pegasus/src/Pegasus/Security/UserManager/PasswordFile.cpp - diff

Return to PasswordFile.cpp CVS log

Up to [Pegasus] / pegasus / src / Pegasus / Security / UserManager

Diff for /pegasus/src/Pegasus/Security/UserManager/PasswordFile.cpp between version 1.7 and 1.34

version 1.7, 2002/06/03 19:32:35

version 1.34, 2009/01/27 18:28:33

Line 1

//%/////////////////////////////////////////////////////////////////////////////

//%LICENSE////////////////////////////////////////////////////////////////

// The Open Group, Tivoli Systems

// Permission is hereby granted, free of charge, to any person obtaining a copy

// of this software and associated documentation files (the "Software"), to

// deal in the Software without restriction, including without limitation the

// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or

// sell copies of the Software, and to permit persons to whom the Software is

// furnished to do so, subject to the following conditions:

// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN

// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED

// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT

// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR

// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT

// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION

// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

//==============================================================================

// Author: Sushma Fernandes, Hewlett Packard Company (sushma_fernandes@hp.com)

// Licensed to The Open Group (TOG) under one or more contributor license

// agreements. Refer to the OpenPegasusNOTICE.txt file distributed with

// this work for additional information regarding copyright ownership.

// Each contributor licenses this file to you under the OpenPegasus Open

// Source License; you may not use this file except in compliance with the

// License.

// Permission is hereby granted, free of charge, to any person obtaining a

// copy of this software and associated documentation files (the "Software"),

// to deal in the Software without restriction, including without limitation

// the rights to use, copy, modify, merge, publish, distribute, sublicense,

// and/or sell copies of the Software, and to permit persons to whom the

// Software is furnished to do so, subject to the following conditions:

// The above copyright notice and this permission notice shall be included

// in all copies or substantial portions of the Software.

// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS

// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY

// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,

// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE

// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

// Modified By:

//////////////////////////////////////////////////////////////////////////

//%/////////////////////////////////////////////////////////////////////////////

Line 32

Line 34

#include <fstream>

#include <Pegasus/Common/FileSystem.h>

#include <Pegasus/Common/Destroyer.h>

#include <Pegasus/Common/Logger.h>

#include <Pegasus/Common/Tracer.h>

#include <Pegasus/Common/Executor.h>

#include <Pegasus/Security/UserManager/PasswordFile.h>

#include <Pegasus/Security/UserManager/UserExceptions.h>

Line 46

Line 48

const char COLON = ':';

Password file header information

static const char* PasswordFileHeader [] = {

"########################################################################",

"## ##",

"## CIM Server Password file ##",

"## ##",

"########################################################################",

" ",

"########################################################################",

"# #",

"# This is the password file for the CIMOM. The username/passowrd #",

"# in this file are loaded in to CIMOM by the User Manager Provider. #",

"# CIMOM updates this file with the changes . #",

"# #",

"# The password file stores the user information in username:password #",

"# format in order to be compatible with Apache's htpasswd generated #",

"# password file. #",

"# #",

"# The user must not edit this file, instead use #",

"# cimuser CLI to make any changes to the CIMOM user information. #",

"# #",

"########################################################################",

" "

};

static const int HEADER_SIZE = sizeof(PasswordFileHeader)/sizeof(PasswordFileHeader[0]);

////////////////////////////////////////////////////////////////////////////////

// PasswordFile Class

////////////////////////////////////////////////////////////////////////////////

/**

Constructor.

