External/grumble
1
0
Fork 1
mirror of https://github.com/mumble-voip/grumble.git synced 2025-12-20 06:10:00 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Handle SuperUser login.

Browse source
This commit is contained in:
Mikkel Krautz 2011-04-08 18:26:15 +02:00
parent 47bb4d0025
commit 9036cd64af
3 changed files with 69 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

17
client.go
View file

@ -1,4 +1,4 @@
// Copyright (c) 2010 The Grumble Authors // Copyright (c) 2010-2011 The Grumble Authors
// The use of this source code is goverened by a BSD-style // The use of this source code is goverened by a BSD-style
// license that can be found in the LICENSE-file. // license that can be found in the LICENSE-file.
@ -95,6 +95,21 @@ func (client *Client) ForceDisconnect() {
client.disconnect(true) client.disconnect(true)
} }
// Reject an authentication attempt
func (client *Client) RejectAuth(kind, reason string) {
var reasonString *string = nil
if len(reason) > 0 {
reasonString = proto.String(reason)
}
client.sendProtoMessage(MessageReject, &mumbleproto.Reject{
Type: mumbleproto.NewReject_RejectType(mumbleproto.Reject_RejectType_value[kind]),
Reason: reasonString,
})
client.ForceDisconnect()
}
// Read a protobuf message from a client // Read a protobuf message from a client
func (client *Client) readProtoMessage() (msg *Message, err os.Error) { func (client *Client) readProtoMessage() (msg *Message, err os.Error) {
var length uint32 var length uint32

2
murmurdb.go
View file

@ -306,7 +306,7 @@ func populateUsers(server *Server, db *sqlite.Conn) (err os.Error) {
} }
if UserId == 0 { if UserId == 0 {
server.superUserPassword = "sha1" + SHA1Password server.superUserPassword = "sha1$$" + SHA1Password
continue continue
} }

52
server.go
View file

@ -1,4 +1,4 @@
// Copyright (c) 2010 The Grumble Authors // Copyright (c) 2010-2011 The Grumble Authors
// The use of this source code is goverened by a BSD-style // The use of this source code is goverened by a BSD-style
// license that can be found in the LICENSE-file. // license that can be found in the LICENSE-file.
@ -18,6 +18,8 @@ import (
"goprotobuf.googlecode.com/hg/proto" "goprotobuf.googlecode.com/hg/proto"
"mumbleproto" "mumbleproto"
"cryptstate" "cryptstate"
"hash"
"strings"
) )
// The default port a Murmur server listens on // The default port a Murmur server listens on
@ -117,6 +119,42 @@ func NewServer(id int64, addr string, port int) (s *Server, err os.Error) {
return return
} }
// Check whether password matches the set SuperUser password.
func (server *Server) CheckSuperUserPassword(password string) bool {
parts := strings.Split(server.superUserPassword, "$", -1)
if len(parts) != 3 {
return false
}
if len(parts[2]) == 0 {
return false
}
var h hash.Hash
switch parts[0] {
case "sha1":
h = sha1.New()
default:
// no such hash
return false
}
// salt
if len(parts[1]) > 0 {
h.Write([]byte(parts[1]))
}
// password
h.Write([]byte(password))
sum := hex.EncodeToString(h.Sum())
if parts[2] == sum {
return true
}
return false
}
// Called by the server to initiate a new client connection. // Called by the server to initiate a new client connection.
func (server *Server) NewClient(conn net.Conn) (err os.Error) { func (server *Server) NewClient(conn net.Conn) (err os.Error) {
client := new(Client) client := new(Client)
@ -345,8 +383,20 @@ func (server *Server) handleAuthenticate(client *Client, msg *Message) {
server.hclients[host] = append(server.hclients[host], client) server.hclients[host] = append(server.hclients[host], client)
server.hmutex.Unlock() server.hmutex.Unlock()
// SuperUser login check
if client.Username == "SuperUser" { if client.Username == "SuperUser" {
// No password specified
if auth.Password == nil {
client.RejectAuth("WrongUserPW", "")
return
} else {
if server.CheckSuperUserPassword(*auth.Password) {
client.UserId = 0 client.UserId = 0
} else {
client.RejectAuth("WrongUserPW", "")
return
}
}
} }
userstate := &mumbleproto.UserState{ userstate := &mumbleproto.UserState{