bool IHomeSession:: Auth(Request *req,int sock) { TiXmlString user; TiXmlString pass; char passwd[33]; if(!TinyXPath::o_xpath_string(root,"/REQUEST/USER/text()",user) || !TinyXPath::o_xpath_string(root,"/REQUEST/PASS/text()",pass)) { SendResponse(req,ERR_USER_PASS,sock); return false; } const char *ptr = config.GetKeyValue("password"); int len = strlen(ptr); MD5Encode((void *)ptr,len,passwd); if(strcmp(user.c_str(),config.GetKeyValue("username")) == 0 && strcmp(pass.c_str(),passwd) == 0) { authOK = true; SendResponse(req,RESPONSE_OK,sock); log.Log("SES",DEBUG,"User %s login success %d",user.c_str(),sock); return true; //发送一个成功的应答 } //发送一个认证失败 SendResponse(req,1,sock); log.Log("SES",DEBUG,"User %s login failed",user.c_str()); return true; }
void load_user() { ifstream f; int tmp, i; f.open("user.txt"); if (!f) { User new_user; new_user.id = 0; new_user.username = "******"; char *passwd = "admin"; new_user.password = MD5Encode(passwd); user.clear(); user.push_back(new_user); username_id = 0; save_user(); } else { f >> tmp; for (i = 0; i < tmp; i++) { User new_user; f >> new_user.id >> new_user.username >> new_user.password; user.push_back(new_user); } } f.close(); }
//3. 修改配置项 bool SConfig::ModifyKey(const char *key, const char *value) { log.Log("SConfig::ModifyKey",COMMON,"修改配置项"); ConfigNode *p = head->next; char passwd[32]; while(p) { if(strncmp(key,p->key,strlen(p->key)) == 0) { memset(p->value,0,sizeof(p->value)); if(strcmp(key,"passwd")==0) { MD5Encode((void *)value,strlen(value),passwd); strcpy(p->value,passwd); } else { strcpy(p->value,value); } log.Log("SConfig::ModifyKey",COMMON,"修改配置项成功"); return true; } p = p->next; } log.Log("SConfig::ModifyKey",WARNING,"修改配置项失败"); return false; }
/* * AddPassword: Prompts the user for a password * and adds the entry in the file * user:crpytofpassword:md5hash(user:realm:password) */ static void AddPassword(char *user, char* realm, FILE *f) { char *pw, *crpw, cpw[120], salt[9], *dpw; int len = 0, i = 0, crpwLen = 0; char *checkw; pw = CopyString((char *) getpass("New password:"******"Password cannot be blank, sorry.\n"); delete(checkw); CleanupAndExit(); } delete(checkw); if (strcmp(pw, (char *) getpass("Re-type new password:"******"They don't match, sorry.\n"); CleanupAndExit(); } (void) srand((int) time((time_t *) NULL)); to64(&salt[0], rand(), 8); salt[8] = '\0'; #ifdef __Win32__ MD5Encode((char *)pw, (char *)salt, cpw, sizeof(cpw)); #else crpw = (char *)crypt(pw, salt); // cpw is crypt of password crpwLen = ::strlen(crpw); strncpy(cpw, crpw, crpwLen); cpw[crpwLen] = '\0'; #endif dpw = (char *)Digest(user, pw, realm); // dpw is digest of password qtss_fprintf(f, "%s:%s:%s\n", user, cpw, dpw); free(pw); // Do after cpw and dpw are used. }
int check_user(string username, string password) { for (auto tmp : user) { char *passwd = new char[255]; int i; for (i = 0; i <= password.length(); i++) passwd[i] = password[i]; passwd[i] = '\0'; if (tmp.username == username && tmp.password == MD5Encode(passwd)) { username_id = tmp.id; return 1; } } return 0; }
