#endif
#include <string.h>
-#include <syslog.h>
#include <limits.h>
#ifndef ENABLE_CHKPWD
#include "auth.h"
* makeuserkey() - convert a username into the format used as a database key
* (it's just the username converted into lower case)
*/
-static inline void makeuserkey(char *key, char *username) {
+static INLINE void makeuserkey(char *key, char *username) {
int i, len;
len = strlen(username);
a = CtdlLoginExistingUser(username);
switch (a) {
case login_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case login_too_many_users:
cprintf("%d %s: "
MORE_DATA, CC->curr_user);
return;
case login_not_found:
- cprintf("%d %s not found.\n", ERROR, username);
+ cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER, username);
return;
- cprintf("%d Internal error\n", ERROR);
+ cprintf("%d Internal error\n", ERROR + INTERNAL_ERROR);
}
}
{
int i;
- syslog(LOG_NOTICE, "session %d: user <%s> logged in",
- CC->cs_pid, CC->curr_user);
+ lprintf(CTDL_NOTICE, "<%s> logged in\n", CC->curr_user);
lgetuser(&CC->user, CC->curr_user);
++(CC->user.timescalled);
*/
void logout(struct CitContext *who)
{
+ /*
+ * Clear out some session data. Most likely, the CitContext for this
+ * session is about to get nuked when the session disconnects, but
+ * since it's possible to log in again without reconnecting, we cannot
+ * make that assumption.
+ */
+ strcpy(who->fake_username, "");
+ strcpy(who->fake_postname, "");
+ strcpy(who->fake_hostname, "");
+ strcpy(who->fake_roomname, "");
who->logged_in = 0;
/*
/* Do modular stuff... */
PerformSessionHooks(EVT_LOGOUT);
+
+ /* Free any output buffers */
+ if (who->output_buffer != NULL) {
+ unbuffer_output();
+ }
}
#ifdef ENABLE_CHKPWD
char buf[24];
if (pipe(pipev)) {
- lprintf(1, "pipe failed (%s): denying autologin access for "
+ lprintf(CTDL_ERROR, "pipe failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
return 0;
}
switch (pid = fork()) {
case -1:
- lprintf(1, "fork failed (%s): denying autologin access for "
+ lprintf(CTDL_ERROR, "fork failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
close(pipev[0]);
close(pipev[1]);
while (waitpid(pid, &status, 0) == -1)
if (errno != EINTR) {
- lprintf(1, "waitpid failed (%s): denying autologin "
+ lprintf(CTDL_ERROR, "waitpid failed (%s): denying autologin "
"access for uid %ld\n",
strerror(errno), (long)uid);
return 0;
int code;
if ((CC->logged_in)) {
- lprintf(5, "CtdlTryPassword: already logged in\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: already logged in\n");
return pass_already_logged_in;
}
if (!strcmp(CC->curr_user, NLI)) {
- lprintf(5, "CtdlTryPassword: no user selected\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: no user selected\n");
return pass_no_user;
}
if (getuser(&CC->user, CC->curr_user)) {
- lprintf(5, "CtdlTryPassword: internal error\n");
+ lprintf(CTDL_ERR, "CtdlTryPassword: internal error\n");
return pass_internal_error;
}
if (password == NULL) {
- lprintf(5, "CtdlTryPassword: NULL password string supplied\n");
+ lprintf(CTDL_INFO, "CtdlTryPassword: NULL password string supplied\n");
return pass_wrong_password;
}
code = (-1);
do_login();
return pass_ok;
} else {
- lprintf(3, "Bad password specified for <%s>\n", CC->curr_user);
+ lprintf(CTDL_WARNING, "Bad password specified for <%s>\n", CC->curr_user);
return pass_wrong_password;
}
}
switch (a) {
case pass_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case pass_no_user:
cprintf("%d You must send a name with USER first.\n",
- ERROR);
+ ERROR + USERNAME_REQUIRED);
return;
case pass_wrong_password:
- cprintf("%d Wrong password.\n", ERROR);
+ cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
return;
case pass_ok:
logged_in_response();
makeuserkey(usernamekey, pname);
if (getuser(&usbuf, pname) != 0) {
- lprintf(5, "Cannot purge user <%s> - not found\n", pname);
+ lprintf(CTDL_ERR, "Cannot purge user <%s> - not found\n", pname);
return (ERROR + NO_SUCH_USER);
}
/* Don't delete a user who is currently logged in. Instead, just
}
