|
version 1.13, 2003/08/12 18:56:02
|
version 1.34, 2009/01/27 18:28:33
|
|
|
|
| //%///////////////////////////////////////////////////////////////////////////// |
//%LICENSE//////////////////////////////////////////////////////////////// |
| // |
|
| // Copyright (c) 2000, 2001, 2002 BMC Software, Hewlett-Packard Company, IBM, |
|
| // The Open Group, Tivoli Systems |
|
| // |
|
| // Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| // of this software and associated documentation files (the "Software"), to |
|
| // deal in the Software without restriction, including without limitation the |
|
| // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
|
| // sell copies of the Software, and to permit persons to whom the Software is |
|
| // furnished to do so, subject to the following conditions: |
|
| // |
|
| // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
|
| // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
|
| // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
|
| // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
|
| // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
|
| // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
|
| // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
|
| // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
|
| // | // |
| //============================================================================== |
// Licensed to The Open Group (TOG) under one or more contributor license |
| |
// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with |
| |
// this work for additional information regarding copyright ownership. |
| |
// Each contributor licenses this file to you under the OpenPegasus Open |
| |
// Source License; you may not use this file except in compliance with the |
| |
// License. |
| |
// |
| |
// Permission is hereby granted, free of charge, to any person obtaining a |
| |
// copy of this software and associated documentation files (the "Software"), |
| |
// to deal in the Software without restriction, including without limitation |
| |
// the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| |
// and/or sell copies of the Software, and to permit persons to whom the |
| |
// Software is furnished to do so, subject to the following conditions: |
| |
// |
| |
// The above copyright notice and this permission notice shall be included |
| |
// in all copies or substantial portions of the Software. |
| |
// |
| |
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
| |
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| |
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
| |
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY |
| |
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, |
| |
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE |
| |
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| // | // |
| // Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com) |
////////////////////////////////////////////////////////////////////////// |
| // |
|
| // Modified By: |
|
| // | // |
| //%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| | |
|
|
|
| #include <fstream> | #include <fstream> |
| | |
| #include <Pegasus/Common/FileSystem.h> | #include <Pegasus/Common/FileSystem.h> |
| #include <Pegasus/Common/Destroyer.h> |
|
| #include <Pegasus/Common/Logger.h> | #include <Pegasus/Common/Logger.h> |
| #include <Pegasus/Common/Tracer.h> | #include <Pegasus/Common/Tracer.h> |
| #if defined(PEGASUS_OS_OS400) |
#include <Pegasus/Common/Executor.h> |
| #include "OS400ConvertChar.h" |
|
| #endif |
|
| | |
| #include <Pegasus/Security/UserManager/PasswordFile.h> | #include <Pegasus/Security/UserManager/PasswordFile.h> |
| #include <Pegasus/Security/UserManager/UserExceptions.h> | #include <Pegasus/Security/UserManager/UserExceptions.h> |
|
|
|
| | |
| const char COLON = ':'; | const char COLON = ':'; |
| | |
| /* |
|
| Password file header information |
|
| */ |
|
| static const char* PasswordFileHeader [] = { |
|
| "########################################################################", |
|
| "## ##", |
|
| "## CIM Server Password file ##", |
|
| "## ##", |
|
| "########################################################################", |
|
| " ", |
|
| "########################################################################", |
|
| "# #", |
|
| "# This is the password file for the CIMOM. The username/passowrd #", |
|
| "# in this file are loaded in to CIMOM by the User Manager Provider. #", |
|
| "# CIMOM updates this file with the changes . #", |
