int http_range_detected(HASH * head, char *range)
{
if (hash_exists(head, (UCHAR *) "Range", 5)) {
memset(range, '\0', BUF_SIZE);
strncpy(range, (char *)hash_get(head, (UCHAR *) "Range", 5),
BUF_OFF1);
return TRUE;
}
return FALSE;
}
static FPTREE * _construct_fpt(const char * infile, FPTREE * fpt, HashTable * item_dict, char sep){
FILE * fp = NULL;
if ((fp = fopen(infile,"r")) == NULL){
fprintf(stderr,"open input file failed\n");
return NULL;
}
char buffer[LINE_LEN];
char ** str_array = NULL;
int items[LINE_LEN];
int count = 0, item_no = 0, item_size_t = 0, line = 0;
while (NULL != fgets(buffer,LINE_LEN,fp)){
item_size_t = 0;
str_array = split(trim(buffer,3),sep,&count);
if (count < 3) {
goto str_free;
}
int t_count = atoi(str_array[count-1]);
for (int i = 0; i< count - 1; i++){
if (strlen(str_array[i]) < 6)
continue;
if (EXISTS == hash_exists(item_dict, str_array[i])){
hash_find(item_dict,str_array[i], &item_no);
items[item_size_t++] = item_no;
}
}
if (item_size_t > 1){
qsort(items, item_size_t, sizeof(items[0]), intcompare);
if (fpt->usindex + item_size_t >= fpt->nodespace){
fpt = _expend_fpt(fpt);
if (!fpt) {
fprintf(stderr, "expend fptree failed\n" );
return NULL;
}
fprintf(stderr, "expend fptree success\n" );
}
_insert_path(fpt, items, item_size_t, t_count);
}
str_free:
free(str_array[0]);
free(str_array);
if (++line % 100000 == 0){
fprintf(stderr,"%d lines insertion done\n", line);
}
}
fclose(fp);
return fpt;
}
static void _all_children(int n, FPTREE * fpt, HashTable * id_count_dict){
int stack[LINE_LEN], i = -1, pitem = -1, pop = 0, psupp = 0, id_count = 0;
do{
int ci = fpt->nodelist[n].ci;
if (ci != 0 && pop == 0){
pitem = fpt->nodelist[ci].item;
psupp = fpt->nodelist[ci].supp;
id_count = 0;
if (EXISTS == hash_exists(id_count_dict,pitem)){
hash_find(id_count_dict,pitem,&id_count);
}
id_count += psupp;
hash_add(id_count_dict,pitem,id_count);
stack[++i] = ci;
n = ci;
pop = 0;
}
else if (i >= 0){
n = stack[i--];
pop = 1;
int si = fpt->nodelist[n].si;
if (si != 0){
pitem = fpt->nodelist[si].item;
psupp = fpt->nodelist[si].supp;
id_count = 0;
if (EXISTS == hash_exists(id_count_dict,pitem)){
hash_find(id_count_dict,pitem,&id_count);
}
id_count += psupp;
hash_add(id_count_dict,pitem,id_count);
stack[++i] = si;
n = si;
pop = 0;
}
}
}while(i >= 0);
}
int http_resource_modified(char *filename, HASH * head, char *lastmodified)
{
str_gmttime(lastmodified, DATE_SIZE, file_mod(filename));
if (!hash_exists(head, (UCHAR *) "If-Modified-Since", 17)) {
return TRUE;
}
if (strcmp((char *)hash_get(head, (UCHAR *) "If-Modified-Since", 17),
lastmodified) != 0) {
return TRUE;
}
return FALSE;
}
void cache_put( UCHAR *session_id, int type ) {
ITEM *item_sk = NULL;
struct obj_key *sk = NULL;
if( hash_exists( _main->cache->hash, session_id, SHA_DIGEST_LENGTH) ) {
return;
}
sk = (struct obj_key *) myalloc( sizeof(struct obj_key), "cache_put" );
/* Session id */
memcpy( sk->session_id, session_id, SHA_DIGEST_LENGTH );
/* Multicast or Unicast */
sk->type = type;
/* Availability */
sk->time = time_add_1_min();
item_sk = list_put( _main->cache->list, sk );
