403Webshell
Server IP : 172.67.216.182  /  Your IP : 172.70.208.20
Web Server : Apache
System : Linux krdc-ubuntu-s-2vcpu-4gb-amd-blr1-01.localdomain 5.15.0-142-generic #152-Ubuntu SMP Mon May 19 10:54:31 UTC 2025 x86_64
User : www ( 1000)
PHP Version : 7.4.33
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /www/server/mysql/src/plugin/innodb_memcached/daemon_memcached/daemon/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /www/server/mysql/src/plugin/innodb_memcached/daemon_memcached/daemon/isasl.c
#include "config.h"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <assert.h>
#include <ctype.h>
#include <stdint.h>
#include <pthread.h>
#include <stdbool.h>
#include <sys/stat.h>
#include <errno.h>

#include "hash.h"
#include "isasl.h"
#include "memcached.h"

static struct stat prev_stat = { 0 };

static pthread_mutex_t uhash_lock = PTHREAD_MUTEX_INITIALIZER;
static pthread_mutex_t sasl_db_thread_lock = PTHREAD_MUTEX_INITIALIZER;
static bool run_sasl_db_thread;
static pthread_t sasl_db_thread_tid;

static user_db_entry_t **user_ht;
static const int n_uht_buckets = 12289;

static void kill_whitey(char *s) {
    for(int i = strlen(s) - 1; i > 0 && isspace(s[i]); i--) {
        s[i] = '\0';
    }
}

static int u_hash_key(const char *u)
{
    uint32_t h = hash(u, strlen(u), 0) % n_uht_buckets;
    assert(h < n_uht_buckets);
    return h;
}

static char *find_pw(const char *u, char **cfg)
{
    assert(u);
    assert(user_ht);

    int h = u_hash_key(u);

    user_db_entry_t *e = user_ht[h];
    while (e && strcmp(e->username, u) != 0) {
        e = e->next;
    }

    if (e != NULL) {
        *cfg = e->config;
        return e->password;
    } else {
        return NULL;
    }
}

static void store_pw(user_db_entry_t **ht, const char *u, const char *p, const char *cfg)
{
    assert(ht);
    assert(u);
    assert(p);
    user_db_entry_t *e = calloc(1, sizeof(user_db_entry_t));
    assert(e);
    e->username = strdup(u);
    assert(e->username);
    e->password = strdup(p);
    assert(e->password);
    e->config = cfg ? strdup(cfg) : NULL;
    assert(!cfg || e->config);

    int h = u_hash_key(u);

    e->next = ht[h];
    ht[h] = e;
}

static void free_user_ht(void)
{
    if (user_ht) {
        for (int i = 0; i < n_uht_buckets; i++) {
            while (user_ht[i]) {
                user_db_entry_t *e = user_ht[i];
                user_db_entry_t *n = e->next;
                free(e->username);
                free(e->password);
                free(e->config);
                free(e);
                user_ht[i] = n;
            }
        }
        free(user_ht);
        user_ht = NULL;
    }
}

static const char *get_isasl_filename(void)
{
    return getenv("ISASL_PWFILE");
}

static int load_user_db(void)
{
    user_db_entry_t **new_ut = calloc(n_uht_buckets,
                                      sizeof(user_db_entry_t*));

    if (!new_ut) {
        return SASL_NOMEM;
    }

    pthread_mutex_lock(&uhash_lock);
    free_user_ht();
    user_ht = new_ut;
    pthread_mutex_unlock(&uhash_lock);

    const char *filename = get_isasl_filename();
    if (!filename) {
        return SASL_OK;
    }
    FILE *sfile = fopen(filename, "r");
    if (!sfile) {
        return SASL_OK;
    }

    // File has lines that are newline terminated.
    // File may have comment lines that must being with '#'.
    // Lines should look like...
    //   <NAME><whitespace><PASSWORD><whitespace><CONFIG><optional_whitespace>
    //
    char up[128];
    while (fgets(up, sizeof(up), sfile)) {
        if (up[0] != '#') {
            char *uname = up, *p = up, *cfg = NULL;
            kill_whitey(up);
            while (*p && !isspace(p[0])) {
                p++;
            }
            // If p is pointing at a NUL, there's nothing after the username.
            if (p[0] != '\0') {
                p[0] = '\0';
                p++;
            }
            // p now points to the first character after the (now)
            // null-terminated username.
            while (*p && isspace(*p)) {
                p++;
            }
            // p now points to the first non-whitespace character
            // after the above
            cfg = p;
            if (cfg[0] != '\0') {
                // move cfg past the password
                while (*cfg && !isspace(cfg[0])) {
                    cfg++;
                }
                if (cfg[0] != '\0') {
                    cfg[0] = '\0';
                    cfg++;
                    // Skip whitespace
                    while (*cfg && isspace(cfg[0])) {
                        cfg++;
                    }
                }
            }
            store_pw(new_ut, uname, p, cfg);
       }
    }

    fclose(sfile);

    if (settings.verbose) {
        settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
                                        "Loaded isasl db from %s\n",
                                        filename);
    }

    return SASL_OK;
}

void sasl_dispose(sasl_conn_t **pconn)
{
    free((*pconn)->username);
    free((*pconn)->config);
    free(*pconn);
    *pconn = NULL;
}

static bool isasl_is_fresh(void)
{
    bool rv = false;
    struct stat st;
    const char *filename = get_isasl_filename();

    if (filename) {
        if (stat(get_isasl_filename(), &st) < 0) {
            perror(get_isasl_filename());
        } else {
            rv = prev_stat.st_mtime == st.st_mtime;
            prev_stat = st;
        }
    }
    return rv;
}

