#endif
#include <string.h>
-#include <syslog.h>
#include <limits.h>
#ifndef ENABLE_CHKPWD
#include "auth.h"
#include "citserver.h"
+/*
+ * makeuserkey() - convert a username into the format used as a database key
+ * (it's just the username converted into lower case)
+ */
+static INLINE void makeuserkey(char *key, char *username) {
+ int i, len;
+
+ len = strlen(username);
+ for (i=0; i<=len; ++i) {
+ key[i] = tolower(username[i]);
+ }
+}
+
+
/*
* getuser() - retrieve named user into supplied buffer.
* returns 0 on success
int getuser(struct ctdluser *usbuf, char name[])
{
- char lowercase_name[USERNAME_SIZE];
+ char usernamekey[USERNAME_SIZE];
char sysuser_name[USERNAME_SIZE];
- int a;
struct cdbdata *cdbus;
int using_sysuser = 0;
#endif
if (using_sysuser) {
- for (a = 0; a <= strlen(sysuser_name); ++a) {
- lowercase_name[a] = tolower(sysuser_name[a]);
- }
+ makeuserkey(usernamekey, sysuser_name);
}
else {
- for (a = 0; a <= strlen(name); ++a) {
- if (a < sizeof(lowercase_name))
- lowercase_name[a] = tolower(name[a]);
- }
+ makeuserkey(usernamekey, name);
}
- lowercase_name[sizeof(lowercase_name) - 1] = 0;
- cdbus = cdb_fetch(CDB_USERS, lowercase_name, strlen(lowercase_name));
+ cdbus = cdb_fetch(CDB_USERS, usernamekey, strlen(usernamekey));
if (cdbus == NULL) { /* user not found */
return(1);
}
*/
void putuser(struct ctdluser *usbuf)
{
- char lowercase_name[USERNAME_SIZE];
- int a;
+ char usernamekey[USERNAME_SIZE];
- for (a = 0; a <= strlen(usbuf->fullname); ++a) {
- if (a < sizeof(lowercase_name))
- lowercase_name[a] = tolower(usbuf->fullname[a]);
- }
- lowercase_name[sizeof(lowercase_name) - 1] = 0;
+ makeuserkey(usernamekey, usbuf->fullname);
usbuf->version = REV_LEVEL;
cdb_store(CDB_USERS,
- lowercase_name, strlen(lowercase_name),
+ usernamekey, strlen(usernamekey),
usbuf, sizeof(struct ctdluser));
}
{
char username[SIZ];
int found_user;
+ struct recptypes *valid = NULL;
if (trythisname == NULL) return login_not_found;
safestrncpy(username, trythisname, sizeof username);
return login_already_logged_in;
}
+ /* First, try to log in as if the supplied name is a display name */
found_user = getuser(&CC->user, username);
+ /* If that didn't work, try to log in as if the supplied name
+ * is an e-mail address
+ */
+ if (found_user != 0) {
+ valid = validate_recipients(trythisname);
+ if (valid != NULL) {
+ if (valid->num_local == 1) {
+ found_user = getuser(&CC->user,
+ valid->recp_local);
+ }
+ phree(valid);
+ }
+ }
+
+ /* Did we find something? */
if (found_user == 0) {
if (((CC->nologin)) && (CC->user.axlevel < 6)) {
return login_too_many_users;
int a;
extract(username, cmdbuf, 0);
- username[25] = 0;
- strproc(username);
+ striplt(username);
a = CtdlLoginExistingUser(username);
switch (a) {
case login_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case login_too_many_users:
cprintf("%d %s: "
MORE_DATA, CC->curr_user);
return;
case login_not_found:
- cprintf("%d %s not found.\n", ERROR, username);
+ cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER, username);
return;
- cprintf("%d Internal error\n", ERROR);
+ cprintf("%d Internal error\n", ERROR + INTERNAL_ERROR);
}
}
{
int i;
- syslog(LOG_NOTICE, "session %d: user <%s> logged in",
- CC->cs_pid, CC->curr_user);
+ lprintf(CTDL_NOTICE, "<%s> logged in\n", CC->curr_user);
lgetuser(&CC->user, CC->curr_user);
++(CC->user.timescalled);
*/
void logout(struct CitContext *who)
{
+ /*
+ * Clear out some session data. Most likely, the CitContext for this
+ * session is about to get nuked when the session disconnects, but
+ * since it's possible to log in again without reconnecting, we cannot
+ * make that assumption.
