From 72f00dee5918950f9caf33e878fef09c2451e2f1 Mon Sep 17 00:00:00 2001 From: orbiter Date: Mon, 8 Mar 2010 22:30:45 +0000 Subject: [PATCH] removed never-used server access account function git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@6731 6c8d7289-2bf4-0310-a012-ef5d649a1542 --- defaults/yacy.init | 12 ----- htroot/SettingsAck_p.java | 2 - htroot/Settings_p.java | 13 +----- source/de/anomic/http/server/HTTPDemon.java | 49 ++------------------- source/net/yacy/migration.java | 8 ---- 5 files changed, 4 insertions(+), 80 deletions(-) diff --git a/defaults/yacy.init b/defaults/yacy.init index a6b1d9645..b25073ab4 100644 --- a/defaults/yacy.init +++ b/defaults/yacy.init @@ -373,18 +373,6 @@ serverClient=* #use User_p.html to create some Users. use_proxyAccounts=false -# serverAccount: a user:password - pair for web server access -# this is the access to the 'public' pages on the server -# should be always open, but you get the option here -# if set to a user:password, you get a conflict with the administration account -# future versions will check if the server is unprotected, -# because the p2p-index-sharing function will use the http server for -# data exchange. -# example -#serverAccount=admin:mysecretpassword -serverAccount= -serverAccountBase64MD5= - # adminAccount: a user:password - pair for administration of # settings through the web interface # should be set to a secret. By default it is without a password diff --git a/htroot/SettingsAck_p.java b/htroot/SettingsAck_p.java index ff8dc5d98..aa2a50764 100644 --- a/htroot/SettingsAck_p.java +++ b/htroot/SettingsAck_p.java @@ -276,8 +276,6 @@ public class SettingsAck_p { // check passed. set account: env.setConfig("serverClient", filter); - //env.setConfig("serverAccountBase64MD5", serverCodings.encodeMD5Hex(kelondroBase64Order.standardCoder.encodeString(user + ":" + pw1))); - env.setConfig("serverAccount", ""); prop.put("info", "8");//server access filter updated //prop.put("info_user", user); diff --git a/htroot/Settings_p.java b/htroot/Settings_p.java index a9404b2c0..87c832040 100644 --- a/htroot/Settings_p.java +++ b/htroot/Settings_p.java @@ -142,18 +142,7 @@ public final class Settings_p { prop.putHTML("serverfilter", env.getConfig("serverClient", "*")); // server password - if (env.getConfig("serverAccountBase64", "").length() == 0) { - // no password has been specified - prop.put("serveruser","server"); - } else { - s = env.getConfig("serverAccount", "server:void"); - pos = s.indexOf(":"); - if (pos < 0) { - prop.put("serveruser","server"); - } else { - prop.put("serveruser",s.substring(0, pos)); - } - } + prop.put("serveruser","server"); // clientIP prop.putXML("clientIP", header.get(HeaderFramework.CONNECTION_PROP_CLIENTIP, "")); // read an artificial header addendum diff --git a/source/de/anomic/http/server/HTTPDemon.java b/source/de/anomic/http/server/HTTPDemon.java index c1ccd5916..c4a725dc2 100644 --- a/source/de/anomic/http/server/HTTPDemon.java +++ b/source/de/anomic/http/server/HTTPDemon.java @@ -133,7 +133,6 @@ public final class HTTPDemon implements serverHandler, Cloneable { // for authentication private boolean use_proxyAccounts = false; private boolean proxyAccounts_init = false; // is use_proxyAccounts set? - private String serverAccountBase64MD5; private String clientIP; private boolean allowProxy; private boolean allowServer; @@ -156,7 +155,6 @@ public final class HTTPDemon implements serverHandler, Cloneable { // authentication: by default none this.proxyAccounts_init = false; - this.serverAccountBase64MD5 = null; this.clientIP = null; // configuring keep alive support @@ -179,7 +177,6 @@ public final class HTTPDemon implements serverHandler, Cloneable { this.allowServer = false; this.allowYaCyHop = false; this.proxyAccounts_init = false; - this.serverAccountBase64MD5 = null; this.clientIP = null; this.prop.clear(); @@ -214,7 +211,6 @@ public final class HTTPDemon implements serverHandler, Cloneable { } this.proxyAccounts_init = false; - this.serverAccountBase64MD5 = null; } private static boolean match(final String key, final String latch) { @@ -304,39 +300,6 @@ public final class HTTPDemon implements serverHandler, Cloneable { return 1; } - private boolean handleServerAuthentication(final RequestHeader header) throws IOException { - // getting the http version that is used by the client - final String httpVersion = this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HTTP_VER, "HTTP/0.9"); - - // reading the authentication settings from switchboard - if (this.serverAccountBase64MD5 == null) - this.serverAccountBase64MD5 = switchboard.getConfig("serverAccountBase64MD5", ""); - - if (this.serverAccountBase64MD5.length() > 