1 SESSION LAYER PROTOCOL FOR CITADEL/UX
2 (c) 1995-2002 by Art Cancro et. al. All Rights Reserved
8 This is an attempt to document the session layer protocol used by the
9 Citadel/UX system, beginning with version 4.00, which is the first version
10 to implement a client/server paradigm. It is intended as a resource for
11 programmers who intend to develop their own Citadel clients, but it may have
15 IMPORTANT NOTE TO DEVELOPERS!
16 -----------------------------
18 Anyone who wants to add commands or other functionality to this protocol,
19 *please* get in touch so that these efforts can be coordinated. New
20 commands added by other developers can be added to this document, so we
21 don't end up with new server commands from multiple developers which have
22 the same name but perform different functions. If you don't coordinate new
23 developments ahead of time, please at least send in an e-mail documenting
24 what you did, so that your new commands can be added to this document.
26 The coordinator of the Citadel/UX project is Art Cancro
27 <ajc@uncensored.citadel.org>.
30 CONNECTING TO A SERVER
31 ----------------------
33 The protocols used below the session layer are beyond the scope of this
34 document, but we will briefly cover the methodology employed by Citadel/UX.
36 Citadel/UX offers Citadel BBS service using TCP/IP. It does so via a
37 multithreaded server listening on a TCP port. Older (4.xx) versions employed
38 an inetd-based server.
40 The port number officially assigned to Citadel by the IANA is 504/tcp. Since
41 our session layer assumes a clean, reliable, sequenced connection, the use
42 of UDP would render the server unstable and unusable, so we stick with TCP.
45 GENERAL INFORMATION ABOUT THE SERVER
46 ------------------------------------
48 The server is connection-oriented and stateful: each client requires its own
49 connection to a server process, and when a command is sent, the client must
50 read the response, and then transfer data or change modes if necessary.
52 The session layer is very much like other Internet protocols such as SMTP
53 or NNTP. A client program sends one-line commands to the server, and the
54 server responds with a three-digit numeric result code followed by a message
55 describing what happened. This cycle continues until the end of the
58 Unlike protocols such as FTP, all data transfers occur in-band. This means
59 that the same connection that is used for exchange of client/server
60 messages, will also be used to transfer data back and forth. (FTP opens a
61 separate connection for data transfers.) This keeps protocol administration
62 straightforward, as it can traverse firewalls without any special protocol
63 support on the firewall except for opening the port number.
69 The server will respond to all commands with a 3-digit result code, which
70 will be the first three characters on the line. The rest of the line may
71 contain a human-readable string explaining what happened. (Some client
72 software will display some of these strings to the user.)
74 The first digit is the most important. The following codes are defined for
75 this position: ERROR, OK, MORE_DATA, LISTING_FOLLOWS, and SEND_LISTING.
77 The second and third digits may provide a reason as to why a command
78 succeeded or failed. See ipcdef.h for the available codes.
80 ERROR means the command did not complete.
81 OK means the command executed successfully.
82 MORE_DATA means the command executed partially. Usually this means that
83 another command needs to be executed to complete the operation. For example,
84 sending the USER command to log in a user usually results in a MORE_DATA
85 result code, because the client needs to execute a PASS command to send the
86 password and complete the login.
87 LISTING_FOLLOWS means that after the server response, the server will
88 output a listing of some sort. The client *must* read the listing, whether
89 it wants to or not. The end of the listing is signified by the string
90 "000" on a line by itself.
91 SEND_LISTING is the opposite of LISTING_FOLLOWS. It means that the client
92 should begin sending a listing of some sort. The client *must* send something,
93 even if it is an empty listing. Again, the listing ends with "000" on a line
95 BINARY_FOLLOWS and SEND_BINARY mean that the client must immediately send
96 or receive a block of binary data. The first parameter will always be the
98 ASYNC_MESSAGE_FOLLOWS means that an asynchronous, or unsolicited, message
99 follows. The next line will be one of the above codes, and if a data transfer
100 is involved it must be handled immediately. Note that the client will not
101 receive this type of response unless it indicates to the server that it is
102 capable of handling them; see the writeup of the ASYN command later in this
108 Zero or more parameters may be passed to a command. When more than one
109 parameter is passed to a command, they should be separated by the "|"
112 In this example, we're using the "SETU" command and passing three
113 parameters: 80, 24, and 260.
115 When the server spits out data that has parameters, if more than one
116 parameter is returned, they will be separated by the "|" symbol like
119 In this example, we just executed the "GETU" command, and it returned us
120 an OK result code (the '2' in the 200) and three parameters: 80, 24, and
127 This is a listing of all the commands that a Citadel/UX server can execute.
132 This command does nothing. It takes no arguments and always returns
133 OK. It is intended primarily for testing and development, but it might also
134 be used as a "keep alive" command to prevent the server from timing out, if
135 it's running over a transport that needs this type of thing.
138 ECHO (ECHO something)
140 This command also does nothing. It simply returns OK followed by whatever
146 Terminate the server connection. This command takes no arguments. It
147 returns OK and closes the connection immediately.
152 Log out the user without closing the server connection. It always returns
153 OK even if no user is logged in.
156 USER (send USER name)
158 The first step in logging in a user. This command takes one argument: the
159 name of the user to be logged in. If the user exists, a MORE_DATA return
160 code will be sent, which means the client should execute PASS as the next
161 command. If the user does not exist, ERROR is returned.
166 The second step in logging in a user. This command takes one argument: the
167 password for the user we are attempting to log in. If the password doesn't
168 match the correct password for the user we specified for the USER command,
169 or if a USER command has not been executed yet, ERROR is returned. If the
170 password is correct, OK is returned and the user is now logged in... and
171 most of the other server commands can now be executed. Along with OK, the
172 following parameters are returned:
174 0 - The user's name (in case the client wants the right upper/lower casing)
175 1 - The user's current access level
178 4 - Various flags (see citadel.h)
180 6 - Time of last call (UNIX timestamp)
183 NEWU (create NEW User account)
185 This command creates a new user account AND LOGS IT IN. The argument to
186 this command will be the name of the account. No case conversion is done
187 on the name. Note that the new account is installed with a default
188 configuration, and no password, so the client should immediately prompt the
189 user for a password and install it with the SETP command as soon as this
190 command completes. This command returns OK if the account was created and
191 logged in, or ERROR if another user already exists with this name. If OK,
192 it will also return the same parameters that PASS returns.
194 Please note that the NEWU command should only be used for self-service user account
195 creation. For administratively creating user accounts, please use the CREU command.
198 SETP (SET new Password)
200 This command sets a new password for the currently logged in user. The
201 argument to this command will be the new password. The command always
202 returns OK, unless the client is not logged in, in which case it will return
206 CREU (CREate new User account)
208 This command creates a new user account AND DOES NOT LOG IT IN. The argument to
209 this command will be the name of the account. No case conversion is done
210 on the name. Note that the new account is installed with a default
211 configuration, and no password. This command returns OK if the account was created,
212 or ERROR if another user already exists with this name.
214 Please note that CREU is intended to be used for activities in which a system
215 administrator is creating user accounts. For self-service user account creation,
216 use the NEWU command.
220 LKRN (List Known Rooms with New messages)
222 List known rooms with new messages. If the client is not logged in, ERROR
223 is returned. Otherwise, LISTING_FOLLOWS is returned, followed by the room
224 listing. Each line in the listing contains the full name of a room, followed
225 by the '|' symbol, and then a number that may contain the following bits:
228 #define QR_PERMANENT 1 /* Room does not purge */
229 #define QR_PRIVATE 4 /* Set for any type of private room */
230 #define QR_PASSWORDED 8 /* Set if there's a password too */
231 #define QR_GUESSNAME 16 /* Set if it's a guessname room */
232 #define QR_DIRECTORY 32 /* Directory room */
233 #define QR_UPLOAD 64 /* Allowed to upload */
234 #define QR_DOWNLOAD 128 /* Allowed to download */
235 #define QR_VISDIR 256 /* Visible directory */
236 #define QR_ANONONLY 512 /* Anonymous-Only room */
237 #define QR_ANON2 1024 /* Anonymous-Option room */
238 #define QR_NETWORK 2048 /* Shared network room */
239 #define QR_PREFONLY 4096 /* Preferred status needed to enter */
240 #define QR_READONLY 8192 /* Aide status required to post */
242 Then it returns another '|' symbol, followed by a second set of bits comprised
244 #define QR2_SYSTEM 1 /* System room; hide by default */
245 #define QR2_SELFLIST 2 /* Self-service mailing list mgmt */
247 Other bits may be defined in the future. The listing terminates, as with
248 all listings, with "000" on a line by itself.
250 Starting with version 4.01 and above, floors are supported. The first
251 argument to LKRN should be the number of the floor to list rooms from. Only
252 rooms from this floor will be listed. If no arguments are passed to LKRN, or
253 if the floor number requested is (-1), rooms on all floors will be listed.
255 The third field displayed on each line is the number of the floor the room
256 is on. The LFLR command should be used to associate floor numbers with
259 The fourth field displayed on each line is a "room listing order." Unless
260 there is a compelling reason not to, clients should sort any received room
261 listings by this value.
265 LKRO (List Known Rooms with Old [no new] messages)
267 This follows the same usage and format as LKRN.
270 LZRM (List Zapped RooMs)
272 This follows the same usage and format as LKRN and LKRO.
275 LKRA (List All Known Rooms)
277 Same format. Lists all known rooms, with or without new messages.
280 LRMS (List all accessible RooMS)
282 Again, same format. This command lists all accessible rooms, known and
283 forgotten, with and without new messages. It does not, however, list
284 inaccessible private rooms.
