diff options
| -rw-r--r-- | description | 1 | ||||
| -rw-r--r-- | pcoin.cpp | 52 | ||||
| -rw-r--r-- | popen2.c | 1 | ||||
| -rw-r--r-- | popen2.h | 1 | ||||
| -rw-r--r-- | tcoin.cpp | 136 |
5 files changed, 124 insertions, 67 deletions
diff --git a/description b/description new file mode 100644 index 0000000..be7b8bb --- /dev/null +++ b/description @@ -0,0 +1 @@ +play money for tilde town and other tildeboxes diff --git a/pcoin.cpp b/pcoin.cpp index 242dc21..92d7eec 100644 --- a/pcoin.cpp +++ b/pcoin.cpp @@ -42,6 +42,8 @@ #define LS_HOME_CMD "/bin/ls /home" #define BIN_ECHO_CMD "/bin/echo $$" +#define CHMOD_PERMISSIONS ((S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO) +#define CHMOD_PROGRAM_KEY_PERMISSIONS (S_IRUSR & ~S_IWUSR & ~S_IXUSR & ~S_IRWXG & ~S_IRWXO) #ifndef KROWBAR_OFF #define KROWBAR_SCORE_PATH "/home/krowbar/Code/irc/data/tildescores.txt" #define JU_SCORE_PATH "/home/jmjl/dev/juju/data/tildescores.txt" @@ -354,7 +356,7 @@ int add_file_value(const char* file_name, const long long int &value_to_add, con file2 << new_value << "\n"; file2.close(); - chmod(temp_file_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(temp_file_path, CHMOD_PERMISSIONS); if(!file2) //error { @@ -368,7 +370,7 @@ int add_file_value(const char* file_name, const long long int &value_to_add, con { if(!std::rename(temp_file_path, file_path)) { - chmod(file_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(file_path, CHMOD_PERMISSIONS); break; } } @@ -675,7 +677,7 @@ std::string refresh_pcoin_key() if(!std::rename(program_key_path, temp_program_key_path)) { - chmod(temp_program_key_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(temp_program_key_path, CHMOD_PERMISSIONS); std::ofstream fin2(temp2_program_key_path); if(!fin2) @@ -685,7 +687,7 @@ std::string refresh_pcoin_key() { if(!std::rename(temp_program_key_path, program_key_path)) { - chmod(program_key_path, S_IRUSR & ~S_IWUSR & ~S_IXUSR & ~S_IRWXG & ~S_IRWXO); + chmod(program_key_path, CHMOD_PROGRAM_KEY_PERMISSIONS); break; } } @@ -698,13 +700,13 @@ std::string refresh_pcoin_key() new_key = exec(PCOIN_NEW_KEY_CMD); fin2 << new_key << "\n"; fin2.close(); - chmod(temp2_program_key_path, S_IRUSR & ~S_IWUSR & ~S_IXUSR & ~S_IRWXG & ~S_IRWXO); + chmod(temp2_program_key_path, CHMOD_PROGRAM_KEY_PERMISSIONS); while(1) { if(!std::rename(temp2_program_key_path, program_key_path)) { - chmod(program_key_path, S_IRUSR & ~S_IWUSR & ~S_IXUSR & ~S_IRWXG & ~S_IRWXO); + chmod(program_key_path, CHMOD_PROGRAM_KEY_PERMISSIONS); while(1) { if(!std::remove(temp_program_key_path)) @@ -828,7 +830,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fin2.close(); fin3.close(); - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] receiver_salt_path; delete[] receiver_salt_logged_in_path; @@ -888,7 +890,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fout << "\n\n"; } fout.close(); - chmod(really_temp_receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_receiver_path, CHMOD_PERMISSIONS); if(!fout) //error { @@ -913,7 +915,7 @@ int send_message(const char* sender_username, const char* receiver_username, con break; } - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] really_temp_receiver_path; delete[] temp_receiver_path; @@ -941,7 +943,7 @@ int send_message(const char* sender_username, const char* receiver_username, con else fin.close(); fin2.close(); - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -979,7 +981,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fout << "\n"; } fout.close(); - chmod(really_temp_program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_program_receiver_path.c_str(), CHMOD_PERMISSIONS); if(!fout) //error { @@ -1004,7 +1006,7 @@ int send_message(const char* sender_username, const char* receiver_username, con break; } - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); break; }//if statement with !std::rename for receiver's program accounting _messages file }//while loop for program accounting receiver's _messages file @@ -1036,7 +1038,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fin.open(temp_sender_path); fout.open(really_temp_sender_path); - chmod(really_temp_sender_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_sender_path, CHMOD_PERMISSIONS); fout << fin.rdbuf(); @@ -1130,7 +1132,7 @@ int send_message(const