void Wiegand37WithFacilityFormat::setLinearDataWithoutParity(const void* data, size_t dataLengthBytes) { unsigned int pos = 1; setFacilityCode((unsigned short)revertField(data, dataLengthBytes, &pos, 16)); setUid(revertField(data, dataLengthBytes, &pos, 19)); }
/*! \internal Creates a new contact. The properties of the contact are set from \a fromMap. */ OPimContact::OPimContact( const QMap<int, QString> &fromMap ):OPimRecord(), mMap( fromMap ), d( 0 ) { QString cats = mMap[ Qtopia::AddressCategory ]; if ( !cats.isEmpty() ) setCategories( idsFromString( cats ) ); QString uidStr = find( Qtopia::AddressUid ); if ( uidStr.isEmpty() || ( uidStr.toInt() == 0 ) ) { setUid( uidGen().generate() ); } else setUid( uidStr.toInt() ); // if ( !uidStr.isEmpty() ) // setUid( uidStr.toInt() ); }
void FASCN200BitFormat::unSerialize(boost::property_tree::ptree& node) { setAgencyCode(node.get_child("AgencyCode").get_value<short>()); setSystemCode(node.get_child("SystemCode").get_value<short>()); setSerieCode(node.get_child("SerieCode").get_value<unsigned char>()); setCredentialCode(node.get_child("CredentialCode").get_value<unsigned char>()); setPersonIdentifier(node.get_child("PersonIdentifier").get_value<unsigned long long>()); setOrganizationalCategory(static_cast<FASCNOrganizationalCategory>(node.get_child("OrganizationalCategory").get_value<unsigned int>())); setOrganizationalIdentifier(node.get_child("OrganizationalIdentifier").get_value<short>()); setPOACategory(static_cast<FASCNPOAssociationCategory>(node.get_child("POACategory").get_value<unsigned int>())); setUid(node.get_child("Uid").get_value<unsigned long long>()); }
bool DirEntryList::setUidGid(const Key &key, uid_t uid, gid_t gid) { auto found = _findByKey(key); bool changed = false; if (uid != (uid_t)-1) { found->setUid(uid); changed = true; } if (gid != (gid_t)-1) { found->setGid(gid); changed = true; } return changed; }
void OEvent::fromMap( const QMap<int, QString>& map ) { // We just want to set the UID if it is really stored. if ( !map[OEvent::FUid].isEmpty() ) setUid( map[OEvent::FUid].toInt() ); setCategories( idsFromString( map[OEvent::FCategories] ) ); setDescription( map[OEvent::FDescription] ); setLocation( map[OEvent::FLocation] ); if ( map[OEvent::FType] == "AllDay" ) setAllDay( true ); else setAllDay( false ); int alarmTime = -1; if( !map[OEvent::FAlarm].isEmpty() ) alarmTime = map[OEvent::FAlarm].toInt(); int sound = ( ( map[OEvent::FSound] == "loud" ) ? OPimAlarm::Loud : OPimAlarm::Silent ); if ( ( alarmTime != -1 ) ){ QDateTime dt = startDateTime().addSecs( -1*alarmTime*60 ); OPimAlarm al( sound , dt ); notifiers().add( al ); } if ( !map[OEvent::FTimeZone].isEmpty() && ( map[OEvent::FTimeZone] != "None" ) ){ setTimeZone( map[OEvent::FTimeZone] ); } time_t start = (time_t) map[OEvent::FStart].toLong(); time_t end = (time_t) map[OEvent::FEnd].toLong(); /* AllDay is always in UTC */ if ( isAllDay() ) { OTimeZone utc = OTimeZone::utc(); setStartDateTime( utc.fromUTCDateTime( start ) ); setEndDateTime ( utc.fromUTCDateTime( end ) ); setTimeZone( "UTC"); // make sure it is really utc }else { /* to current date time */ // qWarning(" Start is %d", start ); OTimeZone zone( timeZone().isEmpty() ? OTimeZone::current() : timeZone() ); QDateTime date = zone.toDateTime( start ); qWarning(" Start is %s", date.toString().latin1() ); setStartDateTime( zone.toDateTime( date, OTimeZone::current() ) ); date = zone.toDateTime( end ); setEndDateTime ( zone.toDateTime( date, OTimeZone::current() ) ); } if ( !map[OEvent::FRecParent].isEmpty() ) setParent( map[OEvent::FRecParent].toInt() ); if ( !map[OEvent::FRecChildren].isEmpty() ){ QStringList list = QStringList::split(' ', map[OEvent::FRecChildren] ); for ( QStringList::Iterator it = list.begin(); it != list.end(); ++it ) { addChild( (*it).toInt() ); } } // Fill recurrence stuff and put it directly into the ORecur-Object using fromMap.. if( !map[OEvent::FRType].isEmpty() ){ QMap<int, QString> recFields; recFields.insert( ORecur::RType, map[OEvent::FRType] ); recFields.insert( ORecur::RWeekdays, map[OEvent::FRWeekdays] ); recFields.insert( ORecur::RPosition, map[OEvent::FRPosition] ); recFields.insert( ORecur::RFreq, map[OEvent::FRFreq] ); recFields.insert( ORecur::RHasEndDate, map[OEvent::FRHasEndDate] ); recFields.insert( ORecur::EndDate, map[OEvent::FREndDate] ); recFields.insert( ORecur::Created, map[OEvent::FRCreated] ); recFields.insert( ORecur::Exceptions, map[OEvent::FRExceptions] ); ORecur recur( recFields ); setRecurrence( recur ); } }
void FASCN200BitFormat::setLinearData(const void* data, size_t dataLengthBytes) { unsigned int pos = 0; unsigned char c; if (dataLengthBytes * 8 < getDataLength()) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "Data length too small."); } c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_SS) { char tmpmsg[64]; sprintf(tmpmsg, "The FASC-N Start Sentinel doesn't match (%x).", c); THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, tmpmsg); } setAgencyCode((unsigned short)revertField(data, dataLengthBytes, &pos, 16)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_FS) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N Field Separator doesn't match after the Agency Code."); } setSystemCode((unsigned short)revertField(data, dataLengthBytes, &pos, 16)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_FS) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N Field Separator doesn't match after the System Code."); } setUid(revertField(data, dataLengthBytes, &pos, 24)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_FS) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N Field Separator doesn't match after the Credential."); } setSerieCode((unsigned char)revertField(data, dataLengthBytes, &pos, 4)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_FS) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N Field Separator doesn't match after the Credential Series."); } setCredentialCode((unsigned char)revertField(data, dataLengthBytes, &pos, 4)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_FS) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N Field Separator doesn't match after the Credential Issue."); } setPersonIdentifier(revertField(data, dataLengthBytes, &pos, 40)); setOrganizationalCategory((FASCNOrganizationalCategory)revertField(data, dataLengthBytes, &pos, 4)); setOrganizationalIdentifier((unsigned char)revertField(data, dataLengthBytes, &pos, 16)); setPOACategory((FASCNPOAssociationCategory)revertField(data, dataLengthBytes, &pos, 4)); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != FASCN_ES) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The End Sentinel doesn't match."); } unsigned char lrc = calculateLRC(data, pos); c = (unsigned char)revertField(data, dataLengthBytes, &pos, 4); if (c != lrc) { THROW_EXCEPTION_WITH_LOG(LibLogicalAccessException, "The FASC-N LRC seems wrong."); } }
