March 2006 - 389-commits - Fedora Mailing-Lists

[Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passsync syncserv.h, 1.7, 1.7.2.1

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2139/passwordsync/passsync Modified Files: Tag: Directory71RtmBranch syncserv.h Log Message: 186657 - Implemented locking around passhook data file access Index: syncserv.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync/syncserv.h,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -u -r1.7 -r1.7.2.1 --- syncserv.h 19 Apr 2005 22:07:44 -0000 1.7 +++ syncserv.h 30 Mar 2006 23:13:44 -0000 1.7.2.1 @@ -82,6 +82,7 @@ PASS_INFO_LIST passInfoList; HANDLE passhookEventHandle; + HANDLE passhookMutexHandle; // LDAP variables LDAP* mainLdapConnection; @@ -104,7 +105,8 @@ unsigned long maxBackoffTime; int logLevel; bool isRunning; + DWORD waitRes; fstream outLog; }; -#endif \ No newline at end of file +#endif

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passsync syncserv.cpp, 1.7.2.6, 1.7.2.7

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2067/passwordsync/passsync Modified Files: Tag: Directory71RtmBranch syncserv.cpp Log Message: 186657 - Implemented locking around passhook data file access Index: syncserv.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync/syncserv.cpp,v retrieving revision 1.7.2.6 retrieving revision 1.7.2.7 diff -u -r1.7.2.6 -r1.7.2.7 --- syncserv.cpp 22 Mar 2006 18:53:37 -0000 1.7.2.6 +++ syncserv.cpp 30 Mar 2006 23:09:00 -0000 1.7.2.7 @@ -76,6 +76,7 @@ unsigned long size; passhookEventHandle = CreateEvent(NULL, FALSE, FALSE, PASSHAND_EVENT_NAME); + passhookMutexHandle = CreateMutex(NULL, FALSE, PASSHOOK_MUTEX_NAME); mainLdapConnection = NULL; results = NULL; currentResult = NULL; @@ -211,10 +212,14 @@ timeStamp(&outLog); outLog << "Backing off for " << BackoffTime(GetMinBackoff()) << "ms" << endl; } - WaitForSingleObject(passhookEventHandle, BackoffTime(GetMinBackoff())); + waitRes = WaitForSingleObject(passhookEventHandle, BackoffTime(GetMinBackoff())); if(logLevel > 0) { timeStamp(&outLog); - outLog << "Backoff time expired. Attempting sync" << endl; + if (waitRes == WAIT_TIMEOUT) { + outLog << "Backoff time expired. Attempting sync" << endl; + } else { + outLog << "Received passhook event. Attempting sync" << endl; + } } } @@ -226,24 +231,38 @@ if(passInfoList.size() > 0) { - if(saveSet(&passInfoList, dataFilename) == 0) + // Get mutex for passhook.dat + WaitForSingleObject(passhookMutexHandle, INFINITE); + + // Need to loadSet here so we don't overwrite entries that passhook recently added + if(loadSet(&passInfoList, dataFilename) == 0) { - if(logLevel > 0) + if(saveSet(&passInfoList, dataFilename) == 0) + { + if(logLevel > 0) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries saved to data file" << endl; + } + } + else { timeStamp(&outLog); - outLog << passInfoList.size() << " entries saved to data file" << endl; + outLog << "Failed to save entries to data file" << endl; } - } - else - { + } else { timeStamp(&outLog); - outLog << "Failed to save entries to data file" << endl; + outLog << "Failed to load entries from file" << endl; } + + // Release mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); } exit: clearSet(&passInfoList); CloseHandle(passhookEventHandle); + CloseHandle(passhookMutexHandle); } // **************************************************************** @@ -258,6 +277,9 @@ char* dn = NULL; int tempSize = passInfoList.size(); + // Get mutex for passhook.dat + WaitForSingleObject(passhookMutexHandle, INFINITE); + if(loadSet(&passInfoList, dataFilename) == 0) { if((passInfoList.size() - tempSize) > 0) @@ -289,6 +311,9 @@ outLog << "Failed to load entries from file" << endl; } + // Release mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); + if(passInfoList.size() > 0) { if(logLevel > 0)

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passhook passhook.cpp, 1.7.2.1, 1.7.2.2

