citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3
   4 #include <stdlib.h>
   5 #include <unistd.h>
   6 #include <stdio.h>
   7 #include <fcntl.h>
   8 #include <signal.h>
   9 #include <pwd.h>
  10 #include <sys/types.h>
  11 #include <sys/time.h>
  12 #include <string.h>
  13 #include <syslog.h>
  14 #include <pthread.h>
  15 #include "citadel.h"
  16 #include "server.h"
  17 #include "proto.h"
  18
  19 extern struct config config;
  20
  21
  22 /*
  23  * pwcrypt()  -  simple password encryption
  24  */
  25 void pwcrypt(char *text, int code)
  26 {
  27         int a;
  28         for (a=0; a<strlen(text); ++a) text[a]=(text[a]^(((code|128)^a)&0xFF));
  29         }
  30
  31
  32 /*
  33  * hash()  -  hash table function for user lookup
  34  */
  35 int hash(char *str)
  36 {
  37         int h = 0;
  38         int i;
  39
  40         for (i=0; i<strlen(str); ++i) h=h+((i+1)*tolower(str[i]));
  41         return(h);
  42         }
  43
  44
  45 /*
  46  * getuser()  -  retrieve named user into supplied buffer.
  47  *               returns 0 on success
  48  */
  49 int getuser(struct usersupp *usbuf, char name[]) {
  50
  51         char lowercase_name[32];
  52         int a;
  53         struct cdbdata *cdbus;
  54
  55         bzero(usbuf, sizeof(struct usersupp));
  56         for (a=0; a<=strlen(name); ++a) {
  57                 lowercase_name[a] = tolower(name[a]);
  58                 }
  59
  60         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  61         if (cdbus == NULL) {    /* not found */
  62                 return(1);
  63                 }
  64
  65         memcpy(usbuf, cdbus->ptr, cdbus->len);
  66         cdb_free(cdbus);
  67         return(0);
  68         }
  69
  70
  71 /*
  72  * lgetuser()  -  same as getuser() but locks the record
  73  */
  74 int lgetuser(struct usersupp *usbuf, char *name)
  75 {
  76         int retcode;
  77
  78         retcode = getuser(usbuf,name);
  79         if (retcode == 0) {
  80                 begin_critical_section(S_USERSUPP);
  81                 }
  82         return(retcode);
  83         }
  84
  85
  86 /*
  87  * putuser()  -  write user buffer into the correct place on disk
  88  */
  89 void putuser(struct usersupp *usbuf, char *name)
  90 {
  91         char lowercase_name[32];
  92         int a;
  93
  94         for (a=0; a<=strlen(name); ++a) {
  95                 lowercase_name[a] = tolower(name[a]);
  96                 }
  97
  98         cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
  99                 usbuf, sizeof(struct usersupp));
 100
 101         }
 102
 103
 104 /*
 105  * lputuser()  -  same as putuser() but locks the record
 106  */
 107 void lputuser(struct usersupp *usbuf, char *name)
 108 {
 109         putuser(usbuf,name);
 110         end_critical_section(S_USERSUPP);
 111         }
 112
 113
 114 /*
 115  * Is the user currently logged in an Aide?
 116  */
 117 int is_aide(void) {
 118         if (CC->usersupp.axlevel >= 6) return(1);
 119         else return(0);
 120         }
 121
 122
 123 /*
 124  * Is the user currently logged in an Aide *or* the room aide for this room?