void aufgabe28() { char str[255]; char *i,*j=str; int len; int knopp=0,ax=0,ay=0,az=0; int lastax=-1; int lastay=-1; int lastaz=-1; // Arbeitspalznummer +10 setUid(17); // Selbe fequenz wie unsere Nachbarn mit denen wir komunizieren wollen switchFreq(8); while(1) { if(do_output==1) { // Daten des Packets holen und vorbereiten sprintPacket(str); len=strlen(str); writestr(str); // Code welcher die Funtionalitaet folgender Zeile hat // sscanf(j,"%d\t%d\t%d\r\n",NULL,NULL,ax,ay,az,knopp); j=str; while(*j!='\t') j++; j++; while(*j!='\t') j++; i=++j; while(*j!='\t') j++; *j='\0'; ax=atoi(i); i=++j; while(*j!='\t') j++; *j='\0'; ay=atoi(i); i=++j; while(*j!='\t') j++; *j='\0'; az=atoi(i); i=++j; while(*j!='\r') j++; *j='\0'; knopp=atoi(i); // Je nach dem welcher Knopf gedrueckt wurde LEDs einschalten if(knopp==2){ LED_ON(GREEN); } if(knopp==1){ LED_OFF(GREEN); } // Entscheiden ob einer der Beschleunigungswerte mehr als // 20 % vom alten abweicht - wenn ja rote LED einschalten if(lastax!=-1){ if( abs(lastay-ay) >= lastay*0.2 || abs(lastax-ax) >= lastax*0.2 || abs(lastaz-az) >= lastaz*0.2 ){ LED_ON(RED); }else{ LED_OFF(RED); } } // alte Werte fuer den naechten Druchlauf setzen lastax=ax; lastay=ay; lastaz=az; // gelbe LED als Statusanzeige toggeln LED_TOGGLE(YELLOW); do_output=0; // ACK an den sender schicken sprintf(str,"FACK:%d",len); sendPacket(18,17,str,strlen(str)); } } }
void Wiegand37Format::unSerialize(boost::property_tree::ptree& node) { setUid(node.get_child("Uid").get_value<unsigned long long>()); }
void Wiegand37Format::setLinearDataWithoutParity(const void* data, size_t dataLengthBytes) { unsigned int pos = 1; setUid(revertField(data, dataLengthBytes, &pos, 35)); }
main(void) { //===Hier sollten Variablen deklariert werden ============================ //unsigned char i = 0; //char text[60]; //int x,y; //===Hier die notwendigen Initialisierungsschritte ======================= //=(1)== Port-Initialisierung ============================================ init_Port(); // Initialisierung der Port Register //(2)=== Clock-System-Initialisierung ==================================== //== XT2() oder Dco() als Taktquelle einstellen //== durch Ein- oder Auskommentieren //== DCO ist bei LPM Einsatz bevorzugt muß zyklisch kalibriert werden //== XT2 ist quarzstabil muß nicht zyklisch kalibriert werden // //XT2 (); // XT2 Taktquelle aktivieren mit 7.3728MHz DCO (); // Dco Taktquelle aktivieren mit 7.3728MHz // beachte DELTA //=(3)== Timer-Initialisierung= ========================================== init_Timer_A(); // Init Timer für Sekundeninterrupt // !! noch leere Funktion //=(4)== USART-Initialisierung =========================================== init_UART1(); // UART-RS232 mit 115.2kBit/s initialisieren // !! noch leere Funktion //=(5)== CC1100-Transceiver-Initialisierung ============================== init_UART0_SPI(); // CC1100 SPI UART initalisieren init_CC1100_POWERDOWN(); // CC1100 init und in RX Mode setzen // !!!Interrupte sind ab jetzt freigegeben!! //== Adresse und Funkkanal des Transceivers setzen //== für die Arbeitsplaetze HWPx (x=1...10) sollten //== ID=x und channnel=x gesetzt werden ID = 1; // Adresse setUid(ID); // Adresse im Transceiver setzen channel = 1; // Funkkanal switchFreq(channel); // Funkkanal im Transceiver setzen //== Soll der Transceiver genutzt werden müssen folgende zwei Zeilen //== auskommentiert werden: init_CC1100_IDLE(); // CC1100 in den IDLE Mode setzen init_CC1100_POWERDOWN();// CC1100 in den PowerDown Mode setzen //=(6)== LCD-Display-Initialisierung ===================================== dogm_reset(); // Hardware Reset des LCD Controllers dogm_init(); // Initialisierung der LCD Controller Register lcd_clear(WHITE); // Grafikspeicher auf dem MSP430 löschen //lcd_string(BLACK, 15, 25, "MSP430-GESTARTET!"); // Textausgabe lcd_paint(); // Grafikspeicher auf das LCD Display ausgeben #define LED_ROT (0x01) // 0 0 1 P4.0 #define LED_GELB (0x02) // 0 1 0 P4.1 #define LED_GRUEN (0x04) // 1 0 0 P4.2 #define LED_ALL (LED_ROT | LED_GELB | LED_GRUEN) #define LED_ON(led) (BIT_CLR(P4OUT, led)) #define LED_OFF(led) (BIT_SET(P4OUT, led)) #define LED_TOGGLE(led) (BIT_TOGGLE(P4OUT, led)) #define IS_LED_ON(led) (!(P4OUT & led)) #define TASTE_LINKS (0x1) #define TASTE_RECHTS (0x2) #define SLEEP_QUANTUM 10000 #define SLEEP(n) do { /* sleep for n seconds */ \ long time = n * 100000; /* wait() sleeps 10*n microseconds */ \ while(time > SLEEP_QUANTUM) { \ wait(SLEEP_QUANTUM); \ time -= SLEEP_QUANTUM; \ } \ wait(time); \ } while(0) // alle Leitungen auf Eingang TS_TIP_DIR_IN; TS_YP_DIR_IN; TS_YM_DIR_IN; TS_XP_DIR_IN; TS_XM_DIR_IN; // die Ausgangsregister vorbereitend setzen TS_XM_0; // XM X-Achse wird auf 0 gesetzt TS_TIP_1; // YP Y-Achse wird über einen PullUp Widerstand auf 1 gezogen // Die Ausgaenge jetzt freigeben TS_XM_DIR_OUT; // XM auf 0 TS_TIP_DIR_OUT; // YP auf 1 BIT_SET(P1IE, BIT6); BIT_CLR(P1IFG, BIT6); _bis_SR_register(GIE); //===Hier die Endlosschleife quasi das Betriebssystem===================== print_value(); while(1){ // linker Taster gedrueckt -> gruen an if (P1IN & TASTE_LINKS) { LED_OFF(LED_ROT | LED_GELB); LED_ON(LED_GRUEN); // rechter Taster gedrueckt -> rot an } else if (P1IN & TASTE_RECHTS) { LED_OFF(LED_GRUEN | LED_GELB); LED_ON(LED_ROT); // kein Taster gedrueckt -> gelb an } else { LED_OFF(LED_GRUEN | LED_ROT); LED_ON(LED_GELB); } } // Ende der Endlosschleife } // Ende Main
