Changeset 8072

Timestamp:

Mar 17, 2009, 9:50:20 PM (14 years ago)

Author:

livings124

Message:

#1276 encrypt the password to access web client interface using SHA-2

Location:

trunk/libtransmission

Files:

• crypto.c (modified) (2 diffs)
• crypto.h (modified) (1 diff)
• rpc-server.c (modified) (5 diffs)
• session.c (modified) (2 diffs)
• transmission.h (modified) (1 diff)

trunk/libtransmission/crypto.c

@@ -20 +20 @@
 
 #include <openssl/bn.h>
+#include <openssl/des.h>
 #include <openssl/dh.h>
 #include <openssl/err.h>
@@ -350 +351 @@
 }
 
+/***
+****
+***/
+
+char*
+tr_crypt( const void * plaintext )
+{
+    static const char * salter = "0123456789"
+                                 "abcdefghijklmnopqrstuvwxyz"
+                                 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                                 "./";
+    static const size_t salter_len = 64;
+
+    int i;
+    char salt[12];
+
+    memcpy( salt, "$1$", 3 );
+    for( i=0; i<8; ++i )
+        salt[3+i] = salter[ tr_cryptoRandInt( salter_len ) ];
+    salt[11] = '\0';
+
+    return tr_strdup( DES_crypt( plaintext, salt ) );
+}

trunk/libtransmission/crypto.h

@@ -96 +96 @@
                                  size_t         len );
 
+char*          tr_crypt( const void * plaintext );
+
+
 #endif

trunk/libtransmission/rpc-server.c

@@ -30 +30 @@
 #include "transmission.h"
 #include "bencode.h"
+#include "crypto.h"
 #include "list.h"
 #include "platform.h"
@@ -314 +315 @@
         if( errno )
         {
-            send_simple_response( req, HTTP_NOTFOUND, NULL );
+            send_simple_response( req, HTTP_NOTFOUND, filename );
         }
         else
@@ -465 +466 @@
                 user = p;
                 *pass++ = '\0';
+                pass = tr_crypt( pass );
             }
         }
@@ -507 +509 @@
         else
         {
-            send_simple_response( req, HTTP_NOTFOUND, NULL );
-        }
-
+            send_simple_response( req, HTTP_NOTFOUND, req->uri );
+        }
+
+        tr_free( pass );
         tr_free( user );
     }
@@ -669 +672 @@
 {
     tr_free( server->password );
-    server->password = tr_strdup( password );
+    server->password = tr_crypt( password );
     dbgmsg( "setting our Password to [%s]", server->password );
 }

trunk/libtransmission/session.c

@@ -298 +298 @@
     tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_AUTH_REQUIRED,        tr_sessionIsRPCPasswordEnabled( s ) );
     tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_ENABLED,              tr_sessionIsRPCEnabled( s ) );
-    tr_bencDictAddStr( d, TR_PREFS_KEY_RPC_PASSWORD,             freeme[n++] = tr_sessionGetRPCPassword( s ) );
     tr_bencDictAddInt( d, TR_PREFS_KEY_RPC_PORT,                 tr_sessionGetRPCPort( s ) );
     tr_bencDictAddStr( d, TR_PREFS_KEY_RPC_USERNAME,             freeme[n++] = tr_sessionGetRPCUsername( s ) );
@@ -1455 +1454 @@
 }
 
-char*
-tr_sessionGetRPCPassword( const tr_session * session )
-{
-    assert( tr_isSession( session ) );
-
-    return tr_rpcGetPassword( session->rpcServer );
-}
-
 void
 tr_sessionSetRPCUsername( tr_session * session,

trunk/libtransmission/transmission.h

@@ -371 +371 @@
                                 const char * username );
 
-/** @brief get the password used to restrict RPC requests.
-    @return the password string. tr_free() when done.
-    @see tr_sessionInit()
-    @see tr_sessionSetRPCPassword() */
-char* tr_sessionGetRPCPassword( const tr_session * session );
-
 char* tr_sessionGetRPCUsername( const tr_session * session  );