hash_put( _main->cache->hash, sk->session_id, SHA_DIGEST_LENGTH, item_sk );
}
int http_keepalive(HASH * head, char *keepalive)
{
memset(keepalive, '\0', BUF_SIZE);
if (!hash_exists(head, (UCHAR *) "Connection", 10)) {
return HTTP_UNDEF;
}
if (strcasecmp((char *)hash_get(head, (UCHAR *) "Connection", 10),
"keep-alive") == 0) {
strncpy(keepalive, "Connection: keep-alive\r\n", BUF_OFF1);
return HTTP_KEEPALIVE;
}
if (strcasecmp((char *)hash_get(head, (UCHAR *) "Connection", 10),
"close") == 0) {
strncpy(keepalive, "Connection: close\r\n", BUF_OFF1);
return HTTP_CLOSE;
}
return HTTP_UNDEF;
}
int main(int ac, char **av, char **env)
{
char *hostname;
int is_command = 0;
int is_sftp = 0;
create_hash();
if (ac == 3 && av[1] != NULL && av[2] != NULL && strcmp("-c", av[1]) == 0
&& (strstr(av[2], "sftp-server") != NULL || strstr(av[2], "MySecureShell") != NULL))
is_sftp = 1;
else if (ac >= 3 && av[1] != NULL && av[2] != NULL && strcmp("-c", av[1]) == 0)
is_command = 1;
else
parse_args(ac, av);
hostname = get_ip(0);
(void) setenv("SSH_IP", hostname, 1);
free(hostname);
FileSpecInit();
load_config(0);
if (is_sftp == 1)
{
tGlobal *params;
char *ptr;
int max, fd, sftp_version;
hostname = get_ip(hash_get_int("ResolveIP"));
if (hostname == NULL)
{
perror("unable to resolve ip");
exit(16);
}
params = calloc(1, sizeof(*params));
if (params == NULL)
{
perror("unable to alloc memory");
exit(15);
}
ptr = hash_get("Home");
params->home = strdup(ptr == NULL ? "{error home}" : ptr);
ptr = hash_get("User");
params->user = strdup(ptr == NULL ? "{error user}" : ptr);
params->ip = strdup(hostname == NULL ? "{error ip}" : hostname);
params->portSource = get_port_client();
params->who = SftpWhoGetStruct(1);
if (params->who != NULL)
{
params->who->time_begin = (u_int32_t) time(0);
params->who->pid = (u_int32_t) getpid();
(void) strncat(params->who->home, params->home, sizeof(params->who->home) - 1);
(void) strncat(params->who->user, params->user, sizeof(params->who->user) - 1);
(void) strncat(params->who->ip, params->ip, sizeof(params->who->ip) - 1);
}
//check if the server is up and user is not admin
if ((fd = open(SHUTDOWN_FILE, O_RDONLY)) >= 0)
{
xclose(fd);
if (hash_get_int("IsAdmin") == 0 && hash_get_int("IsSimpleAdmin") == 0)
{
SftpWhoReleaseStruct(params->who);
delete_hash();
FileSpecDestroy();
exit(0);
}
}
max = hash_get_int("LogSyslog");
if (hash_get("LogFile") != NULL)
mylog_open(strdup(hash_get("LogFile")), max);
else
mylog_open(strdup(MSS_LOG), max);
if (params->who == NULL)
{
mylog_printf(MYLOG_ERROR, "[%s]Server '%s' reached maximum connexion (%i clients)",
hash_get("User"), hash_get("SERVER_IP"), SFTPWHO_MAXCLIENT);
SftpWhoReleaseStruct(NULL);
delete_hash();
FileSpecDestroy();
mylog_close_and_free();
exit(14);
}
max = hash_get_int("LimitConnectionByUser");
if (max > 0 && count_program_for_uid(hash_get("User")) > max)
{
mylog_printf(MYLOG_ERROR, "[%s]Too many connection for this account",
hash_get("User"));
SftpWhoReleaseStruct(params->who);
delete_hash();
FileSpecDestroy();
exit(10);
}
max = hash_get_int("LimitConnectionByIP");
if (max > 0 && count_program_for_ip(hostname) > max)
