#endif
#include <string.h>
-#include <syslog.h>
#include <limits.h>
#ifndef ENABLE_CHKPWD
#include "auth.h"
#include "citserver.h"
+/*
+ * makeuserkey() - convert a username into the format used as a database key
+ * (it's just the username converted into lower case)
+ */
+static INLINE void makeuserkey(char *key, char *username) {
+ int i, len;
+
+ len = strlen(username);
+ for (i=0; i<=len; ++i) {
+ key[i] = tolower(username[i]);
+ }
+}
+
+
/*
* getuser() - retrieve named user into supplied buffer.
* returns 0 on success
*/
-int getuser(struct user *usbuf, char name[])
+int getuser(struct ctdluser *usbuf, char name[])
{
- char lowercase_name[USERNAME_SIZE];
+ char usernamekey[USERNAME_SIZE];
char sysuser_name[USERNAME_SIZE];
- int a;
struct cdbdata *cdbus;
int using_sysuser = 0;
- memset(usbuf, 0, sizeof(struct user));
+ memset(usbuf, 0, sizeof(struct ctdluser));
#ifdef ENABLE_AUTOLOGIN
if (CtdlAssociateSystemUser(sysuser_name, name) == 0) {
#endif
if (using_sysuser) {
- for (a = 0; a <= strlen(sysuser_name); ++a) {
- lowercase_name[a] = tolower(sysuser_name[a]);
- }
+ makeuserkey(usernamekey, sysuser_name);
}
else {
- for (a = 0; a <= strlen(name); ++a) {
- if (a < sizeof(lowercase_name))
- lowercase_name[a] = tolower(name[a]);
- }
+ makeuserkey(usernamekey, name);
}
- lowercase_name[sizeof(lowercase_name) - 1] = 0;
- cdbus = cdb_fetch(CDB_USERS, lowercase_name, strlen(lowercase_name));
+ cdbus = cdb_fetch(CDB_USERS, usernamekey, strlen(usernamekey));
if (cdbus == NULL) { /* user not found */
return(1);
}
memcpy(usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct user)) ?
- sizeof(struct user) : cdbus->len));
+ ((cdbus->len > sizeof(struct ctdluser)) ?
+ sizeof(struct ctdluser) : cdbus->len));
cdb_free(cdbus);
return (0);
/*
* lgetuser() - same as getuser() but locks the record
*/
-int lgetuser(struct user *usbuf, char *name)
+int lgetuser(struct ctdluser *usbuf, char *name)
{
int retcode;
/*
* putuser() - write user buffer into the correct place on disk
*/
-void putuser(struct user *usbuf)
+void putuser(struct ctdluser *usbuf)
{
- char lowercase_name[USERNAME_SIZE];
- int a;
+ char usernamekey[USERNAME_SIZE];
- for (a = 0; a <= strlen(usbuf->fullname); ++a) {
- if (a < sizeof(lowercase_name))
- lowercase_name[a] = tolower(usbuf->fullname[a]);
- }
- lowercase_name[sizeof(lowercase_name) - 1] = 0;
+ makeuserkey(usernamekey, usbuf->fullname);
usbuf->version = REV_LEVEL;
cdb_store(CDB_USERS,
- lowercase_name, strlen(lowercase_name),
- usbuf, sizeof(struct user));
+ usernamekey, strlen(usernamekey),
+ usbuf, sizeof(struct ctdluser));
}
/*
* lputuser() - same as putuser() but locks the record
*/
-void lputuser(struct user *usbuf)
+void lputuser(struct ctdluser *usbuf)
{
putuser(usbuf);
end_critical_section(S_USERS);
* Define a relationship between a user and a room
*/
void CtdlSetRelationship(struct visit *newvisit,
- struct user *rel_user,
- struct room *rel_room)
+ struct ctdluser *rel_user,
+ struct ctdlroom *rel_room)
{
* Locate a relationship between a user and a room
*/
void CtdlGetRelationship(struct visit *vbuf,
- struct user *rel_user,
- struct room *rel_room)
+ struct ctdluser *rel_user,
+ struct ctdlroom *rel_room)
{
char IndexBuf[32];
}
-void MailboxName(char *buf, size_t n, const struct user *who, const char *prefix)
+void MailboxName(char *buf, size_t n, const struct ctdluser *who, const char *prefix)
{
snprintf(buf, n, "%010ld.%s", who->usernum, prefix);
}
* WARNING: don't use this function unless you absolutely have to. It does
* a sequential search and therefore is computationally expensive.
