UINT64 UploadOperation::getFileSize(const TCHAR *pathToFile) { UINT64 fileSize = 0; File file(pathToFile); if (file.isDirectory()) { UINT32 filesCount = 0; file.list(NULL, &filesCount); StringStorage *fileNames = new StringStorage[filesCount]; file.list(fileNames, NULL); for (UINT32 i = 0; i < filesCount; i++) { File subfile(pathToFile, fileNames[i].getString()); StringStorage pathToSubFile; subfile.getPath(&pathToSubFile); fileSize += getFileSize(pathToSubFile.getString()); } delete[] fileNames; } else { INT64 len = file.length(); if (len == -1) { fileSize = 0; } else { fileSize = (UINT64)len; } } return fileSize; }
std::vector<File> File::ls(File::NodeType filter, bool include_hidden) const { if(!(exists() && isDir())) return std::vector<File>(0); std::vector<std::string> files; Poco::File(fullPath()).list(files); std::list<File> nodes; for(auto it = files.begin(); it != files.end(); ++it) { File file = subfile(*it); NodeType nodeType = file.nodeType(); if(nodeType & filter) { if(!include_hidden && (nodeType & HIDDEN)) continue; nodes.push_back(file); } } std::vector<File> vecnodes; for(auto it = nodes.begin(); it != nodes.end(); ++it) vecnodes.push_back(*it); return vecnodes; }
bool FileTransferRequestHandler::getDirectorySize(const TCHAR *pathname, UINT64 *dirSize) { UINT64 currentDirSize = 0; UINT32 filesCount = 0; UINT32 dataSize = 0; File folder(pathname); // // Get files count // if (!folder.list(NULL, &filesCount)) { return false; } if (filesCount != 0) { std::vector<StringStorage> fileNames(filesCount); // // Get file names // folder.list(&fileNames.front(), NULL); for (UINT32 i = 0; i < filesCount; i++) { File subfile(pathname, fileNames[i].getString()); if (subfile.isDirectory()) { UINT64 subDirSize = 0; StringStorage subDirPath; subfile.getPath(&subDirPath); if (getDirectorySize(subDirPath.getString(), &subDirSize)) { currentDirSize += subDirSize; } // if it got sub directory size } else { currentDirSize += subfile.length(); } // if subfile is normal file } // for every subfile in file list } *dirSize = currentDirSize; return true; }
File File::operator/(Ogre::String const filename) const { return subfile(filename); }
int cosign_login_krb5( struct connlist *head, char *cosignname, char *id, char *realm, char *passwd, char *ip_addr, char *cookie, struct subparams *sp, char **msg ) { krb5_error_code kerror = 0; krb5_context kcontext; krb5_principal kprinc; krb5_principal sprinc; krb5_get_init_creds_opt kopts; krb5_verify_init_creds_opt kvic_opts[ 1 ]; krb5_creds kcreds; krb5_ccache kccache; krb5_keytab keytab = 0; char *tmpl = ERROR_HTML; char *sprinc_name = NULL; char ktbuf[ MAX_KEYTAB_NAME_LEN + 1 ]; char tmpkrb[ 16 ], krbpath [ MAXPATHLEN ]; int i; lcgi_configure(); if (( kerror = krb5_init_context( &kcontext ))) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Authentication Required ( kerberos error )"; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( kerror = krb5_parse_name( kcontext, id, &kprinc ))) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Authentication Required ( kerberos error )"; subfile( tmpl, sl, 0 ); exit( 0 ); } /* need to get realm out */ if ( realm == NULL || *realm == '\0' ) { if (( kerror = krb5_get_default_realm( kcontext, &realm )) != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Authentication Required " "( krb realm error )"; subfile( tmpl, sl, 0 ); exit( 0 ); } } if ( store_tickets ) { if ( mkcookie( sizeof( tmpkrb ), tmpkrb ) != 0 ) { sl[ SL_ERROR ].sl_data = "An unknown error occurred."; sl[ SL_TITLE ].sl_data = "Authentication Required (kerberos error)"; subfile( tmpl, sl, 0 ); exit( 0 ); } if ( snprintf( krbpath, sizeof( krbpath ), "%s/%s", ticket_path, tmpkrb ) >= sizeof( krbpath )) { sl[ SL_ERROR ].sl_data = "An unknown error occurred."; sl[ SL_TITLE ].sl_data = "Authentication Required (krbpath error)"; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( kerror = krb5_cc_resolve( kcontext, krbpath, &kccache )) != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Authentication Required (kerberos error)"; subfile( tmpl, sl, 0 ); exit( 0 ); } } krb5_get_init_creds_opt_init( &kopts ); krb5_get_init_creds_opt_set_tkt_life( &kopts, tkt_life ); krb5_get_init_creds_opt_set_renew_life( &kopts, 0 ); krb5_get_init_creds_opt_set_forwardable( &kopts, 1 ); krb5_get_init_creds_opt_set_proxiable( &kopts, 0 ); if (( kerror = krb5_get_init_creds_password( kcontext, &kcreds, kprinc, passwd, NULL, NULL, 0, NULL /*keytab */, &kopts ))) { if (( kerror == KRB5KRB_AP_ERR_BAD_INTEGRITY ) || ( kerror == KRB5KDC_ERR_PREAUTH_FAILED ) || ( kerror == KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN )) { return( COSIGN_CGI_ERROR ); /* draw login or reauth page */ } else if ( kerror == KRB5KDC_ERR_KEY_EXP ) { *msg = (char *)error_message( kerror ); return( COSIGN_CGI_PASSWORD_EXPIRED ); } else { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } } /* verify no KDC spoofing */ if ( *keytab_path != '\0' ) { if ( strlen( keytab_path ) > MAX_KEYTAB_NAME_LEN ) { sl[ SL_ERROR ].sl_data = "server configuration error"; sl[ SL_TITLE ].sl_data = "Ticket Verification Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } strcpy( ktbuf, keytab_path ); /* from mdw */ krb5_verify_init_creds_opt_init( kvic_opts ); krb5_verify_init_creds_opt_set_ap_req_nofail( kvic_opts, 1 ); if (( kerror = krb5_kt_resolve( kcontext, ktbuf, &keytab )) != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "KT Resolve Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } if ( cosign_princ ) { kerror = krb5_parse_name( kcontext, cosign_princ, &sprinc ); } else { kerror = krb5_sname_to_principal( kcontext, NULL, "cosign", KRB5_NT_SRV_HST, &sprinc ); } if ( kerror != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Server Principal Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( kerror = krb5_verify_init_creds( kcontext, &kcreds, sprinc, keytab, NULL, kvic_opts )) != 0 ) { if ( krb5_unparse_name( kcontext, sprinc, &sprinc_name ) == 0 ) { fprintf( stderr, "ticket verify error for " "user %s, keytab principal %s", id, sprinc_name ); free( sprinc_name ); } else { fprintf( stderr, "ticket verify error for user %s", id ); } sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "Ticket Verify Error"; subfile( tmpl, sl, 0 ); krb5_free_principal( kcontext, sprinc ); exit( 0 ); } (void)krb5_kt_close( kcontext, keytab ); krb5_free_principal( kcontext, sprinc ); } for ( i = 0; i < COSIGN_MAXFACTORS - 1; i++ ) { if ( new_factors[ i ] == NULL ) { new_factors[ i ] = strdup( realm ); new_factors[ i + 1 ] = NULL; break; } if ( strcmp( new_factors[ i ], realm ) == 0 ) { break; } } if ( sp->sp_reauth && sp->sp_ipchanged == 0 ) { return( COSIGN_CGI_OK ); } if ( store_tickets ) { if (( kerror = krb5_cc_initialize( kcontext, kccache, kprinc )) != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "CC Initialize Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( kerror = krb5_cc_store_cred( kcontext, kccache, &kcreds )) != 0 ) { sl[ SL_ERROR ].sl_data = (char *)error_message( kerror ); sl[ SL_TITLE ].sl_data = "CC Storing Error"; subfile( tmpl, sl, 0 ); exit( 0 ); } krb5_cc_close( kcontext, kccache ); } krb5_free_cred_contents( kcontext, &kcreds ); krb5_free_principal( kcontext, kprinc ); krb5_free_context( kcontext ); /* password has been accepted, tell cosignd */ if ( cosign_login( head, cookie, ip_addr, cosignname, realm, ( store_tickets ? krbpath : NULL )) < 0 ) { fprintf( stderr, "cosign_login_krb5: login failed\n") ; sl[ SL_ERROR ].sl_data = "We were unable to contact the " "authentication server. Please try again later."; sl[ SL_TITLE ].sl_data = "Error: Please try later"; subfile( tmpl, sl, 0 ); exit( 0 ); } return( COSIGN_CGI_OK ); }