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhook In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2067/passwordsync/passhook Modified Files: Tag: Directory71RtmBranch passhook.cpp Log Message: 186657 - Implemented locking around passhook data file access Index: passhook.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhook/passhook.cpp,v retrieving revision 1.7.2.1 retrieving revision 1.7.2.2 diff -u -r1.7.2.1 -r1.7.2.2 --- passhook.cpp 22 Mar 2006 18:53:32 -0000 1.7.2.1 +++ passhook.cpp 30 Mar 2006 23:08:59 -0000 1.7.2.2 @@ -48,121 +48,74 @@ #define STATUS_SUCCESS ((NTSTATUS)0x00000000L) #endif +DWORD WINAPI SavePasshookChange( LPVOID passinfo ); +static HANDLE passhookMutexHandle; +static unsigned long logLevel; + NTSTATUS NTAPI PasswordChangeNotify(PUNICODE_STRING UserName, ULONG RelativeId, PUNICODE_STRING Password) { - HANDLE passhookEventHandle = OpenEvent(EVENT_MODIFY_STATE, FALSE, PASSHAND_EVENT_NAME); - PASS_INFO newPassInfo; - PASS_INFO_LIST passInfoList; - HKEY regKey; - DWORD type; - unsigned long buffSize; - char regBuff[PASSHAND_BUF_SIZE]; - unsigned long logLevel; + PASS_INFO *newPassInfo = NULL; + HANDLE passhookThreadHandle; fstream outLog; + DWORD waitRes; - RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\\PasswordSync", &regKey); - buffSize = PASSHAND_BUF_SIZE; - if(RegQueryValueEx(regKey, "Log Level", NULL, &type, (unsigned char*)regBuff, &buffSize) == ERROR_SUCCESS) - { - logLevel = (unsigned long)atoi(regBuff); - } - else - { - logLevel = 0; - } - if(logLevel > 0) - { - outLog.open("passhook.log", ios::out | ios::app); - } - RegCloseKey(regKey); - - // This memory will be free'd by calling clearSet below - newPassInfo.username = (char*)malloc((UserName->Length / 2) + 1); - newPassInfo.password = (char*)malloc((Password->Length / 2) + 1); - - if (newPassInfo.username && newPassInfo.password) { - _snprintf(newPassInfo.username, (UserName->Length / 2), "%S", UserName->Buffer); - _snprintf(newPassInfo.password, (Password->Length / 2), "%S", Password->Buffer); - newPassInfo.username[UserName->Length / 2] = '\0'; - newPassInfo.password[Password->Length / 2] = '\0'; + // This memory will be freed in SavePasshookChange + if ( newPassInfo = (PASS_INFO *) malloc(sizeof(PASS_INFO)) ) { + // These get freed in SavePasshookChange by calling clearSet + newPassInfo->username = (char*)malloc((UserName->Length / 2) + 1); + newPassInfo->password = (char*)malloc((Password->Length / 2) + 1); } else { - if(outLog.is_open()) { - timeStamp(&outLog); - outLog << "failed to allocate memory for username and password" << endl; - } - free(newPassInfo.username); - free(newPassInfo.password); goto exit; } - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "user " << newPassInfo.username << " password changed" << endl; - //outLog << "user " << newPassInfo.username << " password changed to " << newPassInfo.password << endl; - } + // Fill in the password change struct + if (newPassInfo->username && newPassInfo->password) { + _snprintf(newPassInfo->username, (UserName->Length / 2), "%S", UserName->Buffer); + _snprintf(newPassInfo->password, (Password->Length / 2), "%S", Password->Buffer); + newPassInfo->username[UserName->Length / 2] = '\0'; + newPassInfo->password[Password->Length / 2] = '\0'; - // loadSet allocates memory for the usernames and password. We need to be - // sure to free it by calling clearSet. - if(loadSet(&passInfoList, "passhook.dat") == 0) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << passInfoList.size() << " entries loaded from file" << endl; - } - } - else - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "failed to load entries from file" << endl; - } + // Backoff + newPassInfo->backoffCount = 0; + + // Load time + time(&(newPassInfo->atTime)); + } else { + // Memory error. Free everything we allocated. + free(newPassInfo->username); + free(newPassInfo->password); + free(newPassInfo); + goto exit; } - // Add the new change to the list - passInfoList.push_back(newPassInfo); + // Fire off a thread to do the real work + passhookThreadHandle = CreateThread(NULL, 0, SavePasshookChange, newPassInfo, 0, NULL); - // Save the list to disk - if(saveSet(&passInfoList, "passhook.dat") == 0) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << passInfoList.size() << " entries saved to file" << endl; - } - } - else - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "failed to save entries to file" << endl; - } - } + // We need to close the handle to the thread we created. Doing + // this will not terminate the thread. + if (passhookThreadHandle != NULL) { + CloseHandle(passhookThreadHandle); + } else { + // Acquire the mutex so we can log an error + waitRes = WaitForSingleObject(passhookMutexHandle, PASSHOOK_TIMEOUT); - // We need to call clearSet so memory gets free'd - clearSet(&passInfoList); + // If we got the mutex, log the error, otherwise it's not safe to log + if (waitRes == WAIT_OBJECT_0) { + outLog.open("passhook.log", ios::out | ios::app); + + if(outLog.is_open()) { + timeStamp(&outLog); + outLog << "Failed to start thread. Aborting change for " << newPassInfo->username << endl; + } -exit: - if(passhookEventHandle == NULL) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "can not get password sync service event handle, service not running" << endl; - } + outLog.close(); - } - else - { - SetEvent(passhookEventHandle); - CloseHandle(passhookEventHandle); + // Release mutex + ReleaseMutex(passhookMutexHandle); + } } - outLog.close(); - +exit: return STATUS_SUCCESS; } @@ -173,5 +126,132 @@ BOOL NTAPI InitializeChangeNotify() { - return TRUE; + HKEY regKey; + DWORD type; + unsigned long buffSize; + char regBuff[PASSHAND_BUF_SIZE]; + fstream outLog; + + // check if logging is enabled + RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\\PasswordSync", &regKey); + buffSize = PASSHAND_BUF_SIZE; + if(RegQueryValueEx(regKey, "Log Level", NULL, &type, (unsigned char*)regBuff, &buffSize) == ERROR_SUCCESS) + { + logLevel = (unsigned long)atoi(regBuff); + } + else + { + logLevel = 0; + } + RegCloseKey(regKey); + + // Create mutex for passhook data file and log file access + passhookMutexHandle = CreateMutex(NULL, FALSE, PASSHOOK_MUTEX_NAME); + + if (passhookMutexHandle == NULL) { + // Log an error. + outLog.open("passhook.log", ios::out | ios::app); + timeStamp(&outLog); + outLog << "Failed to create passhook mutex. Passhook DLL will not be loaded." << endl; + outLog.close(); + + return FALSE; + } else { + return TRUE; + } +} + +// This function will save the password change to the passhook data file. It +// will be run as a separate thread. +DWORD WINAPI SavePasshookChange( LPVOID passinfo ) +{ + PASS_INFO *newPassInfo = NULL; + PASS_INFO_LIST passInfoList; + HANDLE passhookEventHandle = OpenEvent(EVENT_MODIFY_STATE, FALSE, PASSHAND_EVENT_NAME); + fstream outLog; + + if ((newPassInfo = (PASS_INFO *)passinfo) == NULL) { + goto exit; + } + + // Acquire the mutex for passhook.dat. This mutex also guarantees + // that we can write to outLog safely. + WaitForSingleObject(passhookMutexHandle, INFINITE); + + // Open the log file if logging is enabled + if(logLevel > 0) + { + outLog.open("passhook.log", ios::out | ios::app); + } + + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << "user " << newPassInfo->username << " password changed" << endl; + //outLog << "user " << newPassInfo->username << " password changed to " << newPassInfo->passname << endl; + } + + // loadSet allocates memory for the usernames and password. We need to be + // sure to free it by calling clearSet. + if(loadSet(&passInfoList, "passhook.dat") == 0) + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries loaded from file" << endl; + } + } + else + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << "failed to load entries from file" << endl; + } + } + + // Add the new change to the list + passInfoList.push_back(*newPassInfo); + + // Save the list to disk + if(saveSet(&passInfoList, "passhook.dat") == 0) + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries saved to file" << endl; + } + } + else + { + // We always want to log this error condition + if(!outLog.is_open()) + { + // We need to open the log since debug logging is turned off + outLog.open("passhook.log", ios::out | ios::app); + } + + timeStamp(&outLog); + outLog << "failed to save entries to file" << endl; + } + + // Close the log file before we release the mutex. + outLog.close(); + + // Release the mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); + + // We need to call clearSet so memory gets free'd + clearSet(&passInfoList); + +exit: + // Free the passed in struct from the heap + free(newPassInfo); + + if (passhookEventHandle != NULL) { + SetEvent(passhookEventHandle); + CloseHandle(passhookEventHandle); + } + + return 0; }