+ */
+ strcpy(who->fake_username, "");
+ strcpy(who->fake_postname, "");
+ strcpy(who->fake_hostname, "");
+ strcpy(who->fake_roomname, "");
who->logged_in = 0;
/*
/* Do modular stuff... */
PerformSessionHooks(EVT_LOGOUT);
+
+ /* Free any output buffers */
+ if (who->output_buffer != NULL) {
+ unbuffer_output();
+ }
}
#ifdef ENABLE_CHKPWD
char buf[24];
if (pipe(pipev)) {
- lprintf(1, "pipe failed (%s): denying autologin access for "
+ lprintf(CTDL_ERROR, "pipe failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
return 0;
}
switch (pid = fork()) {
case -1:
- lprintf(1, "fork failed (%s): denying autologin access for "
+ lprintf(CTDL_ERROR, "fork failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
close(pipev[0]);
close(pipev[1]);
while (waitpid(pid, &status, 0) == -1)
if (errno != EINTR) {
- lprintf(1, "waitpid failed (%s): denying autologin "
+ lprintf(CTDL_ERROR, "waitpid failed (%s): denying autologin "
"access for uid %ld\n",
strerror(errno), (long)uid);
return 0;
int code;
if ((CC->logged_in)) {
- lprintf(5, "CtdlTryPassword: already logged in\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: already logged in\n");
return pass_already_logged_in;
}
if (!strcmp(CC->curr_user, NLI)) {
- lprintf(5, "CtdlTryPassword: no user selected\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: no user selected\n");
return pass_no_user;
}
if (getuser(&CC->user, CC->curr_user)) {
- lprintf(5, "CtdlTryPassword: internal error\n");
+ lprintf(CTDL_ERR, "CtdlTryPassword: internal error\n");
return pass_internal_error;
}
if (password == NULL) {
- lprintf(5, "CtdlTryPassword: NULL password string supplied\n");
+ lprintf(CTDL_INFO, "CtdlTryPassword: NULL password string supplied\n");
return pass_wrong_password;
}
code = (-1);
do_login();
return pass_ok;
} else {
- lprintf(3, "Bad password specified for <%s>\n", CC->curr_user);
+ lprintf(CTDL_WARNING, "Bad password specified for <%s>\n", CC->curr_user);
return pass_wrong_password;
}
}
switch (a) {
case pass_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case pass_no_user:
cprintf("%d You must send a name with USER first.\n",
- ERROR);
+ ERROR + USERNAME_REQUIRED);
return;
case pass_wrong_password:
- cprintf("%d Wrong password.\n", ERROR);
+ cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
return;
case pass_ok:
logged_in_response();
{
char filename[64];
struct ctdluser usbuf;
- char lowercase_name[USERNAME_SIZE];
- int a;
+ char usernamekey[USERNAME_SIZE];
struct CitContext *ccptr;
int user_is_logged_in = 0;
- for (a = 0; a <= strlen(pname); ++a) {
- lowercase_name[a] = tolower(pname[a]);
- }
+ makeuserkey(usernamekey, pname);
if (getuser(&usbuf, pname) != 0) {
- lprintf(5, "Cannot purge user <%s> - not found\n", pname);
+ lprintf(CTDL_ERR, "Cannot purge user <%s> - not found\n", pname);
return (ERROR + NO_SUCH_USER);
}
/* Don't delete a user who is currently logged in. Instead, just
}
end_critical_section(S_SESSION_TABLE);
if (user_is_logged_in == 1) {
- lprintf(5, "User <%s> is logged in; not deleting.\n", pname);
+ lprintf(CTDL_WARNING, "User <%s> is logged in; not deleting.\n", pname);
usbuf.axlevel = 0;
putuser(&usbuf);
return (1);
}
- lprintf(5, "Deleting user <%s>\n", pname);
+ lprintf(CTDL_NOTICE, "Deleting user <%s>\n", pname);
/* Perform any purge functions registered by server extensions */
PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
/* delete the userlog entry */
- cdb_delete(CDB_USERS, lowercase_name, strlen(lowercase_name));
+ cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey));
/* remove the user's bio file */
snprintf(filename, sizeof filename, "./bio/%ld", usbuf.usernum);
}
}
- lprintf(3, "New user <%s> created\n", username);
+ lprintf(CTDL_NOTICE, "New user <%s> created\n", username);
return (0);
}
if (config.c_disable_newu) {
cprintf("%d Self-service user account creation "
- "is disabled on this system.\n", ERROR);
+ "is disabled on this system.\n", ERROR + NOT_HERE);