end_critical_section(S_SESSION_TABLE);
if (user_is_logged_in == 1) {
- lprintf(5, "User <%s> is logged in; not deleting.\n", pname);
+ lprintf(CTDL_WARNING, "User <%s> is logged in; not deleting.\n", pname);
usbuf.axlevel = 0;
putuser(&usbuf);
return (1);
}
- lprintf(5, "Deleting user <%s>\n", pname);
+ lprintf(CTDL_NOTICE, "Deleting user <%s>\n", pname);
/* Perform any purge functions registered by server extensions */
PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
}
}
- lprintf(3, "New user <%s> created\n", username);
+ lprintf(CTDL_NOTICE, "New user <%s> created\n", username);
return (0);
}
if (config.c_disable_newu) {
cprintf("%d Self-service user account creation "
- "is disabled on this system.\n", ERROR);
+ "is disabled on this system.\n", ERROR + NOT_HERE);
return;
}
if (CC->logged_in) {
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
}
if (CC->nologin) {
strproc(username);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
if ((!strcasecmp(username, "bbs")) ||
(!strcasecmp(username, "new")) ||
(!strcasecmp(username, "."))) {
- cprintf("%d '%s' is an invalid login name.\n", ERROR, username);
+ cprintf("%d '%s' is an invalid login name.\n", ERROR + ILLEGAL_VALUE, username);
return;
}
ERROR + INTERNAL_ERROR);
return;
} else {
- cprintf("%d unknown error\n", ERROR);
+ cprintf("%d unknown error\n", ERROR + INTERNAL_ERROR);
}
}
return;
}
if ( (CC->user.uid != BBSUID) && (CC->user.uid != (-1)) ) {
- cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR);
+ cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE);
return;
}
strproc(new_pw);
safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password));
lputuser(&CC->user);
cprintf("%d Password changed.\n", CIT_OK);
- lprintf(3, "Password changed for user <%s>\n", CC->curr_user);
+ lprintf(CTDL_INFO, "Password changed for user <%s>\n", CC->curr_user);
PerformSessionHooks(EVT_SETPASS);
}
/*
- * cmd_creu() - administratively create a new user account (do not log in to it)
+ * cmd_creu() - administratively create a new user account (do not log in to it)
*/
void cmd_creu(char *cmdbuf)
{
int a;
char username[SIZ];
+ char password[SIZ];
+ struct ctdluser tmp;
if (CtdlAccessCheck(ac_aide)) {
return;
}
extract(username, cmdbuf, 0);
+ extract(password, cmdbuf, 1);
username[25] = 0;
+ password[31] = 0;
strproc(username);
+ strproc(password);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
a = create_user(username, 0);
if (a == 0) {
- cprintf("%d ok\n", CIT_OK);
+ if (strlen(password) > 0) {
+ lgetuser(&tmp, username);
+ safestrncpy(tmp.password, password, sizeof(tmp.password));
+ lputuser(&tmp);
+ }
+ cprintf("%d User '%s' created %s.\n", CIT_OK, username,
+ (strlen(password) > 0) ? "and password set" :
+ "with no password");
return;
} else if (a == ERROR + ALREADY_EXISTS) {
cprintf("%d '%s' already exists.\n",
ERROR + ALREADY_EXISTS, username);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR);
+ cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}
return;
if (num_parms(new_parms) < 3) {
- cprintf("%d Usage error.\n", ERROR);
+ cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
return;
}
lgetuser(&CC->user, CC->curr_user);
}
if (num_parms(argbuf) != 2) {
- cprintf("%d Invalid parameters\n", ERROR);
+ cprintf("%d Invalid parameters\n", ERROR + ILLEGAL_VALUE);
return;
}
target_msgnum = extract_long(argbuf, 0);
target_setting = extract_int(argbuf, 1);
- CtdlSetSeen(target_msgnum, target_setting);
+ CtdlSetSeen(target_msgnum, target_setting, ctdlsetseen_seen);
cprintf("%d OK\n", CIT_OK);
}
return;
}
- CtdlGetSeen(buf);
+ CtdlGetSeen(buf, ctdlsetseen_seen);
cprintf("%d %s\n", CIT_OK, buf);
}
}
if (lgetuser(&USscratch, iuser) != 0) {
- cprintf("%d No such user.\n", ERROR);
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
}
CtdlGetRelationship(&vbuf, &USscratch, &CC->room);
cprintf("%d Ok\n", CIT_OK);
}
else {
- cprintf("%d You may not forget this room.\n", ERROR);
+ cprintf("%d You may not forget this room.\n", ERROR + NOT_HERE);
}
}