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync passhand.cpp, 1.7.2.2, 1.7.2.3 passhand.h, 1.7, 1.7.2.1

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2067/passwordsync Modified Files: Tag: Directory71RtmBranch passhand.cpp passhand.h Log Message: 186657 - Implemented locking around passhook data file access Index: passhand.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhand.cpp,v retrieving revision 1.7.2.2 retrieving revision 1.7.2.3 diff -u -r1.7.2.2 -r1.7.2.3 --- passhand.cpp 22 Mar 2006 18:53:26 -0000 1.7.2.2 +++ passhand.cpp 30 Mar 2006 23:08:57 -0000 1.7.2.3 @@ -112,6 +112,8 @@ outFile.close(); exit: + // We need to unfreeze plainTextStream so memory gets freed by the destructor + plainTextStream.rdbuf()->freeze(false); free(cipherTextBuf); return result; } @@ -119,18 +121,18 @@ int loadSet(PASS_INFO_LIST* passInfoList, char* filename) { int result = 0; - int i; + int i = 0; fstream inFile; PASS_INFO newPair; strstream* plainTextStream; char* cipherTextBuf = NULL; char* plainTextBuf = NULL; - int usernameLen; - int passwordLen; - int plainTextLen; - int cipherTextLen; + int usernameLen = 0; + int passwordLen = 0; + int plainTextLen = 0; + int cipherTextLen = 0; int resultTextLen = 0; - int pairCount; + int pairCount = 0; // Read in cipher text from file inFile.open(filename, ios::in | ios::binary); @@ -164,6 +166,12 @@ goto exit; } + // Check to see if plainTextbuf contains anything + if (resultTextLen <= 0) { + result = -1; + goto exit; + } + plainTextStream = new strstream(plainTextBuf, resultTextLen); plainTextStream->read((char*)&pairCount, sizeof(pairCount)); Index: passhand.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passhand.h,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -u -r1.7 -r1.7.2.1 --- passhand.h 19 Apr 2005 22:07:43 -0000 1.7 +++ passhand.h 30 Mar 2006 23:08:57 -0000 1.7.2.1 @@ -50,7 +50,9 @@ #include "prerror.h" #define PASSHAND_EVENT_NAME "passhand_event" +#define PASSHOOK_MUTEX_NAME "passhook_mutex" +#define PASSHOOK_TIMEOUT 30000 #define PASSHAND_BUF_SIZE 256 using namespace std;

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] winsync/passwordsync/passhook passhook.cpp, 1.8, 1.9