static void* check_isasl_db_thread(void* arg)
{
    uint32_t sleep_time = *(int*)arg;
    if (settings.verbose > 1) {
        settings.extensions.logger->log(EXTENSION_LOG_INFO, NULL,
                                        "isasl checking DB every %ds",
                                        sleep_time);
    }

    run_sasl_db_thread = true;
    bool run = true;
    while (run) {
        sleep(sleep_time);

        if (!isasl_is_fresh()) {
            load_user_db();
        }

        pthread_mutex_lock(&sasl_db_thread_lock);
        if (!run_sasl_db_thread) {
           run = false;
        }
        pthread_mutex_unlock(&sasl_db_thread_lock);
    }

    return NULL;
}

void shutdown_sasl(void)
{
   pthread_mutex_lock(&sasl_db_thread_lock);
   run_sasl_db_thread = false;
   pthread_mutex_unlock(&sasl_db_thread_lock);
   pthread_join(sasl_db_thread_tid, NULL);
}

int sasl_server_init(const sasl_callback_t *callbacks,
                     const char *appname)
{
    int rv = load_user_db();
    if (rv == SASL_OK) {
        static uint32_t sleep_time;
        const char *sleep_time_str = getenv("ISASL_DB_CHECK_TIME");
        pthread_attr_t attr;

        if (pthread_attr_init(&attr) != 0 ||
            pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED) != 0)
        {
            settings.extensions.logger->log(EXTENSION_LOG_WARNING, NULL,
                                            "Failed to initialize pthread attributes: %s",
                                            strerror(errno));
           exit(EX_OSERR);
        }

        if (! (sleep_time_str && safe_strtoul(sleep_time_str, &sleep_time))) {
            // If we can't find a more frequent sleep time, set it to 60s.
            sleep_time = 60;
        }
        if (get_isasl_filename() != NULL &&
            pthread_create(&sasl_db_thread_tid, &attr, check_isasl_db_thread,
                           &sleep_time) != 0)
        {
            settings.extensions.logger->log(EXTENSION_LOG_WARNING, NULL,
                                            "couldn't create isasl db update thread.");
            exit(EX_OSERR);
        }
    }
    return rv;
}

int sasl_server_new(const char *service,
                    const char *serverFQDN,
                    const char *user_realm,
                    const char *iplocalport,
                    const char *ipremoteport,
                    const sasl_callback_t *callbacks,
                    unsigned flags,
                    sasl_conn_t **pconn)
{
    *pconn = calloc(1, sizeof(sasl_conn_t));
    return *pconn ? SASL_OK : SASL_NOMEM;
}

int sasl_listmech(sasl_conn_t *conn,
                  const char *user,
                  const char *prefix,
                  const char *sep,
                  const char *suffix,
                  const char **result,
                  unsigned *plen,
                  int *pcount)
{
    // We use this in a very specific way in the codebase.  If that ever
    // changes, detect it quickly.
    assert(strcmp(prefix, "") == 0);
    assert(strcmp(sep, " ") == 0);
    assert(strcmp(suffix, "") == 0);

    *result = "PLAIN";
    *plen = strlen(*result);
    return SASL_OK;
}

static bool check_up(const char *username, const char *password, char **cfg)
{
    pthread_mutex_lock(&uhash_lock);
    char *pw = find_pw(username, cfg);
    bool rv = pw && (strcmp(password, pw) == 0);
    pthread_mutex_unlock(&uhash_lock);
    return rv;
}

int sasl_server_start(sasl_conn_t *conn,
                      const char *mech,
                      const char *clientin,
                      unsigned clientinlen,
                      const char **serverout,
                      unsigned *serveroutlen)
{
    int rv = SASL_FAIL;
    *serverout = "";
    *serveroutlen = 0;

    if(strcmp(mech, "PLAIN") == 0) {
        // The clientin string looks like "[authzid]\0username\0password"
        while (clientinlen > 0 && clientin[0] != '\0') {
            // Skip authzid
            clientin++;
            clientinlen--;
        }
        if (clientinlen > 2 && clientinlen < 128 && clientin[0] == '\0') {
            const char *username = clientin + 1;
            char password[256];
            int pwlen = clientinlen - 2 - strlen(username);
            assert(pwlen >= 0);
            if (pwlen < 256) {
                char *cfg = NULL;
                password[pwlen] = '\0';
                memcpy(password, clientin + 2 + strlen(username), pwlen);

                if (check_up(username, password, &cfg)) {
                    if (conn->username) {
                        free(conn->username);
                        conn->username = NULL;
                    }
                    if (conn->config) {
                        free(conn->config);
                        conn->config = NULL;
                    }
                    conn->username = strdup(username);
                    assert(conn->username);
                    conn->config = strdup(cfg);
                    assert(conn->config);
                    rv = SASL_OK;
                }
            }
        }
    }

    return rv;
}

int sasl_server_step(sasl_conn_t *conn,
                     const char *clientin,
                     unsigned clientinlen,
                     const char **serverout,
                     unsigned *serveroutlen)
{
    // This is only useful when the above returns SASL_CONTINUE.  In this
    // implementation, only PLAIN is supported, so it never will.
    return SASL_FAIL;
}

int sasl_getprop(sasl_conn_t *conn, int propnum,
                 const void **pvalue)
{
    switch (propnum) {
        case SASL_USERNAME:
            *pvalue = conn->username;
            break;
        case ISASL_CONFIG:
            *pvalue = conn->config;
            break;
        default:
            return SASL_BADPARAM;
    }

    return SASL_OK;
}

Youez - 2016 - github.com/yon3zu
LinuXploit