287 GETU (GET User configuration)
289 This command retrieves the screen dimensions and user options for the
290 currently logged in account. ERROR will be returned if no user is logged
291 in, of course. Otherwise, OK will be returned, followed by four parameters.
292 The first parameter is the user's screen width, the second parameter is the
293 user's screen height, and the third parameter is a bag of bits with the
296 #define US_LASTOLD 16 /* Print last old message with new */
297 #define US_EXPERT 32 /* Experienced user */
298 #define US_UNLISTED 64 /* Unlisted userlog entry */
299 #define US_NOPROMPT 128 /* Don't prompt after each message */
300 #define US_DISAPPEAR 512 /* Use "disappearing msg prompts" */
301 #define US_PAGINATOR 2048 /* Pause after each screen of text */
303 There are other bits, too, but they can't be changed by the user (see below).
306 SETU (SET User configuration)
308 This command does the opposite of SETU: it takes the screen dimensions and
309 user options (which were probably obtained with a GETU command, and perhaps
310 modified by the user) and writes them to the user account. This command
311 should be passed three parameters: the screen width, the screen height, and
312 the option bits (see above).
314 Note that there exist bits here which are not listed in this document. Some
315 are flags that can only be set by Aides or the system administrator. SETU
316 will ignore attempts to toggle these bits. There also may be more user
317 settable bits added at a later date. To maintain later downward compatibility,
318 the following procedure is suggested:
320 1. Execute GETU to read the current flags
321 2. Toggle the bits that we know we can toggle
322 3. Execute SETU to write the flags
324 If we are passed a bit whose meaning we don't know, it's best to leave it
325 alone, and pass it right back to the server. That way we can use an old
326 client on a server that uses an unknown bit without accidentally clearing
327 it every time we set the user's configuration.
332 This command is used to goto a new room. When the user first logs in (login
333 is completed after execution of the PASS command) this command is
334 automatically and silently executed to take the user to the first room in the
335 system (usually called the Lobby).
337 This command can be passed one or two parameters. The first parameter is,
338 of course, the name of the room. Although it is not case sensitive, the
339 full name of the room must be used. Wildcard matching or unique string
340 matching of room names should be the responsibility of the client.
342 Note that the reserved room name "_BASEROOM_" can be passed to the server
343 to cause the goto command to take the user to the first room in the system,
344 traditionally known as the Lobby>. As long as a user is logged in, a
345 GOTO command to _BASEROOM_ is guaranteed to succeed. This is useful to
346 allow client software to return to the base room when it doesn't know
349 There are also two additional reserved room names:
350 "_MAIL_" translates to the system's designated room for e-mail messages.
351 "_BITBUCKET_" goes to whatever room has been chosen for messages
354 The second (and optional) parameter is a password, if one is required for
355 access to the room. This allows for all types of rooms to be accessed via
356 this command: for public rooms, invitation-only rooms to which the user
357 has access, and preferred users only rooms to which the user has access, the
358 room will appear in a room listing. For guess-name rooms, this command
359 will work transparently, adding the room to the user's known room list when
360 it completes. For passworded rooms, access will be denied if the password
361 is not supplied or is incorrect, or the command will complete successfully
362 if the password is correct.
364 The third (and also) optional parameter is a "transient" flag. Normally,
365 when a user enters a private and/or zapped room, the room is added to the
366 user's known rooms list. If the transient flag is set to non-zero, this is
367 called a "transient goto" which causes the user to enter the room without
368 adding the room to the known rooms list.
370 The possible result codes are:
372 OK - The command completed successfully. User is now in the room.
373 (See the list of returned parameters below)
375 ERROR - The command did not complete successfully. Check the second and
376 third positions of the result code to find out what happened:
378 NOT_LOGGED_IN - Of course you can't go there. You didn't log in.
379 PASSWORD_REQUIRED - Either a password was not supplied, or the supplied
380 password was incorrect.
381 NO_SUCH_ROOM - The requested room does not exist.
383 The typical procedure for entering a passworded room would be:
385 1. Execute a GOTO command without supplying any password.
386 2. ERROR+PASSWORD_REQUIRED will be returned. The client now knows that
387 the room is passworded, and prompts the user for a password.
388 3. Execute a GOTO command, supplying both the room name and the password.
389 4. If OK is returned, the command is complete. If, however,
390 ERROR+PASSWORD_REQUIRED is still returned, tell the user that the supplied
391 password was incorrect. The user remains in the room he/she was previously
394 When the command succeeds, these parameters are returned:
395 0. The name of the room
396 1. Number of unread messages in this room
397 2. Total number of messages in this room
398 3. Info flag: set to nonzero if the user needs to read this room's info
399 file (see RINF command below)
400 4. Various flags associated with this room. (See LKRN cmd above)
401 5. The highest message number present in this room
402 6. The highest message number the user has read in this room
403 7. Boolean flag: 1 if this is a Mail> room, 0 otherwise.
404 8. Aide flag: 1 if the user is either the Room Aide for this room, *or* is
405 a regular Aide (this makes access checks easy).
406 9. The number of new Mail messages the user has (useful for alerting the
407 user to the arrival of new mail during a session)
408 10. The floor number this room resides on
409 11. The current "view" for this room (see views.txt for more info)
412 MSGS (get pointers to MeSsaGeS in this room)
414 This command obtains a listing of all the messages in the current room
415 which the client may request. This command may be passed a single parameter:
416 either "all", "old", or "new" to request all messages, only old messages, or
417 new messages. Or it may be passed two parameters: "last" plus a number, in
418 which case that many message pointers will be returned, or "first" plus a
419 number, for the corresponding effect. If no parameters are specified, "all"
422 In Citadel/UX 5.00 and above, the client may also specify "gt" plus a number,
423 to list all messages in the current room with a message number greater than
426 The third argument, valid only in Citadel/UX 5.60 and above, may be either
427 0 or 1. If it is 1, this command behaves differently: before a listing is
428 returned, the client must transmit a list of fields to search for. The field
429 headers are listed below in the writeup for the "MSG0" command.
431 This command can return three possible results. An ERROR code may be returned
432 if no user is currently logged in or if something else went wrong. Otherwise,
433 LISTING_FOLLOWS will be returned, and the listing will consist of zero or
434 more message numbers, one per line. The listing ends, as always, with the
435 string "000" alone on a line by itself. The listed message numbers can be used
436 to request messages from the system. If "search mode" is being used, the
437 server will return START_CHAT_MODE, and the client is expected to transmit
438 the search criteria, and then read the message list.
440 Since this is somewhat complex, here are some examples:
442 Example 1: Read all new messages
445 Server: 100 Message list...
451 Example 2: Read the last five messages
454 Server: 100 Message list...
462 Example 3: Read all messages written by "IGnatius T Foobar"
465 Server: 800 Send template then receive message list
466 Client: from|IGnatius T Foobar
480 Note that in "search mode" the client may specify any number of search
481 criteria. These criteria are applied with an AND logic.
485 MSG0 (read MeSsaGe, mode 0)
487 This is a command used to read the text of a message. "Mode 0" implies that
488 other MSG commands (MSG1, MSG2, etc.) will probably be added later on to read
489 messages in more robust formats. This command should be passed two arguments.
490 The first is the message number of the message being requested. The second
491 argument specifies whether the client wants headers and/or message body:
496 If the request is denied, an ERROR code will be returned. Otherwise, the
497 LISTING_FOLLOWS code will be returned, followed by the contents of the message.
498 The following fields may be sent:
500 type= Formatting type. The currently defined types are:
501 0 = "traditional" Citadel formatting. This means that newlines should be
502 treated as spaces UNLESS the first character on the next line is a space. In
503 other words, only indented lines should generate a newline on the user's screen
504 when the message is being displayed. This allows a message to be formatted to
505 the reader's screen width. It also allows the use of proportional fonts.
506 1 = a simple fixed-format message. The message should be displayed to
507 the user's screen as is, preferably in a fixed-width font that will fit 80
509 4 = MIME format message. The message text is expected to contain a header
510 with the "Content-type:" directive (and possibly others).
512 msgn= The message ID of this message on the system it originated on.
513 path= An e-mailable path back to the user who wrote the message.
515 time= The date and time of the message, in Unix format (the number of
516 seconds since midnight on January 1, 1970, GMT).
518 from= The name of the author of the message.
519 rcpt= If the message is a private e-mail, this is the recipient.
520 room= The name of the room the message originated in.
521 node= The short node name of the system this message originated on.
522 hnod= The long node name of the system this message originated on.
523 zaps= The id/node of a message which this one zaps (supersedes).
525 part= Information about a MIME part embedded in this message.
526 pref= Information about a multipart MIME prefix such as "multipart/mixed"
527 or "multipart/alternative". This will be output immediately prior
528 to the various "part=" lines which make up the multipart section.
529 suff= Information about a multipart MIME suffix. This will be output
530 immediately following the various "part=" lines which make up the
533 text Note that there is no "=" after the word "text". This string
534 signifies that the message text begins on the next line.
537 WHOK (WHO Knows room)
539 This command is available only to Aides. ERROR+HIGHER_ACCESS_REQUIRED will
540 be returned if the user is not an Aide. Otherwise, it returns
541 LISTING_FOLLOWS and then lists, one user per line, every user who has
542 access to the current room.
