corrected host key handling in acl tabs

git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@744 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33

diff --git a/src/crypto/keygen.cpp b/src/crypto/keygen.cpp
index 695ae70..408974b 100644 (file)
--- a/src/crypto/keygen.cpp
+++ b/src/crypto/keygen.cpp
@@ -110,10 +110,10 @@ void MKeyGen::updateProps()
        }
 }
 
-QString MKeyGen::getKey()
+QString MKeyGen::getKey(int len)
 {
        if(efilter->entropy()<RANDNEED)return "";
-       return efilter->getRandom(40).toHex();
+       return efilter->getRandom(len).toHex();
 }
 
 

diff --git a/src/crypto/keygen.h b/src/crypto/keygen.h
index fd01495..b822974 100644 (file)
--- a/src/crypto/keygen.h
+++ b/src/crypto/keygen.h
@@ -26,7 +26,7 @@ class MKeyGen:public QDialog
                MKeyGen(QWidget*parent=0);
                ~MKeyGen();
                
-               QString getKey();
+               QString getKey(int len=40);
                
        private:
                QLabel*randlab;

diff --git a/src/mwin/acltabs.cpp b/src/mwin/acltabs.cpp
index f8205cb..d2124f5 100644 (file)
--- a/src/mwin/acltabs.cpp
+++ b/src/mwin/acltabs.cpp
@@ -18,6 +18,8 @@
 #include "acltabs.h"
 
 #include <QBoxLayout>
+#include <QCryptographicHash>
+#include <QDebug>
 #include <QFile>
 #include <QFileDialog>
 #include <QInputDialog>
@@ -416,6 +418,26 @@ void MHostTab::changeHostKey()
                                return;
                key=mkg.getKey();
        }
+       //save as mshk file
+       QStringList fn;
+       QFileDialog fdlg(this,tr("Export Key to File"),QString(),"Magic Smoke Host Key (*.mshk)");
+       fdlg.setDefaultSuffix("mshk");
+       fdlg.setAcceptMode(QFileDialog::AcceptSave);
+       fdlg.setFileMode(QFileDialog::AnyFile);
+       if(!fdlg.exec())return;
+       fn=fdlg.selectedFiles();
+       if(fn.size()!=1)return;
+       QFile fd(fn[0]);
+       if(!fd.open(QIODevice::WriteOnly|QIODevice::Truncate)){
+               QMessageBox::warning(this,tr("Warning"),tr("Unable to open file %1 for writing: %2").arg(fn[0]).arg(fd.errorString()));
+               return;
+       }
+       QString chk=QCryptographicHash::hash(key.toAscii(),QCryptographicHash::Md5).toHex();
+       QString out="MagicSmokeHostKey\n"+name+"\n"+key+"\n"+chk;
+       fd.write(out.toAscii());
+       fd.close();
+       //convert key to hash
+       key=key2hash(key);
        //set it
        MTSetHost sh=MTSetHost::query(name,key);
        if(sh.hasError()){
@@ -429,7 +451,7 @@ void MHostTab::changeHostKey()
 void MHostTab::importHost()
 {
        QStringList fn;
-       QFileDialog fdlg(this,tr("Import Key from File"),QString(),"Magic Smoke Host Key (*.mshk)");
+       QFileDialog fdlg(this,tr("Import Key from File"),QString(),"Magic Smoke Host Key (*.mshk);;Magic Smoke Host Hash (*.mshh);;All Files (*)");
        fdlg.setDefaultSuffix("mshk");
        fdlg.setAcceptMode(QFileDialog::AcceptOpen);
        fdlg.setFileMode(QFileDialog::ExistingFile);
@@ -449,8 +471,9 @@ void MHostTab::importHost()
                QMessageBox::warning(this,tr("Warning"),tr("This is not a host key file."));
                return;
        }
-       if(fc[0].trimmed()!="MagicSmokeHostKey"){
-               QMessageBox::warning(this,tr("Warning"),tr("This is not a host key file."));
+       bool ishash = fc[0].trimmed()=="MagicSmokeHostHash";
+       if(!ishash && fc[0].trimmed()!="MagicSmokeHostKey"){
+               QMessageBox::warning(this,tr("Warning"),tr("This is not a host key/hash file."));
                return;
        }
        QString hname=fc[1].trimmed();
@@ -459,15 +482,24 @@ void MHostTab::importHost()
                return;
        }
        QString key=fc[2].trimmed();
-       if(!QRegExp("[0-9a-fA-F]+").exactMatch(key) || key.size()<40){
-               QMessageBox::warning(this,tr("Warning"),tr("This host key file does not contain a valid key."));
-               return;
-       }
        QString chk=QCryptographicHash::hash(key.toAscii(),QCryptographicHash::Md5).toHex();
        if(chk!=fc[3].trimmed()){
                QMessageBox::warning(this,tr("Warning"),tr("The key check sum did not match. Please get a clean copy of the host key file."));
                return;
        }
+       //convert to hash
+       if(ishash){
+               if(!QRegExp("[0-9a-fA-F]+ [0-9a-fA-F]{32,40}").exactMatch(key)){
+                       QMessageBox::warning(this,tr("Warning"),tr("This host hash file does not contain a valid key hash."));
+                       return;
+               }
+       }else{
+               if(!QRegExp("[0-9a-fA-F]+").exactMatch(key) || key.size()<40){
+                       QMessageBox::warning(this,tr("Warning"),tr("This host key file does not contain a valid key."));
+                       return;
+               }
+               key=key2hash(key);
+       }
        //save
        MTSetHost sh=MTSetHost::query(hname,key);
        if(sh.hasError()){
@@ -477,6 +509,19 @@ void MHostTab::importHost()
        updateHosts();
 }
 
