struct cdbdata *cdbus;
int using_sysuser = 0;
- memset(usbuf, 0, sizeof(struct ctdluser));
+ if (usbuf != NULL) {
+ memset(usbuf, 0, sizeof(struct ctdluser));
+ }
#ifdef ENABLE_AUTOLOGIN
if (CtdlAssociateSystemUser(sysuser_name, name) == 0) {
if (cdbus == NULL) { /* user not found */
return(1);
}
- memcpy(usbuf, cdbus->ptr,
- ((cdbus->len > sizeof(struct ctdluser)) ?
- sizeof(struct ctdluser) : cdbus->len));
+ if (usbuf != NULL) {
+ memcpy(usbuf, cdbus->ptr,
+ ((cdbus->len > sizeof(struct ctdluser)) ?
+ sizeof(struct ctdluser) : cdbus->len));
+ }
cdb_free(cdbus);
return (0);
struct recptypes *valid = NULL;
if (trythisname == NULL) return login_not_found;
- safestrncpy(username, trythisname, sizeof username);
- strproc(username);
+ safestrncpy(username, trythisname, USERNAME_SIZE);
+ striplt(username);
if ((CC->logged_in)) {
return login_already_logged_in;
* is an e-mail address
*/
if (found_user != 0) {
- valid = validate_recipients(trythisname);
+ valid = validate_recipients(username);
if (valid != NULL) {
if (valid->num_local == 1) {
found_user = getuser(&CC->user,
valid->recp_local);
}
- phree(valid);
+ free(valid);
+ }
+ }
+
+#ifdef ENABLE_AUTOLOGIN
+ /* If we haven't found the account yet, and the supplied name
+ * is a login name on the underlying host system, create the
+ * account.
+ */
+ if (found_user != 0) {
+ struct passwd *p = (struct passwd *) getpwnam(username);
+
+ if (p != NULL) {
+ create_user(username, 0);
+ found_user = getuser(&CC->user, username);
}
}
+#endif /* ENABLE_AUTOLOGIN */
/* Did we find something? */
if (found_user == 0) {
*/
void cmd_user(char *cmdbuf)
{
- char username[SIZ];
+ char username[256];
int a;
- extract(username, cmdbuf, 0);
+ extract_token(username, cmdbuf, 0, '|', sizeof username);
striplt(username);
a = CtdlLoginExistingUser(username);
switch (a) {
case login_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case login_too_many_users:
cprintf("%d %s: "
MORE_DATA, CC->curr_user);
return;
case login_not_found:
- cprintf("%d %s not found.\n", ERROR, username);
+ cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER, username);
return;
- cprintf("%d Internal error\n", ERROR);
+ default:
+ cprintf("%d Internal error\n", ERROR + INTERNAL_ERROR);
}
}
{
int i;
- lprintf(3, "Session %d: %s logged in",
- CC->cs_pid, CC->curr_user);
+ lprintf(CTDL_NOTICE, "<%s> logged in\n", CC->curr_user);
lgetuser(&CC->user, CC->curr_user);
++(CC->user.timescalled);
/* Create any personal rooms required by the system.
* (Technically, MAILROOM should be there already, but just in case...)
*/
- create_room(MAILROOM, 4, "", 0, 1, 0);
- create_room(SENTITEMS, 4, "", 0, 1, 0);
+ create_room(MAILROOM, 4, "", 0, 1, 0, VIEW_MAILBOX);
+ create_room(SENTITEMS, 4, "", 0, 1, 0, VIEW_MAILBOX);
/* Run any startup routines registered by loadable modules */
PerformSessionHooks(EVT_LOGIN);
char buf[24];
if (pipe(pipev)) {
- lprintf(1, "pipe failed (%s): denying autologin access for "
+ lprintf(CTDL_ERR, "pipe failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
return 0;
}
switch (pid = fork()) {
case -1:
- lprintf(1, "fork failed (%s): denying autologin access for "
+ lprintf(CTDL_ERR, "fork failed (%s): denying autologin access for "
"uid %ld\n", strerror(errno), (long)uid);
close(pipev[0]);
close(pipev[1]);
}
close(pipev[0]);
- execl(BBSDIR "/chkpwd", BBSDIR "/chkpwd", NULL);
- perror(BBSDIR "/chkpwd");
+ execl(CTDLDIR "/chkpwd", CTDLDIR "/chkpwd", NULL);
+ perror(CTDLDIR "/chkpwd");
exit(1);
}
while (waitpid(pid, &status, 0) == -1)
if (errno != EINTR) {
- lprintf(1, "waitpid failed (%s): denying autologin "
+ lprintf(CTDL_ERR, "waitpid failed (%s): denying autologin "
"access for uid %ld\n",
strerror(errno), (long)uid);
return 0;
int code;
if ((CC->logged_in)) {
- lprintf(5, "CtdlTryPassword: already logged in\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: already logged in\n");
return pass_already_logged_in;
}
if (!strcmp(CC->curr_user, NLI)) {
- lprintf(5, "CtdlTryPassword: no user selected\n");
+ lprintf(CTDL_WARNING, "CtdlTryPassword: no user selected\n");
return pass_no_user;
}
if (getuser(&CC->user, CC->curr_user)) {
- lprintf(5, "CtdlTryPassword: internal error\n");
+ lprintf(CTDL_ERR, "CtdlTryPassword: internal error\n");
return pass_internal_error;
}
if (password == NULL) {
- lprintf(5, "CtdlTryPassword: NULL password string supplied\n");
+ lprintf(CTDL_INFO, "CtdlTryPassword: NULL password string supplied\n");
return pass_wrong_password;
}
code = (-1);
#ifdef ENABLE_AUTOLOGIN
- /* A uid of BBSUID or -1 indicates that this user exists only in
+ /* A uid of CTDLUID or -1 indicates that this user exists only in
* Citadel, not in the underlying operating system.