545 INFO (get server INFO)
547 This command will *always* return LISTING_FOLLOWS and then print out a
548 listing of zero or more strings. Client software should be written to expect
549 anywhere from a null listing to an infinite number of lines, to allow later
550 backward compatibility. The current implementation defines the following
551 parts of the listing:
553 Line 1 - Your unique session ID on the server
554 Line 2 - The node name of the server BBS
555 Line 3 - Human-readable node name of the server BBS
556 Line 4 - The fully-qualified domain name (FQDN) of the server
557 Line 5 - The name of the server software, i.e. "Citadel/UX 4.00"
558 Line 6 - (The revision level of the server code) * 100
559 Line 7 - The geographical location of the BBS (city and state if in the US)
560 Line 8 - The name of the system administrator
561 Line 9 - A number identifying the server type (see below)
562 Line 10 - The text of the system's paginator prompt
563 Line 11 - Floor Flag. 1 if the system supports floors, 0 otherwise.
564 Line 12 - Paging level. 0 if the system only supports inline paging,
565 1 if the system supports "extended" paging (check-only and
566 multiline modes). See the SEXP command for further information.
567 Line 13 - The "nonce" for this session, for support of APOP-style
568 authentication. If this field is present, clients may authenticate
570 Line 14 - Set to nonzero if this server supports the QNOP command.
572 *** NOTE! *** The "server type" code is intended to promote global
573 compatibility in a scenario in which developers have added proprietary
574 features to their servers or clients. We are attempting to avoid a future
575 situation in which users need to keep different client software around for
576 each BBS they use. *Please*, if you are a developer and plan to add
577 proprietary features:
579 -> Your client programs should still be able to utilize servers other than
581 -> Clients other than your own should still be able to utilize your server,
582 even if your proprietary extensions aren't supported.
583 -> Please contact Art Cancro <ajc@uncensored.citadel.org> and obtain a unique
584 server type code, which can be assigned to your server program.
585 -> If you document what you did in detail, perhaps it can be added to a
586 future release of the Citadel/UX program, so everyone can enjoy it. Better
587 yet, just work with the Citadel development team on the main source tree.
589 If everyone follows this scheme, we can avoid a chaotic situation with lots
590 of confusion about which client program works with which server, etc. Client
591 software can simply check the server type (and perhaps the revision level)
592 to determine ahead of time what commands may be utilized.
594 Please refer to "developers.txt" for information on what codes belong to whom.
598 RDIR (Read room DIRectory)
600 Use this command to read the directory of a directory room. ERROR+NOT_HERE
601 will be returned if the room has no directory, or some other error; ERROR +
602 HIGHER_ACCESS_REQUIRED will be returned if the room's directory is not
603 visible and the user does not have Aide or Room Aide privileges; otherwise
604 LISTING_FOLLOWS will be returned, followed by the room's directory. Each
605 line of the directory listing will contain three fields: a filename, the
606 length of the file, and a description.
608 The server message contained on the same line with LISTING_FOLLOWS will
609 contain the name of the system and the name of the directory, such as:
610 uncensored.citadel.org|/usr/bbs/files/my_room_directory
613 SLRP (Set Last-message-Read Pointer)
615 This command marks all messages in the current room as read (seen) up to and
616 including the specified number. Its sole parameter
617 is the number of the last message that has been read. This allows the pointer
618 to be set at any arbitrary point in the room. Optionally, the parameter
619 "highest" may be used instead of a message number, to set the pointer to the
620 number of the highest message in the room, effectively marking all messages
621 in the room as having been read (ala the Citadel <G>oto command).
623 The command will return OK if the pointer was set, or ERROR if something
624 went wrong. If OK is returned, it will be followed by a single argument
625 containing the message number the last-read-pointer was set to.
628 INVT (INViTe a user to a room)
630 This command may only be executed by Aides, or by the room aide for the
631 current room. It is used primarily to add users to invitation-only rooms,
632 but it may also be used in other types of private rooms as well. Its sole
633 parameter is the name of the user to invite.
635 The command will return OK if the operation succeeded, or ERROR if it did
636 not. ERROR+HIGHER_ACCESS_REQUIRED may also be returned if the operation
637 would have been possible if the user had higher access, and ERROR+NOT_HERE
638 may be returned if the room is not a private room.
641 KICK (KICK a user out of a room)
643 This is the opposite of INVT: it is used to kick a user out of a private
644 room. It can also be used to kick a user out of a public room, but the
645 effect will only be the same as if the user <Z>apped the room - a non-stupid
646 user can simply un-zap the room to get back in.
649 GETR (GET Room attributes)
651 This command is used for editing the various attributes associated with a
652 room. A typical "edit room" command would work like this:
653 1. Use the GETR command to get the current attributes
654 2. Change some of them around
655 3. Use SETR (see below) to save the changes
656 4. Possibly also change the room aide using the GETA and SETA commands
658 GETR takes no arguments. It will only return OK if the SETR command will
659 also return OK. This allows client software to tell the user that he/she
660 can't edit the room *before* going through the trouble of actually doing the
661 editing. Possible return codes are:
663 ERROR+NOT_LOGGED_IN - No user is logged in.
664 ERROR+HIGHER_ACCESS_REQUIRED - Not enough access. Typically, only aides
665 and the room aide associated with the current room, can access this command.
666 ERROR+NOT_HERE - Lobby>, Mail>, and Aide> cannot be edited.
667 OK - Command succeeded. Parameters are returned.
669 If OK is returned, the following parameters will be returned as well:
671 0. The name of the room
672 1. The room's password (if it's a passworded room)
673 2. The name of the room's directory (if it's a directory room)
674 3. Various flags (bits) associated with the room (see LKRN cmd above)
675 4. The floor number on which the room resides
676 5. The room listing order
677 6. The default view for the room (see views.txt)
678 7. A second set of flags (bits) associated with the room
681 SETR (SET Room attributes)
683 This command sets various attributes associated with the current room. It
684 should be passed the following arguments:
686 0. The name of the room
687 1. The room's password (if it's a passworded room)
688 2. The name of the room's directory (if it's a directory room)
689 3. Various flags (bits) associated with the room (see LKRN cmd above)
690 4. "Bump" flag (see below)
691 5. The floor number on which the room should reside
692 6. The room listing order
693 7. The default view for the room (see views.txt)
694 8. A second set of flags (buts) associated with the room
696 *Important: You should always use GETR to retrieve the current attributes of
697 the room, then change what you want to change, and then use SETR to write it
698 all back. This is particularly important with respect to the flags: if a
699 particular bit is set, and you don't know what it means, LEAVE IT ALONE and
700 only toggle the bits you want to toggle. This will allow for upward
703 If the room is a private room, you have the option of causing all users who
704 currently have access, to forget the room. If you want to do this, set the
705 "bump" flag to 1, otherwise set it to 0.
710 This command is used to get the name of the Room Aide for the current room.
711 It will return ERROR+NOT_LOGGED_IN if no user is logged in, ERROR if there
712 is no current room, or OK if the command succeeded. Along with OK there will
713 be returned one parameter: the name of the Room Aide.
718 The opposite of GETA, used to set the Room Aide for the current room. One
719 parameter should be passed, which is the name of the user who is to be the
720 new Room Aide. Under Citadel/UX, this command may only be executed by Aides
721 and by the *current* Room Aide for the room. Return codes possible are:
722 ERROR+NOT_LOGGED_IN (Not logged in.)
723 ERROR+HIGHER_ACCESS_REQUIRED (Higher access required.)
724 ERROR+NOT_HERE (No current room, or room cannot be edited.
725 Under Citadel/UX, the Lobby> Mail> and Aide> rooms are non-editable.)
726 OK (Command succeeded.)
729 ENT0 (ENTer message, mode 0)
731 This command is used to enter messages into the system. It accepts four
734 0 - Post flag. This should be set to 1 to post a message. If it is
735 set to 0, the server only returns OK or ERROR (plus any flags describing
736 the error) without reading in a message. Client software should, in fact,
737 perform this operation at the beginning of an "enter message" command
738 *before* starting up its editor, so the user does not end up typing a message
739 in vain that will not be permitted to be saved. If it is set to 2, the
740 server will accept an "apparent" post name if the user is privileged enough.
741 This post name is arg 4.
742 1 - Recipient. This argument is utilized only for private mail messages.
743 It is ignored for public messages. It contains, of course, the name of the
744 recipient of the message.
745 2 - Anonymous flag. This argument is ignored unless the room allows
746 anonymous messages. In such rooms, this flag may be set to 1 to flag a
747 message as anonymous, otherwise 0 for a normal message.
748 3 - Format type. Any valid Citadel/UX format type may be used (this will
749 typically be 0; see the MSG0 command above).
750 4 - Post name. When postflag is 2, this is the name you are posting as.
751 This is an Aide only command.
753 Possible result codes:
754 OK - The request is valid. (Client did not set the "post" flag, so the
755 server will not read in message text.) If the message is an e-mail with
756 a recipient, the text that follows the OK code will contain the exact name
757 to which mail is being sent. The client can display this to the user. The
758 implication here is that the name that the server returns will contain the
759 correct upper and lower case characters. In addition, if the recipient is
760 having his/her mail forwarded, the forwarding address will be returned.
761 SEND_LISTING - The request is valid. The client should now transmit
762 the text of the message (ending with a 000 on a line by itself, as usual).
763 ERROR - Miscellaneous error. (Explanation probably follows.)
764 ERROR + NOT_LOGGED_IN - Not logged in.
765 ERROR + HIGHER_ACCESS_REQUIRED - Higher access is required. An
766 explanation follows, worded in a form that can be displayed to the user.