|
| "# #", |
|
| "# The password file stores the user information in username:password #", |
|
| "# format in order to be compatible with Apache's htpasswd generated #", |
|
| "# password file. #", |
|
| "# #", |
|
| "# The user must not edit this file, instead use #", |
|
| "# cimuser CLI to make any changes to the CIMOM user information. #", |
|
| "# #", |
|
| "########################################################################", |
|
| " " |
|
| }; |
|
| |
|
| static const int HEADER_SIZE = sizeof(PasswordFileHeader)/sizeof(PasswordFileHeader[0]); |
|
| |
|
| |
|
| //////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
| // | // |
| // PasswordFile Class | // PasswordFile Class |
| // | // |
| //////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
| | |
| |
|
| |
|
| /** | /** |
| Constructor. | Constructor. |
| */ | */ |
|
|
|
| | |
| _passwordFile = fileName; | _passwordFile = fileName; |
| | |
| |
#ifdef PEGASUS_OS_VMS |
| |
_passwordBackupFile = fileName + "_bak"; |
| |
#else |
| _passwordBackupFile = fileName + ".bak"; | _passwordBackupFile = fileName + ".bak"; |
| |
#endif |
| | |
| try | try |
| { | { |
| PasswordTable pt; | PasswordTable pt; |
| load(pt); | load(pt); |
| } | } |
| catch( NoSuchFile& e ) |
catch (const NoSuchFile&) |
| { | { |
| //l10n |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
| //"Password file not found : $0.", _passwordFile); |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
| //"Creating blank password file."); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND", | "Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND", |
| "Password file not found : $0.", _passwordFile); |
"Password file not found : $0.", _passwordFile)); |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE", | "Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE", |
| "Creating blank password file."); |
"Creating blank password file.")); |
| PasswordTable pt; | PasswordTable pt; |
| save(pt); | save(pt); |
| } | } |
| catch ( Exception& e) |
|
| { |
|
| throw e; |
|
| } |
|
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| } | } |
| | |
|
|
|
| // | // |
| if (FileSystem::exists(_passwordBackupFile)) | if (FileSystem::exists(_passwordBackupFile)) |
| { | { |
| if (FileSystem::exists(_passwordFile)) |
|
| { |
|
| if (! FileSystem::removeFile(_passwordFile)) |
|
| { |
|
| throw CannotRemoveFile(_passwordFile); |
|
| } |
|
| } |
|
| //l10n |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
| //"Trying to use the backup file : $0.", _passwordBackupFile); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE", | "Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE", |
| "Trying to use the backup file : $0.", _passwordBackupFile); |
"Trying to use the backup file : $0.", |
| if (! FileSystem::renameFile(_passwordBackupFile, _passwordFile)) |
_passwordBackupFile)); |
| { |
if (Executor::renameFile( |
| //l10n |
_passwordBackupFile.getCString(), |
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
_passwordFile.getCString()) != 0) |
| //"Unable to use the backup file : $0.", _passwordBackupFile); |
{ |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
Logger::put_l( |
| |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE", | "Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE", |
| "Unable to use the backup file : $0.", _passwordBackupFile); |
"Unable to use the backup file : $0.", |
| |
_passwordBackupFile)); |
| throw CannotRenameFile(_passwordBackupFile); | throw CannotRenameFile(_passwordBackupFile); |
| } | } |
| //l10n |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
| //"Recovered using the backup file : $0.", _passwordBackupFile); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE", | "Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE", |
| "Recovered using the backup file : $0.", _passwordBackupFile); |
"Recovered using the backup file : $0.", |
| |
_passwordBackupFile)); |
| } | } |
| if (! FileSystem::exists(_passwordFile)) | if (! FileSystem::exists(_passwordFile)) |
| { | { |
|
|
|
| // | // |
| // Open the password file | // Open the password file |
| // | // |
| #if defined(PEGASUS_OS_OS400) |
|
| CString tempPath = _passwordFile.getCString(); |
|
| const char * tmp = tempPath; |
|
| AtoE((char *)tmp); |
|
| ifstream ifs(tmp, PEGASUS_STD(_CCSID_T(1208))); |
|
| #else |
|
| ifstream ifs(_passwordFile.getCString()); | ifstream ifs(_passwordFile.getCString()); |
| #endif |
|
| if (!ifs) | if (!ifs) |
| { | { |
