changed: when winix demonizes it creates a three new descriptors (0, 1 and 3)

pointing to /dev/null added: DbBase::AssertValueBin(PGresult * r, int row, int col, std::string & result) it reads binary (bytea) data added: DbTextStream can handle 'bool' types now (is puts 'true' of 'false' to the stream) changed: now passwords can be stored either as plain text, a hash or can be encrypted with RSA currently we have following hashes: md4, md5, sha1, sha224, sha256, sha384, sha512 we are using openssl to manage them (look at config options for more info) changed: winix version to 0.4.7 added: class Run - you can run any program from os and send a buffer to its standard input and read what the program put on its standard output added: class Crypt (in System) - calculating hashes, and crypting/decrypting git-svn-id: svn://ttmath.org/publicrep/winix/trunk@734 e52654a7-88a9-db11-a3e9-0013d4bc506e
12 years ago · 18ecd46a01
parent af8fbdae72
commit 18ecd46a01
33 changed files with 2022 additions and 583 deletions
--- a/core/Makefile.dep
+++ b/core/Makefile.dep
@ -17,7 +17,7 @@ app.o: ../templates/htmltextstream.h ../notify/notifythread.h
 app.o: ../core/basethread.h synchro.h ../notify/templatesnotify.h
 app.o: ../core/config.h ../core/users.h user.h ugcontainer.h lastcontainer.h
 app.o: cur.h session.h plugindata.h rebus.h mounts.h mount.h mountparser.h
-app.o: users.h groups.h group.h loadavg.h thumb.h basethread.h
+app.o: crypt.h run.h users.h groups.h group.h loadavg.h thumb.h basethread.h
 app.o: sessionmanager.h sessioncontainer.h ../functions/functions.h
 app.o: ../functions/functionbase.h ../core/request.h ../core/system.h
 app.o: ../core/synchro.h ../functions/functionparser.h ../core/cur.h
@ -28,16 +28,16 @@ app.o: ../functions/download.h ../functions/emacs.h ../functions/last.h
 app.o: ../functions/login.h ../functions/logout.h ../functions/ln.h
 app.o: ../functions/ls.h ../functions/mkdir.h ../functions/mv.h
 app.o: ../functions/node.h ../functions/priv.h ../functions/reload.h
-app.o: ../functions/rm.h ../functions/run.h ../functions/specialdefault.h
-app.o: ../functions/stat.h ../functions/subject.h ../functions/template.h
-app.o: ../functions/tinymce.h ../functions/uname.h ../functions/upload.h
-app.o: ../functions/uptime.h ../functions/who.h ../functions/vim.h
-app.o: ../core/htmlfilter.h ../templates/templates.h
-app.o: ../templates/patterncacher.h ../templates/ckeditorgetparser.h
-app.o: ../core/httpsimpleparser.h ../core/log.h ../templates/indexpatterns.h
-app.o: ../core/sessionmanager.h compress.h getparser.h httpsimpleparser.h
-app.o: postparser.h cookieparser.h postmultiparser.h acceptencodingparser.h
-app.o: acceptbaseparser.h plugin.h pluginmsg.h
+app.o: ../functions/rm.h ../functions/specialdefault.h ../functions/stat.h
+app.o: ../functions/subject.h ../functions/template.h ../functions/tinymce.h
+app.o: ../functions/uname.h ../functions/upload.h ../functions/uptime.h
+app.o: ../functions/who.h ../functions/vim.h ../core/htmlfilter.h
+app.o: ../templates/templates.h ../templates/patterncacher.h
+app.o: ../templates/ckeditorgetparser.h ../core/httpsimpleparser.h
+app.o: ../core/log.h ../templates/indexpatterns.h ../core/sessionmanager.h
+app.o: compress.h getparser.h httpsimpleparser.h postparser.h cookieparser.h
+app.o: postmultiparser.h acceptencodingparser.h acceptbaseparser.h plugin.h
+app.o: pluginmsg.h
 basethread.o: basethread.h log.h textstream.h
 bbcodeparser.o: bbcodeparser.h htmlfilter.h
 compress.o: compress.h log.h textstream.h
@ -57,8 +57,8 @@ config.o: ../../ezc/src/stringconv.h ../templates/htmltextstream.h
 config.o: ../notify/notifythread.h ../core/basethread.h synchro.h
 config.o: ../notify/templatesnotify.h ../core/config.h ../core/users.h user.h
 config.o: ugcontainer.h lastcontainer.h cur.h session.h rebus.h mounts.h
-config.o: mount.h mountparser.h users.h groups.h group.h loadavg.h thumb.h
-config.o: basethread.h sessionmanager.h sessioncontainer.h
+config.o: mount.h mountparser.h crypt.h run.h users.h groups.h group.h
+config.o: loadavg.h thumb.h basethread.h sessionmanager.h sessioncontainer.h
 config.o: ../functions/functions.h ../functions/functionbase.h
 config.o: ../core/request.h ../core/system.h ../core/synchro.h
 config.o: ../functions/functionparser.h ../core/cur.h ../functions/adduser.h
@ -68,7 +68,7 @@ config.o: ../functions/default.h ../functions/download.h ../functions/emacs.h
 config.o: ../functions/last.h ../functions/login.h ../functions/logout.h
 config.o: ../functions/ln.h ../functions/ls.h ../functions/mkdir.h
 config.o: ../functions/mv.h ../functions/node.h ../functions/priv.h
-config.o: ../functions/reload.h ../functions/rm.h ../functions/run.h
+config.o: ../functions/reload.h ../functions/rm.h
 config.o: ../functions/specialdefault.h ../functions/stat.h
 config.o: ../functions/subject.h ../functions/template.h
 config.o: ../functions/tinymce.h ../functions/uname.h ../functions/upload.h
@ -78,6 +78,8 @@ config.o: ../templates/patterncacher.h ../templates/ckeditorgetparser.h
 config.o: ../core/httpsimpleparser.h ../core/log.h
 config.o: ../templates/indexpatterns.h ../core/sessionmanager.h
 confparser.o: confparser.h misc.h item.h ../../ezc/src/utf8.h
+crypt.o: crypt.h run.h config.h confparser.h htmlfilter.h user.h
+crypt.o: ../../ezc/src/utf8.h misc.h item.h log.h textstream.h
 dircontainer.o: dircontainer.h item.h log.h textstream.h
 dirs.o: dirs.h item.h dircontainer.h ../db/db.h ../db/dbbase.h ../db/dbconn.h
 dirs.o: ../db/dbtextstream.h ../core/textstream.h misc.h ../core/error.h
@ -156,19 +158,19 @@ mounts.o: ../templates/htmltextstream.h ../notify/notifythread.h
 mounts.o: ../core/basethread.h synchro.h ../notify/templatesnotify.h
 mounts.o: ../core/config.h ../core/users.h user.h ugcontainer.h
 mounts.o: lastcontainer.h cur.h session.h plugindata.h rebus.h mountparser.h
-mounts.o: plugin.h pluginmsg.h system.h users.h groups.h group.h loadavg.h
-mounts.o: thumb.h basethread.h sessionmanager.h sessioncontainer.h
-mounts.o: ../functions/functions.h ../functions/functionbase.h
-mounts.o: ../core/request.h ../core/system.h ../core/synchro.h
-mounts.o: ../functions/functionparser.h ../core/cur.h ../functions/adduser.h