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/winsync/passwordsync/passhook In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32422/passwordsync/passhook Modified Files: passhook.cpp Log Message: 186657 - Implemented locking around passhook data file access Index: passhook.cpp =================================================================== RCS file: /cvs/dirsec/winsync/passwordsync/passhook/passhook.cpp,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- passhook.cpp 22 Mar 2006 18:51:11 -0000 1.8 +++ passhook.cpp 30 Mar 2006 22:59:25 -0000 1.9 @@ -48,121 +48,74 @@ #define STATUS_SUCCESS ((NTSTATUS)0x00000000L) #endif +DWORD WINAPI SavePasshookChange( LPVOID passinfo ); +static HANDLE passhookMutexHandle; +static unsigned long logLevel; + NTSTATUS NTAPI PasswordChangeNotify(PUNICODE_STRING UserName, ULONG RelativeId, PUNICODE_STRING Password) { - HANDLE passhookEventHandle = OpenEvent(EVENT_MODIFY_STATE, FALSE, PASSHAND_EVENT_NAME); - PASS_INFO newPassInfo; - PASS_INFO_LIST passInfoList; - HKEY regKey; - DWORD type; - unsigned long buffSize; - char regBuff[PASSHAND_BUF_SIZE]; - unsigned long logLevel; + PASS_INFO *newPassInfo = NULL; + HANDLE passhookThreadHandle; fstream outLog; + DWORD waitRes; - RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\\PasswordSync", &regKey); - buffSize = PASSHAND_BUF_SIZE; - if(RegQueryValueEx(regKey, "Log Level", NULL, &type, (unsigned char*)regBuff, &buffSize) == ERROR_SUCCESS) - { - logLevel = (unsigned long)atoi(regBuff); - } - else - { - logLevel = 0; - } - if(logLevel > 0) - { - outLog.open("passhook.log", ios::out | ios::app); - } - RegCloseKey(regKey); - - // This memory will be free'd by calling clearSet below - newPassInfo.username = (char*)malloc((UserName->Length / 2) + 1); - newPassInfo.password = (char*)malloc((Password->Length / 2) + 1); - - if (newPassInfo.username && newPassInfo.password) { - _snprintf(newPassInfo.username, (UserName->Length / 2), "%S", UserName->Buffer); - _snprintf(newPassInfo.password, (Password->Length / 2), "%S", Password->Buffer); - newPassInfo.username[UserName->Length / 2] = '\0'; - newPassInfo.password[Password->Length / 2] = '\0'; + // This memory will be freed in SavePasshookChange + if ( newPassInfo = (PASS_INFO *) malloc(sizeof(PASS_INFO)) ) { + // These get freed in SavePasshookChange by calling clearSet + newPassInfo->username = (char*)malloc((UserName->Length / 2) + 1); + newPassInfo->password = (char*)malloc((Password->Length / 2) + 1); } else { - if(outLog.is_open()) { - timeStamp(&outLog); - outLog << "failed to allocate memory for username and password" << endl; - } - free(newPassInfo.username); - free(newPassInfo.password); goto exit; } - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "user " << newPassInfo.username << " password changed" << endl; - //outLog << "user " << newPassInfo.username << " password changed to " << newPassInfo.password << endl; - } + // Fill in the password change struct + if (newPassInfo->username && newPassInfo->password) { + _snprintf(newPassInfo->username, (UserName->Length / 2), "%S", UserName->Buffer); + _snprintf(newPassInfo->password, (Password->Length / 2), "%S", Password->Buffer); + newPassInfo->username[UserName->Length / 2] = '\0'; + newPassInfo->password[Password->Length / 2] = '\0'; - // loadSet allocates memory for the usernames and password. We need to be - // sure to free it by calling clearSet. - if(loadSet(&passInfoList, "passhook.dat") == 0) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << passInfoList.size() << " entries loaded from file" << endl; - } - } - else - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "failed to load entries from file" << endl; - } + // Backoff + newPassInfo->backoffCount = 0; + + // Load time + time(&(newPassInfo->atTime)); + } else { + // Memory error. Free everything we allocated. + free(newPassInfo->username); + free(newPassInfo->password); + free(newPassInfo); + goto exit; } - // Add the new change to the list - passInfoList.push_back(newPassInfo); + // Fire off a thread to do the real work + passhookThreadHandle = CreateThread(NULL, 0, SavePasshookChange, newPassInfo, 0, NULL); - // Save the list to disk - if(saveSet(&passInfoList, "passhook.dat") == 0) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << passInfoList.size() << " entries saved to file" << endl; - } - } - else - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "failed to