/*
* 2.输入获取
* 3.处理输入
*/
void login()
{
int Login_status;
init_clock();
init_user();
while (1) {
/* 显示界面 */
show_login_window();
/* 获取用户名 */
get_user_name();
/* 获取密码 */
get_pass_word();
Login_status = check_login();
/*
* 验证用户名密码
*/
if ( Login_status == LOGIN_INFO_SUCCESS ) {
/* 进入系统 */
sys_main();
}
/* 错误提示 */
print_err(Login_status);
}
}
static int
do_test (int argc, char *argv[])
{
int result = 0;
utmpname (name);
result |= do_init ();
result |= do_check ();
result |= simulate_login ("tty1", "erwin");
result |= do_check ();
result |= simulate_login ("ttyp1", "paul");
result |= do_check ();
result |= simulate_logout ("tty2");
result |= do_check ();
result |= simulate_logout ("ttyp0");
result |= do_check ();
result |= simulate_login ("ttyp2", "richard");
result |= do_check ();
result |= check_login ("tty1");
result |= check_logout ("ttyp0");
result |= check_id ("p1");
result |= check_id ("2");
result |= check_id ("si");
result |= check_type (BOOT_TIME);
result |= check_type (RUN_LVL);
return result;
}
void remote_auth_user(__soaap_fd_read int sock) {
char user[50], pwd[50];
read(sock, user, 50);
read(sock, pwd, 50);
if (!check_login(user, pwd)) {
// retry...
}
}
void login(){
if(!check_login()){
const char * cmd="wget --post-data=\"user_id=%s&password=%s\" --load-cookies=cookie --save-cookies=cookie --keep-session-cookies -q -O - \"%s/login.php\"";
FILE * fjobs=read_cmd_output(cmd,http_username,http_password,http_baseurl);
//fscanf(fjobs,"%d",&ret);
pclose(fjobs);
}
}
bool log_in(int id, char *msg) {
if (check_login(msg)) {
strncpy(clients[id].nickName, msg, LOGIN_LENGTH);
clients[id].isLogin = true;
active_users++;
printf("* Client was joined under name \"%s\"\n", clients[id].nickName);
char **smsg = (char **) alloca(4 * sizeof(char*));
smsg[0] = recv_msg[WELCOME];
smsg[1] = ", ";
smsg[2] = msg;
smsg[3] = "\n";
send_buffer(clients[id].fd, smsg, active_users, TYPE__text);
return true;
}
return false;
}
int main() {
char username[500];
int is_admin = 0;
char password[500];
int logged_in = 0;
char flag[250];
char user[500];
char pw[500];
setbuf(stdout, NULL);
printf("Welcome to the FlagStore!\n");
while (1) {
printf("Choose an action:\n");
printf("> %s: 1\n> %s: 2\n> %s: 3\n> %s: 4\n", "regiser", "login", "get_flag", "store_flag");
int answer = 0;
scanf("%d", &answer);
switch(answer) {
case 1:
printf("Enter an username:"******"%s", username);
printf("Enter a password:"******"%s", password);
if(strcmp(username, "admin") == 0) {
printf("Sorry, admin user already registered\n");
break;
}
if(strlen(password) < 6) {
printf("Sorry, password too short\n");
break;
}
register_user(username, password);
printf("User %s successfully registered. You can login now!\n", username);
break;
case 2:
printf("Username:"******"%499s", user);
printf("Password:"******"%499s", pw);
if(check_login(user, pw, username, password) == -1) {
printf("Wrong credentials!\n");
break;
}
logged_in = 1;
printf("You're now authenticated!\n");
break;
case 3:
if(logged_in == 0) {
printf("Please login first!\n");
break;
}
if(is_admin != 0) {
strcpy(flag, FLAG);
}
printf("Your flag: %s\n", flag);
break;
case 4:
if(logged_in == 0) {
printf("Please login first!\n");
break;
}
printf("Enter your flag:");
scanf("%s",flag);
printf("Flag saved!\n");
break;
default:
printf("Wrong option\nGood bye\n");
return -1;
}
}
}
/*
* logoutd - logout daemon to enforce /etc/porttime file policy
*
* logoutd is started at system boot time and enforces the login
* time and port restrictions specified in /etc/porttime. The
* utmpx/utmp file is periodically scanned and offending users are logged
* off from the system.
*/
int main (int argc, char **argv)
{
int i;
int status;
pid_t pid;
#ifdef USE_UTMPX
struct utmpx *ut;
#else /* !USE_UTMPX */
struct utmp *ut;
#endif /* !USE_UTMPX */
char user[sizeof (ut->ut_user) + 1]; /* terminating NUL */
char tty_name[sizeof (ut->ut_line) + 6]; /* /dev/ + NUL */
int tty_fd;
if (1 != argc) {
(void) fputs (_("Usage: logoutd\n"), stderr);
}
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
#ifndef DEBUG
for (i = 0; close (i) == 0; i++);
setpgrp ();
/*
* Put this process in the background.