-mounts.o: ../functions/cat.h ../functions/chmod.h ../functions/privchanger.h
-mounts.o: ../functions/chown.h ../functions/ckeditor.h ../functions/cp.h
-mounts.o: ../functions/default.h ../functions/download.h ../functions/emacs.h
-mounts.o: ../functions/last.h ../functions/login.h ../functions/logout.h
-mounts.o: ../functions/ln.h ../functions/ls.h ../functions/mkdir.h
-mounts.o: ../functions/mv.h ../functions/node.h ../functions/priv.h
-mounts.o: ../functions/reload.h ../functions/rm.h ../functions/run.h
-mounts.o: ../functions/specialdefault.h ../functions/stat.h
+mounts.o: plugin.h pluginmsg.h system.h crypt.h run.h users.h groups.h
+mounts.o: group.h loadavg.h thumb.h basethread.h sessionmanager.h
+mounts.o: sessioncontainer.h ../functions/functions.h
+mounts.o: ../functions/functionbase.h ../core/request.h ../core/system.h
+mounts.o: ../core/synchro.h ../functions/functionparser.h ../core/cur.h
+mounts.o: ../functions/adduser.h ../functions/cat.h ../functions/chmod.h
+mounts.o: ../functions/privchanger.h ../functions/chown.h
+mounts.o: ../functions/ckeditor.h ../functions/cp.h ../functions/default.h
+mounts.o: ../functions/download.h ../functions/emacs.h ../functions/last.h
+mounts.o: ../functions/login.h ../functions/logout.h ../functions/ln.h
+mounts.o: ../functions/ls.h ../functions/mkdir.h ../functions/mv.h
+mounts.o: ../functions/node.h ../functions/priv.h ../functions/reload.h
+mounts.o: ../functions/rm.h ../functions/specialdefault.h ../functions/stat.h
 mounts.o: ../functions/subject.h ../functions/template.h
 mounts.o: ../functions/tinymce.h ../functions/uname.h ../functions/upload.h
 mounts.o: ../functions/uptime.h ../functions/who.h ../functions/vim.h
@ -192,8 +194,8 @@ plugin.o: ../../ezc/src/stringconv.h ../templates/htmltextstream.h
 plugin.o: ../notify/notifythread.h ../core/basethread.h synchro.h
 plugin.o: ../notify/templatesnotify.h ../core/config.h ../core/users.h user.h
 plugin.o: ugcontainer.h lastcontainer.h cur.h session.h rebus.h mounts.h
-plugin.o: mount.h mountparser.h users.h groups.h group.h loadavg.h thumb.h
-plugin.o: basethread.h sessionmanager.h sessioncontainer.h
+plugin.o: mount.h mountparser.h crypt.h run.h users.h groups.h group.h
+plugin.o: loadavg.h thumb.h basethread.h sessionmanager.h sessioncontainer.h
 plugin.o: ../functions/functions.h ../functions/functionbase.h
 plugin.o: ../core/request.h ../core/system.h ../core/synchro.h
 plugin.o: ../functions/functionparser.h ../core/cur.h ../functions/adduser.h
@ -203,7 +205,7 @@ plugin.o: ../functions/default.h ../functions/download.h ../functions/emacs.h
 plugin.o: ../functions/last.h ../functions/login.h ../functions/logout.h
 plugin.o: ../functions/ln.h ../functions/ls.h ../functions/mkdir.h
 plugin.o: ../functions/mv.h ../functions/node.h ../functions/priv.h
-plugin.o: ../functions/reload.h ../functions/rm.h ../functions/run.h
+plugin.o: ../functions/reload.h ../functions/rm.h
 plugin.o: ../functions/specialdefault.h ../functions/stat.h
 plugin.o: ../functions/subject.h ../functions/template.h
 plugin.o: ../functions/tinymce.h ../functions/uname.h ../functions/upload.h
@ -229,8 +231,8 @@ plugindata.o: ../../ezc/src/stringconv.h ../templates/htmltextstream.h
 plugindata.o: ../notify/notifythread.h ../core/basethread.h synchro.h
 plugindata.o: ../notify/templatesnotify.h ../core/config.h ../core/users.h
 plugindata.o: user.h ugcontainer.h lastcontainer.h cur.h session.h rebus.h
-plugindata.o: mounts.h mount.h mountparser.h users.h groups.h group.h
-plugindata.o: loadavg.h thumb.h basethread.h sessionmanager.h
+plugindata.o: mounts.h mount.h mountparser.h crypt.h run.h users.h groups.h
+plugindata.o: group.h loadavg.h thumb.h basethread.h sessionmanager.h
 plugindata.o: sessioncontainer.h ../functions/functions.h
 plugindata.o: ../functions/functionbase.h ../core/request.h ../core/system.h
 plugindata.o: ../core/synchro.h ../functions/functionparser.h ../core/cur.h
@ -242,15 +244,15 @@ plugindata.o: ../functions/emacs.h ../functions/last.h ../functions/login.h
 plugindata.o: ../functions/logout.h ../functions/ln.h ../functions/ls.h
 plugindata.o: ../functions/mkdir.h ../functions/mv.h ../functions/node.h
 plugindata.o: ../functions/priv.h ../functions/reload.h ../functions/rm.h
-plugindata.o: ../functions/run.h ../functions/specialdefault.h
-plugindata.o: ../functions/stat.h ../functions/subject.h
-plugindata.o: ../functions/template.h ../functions/tinymce.h
-plugindata.o: ../functions/uname.h ../functions/upload.h
-plugindata.o: ../functions/uptime.h ../functions/who.h ../functions/vim.h
-plugindata.o: ../core/htmlfilter.h ../templates/templates.h
-plugindata.o: ../templates/patterncacher.h ../templates/ckeditorgetparser.h
-plugindata.o: ../core/httpsimpleparser.h ../core/log.h
-plugindata.o: ../templates/indexpatterns.h ../core/sessionmanager.h
+plugindata.o: ../functions/specialdefault.h ../functions/stat.h
+plugindata.o: ../functions/subject.h ../functions/template.h
+plugindata.o: ../functions/tinymce.h ../functions/uname.h
+plugindata.o: ../functions/upload.h ../functions/uptime.h ../functions/who.h
+plugindata.o: ../functions/vim.h ../core/htmlfilter.h
+plugindata.o: ../templates/templates.h ../templates/patterncacher.h
+plugindata.o: ../templates/ckeditorgetparser.h ../core/httpsimpleparser.h
+plugindata.o: ../core/log.h ../templates/indexpatterns.h
+plugindata.o: ../core/sessionmanager.h
 postmultiparser.o: postmultiparser.h error.h requesttypes.h config.h
 postmultiparser.o: confparser.h htmlfilter.h log.h textstream.h
 postmultiparser.o: ../../ezc/src/utf8.h misc.h item.h
@ -275,8 +277,8 @@ request.o: ../templates/htmltextstream.h ../notify/notifythread.h
 request.o: ../core/basethread.h synchro.h ../notify/templatesnotify.h
 request.o: ../core/config.h ../core/users.h user.h ugcontainer.h
 request.o: lastcontainer.h cur.h session.h rebus.h mounts.h mount.h
-request.o: mountparser.h users.h groups.h group.h loadavg.h thumb.h
-request.o: basethread.h sessionmanager.h sessioncontainer.h
+request.o: mountparser.h crypt.h run.h users.h groups.h group.h loadavg.h
+request.o: thumb.h basethread.h sessionmanager.h sessioncontainer.h
 request.o: ../functions/functions.h ../functions/functionbase.h
