diff options
7 files changed, 39 insertions, 95 deletions
diff --git a/src/main/java/org/openslx/imagemaster/ftp/FtpCredentialsScheduler.java b/src/main/java/org/openslx/imagemaster/ftp/FtpCredentialsScheduler.java index 74f9754..557cc72 100644 --- a/src/main/java/org/openslx/imagemaster/ftp/FtpCredentialsScheduler.java +++ b/src/main/java/org/openslx/imagemaster/ftp/FtpCredentialsScheduler.java @@ -2,6 +2,7 @@ package org.openslx.imagemaster.ftp; import java.io.File; import java.util.Date; +import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.Timer; @@ -11,7 +12,6 @@ import org.apache.log4j.Logger; import org.openslx.imagemaster.App; import org.openslx.imagemaster.Globals; import org.openslx.imagemaster.db.DbImage; -import org.openslx.imagemaster.util.Util; public class FtpCredentialsScheduler extends TimerTask { @@ -25,6 +25,8 @@ public class FtpCredentialsScheduler extends TimerTask { synchronized ( App.ftpServer.users ) { List<DbImage> uploadingImages = DbImage.getUploadingImages(); // get the uploading images + // List to save the users that need to be deleted after iterating the map + List<String> usersToDelete = new LinkedList<>(); // check all folders for ( Map.Entry<String, Long> entry : App.ftpServer.users.entrySet() ) { if ( entry == null ) @@ -44,25 +46,25 @@ public class FtpCredentialsScheduler extends TimerTask ImageProcessor.processImageAfterUpload( username, list[0].getName() ); } else if ( ( new Date().getTime() - list[0].lastModified() ) >= timeout ) { // check timeout log.info( username + "'s files are too old. Deleting him and his folder." ); - Util.deleteFolder( dir ); - App.ftpServer.removeUser( username ); - ImageProcessor.removeImageFromProcessList( username ); + usersToDelete.add( username ); } } else if ( list.length > 1 ) { log.info( "User '" + username + "' uploaded too many files. Deleting his account and his folder." ); - Util.deleteFolder( dir ); - App.ftpServer.removeUser( username ); - ImageProcessor.removeImageFromProcessList( username ); + usersToDelete.add( username ); } else { // check the creation time of the user if ( ( System.currentTimeMillis() - App.ftpServer.users.get( username ) ) >= timeout ) { log.info( username + " did nothing for too long. Deleting him and his folder" ); - Util.deleteFolder( dir ); - App.ftpServer.removeUser( username ); - ImageProcessor.removeImageFromProcessList( username ); + usersToDelete.add( username ); } } } + // now delete users + for (String u : usersToDelete) { + App.ftpServer.removeUser( u ); + ImageProcessor.removeImageFromProcessList( u ); + } + } } diff --git a/src/main/java/org/openslx/imagemaster/ftp/ImageProcessor.java b/src/main/java/org/openslx/imagemaster/ftp/ImageProcessor.java index 05b8101..782d1ff 100644 --- a/src/main/java/org/openslx/imagemaster/ftp/ImageProcessor.java +++ b/src/main/java/org/openslx/imagemaster/ftp/ImageProcessor.java @@ -33,6 +33,10 @@ public class ImageProcessor Iterator<DbImage> iter = uploadingImages.iterator(); while (iter.hasNext()) { DbImage dbImage = iter.next(); + log.debug( "Akutlle Systemzeit: " + System.currentTimeMillis() ); + log.debug( "Timestamp: " + dbImage.timestamp.getTime() ); + log.debug( "Differenz: " + (System.currentTimeMillis() - dbImage.timestamp.getTime()) ); + log.debug( "Timeout: " + timeout ); if (System.currentTimeMillis() - dbImage.timestamp.getTime() >= timeout) { DbImage.delete( dbImage.UUID ); log.info( "Deleted dbimage from db: " + dbImage.UUID + " due to timeout"); diff --git a/src/main/java/org/openslx/imagemaster/ftp/MasterFtpServer.java b/src/main/java/org/openslx/imagemaster/ftp/MasterFtpServer.java index 0f5267f..19d8acd 100644 --- a/src/main/java/org/openslx/imagemaster/ftp/MasterFtpServer.java +++ b/src/main/java/org/openslx/imagemaster/ftp/MasterFtpServer.java @@ -25,6 +25,7 @@ import org.openslx.imagemaster.Globals; import org.openslx.imagemaster.Globals.PropString; import org.openslx.imagemaster.thrift.iface.FtpCredentials; import org.openslx.imagemaster.util.RandomString; +import org.openslx.imagemaster.util.Util; public class MasterFtpServer implements Runnable { @@ -136,6 +137,9 @@ public class MasterFtpServer implements Runnable synchronized ( users ) { users.remove( username ); } + // remove his home dir + File dir = new File( Globals.getPropertyString( Globals.PropString.FTPBASEDIR ) + "/" + username ); + Util.deleteFolder( dir ); return true; } catch ( FtpException e ) { return false; diff --git a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java index 5660f2f..f82f77c 100644 --- a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java +++ b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java @@ -6,7 +6,9 @@ import java.util.HashMap; import org.apache.log4j.Logger; import org.apache.thrift.TException; import org.openslx.imagemaster.thrift.iface.AuthenticationException; -import org.openslx.imagemaster.util.AsymMessageSign; +import org.openslx.imagemaster.thrift.iface.ServerAuthenticationError; +import org.openslx.imagemaster.thrift.iface.ServerAuthenticationException; +import org.openslx.imagemaster.util.AsymMessageVerifier; import org.openslx.imagemaster.util.RandomString; public class ServerAuthenticator @@ -15,20 +17,6 @@ public class ServerAuthenticator private static Logger log = Logger.getLogger( ServerAuthenticator.class ); // map of currently authenticating servers private static HashMap<String, String> authenticatingServers = new HashMap<String, String>(); - private static AsymMessageSign messageSign = null; - - /** - * Initialize the message signer/verifier - */ - static { - try { - messageSign = new AsymMessageSign( "./config/servers.jks", "password" ); - log.info( "Loaded keystore" ); - } catch ( Exception e ) { - log.error( "Error loading the keystore", e ); - System.exit( 1 ); - } - } /** * Start the server authentification. @@ -52,7 +40,7 @@ public class ServerAuthenticator /** * Authenticate with the challengeResponse. * - * @param organization + * @param organization Is already verified. * @param address * @param challengeResponse * @return @@ -67,14 +55,25 @@ public class ServerAuthenticator boolean result = false; + AsymMessageVerifier verifier = null; + try { + verifier = new AsymMessageVerifier( organization ); + } catch ( Exception e ) { + throw new ServerAuthenticationException(ServerAuthenticationError.INVALID_ORGANIZATION, "Organization not found."); + } + try { - result = messageSign.verifyMessage( bytes, authenticatingServers.get( organization ).getBytes() , "uni-freiburg.de" ); + result = verifier.verifyMessage( bytes, authenticatingServers.get( organization ).getBytes() , "uni-freiburg.de" ); } catch ( Exception e ) { log.error( "Error while verifying message", e ); + throw new ServerAuthenticationException(ServerAuthenticationError.GENERIC_ERROR, "Could not verfiy key."); } if ( !result ) { - throw new AuthenticationException(); + /* + * TODO: new error for invalid key + */ + throw new ServerAuthenticationException(ServerAuthenticationError.GENERIC_ERROR, "Could not verfiy key."); } log.info( "Server of organinzation '" + organization + " authenticated." ); diff --git a/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java b/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java deleted file mode 100644 index c49f9db..0000000 --- a/src/main/java/org/openslx/imagemaster/util/AsymMessageSign.java +++ /dev/null @@ -1,65 +0,0 @@ -package org.openslx.imagemaster.util; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.security.InvalidKeyException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PublicKey; -import java.security.Signature; -import java.security.SignatureException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; - -public class AsymMessageSign -{ - - private KeyStore keystore; - - /** - * Load the keystore - * @param file Path to keystore - * @param password The keystore's password - * @throws NoSuchAlgorithmException - * @throws CertificateException - * @throws FileNotFoundException - * @throws IOException - * @throws KeyStoreException - * @throws UnrecoverableKeyException - */ - public AsymMessageSign(String file, String password) throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException - { - keystore = KeyStore.getInstance( "JKS" ); - keystore.load( new FileInputStream( new File( file ) ), password.toCharArray() ); - } - - /** - * Verify an encrypted message - * @param signedMessage The signed message from hs/uni server - * @param realMessage The message that was sent before - * @param alias the alias of the certificate - * @param password the password of the certificate - * @return Whether the message could be verfied or not - * @throws NoSuchAlgorithmException - * @throws InvalidKeyException - * @throws SignatureException - * @throws UnrecoverableKeyException - * @throws KeyStoreException - */ - public boolean verifyMessage( byte[] signedMessage, byte[] realMessage, String alias ) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnrecoverableKeyException, KeyStoreException - { - // first load key - //Key key = keystore.getKey( alias, password.toCharArray() ); - PublicKey key = keystore.getCertificate( alias ).getPublicKey(); - - // verify message - Signature signature = Signature.getInstance( "SHA256WITHRSA" ); - signature.initVerify( key ); - signature.update( realMessage ); - return signature.verify( signedMessage ); - } - -} diff --git a/src/test/java/org/openslx/imagemaster/AppTest.java b/src/test/java/org/openslx/imagemaster/AppTest.java index cbb6ad2..00be484 100644 --- a/src/test/java/org/openslx/imagemaster/AppTest.java +++ b/src/test/java/org/openslx/imagemaster/AppTest.java @@ -13,7 +13,7 @@ import junit.framework.Test; import junit.framework.TestCase; import junit.framework.TestSuite; -import org.openslx.imagemaster.util.AsymMessageSign; +import org.openslx.imagemaster.util.AsymMessageVerifier; import org.openslx.imagemaster.util.Sha512Crypt; /** diff --git a/src/test/java/org/openslx/imagemaster/ServerTest.java b/src/test/java/org/openslx/imagemaster/ServerTest.java index d2a7d14..e7f145e 100644 --- a/src/test/java/org/openslx/imagemaster/ServerTest.java +++ b/src/test/java/org/openslx/imagemaster/ServerTest.java @@ -40,7 +40,7 @@ import org.openslx.imagemaster.thrift.iface.ImageServer.Client; import org.openslx.imagemaster.thrift.iface.ServerSessionData; import org.openslx.imagemaster.thrift.iface.SessionData; import org.openslx.imagemaster.thrift.iface.UserInfo; -import org.openslx.imagemaster.util.AsymMessageSign; +import org.openslx.imagemaster.util.AsymMessageVerifier; public class ServerTest extends TestCase |