*/
-int getuserbynumber(struct user *usbuf, long int number)
+int getuserbynumber(struct ctdluser *usbuf, long int number)
{
struct cdbdata *cdbus;
cdb_rewind(CDB_USERS);
while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) {
- memset(usbuf, 0, sizeof(struct user));
+ memset(usbuf, 0, sizeof(struct ctdluser));
memcpy(usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct user)) ?
- sizeof(struct user) : cdbus->len));
+ ((cdbus->len > sizeof(struct ctdluser)) ?
+ sizeof(struct ctdluser) : cdbus->len));
cdb_free(cdbus);
if (usbuf->usernum == number) {
cdb_close_cursor(CDB_USERS);
{
char username[SIZ];
int found_user;
+ struct recptypes *valid = NULL;
if (trythisname == NULL) return login_not_found;
safestrncpy(username, trythisname, sizeof username);
return login_already_logged_in;
}
+ /* First, try to log in as if the supplied name is a display name */
found_user = getuser(&CC->user, username);
+ /* If that didn't work, try to log in as if the supplied name
+ * is an e-mail address
+ */
+ if (found_user != 0) {
+ valid = validate_recipients(trythisname);
+ if (valid != NULL) {
+ if (valid->num_local == 1) {
+ found_user = getuser(&CC->user,
+ valid->recp_local);
+ }
+ phree(valid);
+ }
+ }
+
+ /* Did we find something? */
if (found_user == 0) {
if (((CC->nologin)) && (CC->user.axlevel < 6)) {
return login_too_many_users;
} else {
- strcpy(CC->curr_user, CC->user.fullname);
+ safestrncpy(CC->curr_user, CC->user.fullname,
+ sizeof CC->curr_user);
return login_ok;
}
}
int a;
extract(username, cmdbuf, 0);
- username[25] = 0;
- strproc(username);
+ striplt(username);
a = CtdlLoginExistingUser(username);
switch (a) {
case login_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case login_too_many_users:
cprintf("%d %s: "
MORE_DATA, CC->curr_user);
return;
case login_not_found:
- cprintf("%d %s not found.\n", ERROR, username);
+ cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER, username);
return;
- cprintf("%d Internal error\n", ERROR);
+ cprintf("%d Internal error\n", ERROR + INTERNAL_ERROR);
}
}
{
int i;
- syslog(LOG_NOTICE, "session %d: user <%s> logged in",
+ lprintf(3, "Session %d: %s logged in",
CC->cs_pid, CC->curr_user);
lgetuser(&CC->user, CC->curr_user);
*/
void logout(struct CitContext *who)
{
+ /*
+ * Clear out some session data. Most likely, the CitContext for this
+ * session is about to get nuked when the session disconnects, but
+ * since it's possible to log in again without reconnecting, we cannot
+ * make that assumption.
+ */
+ strcpy(who->fake_username, "");
+ strcpy(who->fake_postname, "");
+ strcpy(who->fake_hostname, "");
+ strcpy(who->fake_roomname, "");
who->logged_in = 0;
/*
/* Do modular stuff... */
PerformSessionHooks(EVT_LOGOUT);
+
+ /* Free any output buffers */
+ if (who->output_buffer != NULL) {
+ unbuffer_output();
+ }
}
#ifdef ENABLE_CHKPWD
switch (a) {
case pass_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case pass_no_user:
cprintf("%d You must send a name with USER first.\n",
- ERROR);
+ ERROR + USERNAME_REQUIRED);
return;
case pass_wrong_password:
- cprintf("%d Wrong password.\n", ERROR);
+ cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
return;
case pass_ok:
logged_in_response();
int purge_user(char pname[])
{
char filename[64];
- struct user usbuf;
- char lowercase_name[USERNAME_SIZE];
- int a;
+ struct ctdluser usbuf;
+ char usernamekey[USERNAME_SIZE];
struct CitContext *ccptr;
int user_is_logged_in = 0;
- for (a = 0; a <= strlen(pname); ++a) {
- lowercase_name[a] = tolower(pname[a]);
- }
+ makeuserkey(usernamekey, pname);
if (getuser(&usbuf, pname) != 0) {
lprintf(5, "Cannot purge user <%s> - not found\n", pname);
cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
/* delete the userlog entry */
- cdb_delete(CDB_USERS, lowercase_name, strlen(lowercase_name));
+ cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey));
/* remove the user's bio file */
snprintf(filename, sizeof filename, "./bio/%ld", usbuf.usernum);
*/
int create_user(char *newusername, int become_user)
{
- struct user usbuf;
- struct room qrbuf;
+ struct ctdluser usbuf;
+ struct ctdlroom qrbuf;
struct passwd *p = NULL;
char username[SIZ];
char mailboxname[ROOMNAMELEN];
uid_t uid;
- strcpy(username, newusername);
+ safestrncpy(username, newusername, sizeof username);
strproc(username);
#ifdef ENABLE_AUTOLOGIN
}
/* Go ahead and initialize a new user record */
- memset(&usbuf, 0, sizeof(struct user));
- strcpy(usbuf.fullname, username);
+ memset(&usbuf, 0, sizeof(struct ctdluser));
+ safestrncpy(usbuf.fullname, username, sizeof usbuf.fullname);
strcpy(usbuf.password, "");
usbuf.uid = uid;
if (become_user) {
/* Now become the user we just created */
- memcpy(&CC->user, &usbuf, sizeof(struct user));
- strcpy(CC->curr_user, username);
+ memcpy(&CC->user, &usbuf, sizeof(struct ctdluser));
+ safestrncpy(CC->curr_user, username, sizeof CC->curr_user);
CC->logged_in = 1;
/* Check to make sure we're still who we think we are */
if (config.c_disable_newu) {
cprintf("%d Self-service user account creation "
- "is disabled on this system.\n", ERROR);
+ "is disabled on this system.\n", ERROR + NOT_HERE);
return;
}
if (CC->logged_in) {
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
}
if (CC->nologin) {
strproc(username);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
if ((!strcasecmp(username, "bbs")) ||
(!strcasecmp(username, "new")) ||
(!strcasecmp(username, "."))) {
- cprintf("%d '%s' is an invalid login name.\n", ERROR, username);
+ cprintf("%d '%s' is an invalid login name.\n", ERROR + ILLEGAL_VALUE, username);
return;
}
ERROR + INTERNAL_ERROR);
return;
} else {
- cprintf("%d unknown error\n", ERROR);
+ cprintf("%d unknown error\n", ERROR + INTERNAL_ERROR);
}
}
return;
}
if ( (CC->user.uid != BBSUID) && (CC->user.uid != (-1)) ) {
- cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR);
+ cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE);
return;
}
strproc(new_pw);
return;
}
lgetuser(&CC->user, CC->curr_user);
- strcpy(CC->user.password, new_pw);
+ safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password));
lputuser(&CC->user);
cprintf("%d Password changed.\n", CIT_OK);
lprintf(3, "Password changed for user <%s>\n", CC->curr_user);
/*
- * cmd_creu() - administratively create a new user account (do not log in to it)
+ * cmd_creu() - administratively create a new user account (do not log in to it)
*/
void cmd_creu(char *cmdbuf)
{
int a;
char username[SIZ];
+ char password[SIZ];
+ struct ctdluser tmp;
if (CtdlAccessCheck(ac_aide)) {
return;
}
extract(username, cmdbuf, 0);
+ extract(password, cmdbuf, 1);
username[25] = 0;
+ password[31] = 0;
strproc(username);
+ strproc(password);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
a = create_user(username, 0);
if (a == 0) {
- cprintf("%d ok\n", CIT_OK);
+ if (strlen(password) > 0) {
+ lgetuser(&tmp, username);
+ safestrncpy(tmp.password, password, sizeof(tmp.password));
+ lputuser(&tmp);
+ }
+ cprintf("%d User '%s' created %s.\n", CIT_OK, username,
+ (strlen(password) > 0) ? "and password set" :
+ "with no password");
return;
} else if (a == ERROR + ALREADY_EXISTS) {
cprintf("%d '%s' already exists.\n",
ERROR + ALREADY_EXISTS, username);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR);
+ cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}
return;
if (num_parms(new_parms) < 3) {
- cprintf("%d Usage error.\n", ERROR);
+ cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
return;
}
lgetuser(&CC->user, CC->curr_user);
{
long newlr;
struct visit vbuf;
+ struct visit original_vbuf;
if (CtdlAccessCheck(ac_logged_in)) {
return;