767 ERROR + NO_SUCH_USER - The specified recipient does not exist.
770 RINF (read Room INFormation file)
772 Each room has associated with it a text file containing a description of
773 the room, perhaps containing its intended purpose or other important
774 information. The info file for the Lobby> (the system's base room) is
775 often used as a repository for system bulletins and the like.
777 This command, which accepts no arguments, is simply used to read the info
778 file for the current room. It will return LISTING_FOLLOWS followed by
779 the text of the message (always in format type 0) if the request can be
780 honored, or ERROR if no info file exists for the current room (which is
781 often the case). Other error description codes may accompany this result.
783 When should this command be used? This is, of course, up to the discretion
784 of client software authors, but in Citadel it is executed in two situations:
785 the first time the user ever enters a room; and whenever the contents of the
786 file change. The latter can be determined from the result of a GOTO command,
787 which will tell the client whether the file needs to be read (see GOTO above).
790 DELE (DELEte a message)
792 Delete a message from the current room. The one argument that should be
793 passed to this command is the message number of the message to be deleted.
794 The return value will be OK if the message was deleted, or an ERROR code.
795 If the delete is successful, the message's reference count is decremented, and
796 if the reference count reaches zero, the message is removed from the message
800 MOVE (MOVE or copy a message to a different room)
802 Move a message to a different room. The two arguments that should be passed
803 to this command are the message number of the message to be deleted, and the
804 name of the target room. If the operation succeeds, the message will be
805 deleted from the current room and moved to the target room. An ERROR code
806 usually means that either the user does not have permission to perform this
807 operation, or that the target room does not exist.
809 In Citadel/UX 5.55 and above, a third argument may be specified: 0 or 1 to
810 designate whether the message should be moved (0) or copied (1) to the target
811 room. In the case of a "copy" operation, the message's reference count is
812 incremented, and a pointer to the message will exist in both the source *and*
813 target rooms. In the case of a "move" operation, the message pointer is
814 deleted from the source room and the reference count remains the same.
817 KILL (KILL current room)
819 This command deletes the current room. It accepts a single argument, which
820 should be nonzero to actually delete the room, or zero to merely check
821 whether the room can be deleted.
823 Once the room is deleted, the current room is undefined. It is suggested
824 that client software immediately GOTO another room (usually _BASEROOM_)
825 after this command completes.
827 Possible return codes:
829 OK - room has been deleted (or, if checking only, request is valid).
830 ERROR+NOT_LOGGED_IN - no user is logged in.
831 ERROR+HIGHER_ACCESS_REQUIRED - not enough access to delete rooms.
832 ERROR+NOT_HERE - this room can not be deleted.
835 CRE8 (CRE[ate] a new room)
837 This command is used to create a new room. Like some of the other
838 commands, it provides a mechanism to first check to see if a room can be
839 created before actually executing the command. CRE8 accepts the following
842 0 - Create flag. Set this to 1 to actually create the room. If it is
843 set to 0, the server merely checks that there is a free slot in which to
844 create a new room, and that the user has enough access to create a room. It
845 returns OK if the client should go ahead and prompt the user for more info,
846 or ERROR or ERROR+HIGHER_ACCESS_REQUIRED if the command will not succeed.
847 1 - Name for new room.
848 2 - Access type for new room:
850 1 - Private; can be entered by guessing the room's name
851 2 - Private; can be entered by knowing the name *and* password
852 3 - Private; invitation only (sometimes called "exclusive")
853 3 - Password for new room (if it is a type 2 room)
854 4 - Floor number on which the room should reside (optional)
855 5 - Set to 1 to avoid automatically gaining access to the created room.
857 If the create flag is set to 1, the room is created (unless something
858 went wrong and an ERROR return is sent), and the server returns OK, but
859 the session is **not** automatically sent to that room. The client still
860 must perform a GOTO command to go to the new room.
863 FORG (FORGet the current room)
865 This command is used to forget (zap) the current room. For those not
866 familiar with Citadel, this terminology refers to removing the room from
867 a user's own known rooms list, *not* removing the room itself. After a
868 room is forgotten, it no longer shows up in the user's known room list,
869 but it will exist in the user's forgotten room list, and will return to the
870 known room list if the user goes to the room (in Citadel, this is
871 accomplished by explicitly typing the room's name in a <.G>oto command).
873 The command takes no arguments. If the command cannot execute for any
874 reason, ERROR will be returned. ERROR+NOT_LOGGED_IN or ERROR+NOT_HERE may
875 be returned as they apply.
877 If the command succeeds, OK will be returned. At this point, the current
878 room is **undefined**, and the client software is responsible for taking
879 the user to another room before executing any other room commands (usually
880 this will be _BASEROOM_ since it is always there).
883 MESG (read system MESsaGe)
885 This command is used to display system messages and/or help files. The
886 single argument it accepts is the name of the file to display. IT IS CASE
887 SENSITIVE. Citadel/UX looks for these files first in the "messages"
888 subdirectory and then in the "help" subdirectory.
890 If the file is found, LISTING_FOLLOWS is returned, followed by a pathname
891 to the file being displayed. Then the message is printed, in format type 0
892 (see MSG0 command for more information on this). If the file is not found,
895 There are some "well known" names of system messages which client software
896 may expect most servers to carry:
898 hello - Welcome message, to be displayed before the user logs in.
899 changepw - To be displayed whenever the user is prompted for a new
900 password. Warns about picking guessable passwords and such.
901 register - Should be displayed prior to the user entering registration.
902 Warnings about not getting access if not registered, etc.
903 help - Main system help file.
904 goodbye - System logoff banner; display when user logs off.
905 roomaccess - Information about how public rooms and different types of
906 private rooms function with regards to access.
907 unlisted - Tells users not to choose to be unlisted unless they're
908 really paranoid, and warns that aides can still see
909 unlisted userlog entries.
911 Citadel/UX provides these for the Citadel/UX Unix text client. They are
912 probably not very useful for other clients:
914 mainmenu - Main menu (when in idiot mode).
919 saveopt - Options to save a message, abort, etc.
920 entermsg - Displayed just before a message is entered, when in
924 GNUR (Get Next Unvalidated User)
926 This command shows the name of a user that needs to be validated. If there
927 are no unvalidated users, OK is returned. Otherwise, MORE_DATA is returned
928 along with the name of the first unvalidated user the server finds. All of
929 the usual ERROR codes may be returned as well (for example, if the user is
930 not an Aide and cannot validate users).
932 A typical "Validate New Users" command would keep executing this command,
933 and then validating each user it returns, until it returns OK when all new
934 users have been validated.
937 GREG (Get REGistration for user)
939 This command retrieves the registration info for a user, whose name is the
940 command's sole argument. All the usual error messages can be returned. If
941 the command succeeds, LISTING_FOLLOWS is returned, followed by the user's name
942 (retrieved from the userlog, with the right upper and lower case etc.) The
943 contents of the listing contains one field per line, followed by the usual
944 000 on the last line.
946 The following lines are defined. Others WILL be added in the futre, so all
947 software should be written to read the lines it knows about and then ignore
953 Line 4: Street address or PO Box
954 Line 5: City/town/village/etc.
955 Line 6: State/province/etc.
957 Line 8: Telephone number
959 Line 10: Internet e-mail address
962 Users without Aide privileges may retrieve their own registration using
963 this command. This can be accomplished either by passing the user's own
964 name as the argument, or the string "_SELF_". The command will always
965 succeed when used in this manner, unless no user is logged in.
970 This command is used to validate users. Obviously, it can only be executed
971 by users with Aide level access. It should be passed two parameters: the
972 name of the user to validate, and the desired access level
974 If the command succeeds, OK is returned. The user's access level is changed
975 and the "need validation" bit is cleared. If the command fails for any
976 reason, ERROR, ERROR+NO_SUCH_USER, or ERROR+HIGHER_ACCESS_REQUIRED will be
980 EINF (Enter INFo file for room)
982 Transmit the info file for the current room with this command. EINF uses
983 a boolean flag (1 or 0 as the first and only argument to the command) to
984 determine whether the client actually wishes to transmit a new info file, or
985 is merely checking to see if it has permission to do so.
987 If the command cannot succeed, it returns ERROR.
988 If the client is only checking for permission, and permission will be
989 granted, OK is returned.
990 If the client wishes to transmit the new info file, SEND_LISTING is
991 returned, and the client should transmit the text of the info file, ended
992 by the usual 000 on a line by itself.
997 This is a simple user listing. It always succeeds, returning
998 LISTING_FOLLOWS followed by zero or more user records, 000 terminated. The
999 fields on each line are as follows:
1004 4. Date/time of last login (Unix format)
1007 7. Password (listed only if the user requesting the list is an Aide)
1009 Unlisted entries will also be listed to Aides logged into the server, but
1010 not to ordinary users.