save entries to file" << endl; - } - } + // We need to close the handle to the thread we created. Doing + // this will not terminate the thread. + if (passhookThreadHandle != NULL) { + CloseHandle(passhookThreadHandle); + } else { + // Acquire the mutex so we can log an error + waitRes = WaitForSingleObject(passhookMutexHandle, PASSHOOK_TIMEOUT); - // We need to call clearSet so memory gets free'd - clearSet(&passInfoList); + // If we got the mutex, log the error, otherwise it's not safe to log + if (waitRes == WAIT_OBJECT_0) { + outLog.open("passhook.log", ios::out | ios::app); + + if(outLog.is_open()) { + timeStamp(&outLog); + outLog << "Failed to start thread. Aborting change for " << newPassInfo->username << endl; + } -exit: - if(passhookEventHandle == NULL) - { - if(outLog.is_open()) - { - timeStamp(&outLog); - outLog << "can not get password sync service event handle, service not running" << endl; - } + outLog.close(); - } - else - { - SetEvent(passhookEventHandle); - CloseHandle(passhookEventHandle); + // Release mutex + ReleaseMutex(passhookMutexHandle); + } } - outLog.close(); - +exit: return STATUS_SUCCESS; } @@ -173,5 +126,132 @@ BOOL NTAPI InitializeChangeNotify() { - return TRUE; + HKEY regKey; + DWORD type; + unsigned long buffSize; + char regBuff[PASSHAND_BUF_SIZE]; + fstream outLog; + + // check if logging is enabled + RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\\PasswordSync", &regKey); + buffSize = PASSHAND_BUF_SIZE; + if(RegQueryValueEx(regKey, "Log Level", NULL, &type, (unsigned char*)regBuff, &buffSize) == ERROR_SUCCESS) + { + logLevel = (unsigned long)atoi(regBuff); + } + else + { + logLevel = 0; + } + RegCloseKey(regKey); + + // Create mutex for passhook data file and log file access + passhookMutexHandle = CreateMutex(NULL, FALSE, PASSHOOK_MUTEX_NAME); + + if (passhookMutexHandle == NULL) { + // Log an error. + outLog.open("passhook.log", ios::out | ios::app); + timeStamp(&outLog); + outLog << "Failed to create passhook mutex. Passhook DLL will not be loaded." << endl; + outLog.close(); + + return FALSE; + } else { + return TRUE; + } +} + +// This function will save the password change to the passhook data file. It +// will be run as a separate thread. +DWORD WINAPI SavePasshookChange( LPVOID passinfo ) +{ + PASS_INFO *newPassInfo = NULL; + PASS_INFO_LIST passInfoList; + HANDLE passhookEventHandle = OpenEvent(EVENT_MODIFY_STATE, FALSE, PASSHAND_EVENT_NAME); + fstream outLog; + + if ((newPassInfo = (PASS_INFO *)passinfo) == NULL) { + goto exit; + } + + // Acquire the mutex for passhook.dat. This mutex also guarantees + // that we can write to outLog safely. + WaitForSingleObject(passhookMutexHandle, INFINITE); + + // Open the log file if logging is enabled + if(logLevel > 0) + { + outLog.open("passhook.log", ios::out | ios::app); + } + + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << "user " << newPassInfo->username << " password changed" << endl; + //outLog << "user " << newPassInfo->username << " password changed to " << newPassInfo->passname << endl; + } + + // loadSet allocates memory for the usernames and password. We need to be + // sure to free it by calling clearSet. + if(loadSet(&passInfoList, "passhook.dat") == 0) + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries loaded from file" << endl; + } + } + else + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << "failed to load entries from file" << endl; + } + } + + // Add the new change to the list + passInfoList.push_back(*newPassInfo); + + // Save the list to disk + if(saveSet(&passInfoList, "passhook.dat") == 0) + { + if(outLog.is_open()) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries saved to file" << endl; + } + } + else + { + // We always want to log this error condition + if(!outLog.is_open()) + { + // We need to open the log since debug logging is turned off + outLog.open("passhook.log", ios::out | ios::app); + } + + timeStamp(&outLog); + outLog << "failed to save entries to file" << endl; + } + + // Close the log file before we release the mutex. + outLog.close(); + + // Release the mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); + + // We need to call clearSet so memory gets free'd + clearSet(&passInfoList); + +exit: + // Free the passed in struct from the heap + free(newPassInfo); + + if (passhookEventHandle != NULL) { + SetEvent(passhookEventHandle); + CloseHandle(passhookEventHandle); + } + + return 0; }

