int main(int argc, char ** argv) { /* TODO: uname() */ char * _uname = malloc(sizeof(char) * 1024); syscall_kernel_string_XXX(_uname); fprintf(stdout, "\n%s\n\n", _uname); syscall_signal(2, sig_int); syscall_signal(11, sig_segv); while (1) { char * username = malloc(sizeof(char) * 1024); char * password = malloc(sizeof(char) * 1024); /* TODO: gethostname() */ char _hostname[256]; syscall_gethostname(_hostname); fprintf(stdout, "%s login: "******"password: \033[1001z"); fflush(stdout); fgets(password, 1024, stdin); password[strlen(password)-1] = '\0'; fprintf(stdout, "\033[1002z\n"); int uid = checkUserPass(username, password); if (uid < 0) { fprintf(stdout, "\nLogin failed.\n"); continue; } pid_t pid = getpid(); uint32_t f = fork(); if (getpid() != pid) { /* TODO: Read appropriate shell from /etc/passwd */ char * args[] = { "/bin/esh", NULL }; syscall_setuid(uid); int i = execve(args[0], args, NULL); } else { child = f; syscall_wait(f); } child = 0; free(username); free(password); } return 0; }
int main (int argc, char ** argv) { init_sprite_png(0, "/usr/share/logo_login.png"); init_shmemfonts(); while (1) { syscall_print("Setup...\n"); setup_windowing(); int width = wins_globals->server_width; int height = wins_globals->server_height; win_width = width; win_height = height; /* Do something with a window */ window_t * wina = window_create(0,0, width, height); assert(wina); window_reorder (wina, 0); /* Disables movement */ ctx = init_graphics_window_double_buffer(wina); for (int i = 0; i < LOGO_FINAL_OFFSET; ++i) { draw_fill(ctx, rgb(39,55,113)); draw_sprite(ctx, sprites[0], center_x(sprites[0]->width), center_y(sprites[0]->height) - i); flip(ctx); } size_t buf_size = wina->width * wina->height * sizeof(uint32_t); char * buf = malloc(buf_size); uint32_t i = 0; uint32_t black = rgb(0,0,0); uint32_t white = rgb(255,255,255); uint32_t red = rgb(240, 20, 20); int x_offset = 65; int y_offset = 64; int fuzz = 3; char username[INPUT_SIZE] = {0}; char password[INPUT_SIZE] = {0}; char hostname[512]; { char _hostname[256]; syscall_gethostname(_hostname); struct tm * timeinfo; struct timeval now; syscall_gettimeofday(&now, NULL); //time(NULL); timeinfo = localtime((time_t *)&now.tv_sec); char _date[256]; strftime(_date, 256, "%a %B %d %Y", timeinfo); sprintf(hostname, "%s // %s", _hostname, _date); } char kernel_v[512]; { struct utsname u; uname(&u); /* UTF-8 Strings FTW! */ uint8_t * os_name_ = "PonyOS"; uint32_t l = snprintf(kernel_v, 512, "%s %s", os_name_, u.release); } uid = 0; #define BOX_WIDTH 272 #define BOX_HEIGHT 104 #define USERNAME_BOX 1 #define PASSWORD_BOX 2 #define EXTRA_TEXT_OFFSET 12 #define TEXTBOX_INTERIOR_LEFT 4 #define LEFT_OFFSET 80 int box_x = center_x(BOX_WIDTH); int box_y = center_y(0) + 8; int focus = USERNAME_BOX; set_font_size(11); int username_label_left = LEFT_OFFSET - 2 - draw_string_width("Username:"******"Password:"******""); for (int i = 0; i < strlen(password); ++i) { strcat(password_circles, "●"); } /* Redraw the background */ draw_fill(ctx, rgb(39,55,113)); draw_sprite(ctx, sprites[0], center_x(sprites[0]->width), center_y(sprites[0]->height) - LOGO_FINAL_OFFSET); draw_string(ctx, hostname_label_left, height - 12, white, hostname); draw_string(ctx, kernel_v_label_left, height - 12, white, kernel_v); /* Draw backdrops */ draw_box(ctx, box_x, box_y, BOX_WIDTH, BOX_HEIGHT, rgb(180,124,205)); draw_box(ctx, box_x + LEFT_OFFSET, box_y + 32, 168, 16, rgb(255,255,255)); draw_box(ctx, box_x + LEFT_OFFSET, box_y + 56, 168, 