static int #if defined(USE_PAM) || defined(_AIX) isNoPassAllowed( const char *un ) { struct passwd *pw = 0; # ifdef HAVE_GETSPNAM /* (sic!) - not USESHADOW */ struct spwd *spw; # endif #else isNoPassAllowed( const char *un, struct passwd *pw ) { #endif struct group *gr; char **fp; int hg; if (!*un) return 0; if (cursource != PWSRC_MANUAL) return 1; for (hg = 0, fp = td->noPassUsers; *fp; fp++) if (**fp == '@') hg = 1; else if (!strcmp( un, *fp )) return 1; else if (!strcmp( "*", *fp )) { #if defined(USE_PAM) || defined(_AIX) if (!(pw = getpwnam( un ))) return 0; if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') continue; # ifdef HAVE_GETSPNAM /* (sic!) - not USESHADOW */ if ((spw = getspnam( un )) && (spw->sp_pwdp[0] == '!' || spw->sp_pwdp[0] == '*')) continue; # endif #endif if (pw->pw_uid) return 1; } #if defined(USE_PAM) || defined(_AIX) if (hg && (pw || (pw = getpwnam( un )))) { #else if (hg) { #endif for (setgrent(); (gr = getgrent()); ) for (fp = td->noPassUsers; *fp; fp++) if (**fp == '@' && !strcmp( gr->gr_name, *fp + 1 )) { if (pw->pw_gid == gr->gr_gid) { endgrent(); return 1; } for (; *gr->gr_mem; gr->gr_mem++) if (!strcmp( un, *gr->gr_mem )) { endgrent(); return 1; } } endgrent(); } return 0; } #if !defined(USE_PAM) && !defined(_AIX) && defined(HAVE_SETUSERCONTEXT) # define LC_RET0 do { login_close(lc); return 0; } while(0) #else # define LC_RET0 return 0 #endif int verify( GConvFunc gconv, int rootok ) { #ifdef USE_PAM const char *psrv; struct pam_data pdata; int pretc, pnopass; char psrvb[64]; #elif defined(_AIX) char *msg, *curret; int i, reenter; #else struct stat st; const char *nolg; char *buf; int fd; # ifdef HAVE_GETUSERSHELL char *s; # endif # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW) int tim, expir, warntime, quietlog; # endif #endif debug( "verify ...\n" ); #ifdef USE_PAM pnopass = FALSE; if (!strcmp( curtype, "classic" )) { if (!gconv( GCONV_USER, 0 )) return 0; if (isNoPassAllowed( curuser )) { gconv( GCONV_PASS_ND, 0 ); if (!*curpass) { pnopass = TRUE; sprintf( psrvb, "%.31s-np", PAMService ); psrv = psrvb; } else psrv = PAMService; } else psrv = PAMService; pdata.usecur = TRUE; } else { sprintf( psrvb, "%.31s-%.31s", PAMService, curtype ); psrv = psrvb; pdata.usecur = FALSE; } pdata.gconv = gconv; if (!doPAMAuth( psrv, &pdata )) return 0; #elif defined(_AIX) if ((td->displayType & d_location) == dForeign) { char *tmpch; strncpy( hostname, td->name, sizeof(hostname) - 1 ); hostname[sizeof(hostname)-1] = '\0'; if ((tmpch = strchr( hostname, ':' ))) *tmpch = '\0'; } else hostname[0] = '\0'; /* tty names should only be 15 characters long */ # if 0 for (i = 0; i < 15 && td->name[i]; i++) { if (td->name[i] == ':' || td->name[i] == '.') tty[i] = '_'; else tty[i] = td->name[i]; } tty[i] = '\0'; # else memcpy( tty, "/dev/xdm/", 9 ); for (i = 0; i < 6 && td->name[i]; i++) { if (td->name[i] == ':' || td->name[i] == '.') tty[9 + i] = '_'; else tty[9 + i] = td->name[i]; } tty[9 + i] = '\0'; # endif if (!strcmp( curtype, "classic" )) { if (!gconv( GCONV_USER, 0 )) return 0; if (isNoPassAllowed( curuser )) { gconv( GCONV_PASS_ND, 0 ); if (!*curpass) { debug( "accepting despite empty password\n" ); goto done; } } else if (!gconv( GCONV_PASS, 0 )) return 0; enduserdb(); msg = NULL; if ((i = authenticate( curuser, curpass, &reenter, &msg ))) { debug( "authenticate() failed: %s\n", msg ); if (msg) free( msg ); loginfailed( curuser, hostname, tty ); if (i == ENOENT || i == ESAD) V_RET_AUTH; else V_RET_FAIL( 0 ); } if (reenter) { logError( "authenticate() requests more data: %s\n", msg ); free( msg ); V_RET_FAIL( 0 ); } } else if (!strcmp( curtype, "generic" )) { if (!gconv( GCONV_USER, 0 )) return 0; for (curret = 0;;) { msg = NULL; if ((i = authenticate( curuser, curret, &reenter, &msg ))) { debug( "authenticate() failed: %s\n", msg ); if (msg) free( msg ); loginfailed( curuser, hostname, tty ); if (i == ENOENT || i == ESAD) V_RET_AUTH; else V_RET_FAIL( 0 ); } if (curret) free( curret ); if (!reenter) break; if (!(curret = gconv( GCONV_HIDDEN, msg ))) return 0; free( msg ); } } else { logError( "Unsupported authentication type %\"s requested\n", curtype ); V_RET_FAIL( 0 ); } if (msg) { displayStr( V_MSG_INFO, msg ); free( msg ); } done: #else if (strcmp( curtype, "classic" )) { logError( "Unsupported authentication type %\"s requested\n", curtype ); V_RET_FAIL( 0 ); } if (!gconv( GCONV_USER, 0 )) return 0; if (!(p = getpwnam( curuser ))) { debug( "getpwnam() failed.\n" ); gconv( GCONV_PASS, 0 ); V_RET_AUTH; } if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { debug( "account is locked\n" ); gconv( GCONV_PASS, 0 ); V_RET_AUTH; } # ifdef USESHADOW if ((sp = getspnam( curuser ))) { p->pw_passwd = sp->sp_pwdp; if (p->pw_passwd[0] == '!' || p->pw_passwd[0] == '*') { debug( "account is locked\n" ); gconv( GCONV_PASS, 0 ); V_RET_AUTH; } } else debug( "getspnam() failed: %m. Are you root?\n" ); # endif if (!*p->pw_passwd) { if (!td->allowNullPasswd) { debug( "denying user with empty password\n" ); gconv( GCONV_PASS, 0 ); V_RET_AUTH; } goto nplogin; } if (isNoPassAllowed( curuser, p )) { nplogin: gconv( GCONV_PASS_ND, 0 ); if (!*curpass) { debug( "accepting password-less login\n" ); goto done; } } else if (!gconv( GCONV_PASS, 0 )) return 0; # ifdef KERBEROS if (p->pw_uid) { int ret; char realm[REALM_SZ]; if (krb_get_lrealm( realm, 1 )) { logError( "Cannot get KerberosIV realm.\n" ); V_RET_FAIL( 0 ); } sprintf( krbtkfile, "%s.%.*s", TKT_ROOT, MAXPATHLEN - strlen( TKT_ROOT ) - 2, td->name ); krb_set_tkt_string( krbtkfile ); unlink( krbtkfile ); ret = krb_verify_user( curuser, "", realm, curpass, 1, "rcmd" ); if (ret == KSUCCESS) { chown( krbtkfile, p->pw_uid, p->pw_gid ); debug( "KerberosIV verify succeeded\n" ); goto done; } else if (ret != KDC_PR_UNKNOWN && ret != SKDC_CANT) { logError( "KerberosIV verification failure %\"s for %s\n", krb_get_err_text( ret ), curuser ); krbtkfile[0] = '\0'; V_RET_FAIL( 0 ); } debug( "KerberosIV verify failed: %s\n", krb_get_err_text( ret ) ); } krbtkfile[0] = '\0'; # endif /* KERBEROS */ # if defined(ultrix) || defined(__ultrix__) if (authenticate_user( p, curpass, NULL ) < 0) # elif defined(HAVE_PW_ENCRYPT) if (strcmp( pw_encrypt( curpass, p->pw_passwd ), p->pw_passwd )) # elif defined(HAVE_CRYPT) if (strcmp( crypt( curpass, p->pw_passwd ), p->pw_passwd )) # else if (strcmp( curpass, p->pw_passwd )) # endif { debug( "password verify failed\n" ); V_RET_AUTH; } done: #endif /* !defined(USE_PAM) && !defined(_AIX) */ debug( "restrict %s ...