char* sender_username, const char* receiver_username, con else fin.close(); fin2.close(); - chmod(program_sender_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_sender_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1168,7 +1170,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fout << "\n"; } fout.close(); - chmod(really_temp_program_sender_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_program_sender_path.c_str(), CHMOD_PERMISSIONS); if(!fout) //error { @@ -1193,7 +1195,7 @@ int send_message(const char* sender_username, const char* receiver_username, con break; } - chmod(program_sender_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_sender_path.c_str(), CHMOD_PERMISSIONS); break; }//if statement with !std::rename for sender's program accounting _messages file }//while loop for program accounting sender's _messages file @@ -1288,7 +1290,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_sender_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_sender_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1324,7 +1326,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_sender_total_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_sender_total_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1410,7 +1412,7 @@ int send(const char* sender_username, const char* receiver_username, const long fin2.close(); fin3.close(); - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] receiver_salt_path; delete[] receiver_salt_logged_in_path; @@ -1444,7 +1446,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1475,7 +1477,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_receiver_total_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_total_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1682,7 +1684,7 @@ long long int get_internal_balance(const char* username) } else fin.close(); - chmod(internal_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(internal_path.c_str(), CHMOD_PERMISSIONS); } std::string internal_username = std::string(PROG_ACT_W_SLASH) + get_username() + std::string("/") + std::string(username); @@ -1708,7 +1710,7 @@ long long int get_internal_total_owed() } else fin.close(); - chmod(internal_total_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(internal_total_path.c_str(), CHMOD_PERMISSIONS); } std::string internal_total_username = std::string(PROG_ACT_W_SLASH) + get_username() + std::string("/_TOTAL"); @@ -1757,7 +1759,7 @@ int add_internal_balance(const char* username, const long long int value_to_add) else fin.close(); fin2.close(); - chmod(internal_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(internal_path.c_str(), CHMOD_PERMISSIONS); } int return_value; @@ -1795,7 +1797,7 @@ int add_internal_balance(const char* username, const long long int value_to_add) else fin.close(); fin2.close(); - chmod(internal_total_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(internal_total_path.c_str(), CHMOD_PERMISSIONS); } while(1) diff --git a/popen2.c b/popen2.c index 3434d51..403c324 100644 --- a/popen2.c +++ b/popen2.c @@ -132,4 +132,3 @@ int pclose2(files_t *fp) { } return status; } - diff --git a/popen2.h b/popen2.h index 1805632..f0de0a3 100644 --- a/popen2.h +++ b/popen2.h @@ -2,7 +2,6 @@ #define _IXIMIUZ_POPEN2 #include<stdio.h> - //https://github.com/iximiuz/popen2 //https://iximiuz.com/en/posts/how-to-on-processes/ diff --git a/tcoin.cpp b/tcoin.cpp index 675d5af..819e075 100644 --- a/tcoin.cpp +++ b/tcoin.cpp @@ -36,6 +36,7 @@ #define LS_HOME_CMD "/bin/ls /home" #define BIN_ECHO_CMD "/bin/echo $$" +#define CHMOD_PERMISSIONS ((S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO) #ifndef KROWBAR_OFF #define KROWBAR_SCORE_PATH "/home/krowbar/Code/irc/data/tildescores.txt" #define JU_SCORE_PATH "/home/jmjl/dev/juju/data/tildescores.txt" @@ -241,25 +242,40 @@ std::string exec(const char* cmd) { return std::string(""); //dummy line, never executes } -std::string exec2(const char* cmd, std::string input) { - std::string data_length_cmd_str = std::string(cmd) + std::string(PIPED_WORD_COUNT_CMD); - const char* data_length_cmd_cstr = data_length_cmd_str.c_str(); - std::string data_length_str = exec(data_length_cmd_cstr); - long long int data_length = strtol_fast(data_length_str.c_str())+1; +std::string exec2_5(const char* cmd, std::string