From: Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Date: Sat, 22 Nov 2008 14:45:40 +0000 (+0000)
Subject: password file moved in Etc dir
X-Git-Tag: 3.0.0~200
X-Git-Url: https://mop.ddnsfree.com/gitweb/?a=commitdiff_plain;ds=sidebyside;h=09c75c33b6a297891cc3f4a0990a31003beab5b9;p=brisk.git

password file moved in Etc dir
---

diff --git a/web/Obj/auth.phh b/web/Obj/auth.phh
new file mode 100644
index 0000000..6515f00
--- /dev/null
+++ b/web/Obj/auth.phh
@@ -0,0 +1,369 @@
+<?php
+/*
+ *  brisk - auth.phh
+ *
+ *  Copyright (C) 2006-2008 Matteo Nastasi
+ *                          mailto: nastasi@alternativeoutput.it 
+ *                                  matteo.nastasi@milug.org
+ *                          web: http://www.alternativeoutput.it
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABLILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details. You should have received a
+ * copy of the GNU General Public License along with this program; if
+ * not, write to the Free Software Foundation, Inc, 59 Temple Place -
+ * Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+define(CHAL_SHM_DIMS_MIN, 16384);
+define(CHAL_SHM_DIMS_MAX, 65536);
+define(CHAL_SHM_DIMS_DLT, 16384);
+define(CHAL_VALID_TIME,      15);
+define(CHAL_GARBAGE_TIMEOUT,  5);
+
+class Challenge {
+  var $login;
+  var $token;
+  var $ip;
+  var $tstamp;
+
+  function Challenge($login, $token, $ip, $tstamp)
+  {
+    $this->login  = $login;
+    $this->token  = $token;
+    $this->ip     = $ip;
+    $this->tstamp = $tstamp + CHAL_VALID_TIME;
+  }
+}
+
+class Challenges {
+  var $item;
+  var $item_n;
+  var $mod;
+  var $shm_sz;
+
+  var $garbage_timeout;
+
+
+  function Challenges()
+  {
+    $this->item = array();
+    $this->item_n = 0;
+    $this->garbage_timeout = 0;
+    $this->mod = FALSE;
+  }
+
+  function add($login, $token, $ip, $tstamp) 
+  {
+    $chal = null;
+
+    // FIXME Checks here
+    if ($login == '') {
+      return ($G_false);
+    }
+
+
+    if (($chal = new Challenge($login, $token, $ip, $tstamp)) == null) {
+      return ($G_false);
+    }
+
+    $this->item[$this->item_n] = $chal;
+    $this->item_n++;
+
+    $this->mod = TRUE;
+
+    return ($chal);
+  }
+
+
+  /* remove all istances related to $login */
+
+  function rem($login)
+  {
+    $ismod  = FALSE;
+
+    for ($i = 0 ; $i < $this->item_n ; $i++) {
+      if ($this->item[$i]->login == $login) {
+        $ismod = TRUE;
+        for ($e = $i ; $e  < ($this->item_n - 1) ; $e++) {
+          $this->item[$e] = $this->item[$e + 1];
+        }
+        
+        $i--;
+        $this->item_n--;
+        unset($this->item[$this->item_n]);
+        $this->mod = TRUE;
+      }
+    }
+
+    return ($ismod);
+  }
+
+  function garbage_manager()
+  {
+    $curtime = time();
+
+    // FIXME remove set to 0
+    $this->garbage_timeout = 0;
+    if ($this->garbage_timeout > $curtime)
+      return (FALSE);
+
+    $ismod = FALSE;
+    
+    for ($i = 0 ; $i < $this->item_n ; $i++) {
+      log_auth("LOOPI item: ".$i." tstamp: ".$this->item[$i]->tstamp."  curtime: ".$curtime);
+      if ($this->item[$i]->tstamp < $curtime) {
+        for ($e = $i ; $e  < ($this->item_n - 1) ; $e++) {
+          $this->item[$e] = $this->item[$e + 1];
+        }
+        
+        $i--;
+        $this->item_n--;
+        log_auth("LOOPI unset: ".$this->item_n);
+        unset($this->item[$this->item_n]);
+        $ismod = TRUE;
+        $this->mod = TRUE;
+      }
+    }
+    
+    log_auth("LOOPI AFTER: ".count($this->item)." _n:" .$this->item_n );
+    
+    $this->garbage_timeout = $curtime + CHAL_GARBAGE_TIMEOUT;
+    
+    return ($ismod);
+  }
+  
+  function ismod()
+  {
+    return ($this->mod);
+  }
+
+  // Static functions
+  function &init_data()
+  {
+    $chal =& new Challenges();
+    
+    $chal->mod = TRUE;
+
+    return $chal;
+  }
+
+  function &load_data() 
+  {
+    GLOBAL $G_false, $sess;
+    $doexit = FALSE;
+    do {
+      if (($tok = @ftok(FTOK_PATH."/challenges", "B")) == -1) {
+	log_main("ftok failed");
+	$doexit = TRUE;
+	break;
+      }
+    
+      if (($shm_sz = sharedmem_sz($tok)) == -1) {
+	log_main("shmop_open failed");
+      }
+	
+      if ($shm_sz == -1)
+	$shm_sz = CHAL_SHM_DIMS_MIN;
+
+      if ($shm = shm_attach($tok, $shm_sz)) {
+	$chals = @shm_get_var($shm, $tok);
+	
+	log_only("challenges ==  ".($chals == FALSE ?   "FALSE" : "TRUE")."  challenges ===  ".($chals === FALSE ? "FALSE" : "TRUE")."  challenges isset ".(isset($chals) ?   "TRUE" : "FALSE"));
+	
+	if ($chals == FALSE) {
+	  log_only("INIT CHALLENGES DATA");
