version 1.26, 2007/04/03 18:50:58
|
version 1.34, 2009/01/27 18:28:33
|
|
|
//%2006//////////////////////////////////////////////////////////////////////// |
//%LICENSE//////////////////////////////////////////////////////////////// |
// | // |
// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
// Licensed to The Open Group (TOG) under one or more contributor license |
// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with |
// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; |
// this work for additional information regarding copyright ownership. |
// IBM Corp.; EMC Corporation, The Open Group. |
// Each contributor licenses this file to you under the OpenPegasus Open |
// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
// Source License; you may not use this file except in compliance with the |
// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
// License. |
// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
// |
// EMC Corporation; VERITAS Software Corporation; The Open Group. |
// Permission is hereby granted, free of charge, to any person obtaining a |
// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
// copy of this software and associated documentation files (the "Software"), |
// EMC Corporation; Symantec Corporation; The Open Group. |
// to deal in the Software without restriction, including without limitation |
// |
// the rights to use, copy, modify, merge, publish, distribute, sublicense, |
// Permission is hereby granted, free of charge, to any person obtaining a copy |
// and/or sell copies of the Software, and to permit persons to whom the |
// of this software and associated documentation files (the "Software"), to |
// Software is furnished to do so, subject to the following conditions: |
// deal in the Software without restriction, including without limitation the |
// |
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
// The above copyright notice and this permission notice shall be included |
// sell copies of the Software, and to permit persons to whom the Software is |
// in all copies or substantial portions of the Software. |
// furnished to do so, subject to the following conditions: |
// |
// |
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS |
// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. |
// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY |
// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, |
// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE |
// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
|
// | // |
//============================================================================== |
////////////////////////////////////////////////////////////////////////// |
// | // |
//%///////////////////////////////////////////////////////////////////////////// | //%///////////////////////////////////////////////////////////////////////////// |
| |
|
|
#include <Pegasus/Common/FileSystem.h> | #include <Pegasus/Common/FileSystem.h> |
#include <Pegasus/Common/Logger.h> | #include <Pegasus/Common/Logger.h> |
#include <Pegasus/Common/Tracer.h> | #include <Pegasus/Common/Tracer.h> |
#if defined(PEGASUS_OS_OS400) |
#include <Pegasus/Common/Executor.h> |
#include "OS400ConvertChar.h" |
|
#endif |
|
| |
#include <Pegasus/Security/UserManager/PasswordFile.h> | #include <Pegasus/Security/UserManager/PasswordFile.h> |
#include <Pegasus/Security/UserManager/UserExceptions.h> | #include <Pegasus/Security/UserManager/UserExceptions.h> |
|
|
| |
const char COLON = ':'; | const char COLON = ':'; |
| |
|
|
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
// | // |
// PasswordFile Class | // PasswordFile Class |
// | // |
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
| |
|
|
|
|
/** | /** |
Constructor. | Constructor. |
*/ | */ |
|
|
} | } |
catch(const NoSuchFile&) | catch(const NoSuchFile&) |
{ | { |
//l10n |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
//"Password file not found : $0.", _passwordFile); |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
//"Creating blank password file."); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND", | "Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND", |
"Password file not found : $0.", _passwordFile); |
"Password file not found : $0.", _passwordFile)); |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE", | "Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE", |
"Creating blank password file."); |
"Creating blank password file.")); |
PasswordTable pt; | PasswordTable pt; |
save(pt); | save(pt); |
} | } |
|
|
// | // |
if (FileSystem::exists(_passwordBackupFile)) | if (FileSystem::exists(_passwordBackupFile)) |
{ | { |
if (FileSystem::exists(_passwordFile)) |
|
{ |
|
if (! FileSystem::removeFile(_passwordFile)) |
|
{ |
|
throw CannotRemoveFile(_passwordFile); |
|
} |
|
} |
|