 125  */
 126 int is_room_aide(void) {
 127         if ( (CC->usersupp.axlevel >= 6)
 128                 || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
 129         else return(0);
 130         }
 131
 132 /*
 133  * getuserbynumber()  -  get user by number
 134  *                       returns 0 if user was found
 135  */
 136 int getuserbynumber(struct usersupp *usbuf, long int number)
 137 {
 138         struct cdbdata *cdbus;
 139
 140         cdb_rewind(CDB_USERSUPP);
 141
 142         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 143                 bzero(usbuf, sizeof(struct usersupp));
 144                 memcpy(usbuf, cdbus->ptr, cdbus->len);
 145                 cdb_free(cdbus);
 146                 if (usbuf->usernum == number) {
 147                         return(0);
 148                         }
 149                 }
 150         return(-1);
 151         }
 152
 153
 154 /*
 155  * USER cmd
 156  */
 157 void cmd_user(char *cmdbuf)
 158 {
 159         char username[256];
 160         char autoname[256];
 161         int found_user = 0;
 162         struct passwd *p;
 163         int a;
 164
 165         extract(username,cmdbuf,0);
 166         username[25] = 0;
 167         strproc(username);
 168
 169         if ((CC->logged_in)) {
 170                 cprintf("%d Already logged in.\n",ERROR);
 171                 return;
 172                 }
 173
 174         found_user = getuser(&CC->usersupp,username);
 175         if (found_user != 0) {
 176                 p = (struct passwd *)getpwnam(username);
 177                 if (p!=NULL) {
 178                         strcpy(autoname,p->pw_gecos);
 179                         for (a=0; a<strlen(autoname); ++a)
 180                                 if (autoname[a]==',') autoname[a]=0;
 181                         found_user = getuser(&CC->usersupp,autoname);
 182                         }
 183                 }
 184         if (found_user == 0) {
 185                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 186                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 187                         ERROR+MAX_SESSIONS_EXCEEDED,
 188                         config.c_nodename,config.c_maxsessions);
 189                         }
 190                 else {
 191                         strcpy(CC->curr_user,CC->usersupp.fullname);
 192                         cprintf("%d Password required for %s\n",
 193                                 MORE_DATA,CC->curr_user);
 194                         }
 195                 }
 196         else {
 197                 cprintf("%d %s not found.\n",ERROR,username);
 198                 }
 199         }
 200
 201
 202
 203 /*
 204  * session startup code which is common to both cmd_pass() and cmd_newu()
 205  */
 206 void session_startup(void) {
 207         int a;
 208         struct quickroom qr;
 209
 210         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 211         hook_user_login(CC->cs_pid, CC->curr_user);
 212         lgetuser(&CC->usersupp,CC->curr_user);
 213         ++(CC->usersupp.timescalled);
 214         /* <bc> */
 215         CC->fake_username[0] = '\0';
 216         CC->fake_postname[0] = '\0';
 217         CC->fake_hostname[0] = '\0';
 218         CC->fake_roomname[0] = '\0';
 219         CC->last_pager[0] = '\0';
 220         /* <bc> */
 221         time(&CC->usersupp.lastcall);
 222
 223         /* If this user's name is the name of the system administrator
 224          * (as specified in setup), automatically assign access level 6.
 225          */
 226         if (!strucmp(CC->usersupp.fullname, config.c_sysadm)) {
 227                 CC->usersupp.axlevel = 6;
 228                 }
 229
 230 /* A room's generation number changes each time it is recycled. Users are kept
 231  * out of private rooms or forget rooms by matching the generation numbers. To
 232  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 233  */
 234         for (a=0; a<MAXROOMS; ++a) {
 235                 getroom(&qr,a);
 236                 if (CC->usersupp.generation[a] != qr.QRgen)
 237                                         CC->usersupp.generation[a]=(-1);
 238                 if (CC->usersupp.forget[a] != qr.QRgen)
 239                                         CC->usersupp.forget[a]=(-1);
 240                 }
 241
 242         lputuser(&CC->usersupp,CC->curr_user);
 243
 244         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 245                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 246                 CC->usersupp.usernum);
 247         usergoto(0,0);          /* Enter the lobby */
 248         rec_log(CL_LOGIN,CC->curr_user);
 249         }
 250
 251
 252
 253 /*
 254  * misc things to be taken care of when a user is logged out
 255  */
 256 void logout(struct CitContext *who)
 257 {
 258         who->logged_in = 0;
 259         if (who->download_fp != NULL) {
 260                 fclose(who->download_fp);
 261                 who->download_fp = NULL;
 262                 }
 263         if (who->upload_fp != NULL) {
 264                 abort_upl(who);