input, long long int data_length_override = -1) { + long long int data_length = data_length_override; + if(data_length_override == -1) + { + std::string data_length_cmd_str = std::string(cmd) + std::string(PIPED_WORD_COUNT_CMD); + const char* data_length_cmd_cstr = data_length_cmd_str.c_str(); + std::string data_length_str = exec(data_length_cmd_cstr); + data_length = strtol_fast(data_length_str.c_str())+1; + } + std::vector <char> buffer; - buffer.reserve(data_length); + + if(data_length > 0) + { + buffer.reserve(data_length); + } + std::string result; + files_t *fp = popen2(cmd); if (!fp) throw std::runtime_error("popen2() failed!"); fputs((input+std::string("\n")).c_str(), fp->in); std::fflush(fp->in); - while (!feof(fp->out)) { + if(data_length > 0) + { + while (!feof(fp->out)) { if (fgets(buffer.data(), data_length, fp->out) != nullptr) result += buffer.data(); + } } pclose2(fp); + return result; } @@ -341,7 +357,7 @@ int add_file_value(const char* file_name, const long long int &value_to_add, con std::ofstream file2(temp_file_path); file2 << new_value << "\n"; file2.close(); - chmod(temp_file_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(temp_file_path, CHMOD_PERMISSIONS); if(!file2) //error { @@ -355,7 +371,7 @@ int add_file_value(const char* file_name, const long long int &value_to_add, con { if(!std::rename(temp_file_path, file_path)) { - chmod(file_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(file_path, CHMOD_PERMISSIONS); break; } } @@ -619,7 +635,7 @@ void clear_messages(const char* username) { fin.close(); rename(messages_path.c_str(), messages_backup_path.c_str()); - chmod(messages_backup_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(messages_backup_path.c_str(), CHMOD_PERMISSIONS); break; } else @@ -629,7 +645,7 @@ void clear_messages(const char* username) std::ofstream fout(messages_path.c_str(), std::fstream::trunc); fout << "\n"; fout.close(); - chmod(messages_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(messages_path.c_str(), CHMOD_PERMISSIONS); } void show_messages(const char* username) @@ -908,7 +924,8 @@ int log_on(const char* username) codefin >> code2; codefin >> code3; codefin.close(); - exec((std::string(TCOIN_BIN_PATH_W_SPACE) + std::string(code2)).c_str()); + + exec2_5((std::string(TCOIN_BIN_PATH_W_SPACE) + std::string("code2")).c_str(), std::string(code2), 0); //0 because we don't want any output fin.open(decrypted_password_file.c_str()); if(!fin || (fin && file_is_empty(fin))) @@ -945,6 +962,7 @@ int initialise_user(const char* username, const long long int &base_amount) std::string balance_file = std::string(TCOIN_PATH_W_SLASH) + std::string(username) + std::string(".txt"); std::string messages_file = std::string(TCOIN_MSG_PATH) + std::string(username) + std::string("_messages.txt"); std::string password_file = std::string(TCOIN_PASS_PATH) + std::string(username) + std::string("_password.txt"); + std::string password_candidate_file = std::string(TCOIN_PASS_PATH) + std::string(username) + std::string("_password_candidate.txt"); std::string salt_file = std::string(TCOIN_SALT_PATH) + std::string(username) + std::string("_salt.txt"); std::string salt_logged_in_file = std::string(TCOIN_SALT_PATH) + std::string(username) + std::string("_salt_logged_in.txt"); @@ -955,7 +973,7 @@ int initialise_user(const char* username, const long long int &base_amount) std::ofstream fout(balance_file.c_str(), std::fstream::trunc); fout << "0\n"; fout.close(); - chmod(balance_file.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(balance_file.c_str(), CHMOD_PERMISSIONS); flag_balance = true; } fin.close(); @@ -967,7 +985,7 @@ int initialise_user(const char* username, const long long int &base_amount) std::ofstream fout(messages_file.c_str(), std::fstream::trunc); fout << "\n"; fout.close(); - chmod(messages_file.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(messages_file.c_str(), CHMOD_PERMISSIONS); flag_messages = true; } fin.close(); @@ -975,6 +993,7 @@ int initialise_user(const char* username, const long long int &base_amount) fin.open(salt_file.c_str()); std::ifstream fin2(password_file.c_str()); std::ifstream fin3(salt_logged_in_file.c_str()); + std::ifstream fin4; if((!fin && !fin3) || !fin2 || (fin && file_is_empty(fin)) || (fin3 && file_is_empty(fin3)) || file_is_empty(fin2)) //if salt or password file is missing or empty, we'd have to set up a new salt and password (i.e., salt file encrypted with passphrase) { fin.close(); @@ -997,7 +1016,7 @@ int initialise_user(const char* username, const long long int &base_amount) } fout << "\n"; fout.close(); - chmod(salt_file.