1013 REGI (send REGIstration)
1015 Clients will use this command to transmit a user's registration info. If
1016 no user is logged in, ERROR+NOT_LOGGED_IN is returned. Otherwise,
1017 SEND_LISTING is returned, and the server will expect the following information
1018 (terminated by 000 on a line by itself):
1021 Line 2: Street address or PO Box
1022 Line 3: City/town/village/etc.
1023 Line 4: State/province/etc.
1025 Line 6: Telephone number
1026 Line 7: e-mail address
1030 CHEK (CHEcK various things)
1032 When logging in, there are various things that need to be checked. This
1033 command will return ERROR+NOT_LOGGED_IN if no user is logged in. Otherwise
1034 it returns OK and the following parameters:
1036 0: Number of new private messages in Mail>
1037 1: Nonzero if the user needs to register
1038 2: (Relevant to Aides only) Nonzero if new users require validation
1041 DELF (DELete a File)
1043 This command deletes a file from the room's directory, if there is one. The
1044 name of the file to delete is the only parameter to be supplied. Wildcards
1045 are not acceptable, and any slashes in the filename will be converted to
1046 underscores, to prevent unauthorized access to neighboring directories. The
1047 possible return codes are:
1049 OK - Command succeeded. The file was deleted.
1050 ERROR+NOT_LOGGED_IN - Not logged in.
1051 ERROR+HIGHER_ACCESS_REQUIRED - Not an Aide or Room Aide.
1052 ERROR+NOT_HERE - There is no directory in this room.
1053 ERROR+FILE_NOT_FOUND - Requested file was not found.
1058 This command is similar to DELF, except that it moves a file (and its
1059 associated file description) to another room. It should be passed two
1060 parameters: the name of the file to move, and the name of the room to move
1061 the file to. All of the same return codes as DELF may be returned, and also
1062 one additional one: ERROR+NO_SUCH_ROOM, which means that the target room
1063 does not exist. ERROR+NOT_HERE could also mean that the target room does
1064 not have a directory.
1067 NETF (NETwork send a File)
1069 This command is similar to MOVF, except that it attempts to send a file over
1070 the network to another system. It should be passed two parameters: the name
1071 of the file to send, and the node name of the system to send it to. All of
1072 the same return codes as MOVF may be returned, except for ERROR+NO_SUCH_ROOM.
1073 Instead, ERROR+NO_SUCH_SYSTEM may be returned if the name of the target
1076 The name of the originating room will be sent along with the file. Most
1077 implementations will look for a room with the same name at the receiving end
1078 and attempt to place the file there, otherwise it goes into a bit bucket room
1079 for miscellaneous files. This is, however, beyond the scope of this document;
1080 see elsewhere for more details.
1083 RWHO (Read WHO's online)
1085 Displays a list of all users connected to the server. No error codes are
1086 ever returned. LISTING_FOLLOWS will be returned, followed by zero or more
1087 lines containing the following three fields:
1089 0 - Session ID. Citadel/UX fills this with the pid of a server program.
1091 2 - The name of the room the user is currently in. This field might not
1092 be displayed (for example, if the user is in a private room) or it might
1093 contain other information (such as the name of a file the user is
1095 3 - (server v4.03 and above) The name of the host the client is connecting
1096 from, or "localhost" if the client is local.
1097 4 - (server v4.04 and above) Description of the client software being used
1098 5 - The last time, locally to the server, that a command was received from
1099 this client (Note: NOOP's don't count)
1100 6 - The last command received from a client. (NOOP's don't count)
1101 7 - Session flags. These are: + (spoofed address), - (STEALTH mode), *
1102 (posting) and . (idle).
1103 8 - Actual user name, if user name is masqueraded and viewer is an Aide.
1104 9 - Actual room name, if room name is masqueraded and viewer is an Aide.
1105 10 - Actual host name, if host name is masqueraded and viewer is an Aide.
1107 The listing is terminated, as always, with the string "000" on a line by
1111 OPEN (OPEN a file for download)
1113 This command is used to open a file for downloading. Only one download
1114 file may be open at a time. The only argument to this command is the name
1115 of the file to be opened. The user should already be in the room where the
1116 file resides. Possible return codes are:
1119 ERROR+NOT_HERE (no directory in this room)
1120 ERROR+FILE_NOT_FOUND (could not open the file)
1124 If the file is successfully opened, OK will be returned, along with the
1125 size (in bytes) of the file, the time of last modification (if applicable),
1126 the filename (if known), and the MIME type of the file (if known).
1129 CLOS (CLOSe the download file)
1131 This command is used to close the download file. It returns OK if the
1132 file was successfully closed, or ERROR if there wasn't any file open in the
1136 READ (READ from the download file)
1138 Two arguments are passed to this command. The first is the starting position
1139 in the download file, and the second is the total number of bytes to be
1140 read. If the operation can be performed, BINARY_FOLLOWS will be returned,
1141 along with the number of bytes to follow. Then, immediately following the
1142 newline, will be that many bytes of binary data. The client *must* read
1143 exactly that number of bytes, otherwise the client and server will get out
1146 If the operation cannot be performed, any of the usual error codes will be
1150 UOPN (OPeN a file for Uploading)
1152 This command is similar to OPEN, except that this one is used when the
1153 client wishes to upload a file to the server. The first argument is the name
1154 of the file to create, and the second argument is a one-line comment
1155 describing the contents of the file. Only one upload file may be open at a
1156 time. Possible return codes are:
1159 ERROR+NOT_HERE (no directory in this room)
1160 ERROR+FILE_NOT_FOUND (a name must be specified)
1161 ERROR (miscellaneous errors)
1162 ERROR+ALREADY_EXISTS (a file with the same name already exists)
1165 If OK is returned, the command has succeeded and writes may be performed.
1168 UCLS (CLoSe the Upload file)
1170 Close the file opened with UOPN. An argument of "1" should be passed to
1171 this command to close and save the file; otherwise, the transfer will be
1172 considered aborted and the file will be deleted. This command returns OK
1173 if the operation succeeded or ERROR if it did not.
1176 WRIT (WRITe to the upload file)
1178 If an upload file is open, this command may be used to write to it. The
1179 argument passed to this command is the number of bytes the client wishes to
1180 transmit. An ERROR code will be returned if the operation cannot be
1183 If the operation can be performed, SEND_BINARY will be returned, followed
1184 by the number of bytes the server is expecting. The client must then transmit
1185 exactly that number of bytes. Note that in the current implementation, the
1186 number of bytes the server is expecting will always be the number of bytes
1187 the client requested to transmit, but the client software should never assume
1188 that this will always happen, in case changes are made later.
1191 QUSR (Query for a USeR)
1193 This command is used to check to see if a particular user exists. The only
1194 argument to this command is the name of the user being searched for. If
1195 the user exists, OK is returned, along with the name of the user in the userlog
1196 (so the client software can learn the correct upper/lower casing of the name
1197 if necessary). If the user does not exist, ERROR+NO_SUCH_USER is returned.
1198 No login or current room is required to utilize this command.
1201 OIMG (Open an IMaGe file)
1203 Open an image (graphics) file for downloading. Once opened, the file can be
1204 read as if it were a download file. This implies that an image and a download
1205 cannot be opened at the same time. OIMG returns the same result codes as OPEN.
1207 All images will be in GIF (Graphics Interchange Format). In the case of
1208 Citadel/UX, the server will convert the supplied filename to all lower case,
1209 append the characters ".gif" to the filename, and look for it in the "images"
1210 subdirectory. As with the MESG command, there are several "well known"
1211 images which are likely to exist on most servers:
1213 hello - "Welcome" graphics to be displayed alongside MESG "hello"
1214 goodbye - Logoff banner graphics to be displayed alongside MESG "goodbye"
1215 background - Background image (usually tiled) for graphical clients
1217 The following "special" image names are defined in Citadel/UX server version
1220 _userpic_ - Picture of a user (send the username as the second argument)
1221 _floorpic_ - A graphical floor label (send the floor number as the second
1222 argument). Clients which request a floor picture will display
1223 the picture *instead* of the floor name.
1224 _roompic_ - A graphic associated with the *current* room. Clients which
1225 request a room picture will display the picture in *addition*
1226 to the room name (i.e. it's used for a room banner, as
1227 opposed to the floor picture's use in a floor listing).
1230 NETP (authenticate as network session with system NET Password)
1232 This command is used by client software to identify itself as a transport
1233 session for IGnet/Open BBS to BBS networking. It should be called with
1234 two arguments: the node name of the calling system, and the system net
1235 password for the server. If the authentication succeeds, NETP will return
1236 OK, otherwise, it returns ERROR.
1239 NUOP (Network Upload OPen file)
1241 Open a network spool file for uploading. The client must have already
1242 identified itself as a network session using the NETP command. If the command
1243 returns OK, the client may begin transmitting IGnet/Open spool data using
1244 a series of WRIT commands. When a UCLS command is issued, the spooled data
1245 is entered into the BBS if the argument to UCLS is 1 or discarded if the
1246 argument to UCLS is 0. If the client has not authenticated itself with a
1247 NETP command, ERROR+HIGHER_ACCESS_REQUIRED will be returned.
1250 NDOP (Network Download OPen file)
1252 Open a network spool file for downloading. The client must have already
1253 identified itself as a network session using the NETP command. If the command
1254 returns OK, the client may begin receiving IGnet/Open spool data using
1255 a series of READ commands. When a CLOS command is issued, the spooled data
1256 is deleted from the server and may not be read again. If the client has not
1257 authenticated itself with a NETP command, ERROR+HIGHER_ACCESS_REQUIRED will
1261 LFLR (List all known FLooRs)
1263 On systems supporting floors, this command lists all known floors. The
1264 command accepts no parameters. It will return ERROR+NOT_LOGGED_IN if no
1265 user is logged in. Otherwise it returns LISTING_FOLLOWS and a list of
1266 the available floors, each line consisting of three fields:
1268 1. The floor number associated with the floor
1269 2. The name of the floor
1270 3. Reference count (number of rooms on this floor)
1273 CFLR (Create a new FLooR)
1275 This command is used to create a new floor. It should be passed two
1276 arguments: the name of the new floor to be created, and a 1 or 0 depending
1277 on whether the client is actually creating a floor or merely checking to
1278 see if it has permission to create the floor. The user must be logged in
1279 and have Aide privileges to create a floor.
