Connection limited by serial number

Submitted by jean-baptiste on #1

Hello,


From this script, I am having difficulty defining product serials on a per-user basis. Do you have any ideas why?

Is this the correct format for my product serials?

 

 

 



#!/bin/sh

# Example script for performing basic user authorization for VirtualHere
# Return 3 if the user needs to provide a username AND password (or the password is incorrect) to use the device
# Return 2 if the user needs to provide ONLY a password (or the password is incorrect) to use the device. The username defaults to the client OS username
# Return 1 if the user is allowed to access this device
# Return 0 if the user is not allowed to access this device

# Parameters are passed in as:
# $1 = VENDOR_ID
# $2 = PRODUCT_ID
# $3 = CLIENT_ID
# $4 = CLIENT_IP
# $5 = PRODUCT_SERIAL
# $6 = PASSWORD
# $7 = DEVPATH
# $8 = NICKNAME
# $9 = NUM_BINDINGS

LOGFILE="/volume1/@appstore/VirtualHere/Log/connection.log"

logger "Authorizing -> '$1' '$2' '$3' '$4' '$5' '$6' '$7' '$8' '$9'"

# Users passwords and access
declare -A user_passwords
declare -A user_access

# Auser_passwords[" A"]="AA"
user_access["A"]="ALL"

# admin
user_passwords["admin"]="administrator"
user_access["admin"]="ALL"

# A
user_passwords["A"]="AA"
user_access["A"]="Wysiwyg"

# B
user_passwords["B"]="BB"
user_access["B"]="Depence"

# C
user_passwords["C"]="CC"
user_access["C"]="Media Master 6"

# AB
user_passwords["AB"]="AABB"
user_access["AB"]="Wysiwyg Depence"

 

# Add a product name mapping
declare -A product_names
product_names["fffffff8ffffffb0ffffff90fffffff0"]="Wysiwyg"
product_names["ffffffc4ffffffadffffffc5ffffff86"]="Depence"
product_names["fffffff8ffffffb0ffffff90fffffffc"]="Media Master 6"
product_names["fffffff8ffffffb0ffffff90fffffff1"]="Canal Factory"

##### Processing code #####

echo "Product Serial: $5"
echo "Expected Product Name: ${product_names[$5]}"

if [ -n "${user_passwords[$3]}" ]; then
 echo "User Password exists"
else
 echo "User Password does not exist"
fi

if [ "$(echo -n "${user_passwords[$3]}" | md5sum | cut -d' ' -f1)" = "$6" ]; then
 echo "Password Match"
else
 echo "Password Mismatch"
fi

if [ "${user_access[$3]}" ]; then
 echo "User Access exists"
else
 echo "User Access does not exist"
fi

if ( echo "${user_access[$3]}" | grep -qi "${product_names[$5]}\|ALL" ); then
 echo "Access Granted"
else
 echo "Access Denied"
fi

if [ -n "${user_passwords[$3]}" ] && [ "$(echo -n "${user_passwords[$3]}" | md5sum | cut -d' ' -f1)" = "$6" ] && ( echo "${user_access[$3]}" | grep -qi "${product_names[$5]}\|ALL" ); then
 echo "Password ok"
 # Log the successful connection
 echo "$(date +'%Y-%m-%d %H:%M:%S') | Connection (success) | Product: ${product_names[$5]} | User: $3 | IP: $4" >> "$LOGFILE"
else
 # Log the connection attempt
 echo "$(date +'%Y-%m-%d %H:%M:%S') | Connection (attempt) | Product: ${product_names[$5]} | User: $3 | IP: $4" >> "$LOGFILE"
 exit 3
fi

logger "Authorized!"
exit 1



 





Thanks 
 

Submitted by Michael on Sat, 2023/11/11 - 12:02

#2

First step is to see what $5 is instead of

logger "Authorizing -> '$1' '$2' '$3' '$4' '$5' '$6' '$7' '$8' '$9'"

can you do

echo "Authorizing -> '$1' '$2' '$3' '$4' '$5' '$6' '$7' '$8' '$9'" > /var/log/out.log

Then see what is in /var/log/out.log. I don't think logger works on Synology actually, i took a quick check then and i cant see anything in /var/log/messages or other files so its hard to debug the script. Also echo any messages to /var/log/out.txt instead of just echo only