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(salt_file.c_str(), CHMOD_PERMISSIONS); std::cout << "\nYour salt and/or password file(s) are missing. A new salt and password file will be created. Please enter your desired passphrase and re-enter to confirm the same below. You will need to enter it to log onto tildecoin. If you ^C before confirming the passphrase, you'll have created an empty password file and would have to run `tcoin init` again.\n\n"; @@ -1007,27 +1026,46 @@ int initialise_user(const char* username, const long long int &base_amount) codefin >> code2; codefin >> code3; codefin.close(); - exec((std::string(TCOIN_BIN_PATH_W_SPACE) + std::string(code1)).c_str()); - - fin.open(password_file.c_str()); - if(!fin || (fin && file_is_empty(fin))) + exec2_5((std::string(TCOIN_BIN_PATH_W_SPACE) + std::string("code1")).c_str(), std::string(code1), 0); //0 because we don't want any output + + //this file shouldn't exist, except if code1 was run by someone/some program other than tcoin, + //in which case the password_file wouldn't have been removed, so we should fail if we detect + //an already existing password_file + fin4.open(password_file.c_str()); // this file shouldn't exist, so something has gone wrong if it does + fin.open(password_candidate_file.c_str()); + if(!fin || (fin && file_is_empty(fin) || fin4)) { if(file_is_empty(fin)) - chmod(password_file.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(password_candidate_file.c_str(), CHMOD_PERMISSIONS); fin.close(); + if(fin4) //password_file already exists, abort and don't replace + { + //just making sure the file has enough permissions to be deleted, since scrypt would have created it with different permissions + chmod(password_candidate_file.c_str(), CHMOD_PERMISSIONS); + remove(password_candidate_file.c_str()); + } + fin4.close(); std::cout << "\nSomething went wrong in the password-file generation process. Your password file is now empty. You will have to run `tcoin init` again and choose a new passphrase.\n\n"; return 1; } else { - chmod(password_file.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); fin.close(); + chmod(password_candidate_file.c_str(), CHMOD_PERMISSIONS); + //rename password candidate file to password file to actualise the creation of the account + while(1) + { + if(!std::rename(password_candidate_file.c_str(), password_file.c_str())) + break; + } + chmod(password_file.c_str(), CHMOD_PERMISSIONS); } flag_password_and_salt=true; } fin.close(); fin2.close(); fin3.close(); + fin4.close(); if(flag_balance==true) { std::cout << "\nWelcome to tildecoin. "; @@ -1095,7 +1133,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fin2.close(); fin3.close(); - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] receiver_salt_path; delete[] receiver_salt_logged_in_path; @@ -1155,7 +1193,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fout << "\n\n"; } fout.close(); - chmod(really_temp_receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_receiver_path, CHMOD_PERMISSIONS); if(!fout) //error { @@ -1180,7 +1218,7 @@ int send_message(const char* sender_username, const char* receiver_username, con break; } - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] really_temp_receiver_path; delete[] temp_receiver_path; @@ -1208,7 +1246,7 @@ int send_message(const char* sender_username, const char* receiver_username, con else fin.close(); fin2.close(); - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1246,7 +1284,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fout << "\n"; } fout.close(); - chmod(really_temp_program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_program_receiver_path.c_str(), CHMOD_PERMISSIONS); if(!fout) //error { @@ -1271,7 +1309,7 @@ int send_message(const char* sender_username, const char* receiver_username, con break; } - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); break; }//if statement with !std::rename for receiver's program accounting _messages