*/
pid = fork ();
if (pid > 0) {
/* parent */
exit (EXIT_SUCCESS);
} else if (pid < 0) {
/* error */
perror ("fork");
exit (EXIT_FAILURE);
}
#endif /* !DEBUG */
/*
* Start syslogging everything
*/
Prog = Basename (argv[0]);
OPENLOG ("logoutd");
/*
* Scan the utmpx/utmp file once per minute looking for users that
* are not supposed to still be logged in.
*/
while (true) {
/*
* Attempt to re-open the utmpx/utmp file. The file is only
* open while it is being used.
*/
#ifdef USE_UTMPX
setutxent ();
#else /* !USE_UTMPX */
setutent ();
#endif /* !USE_UTMPX */
/*
* Read all of the entries in the utmpx/utmp file. The entries
* for login sessions will be checked to see if the user
* is permitted to be signed on at this time.
*/
#ifdef USE_UTMPX
while ((ut = getutxent ()) != NULL)
#else /* !USE_UTMPX */
while ((ut = getutent ()) != NULL)
#endif /* !USE_UTMPX */
{
if (ut->ut_type != USER_PROCESS) {
continue;
}
if (ut->ut_user[0] == '\0') {
continue;
}
if (check_login (ut)) {
continue;
}
/*
* Put the rest of this in a child process. This
* keeps the scan from waiting on other ports to die.
*/
pid = fork ();
if (pid > 0) {
/* parent */
continue;
} else if (pid < 0) {
/* failed - give up until the next scan */
break;
}
/* child */
if (strncmp (ut->ut_line, "/dev/", 5) != 0) {
strcpy (tty_name, "/dev/");
} else {
tty_name[0] = '\0';
}
strcat (tty_name, ut->ut_line);
#ifndef O_NOCTTY
#define O_NOCTTY 0
#endif
tty_fd =
open (tty_name, O_WRONLY | O_NDELAY | O_NOCTTY);
if (tty_fd != -1) {
send_mesg_to_tty (tty_fd);
close (tty_fd);
sleep (10);
}
if (ut->ut_pid > 1) {
kill (-ut->ut_pid, SIGHUP);
sleep (10);
kill (-ut->ut_pid, SIGKILL);
}
strncpy (user, ut->ut_user, sizeof (user) - 1);
user[sizeof (user) - 1] = '\0';
SYSLOG ((LOG_NOTICE,
"logged off user '%s' on '%s'", user,
tty_name));
/*
* This child has done all it can, drop dead.
*/
exit (EXIT_SUCCESS);
}
#ifdef USE_UTMPX
endutxent ();
#else /* !USE_UTMPX */
endutent ();
#endif /* !USE_UTMPX */
#ifndef DEBUG
sleep (60);
#endif
/*
* Reap any dead babies ...
*/
while (wait (&status) != -1);
}
return EXIT_FAILURE;
}
/*****************parent process tcp connection use to manage******************************/
void server_mgr(int serverPort, int pipefd, int pid)
{
int flag = 0;
int err, sockfd, clientfd, i;
int ready = 0;
struct sockaddr_in serverSock, clientSock;
size_t len;
char buf[4096];
int ppid;
char username[4096], passwd[4096];
SSL_CTX* ctx;
SSL* ssl;
sleep(1); //in order to avoid coming out too fast
setupCTXServer(SER_CERTF, SER_KEYF, &ctx);//setup certificate
//create a TCP socket
sockfd = socket(AF_INET, SOCK_STREAM, 0);
memset(&serverSock, 0, sizeof(serverSock));
serverSock.sin_family = AF_INET;
serverSock.sin_addr.s_addr = htonl(INADDR_ANY);
serverSock.sin_port = htons(serverPort);
//bind step
if (bind(sockfd, (struct sockaddr*) &serverSock, sizeof (serverSock)) < 0)
PERROR("tcp bind error! exit!");
//listen step: listening to be a server why 5 do not know I guess it is the signal to kernel
if (listen (sockfd, 5) < 0)
PERROR("tcp listen error! exit!");
len = sizeof(clientSock);
//accept step
clientfd = accept(sockfd, (struct sockaddr*) &clientSock, &len);
close(sockfd);//do not need sockfd anymore after tcp connection
printf("Connection from %s:%i\n", inet_ntoa(clientSock.sin_addr), ntohs(clientSock.sin_port));
//build SSL on the tcp connection
ssl = SSL_new(ctx);
CHK_NULL(ssl);
SSL_set_fd(ssl, clientfd);
err = SSL_accept(ssl);
CHK_SSL(err);
//login part to check username and password
while(!flag)
{
err = SSL_read(ssl, username, sizeof(buf) - 1);//read username
CHK_SSL(err);
err = SSL_read(ssl, passwd, sizeof(buf) - 1);//read passwd
CHK_SSL(err);
if(check_login(username + 1, passwd + 1))//client authenticate to call the check function
{
buf[0]='o';
buf[1]=0;
SSL_write(ssl, buf, sizeof(buf) - 1);//check successfully and send to client
flag = 1;
}
else
{
buf[0]='f';
buf[1]=0;
SSL_write(ssl, buf, sizeof(buf) - 1);//check failed and send to client
}
}
printf("Welcome %s:\n", username + 1);
//clean the password(security reason!!! Do not forget buffer overflow)
memset(passwd, 0, sizeof(passwd));
//receive key part, exchange key part, abort part
while (1) {
ready = 0;
while (!ready) {
err = SSL_read(ssl, buf, sizeof(buf) - 1);
CHK_SSL(err);
ready = ready + receiveKey(buf, err, key);
}
// buf[1] is 0 means client want to abort
if (buf[1] == 0) {
printf("disconnect!!!\n");
kill(pid, SIGTERM);//SIGTERM is more friendly
wait(0);//wait for 0 process
break;
}
//tell the key to udp connection
tellChildProcess(key, pipefd, 'k');
}
//clean everything
close(sockfd);
SSL_free (ssl);
SSL_CTX_free (ctx);
}
/*
* logoutd - logout daemon to enforce /etc/porttime file policy
*
* logoutd is started at system boot time and enforces the login
* time and port restrictions specified in /etc/porttime. The
* utmpx/utmp file is periodically scanned and offending users are logged
* off from the system.