//l10n |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
//"Trying to use the backup file : $0.", _passwordBackupFile); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE", | "Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE", |
"Trying to use the backup file : $0.", _passwordBackupFile); |
"Trying to use the backup file : $0.", |
if (! FileSystem::renameFile(_passwordBackupFile, _passwordFile)) |
_passwordBackupFile)); |
{ |
if (Executor::renameFile( |
//l10n |
_passwordBackupFile.getCString(), |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
_passwordFile.getCString()) != 0) |
//"Unable to use the backup file : $0.", _passwordBackupFile); |
{ |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
Logger::put_l( |
|
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE", | "Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE", |
"Unable to use the backup file : $0.", _passwordBackupFile); |
"Unable to use the backup file : $0.", |
|
_passwordBackupFile)); |
throw CannotRenameFile(_passwordBackupFile); | throw CannotRenameFile(_passwordBackupFile); |
} | } |
//l10n |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
//"Recovered using the backup file : $0.", _passwordBackupFile); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE", | "Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE", |
"Recovered using the backup file : $0.", _passwordBackupFile); |
"Recovered using the backup file : $0.", |
|
_passwordBackupFile)); |
} | } |
if (! FileSystem::exists(_passwordFile)) | if (! FileSystem::exists(_passwordFile)) |
{ | { |
|
|
// | // |
// Open the password file | // Open the password file |
// | // |
#if defined(PEGASUS_OS_OS400) |
|
ifstream ifs(_passwordFile.getCString(), PEGASUS_STD(_CCSID_T(1208))); |
|
#else |
|
ifstream ifs(_passwordFile.getCString()); | ifstream ifs(_passwordFile.getCString()); |
#endif |
|
if (!ifs) | if (!ifs) |
{ | { |
//l10n |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
//"Error opening password file : $0.", _passwordFile); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
|
MessageLoaderParms( |
"Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE", | "Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE", |
"Error opening password file : $0.", _passwordFile); |
"Error opening password file : $0.", |
|
_passwordFile)); |
return; | return; |
} | } |
| |
|
|
// | // |
// Skip leading whitespace | // Skip leading whitespace |
// | // |
const Char16* p = line.getChar16Data(); |
const Char16* pLine = line.getChar16Data(); |
|
const Char16* pUserNameStart; |
|
const Char16* pUserNameEnd; |
|
const Char16* pColon; |
|
const Char16* pPassword; |
| |
while (*p && isspace(*p)) |
while (*pLine && isspace(*pLine)) |
{ | { |
p++; |
pLine++; |
} | } |
| |
if (!*p) |
if (!*pLine) |
{ | { |
continue; | continue; |
} | } |
|
|
// | // |
// Get the userName | // Get the userName |
// | // |
String userName; |
pUserNameStart = pLine; |
|
|
userName.append(*p++); |
|
| |
while (isalnum(*p)) |
// |
|
// Look for the password |
|
// |
|
pColon = pLine; |
|
while (*pColon && (*pColon != COLON)) |
{ | { |
userName.append(*p++); |
*pColon++; |
} | } |
|
|
// | // |
// Skip whitespace after user name |
// Expect a colon sign |
// | // |
while (*p && isspace(*p)) |
if (*pColon != COLON) |
{ | { |
p++; |
// Did not find Colon, log a message and skip entry |
|
Logger::put_l( |
|
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
|
"Security.UserManager.PasswordFile.PWD_ENTRY_SYNTAX_ERROR", |
|
"Syntax error in password entry at line : $0.", |
|
lineNumber)); |
|
continue; |
} | } |
| |
// | // |
// Expect a colon sign |
// Skip whitespace after user name |
// | // |
if (*p != COLON) |
pUserNameEnd = pColon - 1; |
|
while ((pUserNameEnd >= pUserNameStart) && isspace(*pUserNameEnd)) |
{ | { |
// |
pUserNameEnd--; |
// Did not find Colon, log a message and skip entry |
} |
//l10n |
pUserNameEnd++; // Point to one past the username |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
//"Error in reading password entry for : $0.", userName); |
if (pUserNameStart == pUserNameEnd) |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
{ |
"Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY", |
// Did not find a user name, log a message and skip entry |
"Error in reading password entry for : $0.", userName); |
Logger::put_l( |
|
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
|
"Security.UserManager.PasswordFile.ERROR_READING_USR_ENTRY", |
|
"User name not found in entry at line : $0.", |
|
lineNumber)); |
continue; | continue; |
} | } |
| |
p++; |
String userName(pUserNameStart, pUserNameEnd - pUserNameStart); |
| |
// | // |
// Skip whitespace after : sign | // Skip whitespace after : sign |
// | // |
while (*p && isspace(*p)) |
pPassword = pColon + 1; |
|
while (*pPassword && isspace(*pPassword)) |
|
{ |
|