Line 93

Line 63

_passwordFile = fileName;

#ifdef PEGASUS_OS_VMS

_passwordBackupFile = fileName + "_bak";

#else

_passwordBackupFile = fileName + ".bak";

#endif

try

{

PasswordTable pt;

load(pt);

}

catch( NoSuchFile& e )

catch (const NoSuchFile&)

{

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::SEVERE,

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,

"Password file not found : $0.", _passwordFile);

MessageLoaderParms(

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::INFORMATION,

"Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND",

"Creating blank password file.");

"Password file not found : $0.", _passwordFile));

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

MessageLoaderParms(

"Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE",

"Creating blank password file."));

PasswordTable pt;

save(pt);

}

catch ( Exception& e)

{

throw e;

}

PEG_METHOD_EXIT();

}

Line 141

Line 115

if (FileSystem::exists(_passwordBackupFile))

{

if (FileSystem::exists(_passwordFile))

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

{

MessageLoaderParms(

if (! FileSystem::removeFile(_passwordFile))

"Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE",

{

"Trying to use the backup file : $0.",

throw CannotRemoveFile(_passwordFile);

_passwordBackupFile));

}

if (Executor::renameFile(

}

_passwordBackupFile.getCString(),

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::INFORMATION,

_passwordFile.getCString()) != 0)

"Trying to use the backup file : $0.", _passwordBackupFile);

{

if (! FileSystem::renameFile(_passwordBackupFile, _passwordFile))

Logger::put_l(

{

Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::INFORMATION,

MessageLoaderParms(

"Unable to use the backup file : $0.", _passwordBackupFile);

"Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE",

"Unable to use the backup file : $0.",

_passwordBackupFile));

throw CannotRenameFile(_passwordBackupFile);

}

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::INFORMATION,

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

"Recovered using the backup file : $0.", _passwordBackupFile);

MessageLoaderParms(

"Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE",

"Recovered using the backup file : $0.",

_passwordBackupFile));

}

if (! FileSystem::exists(_passwordFile))

{

Line 167

Line 146

// Open the password file

ArrayDestroyer<char> p(_passwordFile.allocateCString());

ifstream ifs(_passwordFile.getCString());

ifstream ifs(p.getPointer());

if (!ifs)

{

Logger::put(Logger::ERROR_LOG, "UserManager", Logger::SEVERE,

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,

"Error opening password file : $0.", _passwordFile);

MessageLoaderParms(

"Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE",

"Error opening password file : $0.",

_passwordFile));

return;

}

Line 186

Line 168

// Skip leading whitespace

const Char16* p = line.getData();

const Char16* pLine = line.getChar16Data();

const Char16* pUserNameStart;

const Char16* pUserNameEnd;

const Char16* pColon;

const Char16* pPassword;

while (*p && isspace(*p))

while (*pLine && isspace(*pLine))

{

p++;

pLine++;

}

if (!*p)

if (!*pLine)

{

continue;

}

// Skip comment lines

// Get the userName

pUserNameStart = pLine;

// Look for the password

if (*p == '#')

pColon = pLine;

while (*pColon && (*pColon != COLON))

{

continue;

*pColon++;

}

// Get the userName

// Expect a colon sign

String userName = String::EMPTY;

if (*pColon != COLON)

userName += *p++;

while (isalnum(*p))

{

userName += *p++;

// Did not find Colon, log a message and skip entry

Logger::put_l(

Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

MessageLoaderParms(

"Security.UserManager.PasswordFile.PWD_ENTRY_SYNTAX_ERROR",

"Syntax error in password entry at line : $0.",

lineNumber));

continue;

}

// Skip whitespace after user name

while (*p && isspace(*p))

pUserNameEnd = pColon - 1;

while ((pUserNameEnd >= pUserNameStart) && isspace(*pUserNameEnd))

{

p++;

pUserNameEnd--;

}

pUserNameEnd++; // Point to one past the username

if (pUserNameStart == pUserNameEnd)

// Expect a colon sign

if (*p != COLON)

{

// Did not find a user name, log a message and skip entry

// Did not find Colon, log a message and skip entry

Logger::put_l(

Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

Logger::put(Logger::ERROR_LOG, "CIMPassword", Logger::INFORMATION,

MessageLoaderParms(

"Error in reading password entry for : $0.", userName);

"Security.UserManager.PasswordFile.ERROR_READING_USR_ENTRY",

"User name not found in entry at line : $0.",

lineNumber));

continue;

}

p++;

String userName(pUserNameStart, pUserNameEnd - pUserNameStart);

// Skip whitespace after : sign

while (*p && isspace(*p))

pPassword = pColon + 1;

while (*pPassword && isspace(*pPassword))

{

p++;

pPassword++;

}

if (!*pPassword)

{

// Did not find a password, log a message and skip entry

Logger::put_l(

Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

MessageLoaderParms(

"Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY",

"Error reading the password entry for user : $0.",

userName));

continue;

}

// Get the password

String password = String::EMPTY;

String password(pPassword);

while (*p)

{

password += *p++;

}

// Store the user name and password in the table

Line 267

Line 270

// Duplicate entry for user, ignore the new entry.

