.constants;
using sscs.common;
class SecretStoreClientService
{
private static Communication server = null;
private static Thread listeningThread = null;
public static void Main(string[] args)
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
try
{
/* If getting a lock fails, just exit.
*/
if(!AcquireLock())
{
Console.WriteLine("Another instance of micasad is already running");
Mono.Unix.Native.Syscall.exit(-1);
}
RegisterSignals();
CSSSLogger.DbgLog("Client Side SecretStore Service has started.");
server = CommunicationFactory.CreateCommunicationEndPoint();
listeningThread = new Thread(new ThreadStart(StartServer));
listeningThread.Start();
listeningThread.Join();
}
catch(Exception e)
{
Terminate();
}
}
/* The thread which listens and spawns threads on every accept
* starts its execution from this method.
*/
private static void StartServer()
{
try
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
server.StartCommunicationEndPoint();
}
catch(ThreadAbortException exp)
{
CSSSLogger.DbgLog("Listening thread of miCASAd is going down.");
CSSSLogger.ExpLog(exp.ToString());
}
catch(Exception exp)
{
CSSSLogger.ExpLog(exp.ToString());
}
CSSSLogger.DbgLog("Listening thread of miCASAd is going down.");
}
/* This ensures that there is only one instance of
* SSCS at any point.
*/
private static bool AcquireLock()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
int platform = (int)Environment.OSVersion.Platform;
if( (platform == 128) || (platform == 4) )
{
if(File.Exists(ConstStrings.SSCS_LINUX_PIDFILE))
{
if(CheckIfMiCASAdIsRunning())
{
CSSSLogger.DbgLog("Acquiring lock failed. Terminating miCASAd.");
return false;
}
else
{
File.Delete(ConstStrings.SSCS_LINUX_PIDFILE);
CreatePidFile();
return true;
}
}
else
{
CreatePidFile();
return true;
}
}
else
return false;
}
private static void RegisterSignals()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
if(( (int)Environment.OSVersion.Platform) == 128)
{
//SIGTERM
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGTERM, new Mono.Unix.Native.SignalHandler(Terminate));
//SIGINT
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGINT, new Mono.Unix.Native.SignalHandler(Terminate));
//SIGHUP
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGHUP, new Mono.Unix.Native.SignalHandler(Terminate));
}
}
private static void Terminate(int sigNum)
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
Terminate();
}
private static void Terminate()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
CSSSLogger.DbgLog("Client Side SecretStore Service is now exiting.");
if( listeningThread != null )
{
listeningThread.Abort("Aborting listening thread");
}
int platform = (int)Environment.OSVersion.Platform;
if( (platform == 128) || (platform == 4) )
{
if( File.Exists(ConstStrings.SSCS_LINUX_PIDFILE) )
{
File.Delete(ConstStrings.SSCS_LINUX_PIDFILE);
}
Mono.Unix.Native.Syscall.exit(0);
}
}
private static void CreatePidFile()
{
int pid = Mono.Unix.Native.Syscall.getpid();
string pidStr = String.Format("{0}",pid);
FileInfo fInfo = new FileInfo(ConstStrings.SSCS_LINUX_PIDFILE);
FileStream fs = fInfo.Open(System.IO.FileMode.OpenOrCreate, FileAccess.ReadWrite);
StreamWriter w = new StreamWriter(fs);
w.Write(pidStr);
w.Flush();
fs.Close();
}
private static bool CheckIfMiCASAdIsRunning()
{
try
{
StreamReader sr = new StreamReader(ConstStrings.SSCS_LINUX_PIDFILE);
string line = sr.ReadLine();
if( line == null )
{
sr.Close();
return false;
}
string procPath = "/proc/"+ line + "/cmdline";
/* If the file procPath itself does not exist,
* then another instance is surely not running.
*/
if( !File.Exists(procPath) )
{
return false;
}
/* There is a possibility that the pid stored in
* the pidfile has been reassigned to another process.
* So, if procPath exists, check if the process is
* micasad.exe.
*/
StreamReader procReader = new StreamReader(procPath);
string cmdline = procReader.ReadLine();
/*
string assemblyName = (System.Reflection.MethodBase.GetCurrentMethod().DeclaringType).Assembly.FullName + ".exe\0";
*/
string assemblyName = "micasad.exe\0";
if(cmdline.EndsWith(assemblyName))
{
return true;
}
else
{
return false;
}
}
catch(Exception e)
{
return false;
}
}
}
using System;
using System.IO;
using System.Text;
using System.Threading;
using System.Diagnostics;
using sscs.communication;
using sscs.constants;
using sscs.common;
class SecretStoreClientService
{
private static Communication server = null;
private static Thread listeningThread = null;
public static void Main(string[] args)
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
try
{
/* If getting a lock fails, just exit.