int cosign_login_mysql( struct connlist *head, char *cosignname, char *id, char *realm, char *passwd, char *ip_addr, char *cookie, struct subparams *sp, char **msg ) { MYSQL_RES *res; MYSQL_ROW row; char sql[ 225 ]; /* holds sql query + email addr */ char *crypted, *p; char *tmpl = ERROR_HTML; int i; lcgi_configure(); if ( !mysql_real_connect( &friend_db, friend_db_name, friend_login, friend_passwd, "friend", 3306, NULL, 0 )) { fprintf( stderr, mysql_error( &friend_db )); sl[ SL_ERROR ].sl_data = "Unable to connect to guest account database."; sl[ SL_TITLE ].sl_data = "Database Problem"; subfile( tmpl, sl, 0 ); exit( 0 ); } /* Check for sql injection prior to username query */ for ( p = id; *p != '\0'; p++ ) { if (( isalpha( *p ) != 0 ) || (isdigit( *p ) != 0 )) { continue; } switch ( *p ) { case '@': case '_': case '-': case '.': continue; default: fprintf( stderr, "invalid username: %s %s\n", id, ip_addr ); sl[ SL_ERROR ].sl_data = "Provided login appears to be invalid"; sl[ SL_TITLE ].sl_data = "Invalid Input"; subfile( tmpl, sl, 0 ); exit( 0 ); } } if ( snprintf( sql, sizeof( sql ), "SELECT login, passwd" " FROM friend WHERE login = '******' AND passwd is NOT NULL", id ) >= sizeof( sql )) { fprintf( stderr, "invalid username: %s %s\n", id, ip_addr ); sl[ SL_ERROR ].sl_data = "Provided login appears to be invalid"; sl[ SL_TITLE ].sl_data = "Invalid Input"; subfile( tmpl, sl, 0 ); exit( 0 ); } if( mysql_real_query( &friend_db, sql, strlen( sql ))) { fprintf( stderr, mysql_error( &friend_db )); sl[ SL_ERROR ].sl_data = "Unable to query guest account database."; sl[ SL_TITLE ].sl_data = "Server Problem"; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( res = mysql_store_result( &friend_db )) == NULL ) { /* was there an error? NULL can be okay. */ if ( mysql_errno( &friend_db )) { fprintf( stderr, mysql_error( &friend_db )); sl[ SL_ERROR ].sl_data = "Problems connecting to the database."; sl[ SL_TITLE ].sl_data = "Database Connection Problem"; subfile( tmpl, sl, 0 ); exit( 0 ); } } if (( row = mysql_fetch_row( res )) == NULL ) { return( COSIGN_CGI_ERROR ); } /* crypt the user's password */ crypted = crypt( passwd, row[ 1 ] ); if ( strcmp( crypted, row[ 1 ] ) != 0 ) { mysql_free_result( res ); mysql_close( &friend_db ); /* this is a valid friend account but password failed */ return( COSIGN_CGI_ERROR ); } mysql_free_result( res ); mysql_close( &friend_db ); for ( i = 0; i < COSIGN_MAXFACTORS - 1; i++ ) { if ( new_factors[ i ] == NULL ) { new_factors[ i ] = "friend"; new_factors[ i + 1 ] = NULL; break; } if ( strcmp( new_factors[ i ], "friend" ) == 0 ) { break; } } if ( sp->sp_reauth && sp->sp_ipchanged == 0 ) { return( COSIGN_CGI_OK ); } if ( cosign_login( head, cookie, ip_addr, cosignname, realm, NULL ) < 0 ) { fprintf( stderr, "cosign_login_mysql: login failed\n" ) ; sl[ SL_ERROR ].sl_data = "We were unable to contact the " "authentication server. Please try again later."; sl[ SL_TITLE ].sl_data = "Error: Please try later"; subfile( tmpl, sl, 0 ); exit( 0 ); } return( COSIGN_CGI_OK ); }