 265                 }
 266         }
 267
 268
 269 void cmd_pass(char *buf)
 270 {
 271         char password[256];
 272         int code;
 273         struct passwd *p;
 274
 275         extract(password,buf,0);
 276
 277         if ((CC->logged_in)) {
 278                 cprintf("%d Already logged in.\n",ERROR);
 279                 return;
 280                 }
 281         if (!strcmp(CC->curr_user,"")) {
 282                 cprintf("%d You must send a name with USER first.\n",ERROR);
 283                 return;
 284                 }
 285         if (getuser(&CC->usersupp,CC->curr_user)) {
 286                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 287                 return;
 288                 }
 289
 290         code = (-1);
 291         if (CC->usersupp.USuid == BBSUID) {
 292                 strproc(password);
 293                 pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 294                 strproc(CC->usersupp.password);
 295                 code = strucmp(CC->usersupp.password,password);
 296                 pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 297                 }
 298         else {
 299                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 300 #ifdef ENABLE_AUTOLOGIN
 301                 if (p!=NULL) {
 302                         if (!strcmp(p->pw_passwd,
 303                            (char *)crypt(password,p->pw_passwd))) {
 304                                 code = 0;
 305                                 lgetuser(&CC->usersupp, CC->curr_user);
 306                                 strcpy(CC->usersupp.password, password);
 307                                 pwcrypt(CC->usersupp.password, config.c_pwcrypt);
 308                                 lputuser(&CC->usersupp, CC->curr_user);
 309                                 }
 310                         }
 311 #endif
 312                 }
 313
 314         if (!code) {
 315                 (CC->logged_in) = 1;
 316                 session_startup();
 317                 }
 318         else {
 319                 cprintf("%d Wrong password.\n",ERROR);
 320                 rec_log(CL_BADPW,CC->curr_user);
 321                 }
 322         }
 323
 324
 325 /*
 326  * purge related files when removing or overwriting a user record
 327  */
 328 void purge_user(char *pname) {
 329         char filename[64];
 330         struct usersupp usbuf;
 331         int a;
 332
 333         if (getuser(&usbuf, pname) != 0) {
 334                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 335                 return;
 336                 }
 337
 338         /* delete any messages in the user's mailbox */
 339         for (a=0; a<MAILSLOTS; ++a) {
 340                 if (usbuf.mailnum[a] > 0L) {
 341                         cdb_delete(CDB_MSGMAIN, &usbuf.mailnum[a],
 342                                         sizeof(long));
 343                         }
 344                 }
 345
 346         /* delete the userlog entry */
 347         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 348
 349         /* remove the user's bio file */
 350         sprintf(filename, "./bio/%ld", usbuf.usernum);
 351         unlink(filename);
 352
 353         /* remove the user's picture */
 354         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 355         unlink(filename);
 356
 357         }
 358
 359
 360 /*
 361  * create_user()  -  back end processing to create a new user
 362  */
 363 int create_user(char *newusername)
 364 {
 365         struct usersupp usbuf;
 366         int a;
 367         struct passwd *p = NULL;
 368         char username[64];
 369
 370         strcpy(username, newusername);
 371         strproc(username);
 372
 373 #ifdef ENABLE_AUTOLOGIN
 374         p = (struct passwd *)getpwnam(username);
 375 #endif
 376         if (p != NULL) {
 377                 strcpy(username, p->pw_gecos);
 378                 for (a=0; a<strlen(username); ++a) {
 379                         if (username[a] == ',') username[a] = 0;
 380                         }
 381                 CC->usersupp.USuid = p->pw_uid;
 382                 }
 383         else {
 384                 CC->usersupp.USuid = BBSUID;
 385                 }
 386
 387         if (!getuser(&usbuf,username)) {
 388                 return(ERROR+ALREADY_EXISTS);
 389                 }
 390
 391         strcpy(CC->curr_user,username);
 392         strcpy(CC->usersupp.fullname,username);
 393         (CC->logged_in) = 1;
 394
 395         for (a=0; a<MAXROOMS; ++a) {
 396                 CC->usersupp.lastseen[a]=0L;
 397                 CC->usersupp.generation[a]=(-1);
 398                 CC->usersupp.forget[a]=(-1);
 399                 }
 400         for (a=0; a<MAILSLOTS; ++a) {
 401                 CC->usersupp.mailnum[a]=0L;
 402                 }
 403         strcpy(CC->usersupp.password,"");
 404
 405         /* These are the default flags on new accounts */
 406         CC->usersupp.flags =
 407                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 408
 409         CC->usersupp.timescalled = 0;