/* * AddPasswordWithoutPrompt: Adds the entry in the file * user:crpytofpassword:md5hash(user:realm:password) */ static void AddPasswordWithoutPrompt(char *user, char* password, char* realm, FILE *f) { char salt[9]; (void) srand((int) time((time_t *) NULL)); to64(&salt[0], rand(), 8); salt[8] = '\0'; char cpw[120], *dpw; int crpwLen = 0; #ifdef __Win32__ MD5Encode((char *)password, (char *)salt, cpw, sizeof(cpw)); #else char *crpw = (char *)crypt(password, salt); // cpw is crypt of password crpwLen = ::strlen(crpw); strncpy(cpw, crpw, crpwLen); cpw[crpwLen] = '\0'; #endif dpw = (char *)Digest(user, password, realm); // dpw is digest of password qtss_fprintf(f, "%s:%s:%s\n", user, cpw, dpw); }
//----------------------------------------------------------------------------------------------------------------// //-------------------------------------------------处理特定字符---------------------------------------------------// //----------------------------------------------------------------------------------------------------------------// std::string SM::HandleSecret() { ZBase64 ecode; int OutPut = 0; std::string Secret = "d3d3LjEwMDByZS5jb20="; Secret = ecode.Decode(Secret.c_str(), Secret.length(), OutPut); Secret = MD5Encode((char*)Secret.c_str()); /*int len = Secret.length(); char* p = (char*)Secret.c_str(); std::string res(""); for(int idx = 0; idx < len; ++idx) { if(*p == '\') { res += "\\"; } else { res += *p; } }*/ return Secret; }
Bool16 Authenticate(QTSS_RTSPRequestObject request, StrPtrLen* namePtr, StrPtrLen* passwordPtr) { Bool16 authenticated = true; char* authName = namePtr->GetAsCString(); OSCharArrayDeleter authNameDeleter(authName); QTSS_ActionFlags authAction = qtssActionFlagsAdmin; // authenticate callback to retrieve the password QTSS_Error err = QTSS_Authenticate(authName, sAuthResourceLocalPath, sAuthResourceLocalPath, authAction, qtssAuthBasic, request); if (err != QTSS_NoErr) { return false; // Couldn't even call QTSS_Authenticate...abandon! } // Get the user profile object from the request object that was created in the authenticate callback QTSS_UserProfileObject theUserProfile = NULL; UInt32 len = sizeof(QTSS_UserProfileObject); err = QTSS_GetValue(request, qtssRTSPReqUserProfile, 0, (void*)&theUserProfile, &len); Assert(len == sizeof(QTSS_UserProfileObject)); if (err != QTSS_NoErr) authenticated = false; if(err == QTSS_NoErr) { char* reqPassword = passwordPtr->GetAsCString(); OSCharArrayDeleter reqPasswordDeleter(reqPassword); char* userPassword = NULL; (void) QTSS_GetValueAsString(theUserProfile, qtssUserPassword, 0, &userPassword); OSCharArrayDeleter userPasswordDeleter(userPassword); if(userPassword == NULL) { authenticated = false; } else { #ifdef __Win32__ // The password is md5 encoded for win32 char md5EncodeResult[120]; MD5Encode(reqPassword, userPassword, md5EncodeResult, sizeof(md5EncodeResult)); if(::strcmp(userPassword, md5EncodeResult) != 0) authenticated = false; #else if(::strcmp(userPassword, (char*)crypt(reqPassword, userPassword)) != 0) authenticated = false; #endif } } char* realm = NULL; Bool16 allowed = true; //authorize callback to check authorization // allocates memory for realm err = QTSS_Authorize(request, &realm, &allowed); // QTSS_Authorize allocates memory for the realm string // we don't use the realm returned by the callback, but instead // use our own. // delete the memory allocated for realm because we don't need it! OSCharArrayDeleter realmDeleter(realm); if(err != QTSS_NoErr) { qtss_printf("QTSSAdminModule::Authenticate: QTSS_Authorize failed\n"); return false; // Couldn't even call QTSS_Authorize...abandon! } if(authenticated && allowed) return true; return false; }