16, rgb(255,255,255)); /* Draw labels */ draw_string(ctx, box_x + username_label_left, box_y + 32 + EXTRA_TEXT_OFFSET, white, "Username:"******"Password:"******"Incorrect username or password."; draw_string(ctx, box_x + (BOX_WIDTH - draw_string_width(error_message)) / 2, box_y + 8 + EXTRA_TEXT_OFFSET, red, error_message); } if (focus == USERNAME_BOX) { draw_box_border(ctx, box_x + LEFT_OFFSET, box_y + 32, 168, 16, rgb(229, 68, 138)); } else if (focus == PASSWORD_BOX) { draw_box_border(ctx, box_x + LEFT_OFFSET, box_y + 56, 168, 16, rgb(229, 68, 138)); } flip(ctx); w_keyboard_t * kbd = NULL; do { kbd = poll_keyboard(); } while (!kbd); if (kbd->key == '\n') { if (focus == USERNAME_BOX) { free(kbd); focus = PASSWORD_BOX; continue; } else if (focus == PASSWORD_BOX) { free(kbd); break; } } if (kbd->key == '\t') { if (focus == USERNAME_BOX) { focus = PASSWORD_BOX; } else if (focus == PASSWORD_BOX) { focus = USERNAME_BOX; } free(kbd); continue; } if (focus == USERNAME_BOX) { buffer_put(username, kbd->key); } else if (focus == PASSWORD_BOX) { buffer_put(password, kbd->key); } free(kbd); } uid = checkUserPass(username, password); if (uid >= 0) { break; } show_error = 1; } draw_fill(ctx, rgb(39,55,113)); draw_sprite(ctx, sprites[0], center_x(sprites[0]->width), center_y(sprites[0]->height) - LOGO_FINAL_OFFSET); flip(ctx); teardown_windowing(); pid_t _session_pid = fork(); if (!_session_pid) { setenv("PATH", "/usr/bin:/bin", 0); syscall_setuid(uid); char * args[] = {"/bin/gsession", NULL}; execvp(args[0], args); } free(buf); free(ctx->backbuffer); free(ctx); syscall_wait(_session_pid); } return 0; }
void handleConnection(int socketfd) { static char buffer[BUFFER_SIZE+1]; static char* headers[HEADER_LIMIT+1]; int i; int headerCount=0; //int requestSize = read(socketfd,buffer,BUFFER_SIZE); int requestSize = readUntil(socketfd,crlfcrlfCheck,buffer,BUFFER_SIZE); if (requestSize ==0 || requestSize == -1) { fail("failed to read browser request"); } logText(buffer); int done = 0; char mode = 0; /* */ for (i=0;i<requestSize;i++) { switch(mode) { case '\r': if (buffer[i] == '\n') { buffer[i-1]=0; mode=0; done = (*headers[headerCount]==0) || (headerCount++ == HEADER_LIMIT); } break; case 0: headers[headerCount]=&buffer[i]; default: mode=buffer[i]; if (mode==0) done=1; /* catch headers containing zeros */ } if (done) break; } int bodyStart=i+1; int bodyLength=requestSize-bodyStart; headers[headerCount]=NULL; /*null terminated list*/ logFormat("%d header lines\n",headerCount); logText("we got some headers"); for (i=0; i<headerCount;i++) { logFormat("%d: %s\n",i,headers[i]); } logText("That was them headers"); /* logText("looking for User-Agent:"); char* userAgent=findHeader(0,headerCount,headers,"User-Agent:"); if (userAgent==NULL) {logText("No User-Agent");} else {logText(userAgent);} */ char* aCookie = findHeader(0,headerCount,headers,"Cookie:"); int uid=getUserInfo(aCookie); logFormat("uid of %d\n",uid); if (uid <= 0) { if (strncmp("POST /login ",headers[0],12) == 0 ) { //for a non-logged-in user POST to /login try and read user credentials. logText("Login request received"); char userpass[300]; struct passwd* pwd = NULL; strncpy(userpass,&buffer[bodyStart],300); if (userpass[299] == 0) { char* user = NULL; char* pass = NULL; user = strstr(userpass,"user="******"pass="******"I think the userName is '%s'\n",user); //logFormat("I think the passWord is '%s'\n",pass); pwd = checkUserPass(user,pass); free(pass); } char* resultPage; if (pwd != NULL) { logText("setting cookie"); char