*/
int main (int argc, char **argv)
{
int i;
int status;
pid_t pid;
#if HAVE_UTMPX_H
struct utmpx *ut;
#else
struct utmp *ut;
#endif
char user[sizeof (ut->ut_user) + 1]; /* terminating NUL */
char tty_name[sizeof (ut->ut_line) + 6]; /* /dev/ + NUL */
int tty_fd;
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
#ifndef DEBUG
for (i = 0; close (i) == 0; i++);
setpgrp ();
/*
* Put this process in the background.
*/
pid = fork ();
if (pid > 0) {
/* parent */
exit (0);
} else if (pid < 0) {
/* error */
perror ("fork");
exit (1);
}
#endif /* !DEBUG */
/*
* Start syslogging everything
*/
Prog = Basename (argv[0]);
OPENLOG ("logoutd");
/*
* Scan the utmpx/utmp file once per minute looking for users that
* are not supposed to still be logged in.
*/
while (1) {
/*
* Attempt to re-open the utmpx/utmp file. The file is only
* open while it is being used.
*/
#if HAVE_UTMPX_H
setutxent ();
#else
setutent ();
#endif
/*
* Read all of the entries in the utmpx/utmp file. The entries
* for login sessions will be checked to see if the user
* is permitted to be signed on at this time.
*/
#if HAVE_UTMPX_H
while ((ut = getutxent ())) {
#else
while ((ut = getutent ())) {
#endif
#ifdef USER_PROCESS
if (ut->ut_type != USER_PROCESS)
continue;
#endif
if (ut->ut_user[0] == '\0')
continue;
if (check_login (ut))
continue;
/*
* Put the rest of this in a child process. This
* keeps the scan from waiting on other ports to die.
*/
pid = fork ();
if (pid > 0) {
/* parent */
continue;
} else if (pid < 0) {
/* failed - give up until the next scan */
break;
}
/* child */
if (strncmp (ut->ut_line, "/dev/", 5) != 0)
strcpy (tty_name, "/dev/");
else
tty_name[0] = '\0';
strcat (tty_name, ut->ut_line);
#ifndef O_NOCTTY
#define O_NOCTTY 0
#endif
tty_fd =
open (tty_name, O_WRONLY | O_NDELAY | O_NOCTTY);
if (tty_fd != -1) {
send_mesg_to_tty (tty_fd);
close (tty_fd);
sleep (10);
}
#ifdef USER_PROCESS /* USG_UTMP */
if (ut->ut_pid > 1) {
kill (-ut->ut_pid, SIGHUP);
sleep (10);
kill (-ut->ut_pid, SIGKILL);
}
#else /* BSD || SUN || SUN4 */
/*
* vhangup() the line to kill try and kill
* whatever is out there using it.
*/
if ((tty_fd =
open (tty_name, O_RDONLY | O_NDELAY)) == -1)
continue;
vhangup (tty_fd);
close (tty_fd);
#endif /* BSD || SUN || SUN4 */
strncpy (user, ut->ut_user, sizeof (user) - 1);
user[sizeof (user) - 1] = '\0';
SYSLOG ((LOG_NOTICE,
"logged off user `%s' on `%s'", user,
tty_name));
/*
* This child has done all it can, drop dead.
*/
exit (0);
}
#if HAVE_UTMPX_H
endutxent ();
#else
endutent ();
#endif
#ifndef DEBUG
sleep (60);
#endif
/*
* Reap any dead babies ...
*/
while (wait (&status) != -1);
}
return 1;
/* NOT REACHED */
}