//----------------------------------------------------------------------------------------------------------------// //------------------------------------------------获取MAC地址-----------------------------------------------------// //----------------------------------------------------------------------------------------------------------------// std::string SM::GetMacCode() { /*IP_ADAPTER_INFO adapter[5]; //Maximum 5 adapters DWORD buflen=sizeof(adapter); DWORD status=GetAdaptersInfo(adapter,&buflen); BYTE s[8]; if(status==ERROR_SUCCESS) { PIP_ADAPTER_INFO painfo=adapter; memcpy(s,painfo->Address,6); } char mac_addr[18]; sprintf(mac_addr,"%02X-%02X-%02X-%02X-%02X-%02X",s[0],s[1],s[2],s[3],s[4],s[5]); return mac_addr; */ std::string Temp; //PIP_ADAPTER_INFO结构体指针存储本机网卡信息 PIP_ADAPTER_INFO pIpAdapterInfo = new IP_ADAPTER_INFO(); //得到结构体大小,用于GetAdaptersInfo参数 unsigned long stSize = sizeof(IP_ADAPTER_INFO); //调用GetAdaptersInfo函数,填充pIpAdapterInfo指针变量;其中stSize参数既是一个输入量也是一个输出量 int nRel = GetAdaptersInfo(pIpAdapterInfo,&stSize); //记录网卡数量 int netCardNum = 0; //记录每张网卡上的IP地址数量 int IPnumPerNetCard = 0; if (ERROR_BUFFER_OVERFLOW == nRel) { //如果函数返回的是ERROR_BUFFER_OVERFLOW //则说明GetAdaptersInfo参数传递的内存空间不够,同时其传出stSize,表示需要的空间大小 //这也是说明为什么stSize既是一个输入量也是一个输出量 //释放原来的内存空间 delete pIpAdapterInfo; //重新申请内存空间用来存储所有网卡信息 pIpAdapterInfo = (PIP_ADAPTER_INFO)new BYTE[stSize]; //再次调用GetAdaptersInfo函数,填充pIpAdapterInfo指针变量 nRel=GetAdaptersInfo(pIpAdapterInfo,&stSize); } if (ERROR_SUCCESS == nRel) { //输出网卡信息 //可能有多网卡,因此通过循环去判断 while (pIpAdapterInfo) { /* std::cout<<"网卡数量:"<<++netCardNum<<std::endl; std::cout<<"网卡名称:"<<pIpAdapterInfo->AdapterName<<std::endl; std::cout<<"网卡描述:"<<pIpAdapterInfo->Description<<std::endl; switch(pIpAdapterInfo->Type) { case MIB_IF_TYPE_OTHER: std::cout<<"网卡类型:"<<"OTHER"<<std::endl; break; case MIB_IF_TYPE_ETHERNET: std::cout<<"网卡类型:"<<"ETHERNET"<<std::endl; break; case MIB_IF_TYPE_TOKENRING: std::cout<<"网卡类型:"<<"TOKENRING"<<std::endl; break; case MIB_IF_TYPE_FDDI: std::cout<<"网卡类型:"<<"FDDI"<<std::endl; break; case MIB_IF_TYPE_PPP: printf("PP\n"); std::cout<<"网卡类型:"<<"PPP"<<std::endl; break; case MIB_IF_TYPE_LOOPBACK: std::cout<<"网卡类型:"<<"LOOPBACK"<<std::endl; break; case MIB_IF_TYPE_SLIP: std::cout<<"网卡类型:"<<"SLIP"<<std::endl; break; default: break; }*/ //std::cout<<"网卡MAC地址:"; //for (DWORD i = 0; i < pIpAdapterInfo->AddressLength; i++) /*if (i < pIpAdapterInfo->AddressLength-1) { printf("%02X-", pIpAdapterInfo->Address[i]); } else { printf("%02X\n", pIpAdapterInfo->Address[i]); }*/ char mac_addr[18]; sprintf(mac_addr,"%02X%02X%02X%02X%02X%02X",pIpAdapterInfo->Address[0],pIpAdapterInfo->Address[1],pIpAdapterInfo->Address[2],pIpAdapterInfo->Address[3],pIpAdapterInfo->Address[4],pIpAdapterInfo->Address[5]); Temp = Temp + (mac_addr); //std::count<<ss<<std::endl; //std::cout<<"网卡IP地址如下:"<<std::endl; //可能网卡有多IP,因此通过循环去判断 //IP_ADDR_STRING *pIpAddrString =&(pIpAdapterInfo->IpAddressList); /* do { std::cout<<"该网卡上的IP数量:"<<++IPnumPerNetCard<<std::endl; std::cout<<"IP 地址:"<<pIpAddrString->IpAddress.String<<std::endl; std::cout<<"子网地址:"<<pIpAddrString->IpMask.String<<std::endl; std::cout<<"网关地址:"<<pIpAdapterInfo->GatewayList.IpAddress.String<<std::endl; pIpAddrString=pIpAddrString->Next; } while (pIpAddrString);*/ pIpAdapterInfo = pIpAdapterInfo->Next; //std::cout<<"--------------------------------------------------------------------"<<std::endl; } } //释放内存空间 if (pIpAdapterInfo) { delete pIpAdapterInfo; } //取数处理 Temp = MD5Encode((char*)Temp.c_str()); Temp = Temp.assign(Temp, 0 ,8); return Temp; }