*/
if(!AcquireLock())
{
Console.WriteLine("Another instance of micasad is already running");
Mono.Unix.Native.Syscall.exit(-1);
}
RegisterSignals();
Mono.Unix.Native.Syscall.umask( Mono.Unix.Native.FilePermissions.S_IRGRP |
Mono.Unix.Native.FilePermissions.S_IWGRP |
Mono.Unix.Native.FilePermissions.S_IROTH |
Mono.Unix.Native.FilePermissions.S_IWOTH);
CSSSLogger.DbgLog("Client Side SecretStore Service has started.");
server = CommunicationFactory.CreateCommunicationEndPoint();
listeningThread = new Thread(new ThreadStart(StartServer));
listeningThread.Start();
listeningThread.Join();
}
catch(Exception e)
{
Terminate();
}
}
/* The thread which listens and spawns threads on every accept
* starts its execution from this method.
*/
private static void StartServer()
{
try
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
server.StartCommunicationEndPoint();
}
catch(ThreadAbortException exp)
{
CSSSLogger.DbgLog("Listening thread of miCASAd is going down.");
CSSSLogger.ExpLog(exp.ToString());
}
catch(Exception exp)
{
CSSSLogger.ExpLog(exp.ToString());
}
CSSSLogger.DbgLog("Listening thread of miCASAd is going down.");
}
/* This ensures that there is only one instance of
* SSCS at any point.
*/
private static bool AcquireLock()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
int platform = (int)Environment.OSVersion.Platform;
if( (platform == 128) || (platform == 4) )
{
if(File.Exists(ConstStrings.SSCS_LINUX_PIDFILE))
{
if(CheckIfMiCASAdIsRunning())
{
CSSSLogger.DbgLog("Acquiring lock failed. Terminating miCASAd.");
return false;
}
else
{
File.Delete(ConstStrings.SSCS_LINUX_PIDFILE);
CreatePidFile();
return true;
}
}
else
{
CreatePidFile();
return true;
}
}
else
return false;
}
private static void RegisterSignals()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
if(( (int)Environment.OSVersion.Platform) == 128)
{
//SIGTERM
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGTERM, new Mono.Unix.Native.SignalHandler(Terminate));
//SIGINT
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGINT, new Mono.Unix.Native.SignalHandler(Terminate));
//SIGHUP
Mono.Unix.Native.Stdlib.signal(Mono.Unix.Native.Signum.SIGHUP, new Mono.Unix.Native.SignalHandler(Terminate));
}
}
private static void Terminate(int sigNum)
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
Terminate();
}
private static void Terminate()
{
CSSSLogger.ExecutionTrace(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
CSSSLogger.DbgLog("Client Side SecretStore Service is now exiting.");
if( listeningThread != null )
{
listeningThread.Abort("Aborting listening thread");
}
int platform = (int)Environment.OSVersion.Platform;
if( (platform == 128) || (platform == 4) )
{
if( File.Exists(ConstStrings.SSCS_LINUX_PIDFILE) )
{
File.Delete(ConstStrings.SSCS_LINUX_PIDFILE);
}
Mono.Unix.Native.Syscall.exit(0);
}
}
private static void CreatePidFile()
{
int pid = Mono.Unix.Native.Syscall.getpid();
string pidStr = String.Format("{0}",pid);
FileInfo fInfo = new FileInfo(ConstStrings.SSCS_LINUX_PIDFILE);
FileStream fs = fInfo.Open(System.IO.FileMode.OpenOrCreate, FileAccess.ReadWrite);
StreamWriter w = new StreamWriter(fs);
w.Write(pidStr);
w.Flush();
fs.Close();
}
private static bool CheckIfMiCASAdIsRunning()
{
try
{
StreamReader sr = new StreamReader(ConstStrings.SSCS_LINUX_PIDFILE);
string line = sr.ReadLine();
if( line == null )
{
sr.Close();
return false;
}
string procPath = "/proc/"+ line + "/cmdline";
/* If the file procPath itself does not exist,
* then another instance is surely not running.
*/
if( !File.Exists(procPath) )
{
return false;
}
/* There is a possibility that the pid stored in
* the pidfile has been reassigned to another process.
* So, if procPath exists, check if the process is
* micasad.exe.