\n", curuser ); #if defined(USE_PAM) || defined(_AIX) if (!(p = getpwnam( curuser ))) { logError( "getpwnam(%s) failed.\n", curuser ); V_RET_FAIL( 0 ); } #endif if (!p->pw_uid) { if (!rootok && !td->allowRootLogin) V_RET_FAIL( "Root logins are not allowed" ); return 1; /* don't deny root to log in */ } #ifdef USE_PAM debug( " pam_acct_mgmt() ...\n" ); pretc = pam_acct_mgmt( pamh, 0 ); reInitErrorLog(); debug( " pam_acct_mgmt() returned: %s\n", pam_strerror( pamh, pretc ) ); if (pretc == PAM_NEW_AUTHTOK_REQD) { pdata.usecur = FALSE; pdata.gconv = conv_interact; /* pam will have output a message already, so no prepareErrorGreet() */ if (gconv != conv_interact || pnopass) { pam_end( pamh, PAM_SUCCESS ); pamh = 0; gSendInt( V_CHTOK_AUTH ); /* this cannot auth the wrong user, as only classic auths get here */ while (!doPAMAuth( PAMService, &pdata )) if (pdata.abort) return 0; gSendInt( V_PRE_OK ); } else gSendInt( V_CHTOK ); for (;;) { debug( " pam_chauthtok() ...\n" ); pretc = pam_chauthtok( pamh, PAM_CHANGE_EXPIRED_AUTHTOK ); reInitErrorLog(); debug( " pam_chauthtok() returned: %s\n", pam_strerror( pamh, pretc ) ); if (pdata.abort) { pam_end( pamh, PAM_SUCCESS ); pamh = 0; return 0; } if (pretc == PAM_SUCCESS) break; /* effectively there is only PAM_AUTHTOK_ERR */ gSendInt( V_FAIL ); } if (curpass) free( curpass ); curpass = newpass; newpass = 0; } else if (pretc != PAM_SUCCESS) { pam_end( pamh, pretc ); pamh = 0; V_RET_AUTH; } #elif defined(_AIX) /* USE_PAM */ msg = NULL; if (loginrestrictions( curuser, ((td->displayType & d_location) == dForeign) ? S_RLOGIN : S_LOGIN, tty, &msg ) == -1) { debug( "loginrestrictions() - %s\n", msg ? msg : "error" ); loginfailed( curuser, hostname, tty ); prepareErrorGreet(); if (msg) { displayStr( V_MSG_ERR, msg ); free( msg ); } gSendInt( V_AUTH ); return 0; } if (msg) free( (void *)msg ); #endif /* USE_PAM || _AIX */ #ifndef _AIX # ifdef HAVE_SETUSERCONTEXT # ifdef HAVE_LOGIN_GETCLASS lc = login_getclass( p->pw_class ); # else lc = login_getpwclass( p ); # endif if (!lc) V_RET_FAIL( 0 ); p->pw_shell = login_getcapstr( lc, "shell", p->pw_shell, p->pw_shell ); # endif # ifndef USE_PAM /* restrict_expired */ # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW) # if !defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || (!defined(HAVE_SETUSERCONTEXT) && defined(USESHADOW)) if (sp) # endif { # define DEFAULT_WARN (2L * 7L) /* Two weeks */ tim = time( NULL ) / 86400L; # ifdef HAVE_SETUSERCONTEXT quietlog = login_getcapbool( lc, "hushlogin", 0 ); warntime = login_getcaptime( lc, "warnexpire", DEFAULT_WARN * 86400L, DEFAULT_WARN * 86400L ) / 86400L; # else quietlog = 0; # ifdef USESHADOW warntime = sp->sp_warn != -1 ? sp->sp_warn : DEFAULT_WARN; # else warntime = DEFAULT_WARN; # endif # endif # ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE if (p->pw_expire) { expir = p->pw_expire / 86400L; # else if (sp->sp_expire != -1) { expir = sp->sp_expire; # endif if (tim > expir) { displayStr( V_MSG_ERR, "Your account has expired;" " please contact your system administrator" ); gSendInt( V_FAIL ); LC_RET0; } else if (tim > (expir - warntime) && !quietlog) { displayMsg( V_MSG_INFO, "Warning: your account will expire in %d day(s)", expir - tim ); } } # ifdef HAVE_STRUCT_PASSWD_PW_EXPIRE if (p->pw_change) { expir = p->pw_change / 86400L; # else if (!sp->sp_lstchg) { displayStr( V_MSG_ERR, "You are required to change your password immediately" " (root enforced)" ); /* XXX todo password change */ gSendInt( V_FAIL ); LC_RET0; } else if (sp->sp_max != -1) { expir = sp->sp_lstchg + sp->sp_max; if (sp->sp_inact != -1 && tim > expir + sp->sp_inact) { displayStr( V_MSG_ERR, "Your account has expired;" " please contact your system administrator" ); gSendInt( V_FAIL ); LC_RET0; } # endif if (tim > expir) { displayStr( V_MSG_ERR, "You are required to change your password immediately" " (password aged)" ); /* XXX todo password change */ gSendInt( V_FAIL ); LC_RET0; } else if (tim > (expir - warntime) && !quietlog) { displayMsg( V_MSG_INFO, "Warning: your password will expire in %d day(s)", expir - tim ); } } } # endif /* HAVE_STRUCT_PASSWD_PW_EXPIRE || USESHADOW */ /* restrict_nologin */ # ifndef _PATH_NOLOGIN # define _PATH_NOLOGIN "/etc/nologin" # endif if (( # ifdef HAVE_SETUSERCONTEXT /* Do we ignore a nologin file? */ !login_getcapbool( lc, "ignorenologin", 0 )) && (!stat( (nolg = login_getcapstr( lc, "nologin", "", NULL )), &st ) || # endif !stat( (nolg = _PATH_NOLOGIN), &st ))) { if (st.st_size && (fd = open( nolg, O_RDONLY )) >= 0) { if ((buf = Malloc( st.st_size + 1 ))) { if (read( fd, buf, st.st_size ) == st.st_size) { close( fd ); buf[st.st_size] = 0; displayStr( V_MSG_ERR, buf ); free( buf ); gSendInt( V_FAIL ); LC_RET0; } free( buf ); } close( fd ); } displayStr( V_MSG_ERR, "Logins are not allowed at the moment.\nTry again later" ); gSendInt( V_FAIL ); LC_RET0; } /* restrict_time */ # if defined(HAVE_SETUSERCONTEXT) && defined(HAVE_AUTH_TIMEOK) if (!auth_timeok( lc, time( NULL ) )) { displayStr( V_MSG_ERR, "You are not allowed to login at the moment" ); gSendInt( V_FAIL ); LC_RET0; } # endif # ifdef HAVE_GETUSERSHELL for (;;) { if (!(s = getusershell())) { debug( "shell not in /etc/shells\n" ); endusershell(); V_RET_FAIL( "Your login shell is not listed in /etc/shells" ); } if (!strcmp( s, p->pw_shell )) { endusershell(); break; } } # endif # endif /* !USE_PAM */ /* restrict_nohome */ # ifdef HAVE_SETUSERCONTEXT if (login_getcapbool( lc, "requirehome", 0 )) { struct stat st; if (!*p->pw_dir || stat( p->pw_dir, &st ) || st.st_uid != p->pw_uid) { displayStr( V_MSG_ERR, "Home folder not available" ); gSendInt( V_FAIL ); LC_RET0; } } # endif #endif /* !