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] winsync/passwordsync/passsync syncserv.cpp, 1.13, 1.14 syncserv.h, 1.7, 1.8

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/winsync/passwordsync/passsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32422/passwordsync/passsync Modified Files: syncserv.cpp syncserv.h Log Message: 186657 - Implemented locking around passhook data file access Index: syncserv.cpp =================================================================== RCS file: /cvs/dirsec/winsync/passwordsync/passsync/syncserv.cpp,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- syncserv.cpp 22 Mar 2006 18:51:16 -0000 1.13 +++ syncserv.cpp 30 Mar 2006 22:59:26 -0000 1.14 @@ -76,6 +76,7 @@ unsigned long size; passhookEventHandle = CreateEvent(NULL, FALSE, FALSE, PASSHAND_EVENT_NAME); + passhookMutexHandle = CreateMutex(NULL, FALSE, PASSHOOK_MUTEX_NAME); mainLdapConnection = NULL; results = NULL; currentResult = NULL; @@ -211,10 +212,14 @@ timeStamp(&outLog); outLog << "Backing off for " << BackoffTime(GetMinBackoff()) << "ms" << endl; } - WaitForSingleObject(passhookEventHandle, BackoffTime(GetMinBackoff())); + waitRes = WaitForSingleObject(passhookEventHandle, BackoffTime(GetMinBackoff())); if(logLevel > 0) { timeStamp(&outLog); - outLog << "Backoff time expired. Attempting sync" << endl; + if (waitRes == WAIT_TIMEOUT) { + outLog << "Backoff time expired. Attempting sync" << endl; + } else { + outLog << "Received passhook event. Attempting sync" << endl; + } } } @@ -226,24 +231,38 @@ if(passInfoList.size() > 0) { - if(saveSet(&passInfoList, dataFilename) == 0) + // Get mutex for passhook.dat + WaitForSingleObject(passhookMutexHandle, INFINITE); + + // Need to loadSet here so we don't overwrite entries that passhook recently added + if(loadSet(&passInfoList, dataFilename) == 0) { - if(logLevel > 0) + if(saveSet(&passInfoList, dataFilename) == 0) + { + if(logLevel > 0) + { + timeStamp(&outLog); + outLog << passInfoList.size() << " entries saved to data file" << endl; + } + } + else { timeStamp(&outLog); - outLog << passInfoList.size() << " entries saved to data file" << endl; + outLog << "Failed to save entries to data file" << endl; } - } - else - { + } else { timeStamp(&outLog); - outLog << "Failed to save entries to data file" << endl; + outLog << "Failed to load entries from file" << endl; } + + // Release mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); } exit: clearSet(&passInfoList); CloseHandle(passhookEventHandle); + CloseHandle(passhookMutexHandle); } // **************************************************************** @@ -258,6 +277,9 @@ char* dn = NULL; int tempSize = passInfoList.size(); + // Get mutex for passhook.dat + WaitForSingleObject(passhookMutexHandle, INFINITE); + if(loadSet(&passInfoList, dataFilename) == 0) { if((passInfoList.size() - tempSize) > 0) @@ -289,6 +311,9 @@ outLog << "Failed to load entries from file" << endl; } + // Release mutex for passhook.dat + ReleaseMutex(passhookMutexHandle); + if(passInfoList.size() > 0) { if(logLevel > 0) Index: syncserv.h =================================================================== RCS file: /cvs/dirsec/winsync/passwordsync/passsync/syncserv.h,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- syncserv.h 19 Apr 2005 22:07:44 -0000 1.7 +++ syncserv.h 30 Mar 2006 22:59:26 -0000 1.8 @@ -82,6 +82,7 @@ PASS_INFO_LIST passInfoList; HANDLE passhookEventHandle; + HANDLE passhookMutexHandle; // LDAP variables LDAP* mainLdapConnection; @@ -104,7 +105,8 @@ unsigned long maxBackoffTime; int logLevel; bool isRunning; + DWORD waitRes; fstream outLog; }; -#endif \ No newline at end of file +#endif

