authenticate.cpp

MPICH是MPI的重要研究,提供了一系列的接口函数,为并行计算的实现提供了编程环境.

#include "mpdimpl.h"
#include "Translate_Error.h"

static CRITICAL_SECTION g_hCryptCriticalSection;
static bool g_bCryptFirst = true;

bool GenAuthenticationStrings(char *append, char *crypted)
{
    int stamp;
    char *crypted_internal;
    char phrase[MPD_PASSPHRASE_MAX_LENGTH+1];
    char phrase_internal[MPD_PASSPHRASE_MAX_LENGTH+1];

    srand(GetTickCount());
    stamp = rand();

    if (!ReadMPDRegistry("phrase", phrase))
	return false;

    _snprintf(phrase_internal, MPD_PASSPHRASE_MAX_LENGTH, "%s%d", phrase, stamp);
    sprintf(append, "%d", stamp);

    if (g_bCryptFirst) // this is not safe code because two threads can enter this Initialize... block at the same time
    {
	InitializeCriticalSection(&g_hCryptCriticalSection);
	g_bCryptFirst = false;
    }
    EnterCriticalSection(&g_hCryptCriticalSection);
    //dbg_printf("GenAuthenticationStrings: calling crypt on '%s'\n", phrase_internal);
    crypted_internal = crypt(phrase_internal, MPD_SALT_VALUE);
    if (strlen(crypted_internal) > MPD_PASSPHRASE_MAX_LENGTH)
    {
	LeaveCriticalSection(&g_hCryptCriticalSection);
	return false;
    }
    strcpy(crypted, crypted_internal);
    LeaveCriticalSection(&g_hCryptCriticalSection);

    return true;
}

bool AuthenticateAcceptedConnection(MPD_Context **pp)
{
    int ret_val;
    MPD_Context *p;

    if (pp == NULL)
	return false;
    p = *pp;

    // generate the challenge string and the encrypted result
    if (!GenAuthenticationStrings(p->pszOut, p->pszCrypt))
    {
	err_printf("AuthenticateAcceptedConnection: failed to generate the authentication strings\n");
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // write the challenge string
    if (WriteString(p->sock, p->pszOut) == SOCKET_ERROR)
    {
	err_printf("AuthenticateAcceptedConnection: Writing challenge string failed, error %d\n", WSAGetLastError());
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // read the response
    if (!ReadString(p->sock, p->pszIn))
    {
	err_printf("AuthenticateAcceptedConnection: Reading challenge response failed, error %d\n", WSAGetLastError());
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // compare the response with the encrypted result and write success or failure
    if (strcmp(p->pszIn, p->pszCrypt) == 0)
	ret_val = WriteString(p->sock, "SUCCESS");
    else
	ret_val = WriteString(p->sock, "FAIL");
    if (ret_val == SOCKET_ERROR)
    {
	err_printf("AuthenticateAcceptedConnection: Writing authentication result failed, error %d\n", WSAGetLastError());
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // read the type of connection
    if (!ReadString(p->sock, p->pszIn))
    {
	err_printf("AuthenticateAcceptedConnection: Reading the connection type failed, error %d\n", WSAGetLastError());
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // set the state appropriate for the type of connection
    if (stricmp(p->pszIn, "console") == 0)
    {
	dbg_printf("AuthenticateAcceptedConnection: MPD_CONSOLE_SOCKET(%d)\n", p->sock);
	p->nType = MPD_CONSOLE_SOCKET;
	p->nLLState= MPD_READING_CMD;
    }
    else if (strnicmp(p->pszIn, "left ", 5) == 0)
    {
	dbg_printf("AuthenticateAcceptedConnection: MPD_LEFT_SOCKET(%d)\n", p->sock);
	p->nType = MPD_LEFT_SOCKET;
	p->nLLState= MPD_READING_CMD;
	strncpy(p->pszHost, &p->pszIn[5], MAX_HOST_LENGTH);
	p->pszHost[MAX_HOST_LENGTH-1] = '\0';
    }
    else if (strnicmp(p->pszIn, "right ", 6) == 0)
    {
	dbg_printf("AuthenticateAcceptedConnection: MPD_RIGHT_SOCKET(%d)\n", p->sock);
	p->nType = MPD_RIGHT_SOCKET;
	p->nLLState= MPD_READING_CMD;
	strncpy(p->pszHost, &p->pszIn[6], MAX_HOST_LENGTH);
	p->pszHost[MAX_HOST_LENGTH-1] = '\0';
    }
    else
    {
	err_printf("AuthenticateAcceptedConnection: unknown socket type read: '%s'\n", p->pszIn);
	RemoveContext(p);
	*pp = NULL;
	return false;
    }
    p->nState = MPD_IDLE;

    return true;
}

bool AuthenticateConnectedConnection(MPD_Context **pp, char *passphrase/* = MPD_DEFAULT_PASSPHRASE*/)
{
    int error;
    MPD_Context *p;
    char phrase[MPD_PASSPHRASE_MAX_LENGTH];
    char *result;

    if (pp == NULL)
	return false;
    p = *pp;

    strcpy(phrase, passphrase);

    // read the challenge string
    if (!ReadString(p->sock, p->pszIn))
    {
	err_printf("AuthenticateConnectedConnection: Reading challenge string failed, error %d\n", WSAGetLastError());
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // crypt the passphrase + the challenge
    if (strlen(phrase) + strlen(p->pszIn) > MPD_PASSPHRASE_MAX_LENGTH)
    {
	err_printf("AuthenticateConnectedConnection: unable to process passphrase.\n");
	RemoveContext(p);
	*pp = NULL;
	return false;
    }
    strcat(phrase, p->pszIn);
    if (g_bCryptFirst) // this is not safe code because two threads can enter this Initialize... block at the same time
    {
	InitializeCriticalSection(&g_hCryptCriticalSection);
	g_bCryptFirst = false;
    }
    EnterCriticalSection(&g_hCryptCriticalSection);
    result = crypt(phrase, MPD_SALT_VALUE);
    strcpy(p->pszOut, result);
    LeaveCriticalSection(&g_hCryptCriticalSection);

    // write the response
    if (WriteString(p->sock, p->pszOut) == SOCKET_ERROR)
    {
	error = WSAGetLastError();
	Translate_Error(error, p->pszOut);
	err_printf("AuthenticateConnectedConnection: WriteString of the encrypted response string failed: %d\n%s\n", error, p->pszOut);
	RemoveContext(p);
	*pp = NULL;
	return false;
    }

    // read the result
    if (!ReadString(p->sock, p->pszIn))
    {
	error = WSAGetLastError();
	Translate_Error(error, p->pszOut);
	err_printf("AuthenticateConnectedConnection: reading authentication result failed: error %d\n%s\n", error, p->pszOut);
	RemoveContext(p);
	*pp = NULL;
	return false;
    }
    if (strcmp(p->pszIn, "SUCCESS"))
    {
	dbg_printf("host authentication failed.\n");
	RemoveContext(p);
	*pp = NULL;
	return false;
    }
    return true;
}