X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=0a6783ff8d8eb2f6c9a002c4b443ff2cb4f2b280;hb=544b54c409f3731b8e1581af95072a64ff393a28;hp=a94a5ba1a0daf4f861a80f52f3422a2b77ea790e;hpb=f6f1a6d46c477dcc7f255d5e88a3dacd70301312;p=matches%2FMCTX3420.git diff --git a/server/fastcgi.c b/server/fastcgi.c index a94a5ba..0a6783f 100644 --- a/server/fastcgi.c +++ b/server/fastcgi.c @@ -35,9 +35,13 @@ */ static void IdentifyHandler(FCGIContext *context, char *params) { bool ident_sensors = false, ident_actuators = false; - bool has_control = FCGI_HasControl(context, getenv("COOKIE_STRING")); + char control_key[CONTROL_KEY_BUFSIZ]; + bool has_control; int i; + snprintf(control_key, CONTROL_KEY_BUFSIZ, "%s", getenv("COOKIE_STRING")); + has_control = FCGI_HasControl(context, control_key); + FCGIValue values[2] = {{"sensors", &ident_sensors, FCGI_BOOL_T}, {"actuators", &ident_actuators, FCGI_BOOL_T}}; if (!FCGI_ParseRequest(context, params, values, 2)) @@ -94,6 +98,7 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use // Get current time time_t now = time(NULL); bool expired = now - context->control_timestamp > CONTROL_TIMEOUT; + int i; // Can't lock control if: User not actually logged in (sanity), or key is still valid and the user is not an admin if (user_type == USER_UNAUTH || @@ -109,7 +114,7 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use // Generate a SHA1 hash for the user SHA_CTX sha1ctx; unsigned char sha1[20]; - int i = rand(); + i = rand(); SHA1_Init(&sha1ctx); SHA1_Update(&sha1ctx, &now, sizeof(now)); SHA1_Update(&sha1ctx, &i, sizeof(i)); @@ -117,25 +122,38 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use for (i = 0; i < sizeof(sha1); i++) sprintf(context->control_key + i * 2, "%02x", sha1[i]); - // Set the IP address + // Set the IPv4 address snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR")); + // Set the user name int uname_len = strlen(user_name); - if (snprintf(context->user_name, sizeof(context->user_name), "%s", user_name) < uname_len) - { - Log(LOGERR, "Username at %d characters too long (limit %d)", uname_len, sizeof(context->user_name)); + i = snprintf(context->user_name, sizeof(context->user_name), "%s", user_name); + if (i < uname_len) { + Log(LOGERR, "Username at %d characters too long (limit %d)", + uname_len, sizeof(context->user_name)); return false; // :-( } // Set the user type context->user_type = user_type; + + // Build the user directory + i = snprintf(context->user_dir, sizeof(context->user_dir), "%s/%s", + g_options.experiment_dir, context->user_name); + if (i >= sizeof(context->user_dir)) { + Log(LOGERR, "Experiment dir too long (required %d, limit %d)", + i, sizeof(context->user_dir)); + return false; + } + + Log(LOGDEBUG, "User dir: %s", context->user_dir); // Create directory - if (mkdir(user_name, 0777) != 0 && errno != EEXIST) + if (mkdir(context->user_dir, 0777) != 0 && errno != EEXIST) { - Log(LOGERR, "Couldn't create user directory %s/%s - %s", g_options.root_dir, user_name, strerror(errno)); + Log(LOGERR, "Couldn't create user directory %s - %s", + context->user_dir, strerror(errno)); return false; // :-( } - return true; // :-) } @@ -496,16 +514,17 @@ void * FCGI_RequestLoop (void *data) while (FCGI_Accept() >= 0) { ModuleHandler module_handler = NULL; - char module[BUFSIZ], params[BUFSIZ]; - //Don't need to copy if we're not modifying string contents - const char *cookie = getenv("COOKIE_STRING"); + char module[BUFSIZ], params[BUFSIZ], control_key[CONTROL_KEY_BUFSIZ]; //strncpy doesn't zero-truncate properly snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL")); snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING")); + //Hack to get the nameless cookie only + snprintf(control_key, CONTROL_KEY_BUFSIZ, "%s", getenv("COOKIE_STRING")); + Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params); - Log(LOGDEBUG, "Cookie: %s", cookie); + Log(LOGDEBUG, "Control key: %s", control_key); //Remove trailing slashes (if present) from module query @@ -543,7 +562,7 @@ void * FCGI_RequestLoop (void *data) //if (module_handler != Login_Handler && module_handler != IdentifyHandler && module_handler) if (false) // Testing { - if (!FCGI_HasControl(&context, cookie)) + if (!FCGI_HasControl(&context, control_key)) { FCGI_RejectJSON(&context, "Please login. Invalid control key."); continue;