 request.o: ../core/request.h ../core/system.h ../core/synchro.h
 request.o: ../functions/functionparser.h ../core/cur.h ../functions/adduser.h
@ -287,14 +289,15 @@ request.o: ../functions/emacs.h ../functions/last.h ../functions/login.h
 request.o: ../functions/logout.h ../functions/ln.h ../functions/ls.h
 request.o: ../functions/mkdir.h ../functions/mv.h ../functions/node.h
 request.o: ../functions/priv.h ../functions/reload.h ../functions/rm.h
-request.o: ../functions/run.h ../functions/specialdefault.h
-request.o: ../functions/stat.h ../functions/subject.h ../functions/template.h
+request.o: ../functions/specialdefault.h ../functions/stat.h
+request.o: ../functions/subject.h ../functions/template.h
 request.o: ../functions/tinymce.h ../functions/uname.h ../functions/upload.h
 request.o: ../functions/uptime.h ../functions/who.h ../functions/vim.h
 request.o: ../core/htmlfilter.h ../templates/templates.h
 request.o: ../templates/patterncacher.h ../templates/ckeditorgetparser.h
 request.o: ../core/httpsimpleparser.h ../core/log.h
 request.o: ../templates/indexpatterns.h ../core/sessionmanager.h
+run.o: run.h log.h textstream.h
 session.o: session.h item.h error.h user.h plugindata.h rebus.h misc.h
 sessioncontainer.o: sessioncontainer.h session.h item.h error.h user.h
 sessioncontainer.o: plugindata.h rebus.h cur.h request.h requesttypes.h
@ -321,10 +324,11 @@ sessionmanager.o: ../../ezc/src/stringconv.h ../templates/htmltextstream.h
 sessionmanager.o: ../notify/notifythread.h ../core/basethread.h synchro.h
 sessionmanager.o: ../notify/templatesnotify.h ../core/config.h
 sessionmanager.o: ../core/users.h ugcontainer.h mounts.h mount.h
-sessionmanager.o: mountparser.h users.h groups.h group.h loadavg.h thumb.h
-sessionmanager.o: basethread.h sessionparser.h plugin.h pluginmsg.h
-sessionmanager.o: ../functions/functions.h ../functions/functionbase.h
-sessionmanager.o: ../core/request.h ../core/system.h ../core/synchro.h
+sessionmanager.o: mountparser.h crypt.h run.h users.h groups.h group.h
+sessionmanager.o: loadavg.h thumb.h basethread.h sessionparser.h plugin.h
+sessionmanager.o: pluginmsg.h ../functions/functions.h
+sessionmanager.o: ../functions/functionbase.h ../core/request.h
+sessionmanager.o: ../core/system.h ../core/synchro.h
 sessionmanager.o: ../functions/functionparser.h ../core/cur.h
 sessionmanager.o: ../functions/adduser.h ../functions/cat.h
 sessionmanager.o: ../functions/chmod.h ../functions/privchanger.h
@ -335,13 +339,12 @@ sessionmanager.o: ../functions/last.h ../functions/login.h
 sessionmanager.o: ../functions/logout.h ../functions/ln.h ../functions/ls.h
 sessionmanager.o: ../functions/mkdir.h ../functions/mv.h ../functions/node.h
 sessionmanager.o: ../functions/priv.h ../functions/reload.h ../functions/rm.h
-sessionmanager.o: ../functions/run.h ../functions/specialdefault.h
-sessionmanager.o: ../functions/stat.h ../functions/subject.h
-sessionmanager.o: ../functions/template.h ../functions/tinymce.h
-sessionmanager.o: ../functions/uname.h ../functions/upload.h
-sessionmanager.o: ../functions/uptime.h ../functions/who.h ../functions/vim.h
-sessionmanager.o: ../core/htmlfilter.h ../templates/templates.h
-sessionmanager.o: ../templates/patterncacher.h
+sessionmanager.o: ../functions/specialdefault.h ../functions/stat.h
+sessionmanager.o: ../functions/subject.h ../functions/template.h
+sessionmanager.o: ../functions/tinymce.h ../functions/uname.h
+sessionmanager.o: ../functions/upload.h ../functions/uptime.h
+sessionmanager.o: ../functions/who.h ../functions/vim.h ../core/htmlfilter.h
+sessionmanager.o: ../templates/templates.h ../templates/patterncacher.h
 sessionmanager.o: ../templates/ckeditorgetparser.h ../core/httpsimpleparser.h
 sessionmanager.o: ../core/log.h ../templates/indexpatterns.h
 sessionmanager.o: ../core/sessionmanager.h
@ -367,8 +370,8 @@ system.o: ../../ezc/src/stringconv.h ../templates/htmltextstream.h
 system.o: ../notify/notifythread.h ../core/basethread.h synchro.h
 system.o: ../notify/templatesnotify.h ../core/config.h ../core/users.h user.h
 system.o: ugcontainer.h lastcontainer.h cur.h session.h plugindata.h rebus.h
-system.o: mounts.h mount.h mountparser.h users.h groups.h group.h loadavg.h
-system.o: thumb.h basethread.h ../templates/templates.h
+system.o: mounts.h mount.h mountparser.h crypt.h run.h users.h groups.h
+system.o: group.h loadavg.h thumb.h basethread.h ../templates/templates.h
 system.o: ../templates/patterncacher.h ../templates/ckeditorgetparser.h
 system.o: ../core/httpsimpleparser.h ../core/log.h
 system.o: ../templates/indexpatterns.h ../core/cur.h ../core/system.h
@ -391,6 +394,6 @@ thumb.o: ../../ezc/src/funinfo.h ../../ezc/src/stringconv.h
 thumb.o: ../templates/htmltextstream.h ../notify/notifythread.h
 thumb.o: ../core/basethread.h synchro.h ../notify/templatesnotify.h
 thumb.o: ../core/users.h user.h ugcontainer.h lastcontainer.h cur.h session.h
-thumb.o: plugindata.h rebus.h mounts.h mount.h mountparser.h users.h groups.h
-thumb.o: group.h loadavg.h
+thumb.o: plugindata.h rebus.h mounts.h mount.h mountparser.h crypt.h run.h
+thumb.o: users.h groups.h group.h loadavg.h
 users.o: users.h
--- a/core/Makefile.o.dep
+++ b/core/Makefile.o.dep
@ -1 +1 @@
-o = acceptbaseparser.o app.o basethread.o bbcodeparser.o compress.o config.o confparser.o dircontainer.o dirs.o groups.o htmlfilter.o httpsimpleparser.o item.o lastcontainer.o loadavg.o log.o misc.o mount.o mountparser.o mounts.o plugin.o plugindata.o postmultiparser.o rebus.o request.o session.o sessioncontainer.o sessionmanager.o sessionparser.o synchro.o system.o textstream.o thumb.o users.o 
+o = acceptbaseparser.o app.o basethread.o bbcodeparser.o compress.o config.o confparser.o crypt.o dircontainer.o dirs.o groups.o htmlfilter.o httpsimpleparser.o item.o lastcontainer.o loadavg.o log.o misc.o mount.o mountparser.o mounts.o plugin.o plugindata.o postmultiparser.o rebus.o request.o run.o session.o sessioncontainer.o sessionmanager.o sessionparser.o synchro.o system.o textstream.o thumb.o users.o 
--- a/core/config.cpp
+++ b/core/config.cpp
@ -11,6 +11,7 @@
 #include "log.h"
 #include "plugin.h"
 #include "misc.h"
+#include "crypt.h"