 410         CC->usersupp.posted = 0;
 411         CC->usersupp.axlevel = INITAX;
 412         CC->usersupp.USscreenwidth = 80;
 413         CC->usersupp.USscreenheight = 24;
 414         time(&CC->usersupp.lastcall);
 415         strcpy(CC->usersupp.USname, "");
 416         strcpy(CC->usersupp.USaddr, "");
 417         strcpy(CC->usersupp.UScity, "");
 418         strcpy(CC->usersupp.USstate, "");
 419         strcpy(CC->usersupp.USzip, "");
 420         strcpy(CC->usersupp.USphone, "");
 421
 422         /* fetch a new user number */
 423         CC->usersupp.usernum = get_new_user_number();
 424
 425         if (CC->usersupp.usernum == 1L) {
 426                 CC->usersupp.axlevel = 6;
 427                 }
 428
 429         /* add user to userlog */
 430         putuser(&CC->usersupp,CC->curr_user);
 431         if (getuser(&CC->usersupp,CC->curr_user)) {
 432                 return(ERROR+INTERNAL_ERROR);
 433                 }
 434         rec_log(CL_NEWUSER,CC->curr_user);
 435         return(0);
 436         }
 437
 438
 439
 440
 441 /*
 442  * cmd_newu()  -  create a new user account
 443  */
 444 void cmd_newu(char *cmdbuf)
 445 {
 446         int a;
 447         char username[256];
 448
 449         if ((CC->logged_in)) {
 450                 cprintf("%d Already logged in.\n",ERROR);
 451                 return;
 452                 }
 453
 454         if ((CC->nologin)) {
 455                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 456                 ERROR+MAX_SESSIONS_EXCEEDED,
 457                 config.c_nodename,config.c_maxsessions);
 458                 }
 459
 460         extract(username,cmdbuf,0);
 461         username[25] = 0;
 462         strproc(username);
 463
 464         if (strlen(username)==0) {
 465                 cprintf("%d You must supply a user name.\n",ERROR);
 466                 return;
 467                 }
 468
 469         a = create_user(username);
 470         if ((!strucmp(username, "bbs")) ||
 471             (!strucmp(username, "new")) ||
 472             (!strucmp(username, ".")))
 473         {
 474            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 475            return;
 476         }
 477         if (a==ERROR+ALREADY_EXISTS) {
 478                 cprintf("%d '%s' already exists.\n",
 479                         ERROR+ALREADY_EXISTS,username);
 480                 return;
 481                 }
 482         else if (a==ERROR+INTERNAL_ERROR) {
 483                 cprintf("%d Internal error - user record disappeared?\n",
 484                         ERROR+INTERNAL_ERROR);
 485                 return;
 486                 }
 487         else if (a==0) {
 488                 session_startup();
 489                 }
 490         else {
 491                 cprintf("%d unknown error\n",ERROR);
 492                 }
 493         rec_log(CL_NEWUSER,CC->curr_user);
 494         }
 495
 496
 497
 498 /*
 499  * set password
 500  */
 501 void cmd_setp(char *new_pw)
 502 {
 503         if (!(CC->logged_in)) {
 504                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 505                 return;
 506                 }
 507         if (CC->usersupp.USuid != BBSUID) {
 508                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 509                 return;
 510                 }
 511         strproc(new_pw);
 512         if (strlen(new_pw)==0) {
 513                 cprintf("%d Password unchanged.\n",OK);
 514                 return;
 515                 }
 516         lgetuser(&CC->usersupp,CC->curr_user);
 517         strcpy(CC->usersupp.password,new_pw);
 518         pwcrypt(CC->usersupp.password,config.c_pwcrypt);
 519         lputuser(&CC->usersupp,CC->curr_user);
 520         cprintf("%d Password changed.\n",OK);
 521         rec_log(CL_PWCHANGE,CC->curr_user);
 522         }
 523
 524 /*
 525  * get user parameters
 526  */
 527 void cmd_getu(void) {
 528         if (!(CC->logged_in)) {
 529                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 530                 return;
 531                 }
 532         getuser(&CC->usersupp,CC->curr_user);
 533         cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
 534                 CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
 535         }
 536
 537 /*
 538  * set user parameters
 539  */
 540 void cmd_setu(char *new_parms)
 541 {
 542
 543         if (num_parms(new_parms)!=3) {
 544                 cprintf("%d Usage error.\n",ERROR);
 545                 return;
 546                 }
 547         if (!(CC->logged_in)) {
 548                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 549                 return;
 550                 }
 551         lgetuser(&CC->usersupp,CC->curr_user);
 552         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 553         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 554         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 555         CC->usersupp.flags = CC->usersupp.flags |
 556                 (extract_int(new_parms,2) & US_USER_SET);
 557         lputuser(&CC->usersupp,CC->curr_user);