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] winsync/passwordsync passhand.cpp, 1.9, 1.10 passhand.h, 1.7, 1.8

by Doctor Conrad

Author: nkinder Update of /cvs/dirsec/winsync/passwordsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32422/passwordsync Modified Files: passhand.cpp passhand.h Log Message: 186657 - Implemented locking around passhook data file access Index: passhand.cpp =================================================================== RCS file: /cvs/dirsec/winsync/passwordsync/passhand.cpp,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- passhand.cpp 22 Mar 2006 18:51:04 -0000 1.9 +++ passhand.cpp 30 Mar 2006 22:59:25 -0000 1.10 @@ -112,6 +112,8 @@ outFile.close(); exit: + // We need to unfreeze plainTextStream so memory gets freed by the destructor + plainTextStream.rdbuf()->freeze(false); free(cipherTextBuf); return result; } @@ -119,18 +121,18 @@ int loadSet(PASS_INFO_LIST* passInfoList, char* filename) { int result = 0; - int i; + int i = 0; fstream inFile; PASS_INFO newPair; strstream* plainTextStream; char* cipherTextBuf = NULL; char* plainTextBuf = NULL; - int usernameLen; - int passwordLen; - int plainTextLen; - int cipherTextLen; + int usernameLen = 0; + int passwordLen = 0; + int plainTextLen = 0; + int cipherTextLen = 0; int resultTextLen = 0; - int pairCount; + int pairCount = 0; // Read in cipher text from file inFile.open(filename, ios::in | ios::binary); @@ -164,6 +166,12 @@ goto exit; } + // Check to see if plainTextbuf contains anything + if (resultTextLen <= 0) { + result = -1; + goto exit; + } + plainTextStream = new strstream(plainTextBuf, resultTextLen); plainTextStream->read((char*)&pairCount, sizeof(pairCount)); Index: passhand.h =================================================================== RCS file: /cvs/dirsec/winsync/passwordsync/passhand.h,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- passhand.h 19 Apr 2005 22:07:43 -0000 1.7 +++ passhand.h 30 Mar 2006 22:59:25 -0000 1.8 @@ -50,7 +50,9 @@ #include "prerror.h" #define PASSHAND_EVENT_NAME "passhand_event" +#define PASSHOOK_MUTEX_NAME "passhook_mutex" +#define PASSHOOK_TIMEOUT 30000 #define PASSHAND_BUF_SIZE 256 using namespace std;

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] setuputil/installer/unix/lib ux-wrapper.cc, 1.2, 1.3

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/setuputil/installer/unix/lib In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv651/setuputil/installer/unix/lib Modified Files: ux-wrapper.cc Log Message: Add using namespace std; after the include <iostream> Remove #include <iostream.h> in files that also include nsdefs.h Fix a potential buffer non-termination Index: ux-wrapper.cc =================================================================== RCS file: /cvs/dirsec/setuputil/installer/unix/lib/ux-wrapper.cc,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- ux-wrapper.cc 23 Mar 2006 15:59:22 -0000 1.2 +++ ux-wrapper.cc 30 Mar 2006 00:38:29 -0000 1.3 @@ -29,6 +29,11 @@ ** HISTORY: ** ** $Log$ +** Revision 1.3 2006/03/30 00:38:29 rmeggins +** Add using namespace std; after the include <iostream> +** Remove #include <iostream.h> in files that also include nsdefs.h +** Fix a potential buffer non-termination +** ** Revision 1.2 2006/03/23 15:59:22 rmeggins ** Bug(s) fixed: 186280 ** Bug Description: Close potential security vulnerabilities in CGI code @@ -191,6 +196,7 @@ return; } snprintf(buf, sizeof(buf), "[%s] %s", who, level); + buf[sizeof(buf)-1] = 0; va_start (arg, msg); vsnprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), msg, arg);