+	  
+	  $chals =& Challenges::init_data();
+	  if (@shm_put_var($shm, $tok, $chals) == FALSE) {
+	    log_only("PUT_VAR FALLITA ".strlen(serialize($chals)));
+	    log_only(serialize($chals));
+	  }
+	}
+	$chals->shm_sz = $shm_sz;
+	
+	shm_detach($shm);
+      }
+
+      $chals->garbage_manager();
+
+      $ret = &$chals;
+      return ($ret);
+    } while (0);
+    
+    if ($doexit)
+      exit();
+    
+    return ($G_false);
+  }
+  
+
+  function save_data(&$chals) 
+  {
+    $shm =   FALSE;
+    $oldmod = $chals->mod;
+
+    if (($tok = @ftok(FTOK_PATH."/challenges", "B")) == -1) 
+      return (FALSE);
+    
+    while ($chals->shm_sz < CHAL_SHM_DIMS_MAX) {
+      if (($shm = shm_attach($tok, $chals->shm_sz)) == FALSE)
+	break;
+      
+      if (isset($chals)) 
+        log_only("challenges count ".count($chals->item)."  _n: ".$chals->item_n);
+
+      $chals->mod = FALSE;
+      if (shm_put_var($shm, $tok, $chals) != FALSE) {
+	shm_detach($shm);
+	return (TRUE);
+      }
+      $chals->mod = $oldmod;
+
+      if (shm_remove($shm) === FALSE) {
+	log_only("REMOVE FALLITA");
+	break;
+      }
+      shm_detach($shm);
+      $chals->shm_sz += CHAL_SHM_DIMS_DLT;
+    } 
+
+    if ($shm)
+      shm_detach($shm);
+    
+    return (FALSE);
+  }
+
+  function lock_data()
+  {
+    if (($tok = @ftok(FTOK_PATH."/challenges", "B")) == -1) {
+      echo "FTOK FAILED";
+      exit;
+    }
+    // echo "FTOK ".$tok."<br>";
+    if (($res = sem_get($tok)) == FALSE) {
+      echo "SEM_GET FAILED";
+      exit;
+    }
+    if (sem_acquire($res)) {   
+      log_lock("LOCK challenges");
+      return ($res);
+    }
+    else
+      return (FALSE);
+  }
+  
+  function unlock_data($res)
+  {
+    GLOBAL $sess; 
+    
+    log_lock("UNLOCK challenges");
+
+    return (sem_release($res));
+  }
+} // End CLASS Challenges
+
+
+class LoginDBItem {
+  var $login;
+  var $pass;
+
+  function LoginDBItem($login, $pass)
+  {
+    $this->login = $login;
+    $this->pass  = $pass;
+  }
+}
+
+class LoginDB {
+  var $item;
+  var $item_n;
+
+  
+  function LoginDB()
+  {
+    GLOBAL $DOCUMENT_ROOT;
+    log_main("LoginDB create:start");
+
+    if (file_exists("$DOCUMENT_ROOT/Etc/brisk_auth.conf.pho")) {
+      require("$DOCUMENT_ROOT/Etc/brisk_auth.conf.pho");
+    }
+    else {
+      $this->item = array( new LoginDBItem("uno", md5("one")),
+                           new LoginDBItem("due", md5("two")),
+                           new LoginDBItem("a_b", md5("abb")),
+                           new LoginDBItem("tre", md5("three")) );
+    }
+    $this->item_n = count($this->item);
+    log_main("LoginDB create:end");
+  }
+
+  function login_exists($login)
+  {
+    log_main("login_verify");
+    
+    /* check the existence of the nick in the LoginDB */
+    for ($i = 0 ; $i < $this->item_n ; $i++) {
+      if (strcasecmp($this->item[$i]->login, $login) == 0) {
+        log_main("login[".$i."]: ".$this->item[$i]->login);
+        return (TRUE);
+      }
+    }
+    return (FALSE);
+  }
+
+  function login_verify($login, $pass)
+  {
+    $ret = FALSE;
+
+    log_main("login_verify");
+        
+    /* check the existence of the nick in the LoginDB */
+    for ($i = 0 ; $i < $this->item_n ; $i++) {
+      if (strcasecmp($this->item[$i]->login, $login) == 0) {
+        log_main("login[".$i."]: ".$this->item[$i]->login);
+
+        /* if it exists check for a valid challenge */
+        if (($a_sem = Challenges::lock_data()) != FALSE) { 
+          
+          if (($chals = &Challenges::load_data()) != FALSE) {
+            for ($e = 0 ; $e < $chals->item_n ; $e++) {
+              
+              log_main("challenge[".$i."]: ".$chals->item[$e]->login);
+              if (strcmp($login, $chals->item[$e]->login) == 0) {
+                log_main("login_verify [".$pass."] with [".md5($chals->item[$e]->token.$this->item[$i]->pass)."]");
+                  
+                if (strcmp($pass , md5($chals->item[$e]->token.$this->item[$i]->pass)) == 0) {
+                  log_main("login_verify SUCCESS for ".$login);
+   
+                  $chals->rem($login);
+                  $ret = TRUE;
+                  break;
+                }
+              }
+            } // end for ($e = 0 ...
+          }
+
+          if ($chals->ismod()) {
+            Challenges::save_data(&$chals);
+          }
+          
+          Challenges::unlock_data($a_sem);
+        }
+        break;
+      } //  if (strcasecmp($this->item[$i]->login, ...
+    }
+
+    return ($ret);
+  }
+} // End class LoginDB
+
+
+?>
\ No newline at end of file