@ -174,7 +175,6 @@ void Config::AssignValues(bool stdout_is_closed)
 	title_separator  = Text(L"title_separator", L" / ");

 	http_header_send_file = Text(L"http_header_send_file", L"X-LIGHTTPD-send-file");
-	password_min_size = Size(L"password_min_size", 5);
 	debug_info = Bool(L"debug_info", false);	

 	editors_html_safe_mode = Bool(L"editors_html_safe_mode", true);
@ -191,6 +191,15 @@ void Config::AssignValues(bool stdout_is_closed)
 	symlinks_follow_max = Size(L"symlinks_follow_max", 20);

 	ticket_form_prefix = Text(L"ticket_form_prefix", L"ticketparam");
+
+	pass_min_size        = Size(L"pass_min_size", 5);
+	pass_type            = Int(L"pass_type", 12);
+	pass_hash_use_salt   = Bool(L"pass_hash_use_salt", false);
+	pass_hash_salt       = Text(L"pass_hash_salt");
+	pass_use_rsa         = Bool(L"pass_use_rsa", false);
+	pass_rsa_private_key = Text(L"pass_rsa_private_key");
+
+	opensll_path = Text(L"opensll_path", L"/usr/bin/openssl");
 }


@ -207,6 +216,7 @@ void Config::SetAdditionalVariables()
 		html_filter_orphans_mode = HTMLFilter::orphan_nbsp;

 	CheckLocale();
+	CheckPasswd();
 }


@ -240,6 +250,26 @@ bool found = false;
 }


+void Config::CheckPasswd()
+{
+	switch(pass_type)
+	{
+		case WINIX_CRYPT_HASH_PLAIN:
+		case WINIX_CRYPT_HASH_MD4:
+		case WINIX_CRYPT_HASH_MD5:
+		case WINIX_CRYPT_HASH_SHA1:
+		case WINIX_CRYPT_HASH_SHA224:
+		case WINIX_CRYPT_HASH_SHA256:
+		case WINIX_CRYPT_HASH_SHA384:
+		case WINIX_CRYPT_HASH_SHA512:
+		break;
+
+		default:
+		pass_type = WINIX_CRYPT_HASH_SHA256;
+	}
+}
+
+
 void Config::SetHttpHost(const std::wstring & in, std::wstring & out)
 {
 	const char http[]  = "http://";
--- a/core/config.h
+++ b/core/config.h
@ -279,10 +279,6 @@ public:
 	// default: X-LIGHTTPD-send-file
 	std::wstring http_header_send_file;

-	// the minimum size of a password for new users (function: adduser)
-	// default: 5
-	size_t password_min_size;
-
 	// prints additional information (in the end of the html page as a commentary)
 	bool debug_info;

@ -319,6 +315,48 @@ public:
 	// default: ticketparam
 	std::wstring ticket_form_prefix;

+	// the minimal size of a user's password
+	// default: 5
+	size_t pass_min_size;
+
+	// how passwords should be stored
+	// 0  - plain text
+	// 1  - md4 hash
+	// 2  - md5 hash
+	// 10 - sha1 hash
+	// 11 - sha224 hash
+	// 12 - sha256 hash (default)
+	// 13 - sha384 hash
+	// 14 - sha512 hash
+	int pass_type;
+
+	// whether the passwords' hashes should be salted or not
+	// this affects newly created accounts
+	// default: false
+	bool pass_hash_use_salt;
+
+	// salt to a password's hash
+	// default empty
+	// !! once you set this salt don't change it any more (people wouldn't be allowed to login)
+	std::wstring pass_hash_salt;
+
+	// whether the passwords' hashes should be encrypted
+	// this affects newly created accounts
+	// default: false
+	bool pass_use_rsa;
+
+	// path to a RSA private key
+	// this is actually private + public key in one file
+	// generated by "openssl genrsa"
+	// default empty which means encryption will not be used
+	// !! once you set these keys don't change it any more (people wouldn't be allowed to login)
+	std::wstring pass_rsa_private_key;
+
+
+	// path to 'openssl'
+	// default: /usr/bin/openssl
+	std::wstring opensll_path;
+
 	/*
 	*/

@ -359,6 +397,7 @@ private:
 	void SetHttpHost(const std::wstring & in, std::wstring & out);
 	void SetAdditionalVariables();
 	void CheckLocale();
+	void CheckPasswd();