 558         cprintf("%d Ok\n",OK);
 559         }
 560
 561 /*
 562  * set last read pointer
 563  */
 564 void cmd_slrp(char *new_ptr)
 565 {
 566         long newlr;
 567
 568         if (!(CC->logged_in)) {
 569                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 570                 return;
 571                 }
 572
 573         if (CC->curr_rm < 0) {
 574                 cprintf("%d No current room.\n",ERROR);
 575                 return;
 576                 }
 577
 578         if (!struncmp(new_ptr,"highest",7)) {
 579                 newlr = CC->quickroom.QRhighest;
 580                 }
 581         else {
 582                 newlr = atol(new_ptr);
 583                 }
 584
 585         lgetuser(&CC->usersupp, CC->curr_user);
 586         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 587         lputuser(&CC->usersupp, CC->curr_user);
 588         cprintf("%d %ld\n",OK,newlr);
 589         }
 590
 591
 592 /*
 593  * INVT and KICK commands
 594  */
 595 void cmd_invt_kick(char *iuser, int op)
 596                         /* user name */
 597         {               /* 1 = invite, 0 = kick out */
 598         struct usersupp USscratch;
 599         char bbb[256];
 600
 601         if (!(CC->logged_in)) {
 602                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 603                 return;
 604                 }
 605
 606         if (CC->curr_rm < 0) {
 607                 cprintf("%d No current room.\n",ERROR);
 608                 return;
 609                 }
 610
 611         if (is_room_aide()==0) {
 612                 cprintf("%d Higher access required.\n",
 613                         ERROR+HIGHER_ACCESS_REQUIRED);
 614                 return;
 615                 }
 616
 617         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 618                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 619                 return;
 620                 }
 621
 622         if (lgetuser(&USscratch,iuser)!=0) {
 623                 cprintf("%d No such user.\n",ERROR);
 624                 return;
 625                 }
 626
 627         if (op==1) {
 628                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 629                 USscratch.forget[CC->curr_rm]=(-1);
 630                 }
 631
 632         if (op==0) {
 633                 USscratch.generation[CC->curr_rm]=(-1);
 634                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 635                 }
 636
 637         lputuser(&USscratch,iuser);
 638
 639         /* post a message in Aide> saying what we just did */
 640         sprintf(bbb,"%s %s %s> by %s",
 641                 iuser,
 642                 ((op == 1) ? "invited to" : "kicked out of"),
 643                 CC->quickroom.QRname,
 644                 CC->usersupp.fullname);
 645         aide_message(bbb);
 646
 647         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 648                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 649                 }
 650         else {
 651                 cprintf("%d Ok.\n",OK);
 652                 }
 653         return;
 654         }
 655
 656
 657 /*
 658  * forget (Zap) the current room
 659  */
 660 void cmd_forg(void) {
 661         if (!(CC->logged_in)) {
 662                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 663                 return;
 664                 }
 665
 666         if (CC->curr_rm < 0) {
 667                 cprintf("%d No current room.\n",ERROR);
 668                 return;
 669                 }
 670
 671         if (CC->curr_rm < 3) {
 672                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 673                 return;
 674                 }
 675
 676         if (is_aide()) {
 677                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 678                 return;
 679                 }
 680
 681         lgetuser(&CC->usersupp,CC->curr_user);
 682         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 683         CC->usersupp.generation[CC->curr_rm] = (-1);
 684         lputuser(&CC->usersupp,CC->curr_user);
 685         cprintf("%d Ok\n",OK);
 686         CC->curr_rm = (-1);
 687         }
 688
 689 /*
 690  * Get Next Unregistered User
 691  */
 692 void cmd_gnur(void) {
 693         struct cdbdata *cdbus;
 694         struct usersupp usbuf;
 695
 696         if (!(CC->logged_in)) {
 697                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 698                 return;
 699                 }
 700
 701         if (CC->usersupp.axlevel < 6) {
 702                 cprintf("%d Higher access required.\n",
 703                         ERROR+HIGHER_ACCESS_REQUIRED);
 704                 return;
 705                 }
 706
 707         if ((CitControl.MMflags&MM_VALID)==0) {
 708                 cprintf("%d There are no unvalidated users.\n",OK);
 709                 return;
 710                 }
 711
 712         /* There are unvalidated users.  Traverse the usersupp database,
 713          * and return the first user we find that needs validation.