| //l10n |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
| //"Error opening password file : $0.", _passwordFile); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| |
MessageLoaderParms( |
| "Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE", | "Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE", |
| "Error opening password file : $0.", _passwordFile); |
"Error opening password file : $0.", |
| |
_passwordFile)); |
| return; | return; |
| } | } |
| | |
|
|
|
| // | // |
| // Skip leading whitespace | // Skip leading whitespace |
| // | // |
| const Char16* p = line.getChar16Data(); |
const Char16* pLine = line.getChar16Data(); |
| |
const Char16* pUserNameStart; |
| |
const Char16* pUserNameEnd; |
| |
const Char16* pColon; |
| |
const Char16* pPassword; |
| | |
| while (*p && isspace(*p)) |
while (*pLine && isspace(*pLine)) |
| { | { |
| p++; |
pLine++; |
| } | } |
| | |
| if (!*p) |
if (!*pLine) |
| { | { |
| continue; | continue; |
| } | } |
| | |
| // | // |
| // Skip comment lines |
// Get the userName |
| // | // |
| if (*p == '#') |
pUserNameStart = pLine; |
| |
|
| |
// |
| |
// Look for the password |
| |
// |
| |
pColon = pLine; |
| |
while (*pColon && (*pColon != COLON)) |
| { | { |
| continue; |
*pColon++; |
| } | } |
| |
|
| // | // |
| // Get the userName |
// Expect a colon sign |
| // | // |
| String userName = String::EMPTY; |
if (*pColon != COLON) |
| |
|
| userName.append(*p++); |
|
| |
|
| while (isalnum(*p)) |
|
| { | { |
| userName.append(*p++); |
// Did not find Colon, log a message and skip entry |
| |
Logger::put_l( |
| |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| |
"Security.UserManager.PasswordFile.PWD_ENTRY_SYNTAX_ERROR", |
| |
"Syntax error in password entry at line : $0.", |
| |
lineNumber)); |
| |
continue; |
| } | } |
| | |
| // | // |
| // Skip whitespace after user name | // Skip whitespace after user name |
| // | // |
| while (*p && isspace(*p)) |
pUserNameEnd = pColon - 1; |
| |
while ((pUserNameEnd >= pUserNameStart) && isspace(*pUserNameEnd)) |
| { | { |
| p++; |
pUserNameEnd--; |
| } | } |
| |
pUserNameEnd++; // Point to one past the username |
| | |
| // |
if (pUserNameStart == pUserNameEnd) |
| // Expect a colon sign |
|
| // |
|
| if (*p != COLON) |
|
| { | { |
| // |
// Did not find a user name, log a message and skip entry |
| // Did not find Colon, log a message and skip entry |
Logger::put_l( |
| //l10n |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
MessageLoaderParms( |
| //"Error in reading password entry for : $0.", userName); |
"Security.UserManager.PasswordFile.ERROR_READING_USR_ENTRY", |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
"User name not found in entry at line : $0.", |
| "Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY", |
lineNumber)); |
| "Error in reading password entry for : $0.", userName); |
|
| continue; | continue; |
| } | } |
| | |
| p++; |
String userName(pUserNameStart, pUserNameEnd - pUserNameStart); |
| | |
| // | // |
| // Skip whitespace after : sign | // Skip whitespace after : sign |
| // | // |
| while (*p && isspace(*p)) |
pPassword = pColon + 1; |
| |
while (*pPassword && isspace(*pPassword)) |
| |
{ |
| |
pPassword++; |
| |
} |
| |
|
| |
if (!*pPassword) |
| { | { |
| p++; |
// Did not find a password, log a message and skip entry |
| |
Logger::put_l( |
| |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| |
MessageLoaderParms( |
| |
"Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY", |
| |
"Error reading the password entry for user : $0.", |
| |
userName)); |
| |
continue; |
| } | } |
| | |
| // | // |
| // Get the password | // Get the password |
| // | // |
| String password = String::EMPTY; |
String password(pPassword); |
| |
|
| while (*p) |
|
| { |
|
| password.append(*p++); |
|
| } |
|
| | |
| // | // |
| // Store the user name and password in the table | // Store the user name and password in the table |
|
|
|
| // | // |
| // Duplicate entry for user, ignore the new entry. | // Duplicate entry for user, ignore the new entry. |
| // | // |
| //l10n |
Logger::put_l( |
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
| //"Duplicate user: $0.", userName); |
MessageLoaderParms( |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
| "Security.UserManager.PasswordFile.DUPLICATE_USER", | "Security.UserManager.PasswordFile.DUPLICATE_USER", |
| "Duplicate user: $0.", userName); |
"Duplicate user: $0.", userName)); |
| } | } |
| } | } |
| | |
|
|
|
| /** | /** |