 	ConfParser parser;

--- a/core/crypt.cpp
+++ b/core/crypt.cpp
@ -0,0 +1,273 @@
+/*
+ * This file is a part of Winix
+ * and is not publicly distributed
+ * 
+ * Copyright (c) 2011, Tomasz Sowa
+ * All rights reserved.
+ * 
+ */
+
+#include <cstring>
+#include "crypt.h"
+#include "utf8.h"
+#include "misc.h"
+#include "log.h"
+
+
+
+void Crypt::SetConfig(Config * pconfig)
+{
+	config = pconfig;
+}
+
+
+void Crypt::TrimLastWhite(std::string & str)
+{
+	if( str.empty() )
+		return;
+
+	size_t i = str.size();
+
+	while( i > 0 && (IsWhite(str[i-1]) || str[i-1]==10) )
+		i -= 1;
+
+	if( i < str.size() )
+		str.erase(i);
+}
+
+
+bool Crypt::Hash(int hash, const char * in, size_t inlen, std::string & out)
+{
+	out.clear();
+
+	if( !config )
+		return false;
+
+	run.Clear();
+	Ezc::WideToUTF8(config->opensll_path, command);
+	run.Cmd(command);
+	run.Par("dgst");
+
+	switch(hash)
+	{
+		case WINIX_CRYPT_HASH_MD4:		run.Par("-md4");	break;
+		case WINIX_CRYPT_HASH_MD5:		run.Par("-md5");	break;
+		case WINIX_CRYPT_HASH_SHA1:		run.Par("-sha1");	break;
+		case WINIX_CRYPT_HASH_SHA224:	run.Par("-sha224");	break;
+		case WINIX_CRYPT_HASH_SHA256:	run.Par("-sha256");	break;
+		case WINIX_CRYPT_HASH_SHA384:	run.Par("-sha384");	break;
+		case WINIX_CRYPT_HASH_SHA512:	run.Par("-sha512");	break;
+		
+		default:
+		return false;
+	}
+
+	bool result = run.Go(in, inlen, out) == 0;
+	TrimLastWhite(out);
+
+return result;
+}
+
+
+
+bool Crypt::Hash(int hash, const char * in, std::string & out)
+{
+	size_t len = strlen(in);
+	return Hash(hash, in, len, out);
+}
+
+
+
+bool Crypt::Hash(int hash, const std::string & in, std::string & out)
+{
+	return Hash(hash, in.c_str(), in.size(), out);
+}
+
+
+
+bool Crypt::Hash(int hash, const wchar_t * in, size_t inlen, std::wstring & out)
+{
+	Ezc::WideToUTF8(in, inlen, bufina);
+	int res = Hash(hash, bufina.c_str(), bufina.size(), bufouta);
+	
+	// the output hash is not a UTF8 string
+	// it consists only from ascii letters
+	AssignString(bufouta, out);
+
+return res;
+}
+
+
+bool Crypt::Hash(int hash, const wchar_t * in, std::wstring & out)
+{
+	size_t len = wcslen(in);
+	return Hash(hash, in, len, out);
+
+}
+
+bool Crypt::Hash(int hash, const std::wstring & in, std::wstring & out)
+{
+	return Hash(hash, in.c_str(), in.size(), out);
+}
+
+
+bool IsAllWhite(const char * str)
+{
+	for( ; *str ; ++str)
+	{
+		if( !(IsWhite(*str) || *str==10) )
+			return false;
+	}
+
+return true;
+}
+
+
+
+bool Crypt::RSA(bool encrypt, const char * keypath, const char * in, size_t inlen, std::string & out)
+{
+	out.clear();
+
+	if( !config || IsAllWhite(keypath) )
+		return false;
+
+	run.Clear();
+	Ezc::WideToUTF8(config->opensll_path, command);
+	run.Cmd(command);
+
+	run.Par("rsautl");
+	run.Par("-inkey");
+	run.Par(keypath);
+
+	if(encrypt)
+		run.Par("-encrypt");
+	else
+		run.Par("-decrypt");
+
+return run.Go(in, inlen, out) == 0;
+}
+
+
+
+bool Crypt::RSA(bool encrypt, const char * keypath, const std::string & in, std::string & out)
+{
+	return RSA(encrypt, keypath, in.c_str(), in.size(), out);
+}
+
+
+bool Crypt::RSA(bool encrypt, const std::string & keypath, const std::string & in, std::string & out)
+{
+	return RSA(encrypt, keypath.c_str(), in.c_str(), in.size(), out);
+}
+
+
+
+bool Crypt::RSA(bool encrypt, const wchar_t * keypath, const char * in, size_t inlen, std::string & out)
+{
+	Ezc::WideToUTF8(keypath, keypatha);
+	return RSA(encrypt, keypatha.c_str(), in, inlen, out);
+}
+
+
+
+bool Crypt::RSA(bool encrypt, const wchar_t * keypath, const std::string & in, std::string & out)
+{
+	return RSA(encrypt, keypath, in.c_str(), in.size(), out);
+}
+
+
+bool Crypt::RSA(bool encrypt, const std::wstring & keypath, const std::string & in, std::string & out)
+{
+	return RSA(encrypt, keypath.c_str(), in.c_str(), in.size(), out);
+}
+
+
+
+
+
+
+
+
+bool Crypt::PassHash(const std::wstring & salt, UserPass & up)
+{
+	bool result = true;
+	up.pass_hash_salted = false;
+
+	if( up.pass_type != WINIX_CRYPT_HASH_PLAIN )
+	{
+		pass_org     = up.pass;
+		pass_salted  = up.pass;
+		pass_salted += salt;
+
+		if( Hash(up.pass_type, pass_salted, up.pass) )
+		{
+			if( !salt.empty() )
+				up.pass_hash_salted = true;
+		}
+		else
+		{
+			log << log1 << "Crypt: problem with generating a hash, the password will not be hashed" << logend;
+			
+			up.pass = pass_org;
+			up.pass_type = WINIX_CRYPT_HASH_PLAIN;
+			result = false;
+		}
+
+		ClearString(pass_salted);
+		ClearString(pass_org);
+	}
+
+return result;
+}
+
+
+
+bool Crypt::PassCrypt(const std::wstring & path_to_rsa_private_key, UserPass & up)
+{
+	bool result = false;
+	ClearString(up.pass_encrypted);
+
+	if( !path_to_rsa_private_key.empty() )
+	{
+		Ezc::WideToUTF8(up.pass, passa);
+
+		if( RSA(true, path_to_rsa_private_key, passa, up.pass_encrypted) )
+		{
+			result = true;
+		}
+		else
+		{
+			ClearString(up.pass_encrypted);
+			log << log1 << "AddUser: problem with encrypting, the password will not be encrypted!" << logend;
+		}
+
+		ClearString(passa);
+	}
+
+return result;
+}
+
+
+void Crypt::PassHashCrypt(const std::wstring & salt, const std::wstring & path_to_rsa_private_key, UserPass & up)
+{
+	PassHash(salt, up);
+	PassCrypt(path_to_rsa_private_key, up);
+}
+
+
+
+void Crypt::PassHashCrypt(UserPass & up)
+{
+	up.pass_type = config->pass_type;
+	empty.clear();
+
+	if( config->pass_hash_use_salt && !config->pass_hash_salt.empty() )
+		PassHash(config->pass_hash_salt, up);
