1 karl 1.25 //%2006////////////////////////////////////////////////////////////////////////
|
2 mike 1.2 //
|
3 karl 1.19 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
4 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
5 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
|
6 karl 1.15 // IBM Corp.; EMC Corporation, The Open Group.
|
7 karl 1.19 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
8 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
|
9 karl 1.21 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
10 // EMC Corporation; VERITAS Software Corporation; The Open Group.
|
11 karl 1.25 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
12 // EMC Corporation; Symantec Corporation; The Open Group.
|
13 mike 1.2 //
14 // Permission is hereby granted, free of charge, to any person obtaining a copy
15 // of this software and associated documentation files (the "Software"), to
16 // deal in the Software without restriction, including without limitation the
17 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
18 // sell copies of the Software, and to permit persons to whom the Software is
19 // furnished to do so, subject to the following conditions:
|
20 kumpf 1.6 //
|
21 mike 1.2 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
22 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
23 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
24 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
25 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
26 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
27 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 //
30 //==============================================================================
31 //
32 //%/////////////////////////////////////////////////////////////////////////////
33
34
35 #include <cctype>
36 #include <fstream>
37
38 #include <Pegasus/Common/FileSystem.h>
39 #include <Pegasus/Common/Logger.h>
40 #include <Pegasus/Common/Tracer.h>
|
41 kumpf 1.27 #include <Pegasus/Common/Executor.h>
|
42 mike 1.2
43 #include <Pegasus/Security/UserManager/PasswordFile.h>
44 #include <Pegasus/Security/UserManager/UserExceptions.h>
45
46
47 PEGASUS_USING_STD;
48
49 PEGASUS_NAMESPACE_BEGIN
50
51 const char COLON = ':';
52
53
54 ////////////////////////////////////////////////////////////////////////////////
55 //
56 // PasswordFile Class
57 //
58 ////////////////////////////////////////////////////////////////////////////////
59
|
60 kumpf 1.29 /**
61 Constructor.
|
62 mike 1.2 */
|
63 kumpf 1.29 PasswordFile::PasswordFile(const String& fileName)
|
64 mike 1.2 {
|
65 kumpf 1.7 PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::PasswordFile");
|
66 mike 1.2
67 _passwordFile = fileName;
68
|
69 gs.keenan 1.24 #ifdef PEGASUS_OS_VMS
70 _passwordBackupFile = fileName + "_bak";
71 #else
|
72 mike 1.2 _passwordBackupFile = fileName + ".bak";
|
73 gs.keenan 1.24 #endif
|
74 mike 1.2
|
75 kumpf 1.3 try
76 {
|
77 kumpf 1.29 PasswordTable pt;
|
78 kumpf 1.3 load(pt);
79 }
|
80 kumpf 1.29 catch (const NoSuchFile&)
|
81 mike 1.2 {
|
82 humberto 1.12 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
83 "Security.UserManager.PasswordFile.PWD_FILE_NOT_FOUND",
|
84 kumpf 1.3 "Password file not found : $0.", _passwordFile);
|
85 humberto 1.12 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
86 "Security.UserManager.PasswordFile.CREATING_BLANK_PWD_FILE",
|
87 kumpf 1.3 "Creating blank password file.");
|
88 mike 1.2 PasswordTable pt;
89 save(pt);
90 }
|
91 kumpf 1.7 PEG_METHOD_EXIT();
|
92 mike 1.2 }
93
|
94 kumpf 1.29 /**
95 Destructor.
|
96 mike 1.2 */
|
97 kumpf 1.29 PasswordFile::~PasswordFile()
|
98 mike 1.2 {
|
99 kumpf 1.7 PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::~PasswordFile");
|
100 mike 1.2
|
101 kumpf 1.7 PEG_METHOD_EXIT();
|
102 mike 1.2 }
103
|
104 kumpf 1.29 /**
|
105 mike 1.2 Load the username and password from the password file.