PSFTags PSFLoader::LoadInternal(uint8 version, uint32 max_exe_size, MDFNFILE *fp, uint32 level, bool force_ignore_pcsp) { uint32 reserved_size, compressed_size, compressed_crc32; bool _lib_present = false; PSFTags tags; std::vector<uint8> decompress_buffer; uLongf decompress_len; if(!TestMagic(version, fp)) throw(MDFN_Error(0, _("Not a PSF(version=0x%02x) file!"), version)); reserved_size = MDFN_de32lsb(fp->data + 4); compressed_size = MDFN_de32lsb(fp->data + 8); compressed_crc32 = MDFN_de32lsb(fp->data + 12); if(fp->size < (16 + reserved_size + compressed_size)) throw(MDFN_Error(0, _("PSF is missing at least %u bytes of data!"), 16 + reserved_size + compressed_size - fp->size)); if(crc32(0, fp->data + 16 + reserved_size, compressed_size) != compressed_crc32) throw(MDFN_Error(0, _("PSF compressed CRC32 mismatch(data is corrupt)!"))); { const uint8 *tag_section = fp->data + 16 + reserved_size + compressed_size; uint32 tag_section_size = fp->size - 16 - reserved_size - compressed_size; if(tag_section_size > 5 && !memcmp(tag_section, "[TAG]", 5)) tags.LoadTags(tag_section + 5, tag_section_size - 5); } // // Handle minipsf simple _lib // if(level < 15) { if(tags.TagExists("_lib")) { std::string tp = tags.GetTag("_lib"); if(!MDFN_IsFIROPSafe(tp)) { throw(MDFN_Error(0, _("Referenced path \"%s\" is potentially unsafe. See \"filesys.untrusted_fip_check\" setting."), tp.c_str())); } MDFNFILE subfile(MDFN_MakeFName(MDFNMKF_AUX, 0, tp.c_str()).c_str(), NULL, NULL); LoadInternal(version, max_exe_size, &subfile, level + 1); _lib_present = true; } } // // // decompress_buffer.resize(max_exe_size); decompress_len = max_exe_size; switch( uncompress((Bytef *)&decompress_buffer[0], &decompress_len, (const Bytef *)(fp->data + 16 + reserved_size), compressed_size) ) { default: throw(MDFN_Error(0, "zlib unknown error")); case Z_OK: break; case Z_MEM_ERROR: throw(MDFN_Error(0, "zlib Z_MEM_ERROR")); case Z_BUF_ERROR: throw(MDFN_Error(0, _("PSF decompressed size exceeds maximum allowed!"))); case Z_DATA_ERROR: throw(MDFN_Error(0, _("PSF compressed data is bad."))); } HandleReserved(fp->data + 16, reserved_size); HandleEXE(&decompress_buffer[0], decompress_len, force_ignore_pcsp | _lib_present); decompress_buffer.resize(0); // // handle libN // if(level < 15) { for(unsigned int n = 2; n <= INT_MAX; n++) { char tmpbuf[32]; trio_snprintf(tmpbuf, 32, "_lib%d", (int)n); if(tags.TagExists(tmpbuf)) { MDFNFILE subfile(MDFN_MakeFName(MDFNMKF_AUX, 0, tags.GetTag(tmpbuf).c_str()).c_str(), NULL, NULL); LoadInternal(version, max_exe_size, &subfile, level + 1, true); } else break; } } return(tags); }
int main( int argc, char *argv[] ) { CGIHANDLE *cgi; char *tmpl = VERIFY_LOGOUT; char *cookie = NULL, *data, *ip_addr, *qs; char *method = NULL; struct connlist *head; char *script; if ( argc == 2 && ( strncmp( argv[ 1 ], "-V", 2 ) == 0 )) { printf( "%s\n", cosign_version ); exit( 0 ); } if (( cosign_conf = getenv( "COSIGN_CGI_CONF" )) == NULL ) { cosign_conf = _COSIGN_CONF; } if ( cosign_config( cosign_conf ) < 0 ) { fprintf( stderr, "Couldn't read %s\n", cosign_conf ); exit( 1 ); } logout_configure(); if ( chdir( tmpldir ) < 0 ) { perror( tmpldir ); exit( 1 ); } if (( ip_addr = getenv( "REMOTE_ADDR" )) == NULL ) { sl[ SL_TITLE ].sl_data = "Error: Server Error"; sl[ SL_ERROR ].sl_data = "REMOTE_ADDR not set"; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( script = getenv( "SCRIPT_NAME" )) == NULL ) { sl[ SL_TITLE ].sl_data = "Error: Server Error"; sl[ SL_ERROR ].sl_data = "SCRIPT_NAME not set"; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } if (( method = getenv( "REQUEST_METHOD" )) == NULL ) { sl[ SL_TITLE ].sl_data = "Error: Server