0) { - final String auth = header.get(RequestHeader.AUTHORIZATION); - if (auth == null) { - // authorization requested, but no authorizeation given in header. Ask for authenticate: - this.session.out.write((httpVersion + " 401 log-in required" + serverCore.CRLF_STRING + - RequestHeader.WWW_AUTHENTICATE + ": Basic realm=\"log-in\"" + serverCore.CRLF_STRING + - serverCore.CRLF_STRING).getBytes()); - this.session.out.write((HeaderFramework.CONTENT_LENGTH + ": 0\r\n").getBytes()); - this.session.out.write("\r\n".getBytes()); - return false; - } else if (!this.serverAccountBase64MD5.equals(Digest.encodeMD5Hex(auth.trim().substring(6)))) { - // wrong password given: ask for authenticate again - log.logInfo("Wrong log-in for account 'server' in HTTPD.GET " + this.prop.getProperty("PATH") + " from IP " + this.clientIP); - this.session.out.write((httpVersion + " 401 log-in required" + serverCore.CRLF_STRING + - RequestHeader.WWW_AUTHENTICATE + ": Basic realm=\"log-in\"" + - serverCore.CRLF_STRING).getBytes()); - this.session.out.write((HeaderFramework.CONTENT_LENGTH + ": 0\r\n").getBytes()); - this.session.out.write("\r\n".getBytes()); - this.session.out.flush(); - return false; - } - } - return true; - } - private boolean handleYaCyHopAuthentication(final RequestHeader header) { // check if the user has allowed that his/her peer is used for hops if (!this.allowYaCyHop) return false; @@ -488,9 +451,7 @@ public final class HTTPDemon implements serverHandler, Cloneable { if (this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) { // pass to server if (this.allowServer) { - if (this.handleServerAuthentication(header)) { - HTTPDFileHandler.doGet(this.prop, header, this.session.out); - } + HTTPDFileHandler.doGet(this.prop, header, this.session.out); } else { // not authorized through firewall blocking (ip does not match filter) this.session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.CRLF_STRING + serverCore.CRLF_STRING + "you are not allowed to connect to this server, because you are using a non-granted IP. allowed are only connections that match with the following filter: " + switchboard.getConfig("serverClient", "*") + serverCore.CRLF_STRING).getBytes()); @@ -557,9 +518,7 @@ public final class HTTPDemon implements serverHandler, Cloneable { if (this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) { // pass to server if (allowServer) { - if (handleServerAuthentication(header)) { - HTTPDFileHandler.doHead(prop, header, this.session.out); - } + HTTPDFileHandler.doHead(prop, header, this.session.out); } else { // not authorized through firewall blocking (ip does not match filter) session.out.write((httpVersion + " 403 refused (IP not granted)" + @@ -625,9 +584,7 @@ public final class HTTPDemon implements serverHandler, Cloneable { if (prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) { // pass to server if (allowServer) { - if (handleServerAuthentication(header)) { - HTTPDFileHandler.doPost(prop, header, this.session.out, sessionIn); - } + HTTPDFileHandler.doPost(prop, header, this.session.out, sessionIn); } else { // not authorized through firewall blocking (ip does not match filter) session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.CRLF_STRING + serverCore.CRLF_STRING + "you are not allowed to connect to this server, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("serverClient", "*") + serverCore.CRLF_STRING).getBytes()); diff --git a/source/net/yacy/migration.java b/source/net/yacy/migration.java index fa180b102..019709631 100644 --- a/source/net/yacy/migration.java +++ b/source/net/yacy/migration.java @@ -204,10 +204,6 @@ public class migration { public static void presetPasswords(final Switchboard sb) { // set preset accounts/passwords String acc; - if ((acc = sb.getConfig("serverAccount", "")).length() > 0) { - sb.setConfig("serverAccountBase64MD5", Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(acc))); - sb.setConfig("serverAccount", ""); - } if ((acc = sb.getConfig("adminAccount", "")).length() > 0) { sb.setConfig(HTTPDemon.ADMIN_ACCOUNT_B64MD5, Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(acc))); sb.setConfig("adminAccount", ""); @@ -218,10 +214,6 @@ public class migration { sb.setConfig("proxyAccountBase64MD5", Digest.encodeMD5Hex(acc)); sb.setConfig("proxyAccountBase64", ""); } - if ((acc = sb.getConfig("serverAccountBase64", "")).length() > 0) { - sb.setConfig("serverAccountBase64MD5", Digest.encodeMD5Hex(acc)); - sb.setConfig("serverAccountBase64", ""); - } if ((acc = sb.getConfig("adminAccountBase64", "")).length() > 0) { sb.setConfig(HTTPDemon.ADMIN_ACCOUNT_B64MD5, Digest.encodeMD5Hex(acc)); sb.setConfig("adminAccountBase64", "");