pPassword++; |
|
} |
|
|
|
if (!*pPassword) |
{ | { |
p++; |
// Did not find a password, log a message and skip entry |
|
Logger::put_l( |
|
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
MessageLoaderParms( |
|
"Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY", |
|
"Error reading the password entry for user : $0.", |
|
userName)); |
|
continue; |
} | } |
| |
// | // |
// Get the password | // Get the password |
// | // |
String password; |
String password(pPassword); |
|
|
while (*p) |
|
{ |
|
password.append(*p++); |
|
} |
|
| |
// | // |
// Store the user name and password in the table | // Store the user name and password in the table |
|
|
// | // |
// Duplicate entry for user, ignore the new entry. | // Duplicate entry for user, ignore the new entry. |
// | // |
//l10n |
Logger::put_l( |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
//"Duplicate user: $0.", userName); |
MessageLoaderParms( |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION, |
|
"Security.UserManager.PasswordFile.DUPLICATE_USER", | "Security.UserManager.PasswordFile.DUPLICATE_USER", |
"Duplicate user: $0.", userName); |
"Duplicate user: $0.", userName)); |
} | } |
} | } |
| |
|
|
{ | { |
if ( FileSystem::exists(_passwordFile)) | if ( FileSystem::exists(_passwordFile)) |
{ | { |
if ( ! FileSystem::removeFile(_passwordFile)) |
if (Executor::removeFile(_passwordFile.getCString()) != 0) |
{ | { |
//l10n |
Logger::put_l( |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
//"Cannot remove password file : $0.", _passwordFile); |
MessageLoaderParms( |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
"Security.UserManager.PasswordFile." |
"Security.UserManager.PasswordFile.CANNOT_REMOVE_PWD_FILE", |
"CANNOT_REMOVE_PWD_FILE", |
"Cannot remove password file : $0.", _passwordFile); |
"Cannot remove password file : $0.", _passwordFile)); |
throw CannotRemoveFile(_passwordFile); | throw CannotRemoveFile(_passwordFile); |
} | } |
} | } |
|
|
{ | { |
if ( FileSystem::exists(_passwordFile)) | if ( FileSystem::exists(_passwordFile)) |
{ | { |
if ( ! FileSystem::renameFile(_passwordFile, _passwordBackupFile)) |
if (Executor::renameFile(_passwordFile.getCString(), |
|
_passwordBackupFile.getCString()) != 0) |
{ | { |
//l10n |
Logger::put_l( |
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
//"Cannot rename password file : $0.", _passwordFile); |
MessageLoaderParms( |
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
"Security.UserManager.PasswordFile." |
"Security.UserManager.PasswordFile.CANNOT_RENAME_PWD_FILE", |
"CANNOT_RENAME_PWD_FILE", |
"Cannot rename password file : $0.", _passwordFile); |
"Cannot rename password file : $0.", |
|
_passwordFile)); |
throw CannotRenameFile(_passwordFile); | throw CannotRenameFile(_passwordFile); |
} | } |
} | } |
|
|
// | // |
// Open the password file for writing | // Open the password file for writing |
// | // |
#if defined(PEGASUS_OS_OS400) |
|
ofstream ofs(_passwordFile.getCString(), PEGASUS_STD(_CCSID_T(1208))); |
FILE* ofs = Executor::openFile(_passwordFile.getCString(), 'w'); |
#else |
|
ofstream ofs(_passwordFile.getCString()); |
|
#endif |
|
if (!ofs) | if (!ofs) |
{ | { |
PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
throw CannotOpenFile(getFileName()); | throw CannotOpenFile(getFileName()); |
} | } |
| |
ofs.clear(); |
|
|
|
// | // |
// Save user names and passwords to the new file | // Save user names and passwords to the new file |
// | // |
for (PasswordTable::Iterator i = passwordTable.start(); i; i++) | for (PasswordTable::Iterator i = passwordTable.start(); i; i++) |
{ | { |
ofs << i.key() << ":" << i.value() << endl; |
CString key = i.key().getCString(); |
|
CString value = i.value().getCString(); |
|
fprintf(ofs, "%s:%s\n", (const char*)key, (const char*)value); |
} | } |
| |
ofs.close(); |
fclose(ofs); |
| |
if ( FileSystem::exists(_passwordBackupFile)) | if ( FileSystem::exists(_passwordBackupFile)) |
{ | { |
if ( ! FileSystem::removeFile(_passwordBackupFile)) |
if (Executor::removeFile(_passwordBackupFile.getCString()) != 0) |
{ | { |
//l10n |
|
//Logger::put(Logger::ERROR_LOG, System::CIMSERVER, |
|
//Logger::SEVERE, |
|
// "Cannot remove backup password file : $0.", |
|
//_passwordBackupFile); |
|
Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, | Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE, |
"Security.UserManager.PasswordFile.CANNOT_REMOVE_BACKUP_PWD_FILE", |
MessageLoaderParms( |
"Cannot remove backup password file : $0.", _passwordBackupFile); |
"Security.UserManager.PasswordFile." |
|
"CANNOT_REMOVE_BACKUP_PWD_FILE", |
|
"Cannot remove backup password file : $0.", |
|
_passwordBackupFile)); |
throw CannotRemoveFile(_passwordBackupFile); | throw CannotRemoveFile(_passwordBackupFile); |
} | } |
} | } |
|
|
} | } |
| |
PEGASUS_NAMESPACE_END | PEGASUS_NAMESPACE_END |
|
|