1281 If the command succeeds, it will return OK followed by the floor number
1282 associated with the new floor. Otherwise, it will return ERROR (plus perhaps
1283 HIGHER_ACCESS_REQUIRED, ALREADY_EXISTS, or INVALID_FLOOR_OPERATION)
1284 followed by a description of why the command failed.
1289 This command is used to delete a floor. It should be passed two
1290 argument: the *number* of the floor to be deleted, and a 1 or 0 depending
1291 on whether the client is actually deleting the floor or merely checking to
1292 see if it has permission to delete the floor. The user must be logged in
1293 and have Aide privileges to delete a floor.
1295 Floors that contain rooms may not be deleted. If there are rooms on a floor,
1296 they must be either deleted or moved to different floors first. This implies
1297 that the Main Floor (floor 0) can never be deleted, since Lobby>, Mail>, and
1298 Aide> all reside on the Main Floor and cannot be deleted.
1300 If the command succeeds, it will return OK. Otherwise it will return
1301 ERROR (plus perhaps HIGHER_ACCESS_REQUIRED or INVALID_FLOOR_OPERATION)
1302 followed by a description of why the command failed.
1307 Edit the parameters of a floor. The client may pass one or more parameters
1310 1. The number of the floor to be edited
1311 2. The desired new name
1313 More parameters may be added in the future. Any parameters not passed to
1314 the server will remain unchanged. A minimal command would be EFLR and a
1315 floor number -- which would do nothing. EFLR plus the floor number plus a
1316 floor name would change the floor's name.
1318 If the command succeeds, it will return OK. Otherwise it will return
1319 ERROR (plus perhaps HIGHER_ACCESS_REQUIRED or INVALID_FLOOR_OPERATION)
1322 IDEN (IDENtify the client software)
1324 The client software has the option to identify itself to the server.
1325 Currently, the server does nothing with this information except to write
1326 it to the syslog to satisfy the system administrator's curiosity. Other
1327 uses might become apparent in the future.
1329 The IDEN command should contain five fields: a developer ID number (same as
1330 the server developer ID numbers in the INFO command -- please obtain one if
1331 you are a new developer), a client ID number (which does not have to be
1332 globally unique - only unique within the domain of the developer number),
1333 a version number, a free-form text string describing the client, and the name
1334 of the host the user is located at.
1336 It is up to the server to determine whether to accept the host name or to
1337 use the host name it has detected itself. Generally, if the client is
1338 running on a trusted host (either localhost or a well-known publically
1339 accessible client) it should use the host name transmitted by IDEN,
1340 otherwise it should use the host name it has detected itself.
1342 IDEN always returns OK, but since that's the only way it ever returns
1343 there's no point in checking the result code.
1346 IPGM (identify as an Internal ProGraM)
1348 IPGM is a low-level command that should not be used by normal user clients.
1349 It is used for various utilities to communicate with the server on the same
1350 host. For example, the "sendcommand" utility logs onto the server as an
1351 internal program in order to run arbitrary server commands. Since user clients
1352 do not utilize this command (or any of its companion commands), developers
1353 writing Citadel-compatible servers need not implement it.
1355 The sole argument to IPGM is the system's internal program password. This
1356 password is generated by the setup program and stored in the config file.
1357 Since internal programs have access to the config file, they know the correct
1360 IPGM returns OK for a correct authentication or ERROR otherwise.
1363 CHAT (enter CHAT mode)
1365 This command functions differently from every other command in the system. It
1366 is used to implement multi-user chat. For this to function, a new transfer
1367 mode, called START_CHAT_MODE, is implemented. If a client does not support
1368 chat mode, it should never send a CHAT command!
1370 In chat mode, messages may arrive asynchronously from the server at any
1371 time. The client may send messages at any time. This allows the arrival of
1372 messages without the client having to poll for them. Arriving messages will
1373 be of the form "user|message", where the "user" portion is, of course, the
1374 name of the user sending the message, and "message" is the message text.
1376 Chat mode ends when the server says it ends. The server will signal the end
1377 of chat mode by transmitting "000" on a line by itself. When the client reads
1378 this line, it must immediately exit from chat mode without sending any
1379 further traffic to the server. The next transmission sent to the server
1380 will be a regular server command.
1382 The Citadel/UX server understands the following commands:
1383 /quit - Exit from chat mode (causes the server to do an 000 end)
1384 /who - List users currently in chat
1385 /whobbs - List users currently in chat and on the bbs
1386 /me - Do an irc-style action.
1387 /join - Join a new "room" in which all messages are only heard by
1388 people in that room.
1389 /msg - /msg <user> <msg> will send the msg to <user> only.
1390 /help - Print help information
1391 NOOP - Do nothing (silently)
1393 Any other non-empty string is treated as message text and will be broadcast
1394 to other users currently in chat.
1397 SEXP (Send EXPress messages)
1399 This is one of two commands which implement "express messages" (also known
1400 as "paging"). An express message is a near-real-time message sent from one
1401 logged in user to another. When an express message is sent, it will be
1402 displayed the next time the target user executes a PEXP or GEXP command.
1404 The SEXP command accepts two arguments: the name of the user to send the
1405 message to, and the text of the message. If the message is successfully
1406 transmitted, OK is returned. If the target user is not logged in or if
1407 anything else goes wrong, ERROR is returned.
1409 If the server supports extended paging, sending a zero-length message
1410 merely checks for the presence of the requested user without actually sending
1411 a message. Sending a message consisting solely of a "-" (hyphen) will cause
1412 the server to return SEND_LISTING if the requested user is logged in, and the
1413 client can then transmit a multi-line page.
1415 The reserved name "broadcast" may be used instead of a user name, to
1416 broadcast an express message to all users currently connected to the server.
1418 Do be aware that if an express message is transmitted to a user who is logged
1419 in using a client that does not check for express messages, the message will
1423 PEXP (Print EXPress messages) ***DEPRECATED***
1425 This command is deprecated; it will eventually disappear from the protocol and
1426 its use is not recommended. Please use the GEXP command instead.
1428 Called without any arguments, PEXP simply dumps out the contents
1429 of any waiting express messages. It returns ERROR if there is a problem,
1430 otherwise it returns LISTING_FOLLOWS followed by all messages.
1432 So how does the client know there are express messages waiting? It could
1433 execute a random PEXP every now and then. Or, it can check the byte in
1434 server return code messages, between the return code and the parameters. In
1435 much the same way as FTP uses "-" to signify a continuation, Citadel uses
1436 an "*" in this position to signify the presence of waiting express messages.
1439 EBIO (Enter BIOgraphy)
1441 Transmit to the server a free-form text file containing a little bit of
1442 information about the user for other users to browse. This is typically
1443 referred to as a 'bio' online. EBIO returns SEND_LISTING if it succeeds,
1444 after which the client is expected to transmit the file, or any of the usual
1445 ERROR codes if it fails.
1448 RBIO (Read BIOgraphy)
1450 Receive from the server a named user's bio. This command should be passed
1451 a single argument - the name of the user whose bio is requested. RBIO returns
1452 LISTING_FOLLOWS plus the bio file if the user exists and has a bio on file.
1453 The return has the following parameters: the user name, user number, access
1454 level, date of last call, times called, and messages posted. This command
1455 returns ERROR+NO_SUCH_USER if the named user does not exist.
1457 RBIO no longer considers a user with no bio on file to be an error condition.
1458 It now returns a message saying the user has no bio on file as the text of the
1459 bio. This allows newer servers to operate with older clients.
1462 STEL (enter STEaLth mode)
1464 When in "stealth mode," a user will not show up in the "Who is online"
1465 listing (the RWHO server command). Only Aides may use stealth mode. The
1466 STEL command accepts one argument: a 1 indicating that the user wishes to
1467 enter stealth mode, or a 0 indicating that the user wishes to exit stealth
1468 mode. STEL returns OK if the command succeeded, ERROR+NOT_LOGGED_IN if no
1469 user is logged in, or ERROR+HIGHER_ACCESS_REQUIRED if the user is not an Aide;
1470 followed by a 1 or 0 indicating the new state.
1472 If any value other than 1 or 0 is sent by the client, the server simply
1473 replies with 1 or 0 to indicate the current state without changing it.
1475 The STEL command also makes it so a user does not show up in the chat room
1479 LBIO (List users who have BIOs on file)
1481 This command is self-explanatory. Any user who has used EBIO to place a bio
1482 on file is listed. LBIO almost always returns LISTING_FOLLOWS followed by
1483 this listing, unless it experiences an internal error in which case ERROR
1487 MSG2 (read MeSsaGe, mode 2)
1489 MSG2 follows the same calling convention as MSG0. The difference between
1490 the two commands is that MSG2 outputs messages in standard RFC822 format
1491 rather than in Citadel/UX proprietary format.
1493 This command was implemented in order to make various gateway programs
1494 easier to implement, and to provide some sort of multimedia support in the
1495 future. Keep in mind that when this command is used, all messages will be
1496 output in fixed 80-column format.