void add_user(string command) { stringstream command_stream(command); string subcommand, username, password, c_password; command_stream >> subcommand; command_stream >> username; int i = 0; if (username_id != 0) { cout << "You don't have permission to create a user" << endl; return; } if (user.size() == 8) { cout << "User full" << endl; return; } while (i < 3) { cout << "password:"******"retype password:"******"Sorry, passwords do not match." << endl; i++; } else break; } if (i == 3) { cout << "Have exhausted maximum number of retries for service." << endl; return; } User new_user; new_user.id = user.size(); new_user.username = username; char *passwd = new char[255]; for (i = 0; i <= password.length(); i++) passwd[i] = password[i]; passwd[i] = '\0'; new_user.password = MD5Encode(passwd); user.push_back(new_user); cout << "user " << username << " add successfully" << endl; save_user(); }
void change_password(string command) { stringstream command_stream(command); string subcommand, username, password, c_password; command_stream >> subcommand; command_stream >> username; int j = 0; int num; for (num = 0; num < user.size(); num++) { if (user[num].username == username) break; } if (num == user.size()) { cout << "Username no fount" << endl; return; } if (username_id != 0 && username_id != num) { cout << "You can't change other's password" << endl; return; } int i = 0; while (i < 3) { cout << "password:"******"retype password:"******"Sorry, passwords do not match." << endl; i++; } else break; } if (i == 3) { cout << "Have exhausted maximum number of retries for service." << endl; return; } char *passwd = new char[255]; for (i = 0; i <= password.length(); i++) passwd[i] = password[i]; passwd[i] = '\0'; user[num].password = MD5Encode(passwd); save_user(); cout << "password changed successfully" << endl; }
void delete_user(string command) { if (username_id != 0) { cout << "You don't have permission to delete user" << endl; return; } stringstream command_stream(command); string subcommand, username, password; command_stream >> subcommand; command_stream >> username; int j = 0; if (username == "admin") { cout << "You can't delete admin user" << endl; return; } int num; for (num = 0; num < user.size(); num++) { if (user[num].username == username) break; } if (num == user.size()) { cout << "Username no fount" << endl; return; } while (j < 3) { cout << "Please enter admin password to confirm:"; char t; while ((t = _getch()) != '\r') { if (t == '\b') { password = password.substr(0, password.length() - 1); } else password += t; } cout << endl; char *passwd = new char[255]; int i; for (i = 0; i <= password.length(); i++) passwd[i] = password[i]; passwd[i] = '\0'; if (user[username_id].password == MD5Encode(passwd)) break; cout << "Password error. "; j++; } if (j == 3) { cout << "Have exhausted maximum number of retries for service." << endl; return; } vector<User>::iterator it; it = user.begin() + num; user.erase(it); save_user(); cout << "User " << username << " delete successfully" << endl; }