token[33]; token[32]='\0'; makeAuthenticationToken(pwd->pw_uid,token,32); char* pageHeaders; asprintf(&pageHeaders,"Set-Cookie: %s; Secure; HttpOnly\r\nLocation: %s\r\n",token,loginRedirect); logText(pageHeaders); resultPage= "<html><head></head><body" "<div>Login Successful</div>" "</body></html>"; sendHTMLPage(socketfd,"303 See Other",pageHeaders,resultPage); free(pageHeaders); } else { resultPage= "<html><head></head><body" "<div>Login Failed</div>" "</body></html>"; sendSimpleHTMLPage(socketfd,"401 Unauthorised",resultPage); } } else { sendLoginPage(socketfd); } } else { struct passwd *pw = getpwuid(uid); setgid(uid); setuid(uid); setenv("HOME",pw->pw_dir,1); setenv("USER",pw->pw_name,1); setenv("SHELL",pw->pw_shell,1); //if we get to here, the request sent a token identifying them as a //valid user and we have dropped privileges to be that user. //now we can set about serving the user request. #ifdef NOTANOS //support for a notanos websocket server. char* upgrade = findHeader(0,headerCount,headers,"Upgrade:"); if (upgrade) { //Try using websockets char* websocket_key = findHeader(0,headerCount,headers,"Sec-WebSocket-Key:"); char* websocket_protocol = findHeader(0,headerCount,headers,"Sec-WebSocket-Protocol:"); char* websocket_version = findHeader(0,headerCount,headers,"Sec-WebSocket-Version:"); char* origin = findHeader(0,headerCount,headers,"Origin:"); webSocketUpgrade(socketfd,websocket_key,websocket_protocol,websocket_version,origin); //webSocketUpgrade should never return } #endif if (strncmp("GET ",headers[0],4) == 0 ) { char* nameStart=headers[0]+4; int nameLen = strcspn(nameStart," "); char* urlName=strndup(nameStart,nameLen); char* fileName=url_decode(urlName); char* queryStart=strchr(fileName,'?'); if (queryStart != NULL) *queryStart++='\0'; logFormat("url request '%s'\n",urlName); logFormat("filename request '%s'\n",fileName); char* newFileName=expandFilename(fileName); free(fileName); fileName=newFileName; char* contentType=getContentType(fileName); struct stat fileInfo; int res=stat(fileName,&fileInfo); if (res !=0) { if (errno == EACCES) { sendSimpleHTMLPage(socketfd,"403 Forbidden","403: Forbidden"); } else { sendSimpleHTMLPage(socketfd,"404 Not Found","404: Not Found"); } } else { if (S_ISREG(fileInfo.st_mode)) { int filefd=open(fileName,O_RDONLY); if (filefd < 0) { sendSimpleHTMLPage(socketfd,"403 Forbidden","403: Forbidden"); } else { sendFileChunked(socketfd,"200 OK",filefd,contentType); close(filefd); } } else if (S_ISDIR(fileInfo.st_mode)) { char* command; char* awkline = "BEGIN {printf(\"{\\\"path\\\":\\\"%s\\\",\\n \\\"contents\\\":[\\n\",path)} END{print\"\\n ]\\n};\\n\"} NR > 2 { printf(\",\\n\") } NR >1 { printf(\" {\\\"filename\\\":\\\"%s\\\", \\\"attributes\\\":\\\"%s\\\", \\\"owner\\\":\\\"%s\\\", \\\"size\\\":%s}\", $9, $1, $3, $5) }"; //int commandLength = asprintf(&command,"ls -AlQ %s| awk -v path=%s '%s'",fileName,fileName,awkline); int commandLength = asprintf(&command,"./jsondir '%s'",fileName); logText(command); if (commandLength>0) { FILE* commandPipe = popen(command,"r"); if (commandPipe) { int commandfd=(fileno(commandPipe)); sendFileChunked(socketfd,"200 OK",commandfd,"application/json"); pclose(commandPipe); } else { sendSimpleHTMLPage(socketfd,"500 Internal Server Error","popen failure"); } free(command); } else { sendSimpleHTMLPage(socketfd,"200 OK","That's a directory"); } } } free(fileName); free(contentType); free(urlName); } } logText("done response, closing connection"); sleep(1); close(socketfd); exit(1); }