file }//while loop for program accounting receiver's _messages file @@ -1303,7 +1341,7 @@ int send_message(const char* sender_username, const char* receiver_username, con fin.open(temp_sender_path); fout.open(really_temp_sender_path); - chmod(really_temp_sender_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(really_temp_sender_path, CHMOD_PERMISSIONS); fout << fin.rdbuf(); @@ -1510,7 +1548,7 @@ int send(const char* sender_username, const char* receiver_username, const long fin2.close(); fin3.close(); - chmod(receiver_path, (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(receiver_path, CHMOD_PERMISSIONS); delete[] receiver_salt_path; delete[] receiver_salt_logged_in_path; @@ -1544,7 +1582,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_receiver_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1575,7 +1613,7 @@ int send(const char* sender_username, const char* receiver_username, const long else fin.close(); fin2.close(); - chmod(program_receiver_total_path.c_str(), (S_IRUSR | S_IWUSR) & ~S_IRWXG & ~S_IRWXO); + chmod(program_receiver_total_path.c_str(), CHMOD_PERMISSIONS); } while(1) @@ -1716,17 +1754,31 @@ int main(int argc, char *argv[]) codefin >> code2; codefin >> code3; codefin.close(); - if(argc==2 && !strctcmp(argv[1], code1)) + if(argc==2 && !strctcmp(argv[1], "code1")) { - std::string salt_file = std::string(TCOIN_SALT_PATH) + get_username() + std::string("_salt.txt"); - std::string password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_password.txt"); - execl(TCOIN_SCRYPT_PATH, "scrypt", "enc", "-m", "0.125", "-t", "5", salt_file.c_str(), password_file.c_str(), NULL); + //to set the password when doing 'tcoin init', we create a hashed + encrypted <username>_password_candidate.txt + //the code that calls this will then check if <username>_password.txt doesn't already exist, and if it doesn't, + //it'll move <username>_password_candidate.txt to <username>_password.txt, otherwise it'll delete + //<username>_password_candidate.txt + std::fgets(codecheck, 514, stdin); + codecheck[513] = codecheck[514] = '\0'; + if(!strctcmp(codecheck, code1)) + { + std::string salt_file = std::string(TCOIN_SALT_PATH) + get_username() + std::string("_salt.txt"); + std::string password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_password_candidate.txt"); + execl(TCOIN_SCRYPT_PATH, "scrypt", "enc", "-m", "0.125", "-t", "5", salt_file.c_str(), password_file.c_str(), NULL); + } } - if(argc==2 && !strctcmp(argv[1], code2)) + if(argc==2 && !strctcmp(argv[1], "code2")) { - std::string decrypted_password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_decrypted_password.txt"); - std::string password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_password.txt"); - execl(TCOIN_SCRYPT_PATH, "scrypt", "dec", "-t", "15", password_file.c_str(), decrypted_password_file.c_str(), NULL); + std::fgets(codecheck, 514, stdin); + codecheck[513] = codecheck[514] = '\0'; + if(!strctcmp(codecheck, code2)) + { + std::string decrypted_password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_decrypted_password.txt"); + std::string password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_password.txt"); + execl(TCOIN_SCRYPT_PATH, "scrypt", "dec", "-t", "15", password_file.c_str(), decrypted_password_file.c_str(), NULL); + } } if(argc==2 && !strctcmp(argv[1], "pcoin_list")) { @@ -1739,10 +1791,14 @@ int main(int argc, char *argv[]) //If ^C is sent while doing `tcoin on`, <username>_dercrypted_password.txt gets left behind //this might cause the program to interpret the salt and password to be corrupted, and might //ask to create a new passphrase. To prevent this, we cleanup _decrypted_password.txt on every - //start of tcoin + //start of tcoin. We do the same for _password_candidate.txt, which would be left over if someone + //were to inadvertently find code1 and use that to try to replace the password without having logged in { std::string decrypted_password_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_decrypted_password.txt"); remove(decrypted_password_file.c_str()); + + std::string password_candidate_file = std::string(TCOIN_PASS_PATH) + get_username() + std::string("_password_candidate.txt"); + remove(decrypted_password_file.c_str()); } base_amount = get_file_value("base/base"); |