From 3bd1db776ad9ef596e51986a278d6ae3858f3dc0 Mon Sep 17 00:00:00 2001 From: orbiter Date: Thu, 15 May 2008 11:26:43 +0000 Subject: [PATCH] implemented switch for admin authorization from localhost: - access is granted for localhost users to administration pages by default - the default setting can be changed in the BasicConfig.html page - if the BasicConfig page was accessed with post and no password was submitted, a random password is generated - a headless installation MUST give a password upon first call of the configuration page, otherwise they will not be able to access it again - if no password is given within 10 minutes after start-up, a random password is generated git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@4804 6c8d7289-2bf4-0310-a012-ef5d649a1542 --- defaults/yacy.init | 15 ++++++-- htroot/ConfigBasic.html | 27 ++++++++++---- htroot/ConfigBasic.java | 36 +++++++++++-------- htroot/ConfigNetwork_p.html | 5 +-- htroot/ConfigNetwork_p.java | 2 +- htroot/env/templates/header.template | 2 +- source/de/anomic/http/httpd.java | 4 +-- source/de/anomic/http/httpdFileHandler.java | 30 ++++++++-------- .../de/anomic/plasma/plasmaSwitchboard.java | 21 ++++++++--- 9 files changed, 93 insertions(+), 49 deletions(-) diff --git a/defaults/yacy.init b/defaults/yacy.init index dbbc5a75c..ce9705462 100644 --- a/defaults/yacy.init +++ b/defaults/yacy.init @@ -353,11 +353,22 @@ serverAccountBase64MD5= # settings through the web interface # should be set to a secret. By default it is without a password # but you are encouraged to set it to another value on the page -# http://localhost:8080/ +# http://localhost:8080/ConfigBasic.html #adminAccount=admin:mysecretpassword adminAccount= adminAccountBase64MD5= +# special access handling for users from localhost: +# access from localhost may be granted with administration authority +# if this flag is set. It is set to true by default to make usage of YaCy easy +# if you use YaCy on a headless server, you should set this to false +# or configure this on http://localhost:8080/ConfigBasic.html +# during the first 10 minutes of operation of YaCy; +# if the admin account password is still empty after 10 minutes a random +# password is generated an access is then ONLY from localhost, which will cause +# inaccessibility for installations on headless servers. +adminAccountForLocalhost=true + # if you are running a principal peer, you must update the following variables # The upload method that should be used to upload the seed-list file to # a public accessible webserver where it can be loaded by other peers. @@ -424,7 +435,7 @@ yacyDebugMode=false #staticIP if you have a static IP, you can use this setting staticIP= -# each time the proxy starts up, it can trigger the local browser to show the +# each time YaCy starts up, it can trigger the local browser to show the # status page. This is active by default, to make it easier for first-time # users to understand what this application does. You can disable browser # pop-up here or set a different start page, like the search page diff --git a/htroot/ConfigBasic.html b/htroot/ConfigBasic.html index 89b29b967..18229aa6f 100644 --- a/htroot/ConfigBasic.html +++ b/htroot/ConfigBasic.html @@ -25,15 +25,28 @@
  1. - ok Select a language for the interface:
    + ok Select a language for the interface:
     
  2. - #(statusPassword)#warning Please set a password for your peer to protect your settings (> 3 characters); if this is successful you will be asked to log in with these values immediately.::ok Password is set#(/statusPassword)#
    -
    + #(statusPassword)#warning Access to localhost granted without password::ok Password is set#(/statusPassword)#
    +
    + + + + + Access to your peer from your own computer (localhost access) is granted. No need to configure an administration account. +
    + +
    + + + + + You need this only if you want a remote access to your peer.