| Save the username and password to the password file. | Save the username and password to the password file. |
| */ | */ |
| void PasswordFile::save (PasswordTable& passwordTable) |
void PasswordFile::save (const PasswordTable& passwordTable) |
| { | { |
| PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::save"); | PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::save"); |
| | |
|
|
|
| { | { |
| if ( FileSystem::exists(_passwordFile)) | if ( FileSystem::exists(_passwordFile)) |
| { | { |
| if ( ! FileSystem::removeFile(_passwordFile)) |
if (Executor::removeFile(_passwordFile.getCString()) != 0) |
| { | { |
| //l10n |
Logger::put_l( |
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| //"Cannot remove password file : $0.", _passwordFile); |
MessageLoaderParms( |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
"Security.UserManager.PasswordFile." |
| "Security.UserManager.PasswordFile.CANNOT_REMOVE_PWD_FILE", |
"CANNOT_REMOVE_PWD_FILE", |
| "Cannot remove password file : $0.", _passwordFile); |
"Cannot remove password file : $0.", _passwordFile)); |
| throw CannotRemoveFile(_passwordFile); | throw CannotRemoveFile(_passwordFile); |
| } | } |
| } | } |
|
|
|
| { | { |
| if ( FileSystem::exists(_passwordFile)) | if ( FileSystem::exists(_passwordFile)) |
| { | { |
| if ( ! FileSystem::renameFile(_passwordFile, _passwordBackupFile)) |
if (Executor::renameFile(_passwordFile.getCString(), |
| |
_passwordBackupFile.getCString()) != 0) |
| { | { |
| //l10n |
Logger::put_l( |
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| //"Cannot rename password file : $0.", _passwordFile); |
MessageLoaderParms( |
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
"Security.UserManager.PasswordFile." |
| "Security.UserManager.PasswordFile.CANNOT_RENAME_PWD_FILE", |
"CANNOT_RENAME_PWD_FILE", |
| "Cannot rename password file : $0.", _passwordFile); |
"Cannot rename password file : $0.", |
| |
_passwordFile)); |
| throw CannotRenameFile(_passwordFile); | throw CannotRenameFile(_passwordFile); |
| } | } |
| } | } |
|
|
|
| // | // |
| // Open the password file for writing | // Open the password file for writing |
| // | // |
| #if defined(PEGASUS_OS_OS400) |
|
| CString tempPath = _passwordFile.getCString(); |
FILE* ofs = Executor::openFile(_passwordFile.getCString(), 'w'); |
| const char * tmp = tempPath; |
|
| AtoE((char *)tmp); |
|
| ofstream ofs(tmp, PEGASUS_STD(_CCSID_T(1208))); |
|
| #else |
|
| ofstream ofs(_passwordFile.getCString()); |
|
| #endif |
|
| if (!ofs) | if (!ofs) |
| { | { |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| throw CannotOpenFile(getFileName()); | throw CannotOpenFile(getFileName()); |
| } | } |
| | |
| ofs.clear(); |
|
| |
|
| // |
|
| // Write password file header information |
|
| // |
|
| |
|
| for (int index = 0; index < HEADER_SIZE; index++) |
|
| { |
|
| ofs << PasswordFileHeader[index] << endl; |
|
| } |
|
| |
|
| ofs << endl; |
|
| |
|
| // | // |
| // Save user names and passwords to the new file | // Save user names and passwords to the new file |
| // | // |
| for (PasswordTable::Iterator i = passwordTable.start(); i; i++) | for (PasswordTable::Iterator i = passwordTable.start(); i; i++) |
| { | { |
| ofs << i.key() << ":" << i.value() << endl; |
CString key = i.key().getCString(); |
| |
CString value = i.value().getCString(); |
| |
fprintf(ofs, "%s:%s\n", (const char*)key, (const char*)value); |
| } | } |
| | |
| ofs.close(); |
fclose(ofs); |
| | |
| if ( FileSystem::exists(_passwordBackupFile)) | if ( FileSystem::exists(_passwordBackupFile)) |
| { | { |
| if ( ! FileSystem::removeFile(_passwordBackupFile)) |
if (Executor::removeFile(_passwordBackupFile.getCString()) != 0) |
| { | { |
| //l10n |
|
| //Logger::put(Logger::ERROR_LOG, System::CIMSERVER, |
|
| //Logger::SEVERE, |
|
| // "Cannot remove backup password file : $0.", |
|
| //_passwordBackupFile); |
|
| Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
| "Security.UserManager.PasswordFile.CANNOT_REMOVE_BACKUP_PWD_FILE", |
MessageLoaderParms( |
| "Cannot remove backup password file : $0.", _passwordBackupFile); |
"Security.UserManager.PasswordFile." |
| |
"CANNOT_REMOVE_BACKUP_PWD_FILE", |
| |
"Cannot remove backup password file : $0.", |
| |
_passwordBackupFile)); |
| throw CannotRemoveFile(_passwordBackupFile); | throw CannotRemoveFile(_passwordBackupFile); |
| } | } |
| } | } |
|
|
|
| } | } |
| | |
| PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |
| |
|
Return to
PasswordFile.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Security / UserManager