_AIX */ return 1; } static const char *envvars[] = { "TZ", /* SYSV and SVR4, but never hurts */ #ifdef _AIX "AUTHSTATE", /* for kerberos */ #endif NULL }; #if defined(USE_PAM) && defined(HAVE_INITGROUPS) static int num_saved_gids; static gid_t *saved_gids; static int saveGids( void ) { num_saved_gids = getgroups( 0, 0 ); if (!(saved_gids = Malloc( sizeof(gid_t) * num_saved_gids ))) return 0; if (getgroups( num_saved_gids, saved_gids ) < 0) { logError( "saving groups failed: %m\n" ); return 0; } return 1; } static int restoreGids( void ) { if (setgroups( num_saved_gids, saved_gids ) < 0) { logError( "restoring groups failed: %m\n" ); return 0; } if (setgid( p->pw_gid ) < 0) { logError( "restoring gid failed: %m\n" ); return 0; } return 1; } #endif /* USE_PAM && HAVE_INITGROUPS */ static int resetGids( void ) { #ifdef HAVE_INITGROUPS if (setgroups( 0, &p->pw_gid /* anything */ ) < 0) { logError( "restoring groups failed: %m\n" ); return 0; } #endif if (setgid( 0 ) < 0) { logError( "restoring gid failed: %m\n" ); return 0; } return 1; } static int setGid( const char *name, int gid ) { if (setgid( gid ) < 0) { logError( "setgid(%d) (user %s) failed: %m\n", gid, name ); return 0; } #ifdef HAVE_INITGROUPS if (initgroups( name, gid ) < 0) { logError( "initgroups for %s failed: %m\n", name ); setgid( 0 ); return 0; } #endif /* QNX4 doesn't support multi-groups, no initgroups() */ return 1; } static int setUid( const char *name, int uid ) { if (setuid( uid ) < 0) { logError( "setuid(%d) (user %s) failed: %m\n", uid, name ); return 0; } return 1; } static int setUser( const char *name, int uid, int gid ) { if (setGid( name, gid )) { if (setUid( name, uid )) return 1; resetGids(); } return 0; } #if defined(SECURE_RPC) || defined(K5AUTH) static void nukeAuth( int len, const char *name ) { int i; for (i = 0; i < td->authNum; i++) if (td->authorizations[i]->name_length == len && !memcmp( td->authorizations[i]->name, name, len )) { memcpy( &td->authorizations[i], &td->authorizations[i+1], sizeof(td->authorizations[i]) * (--td->authNum - i) ); break; } } #endif static void mergeSessionArgs( int cansave ) { char *mfname; const char *fname; int i, needsave; mfname = 0; fname = ".dmrc"; if ((!curdmrc || newdmrc) && *dmrcDir) if (strApp( &mfname, dmrcDir, "/", curuser, fname, (char *)0 )) fname = mfname; needsave = 0; if (!curdmrc) { curdmrc = iniLoad( fname ); if (!curdmrc) { strDup( &curdmrc, "[Desktop]\nSession=default\n" ); needsave = 1; } } if (newdmrc) { curdmrc = iniMerge( curdmrc, newdmrc ); needsave = 1; } if (needsave && cansave) if (!iniSave( curdmrc, fname ) && errno == ENOENT && mfname) { for (i = 0; mfname[i]; i++) if (mfname[i] == '/') { mfname[i] = 0; mkdir( mfname, 0755 ); mfname[i] = '/'; } iniSave( curdmrc, mfname ); } if (mfname) free( mfname ); } static int createClientLog( const char *log ) { char randstr[32], *randstrp = 0, *lname; int lfd; for (;;) { struct expando macros[] = { { 'd', 0, td->name }, { 'u', 0, curuser }, { 'r', 0, randstrp }, { 0, 0, 0 } }; if (!(lname = expandMacros( log, macros ))) exit( 1 ); unlink( lname ); if ((lfd = open( lname, O_WRONLY|O_CREAT|O_EXCL, 0600 )) >= 0) { dup2( lfd, 1 ); dup2( lfd, 2 ); close( lfd ); free( lname ); return TRUE; } if (errno != EEXIST || !macros[2].uses) { free( lname ); return FALSE; } logInfo( "Session log file %s not usable, trying another one.\n", lname ); free( lname ); sprintf( randstr, "%d", secureRandom() ); randstrp = randstr; } }
void sessionExit( int status ) { int pid; #ifdef USE_PAM int pretc; #endif if (removeAuth) { switch (source( systemEnviron, td->reset, td_setup )) { case 0: case wcCompose( 0, 0, 127 ): break; default: logError( "Reset script returned non-zero exit code\n" ); break; } sessreg( td, 0, 0, 0 ); switch (Fork( &pid )) { case 0: #if defined(USE_PAM) && defined(HAVE_INITGROUPS) if (restoreGids() && setUid( curuser, curuid )) #else if (setUser( curuser, curuid, curgid )) #endif { removeUserAuthorization( td ); #ifdef K5AUTH krb5Destroy( td->name ); #endif /* K5AUTH */ #if !defined(USE_PAM) && !defined(_AIX) # ifdef KERBEROS if (krbtkfile[0]) { (void)dest_tkt(); # ifdef AFS if (k_hasafs()) (void)k_unlog(); # endif } # endif #endif /* !USE_PAM && !_AIX*/ } exit( 0 ); case -1: logError( "Cannot clean up session: fork() failed: %m" ); break; default: Wait4( &pid ); break; } } #ifdef USE_PAM if (removeCreds) { # ifdef HAVE_INITGROUPS restoreGids(); # endif if (removeSession) { pretc = pam_close_session( pamh, 0 ); reInitErrorLog(); if (pretc != PAM_SUCCESS) logError( "pam_close_session() failed: %s\n", pam_strerror( pamh, pretc ) ); } pretc = pam_setcred( pamh, PAM_DELETE_CRED ); reInitErrorLog(); if (pretc != PAM_SUCCESS) logError( "pam_setcred(DELETE_CRED) failed: %s\n", pam_strerror( pamh, pretc ) ); resetGids(); } if (pamh) { pam_end( pamh, PAM_SUCCESS ); reInitErrorLog(); } #endif finishGreet(); /* make sure the server gets reset after the session is over */ if (td->serverPid >= 2) { if (!td->terminateServer && td->resetSignal) terminateProcess( td->serverPid, td->resetSignal ); } else resetServer( td ); debug( "display %s exiting with status %d\n", td->name, status ); exit( status ); }