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] setuputil/installer/unix installer.h, 1.1.1.1, 1.2 uninstaller.h, 1.1.1.1, 1.2

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/setuputil/installer/unix In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv651/setuputil/installer/unix Modified Files: installer.h uninstaller.h Log Message: Add using namespace std; after the include <iostream> Remove #include <iostream.h> in files that also include nsdefs.h Fix a potential buffer non-termination Index: installer.h =================================================================== RCS file: /cvs/dirsec/setuputil/installer/unix/installer.h,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- installer.h 29 Jul 2005 22:16:31 -0000 1.1.1.1 +++ installer.h 30 Mar 2006 00:38:29 -0000 1.2 @@ -27,6 +27,11 @@ ** HISTORY ** ** $Log$ +** Revision 1.2 2006/03/30 00:38:29 rmeggins +** Add using namespace std; after the include <iostream> +** Remove #include <iostream.h> in files that also include nsdefs.h +** Fix a potential buffer non-termination +** ** Revision 1.1.1.1 2005/07/29 22:16:31 foxworth ** Importing new setup sdk for open source project ** @@ -213,7 +218,6 @@ ** Includes ** **********************************************************************/ -#include <iostream.h> extern "C" { #include <stdio.h> Index: uninstaller.h =================================================================== RCS file: /cvs/dirsec/setuputil/installer/unix/uninstaller.h,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- uninstaller.h 29 Jul 2005 22:16:32 -0000 1.1.1.1 +++ uninstaller.h 30 Mar 2006 00:38:29 -0000 1.2 @@ -27,6 +27,11 @@ ** HISTORY ** ** $Log$ +** Revision 1.2 2006/03/30 00:38:29 rmeggins +** Add using namespace std; after the include <iostream> +** Remove #include <iostream.h> in files that also include nsdefs.h +** Fix a potential buffer non-termination +** ** Revision 1.1.1.1 2005/07/29 22:16:32 foxworth ** Importing new setup sdk for open source project ** @@ -106,8 +111,6 @@ ** Includes ** **********************************************************************/ -#include <iostream.h> - extern "C" { #include <stdio.h> #include <stdlib.h>

18 years, 1 month

1
0
0 / 0

[Fedora-directory-commits] setuputil/installer/include ldapu.h, 1.2, 1.3 nsdefs.h, 1.2, 1.3

by Doctor Conrad

Author: rmeggins Update of /cvs/dirsec/setuputil/installer/include In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv651/setuputil/installer/include Modified Files: ldapu.h nsdefs.h Log Message: Add using namespace std; after the include <iostream> Remove #include <iostream.h> in files that also include nsdefs.h Fix a potential buffer non-termination Index: ldapu.h =================================================================== RCS file: /cvs/dirsec/setuputil/installer/include/ldapu.h,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- ldapu.h 27 Mar 2006 21:18:34 -0000 1.2 +++ ldapu.h 30 Mar 2006 00:38:28 -0000 1.3 @@ -29,6 +29,11 @@ ** ** HISTORY ** $Log$ +** Revision 1.3 2006/03/30 00:38:28 rmeggins +** Add using namespace std; after the include <iostream> +** Remove #include <iostream.h> in files that also include nsdefs.h +** Fix a potential buffer non-termination +** ** Revision 1.2 2006/03/27 21:18:34 nhosoi ** [186642] Directory Server Makefile updates for Internal build ** Changed the createSIE so that caller (Admin Server and Directory Server) passes @@ -275,7 +280,6 @@ #else -#include <iostream.h> #include "nsdefs.h" class Ldap; Index: nsdefs.h =================================================================== RCS file: /cvs/dirsec/setuputil/installer/include/nsdefs.h,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- nsdefs.h 23 Mar 2006 20:45:37 -0000 1.2 +++ nsdefs.h 30 Mar 2006 00:38:28 -0000 1.3 @@ -30,6 +30,11 @@ ** HISTORY ** ** $Log$ +** Revision 1.3 2006/03/30 00:38:28 rmeggins +** Add using namespace std; after the include <iostream> +** Remove #include <iostream.h> in files that also include nsdefs.h +** Fix a potential buffer non-termination +** ** Revision 1.2 2006/03/23 20:45:37 rmeggins ** Use <iostream> instead of <iostream.h> on those platforms that support it. ** With this fix, we don't get the deprecation warnings when building setuputil. @@ -161,6 +166,7 @@ **********************************************************************/ #if !defined(HPUX) || defined(_HP_NAMESPACE_STD) #include <iostream> +using namespace std; #else #include <iostream.h> /* use old name on older systems */ #endif

18 years, 1 month

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-commits March 2006