    @@ -42,10 +55,12 @@
    -
    +
    + +
  3. - #(statusName)#warning Your peer name has not been customized; please set your own peer name::ok You have a nice peer name#(/statusName)#
    + #(statusName)#warning Your peer name has not been customized; please set your own peer name::ok You have a nice peer name#(/statusName)#
    @@ -56,7 +71,7 @@
  4. - #(statusPort)#warning Your peer cannot be reached from outside (which is not fatal, but would be good for the YaCy network); please open your firewall for this port and/or set a virtual server option in your router to allow connections on this port.::ok Your peer can be reached by other peers#(/statusPort)#
    + #(statusPort)#warning Your peer cannot be reached from outside (which is not fatal, but would be good for the YaCy network); please open your firewall for this port and/or set a virtual server option in your router to allow connections on this port.::ok Your peer can be reached by other peers#(/statusPort)#
    diff --git a/htroot/ConfigBasic.java b/htroot/ConfigBasic.java index c9d8dc436..f8af938f1 100644 --- a/htroot/ConfigBasic.java +++ b/htroot/ConfigBasic.java @@ -65,12 +65,12 @@ import de.anomic.server.serverSwitch; import de.anomic.yacy.yacySeed; public class ConfigBasic { - private static final int NEXTSTEP_FINISHED = 0; - private static final int NEXTSTEP_PWD = 1; - private static final int NEXTSTEP_PEERNAME = 2; - private static final int NEXTSTEP_PEERPORT = 3; - private static final int NEXTSTEP_RECONNECT = 4; + private static final int NEXTSTEP_FINISHED = 0; + //private static final int NEXTSTEP_PWD = 1; + private static final int NEXTSTEP_PEERNAME = 2; + private static final int NEXTSTEP_PEERPORT = 3; + private static final int NEXTSTEP_RECONNECT = 4; public static serverObjects respond(httpHeader header, serverObjects post, serverSwitch env) { @@ -101,6 +101,7 @@ public class ConfigBasic { } // password settings + boolean localhostAccess = (post == null) ? sb.getConfigBool("adminAccountForLocalhost", false) : post.get("access", "").equals("localhost"); String user = (post == null) ? "" : (String) post.get("adminuser", ""); String pw1 = (post == null) ? "" : (String) post.get("adminpw1", ""); String pw2 = (post == null) ? "" : (String) post.get("adminpw2", ""); @@ -110,18 +111,26 @@ public class ConfigBasic { // port settings String port = env.getConfig("port", "8080"); //this allows a low port, but it will only get one, if the user edits the config himself. - if(post!=null && Integer.parseInt((String)post.get("port"))>1023){ + if (post != null && Integer.parseInt((String) post.get("port")) > 1023) { port = post.get("port", "8080"); } // admin password - if ((user.length() > 0) && (pw1.length() > 3) && (pw1.equals(pw2))) { + sb.setConfig("adminAccountForLocalhost", localhostAccess); + prop.put("localhost.checked", (localhostAccess) ? 1 : 0); + prop.put("account.checked", (localhostAccess) ? 0 : 1); + // if an localhost access is configured, check if a local password is given + // if not, set a random password + if (post != null && localhostAccess && env.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, "").length() == 0) { + // make a 'random' password + env.setConfig(httpd.ADMIN_ACCOUNT_B64MD5, "0000" + serverCodings.encodeMD5Hex(System.getProperties().toString() + System.currentTimeMillis())); + env.setConfig("adminAccount", ""); + } + // may be overwritten if new password is given + if ((user.length() > 0) && (pw1.length() > 3) && (pw1.equals(pw2))) { // check passed. set account: env.setConfig(httpd.ADMIN_ACCOUNT_B64MD5, serverCodings.encodeMD5Hex(kelondroBase64Order.standardCoder.encodeString(user + ":" + pw1))); env.setConfig("adminAccount", ""); - // authenticate immediately - //prop.put("AUTHENTICATE", "admin log-in"); - //return prop; } // check if peer name already exists @@ -166,22 +175,19 @@ public class ConfigBasic { } // check if values are proper - boolean properPW = (env.getConfig("adminAccount", "").length() == 0) && (env.getConfig(httpd.ADMIN_ACCOUNT_B64MD5, "").length() > 0); boolean properName = (env.getConfig("peerName","").length() >= 3) && (!(yacySeed.isDefaultPeerName(env.getConfig("peerName","")))); boolean properPort = (sb.webIndex.seedDB.mySeed().isSenior()) || (sb.webIndex.seedDB.mySeed().isPrincipal()); - if ((properPW) && (env.getConfig("defaultFiles", "").startsWith("ConfigBasic.html,"))) { + if ((env.getConfig("defaultFiles", "").startsWith("ConfigBasic.html,"))) { env.setConfig("defaultFiles", env.getConfig("defaultFiles", "").substring(17)); httpdFileHandler.initDefaultPath(); } prop.put("statusName", properName ? "1" : "0"); - prop.put("statusPassword", properPW ? "1" : "0"); + prop.put("statusPassword", localhostAccess ? "0" : "1"); prop.put("statusPort", properPort ? "1" : "0"); if (reconnect) { prop.put("nextStep", NEXTSTEP_RECONNECT); - } else if (!properPW) { - prop.put("nextStep", NEXTSTEP_PWD); } else if (!properName) { prop.put("nextStep", NEXTSTEP_PEERNAME); } else if (!properPort) { diff --git a/htroot/ConfigNetwork_p.html b/htroot/ConfigNetwork_p.html index a40de8785..9f2ec9624 100644 --- a/htroot/ConfigNetwork_p.html +++ b/htroot/ConfigNetwork_p.html @@ -29,6 +29,7 @@ if(document.ConfigForm.network[0].checked) { document.ConfigForm.indexDistribute.checked = true; document.ConfigForm.indexReceive.checked = true; + document.ConfigForm.crawlResponse.checked = true; } } //--> @@ -45,11 +46,11 @@ #(/commit)# #(commitCrawlPlea)#::
    P2P operation can run without remote indexing, but runs better with remote indexing switched on. Please switch 'Accept Remote Crawl Requests' on.