{
mylog_printf(MYLOG_ERROR, "[%s]Too many connection for this IP : %s",
hash_get("User"), hostname);
SftpWhoReleaseStruct(params->who);
delete_hash();
FileSpecDestroy();
exit(11);
}
max = hash_get_int("LimitConnection");
if (max > 0 && count_program_for_uid(NULL) > max)
{
mylog_printf(MYLOG_ERROR, "[%s]Too many connection for the server : %s",
hash_get("User"), hash_get("SERVER_IP"));
SftpWhoReleaseStruct(params->who);
delete_hash();
FileSpecDestroy();
exit(12);
}
if (hash_get_int("DisableAccount"))
{
mylog_printf(MYLOG_ERROR, "[%s]Account is closed", hash_get("User"));
SftpWhoReleaseStruct(params->who);
delete_hash();
FileSpecDestroy();
exit(13);
}
params->flagsGlobals
|= (hash_get_int("StayAtHome") ? SFTPWHO_STAY_AT_HOME : 0)
+ (hash_get_int("VirtualChroot") ? SFTPWHO_VIRTUAL_CHROOT : 0)
+ (hash_get_int("ResolveIP") ? SFTPWHO_RESOLVE_IP : 0)
+ (hash_get_int("IgnoreHidden") ? SFTPWHO_IGNORE_HIDDEN : 0)
+ (hash_get_int("DirFakeUser") ? SFTPWHO_FAKE_USER : 0)
+ (hash_get_int("DirFakeGroup") ? SFTPWHO_FAKE_GROUP : 0)
+ (hash_get_int("DirFakeMode") ? SFTPWHO_FAKE_MODE : 0)
+ (hash_get_int("HideNoAccess") ? SFTPWHO_HIDE_NO_ACESS : 0)
+ (hash_get_int("ByPassGlobalDownload") ? SFTPWHO_BYPASS_GLB_DWN : 0)
+ (hash_get_int("ByPassGlobalUpload") ? SFTPWHO_BYPASS_GLB_UPL : 0)
+ (hash_get_int("ShowLinksAsLinks") ? SFTPWHO_LINKS_AS_LINKS : 0)
+ (hash_get_int("IsAdmin") ? SFTPWHO_IS_ADMIN : 0)
+ (hash_get_int("IsSimpleAdmin") ? SFTPWHO_IS_SIMPLE_ADMIN : 0)
+ (hash_get_int("CanChangeRights") ? SFTPWHO_CAN_CHG_RIGHTS : 0)
+ (hash_get_int("CanChangeTime") ? SFTPWHO_CAN_CHG_TIME : 0)
+ (hash_get_int("CreateHome") ? SFTPWHO_CREATE_HOME : 0);
params->flagsDisable
= (hash_get_int("DisableRemoveDir") ? SFTP_DISABLE_REMOVE_DIR : 0)
+ (hash_get_int("DisableRemoveFile") ? SFTP_DISABLE_REMOVE_FILE : 0)
+ (hash_get_int("DisableReadDir") ? SFTP_DISABLE_READ_DIR : 0)
+ (hash_get_int("DisableReadFile") ? SFTP_DISABLE_READ_FILE : 0)
+ (hash_get_int("DisableWriteFile") ? SFTP_DISABLE_WRITE_FILE : 0)
+ (hash_get_int("DisableSetAttribute") ? SFTP_DISABLE_SET_ATTRIBUTE : 0)
+ (hash_get_int("DisableMakeDir") ? SFTP_DISABLE_MAKE_DIR : 0)
+ (hash_get_int("DisableRename") ? SFTP_DISABLE_RENAME : 0)
+ (hash_get_int("DisableSymLink") ? SFTP_DISABLE_SYMLINK : 0)
+ (hash_get_int("DisableOverwrite") ? SFTP_DISABLE_OVERWRITE : 0)
+ (hash_get_int("DisableStatsFs") ? SFTP_DISABLE_STATSFS : 0);
params->who->status |= params->flagsGlobals;
_sftpglobal->download_max = (u_int32_t) hash_get_int("GlobalDownload");
_sftpglobal->upload_max = (u_int32_t) hash_get_int("GlobalUpload");
if (hash_get_int("Download") > 0)
{
params->download_max = (u_int32_t) hash_get_int("Download");
params->who->download_max = params->download_max;
}
if (hash_get_int("Upload") > 0)
{
params->upload_max = (u_int32_t) hash_get_int("Upload");
params->who->upload_max = params->upload_max;
}
if (hash_get_int("IdleTimeOut") > 0)
params->who->time_maxidle = (u_int32_t) hash_get_int("IdleTimeOut");
if (hash_get_int("DirFakeMode") > 0)
params->dir_mode = (u_int32_t) hash_get_int("DirFakeMode");
