2010-08-10 18:12:50 +02:00
|
|
|
/*
|
|
|
|
* This file is a part of Winix
|
|
|
|
* and is not publicly distributed
|
|
|
|
*
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
* Copyright (c) 2008-2011, Tomasz Sowa
|
2010-08-10 18:12:50 +02:00
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "adduser.h"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace Fun
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
|
|
AddUser::AddUser()
|
|
|
|
{
|
2010-11-21 01:19:17 +01:00
|
|
|
fun.url = L"adduser";
|
2010-08-10 18:12:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2010-11-21 01:19:17 +01:00
|
|
|
bool AddUser::CheckAddUserVars(const std::wstring & login, const std::wstring & pass, const std::wstring & conf_pass)
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
2010-08-12 21:10:12 +02:00
|
|
|
if( login.empty() )
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
2011-01-23 15:15:30 +01:00
|
|
|
cur->request->status = WINIX_ERR_LOGIN_EMPTY;
|
2010-08-10 18:12:50 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2010-08-12 21:10:12 +02:00
|
|
|
if( pass != conf_pass )
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
2011-01-23 15:15:30 +01:00
|
|
|
cur->request->status = WINIX_ERR_PASSWORDS_DIFFERENT;
|
2010-08-10 18:12:50 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
if( pass.size() < config->pass_min_size )
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
2011-01-23 15:15:30 +01:00
|
|
|
cur->request->status = WINIX_ERR_PASSWORD_TOO_SHORT;
|
2010-08-10 18:12:50 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2010-08-12 21:10:12 +02:00
|
|
|
if( system->users.IsUser(login) )
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
2011-01-23 15:15:30 +01:00
|
|
|
cur->request->status = WINIX_ERR_USER_EXISTS;
|
2010-08-10 18:12:50 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void AddUser::MakePost()
|
|
|
|
{
|
|
|
|
User user;
|
|
|
|
|
2011-01-23 15:15:30 +01:00
|
|
|
const std::wstring & login = cur->request->PostVar(L"login");
|
|
|
|
const std::wstring & pass = cur->request->PostVar(L"password");
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
const std::wstring & conf_pass = cur->request->PostVar(L"passwordconfirm");
|
2010-08-10 18:12:50 +02:00
|
|
|
|
|
|
|
if( !CheckAddUserVars(login, pass, conf_pass) )
|
|
|
|
return;
|
|
|
|
|
2010-08-12 21:10:12 +02:00
|
|
|
user.name = login;
|
2011-01-23 15:15:30 +01:00
|
|
|
user.email = cur->request->PostVar(L"email");
|
2010-08-10 18:12:50 +02:00
|
|
|
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
up.pass = pass;
|
|
|
|
system->crypt.PassHashCrypt(up);
|
|
|
|
|
|
|
|
cur->request->status = db->AddUser(user, up.pass, up.pass_encrypted, up.pass_type, up.pass_hash_salted);
|
2010-08-10 18:12:50 +02:00
|
|
|
|
2011-01-23 15:15:30 +01:00
|
|
|
if( cur->request->status == WINIX_ERR_OK )
|
2010-08-10 18:12:50 +02:00
|
|
|
{
|
|
|
|
if( system->users.AddUser(user) )
|
|
|
|
{
|
2011-01-23 15:15:30 +01:00
|
|
|
if( !cur->session->puser )
|
2010-08-10 18:12:50 +02:00
|
|
|
system->users.LoginUser(user.id, false);
|
|
|
|
|
2010-08-12 21:10:12 +02:00
|
|
|
log << log2 << "Adduser: added a new user: " << user.name << logend;
|
2010-08-10 18:12:50 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2010-08-12 21:10:12 +02:00
|
|
|
log << log1 << "Adduser: I can't add to system->users: " << user.name
|
2010-08-10 18:12:50 +02:00
|
|
|
<< " but the user was added to the db correctly" << logend;
|
|
|
|
}
|
|
|
|
|
|
|
|
system->RedirectToLastItem();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)
pointing to /dev/null
added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result)
it reads binary (bytea) data
added: DbTextStream can handle 'bool' types now
(is puts 'true' of 'false' to the stream)
changed: now passwords can be stored either as plain text, a hash or can be encrypted
with RSA
currently we have following hashes:
md4, md5, sha1, sha224, sha256, sha384, sha512
we are using openssl to manage them
(look at config options for more info)
changed: winix version to 0.4.7
added: class Run - you can run any program from os and send a buffer to its standard input
and read what the program put on its standard output
added: class Crypt (in System) - calculating hashes, and crypting/decrypting
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-06-09 23:22:08 +02:00
|
|
|
void AddUser::MakeGet()
|
|
|
|
{
|
|
|
|
Run s;
|
|
|
|
std::string out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
s.Env("PATH=/home/tomek/mybin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin");
|
|
|
|
s.Env("PWD=/home/tomek");
|
|
|
|
s.Env("SHELL=/bin/tcsh");
|
|
|
|
s.Env("USER=tomek");
|
|
|
|
s.Env("GROUP=wheel");
|
|
|
|
s.Env("HOME=/home/tomek");
|
|
|
|
*/
|
|
|
|
|
|
|
|
s.Par("dgst");
|
|
|
|
s.Par("-sha512");
|
|
|
|
s.Cmd("/usr/bin/openssl");
|
|
|
|
|
|
|
|
if( s.Go("swinka", out) == 0 )
|
|
|
|
log << log1 << "odpowiedz: " << out << logend;
|
|
|
|
|
|
|
|
if( s.Go("cosik", out) == 0 )
|
|
|
|
log << log1 << "odpowiedz: " << out << logend;
|
|
|
|
|
|
|
|
if( s.Go("ktosik", out) == 0 )
|
|
|
|
log << log1 << "odpowiedz: " << out << logend;
|
|
|
|
|
|
|
|
if( s.Go("", out) == 0 )
|
|
|
|
log << log1 << "odpowiedz: " << out << logend;
|
|
|
|
}
|
2010-08-10 18:12:50 +02:00
|
|
|
|
|
|
|
|
|
|
|
} // namespace
|