Error"; sl[ SL_ERROR ].sl_data = "REQUEST_METHOD not set"; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } if ( strcmp( method, "GET" ) == 0 ) { /* this is not a POST, display verify screen */ if ((( qs = getenv( "QUERY_STRING" )) != NULL ) && ( *qs != '\0' ) && ( strncmp( qs, "http", 4 ) == 0 )) { /* query string looks like a url, preserve it */ if ( logout_url_check( qs ) == 0 ) { /* * url matches admin-defined safe redirect URL pattern. * we don't really care if strdup fails here, as subfile * will do the right thing and skip the URL substitution * if sl_data is NULL. sl_data is not freed because we * exit immediately. */ sl[ SL_URL ].sl_data = strdup( qs ); } /* if url check fails, default logout URL will be used */ } sl[ SL_TITLE ].sl_data = "Logout Requested"; subfile ( tmpl, sl, 0 ); exit( 0 ); } if (( cgi = cgi_init()) == NULL ){ sl[ SL_TITLE ].sl_data = "Error: Server Error"; sl[ SL_ERROR ].sl_data = "cgi_init failed"; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } if ( cgi_post( cgi, cl ) != 0 ) { /* an actual logout must be the result of a POST, see? */ fprintf( stderr, "%s: cgi_post failed\n", script ); exit( 1 ); } if ( cl[ CL_URL ].cl_data != NULL ) { /* oh the places you'll go */ if ( strncmp( cl[ CL_URL ].cl_data, "http", 4 ) == 0 ) { if ( logout_url_check( cl[ CL_URL ].cl_data ) == 0 ) { sl[ SL_URL ].sl_data = cl[ CL_URL ].cl_data; } } } /* * Check that the 'Verify' post was sent. If not, display the verify * screen again. */ if ( cl[ CL_VERIFY ].cl_data == NULL ) { sl[ SL_TITLE ].sl_data = "Logout Requested (again?)"; subfile ( tmpl, sl, 0 ); exit( 0 ); } /* read user's cosign cookie and LOGOUT */ if (( data = getenv( "HTTP_COOKIE" )) != NULL ) { cookie = strtok( data, ";" ); if ( cookie != NULL && strncmp( cookie, "cosign=", 7 ) != 0 ) { while (( cookie = strtok( NULL, ";" )) != NULL ) { if ( *cookie == ' ' ) ++cookie; if ( strncmp( cookie, "cosign=", 7 ) == 0 ) { break; } } } } /* only the cosign= cookie and not the loop breaking info */ if ( cookie != NULL ) (void)strtok( cookie, "/" ); /* clobber the cosign cookie */ fputs( "Expires: Mon, 16 Apr 1973 13:10:00 GMT\n" "Last-Modified: Mon, 16 Apr 1973 13:10:00 GMT\n" "Cache-Control: no-store, no-cache, must-revalidate\n" "Cache-Control: pre-check=0, post-check=0, max-age=0\n" "Pragma: no-cache\n", stdout ); fputs( "Set-Cookie: cosign=null; path=/; expires=Wednesday, 16-Apr-73 02:10:00 GMT; secure\n", stdout ); /* setup conn and ssl and hostlist to tell cosignd we're logged out */ if (( head = connlist_setup( cosign_host, cosign_port )) == NULL ) { sl[ SL_TITLE ].sl_data = "Server Configuration Error"; sl[ SL_ERROR ].sl_data = "We were unable to contact the " "authentication server. Please quit your web browser " "to complete logout."; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } SSL_load_error_strings(); SSL_library_init(); if ( cosign_ssl( cryptofile, certfile, cadir, &ctx )) { sl[ SL_TITLE ].sl_data = "Server Configuration Error"; sl[ SL_ERROR ].sl_data = "Failed to initialise connections to " "the authentication server. Please quit your browser to " "complete logout."; tmpl = ERROR_HTML; subfile( tmpl, sl, 0 ); exit( 0 ); } if ( cookie != NULL ) { if ( cosign_logout( head, cookie, ip_addr ) < 0 ) { fprintf( stderr, "%s: logout failed\n", script ) ; /* the user doesn't care that logout failed, as long as the cookie gets expired. We could log user's IP and cookie string in the error log, but I think that's just useless noise so I'm going to just ignore this case altogether. -- clunis */ } } printf( "Location: %s\n\n", sl[ SL_URL ].sl_data ); exit( 0 ); }