sftp_version = hash_get_int("SftpProtocol");
if (hash_get_int("ConnectionMaxLife") > 0)
params->who->time_maxlife = (u_int32_t) hash_get_int("ConnectionMaxLife");
if (hash_get("ExpireDate") != NULL)
{
struct tm tm;
time_t currentTime, maxTime;
if (strptime((const char *) hash_get("ExpireDate"),
"%Y-%m-%d %H:%M:%S", &tm) != NULL)
{
maxTime = mktime(&tm);
currentTime = time(NULL);
if (currentTime > maxTime) //time elapsed
{
mylog_printf(MYLOG_ERROR, "[%s]Account has expired : %s",
hash_get("User"), hash_get("ExpireDate"));
SftpWhoReleaseStruct(params->who);
delete_hash();
mylog_close_and_free();
exit(15);
}
else
{ //check if expireDate < time_maxlife
currentTime = maxTime - currentTime;
if ((u_int32_t) currentTime < params->who->time_maxlife)
params->who->time_maxlife = (u_int32_t) currentTime;
}
} DEBUG((MYLOG_DEBUG, "[%s][%s]ExpireDate time to rest: %i",
params->who->user, params->who->ip, params->who->time_maxlife));
}
if (hash_exists("MaxOpenFilesForUser") == MSS_TRUE)
params->max_openfiles = hash_get_int("MaxOpenFilesForUser");
if (hash_exists("MaxReadFilesForUser") == MSS_TRUE)
params->max_readfiles = hash_get_int("MaxReadFilesForUser");
if (hash_exists("MaxWriteFilesForUser") == MSS_TRUE)
params->max_writefiles = hash_get_int("MaxWriteFilesForUser");
if (hash_get_int("MinimumRightsDirectory") > 0)
params->minimum_rights_directory = hash_get_int(
"MinimumRightsDirectory");
if (hash_get_int("MinimumRightsFile") > 0)
params->minimum_rights_file = hash_get_int("MinimumRightsFile");
if (hash_get_int("MaximumRightsDirectory") > 0)
params->maximum_rights_directory = hash_get_int(
"MaximumRightsDirectory");
else
params->maximum_rights_directory = 07777;
if (hash_get_int("MaximumRightsFile") > 0)
params->maximum_rights_file = hash_get_int("MaximumRightsFile");
else
params->maximum_rights_file = 07777;
if (hash_get_int("DefaultRightsDirectory") > 0)
params->default_rights_directory = hash_get_int("DefaultRightsDirectory");
else
params->default_rights_directory = 0755;
if (hash_get_int("DefaultRightsFile") > 0)
params->default_rights_file = hash_get_int("DefaultRightsFile");
else
params->default_rights_file = 0644;
if (hash_get_int("ForceRightsDirectory") > 0)
{
params->minimum_rights_directory = hash_get_int("ForceRightsDirectory");
params->maximum_rights_directory = params->minimum_rights_directory;
}
if (hash_get_int("ForceRightsFile") > 0)
{
params->minimum_rights_file = hash_get_int("ForceRightsFile");
params->maximum_rights_file = params->minimum_rights_file;
}
if (hash_get("ForceUser") != NULL)
params->force_user = strdup(hash_get("ForceUser"));
if (hash_get("ForceGroup") != NULL)
params->force_group = strdup(hash_get("ForceGroup"));
if (hash_get("Charset") != NULL)
setCharset(hash_get("Charset"));
if (hash_get("ApplyFileSpec") != NULL)
FileSpecActiveProfils(hash_get("ApplyFileSpec"), 0);
delete_hash();
if (hostname != NULL)
free(hostname);
params->current_user = getuid();
params->current_group = getgid();
return (SftpMain(params, sftp_version));
}
else
{
char *ptr;
if (getuid() != geteuid())
//if we are in utset byte mode then we restore user's rights to avoid security problems