+	else
+		PassHash(empty, up);
+
+
+	if( config->pass_use_rsa && !config->pass_rsa_private_key.empty() )
+		PassCrypt(config->pass_rsa_private_key, up);
+}
+
--- a/core/crypt.h
+++ b/core/crypt.h
@ -0,0 +1,209 @@
+/*
+ * This file is a part of Winix
+ * and is not publicly distributed
+ * 
+ * Copyright (c) 2011, Tomasz Sowa
+ * All rights reserved.
+ * 
+ */
+ 
+#ifndef headerfile_winix_core_crypt
+#define headerfile_winix_core_crypt
+
+
+#include <string>
+#include "run.h"
+#include "config.h"
+#include "user.h"
+
+
+/*
+	the kind of hashes we are able to obtain in winix
+*/
+#define WINIX_CRYPT_HASH_PLAIN		0
+#define WINIX_CRYPT_HASH_MD4		1
+#define WINIX_CRYPT_HASH_MD5		2
+#define WINIX_CRYPT_HASH_SHA1		10
+#define WINIX_CRYPT_HASH_SHA224		11
+#define WINIX_CRYPT_HASH_SHA256		12
+#define WINIX_CRYPT_HASH_SHA384		13
+#define WINIX_CRYPT_HASH_SHA512		14
+
+
+
+/*
+	calculating hashes, encrypting and decrypting with RSA
+*/
+class Crypt
+{
+public:
+
+
+	void SetConfig(Config * pconfig);
+
+
+	/*
+		calculating a hash from a given input
+
+		input:
+			hash  - the kind of the hash - WINIX_CRYPT_HASH_*
+			in    - input buffer
+			inlen - the length of the buffer
+		output:
+			out   - the hash
+	*/
+	bool Hash(int hash, const char * in, size_t inlen, std::string & out);
+	bool Hash(int hash, const char * in,               std::string & out);
+	bool Hash(int hash, const std::string & in,        std::string & out);
+
+
+	/*
+		calculating a hash from a given input
+		the input string is first changed to UTF8 and then hash is calculated
+
+		input:
+			hash  - the kind of the hash - WINIX_CRYPT_HASH_*
+			in    - input buffer
+			inlen - the length of the buffer
+		output:
+			out   - the hash
+	*/
+	bool Hash(int hash, const wchar_t * in, size_t inlen, std::wstring & out);
+	bool Hash(int hash, const wchar_t * in,               std::wstring & out);
+	bool Hash(int hash, const std::wstring & in,          std::wstring & out);
+
+
+	/*
+		encrypt/decrypt by using RSA algorithm
+
+		input:
+			encrypt  - true means encrypting, false means decrypting
+			keypath  - path to a RSA private key (this is a private and public key in one file)
+			in       - input buffer
+			inlen    - the size of the buffer
+
+		output:
+			out      - encrypted or decrypted buffer
+	*/
+	bool RSA(bool encrypt, const char * keypath,         const char * in, size_t inlen, std::string & out);
+	bool RSA(bool encrypt, const char * keypath,         const std::string & in,        std::string & out);
+	bool RSA(bool encrypt, const std::string & keypath,  const std::string & in,        std::string & out);
+	bool RSA(bool encrypt, const wchar_t * keypath,      const char * in, size_t inlen, std::string & out);
+	bool RSA(bool encrypt, const wchar_t * keypath,      const std::string & in,        std::string & out);
+	bool RSA(bool encrypt, const std::wstring & keypath, const std::string & in,        std::string & out);
+
+
+	/*
+		this method creates a hash from the given plain text password
+
+		input.
+			salt         - salt for the hash
+			up.pass_type - what kind of hash do you want - look at WINIX_CRYPT_HASH_* macros (in crypt.h)
+			up.pass      - plain text password
+
+			if salt is empty then the hash will not be salted
+
+		output:
+			up.pass_type - (can be changed to 0 when there is a problem with generating a hash)
+			up.pass      - hash from the password (or plain text if up.pass_type was zero)
+			up.pass_hash_salted (true if the hash is salted - when salt was not empty)
+
+		if there is a problem with generating a hash the method stores a plain text password
+		and changes up.pass_type to zero (plain text passwords are not salted)
+	*/
+	bool PassHash(const std::wstring & salt, UserPass & up);
+
+
+	/*
+		this method encrypts the given password
+
+		input:
+			path_to_rsa_private_key - a path to rsa private key (this are a private and public keys both in one file)
+			up.pass - given password (can be a plain text or a hash)
+
+			if path_to_rsa_private_key is empty then the password will not be encrypted
+
+		output:
+			up.pass_encrypted
+
+		if there is a problem (or the path to the key is empty) then up.pass_encrypted will be empty
+		and the method returns false
+	*/
+	bool PassCrypt(const std::wstring & path_to_rsa_private_key, UserPass & up);
+
+
+	/*
+		this method creates a hash from the given plain text password and then encrypts it
+
+		input:
+			salt         - salt for the hash
+			path_to_rsa_private_key - a path to rsa private key (this are a private and public keys both in one file)
+			up.pass_type - what kind of hash do you want - look at WINIX_CRYPT_HASH_* macros (in crypt.h)
+			up.pass      - plain text password
+
+			if salt is empty then the hash will not be salted
+			if path_to_rsa_private_key is empty then the password will not be encrypted
+
+		output:
+			up.pass_type - (can be changed to 0 when there is a problem with generating a hash)
+			up.pass      - hash from the password (or plain text if up.pass_type was zero)
+			up.pass_hash_salted (true if the hash is salted - when salt was not empty)
+			up.pass_encrypted - encrypted password (if not empty)
+		
+	*/
+	void PassHashCrypt(const std::wstring & salt, const std::wstring & path_to_rsa_private_key, UserPass & up);
+
+
+	/*
+		this method creates a hash from the given plain text password and then encrypts it
+
+		input:
+			up.pass - plain text password
+
+		output:
+			up.pass_type        - what kind of hash there is in up.pass
+			up.pass             - hash from the password (or plain text if up.pass_type is zero)
+			up.pass_hash_salted - true if the hash is salted (plain text are never salted)
+			up.pass_encrypted   - encrypted password (if not empty)
+	*/
+	void PassHashCrypt(UserPass & up);
+
+
+	/*
+		putting some characters into the string and then calling clear()
+	*/
+	template<class StringType>
+	void ClearString(StringType & str);
+
+
+
+private:
+
+	void TrimLastWhite(std::string & str);
+
+	Config * config;
+	Run run;
+	std::string command, bufina, bufouta, keypatha;
+	//std::wstring pass_salted;//, pass_hashed;
+	//std::string pass_hasheda, pass_encrypteda;
+
+	std::wstring pass_salted, pass_org;
+	std::string passa;
+	std::wstring empty;
+};
+
+
+
+template<class StringType>
+void Crypt::ClearString(StringType & str)
+{
+	for(size_t i=0 ; i<str.size() ; ++i)
+		str[i] = 0x0c;
+
+	str.clear();
+}
+
+
+
+#endif
+
--- a/core/run.cpp
+++ b/core/run.cpp
@ -0,0 +1,385 @@
+/*
+ * This file is a part of Winix
+ * and is not publicly distributed
+ * 
+ * Copyright (c) 2011, Tomasz Sowa
+ * All rights reserved.
+ * 
+ */
+ 
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <unistd.h>
+#include <sys/wait.h>
+#include "run.h"
+#include "log.h"
+
+
+
+
+Run::Run()
+{
+	Clear();
+}
+
+
+
+void Run::Clear()
+{
+	parlen  = 0; 
+	envlen  = 0;
+	command = 0;
+	last_status = 0;
+	last_return = 255;
+}
+
+
+
+void Run::SetName()
+{
+	size_t i=0;
+
+	while( command[i] )
+		i += 1;
+
+	while( i>0 && command[i-1]!='/' )
+		i -= 1;
+
+	par[0] = const_cast<char*>(command + i);
+}
+
+
+
+void Run::Par(const char * p)
+{
+	if( parlen < WINIX_RUN_MAX_PARAMETERS )
+	{
+		// they will be copied (fork)
+		// the first (zero) parameter is a program name
+		par[1 + parlen++] = const_cast<char*>(p);
+	}
+}
+
+
+
+void Run::Env(const char * e)
+{
+	if( envlen < WINIX_RUN_MAX_PARAMETERS )
+	{
+		// they will be copied (fork)
+		env[envlen++] = const_cast<char*>(e);
+	}
+}
+
+
+
+void Run::Cmd(const char * c)
+{
+	command = c;
+	SetName();
+}
+
+
+
+void Run::Par(const std::string & p)
+{
+	Par(p.c_str());
+}
+
+
+
+void Run::Env(const std::string & e)
+{
+	Env(e.c_str());
+}
+
+
+
+void Run::Cmd(const std::string & c)
+{
+	Cmd(c.c_str());
+}
+
+
+
+
+int Run::LastStatus()
+{
+	return last_status;
+}
+
+
+
+int Run::LastReturn()
+{
+	return last_return;
+}
+
+
+
+void Run::Write(const char * in, size_t inlen)
+{
+ssize_t len;
+
+	while( inlen > 0 )
+	{
+		len = write(desout[1], in, inlen);
+	
+		if( len < 0 || len > (ssize_t)inlen )
+		{
+			// something wrong
+			last_status = 3;
+			break;
+		}
+
+		in    += len;
+		inlen -= len;
+	}
+}
+
+
+
+void Run::Read(std::string & out)
+{
+char buf[1024];
+size_t buflen = sizeof(buf) / sizeof(char);
+ssize_t len;
+
+	do
+	{
+		len = read(desin[0], buf, buflen);
+
+		if( len < 0 || len > (ssize_t)buflen )
+		{
+			// something wrong
+			last_status = 4;
+			break;
+		}
+
+		if( len > 0 )
+			out.append(buf, len);
+	}
+	while( len > 0 );
+}
+
+
+
+void Run::ChildThrow()
+{
+	if( dup2(desout[0], 0) == -1 )
+		return;
+
+	if( dup2(desin[1], 1) == -1 )
+		return;
+
+	close(2);
+	close(desin[0]);
+	close(desout[1]);
+
+	par[parlen+1] = 0;
+	env[envlen]   = 0;
+
+	execve(command, par, env);
+	// if we are here then there is something wrong (execve failed)
+}
+
+
+
+void Run::Child()
+{
+	try
+	{
+		ChildThrow();
+	}
+	catch(...)
+	{
+	}
+
+	exit(255);
+}
+
+
+
+bool Run::CreatePipes()
+{
+	int res = pipe(desin);
+
+	if( res != 0 )
+	{
+		log << log1 << "Run: pipe failed (desin)" << logend;
+		last_status = 1;
+		return false;
+	}
+
+	res = pipe(desout);
+
+	if( res != 0 )
+	{
+		log << log1 << "Run: pipe failed (desout)" << logend;
+		last_status = 1;
+		close(desin[0]);
+		close(desin[1]);
+		return false;
+	}
+
+return true;
+}
+
+
+
+bool Run::Fork()
+{
+	childpid = fork();
+
+	if( childpid == -1 )
+	{
+		log << log1 << "Run: fork failed" << logend;
+		last_status = 2;
+		close(desin[0]);
+		close(desin[1]);
+		close(desout[0]);
+		close(desout[1]);
+		return false;
+	}
+
+	if( childpid == 0 )
+		Child();
+
+return true;
+}
+
+
+
+void Run::WriteRead(const char * in, size_t inlen, std::string * out)
+{
+	if( in && inlen>0 )
+		Write(in, inlen);
+
+	close(desout[1]);
+
+	if( out )
+		Read(*out);
+
+	close(desin[0]);
+}
+
+
+
+void Run::CheckStatus()
+{
+int status;
+
+	pid_t res = waitpid(childpid, &status, 0);
+
+	if( res == -1 )
+	{
+		log << log1 << "Run: waitpid failed" << logend;
+		last_status = 6;
+	}
+	else
+	{
+		if( WIFEXITED(status) )
+		{
+			last_return = WEXITSTATUS(status);
+		}
+		else
+		{
+			if( WIFCONTINUED(status) )
+				log << log1 << "Run: child error: WIFCONTINUED" << logend;
+			else
+			if( WIFSIGNALED(status) )
+				log << log1 << "Run: child error: WIFSIGNALED" << logend;
+			else
+			if( WIFSTOPPED(status) )
+				log << log1 << "Run: child error: WIFSTOPPED" << logend;
+
+			last_status = 5;
+		}
+	}
+}
+
+
+
+int Run::Go(const char * in, size_t inlen, std::string * out)
+{
+	last_status = 0;
+	last_return = 255;
+
+	if( out )
+		out->clear();
+
+	if( !command )
+	{
+		last_status = 7;
+		return last_return;
+	}
+
+	if( !CreatePipes() )
+		return last_return;
+
+	if( !Fork() )
+		return last_return;
+
+	// here goes the parent
+	close(desin[1]);
+	close(desout[0]);
+	WriteRead(in, inlen, out);