1499 MSG3 (read MeSsaGe, mode 3 -- internal command)
1501 MSG3 is for use by internal programs only and should not be utilized by
1502 user-mode clients. It does require IPGM authentication. MSG3 follows the
1503 same calling convention as the other MSG commands, but upon success returns
1504 BINARY_FOLLOWS followed by a data block containing the _raw_ message format
1508 TERM (TERMinate another session)
1510 In a multithreaded environment, it sometimes becomes necessary to terminate
1511 a session that is unusable for whatever reason. The TERM command performs
1512 this task. Naturally, only Aides can execute TERM. The command should be
1513 called with a single argument: the session ID (obtained from an RWHO command)
1514 of the session to be terminated.
1516 TERM returns OK if the session was terminated, or ERROR otherwise. Note that
1517 a client program is prohibited from terminating the session it is currently
1523 DOWN (shut DOWN the server)
1525 This command, which may only be executed by an Aide, immediately shuts down
1526 the server. It is only implemented on servers on which such an operation is
1527 possible, such as a multithreaded Citadel engine. The server does not restart.
1528 DOWN returns OK if the user is allowed to shut down the server, in which case
1529 the client program should expect the connection to be immediately broken.
1532 SCDN (Schedule or Cancel a shutDowN)
1534 SCDN sets or clears the "scheduled shutdown" flag. Pass this command a 1 or
1535 0 to respectively set or clear the flag. When the "scheduled shutdown" flag is
1536 set, the server will be shut down when there are no longer any users logged in.
1537 Any value other than 0 or 1 will not change the flag, only report its state.
1538 No users will be kicked off the system, and in fact the server is still
1539 available for new connections. The command returns ERROR if it fails;
1540 otherwise, it returns OK followed by a number representing the current state
1544 EMSG (Enter a system MeSsaGe)
1546 This is the opposite of the MESG command - it allows the creation and editing
1547 of system messages. The only argument passed to EMSG is the name of the
1548 file being transmitted. If the file exists in any system message directory
1549 on the server it will be overwritten, otherwise a new file is created. EMSG
1550 returns SEND_LISTING on success or ERROR+HIGHER_ACCESS_REQUIRED if the user
1553 Typical client software would use MESG to retrieve any existing message into
1554 an edit buffer, then present an editor to the user and run EMSG if the changes
1558 UIMG (Upload an IMaGe file)
1560 UIMG is complemenary to OIMG; it is used to upload an image to the server.
1561 The first parameter supplied to UIMG should be 0 if the client is only checking
1562 for permission to upload, or 1 if the client is actually attempting to begin
1563 the upload operation. The second argument is the name of the file to be
1564 transmitted. In Citadel/UX, the filename is converted to all lower case,
1565 appended with the characters ".gif", and stored in the "images" directory.
1567 UIMG returns OK if the client has permission to perform the requested upload,
1568 or ERROR+HIGHER_ACCESS_REQUIRED otherwise. If the client requested to begin
1569 the operation (first parameter set to 1), an upload file is opened, and the
1570 client should begin writing to it with WRIT commands, then close it with a
1573 The supplied filename should be one of:
1575 -> _userpic_ (Server will attempt to write to the user's online photo)
1576 -> Any of the "well known" filenames described in the writeup for the
1580 HCHG (Hostname CHanGe)
1582 HCHG is a command, usable by any user, that allows a user to change their RWHO
1583 host value. This will mask a client's originating hostname from normal
1584 users; access level 6 and higher can see, in an extended wholist, the actual
1585 hostname the user originates from.
1587 The format of an HCHG command is:
1591 If a HCHG command is successful, the value OK (200) is returned.
1594 RCHG (Roomname CHanGe)
1596 RCHG is a command, usable by any user, that allows a user to change their RWHO
1597 room value. This will mask a client's roomname from normal users; access
1598 level 6 and higher can see, in an extended wholist, the actual room the user
1601 The format of an RCHG command is:
1605 If a RCHG command is successful, the value OK (200) is returned.
1608 UCHG (Username CHanGe)
1610 UCHG is an aide-level command which allows an aide to effectively change their
1611 username. If this value is blank, the user goes into stealth mode (see
1613 will show up as being from the real username in this mode, however. In
1614 addition, the RWHO listing will include both the spoofed and real usernames.
1616 The format of an UCHG command is:
1620 If a UCHG command is successful, the value OK (200) is returned.
1623 TIME (get server local TIME)
1625 TIME returns OK followed by the current time measured in seconds since
1626 00:00:00 GMT, Jan 1, 1970 (standard Unix format).
1628 This is used in allowing a client to calculate idle times.
1631 AGUP (Administrative Get User Parameters)
1632 ASUP (Administrative Set User Parameters)
1634 These commands are only executable by Aides and by server extensions running
1635 at system-level. They are used to get/set any and all parameters relating to
1636 a user account. AGUP requires only one argument: the name of the user in
1637 question. SGUP requires all of the parameters to be set. The parameters are
1638 as follows, and are common to both commands:
1642 2 - Flags (see citadel.h)
1647 7 - Timestamp of last call
1648 8 - Purge time (in days) for this user (or 0 to use system default)
1650 Upon success, AGUP returns OK followed by all these parameters, and ASUP
1651 simply returns OK. If the client has insufficient access to perform the
1652 requested operation, ERROR+HIGHER_ACCESS_REQUIRED is returned. If the
1653 requested user does not exist, ERROR+NO_SUCH_USER is returned.
1657 GPEX (Get Policy for message EXpiration)
1659 Returns the policy of the current room, floor, or site regarding the automatic
1660 purging (expiration) of messages. The following policies are available:
1661 0 - Fall back to the policy of the next higher level. If this is a room,
1662 use the floor's default policy. If this is a floor, use the system
1663 default policy. This is an invalid value for the system policy.
1664 1 - Do not purge messages automatically.
1665 2 - Purge by message count. (Requires a value: number of messages)
1666 3 - Purge by message age. (Requires a value: number of days)
1668 The format of this command is: GPEX <which>
1669 The value of <which> must be one of: "room" "floor" "site"
1671 If successful, GPEX returns OK followed by <policy>|<value>.
1675 SPEX (Set Policy for message EXpiration)
1677 Sets the policy of the current room, floor, or site regarding the automatic
1678 purging (expiration) of messages. See the writeup for the GPEX command for
1679 the list of available policies.
1681 The format of this command is: SPEX <which>|<policy>|<value>
1682 The value of <which> must be one of: "room" "floor" "site"
1684 If successful, GPEX returns OK; otherwise, an ERROR code is returned.
1688 CONF (get or set global CONFiguration options)
1690 Retrieves or sets various system-wide configuration and policy options. This
1691 command is only available to Aides. The sole parameter accepted is a command,
1692 which should be either GET or SET. If the GET command succeeds, CONF will
1693 return LISTING_FOLLOWS followed by the fields described below, one line at a
1694 time. If the SET command succeeds, CONF will return SEND_LISTING and expect
1695 the fields described below, one line at a time (don't worry about other fields
1696 being added in the future; if a 'short' configuration list is sent, the missing
1697 values at the end will be left unchanged on the system). If either command
1698 fails for any reason, ERROR is returned.
1700 The configuration lines are as follows:
1703 2. Fully qualified domain name
1704 3. Human-readable node name
1705 4. Landline telephone number of this system
1706 5. Flag (0 or 1) - creator of private room automatically becomes room aide
1707 6. Server connection idle timeout (in seconds)
1708 7. Initial access level for new users
1709 8. Flag (0 or 1) - require registration for new users
1710 9. Flag (0 or 1) - automatically move Problem User messages to twit room
1711 10. Name of twit room
1712 11. Text of <more> prompt
1713 12. Flag (0 or 1) - restrict access to Internet mail
1714 13. Geographic location of this system
1715 14. Name of the system administrator
1716 15. Number of maximum concurrent sessions allowed on the server
1717 16. Password for server-to-server networking
1718 17. Default purge time (in days) for users
1719 18. Default purge time (in days) for rooms
1720 19. Name of room to log express messages to (or a zero-length name for none)
1721 20. Access level required to create rooms
1722 21. Maximum message length which may be entered into the system
1723 22. Minimum number of worker threads
1724 23. Maximum number of worker threads
1725 24. Port number for POP3 service
1726 25. Port number for SMTP service
1728 27. Flag (0 or 1) - allow Aides to zap (forget) rooms
1729 28. Port number for IMAP service
1730 29. How often (in seconds) to run the networker
1732 CONF also accepts two additional commands: GETSYS and PUTSYS followed by an
1733 arbitrary MIME type (such as application/x-citadel-internet-config) which
1734 provides a means of storing generic configuration data in the Global System
1735 Configuration room without the need to add extra get/set commands to the
1739 EXPI (EXPIre system objects)
1741 Begins purge operations for objects which, according to site policy, are
1742 "old" and should be removed. EXPI should be called with one argument, one of:
1744 "messages" (purge old messages out of each room)
1745 "users" (purge old users from the userlog)
1746 "rooms" (remove rooms which have not been posted in for some time)
1747 "visits" (purge dereferenced user/room relationship records)
1749 EXPI returns OK (probably after a long delay while it does its work) if it
1750 succeeds; otherwise it returns an ERROR code.
1752 This command is probably temporary, until we can work some sort of scheduler
1753 into the system. It is implemented in the serv_expire module.