106 */
|
107 kumpf 1.29 void PasswordFile::load(PasswordTable& passwordTable)
|
108 mike 1.2 {
109 String line;
110
|
111 kumpf 1.7 PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::load");
|
112 mike 1.2
|
113 kumpf 1.29 //
|
114 kumpf 1.3 // Check if the backup file exists, if it does use the backup file
115 // If not try to use the password file
116 //
117 if (FileSystem::exists(_passwordBackupFile))
118 {
|
119 humberto 1.12 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
120 "Security.UserManager.PasswordFile.TRYING_TO_BACKUP_FILE",
|
121 kumpf 1.3 "Trying to use the backup file : $0.", _passwordBackupFile);
|
122 kumpf 1.29 if (Executor::renameFile(
123 _passwordBackupFile.getCString(),
124 _passwordFile.getCString()) != 0)
125 {
126 Logger::put_l(
127 Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
128 "Security.UserManager.PasswordFile.CANNOT_USE_BACKUP_FILE",
129 "Unable to use the backup file : $0.", _passwordBackupFile);
130 throw CannotRenameFile(_passwordBackupFile);
131 }
|
132 humberto 1.12 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
133 "Security.UserManager.PasswordFile.RECOVERED_USING_BACKUP_FILE",
|
134 kumpf 1.3 "Recovered using the backup file : $0.", _passwordBackupFile);
135 }
|
136 kumpf 1.29 if (!FileSystem::exists(_passwordFile))
|
137 kumpf 1.3 {
|
138 kumpf 1.29 throw NoSuchFile(_passwordFile);
|
139 kumpf 1.3 }
140
|
141 mike 1.2 //
142 // Open the password file
143 //
|
144 david 1.16 ifstream ifs(_passwordFile.getCString());
|
145 ouyang.jian 1.28
|
146 mike 1.2 if (!ifs)
147 {
|
148 humberto 1.12 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
149 "Security.UserManager.PasswordFile.ERROR_OPENING_PWD_FILE",
|
150 kumpf 1.3 "Error opening password file : $0.", _passwordFile);
151 return;
|
152 mike 1.2 }
153
154 //
155 // Read each line of the file
156 //
157 for (Uint32 lineNumber = 1; GetLine(ifs, line); lineNumber++)
158 {
159 // Get the userName and password
160
161 //
162 // Skip leading whitespace
163 //
|
164 kumpf 1.10 const Char16* p = line.getChar16Data();
|
165 mike 1.2
166 while (*p && isspace(*p))
167 {
168 p++;
169 }
170
171 if (!*p)
172 {
173 continue;
174 }
175
176 //
177 // Get the userName
178 //
|
179 kumpf 1.26 String userName;
|
180 mike 1.2
|
181 kumpf 1.8 userName.append(*p++);
|
182 mike 1.2
183 while (isalnum(*p))
184 {
|
185 kumpf 1.8 userName.append(*p++);
|
186 mike 1.2 }
187
188 //
189 // Skip whitespace after user name
190 //
191 while (*p && isspace(*p))
192 {
193 p++;
194 }
195
196 //
197 // Expect a colon sign
198 //
|
199 kumpf 1.29 if (*p != COLON)
|
200 mike 1.2 {
|
201 kumpf 1.29 // Did not find Colon, log a message and skip entry
202 Logger::put_l(
203 Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
204 "Security.UserManager.PasswordFile.ERROR_READING_PWD_ENTRY",
205 "Error in reading password entry for : $0.",
206 userName);
207 continue;
|
208 mike 1.2 }
209
210 p++;
211
212 //
213 // Skip whitespace after : sign
214 //
215 while (*p && isspace(*p))
216 {
217 p++;
218 }
219
220 //
221 // Get the password
222 //
|
223 kumpf 1.26 String password;
|
224 mike 1.2
225 while (*p)
226 {
|
227 kumpf 1.8 password.append(*p++);
|
228 mike 1.2 }
229
230 //
231 // Store the user name and password in the table
232 //
233 if (!passwordTable.insert(userName, password))
234 {
235 //
236 // Duplicate entry for user, ignore the new entry.