return;
}
if (CC->logged_in) {
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
}
if (CC->nologin) {
strproc(username);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
if ((!strcasecmp(username, "bbs")) ||
(!strcasecmp(username, "new")) ||
(!strcasecmp(username, "."))) {
- cprintf("%d '%s' is an invalid login name.\n", ERROR, username);
+ cprintf("%d '%s' is an invalid login name.\n", ERROR + ILLEGAL_VALUE, username);
return;
}
ERROR + INTERNAL_ERROR);
return;
} else {
- cprintf("%d unknown error\n", ERROR);
+ cprintf("%d unknown error\n", ERROR + INTERNAL_ERROR);
}
}
return;
}
if ( (CC->user.uid != BBSUID) && (CC->user.uid != (-1)) ) {
- cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR);
+ cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE);
return;
}
strproc(new_pw);
safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password));
lputuser(&CC->user);
cprintf("%d Password changed.\n", CIT_OK);
- lprintf(3, "Password changed for user <%s>\n", CC->curr_user);
+ lprintf(CTDL_INFO, "Password changed for user <%s>\n", CC->curr_user);
PerformSessionHooks(EVT_SETPASS);
}
/*
- * cmd_creu() - administratively create a new user account (do not log in to it)
+ * cmd_creu() - administratively create a new user account (do not log in to it)
*/
void cmd_creu(char *cmdbuf)
{
int a;
char username[SIZ];
+ char password[SIZ];
+ struct ctdluser tmp;
if (CtdlAccessCheck(ac_aide)) {
return;
}
extract(username, cmdbuf, 0);
+ extract(password, cmdbuf, 1);
username[25] = 0;
+ password[31] = 0;
strproc(username);
+ strproc(password);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
a = create_user(username, 0);
if (a == 0) {
- cprintf("%d ok\n", CIT_OK);
+ if (strlen(password) > 0) {
+ lgetuser(&tmp, username);
+ safestrncpy(tmp.password, password, sizeof(tmp.password));
+ lputuser(&tmp);
+ }
+ cprintf("%d User '%s' created %s.\n", CIT_OK, username,
+ (strlen(password) > 0) ? "and password set" :
+ "with no password");
return;
} else if (a == ERROR + ALREADY_EXISTS) {
cprintf("%d '%s' already exists.\n",
ERROR + ALREADY_EXISTS, username);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR);
+ cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}
return;
if (num_parms(new_parms) < 3) {
- cprintf("%d Usage error.\n", ERROR);
+ cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
return;
}
lgetuser(&CC->user, CC->curr_user);
{
long newlr;
struct visit vbuf;
+ struct visit original_vbuf;
if (CtdlAccessCheck(ac_logged_in)) {
return;
lgetuser(&CC->user, CC->curr_user);
CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
+ memcpy(&original_vbuf, &vbuf, sizeof(struct visit));
vbuf.v_lastseen = newlr;
snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", newlr);
- CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
+
+ /* Only rewrite the record if it changed */
+ if ( (vbuf.v_lastseen != original_vbuf.v_lastseen)
+ || (strcmp(vbuf.v_seen, original_vbuf.v_seen)) ) {
+ CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
+ }
lputuser(&CC->user);
cprintf("%d %ld\n", CIT_OK, newlr);
}
if (num_parms(argbuf) != 2) {
- cprintf("%d Invalid parameters\n", ERROR);
+ cprintf("%d Invalid parameters\n", ERROR + ILLEGAL_VALUE);
return;
}
target_msgnum = extract_long(argbuf, 0);
target_setting = extract_int(argbuf, 1);
- CtdlSetSeen(target_msgnum, target_setting);
+ CtdlSetSeen(target_msgnum, target_setting, ctdlsetseen_seen);
cprintf("%d OK\n", CIT_OK);
}
return;
}
- CtdlGetSeen(buf);
+ CtdlGetSeen(buf, ctdlsetseen_seen);
cprintf("%d %s\n", CIT_OK, buf);
}
}
if (lgetuser(&USscratch, iuser) != 0) {
- cprintf("%d No such user.\n", ERROR);
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
}
CtdlGetRelationship(&vbuf, &USscratch, &CC->room);
cprintf("%d Ok\n", CIT_OK);
}
else {
- cprintf("%d You may not forget this room.\n", ERROR);
+ cprintf("%d You may not forget this room.\n", ERROR + NOT_HERE);
}
}
projects / citadel.git / blobdiff