1757 MSG4 (read MeSsaGe, mode 4 -- output in preferred MIME format)
1759 This is the equivalent of MSG0, except it's a bit smarter about messages in
1760 rich text formats. Immediately following the "text" directive, the server
1761 will output RFC822-like MIME part headers such as "Content-type:" and
1762 "Content-length:". MIME formats are chosen and/or converted based on the
1763 client's preferred format settings, which are set using the MSGP command,
1768 MSGP (set MeSsaGe Preferred MIME format)
1770 Client tells the server what MIME content types it knows how to handle, and
1771 the order in which it prefers them. This is similar to an HTTP "Accept:"
1774 The parameters to a MSGP command are the client's acceptable MIME content
1775 types, in the order it prefers them (from most preferred to least preferred).
1776 For example: MSGP text/html|text/plain
1778 The MSGP command always returns OK.
1782 OPNA (OPeN Attachment)
1784 Opens, as a download file, a component of a MIME-encoded message. The two
1785 parameters which must be passed to this command are the message number and the
1786 name of the desired section. If the message or section does not exist, an
1787 appropriate ERROR code will be returned; otherwise, if the open is successful,
1788 this command will succeed returning the same information as an OPEN command.
1791 GEXP (Get EXPress messages)
1793 This is a more sophisticated way of retrieving express messages than the old
1794 PEXP method. If there are no express messages waiting, PEXP returns ERROR;
1795 otherwise, it returns LISTING_FOLLOWS and the following arguments:
1797 0 - a boolean value telling the client whether there are any additional
1798 express messages waiting following this one
1799 1 - a Unix-style timestamp
1800 2 - flags (see server.h for more info)
1801 3 - the name of the sender
1802 4 - the node this message originated on (for future support of PIP, ICQ, etc.)
1804 The text sent to the client will be the body of the express message.
1806 So how does the client know there are express messages waiting? It could
1807 execute a random GEXP every now and then. Or, it can check the byte in
1808 server return code messages, between the return code and the parameters. In
1809 much the same way as FTP uses "-" to signify a continuation, Citadel uses
1810 an "*" in this position to signify the presence of waiting express messages.
1813 FSCK (check message base reference counts)
1815 Verify, via the long way, that all message referenmce counts are correct. If
1816 the user has permission to do this then LISTING_FOLLOWS is returned, followed
1817 by a transcript of the run. Otherwise ERROR is returned.
1820 DEXP (Disable EXPress messages)
1822 DEXP sets or clears the "disable express messages" flag. Pass this command a
1823 1 or 0 to respectively set or clear the flag. When the "disable express
1824 messages" flag is set, no one except Aides may send the user express messages.
1825 Any value other than 0 or 1 will not change the flag, only report its state.
1826 The command returns ERROR if it fails; otherwise, it returns OK followed by a
1827 number representing the current state of the flag.
1830 REQT (REQuest client Termination)
1832 Request that the specified client (or all clients) log off. Aide level
1833 access is required to run this command, otherwise ERROR+HIGHER_ACCESS_REQUIRED
1836 The REQT command accepts one parameter: the session ID of the client which
1837 should be terminated, or 0 for all clients. When successful, the REQT command
1840 It should be noted that REQT simply transmits an express message to the
1841 specified client(s) with the EM_GO_AWAY flag set. Older clients do not honor
1842 this flag, and it is certainly possible for users to re-program their client
1843 software to ignore it. Therefore the effects of the REQT command should be
1844 considered advisory only. The recommended implementation practice is to first
1845 issue a REQT command, then wait a little while (from 30 seconds up to a few
1846 minutes) for well-behaved clients to voluntarily terminate, and then issue a
1847 TERM command to forcibly disconnect the client (or perhaps a DOWN command, if
1848 you are logging off users for the purpose of shutting down the server).
1851 SEEN (set or clear the SEEN flag for a message)
1853 Beginning with version 5.80, Citadel supports the concept of setting or
1854 clearing the "seen" flag for each individual message, instead of only allowing
1855 a "last seen" pointer. In fact, the old semantics are implemented in terms
1856 of the new semantics. This command requires two arguments: the number of the
1857 message to be set, and a 1 or 0 to set or clear the "seen" bit.
1859 This command returns OK, unless the user is not logged in or a usage error
1860 occurred, in which case it returns ERROR. Please note that no checking is
1861 done on the supplied data; if the requested message does not exist, the SEEN
1862 command simply returns OK without doing anything.
1865 GTSN (GeT the list of SeeN messages)
1867 This command retrieves the list of "seen" (as opposed to unread) messages for
1868 the current room. It returns OK followed by an IMAP-format message list.
1871 SMTP (utility commands for the SMTP gateway)
1873 This command, accessible only by Aides, supports several utility operations
1874 which examine or manipulate Citadel's SMTP support. The first command argument
1875 is a subcommand telling the server what to do. The following subcommands are
1878 SMTP mx|hostname (display all MX hosts for 'hostname')
1879 SMTP runqueue (attempt immediate delivery of all messages
1880 in the outbound SMTP queue, ignoring any
1881 retry times stored there)
1884 STLS (Start Transport Layer Security)
1886 This command starts TLS on the current connection. The current
1887 implementation uses OpenSSL on both the client and server end. For future
1888 compatibility all clients must support at least TLSv1, and servers are
1889 guaranteed to support TLSv1. During TLS negotiation (see below) the server
1890 and client may agree to use a different protocol.
1892 The server returns ERROR if it does not support SSL or SSL initialization
1893 failed on the server; otherwise it returns OK. Once the server returns OK and
1894 the client has read the response, the server and client immediately negotiate
1895 TLS (in OpenSSL, using SSL_connect() on the client and SSL_accept() on the
1896 server). If negotiation fails, the server and client should attempt to resume
1897 the session unencrypted. If either end is unable to resume the session, the
1898 connection should be closed.
1900 This command may be run at any time.
1903 GTLS (Get Transport Layer Security Status)
1905 This command returns information about the current connection. The server
1906 returns OK plus several parameters if the connection is encrypted, and ERROR
1907 if the connection is not encrypted. It is primarily used for debugging. The
1908 command may be run at any time.
1910 0 - Protocol name, e.g. "SSLv3"
1911 1 - Cipher suite name, e.g. "ADH-RC4-MD5"
1912 2 - Cipher strength bits, e.g. 128
1913 3 - Cipher strength bits actually in use, e.g. 128
1916 IGAB (Initialize Global Address Book)
1918 This command creates, or re-creates, a database of Internet e-mail addresses
1919 using the vCard information in the Global Address Book room. This procedure
1920 is normally run internally when the server determines it necessary, but is
1921 also provided as a server command to be used as a troubleshooting/maintenenance
1922 tool. Only a system Aide can run the command. It returns OK on success or
1926 QDIR (Query global DIRectory)
1928 Look up an internet address in the global directory. Any logged-in user may
1929 call QDIR with one parameter, the Internet e-mail address to look up. QDIR
1930 returns OK followed by a Citadel address if there is a match, otherwise it
1931 returns ERROR+NOT_LOGGED_IN.
1934 VIEW (set the VIEW for a room)
1936 Set the preferred view for the current user in the current room. Please see
1937 views.txt for more information on views. The sole parameter for this command
1938 is the type of view requested. VIEW returns OK on success or ERROR on failure.
1941 QNOP (Quiet No OPeration)
1943 This command does nothing, similar to the NOOP command. However, unlike the
1944 NOOP command, it returns *absolutely no response* at all. The client has no
1945 way of knowing that the command executed. It is intended for sending
1946 "keepalives" in situations where a full NOOP would cause the client protocol
1949 Naturally, sending this command to a server that doesn't support it is an
1950 easy way to mess things up. Therefore, client software should first check
1951 the output of an INFO command to ensure that the server supports quiet noops.
1955 MRTG (Multi Router Traffic Grapher)
1957 Multi Router Traffic Grapher (please see http://www.mrtg.org for more info) is
1958 a tool which creates pretty graphs of network activity, usually collected from
1959 routers using SNMP. However, its ability to call external scripts has spawned
1960 a small community of people using it to graph anything which can be graphed.
1961 The MRTG command can output Citadel server activity in the format MRTG expects.
1963 This format is as follows:
1968 Line 3: uptime of system
1969 Line 4: name of system
1972 MRTG accepts two different keywords. "MRTG users" will return two variables,
1973 the number of connected users and the number of active users. "MRTG messages"
1974 will return one variable (and a zero in the second field), showing the current
1975 highest message number on the system. Any other keyword, or a missing keyword,
1976 will cause the MRTG command to return an ERROR code.
1978 Please get in touch with the Citadel developers if you wish to experiment with
1983 ASYN (ASYNchronous message support)
1985 Negotiate the use of asynchronous, or unsolicited, protocol messages. The
1986 only parameter specified should be 1 or 0 to indicate that the client can or
1987 cannot handle this type of messages. The server will reply OK followed by a
1988 1 or 0 to tell the client which mode it is now operating in.
1990 If the command is not available on the server (i.e. it returns ERROR), or
1991 if the command has not been executed by the client, it should be assumed that
1992 this mode of operation is NOT in effect.
1994 The client may also send any value other than 0 or 1 to simply cause the
1995 server to output its current state without changing it.
1997 When asynchronous protocol mode is in effect, the client MUST handle any
1998 asynchronous messages as they arrive, before doing anything else.
2003 ASYNCHRONOUS MESSAGES
2004 ---------------------
2006 When the client protocol is operating in asynchronous mode (please refer to
2007 the writeup of the ASYN command above), the following messages may arrive at
2011 901 (express message arriving)
2013 There is an express message intended for this client. When the client
2014 receives this message, it MUST act as if it just sent a GEXP command (the data
2015 following the 901 message WILL be a LISTING_FOLLOWS data transfer; in fact,
2016 the current implementation simply executes a GEXP command internally).