Logger::put(Logger::ERROR_LOG, "CIMPassword", Logger::INFORMATION,

Logger::put_l(

"Duplicate user: $0.", userName);

Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,

MessageLoaderParms(

"Security.UserManager.PasswordFile.DUPLICATE_USER",

"Duplicate user: $0.", userName));

}

Line 280

Line 286

/**

Save the username and password to the password file.

void PasswordFile::save (PasswordTable& passwordTable)

void PasswordFile::save (const PasswordTable& passwordTable)

{

PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::save");

Line 292

Line 298

{

if ( FileSystem::exists(_passwordFile))

{

if ( ! FileSystem::removeFile(_passwordFile))

if (Executor::removeFile(_passwordFile.getCString()) != 0)

{

Logger::put(Logger::ERROR_LOG, "CIMPassword", Logger::SEVERE,

Logger::put_l(

"Cannot remove password file : $0.", _passwordFile);

Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,

MessageLoaderParms(

"Security.UserManager.PasswordFile."

"CANNOT_REMOVE_PWD_FILE",

"Cannot remove password file : $0.", _passwordFile));

throw CannotRemoveFile(_passwordFile);

}

Line 304

Line 314

{

if ( FileSystem::exists(_passwordFile))

{

if ( ! FileSystem::renameFile(_passwordFile, _passwordBackupFile))

if (Executor::renameFile(_passwordFile.getCString(),

_passwordBackupFile.getCString()) != 0)

{

Logger::put(Logger::ERROR_LOG, "CIMPassword", Logger::SEVERE,

Logger::put_l(

"Cannot rename password file : $0.", _passwordFile);

Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,

MessageLoaderParms(

"Security.UserManager.PasswordFile."

"CANNOT_RENAME_PWD_FILE",

"Cannot rename password file : $0.",

_passwordFile));

throw CannotRenameFile(_passwordFile);

}

Line 316

Line 332

// Open the password file for writing

ArrayDestroyer<char> p(_passwordFile.allocateCString());

ofstream ofs(p.getPointer());

FILE* ofs = Executor::openFile(_passwordFile.getCString(), 'w');

if (!ofs)

{

PEG_METHOD_EXIT();

throw CannotOpenFile(getFileName());

}

ofs.clear();

// Write password file header information

for (int index = 0; index < HEADER_SIZE; index++)

{

ofs << PasswordFileHeader[index] << endl;

}

ofs << endl;

// Save user names and passwords to the new file

for (PasswordTable::Iterator i = passwordTable.start(); i; i++)

{

ofs << i.key() << ":" << i.value() << endl;

CString key = i.key().getCString();

CString value = i.value().getCString();

fprintf(ofs, "%s:%s\n", (const char*)key, (const char*)value);

}

ofs.close();

fclose(ofs);

if ( FileSystem::exists(_passwordBackupFile))

{

if ( ! FileSystem::removeFile(_passwordBackupFile))

if (Executor::removeFile(_passwordBackupFile.getCString()) != 0)

{

Logger::put(Logger::ERROR_LOG, "CIMPassword",

Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,

Logger::SEVERE,

MessageLoaderParms(

"Security.UserManager.PasswordFile."

"CANNOT_REMOVE_BACKUP_PWD_FILE",

"Cannot remove backup password file : $0.",

_passwordBackupFile);

_passwordBackupFile));

throw CannotRemoveFile(_passwordBackupFile);

}

Line 362

Line 370

}

PEGASUS_NAMESPACE_END

Legend:

Removed from v.1.7
changed lines
	Added in v.1.34

No CVS admin address has been configured