int startClient( volatile int *pid ) { const char *home, *sessargs, *desksess; char **env, *xma; char **argv, *fname, *str; #ifdef USE_PAM char ** volatile pam_env; # ifndef HAVE_PAM_GETENVLIST char **saved_env; # endif int pretc; #else # ifdef _AIX char *msg; char **theenv; extern char **newenv; /* from libs.a, this is set up by setpenv */ # endif #endif #ifdef HAVE_SETUSERCONTEXT extern char **environ; #endif char *failsafeArgv[2]; char *buf, *buf2; int i; if (strCmp( dmrcuser, curuser )) { if (curdmrc) { free( curdmrc ); curdmrc = 0; } if (dmrcuser) { free( dmrcuser ); dmrcuser = 0; } } #if defined(USE_PAM) || defined(_AIX) if (!(p = getpwnam( curuser ))) { logError( "getpwnam(%s) failed.\n", curuser ); pError: displayStr( V_MSG_ERR, 0 ); return 0; } #endif #ifndef USE_PAM # ifdef _AIX msg = NULL; loginsuccess( curuser, hostname, tty, &msg ); if (msg) { debug( "loginsuccess() - %s\n", msg ); free( (void *)msg ); } # else /* _AIX */ # if defined(KERBEROS) && defined(AFS) if (krbtkfile[0] != '\0') { if (k_hasafs()) { int fail = 0; if (k_setpag() == -1) { logError( "setpag() for %s failed\n", curuser ); fail = 1; } if ((ret = k_afsklog( NULL, NULL )) != KSUCCESS) { logError( "AFS Warning: %s\n", krb_get_err_text( ret ) ); fail = 1; } if (fail) displayMsg( V_MSG_ERR, "Warning: Problems during Kerberos4/AFS setup." ); } } # endif /* KERBEROS && AFS */ # endif /* _AIX */ #endif /* !PAM */ curuid = p->pw_uid; curgid = p->pw_gid; env = baseEnv( curuser ); xma = 0; strApp( &xma, "method=", curtype, (char *)0 ); if (td_setup) strApp( &xma, ",auto", (char *)0 ); if (xma) { env = setEnv( env, "XDM_MANAGED", xma ); free( xma ); } if (td->autoLock && cursource == PWSRC_AUTOLOGIN) env = setEnv( env, "DESKTOP_LOCKED", "true" ); env = setEnv( env, "PATH", curuid ? td->userPath : td->systemPath ); env = setEnv( env, "SHELL", p->pw_shell ); env = setEnv( env, "HOME", p->pw_dir ); #if !defined(USE_PAM) && !defined(_AIX) && defined(KERBEROS) if (krbtkfile[0] != '\0') env = setEnv( env, "KRBTKFILE", krbtkfile ); #endif userEnviron = inheritEnv( env, envvars ); env = systemEnv( curuser ); systemEnviron = setEnv( env, "HOME", p->pw_dir ); debug( "user environment:\n%[|''>'\n's" "system environment:\n%[|''>'\n's" "end of environments\n", userEnviron, systemEnviron ); /* * for user-based authorization schemes, * add the user to the server's allowed "hosts" list. */ for (i = 0; i < td->authNum; i++) { #ifdef SECURE_RPC if (td->authorizations[i]->name_length == 9 && !memcmp( td->authorizations[i]->name, "SUN-DES-1", 9 )) { XHostAddress addr; char netname[MAXNETNAMELEN+1]; char domainname[MAXNETNAMELEN+1]; getdomainname( domainname, sizeof(domainname) ); user2netname( netname, curuid, domainname ); addr.family = FamilyNetname; addr.length = strlen( netname ); addr.address = netname; XAddHost( dpy, &addr ); } #endif #ifdef K5AUTH if (td->authorizations[i]->name_length == 14 && !memcmp( td->authorizations[i]->name, "MIT-KERBEROS-5", 14 )) { /* Update server's auth file with user-specific info. * Don't need to AddHost because X server will do that * automatically when it reads the cache we are about * to point it at. */ XauDisposeAuth( td->authorizations[i] ); td->authorizations[i] = krb5GetAuthFor( 14, "MIT-KERBEROS-5", td->name ); saveServerAuthorizations( td, td->authorizations, td->authNum ); } #endif } if (*dmrcDir) mergeSessionArgs( TRUE ); debug( "now starting the session\n" ); #ifdef USE_PAM # ifdef HAVE_SETUSERCONTEXT if (setusercontext( lc, p, p->pw_uid, LOGIN_SETGROUP )) { logError( "setusercontext(groups) for %s failed: %m\n", curuser ); goto pError; } # else if (!setGid( curuser, curgid )) goto pError; # endif # ifndef HAVE_PAM_GETENVLIST if (!(pam_env = initStrArr( 0 ))) { resetGids(); goto pError; } saved_env = environ; environ = pam_env; # endif removeCreds = 1; /* set it first - i don't trust PAM's rollback */ pretc = pam_setcred( pamh, 0 ); reInitErrorLog(); # ifndef HAVE_PAM_GETENVLIST pam_env = environ; environ = saved_env; # endif # ifdef HAVE_INITGROUPS /* This seems to be a strange place for it, but do it: - after the initial groups are set - after pam_setcred might have set something, even in the error case - before pam_setcred(DELETE_CRED) might need it */ if (!saveGids()) goto pError; # endif if (pretc != PAM_SUCCESS) { logError( "pam_setcred() for %s failed: %s\n", curuser, pam_strerror( pamh, pretc ) ); resetGids(); return 0; } removeSession = 1; /* set it first - same as above */ pretc = pam_open_session( pamh, 0 ); reInitErrorLog(); if (pretc != PAM_SUCCESS) { logError( "pam_open_session() for %s failed: %s\n", curuser, pam_strerror( pamh, pretc ) ); resetGids(); return 0; } /* we don't want sessreg and the startup/reset scripts run with user credentials. unfortunately, we can reset only the gids. */ resetGids(); # define D_LOGIN_SETGROUP LOGIN_SETGROUP #else /* USE_PAM */ # define D_LOGIN_SETGROUP 0 #endif /* USE_PAM */ removeAuth = 1; chownCtrl( &td->ctrl, curuid ); endpwent(); #if !defined(USE_PAM) && defined(USESHADOW) && !defined(_AIX) endspent(); #endif ctltalk.pipe = &ctlpipe; ASPrintf( &buf, "sub-daemon for display %s", td->name ); ASPrintf( &buf2, "client for display %s", td->name ); switch (gFork( &ctlpipe, buf, buf2, 0, 0, mstrtalk.pipe, pid )) { case 0: gCloseOnExec( ctltalk.pipe ); if (Setjmp( ctltalk.errjmp )) exit( 1 ); gCloseOnExec( mstrtalk.pipe ); if (Setjmp( mstrtalk.errjmp )) goto cError; #ifndef NOXDMTITLE setproctitle( "%s'", td->name ); #endif strApp( &prog, " '", (char *)0 ); reInitErrorLog(); setsid(); sessreg( td, getpid(), curuser, curuid ); /* We do this here, as we want to have the session as parent. */ switch (source( systemEnviron, td->startup, td_setup )) { case 0: break; case wcCompose( 0, 0, 127 ): goto cError; default: /* Explicit failure => message already displayed. */ logError( "Startup script returned non-zero exit code\n" ); exit( 1 ); } /* Memory leaks are ok here as we exec() soon. */ #if defined(USE_PAM) || !defined(_AIX) # ifdef USE_PAM /* pass in environment variables set by libpam and modules it called */ # ifdef HAVE_PAM_GETENVLIST pam_env = pam_getenvlist( pamh ); reInitErrorLog(); # endif if (pam_env) for (; *pam_env; pam_env++) userEnviron = putEnv( *pam_env, userEnviron ); # endif # ifdef HAVE_SETLOGIN if (setlogin( curuser ) < 0) { logError( "setlogin for %s failed: %m\n", curuser ); goto cError; } # define D_LOGIN_SETLOGIN LOGIN_SETLOGIN # else # define D_LOGIN_SETLOGIN 0 # endif # if defined(USE_PAM) && defined(HAVE_INITGROUPS) if (!restoreGids()) goto cError; # endif # ifndef HAVE_SETUSERCONTEXT # ifdef USE_PAM if (!setUid( curuser, curuid )) goto cError; # else if (!setUser( curuser, curuid, curgid )) goto cError; # endif # else /* !HAVE_SETUSERCONTEXT */ /* * Destroy environment. * We need to do this before setusercontext() because that may * set or reset some environment variables. */ if (!