 714          */
 715         cdb_rewind(CDB_USERSUPP);
 716         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 717                 bzero(&usbuf, sizeof(struct usersupp));
 718                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 719                 cdb_free(cdbus);
 720                 if ((usbuf.flags & US_NEEDVALID)
 721                    &&(usbuf.axlevel > 0)) {
 722                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 723                         return;
 724                         }
 725                 }
 726
 727         /* If we get to this point, there are no more unvalidated users.
 728          * Therefore we clear the "users need validation" flag.
 729          */
 730
 731         begin_critical_section(S_CONTROL);
 732         get_control();
 733         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 734         put_control();
 735         end_critical_section(S_CONTROL);
 736         cprintf("%d *** End of registration.\n",OK);
 737
 738
 739         }
 740
 741
 742 /*
 743  * get registration info for a user
 744  */
 745 void cmd_greg(char *who)
 746 {
 747         struct usersupp usbuf;
 748         int a,b;
 749         char pbuf[32];
 750
 751         if (!(CC->logged_in)) {
 752                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 753                 return;
 754                 }
 755
 756         if (!strucmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 757
 758         if ((CC->usersupp.axlevel < 6) && (strucmp(who,CC->curr_user))) {
 759                 cprintf("%d Higher access required.\n",
 760                         ERROR+HIGHER_ACCESS_REQUIRED);
 761                 return;
 762                 }
 763
 764         if (getuser(&usbuf,who) != 0) {
 765                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 766                 return;
 767                 }
 768
 769         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 770         cprintf("%ld\n",usbuf.usernum);
 771         pwcrypt(usbuf.password,PWCRYPT);
 772         cprintf("%s\n",usbuf.password);
 773         cprintf("%s\n",usbuf.USname);
 774         cprintf("%s\n",usbuf.USaddr);
 775         cprintf("%s\n%s\n%s\n",
 776                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 777         strcpy(pbuf,usbuf.USphone);
 778         usbuf.USphone[0]=0;
 779         for (a=0; a<strlen(pbuf); ++a) {
 780                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 781                         b=strlen(usbuf.USphone);
 782                         usbuf.USphone[b]=pbuf[a];
 783                         usbuf.USphone[b+1]=0;
 784                         }
 785                 }
 786         while(strlen(usbuf.USphone)<10) {
 787                 strcpy(pbuf,usbuf.USphone);
 788                 strcpy(usbuf.USphone," ");
 789                 strcat(usbuf.USphone,pbuf);
 790                 }
 791
 792         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 793                 usbuf.USphone[0],usbuf.USphone[1],
 794                 usbuf.USphone[2],usbuf.USphone[3],
 795                 usbuf.USphone[4],usbuf.USphone[5],
 796                 usbuf.USphone[6],usbuf.USphone[7],
 797                 usbuf.USphone[8],usbuf.USphone[9]);
 798
 799         cprintf("%d\n",usbuf.axlevel);
 800         cprintf("%s\n",usbuf.USemail);
 801         cprintf("000\n");
 802         }
 803
 804 /*
 805  * validate a user
 806  */
 807 void cmd_vali(char *v_args)
 808 {
 809         char user[256];
 810         int newax;
 811         struct usersupp userbuf;
 812
 813         extract(user,v_args,0);
 814         newax = extract_int(v_args,1);
 815
 816         if (!(CC->logged_in)) {
 817                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 818                 return;
 819                 }
 820
 821         if (CC->usersupp.axlevel < 6) {
 822                 cprintf("%d Higher access required.\n",
 823                         ERROR+HIGHER_ACCESS_REQUIRED);
 824                 return;
 825                 }
 826
 827         if (lgetuser(&userbuf,user)!=0) {
 828                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 829                 return;
 830                 }
 831
 832         userbuf.axlevel = newax;
 833         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 834