{
if (seteuid(getuid()) == -1 || setegid(getgid()) == -1)
{
perror("revoke root rights");
exit(1);
}
}
ptr = hash_get("Shell");
if (ptr != NULL)
{
if (strcmp(ptr, av[0]) != 0)
{
av[0] = ptr;
if (is_command == 1)
{
size_t len = 0;
char **new_env;
char *cmd, *envVar;
int i;
for (i = 2; i < ac; i++)
len += strlen(av[i]);
cmd = malloc(len + ac + 1);
envVar = malloc(len + ac + 1 + 21);
cmd[0] = '\0';
for (i = 2; i < ac; i++)
{
if (i > 2)
strcat(cmd, " ");
strcat(cmd, av[i]);
}
av[2] = cmd;
av[3] = NULL;
strcpy(envVar, "SSH_ORIGINAL_COMMAND=");
strcat(envVar, cmd);
len = 0;
for (i = 0; env[i] != NULL; i++)
len++;
new_env = calloc(len + 2, sizeof(*new_env));
for (i = 0; i < len; i++)
new_env[i] = env[i];
new_env[len] = envVar;
(void) execve(av[0], av, new_env);
}
else
(void) execve(av[0], av, env);
perror("execute shell");
}
else
(void) fprintf(stderr, "You cannot specify MySecureShell has shell (in the MySecureShell configuration) !");
}
else
(void) fprintf(stderr, "Shell access is disabled !");
exit(1);
}
}
static int _buildHeader(const char* infile, FPTREE * fpt, HashTable * item_dict, char sep){
FILE * fp = NULL;
if ((fp = fopen(infile,"r")) == NULL){
fprintf(stderr,"open input file failed\n");
return -1;
}
char buffer[LINE_LEN];
char ** str_array = NULL;
int count = 0, item_count = 0;
int line = 0;
HashTable * tmp_dict = create_hashtable(5000000,char*,int);
while (NULL != fgets(buffer,LINE_LEN,fp)){
str_array = split(trim(buffer,3), sep ,&count);
if (count < 3){
goto str_free;
}
int t_count = atoi(str_array[count-1]);
for (int i = 0; i< count - 1; i++){
if (strlen(str_array[i]) < 6)
continue;
if (NOTEXISTS == hash_exists(tmp_dict,str_array[i])){
hash_add(tmp_dict,str_array[i],t_count);
}
else{
hash_find(tmp_dict,str_array[i],&item_count);
item_count += t_count;
hash_add(tmp_dict,str_array[i],item_count);
}
}
str_free:
free(str_array[0]);
free(str_array);
if (++line % 1000000 == 0){
fprintf(stderr,"load lines %d\n", line);
}
}
fclose(fp);
fprintf(stderr,"totle words %d\n", hash_num_elements(tmp_dict));
for (reset(tmp_dict); isnotend(tmp_dict); next(tmp_dict)){
char * key = skey(tmp_dict);
int item_sup = *((int*)value(tmp_dict));
if (item_sup >= fpt->minsup){
hash_add(item_dict,key,item_sup);
}
}
hash_free(tmp_dict); tmp_dict = NULL;
int item_size = 0;
fpt->headsize = item_size = hash_num_elements(item_dict);
fpt->header = (FPTLIST *)malloc(sizeof(FPTLIST) * item_size);
ItemCount * ic = (ItemCount*)malloc(sizeof(ItemCount) * item_size);
int i = 0;
for (reset(item_dict); isnotend(item_dict); next(item_dict)){
char * key = skey(item_dict);
int item_sup = *((int*)value(item_dict));
strncpy(ic[i].key,key,KEY_SIZE-1); ic[i].key[KEY_SIZE-1] = '\0';
ic[i].count = item_sup;
i += 1;
}
reset(item_dict);
qsort(ic,item_size,sizeof(ItemCount),itemcompare);
for (int i = 0; i< item_size; i++){
strncpy(fpt->header[i].itemname,ic[i].key,KEY_SIZE-1);
fpt->header[i].itemname[KEY_SIZE-1] = '\0';
fpt->header[i].supp = ic[i].count;
fpt->header[i].itemlink = 0;
hash_add(item_dict,ic[i].key,i);
}
free(ic);ic = NULL;
return 0;
}