(environ = initStrArr( 0 ))) goto cError; /* * Set the user's credentials: uid, gid, groups, * environment variables, resource limits, and umask. */ if (setusercontext( lc, p, p->pw_uid, LOGIN_SETALL & ~(D_LOGIN_SETGROUP|D_LOGIN_SETLOGIN) ) < 0) { logError( "setusercontext for %s failed: %m\n", curuser ); goto cError; } for (i = 0; environ[i]; i++) userEnviron = putEnv( environ[i], userEnviron ); # endif /* !HAVE_SETUSERCONTEXT */ #else /* PAM || !_AIX */ /* * Set the user's credentials: uid, gid, groups, * audit classes, user limits, and umask. */ if (setpcred( curuser, NULL ) == -1) { logError( "setpcred for %s failed: %m\n", curuser ); goto cError; } /* * Set the users process environment. Store protected variables and * obtain updated user environment list. This call will initialize * global 'newenv'. */ if (setpenv( curuser, PENV_INIT | PENV_ARGV | PENV_NOEXEC, userEnviron, NULL ) != 0) { logError( "Cannot set %s's process environment\n", curuser ); goto cError; } userEnviron = newenv; #endif /* _AIX */ /* * for user-based authorization schemes, * use the password to get the user's credentials. */ #ifdef SECURE_RPC /* do like "keylogin" program */ if (!curpass[0]) logInfo( "No password for NIS provided.\n" ); else { char netname[MAXNETNAMELEN+1], secretkey[HEXKEYBYTES+1]; int nameret, keyret; int len; int key_set_ok = 0; struct key_netstarg netst; nameret = getnetname( netname ); debug( "user netname: %s\n", netname ); len = strlen( curpass ); if (len > 8) bzero( curpass + 8, len - 8 ); keyret = getsecretkey( netname, secretkey, curpass ); debug( "getsecretkey returns %d, key length %d\n", keyret, strlen( secretkey ) ); netst.st_netname = netname; memcpy( netst.st_priv_key, secretkey, HEXKEYBYTES ); memset( netst.st_pub_key, 0, HEXKEYBYTES ); if (key_setnet( &netst ) < 0) debug( "Could not set secret key.\n" ); /* is there a key, and do we have the right password? */ if (keyret == 1) { if (*secretkey) { keyret = key_setsecret( secretkey ); debug( "key_setsecret returns %d\n", keyret ); if (keyret == -1) logError( "Failed to set NIS secret key\n" ); else key_set_ok = 1; } else { /* found a key, but couldn't interpret it */ logError( "Password incorrect for NIS principal %s\n", nameret ? netname : curuser ); } } if (!key_set_ok) nukeAuth( 9, "SUN-DES-1" ); bzero( secretkey, strlen( secretkey ) ); } #endif #ifdef K5AUTH /* do like "kinit" program */ if (!curpass[0]) logInfo( "No password for Kerberos5 provided.\n" ); else if ((str = krb5Init( curuser, curpass, td->name ))) userEnviron = setEnv( userEnviron, "KRB5CCNAME", str ); else nukeAuth( 14, "MIT-KERBEROS-5" ); #endif /* K5AUTH */ if (td->autoReLogin) { gSet( &mstrtalk ); gSendInt( D_ReLogin ); gSendStr( curuser ); gSendStr( curpass ); gSendStr( newdmrc ); } if (curpass) bzero( curpass, strlen( curpass ) ); setUserAuthorization( td ); home = getEnv( userEnviron, "HOME" ); if (home && chdir( home ) < 0) { logError( "Cannot chdir to %s's home %s: %m\n", curuser, home ); sendStr( V_MSG_ERR, "Cannot enter home directory. Using /.\n" ); chdir( "/" ); userEnviron = setEnv( userEnviron, "HOME", "/" ); home = 0; } if (home || td->clientLogFile[0] == '/') { if (!createClientLog( td->clientLogFile )) { logWarn( "Session log file according to %s cannot be created: %m\n", td->clientLogFile ); goto tmperr; } } else { tmperr: if (!createClientLog( td->clientLogFallback )) logError( "Fallback session log file according to %s cannot be created: %m\n", td->clientLogFallback ); /* Could inform the user, but I guess this is only confusing. */ } if (!*dmrcDir) mergeSessionArgs( home != 0 ); if (!(desksess = iniEntry( curdmrc, "Desktop", "Session", 0 ))) desksess = "failsafe"; /* only due to OOM */ gSet( &mstrtalk ); gSendInt( D_User ); gSendInt( curuid ); gSendStr( curuser ); gSendStr( desksess ); close( mstrtalk.pipe->fd.w ); userEnviron = setEnv( userEnviron, "DESKTOP_SESSION", desksess ); for (i = 0; td->sessionsDirs[i]; i++) { fname = 0; if (strApp( &fname, td->sessionsDirs[i], "/", desksess, ".desktop", (char *)0 )) { if ((str = iniLoad( fname ))) { if (!strCmp( iniEntry( str, "Desktop Entry", "Hidden", 0 ), "true" ) || !(sessargs = iniEntry( str, "Desktop Entry", "Exec", 0 ))) sessargs = ""; free( str ); free( fname ); goto gotit; } free( fname ); } } if (!strcmp( desksess, "failsafe" ) || !strcmp( desksess, "default" ) || !strcmp( desksess, "custom" )) sessargs = desksess; else sessargs = ""; gotit: if (!(argv = parseArgs( (char **)0, td->session )) || !(argv = addStrArr( argv, sessargs, -1 ))) exit( 1 ); if (argv[0] && *argv[0]) { debug( "executing session %\"[s\n", argv ); execute( argv, userEnviron ); logError( "Session %\"s execution failed: %m\n", argv[0] ); } else logError( "Session has no command/arguments\n" ); failsafeArgv[0] = td->failsafeClient; failsafeArgv[1] = 0; execute( failsafeArgv, userEnviron ); logError( "Failsafe client %\"s execution failed: %m\n", failsafeArgv[0] ); cError: sendStr( V_MSG_ERR, 0 ); exit( 1 ); case -1: free( buf ); return 0; } debug( "StartSession, fork succeeded %d\n", *pid ); free( buf ); gSet( &ctltalk ); if (!Setjmp( ctltalk.errjmp )) while (gRecvCmd( &i )) { buf = gRecvStr(); displayStr( i, buf ); free( buf ); gSet( &ctltalk ); gSendInt( 0 ); } gClosen( ctltalk.pipe ); finishGreet(); return 1; }
main(void) { //===Hier sollten Variablen deklariert werden ============================ //unsigned char i = 0; //char text[60]; //int x,y; //===Hier die notwendigen Initialisierungsschritte ======================= //=(1)== Port-Initialisierung ============================================ init_Port(); // Initialisierung der Port Register //(2)=== Clock-System-Initialisierung ==================================== //== XT2() oder Dco() als Taktquelle einstellen //== durch Ein- oder Auskommentieren //== DCO ist bei LPM Einsatz bevorzugt muß zyklisch kalibriert werden //== XT2 ist quarzstabil muß nicht zyklisch kalibriert werden // //XT2 (); // XT2 Taktquelle aktivieren mit 7.3728MHz DCO (); // Dco Taktquelle aktivieren mit 7.3728MHz // beachte DELTA //=(3)== Timer-Initialisierung= ========================================== init_Timer_A(); // Init Timer für Sekundeninterrupt // !! noch leere Funktion //=(4)== USART-Initialisierung =========================================== init_UART1(); // UART-RS232 mit 115.2kBit/s initialisieren // !! noch leere Funktion //=(5)== CC1100-Transceiver-Initialisierung ============================== init_UART0_SPI(); // CC1100 SPI UART initalisieren init_CC1100_POWERDOWN(); // CC1100 init und in RX Mode setzen // !!!Interrupte sind ab jetzt freigegeben!! //== Adresse und Funkkanal des Transceivers setzen //== für die Arbeitsplaetze HWPx (x=1...10) sollten //== ID=x und channnel=x gesetzt werden ID = 1; // Adresse setUid(ID); // Adresse im Transceiver setzen channel = 1; // Funkkanal switchFreq(channel); // Funkkanal im Transceiver setzen //== Soll der Transceiver genutzt werden müssen folgende zwei Zeilen //== auskommentiert werden: init_CC1100_IDLE(); // CC1100 in den IDLE Mode setzen init_CC1100_POWERDOWN();// CC1100 in den PowerDown Mode setzen //=(6)== LCD-Display-Initialisierung ===================================== dogm_reset(); // Hardware Reset des LCD Controllers dogm_init(); // Initialisierung der LCD Controller Register lcd_clear(WHITE); // Grafikspeicher auf dem MSP430 löschen //lcd_string(BLACK, 15, 25, "MSP430-GESTARTET!"); // Textausgabe lcd_paint(); // Grafikspeicher auf das LCD Display ausgeben #define LED_ROT (0x01) // 0 0 1 P4.0 #define LED_GELB (0x02) // 0 1 0 P4.1 #define LED_GRUEN (0x04) // 1 0 0 P4.2 #define LED_ALL (LED_ROT | LED_GELB | LED_GRUEN) #define LED_ON(led) (BIT_CLR(P4OUT, led)) #define LED_OFF(led) (BIT_SET(P4OUT, led)) #define LED_TOGGLE(led) (BIT_TOGGLE(P4OUT, led)) #define IS_LED_ON(led) (!(P4OUT & led)) #define TASTE_LINKS (0x1) #define TASTE_RECHTS (0x2) #define SLEEP_QUANTUM 10000 #define SLEEP(n) do { /* sleep for n seconds */ \ long time = n * 100000; /* wait() sleeps 10*n microseconds */ \ while(time > SLEEP_QUANTUM) { \ wait(SLEEP_QUANTUM); \ time -= SLEEP_QUANTUM; \ } \ wait(time); \ } while(0) BIT_CLR(P1DIR, TASTE_LINKS); BIT_CLR(P1IES, TASTE_LINKS); // LH BIT_SET(P1IE, TASTE_LINKS); BIT_CLR(P1IFG, TASTE_LINKS); BIT_SET(P1DIR, BIT2); _bis_SR_register(GIE); memset(uart_buffer, 0, sizeof(uart_buffer)); //===Hier die Endlosschleife quasi das Betriebssystem===================== while(1){ //BIT_SET(P1OUT, BIT2); //BIT_SET(P1OUT, BIT2); //SHT11_Read_Sensor(); //sprintf(uart_buffer, "%s %s\r\n", temp_char, humi_char); //print_buf(uart_buffer); //lcd_clear(WHITE); // Grafikspeicher auf dem MSP430 löschen //lcd_string(BLACK, 15, 25, uart_buffer); // Textausgabe //lcd_paint(); // Grafikspeicher auf das LCD Display ausgeben //wait(30000); } // Ende der Endlosschleife } // Ende Main
void Wiegand37WithFacilityFormat::unSerialize(boost::property_tree::ptree& node) { setFacilityCode(node.get_child("FacilityCode").get_value<unsigned short>()); setUid(node.get_child("Uid").get_value<unsigned long long>()); }
int main(int, char **) { introduction(); ReaderProviderPtr provider; ReaderUnitPtr readerUnit; ChipPtr chip; std::tie(provider, readerUnit, chip) = pcsc_test_init(); PRINT_TIME("CHip identifier: " << logicalaccess::BufferHelper::getHex(chip->getChipIdentifier())); LLA_ASSERT(chip->getCardType() == "DESFireEV1", "Chip is not an DESFireEV1, but is " + chip->getCardType() + " instead."); auto location_root_node = chip->getRootLocationNode(); auto cmd = std::dynamic_pointer_cast<logicalaccess::DESFireISO7816Commands>( chip->getCommands()); auto cmdev1 = std::dynamic_pointer_cast<logicalaccess::DESFireEV1ISO7816Commands>( chip->getCommands()); LLA_ASSERT(cmd && cmdev1, "Cannot get correct command object from chip."); cmd->selectApplication(0x00); cmd->authenticate(0); cmd->erase(); cmdev1->createApplication(0x521, logicalaccess::DESFireKeySettings::KS_DEFAULT, 3, logicalaccess::DESFireKeyType::DF_KEY_AES, logicalaccess::FIDS_NO_ISO_FID, 0, std::vector<unsigned char>()); cmd->selectApplication(0x521); std::shared_ptr<logicalaccess::DESFireKey> key(new logicalaccess::DESFireKey()); key->setKeyType(logicalaccess::DESFireKeyType::DF_KEY_AES); cmd->authenticate(0, key); LLA_SUBTEST_PASSED("Authenticate"); logicalaccess::DESFireAccessRights ar; ar.readAccess = logicalaccess::TaskAccessRights::AR_KEY2; ar.writeAccess = logicalaccess::TaskAccessRights::AR_KEY1; ar.readAndWriteAccess = logicalaccess::TaskAccessRights::AR_KEY1; ar.changeAccess = logicalaccess::TaskAccessRights::AR_KEY1; cmdev1->createStdDataFile(0x00, logicalaccess::EncryptionMode::CM_ENCRYPT, ar, 4, 0); cmd->authenticate(1, key); std::vector<unsigned char> data = {0x01, 0x02, 0x03, 0x04}, tmp; cmdev1->writeData(0, 0, data, logicalaccess::EncryptionMode::CM_ENCRYPT); cmd->authenticate(2, key); tmp = cmdev1->readData(0, 0, 4, logicalaccess::EncryptionMode::CM_ENCRYPT); LLA_ASSERT(std::equal(data.begin(), data.end(), tmp.begin()), "read and write data are different!"); LLA_SUBTEST_PASSED("WriteRead"); cmd->authenticate(0x00, key); cmd->deleteFile(0x00); cmd->authenticate(0x00, key); std::shared_ptr<logicalaccess::DESFireKey> newkey( new logicalaccess::DESFireKey("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03")); cmd->changeKey(0x00, newkey); LLA_SUBTEST_PASSED("ChangeKey"); cmd->selectApplication(0x00); cmd->authenticate(0); cmd->deleteApplication(0x521); auto service = std::dynamic_pointer_cast<logicalaccess::AccessControlCardService>( chip->getService(logicalaccess::CardServiceType::CST_ACCESS_CONTROL)); LLA_ASSERT(service, "Cannot retrieve access control service from chip."); auto location = std::make_shared<logicalaccess::DESFireLocation>(); location->aid = 0x522; location->file = 0; auto ai = std::make_shared<logicalaccess::DESFireAccessInfo>(); auto format = std::make_shared<logicalaccess::Wiegand26Format>(); format->setUid(1000); format->setFacilityCode(67); service->writeFormat(format, location, ai, ai); auto formattmp = std::make_shared<logicalaccess::Wiegand26Format>(); auto rformat = std::dynamic_pointer_cast<logicalaccess::Wiegand26Format>( service->readFormat(formattmp, location, ai)); if (!rformat || rformat->getUid() != 1000 || rformat->getFacilityCode() != 67) THROW_EXCEPTION_WITH_LOG(std::runtime_error, "Bad format"); LLA_SUBTEST_PASSED("ReadFormat"); pcsc_test_shutdown(readerUnit); return EXIT_SUCCESS; }