+	CheckStatus();
+
+	if( last_status != 0 )
+		log << log1 << "Run: a problem with the command, last_status: " << last_status << logend;
+
+return last_return;
+}
+
+
+int Run::Go(const char * in, size_t inlen, std::string & out)
+{
+	return Go(in, inlen, &out);
+}
+
+
+int Run::Go(const char * in, std::string & out)
+{
+	size_t len = strlen(in);
+	return Go(in, len, &out);
+}
+
+
+int Run::Go(const char * in, size_t inlen)
+{
+	return Go(in, inlen, 0);
+}
+
+
+int Run::Go(const char * in)
+{
+	size_t len = strlen(in);
+	return Go(in, len, 0);
+}
+
+
+int Run::Go()
+{
+	return Go(0, 0, 0);
+}
+
+
+int Run::Go(const std::string in, std::string & out)
+{
+	return Go(in.c_str(), in.size(), &out);
+}
+
+
+int Run::Go(const std::string in)
+{
+	return Go(in.c_str(), in.size(), 0);
+}
+
+
+int Run::Go(std::string & out)
+{
+	return Go(0, 0, &out);
+}
+
+
--- a/core/run.h
+++ b/core/run.h
@ -0,0 +1,163 @@
+/*
+ * This file is a part of Winix
+ * and is not publicly distributed
+ * 
+ * Copyright (c) 2011, Tomasz Sowa
+ * All rights reserved.
+ * 
+ */
+ 
+#ifndef headerfile_winix_core_run
+#define headerfile_winix_core_run
+
+#include <string>
+#include <cstdio>
+
+
+/*
+	how many parameters and environment variables can be passed to a program
+*/
+#define WINIX_RUN_MAX_PARAMETERS 30
+
+
+/*
+	objects of this class allows you to run an external program
+
+	when you call Go() then:
+	1. winix creates pipes for communicating with a child process
+	2. then winix fork()
+	3. the child process execve() the specified command
+	4. winix (parent) sends 'in' to the standard input of the child process
+	5. after sending it closes the descriptor so the child sees it as end-of-file
+	6. now winix reads what the child sends to standard output (until EOF)
+	7. winix waitpid() for the child
+	8. Go() returns
+*/
+class Run
+{
+public:
+
+	Run();
+
+
+	/*
+		clearing parameters, environment variables and the command
+		(and clearing LastStatus and LastResult)
+		so you can call another different program now
+	*/
+	void Clear();
+
+
+	/*
+		setting parameters
+		each parameter should be passed in different call to Par() method
+		sample:
+		if you want to call from your shell:
+		  $ myprog -a -b -f "test file"
+		you should call Par() in this way:
+		  Par("-a");
+		  Par("-b");
+		  Par("test file"); // apostrophes are not needed here
+
+		arguments passed to Par() should not be changed afterwards, this method does not copy them anywhere
+		it uses only the pointer
+	*/
+	void Par(const char * p);
+	void Par(const std::string & p);
+
+
+	/*
+		setting environment variables
+		one variable per one Env() call
+
+		arguments passed to Env() should not be changed afterwards, this method does not copy them anywhere
+		it uses only the pointer
+	*/
+	void Env(const char * e);
+	void Env(const std::string & e);
+
+
+	/*
+		full path to command you want to execute
+
+		arguments passed to Cmd() should not be changed afterwards, this method does not copy them anywhere
+		it uses only the pointer
+	*/
+	void Cmd(const char * c);
+	void Cmd(const std::string & c);
+
+
+	/*
+		executing the command
+		you should call Par(), Env() and Cmd() beforehand
+	*/
+	int Go(const char * in, size_t inlen, std::string & out);
+	int Go(const char * in, std::string & out);
+	int Go(const char * in, size_t inlen);
+	int Go(const char * in);
+	int Go(const std::string in, std::string & out);
+	int Go(const std::string in);
+	int Go(std::string & out);
+	int Go();
+
+
+	/*
+		last status:
+		0 - ok (program was successfully called)
+		1 - pipe failed
+		2 - fork failed
+		3 - write failed
+		4 - read failed
+		5 - child process has done something wrong (caught a signal etc.)
+		6 - waitpid failed
+		7 - the command is not set (call Cmd method first)
+	*/
+	int LastStatus();
+
+
+	/*
+		the code which the command returned (usually "0" means no errors found)
+		if LastStatus is different from zero then LastReturn always returns 255
+		(so you don't have to check LastStatus() first)
+	*/
+	int LastReturn();
+
+
+
+private:
+
+	int Go(const char * in, size_t inlen, std::string * out);
+	void SetName();
+	void CheckStatus();
+	void WriteRead(const char * in, size_t inlen, std::string * out);
+	bool CreatePipes();
+	bool Fork();
+	void ChildThrow();
+	void Child();
+	void Write(const char * in, size_t inlen);
+	void Read(std::string & out);
+
+
+	int last_status;
+
+	// the return code returned by a program (if last_status==0)
+	// if last_status!=0 then last_return is 255
+	int last_return;
+
+	int desin[2];
+	int desout[2];
+
+	char * par[WINIX_RUN_MAX_PARAMETERS + 2];
+	char * env[WINIX_RUN_MAX_PARAMETERS + 1];
+	const char * command;
+
+	size_t parlen;
+	size_t envlen;
+
+	pid_t childpid;
+
+};
+
+
+#endif
+
--- a/core/system.cpp
+++ b/core/system.cpp
@ -73,6 +73,8 @@ void System::Init()
 	thumb.SetDb(db);
 	thumb.SetConfig(config);
 	thumb.SetSystem(this);
+
+	crypt.SetConfig(config);
 }


--- a/core/system.h
+++ b/core/system.h
@ -16,6 +16,7 @@
 #include "db/db.h"
 #include "request.h"
 #include "config.h"
+#include "crypt.h"
 #include "users.h"
 #include "groups.h"
 #include "rebus.h"
@ -59,6 +60,8 @@ public:
 	// the time when the winix starts
 	time_t system_start;

+	// cryptography and hashes
+	Crypt crypt;

 	void SetCur(Cur * pcur);
 	void SetConfig(Config * pconfig);
--- a/core/user.h
+++ b/core/user.h
@ -2,7 +2,7 @@
 * This file is a part of Winix