*/
StreamReader procReader = new StreamReader(procPath);
string cmdline = procReader.ReadLine();
/*
string assemblyName = (System.Reflection.MethodBase.GetCurrentMethod().DeclaringType).Assembly.FullName + ".exe\0";
*/
string assemblyName = "micasad.exe\0";
if(cmdline.EndsWith(assemblyName))
{
return true;
}
else
{
return false;
}
}
catch(Exception e)
{
return false;
}
}
}

22
c_micasad/lib/communication/UnixIPCClientChannel.cs
View File

@@ -48,9 +48,25 @@ namespace Novell.CASA.MiCasa.Communication
SocketType.Stream,
ProtocolType.IP );
if (mSocket == null) throw new Exception("could not get socket");
sockEndPoint = new UnixEndPoint(socketFileName);
mSocket.Connect(sockEndPoint);
if (mSocket == null)
{
throw new Exception("could not get socket");
}
sockEndPoint = new UnixEndPoint(socketFileName);
UnixFileSystemInfo sockFileInfo = new UnixFileInfo(socketFileName);
UnixUserInfo sockFileOwner = sockFileInfo.OwnerUser;
// root is the owner of the file "/tmp/.novellCASA"
if (sockFileOwner.UserId == 0)
{
mSocket.Connect(sockEndPoint);
}
else
{
throw new Exception("not a valid miCASA service");
}
}
public int Read(byte[] buf)

117
c_micasad/lss/CASACrypto.cs
View File

@@ -24,6 +24,9 @@ using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
#if LINUX
using Mono.Unix;
#endif
using sscs.common;
using sscs.constants;
@@ -69,9 +72,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -93,8 +94,8 @@ namespace sscs.crypto
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to store the generated key");
bRet = false;
}
if (csEncrypt != null)
}
if (csEncrypt != null)
csEncrypt.Close();
if( fsEncrypt != null )
fsEncrypt.Close();
@@ -107,9 +108,15 @@ namespace sscs.crypto
byte[] baSavedKey = null;
FileStream fsDecrypt = null;
CryptoStream csDecrypt = null;
try
{
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
@@ -138,7 +145,7 @@ namespace sscs.crypto
{
if(storedHash[i] != newHash[i])
{
CSSSLogger.DbgLog("Hash doesnot match");
CSSSLogger.DbgLog("Hash doesnot match");
csDecrypt.Close();
fsDecrypt.Close();
return null;
@@ -150,10 +157,10 @@ namespace sscs.crypto
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to get the stored key");
baSavedKey = null;
}
if (csDecrypt != null)
}
if (csDecrypt != null)
csDecrypt.Close();
if ( fsDecrypt != null )
@@ -180,9 +187,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -203,8 +208,8 @@ namespace sscs.crypto
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Encrypting and storing to file failed.");
}
if (csEncrypt != null)
}
if (csEncrypt != null)
csEncrypt.Close();
if( fsEncrypt != null )
fsEncrypt.Close();
@@ -224,8 +229,13 @@ namespace sscs.crypto
//Get a decryptor that uses the same key and IV as the encryptor.
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);
if(!File.Exists(fileName))
{
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
@@ -235,14 +245,15 @@ namespace sscs.crypto
fsDecrypt.Read(storedHash,0,storedHash.Length);
csDecrypt = new CryptoStream(fsDecrypt, decryptor, CryptoStreamMode.Read);
if(fsDecrypt.Length < HASH_SIZE )
{
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
byte[] fromEncrypt = new byte[fileLen];
if(fsDecrypt.Length < HASH_SIZE )
{
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
byte[] fromEncrypt = new byte[fileLen];
//Read the data out of the crypto stream.
int bytesRead = csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
@@ -257,13 +268,13 @@ namespace sscs.crypto
{
if(storedHash[i] != newHash[i])
{
CSSSLogger.DbgLog("Hash doesnot match");
CSSSLogger.DbgLog("Hash doesnot match");
csDecrypt.Close();
fsDecrypt.Close();
return null;
}
}
}
csDecrypt.Close();
fsDecrypt.Close();
return tmpEncrypt;
@@ -271,10 +282,10 @@ namespace sscs.crypto
catch(Exception e)
{
Console.WriteLine(e.ToString());
}
if (csDecrypt != null)
{
csDecrypt.Close();
}
if (csDecrypt != null)
{
csDecrypt.Close();
}
if( fsDecrypt != null )
{
@@ -393,9 +404,7 @@ namespace sscs.crypto
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName,FileMode.Create);
#if LINUX
Mono.Unix.Native.Syscall.chmod(fileName,Mono.Unix.Native.FilePermissions.S_IRUSR | Mono.Unix.Native.FilePermissions.S_IWUSR);
#endif
// make hidden
File.SetAttributes(fileName, FileAttributes.Hidden);
@@ -405,17 +414,17 @@ namespace sscs.crypto
//Write all data to the crypto stream and flush it.