237 //
|
238 kumpf 1.29 Logger::put_l(
239 Logger::ERROR_LOG, System::CIMSERVER, Logger::INFORMATION,
240 "Security.UserManager.PasswordFile.DUPLICATE_USER",
241 "Duplicate user: $0.", userName);
|
242 mike 1.2 }
243 }
244
245 ifs.close();
|
246 kumpf 1.7 PEG_METHOD_EXIT();
|
247 mike 1.2 }
248
249
|
250 kumpf 1.29 /**
|
251 mike 1.2 Save the username and password to the password file.
252 */
|
253 joyce.j 1.23 void PasswordFile::save (const PasswordTable& passwordTable)
|
254 mike 1.2 {
|
255 kumpf 1.7 PEG_METHOD_ENTER(TRC_USER_MANAGER, "PasswordFile::save");
|
256 mike 1.2
257 //
|
258 kumpf 1.3 // Check if backup password file exists, if it does remove the password file
259 // If it does not rename the password file to password backup file
|
260 mike 1.2 //
261 if (FileSystem::exists(_passwordBackupFile))
262 {
|
263 kumpf 1.29 if (FileSystem::exists(_passwordFile))
264 {
|
265 kumpf 1.27 if (Executor::removeFile(_passwordFile.getCString()) != 0)
|
266 kumpf 1.29 {
267 Logger::put_l(
268 Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
269 "Security.UserManager.PasswordFile.CANNOT_REMOVE_PWD_FILE",
270 "Cannot remove password file : $0.", _passwordFile);
271 throw CannotRemoveFile(_passwordFile);
|
272 kumpf 1.3 }
|
273 mike 1.2 }
274 }
|
275 kumpf 1.3 else
|
276 mike 1.2 {
|
277 kumpf 1.29 if (FileSystem::exists(_passwordFile))
278 {
279 if (Executor::renameFile(_passwordFile.getCString(),
|
280 kumpf 1.27 _passwordBackupFile.getCString()) != 0)
|
281 kumpf 1.29 {
282 Logger::put_l(
283 Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
284 "Security.UserManager.PasswordFile.CANNOT_RENAME_PWD_FILE",
285 "Cannot rename password file : $0.",
286 _passwordFile);
287 throw CannotRenameFile(_passwordFile);
|
288 kumpf 1.3 }
|
289 mike 1.2 }
290 }
291
292 //
|
293 kumpf 1.3 // Open the password file for writing
|
294 mike 1.2 //
|
295 kumpf 1.27
296 FILE* ofs = Executor::openFile(_passwordFile.getCString(), 'w');
297
|
298 mike 1.2 if (!ofs)
299 {
|
300 kumpf 1.7 PEG_METHOD_EXIT();
|
301 kumpf 1.29 throw CannotOpenFile(getFileName());
|
302 mike 1.2 }
|
303 kumpf 1.29
|
304 mike 1.2 //
305 // Save user names and passwords to the new file
306 //
307 for (PasswordTable::Iterator i = passwordTable.start(); i; i++)
308 {
|
309 kumpf 1.27 CString key = i.key().getCString();
310 CString value = i.value().getCString();
311 fprintf(ofs, "%s:%s\n", (const char*)key, (const char*)value);
|
312 mike 1.2 }
313
|
314 kumpf 1.27 fclose(ofs);
|
315 mike 1.2
|
316 kumpf 1.29 if (FileSystem::exists(_passwordBackupFile))
|
317 mike 1.2 {
|
318 kumpf 1.29 if (Executor::removeFile(_passwordBackupFile.getCString()) != 0)
319 {
320 Logger::put_l(Logger::ERROR_LOG, System::CIMSERVER, Logger::SEVERE,
321 "Security.UserManager.PasswordFile."
322 "CANNOT_REMOVE_BACKUP_PWD_FILE",
323 "Cannot remove backup password file : $0.",
324 _passwordBackupFile);
325 throw CannotRemoveFile(_passwordBackupFile);
|
326 mike 1.2 }
327 }
|
328 kumpf 1.7 PEG_METHOD_EXIT();
|
329 mike 1.2 }
330
331 PEGASUS_NAMESPACE_END
|