 835         lputuser(&userbuf,user);
 836
 837         /* If the access level was set to zero, delete the user */
 838         if (newax == 0) {
 839                 purge_user(user);
 840                 cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 841                 return;
 842                 }
 843
 844         cprintf("%d ok\n",OK);
 845         }
 846
 847
 848
 849 /*
 850  *  List users
 851  */
 852 void cmd_list(void) {
 853         struct usersupp usbuf;
 854         struct cdbdata *cdbus;
 855
 856         cdb_rewind(CDB_USERSUPP);
 857         cprintf("%d \n",LISTING_FOLLOWS);
 858
 859         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 860                 bzero(&usbuf, sizeof(struct usersupp));
 861                 memcpy(&usbuf, cdbus->ptr, cdbus->len);
 862                 cdb_free(cdbus);
 863
 864             if (usbuf.axlevel > 0) {
 865                 if ((CC->usersupp.axlevel>=6)
 866                    ||((usbuf.flags&US_UNLISTED)==0)
 867                    ||((CC->internal_pgm))) {
 868                         cprintf("%s|%d|%ld|%ld|%d|%d|",
 869                                 usbuf.fullname,
 870                                 usbuf.axlevel,
 871                                 usbuf.usernum,
 872                                 usbuf.lastcall,
 873                                 usbuf.timescalled,
 874                                 usbuf.posted);
 875                         pwcrypt(usbuf.password,config.c_pwcrypt);
 876                         if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
 877                         cprintf("\n");
 878                         }
 879                     }
 880                 }
 881         cprintf("000\n");
 882         }
 883
 884 /*
 885  * enter registration info
 886  */
 887 void cmd_regi(void) {
 888         int a,b,c;
 889         char buf[256];
 890
 891         char tmpname[256];
 892         char tmpaddr[256];
 893         char tmpcity[256];
 894         char tmpstate[256];
 895         char tmpzip[256];
 896         char tmpphone[256];
 897         char tmpemail[256];
 898
 899         if (!(CC->logged_in)) {
 900                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 901                 return;
 902                 }
 903
 904         strcpy(tmpname,"");
 905         strcpy(tmpaddr,"");
 906         strcpy(tmpcity,"");
 907         strcpy(tmpstate,"");
 908         strcpy(tmpzip,"");
 909         strcpy(tmpphone,"");
 910         strcpy(tmpemail,"");
 911
 912         cprintf("%d Send registration...\n",SEND_LISTING);
 913         a=0;
 914         while (client_gets(buf), strcmp(buf,"000")) {
 915                 if (a==0) strcpy(tmpname,buf);
 916                 if (a==1) strcpy(tmpaddr,buf);
 917                 if (a==2) strcpy(tmpcity,buf);
 918                 if (a==3) strcpy(tmpstate,buf);
 919                 if (a==4) {
 920                         for (c=0; c<strlen(buf); ++c) {
 921                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 922                                         b=strlen(tmpzip);
 923                                         tmpzip[b]=buf[c];
 924                                         tmpzip[b+1]=0;
 925                                         }
 926                                 }
 927                         }
 928                 if (a==5) {
 929                         for (c=0; c<strlen(buf); ++c) {
 930                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
 931                                         b=strlen(tmpphone);
 932                                         tmpphone[b]=buf[c];
 933                                         tmpphone[b+1]=0;
 934                                         }
 935                                 }
 936                         }
 937                 if (a==6) strncpy(tmpemail,buf,31);
 938                 ++a;
 939                 }
 940
 941         tmpname[29]=0;
 942         tmpaddr[24]=0;
 943         tmpcity[14]=0;
 944         tmpstate[2]=0;
 945         tmpzip[9]=0;
 946         tmpphone[10]=0;
 947         tmpemail[31]=0;
 948
 949         lgetuser(&CC->usersupp,CC->curr_user);
 950         strcpy(CC->usersupp.USname,tmpname);
 951         strcpy(CC->usersupp.USaddr,tmpaddr);
 952         strcpy(CC->usersupp.UScity,tmpcity);