+QString MHostTab::key2hash(QString key)
+{
+       QString salt;
+       MKeyGen mkg;
+       salt=mkg.getKey(8);
+       if(salt=="")
+               if(mkg.exec()!=QDialog::Accepted)
+                       return key;
+       salt=mkg.getKey(8);
+       return salt+" "+ QCryptographicHash::hash((salt+key).toAscii(),QCryptographicHash::Sha1).toHex();
+}
+
+
 void MHostTab::exportHost()
 {
        //get selection
@@ -491,8 +536,8 @@ void MHostTab::exportHost()
        }
        //save
        QStringList fn;
-       QFileDialog fdlg(this,tr("Export Key to File"),QString(),"Magic Smoke Host Key (*.mshk)");
-       fdlg.setDefaultSuffix("mshk");
+       QFileDialog fdlg(this,tr("Export Key to File"),QString(),"Magic Smoke Host Hash (*.mshh)");
+       fdlg.setDefaultSuffix("mshh");
        fdlg.setAcceptMode(QFileDialog::AcceptSave);
        fdlg.setFileMode(QFileDialog::AnyFile);
        if(!fdlg.exec())return;
@@ -504,7 +549,7 @@ void MHostTab::exportHost()
                return;
        }
        QString chk=QCryptographicHash::hash(key.toAscii(),QCryptographicHash::Md5).toHex();
-       QString out="MagicSmokeHostKey\n"+name+"\n"+key+"\n"+chk;
+       QString out="MagicSmokeHostHash\n"+name+"\n"+key+"\n"+chk;
        fd.write(out.toAscii());
        fd.close();
 }

diff --git a/src/mwin/acltabs.h b/src/mwin/acltabs.h
index 9cf115d..5af0657 100644 (file)
--- a/src/mwin/acltabs.h
+++ b/src/mwin/acltabs.h
@@ -92,6 +92,8 @@ class MHostTab:public QWidget
                //widgets
                QTableView*hosttable;
                QStandardItemModel*hostmodel;
+               
+               QString key2hash(QString);
 };
 
 /**role admin tab*/

diff --git a/www/admin.php b/www/admin.php
index e819d16..7b04564 100644 (file)
--- a/www/admin.php
+++ b/www/admin.php
@@ -183,10 +183,15 @@ if(isset($_POST["updatehost"])){
 //     print_r($host);
        if(count($host)<3)
                die("Trying to work on non-host file (<3 lines). Abort.");
-       if(trim($host[0])!="MagicSmokeHostKey")
+       $ishash=trim($host[0])=="MagicSmokeHostHash";
+       if(!$ishash && trim($host[0])!="MagicSmokeHostKey")
                die("Trying to work on non-host file (header mismatch). Abort.");
-       $salt=getSalt();
-       $key=$salt." ".sha1($salt.trim($host[2]));
+       if($ishash)
+               $key=trim($host[2]);
+       else{
+               $salt=getSalt();
+               $key=$salt." ".sha1($salt.trim($host[2]));
+       }
        $hname=$db->escapeString(trim($host[1]));
 //     print_r($key);
        $data=array("hostname" => trim($host[1]), "hostkey" => $key);