csEncrypt.Write(baMasterPasscode, 0, baMasterPasscode.Length);
csEncrypt.FlushFinalBlock();
csEncrypt.FlushFinalBlock();
csEncrypt.Close();
fsEncrypt.Close();
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
if (csEncrypt != null)
{
csEncrypt.Close();
}
if (csEncrypt != null)
{
csEncrypt.Close();
}
if( fsEncrypt != null )
{
@@ -437,10 +446,20 @@ namespace sscs.crypto
/* Get a decryptor that uses the same key and
* IV as the encryptor.
*/
RijndaelManaged myRijndael = new RijndaelManaged();
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey,
baKey);
//Now decrypt
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
fsDecrypt = new FileStream(fileName, FileMode.Open);
csDecrypt = new CryptoStream(fsDecrypt, decryptor,
CryptoStreamMode.Read);
@@ -584,11 +603,11 @@ namespace sscs.crypto
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Validation of passcode failed.");
}
return false;
}
}
}
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Validation of passcode failed.");
}
return false;
}
}
}

134
c_micasad/lss/LocalStorage.cs
View File

@@ -27,6 +27,9 @@ using System.Collections;
using System.Threading;
using System.Security.Cryptography;
using System.Xml;
#if LINUX
using Mono.Unix.Native;
#endif
using sscs.cache;
using sscs.crypto;
using sscs.common;
@@ -60,7 +63,12 @@ namespace sscs.lss
private SecretStore userStore = null;
private int persistThreadSleepTime = 1000 * 60 * 5; //1000 * 30;
private Thread persistThread = null;
private Thread persistThread = null;
#if LINUX
Mono.Unix.UnixFileSystemInfo sockFileInfo;
Mono.Unix.UnixUserInfo sockFileOwner;
#endif
private static string LINUXID = "Unix";
@@ -120,23 +128,59 @@ namespace sscs.lss
}
return true;
}
public bool IsOwnedByRoot(string fileName)
{
#if LINUX
sockFileInfo = new Mono.Unix.UnixFileInfo(fileName);
sockFileOwner = sockFileInfo.OwnerUser;
if(0==sockFileOwner.UserId)
return true;
else
return false;
#else
return true;
#endif
}
private string GetDecryptedXml()
{
try
{
string fileName = userStore.GetPersistenceFilePath();
if(!File.Exists(fileName))
{
// check for tmp file
if (File.Exists(fileName+".tmp"))
File.Move(fileName+".tmp", fileName);
else
return null;
string fileName = userStore.GetPersistenceFilePath();
string tempFile = fileName;
int count = 0;
if(!File.Exists(fileName))
{
while(true)
{
// check for tmp file
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Move(tempFile+".tmp", fileName);
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
return null;
}
// delete tmp file if there
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
// delete tmp file if there
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
byte[] baPasscode = null;
if (null != m_baGeneratedKey)
@@ -235,7 +279,7 @@ namespace sscs.lss
{
attrColl = keyNode.Attributes;
string key;
try
try
{
key = (attrColl[XmlConsts.idAttr]).Value;
}
@@ -427,28 +471,46 @@ namespace sscs.lss
byte[] key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath());
string fileName = userStore.GetPersistenceFilePath();
// rename existing file
if(File.Exists(fileName))
{
if (File.Exists(fileName+".tmp"))
File.Delete(fileName+".tmp");
File.Move(fileName, fileName+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(fileName+".tmp"))
{
File.Delete(fileName+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
string tempFile = fileName;
int count=0;
// rename existing file
if(File.Exists(fileName))
{
while(true)
{
if (File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
{
File.Delete(tempFile+".tmp");
break;
}
else
{
count++;
tempFile = fileName + count.ToString();
}
}
else
break;
}
File.Move(fileName, tempFile+".tmp");
}
CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName);
//remove temp
if(File.Exists(tempFile+".tmp"))
{
if(IsOwnedByRoot(tempFile+".tmp"))
File.Delete(tempFile+".tmp");
}
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
}
}
}
}