lgetuser(&CC->user, CC->curr_user);
CtdlGetRelationship(&vbuf, &CC->user, &CC->room);
+ memcpy(&original_vbuf, &vbuf, sizeof(struct visit));
vbuf.v_lastseen = newlr;
snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", newlr);
- CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
+
+ /* Only rewrite the record if it changed */
+ if ( (vbuf.v_lastseen != original_vbuf.v_lastseen)
+ || (strcmp(vbuf.v_seen, original_vbuf.v_seen)) ) {
+ CtdlSetRelationship(&vbuf, &CC->user, &CC->room);
+ }
lputuser(&CC->user);
cprintf("%d %ld\n", CIT_OK, newlr);
}
if (num_parms(argbuf) != 2) {
- cprintf("%d Invalid parameters\n", ERROR);
+ cprintf("%d Invalid parameters\n", ERROR + ILLEGAL_VALUE);
return;
}
target_msgnum = extract_long(argbuf, 0);
target_setting = extract_int(argbuf, 1);
- CtdlSetSeen(target_msgnum, target_setting);
+ CtdlSetSeen(target_msgnum, target_setting, ctdlsetseen_seen);
cprintf("%d OK\n", CIT_OK);
}
return;
}
- CtdlGetSeen(buf);
+ CtdlGetSeen(buf, ctdlsetseen_seen);
cprintf("%d %s\n", CIT_OK, buf);
}
void cmd_invt_kick(char *iuser, int op)
/* user name */
{ /* 1 = invite, 0 = kick out */
- struct user USscratch;
+ struct ctdluser USscratch;
char bbb[SIZ];
struct visit vbuf;
}
if (lgetuser(&USscratch, iuser) != 0) {
- cprintf("%d No such user.\n", ERROR);
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
}
CtdlGetRelationship(&vbuf, &USscratch, &CC->room);
cprintf("%d Ok\n", CIT_OK);
}
else {
- cprintf("%d You may not forget this room.\n", ERROR);
+ cprintf("%d You may not forget this room.\n", ERROR + NOT_HERE);
}
}
void cmd_gnur(void)
{
struct cdbdata *cdbus;
- struct user usbuf;
+ struct ctdluser usbuf;
if (CtdlAccessCheck(ac_aide)) {
return;
*/
cdb_rewind(CDB_USERS);
while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) {
- memset(&usbuf, 0, sizeof(struct user));
+ memset(&usbuf, 0, sizeof(struct ctdluser));
memcpy(&usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct user)) ?
- sizeof(struct user) : cdbus->len));
+ ((cdbus->len > sizeof(struct ctdluser)) ?
+ sizeof(struct ctdluser) : cdbus->len));
cdb_free(cdbus);
if ((usbuf.flags & US_NEEDVALID)
&& (usbuf.axlevel > 0)) {
{
char user[SIZ];
int newax;
- struct user userbuf;
+ struct ctdluser userbuf;
extract(user, v_args, 0);
newax = extract_int(v_args, 1);
/*
* Traverse the user file...
*/
-void ForEachUser(void (*CallBack) (struct user * EachUser, void *out_data),
+void ForEachUser(void (*CallBack) (struct ctdluser * EachUser, void *out_data),
void *in_data)
{
- struct user usbuf;
+ struct ctdluser usbuf;
struct cdbdata *cdbus;
cdb_rewind(CDB_USERS);
while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) {
- memset(&usbuf, 0, sizeof(struct user));
+ memset(&usbuf, 0, sizeof(struct ctdluser));
memcpy(&usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct user)) ?
- sizeof(struct user) : cdbus->len));
+ ((cdbus->len > sizeof(struct ctdluser)) ?
+ sizeof(struct ctdluser) : cdbus->len));
cdb_free(cdbus);
(*CallBack) (&usbuf, in_data);
}
/*
* List one user (this works with cmd_list)
*/
-void ListThisUser(struct user *usbuf, void *data)
+void ListThisUser(struct ctdluser *usbuf, void *data)
{
if (usbuf->axlevel > 0) {
if ((CC->user.axlevel >= 6)
*/
void cmd_qusr(char *who)
{
- struct user usbuf;
+ struct ctdluser usbuf;
if (getuser(&usbuf, who) == 0) {
cprintf("%d %s\n", CIT_OK, usbuf.fullname);
*/
void cmd_agup(char *cmdbuf)
{
- struct user usbuf;
+ struct ctdluser usbuf;
char requested_user[SIZ];
if (CtdlAccessCheck(ac_aide)) {
*/
void cmd_asup(char *cmdbuf)
{
- struct user usbuf;
+ struct ctdluser usbuf;
char requested_user[SIZ];
char notify[SIZ];
int np;
int num_newmsgs = 0;
int a;
char mailboxname[ROOMNAMELEN];
- struct room mailbox;
+ struct ctdlroom mailbox;
struct visit vbuf;
struct cdbdata *cdbfr;
long *msglist = NULL;
projects / citadel.git / blobdiff