 953         strcpy(CC->usersupp.USstate,tmpstate);
 954         strcpy(CC->usersupp.USzip,tmpzip);
 955         strcpy(CC->usersupp.USphone,tmpphone);
 956         strcpy(CC->usersupp.USemail,tmpemail);
 957         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
 958         lputuser(&CC->usersupp,CC->curr_user);
 959
 960         /* set global flag calling for validation */
 961         begin_critical_section(S_CONTROL);
 962         get_control();
 963         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
 964         put_control();
 965         end_critical_section(S_CONTROL);
 966         cprintf("%d *** End of registration.\n",OK);
 967         }
 968
 969
 970 /*
 971  * assorted info we need to check at login
 972  */
 973 void cmd_chek(void) {
 974         int mail = 0;
 975         int regis = 0;
 976         int vali = 0;
 977         int a;
 978
 979         if (!(CC->logged_in)) {
 980                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 981                 return;
 982                 }
 983
 984         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
 985         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
 986
 987         if (CC->usersupp.axlevel >= 6) {
 988                 get_control();
 989                 if (CitControl.MMflags&MM_VALID) vali = 1;
 990                 }
 991
 992         mail=0;                         /* check for mail */
 993         for (a=0; a<MAILSLOTS; ++a)
 994                 if ((CC->usersupp.mailnum[a])>(CC->usersupp.lastseen[1]))
 995                         ++mail;
 996
 997         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
 998         }
 999
1000
1001 /*
1002  * check to see if a user exists
1003  */
1004 void cmd_qusr(char *who)
1005 {
1006         struct usersupp usbuf;
1007
1008         if (getuser(&usbuf,who) == 0) {
1009                 cprintf("%d %s\n",OK,usbuf.fullname);
1010                 }
1011         else {
1012                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1013                 }
1014         }
1015
1016
1017 /*
1018  * enter user bio
1019  */
1020 void cmd_ebio(void) {
1021         char buf[256];
1022         FILE *fp;
1023
1024         if (!(CC->logged_in)) {
1025                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1026                 return;
1027                 }
1028
1029         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1030         fp = fopen(buf,"w");
1031         if (fp == NULL) {
1032                 cprintf("%d Cannot create file\n",ERROR);
1033                 return;
1034                 }
1035         cprintf("%d  \n",SEND_LISTING);
1036         while(client_gets(buf), strcmp(buf,"000")) {
1037                 fprintf(fp,"%s\n",buf);
1038                 }
1039         fclose(fp);
1040         }
1041
1042 /*
1043  * read user bio
1044  */
1045 void cmd_rbio(char *cmdbuf)
1046 {
1047         struct usersupp ruser;
1048         char buf[256];
1049         FILE *fp;
1050
1051         extract(buf,cmdbuf,0);
1052         if (getuser(&ruser,buf)!=0) {
1053                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1054                 return;
1055                 }
1056         sprintf(buf,"./bio/%ld",ruser.usernum);
1057
1058         fp = fopen(buf,"r");
1059         if (fp == NULL) {
1060                 cprintf("%d %s has no bio on file.\n",
1061                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1062                 return;
1063                 }
1064         cprintf("%d  \n",LISTING_FOLLOWS);
1065         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1066         fclose(fp);
1067         cprintf("000\n");
1068         }
1069
1070 /*
1071  * list of users who have entered bios
1072  */
1073 void cmd_lbio(void) {
1074         char buf[256];
1075         FILE *ls;
1076         struct usersupp usbuf;
1077
1078         ls=popen("cd ./bio; ls","r");
1079         if (ls==NULL) {
1080                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1081                 return;
1082                 }
1083
1084         cprintf("%d\n",LISTING_FOLLOWS);
1085         while (fgets(buf,255,ls)!=NULL)
1086                 if (getuserbynumber(&usbuf,atol(buf))==0)
1087                         cprintf("%s\n",usbuf.fullname);
1088         pclose(ls);
1089         cprintf("000\n");
1090         }