    #(/commitCrawlPlea)# #(commitDHTIsRobinson)#::
    For P2P operation, at least DHT distribution or DHT receive (or both) must be set. You have thus defined a Robinson configuration.
    #(/commitDHTIsRobinson)# - #(commitDHTNoGlobalSearch)#::
    Global Search in P2P configuration is only allowed, if both, index receive and distribution is switched on. You have a P2P configuration, but are not allowed to search other peers.
    #(/commitDHTNoGlobalSearch)# + #(commitDHTNoGlobalSearch)#::
    Global Search in P2P configuration is only allowed, if index receive is switched on. You have a P2P configuration, but are not allowed to search other peers.
    #(/commitDHTNoGlobalSearch)# #(commitRobinson)#::
    For Robinson Mode, index distribution and receive is switched off.
    #(/commitRobinson)# #(commitRobinsonWithRemoteIndexing)#::
    This Robinson Mode switches remote indexing on, but limits targets to peers within the same cluster. Remote indexing requests from peers within the same cluster are accepted.
    #(/commitRobinsonWithRemoteIndexing)# #(commitRobinsonWithoutRemoteIndexing)#::
    This Robinson Mode does not allow any remote indexing (neither requests remote indexing, nor accepts it).
    #(/commitRobinsonWithoutRemoteIndexing)# - +
    diff --git a/htroot/ConfigNetwork_p.java b/htroot/ConfigNetwork_p.java index ff6dc244e..ed467b660 100644 --- a/htroot/ConfigNetwork_p.java +++ b/htroot/ConfigNetwork_p.java @@ -109,7 +109,7 @@ public class ConfigNetwork_p { } else if (indexDistribute && indexReceive) { commit = 1; } else { - prop.put("commitDHTNoGlobalSearch", "1"); + if (!indexReceive) prop.put("commitDHTNoGlobalSearch", "1"); commit = 1; } if (!crawlResponse) { diff --git a/htroot/env/templates/header.template b/htroot/env/templates/header.template index 49d543725..b48da02b0 100644 --- a/htroot/env/templates/header.template +++ b/htroot/env/templates/header.template @@ -40,7 +40,7 @@

    Peer Control

    • Admin Console
      • -
    • Terminal
      • +
    • Terminal
    • Messages New Messages
    • Re-Start
    • Shutdown
      • diff --git a/source/de/anomic/http/httpd.java b/source/de/anomic/http/httpd.java index 289b888be..e56d7ac3d 100644 --- a/source/de/anomic/http/httpd.java +++ b/source/de/anomic/http/httpd.java @@ -296,9 +296,9 @@ public final class httpd implements serverHandler { } public static int staticAdminAuthenticated(String authorization, serverSwitch sw) { - if (authorization==null) return 1; + // the authorization string must be given with the truncated 6 bytes at the beginning + if (authorization == null) return 1; //if (authorization.length() < 6) return 1; // no authentication information given - //authorization = authorization.trim().substring(6); String adminAccountBase64MD5 = sw.getConfig(ADMIN_ACCOUNT_B64MD5, ""); if (adminAccountBase64MD5.length() == 0) return 2; // no passwrd stored if (adminAccountBase64MD5.equals(serverCodings.encodeMD5Hex(authorization))) return 4; // hard-authenticated, all ok diff --git a/source/de/anomic/http/httpdFileHandler.java b/source/de/anomic/http/httpdFileHandler.java index 1a1da712b..fbf9ab350 100644 --- a/source/de/anomic/http/httpdFileHandler.java +++ b/source/de/anomic/http/httpdFileHandler.java @@ -303,21 +303,15 @@ public final class httpdFileHandler { int pos = path.lastIndexOf("."); - if ((!clientIP.equals("localhost")) && - (!clientIP.startsWith("0:0:0:0:0:0:0:1")) && - (path.substring(0,(pos==-1)?path.length():pos)).endsWith("_p") && - (adminAccountBase64MD5.length() != 0)) { - //authentication required - //userDB - if(sb.userDB.hasAdminRight(authorization, conProp.getProperty(httpHeader.CONNECTION_PROP_CLIENTIP), requestHeader.getHeaderCookies())){ - //Authentication successful. remove brute-force flag - serverCore.bfHost.remove(conProp.getProperty(httpHeader.CONNECTION_PROP_CLIENTIP)); - //static - }else if(authorization != null && httpd.staticAdminAuthenticated(authorization.trim().substring(6), switchboard)==4){ - //Authentication successful. remove brute-force flag - serverCore.bfHost.remove(conProp.getProperty(httpHeader.CONNECTION_PROP_CLIENTIP)); - //no auth - }else if (authorization == null) { + boolean adminAccountForLocalhost = sb.getConfigBool("adminAccountForLocalhost", false); + boolean accessFromLocalhost = clientIP.equals("localhost") || clientIP.startsWith("0:0:0:0:0:0:0:1"); + boolean grantedForLocalhost = adminAccountForLocalhost && accessFromLocalhost; + boolean protectedPage = (path.substring(0,(pos==-1)?path.length():pos)).endsWith("_p"); + boolean accountEmpty = adminAccountBase64MD5.length() == 0; + + if (!grantedForLocalhost && protectedPage && !accountEmpty) { + // authentication required + if (authorization == null) { // no authorization given in response. Ask for that httpHeader headers = getDefaultHeaders(path); headers.put(httpHeader.WWW_AUTHENTICATE,"Basic realm=\"admin log-in\""); @@ -327,6 +321,11 @@ public final class httpdFileHandler { //TODO: separate errorpage Wrong Login / No Login httpd.sendRespondError(conProp, out, 5, 401, "Wrong Authentication", "", new File("proxymsg/authfail.inc"), tp, null, headers); return; + } else if ( + (httpd.staticAdminAuthenticated(authorization.trim().substring(6), switchboard) == 4) || + (sb.userDB.hasAdminRight(authorization, conProp.getProperty(httpHeader.CONNECTION_PROP_CLIENTIP), requestHeader.getHeaderCookies()))) { + //Authentication successful. remove brute-force flag + serverCore.bfHost.remove(conProp.getProperty(httpHeader.CONNECTION_PROP_CLIENTIP)); } else { // a wrong authentication was given or the userDB user does not have admin access. Ask again serverLog.logInfo("HTTPD", "Wrong log-in for account 'admin' in http file handler for path '" + path + "' from host '" + clientIP + "'"); @@ -343,7 +342,6 @@ public final class httpdFileHandler { } } - // parse arguments serverObjects args = new serverObjects(); int argc; diff --git a/source/de/anomic/plasma/plasmaSwitchboard.java b/source/de/anomic/plasma/plasmaSwitchboard.java index 268257436..abf2dcfd9 100644 --- a/source/de/anomic/plasma/plasmaSwitchboard.java +++ b/source/de/anomic/plasma/plasmaSwitchboard.java @@ -148,6 +148,7 @@ import de.anomic.kelondro.kelondroNaturalOrder; import de.anomic.plasma.parser.ParserException; import de.anomic.server.serverAbstractSwitch; import de.anomic.server.serverBusyThread; +import de.anomic.server.serverCodings; import de.anomic.server.serverDomains; import de.anomic.server.serverFileUtils; import de.anomic.server.serverInstantBusyThread; @@ -1139,7 +1140,7 @@ public final class plasmaSwitchboard extends serverAbstractSwitch 256) return 0; // authorization by encoded password, only for localhost access - String clientIP = (String) header.get(httpHeader.CONNECTION_PROP_CLIENTIP, ""); - if ((clientIP.equals("localhost") || clientIP.startsWith("0:0:0:0:0:0:0:1")) /*&& (adminAccountBase64MD5.equals(authorization))*/) return 3; // soft-authenticated for localhost + String adminAccountBase64MD5 = getConfig(httpd.ADMIN_ACCOUNT_B64MD5, ""); + if (accessFromLocalhost && (adminAccountBase64MD5.equals(authorization))) return 3; // soft-authenticated for localhost // authorization by hit in userDB if (userDB.hasAdminRight((String) header.get(httpHeader.AUTHORIZATION, "xxxxxx"), ((String) header.get(httpHeader.CONNECTION_PROP_CLIENTIP, "")), header.getHeaderCookies())) return 4; //return, because 4=max