*/
- if ( (CC->user.uid == BBSUID) || (CC->user.uid == (-1)) ) {
+ if ( (CC->user.uid == CTDLUID) || (CC->user.uid == (-1)) ) {
strproc(password);
strproc(CC->user.password);
code = strcasecmp(CC->user.password, password);
do_login();
return pass_ok;
} else {
- lprintf(3, "Bad password specified for <%s>\n", CC->curr_user);
+ lprintf(CTDL_WARNING, "Bad password specified for <%s>\n", CC->curr_user);
return pass_wrong_password;
}
}
void cmd_pass(char *buf)
{
- char password[SIZ];
+ char password[256];
int a;
- extract(password, buf, 0);
+ extract_token(password, buf, 0, '|', sizeof password);
a = CtdlTryPassword(password);
switch (a) {
case pass_already_logged_in:
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
case pass_no_user:
cprintf("%d You must send a name with USER first.\n",
- ERROR);
+ ERROR + USERNAME_REQUIRED);
return;
case pass_wrong_password:
- cprintf("%d Wrong password.\n", ERROR);
+ cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED);
return;
case pass_ok:
logged_in_response();
return;
- cprintf("%d Can't find user record!\n",
- ERROR + INTERNAL_ERROR);
}
}
makeuserkey(usernamekey, pname);
if (getuser(&usbuf, pname) != 0) {
- lprintf(5, "Cannot purge user <%s> - not found\n", pname);
+ lprintf(CTDL_ERR, "Cannot purge user <%s> - not found\n", pname);
return (ERROR + NO_SUCH_USER);
}
/* Don't delete a user who is currently logged in. Instead, just
}
end_critical_section(S_SESSION_TABLE);
if (user_is_logged_in == 1) {
- lprintf(5, "User <%s> is logged in; not deleting.\n", pname);
+ lprintf(CTDL_WARNING, "User <%s> is logged in; not deleting.\n", pname);
usbuf.axlevel = 0;
putuser(&usbuf);
return (1);
}
- lprintf(5, "Deleting user <%s>\n", pname);
+ lprintf(CTDL_NOTICE, "Deleting user <%s>\n", pname);
/* Perform any purge functions registered by server extensions */
- PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
+ PerformUserHooks(&usbuf, EVT_PURGEUSER);
/* delete any existing user/room relationships */
cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
{
struct ctdluser usbuf;
struct ctdlroom qrbuf;
- struct passwd *p = NULL;
- char username[SIZ];
+ char username[256];
char mailboxname[ROOMNAMELEN];
uid_t uid;
strproc(username);
#ifdef ENABLE_AUTOLOGIN
- p = (struct passwd *) getpwnam(username);
- if (p != NULL) {
- extract_token(username, p->pw_gecos, 0, ',');
- uid = p->pw_uid;
- } else {
- uid = (-1);
+ {
+ struct passwd *p = (struct passwd *) getpwnam(username);
+
+ if (p != NULL) {
+ extract_token(username, p->pw_gecos, 0, ',', sizeof username);
+ uid = p->pw_uid;
+ } else {
+ uid = (-1);
+ }
}
#else
uid = (-1);
* Make the latter an invisible system room.
*/
MailboxName(mailboxname, sizeof mailboxname, &usbuf, MAILROOM);
- create_room(mailboxname, 5, "", 0, 1, 1);
+ create_room(mailboxname, 5, "", 0, 1, 1, VIEW_MAILBOX);
MailboxName(mailboxname, sizeof mailboxname, &usbuf, USERCONFIGROOM);
- create_room(mailboxname, 5, "", 0, 1, 1);
+ create_room(mailboxname, 5, "", 0, 1, 1, VIEW_BBS);
if (lgetroom(&qrbuf, mailboxname) == 0) {
qrbuf.QRflags2 |= QR2_SYSTEM;
lputroom(&qrbuf);
}
+ /* Perform any create functions registered by server extensions */
+ PerformUserHooks(&usbuf, EVT_NEWUSER);
+
/* Everything below this line can be bypassed if administratively
- creating a user, instead of doing self-service account creation
+ * creating a user, instead of doing self-service account creation
*/
if (become_user) {
}
}
- lprintf(3, "New user <%s> created\n", username);
+ lprintf(CTDL_NOTICE, "New user <%s> created\n", username);
return (0);
}
void cmd_newu(char *cmdbuf)
{
int a;
- char username[SIZ];
+ char username[26];
if (config.c_disable_newu) {
cprintf("%d Self-service user account creation "
- "is disabled on this system.\n", ERROR);
+ "is disabled on this system.\n", ERROR + NOT_HERE);
return;
}
if (CC->logged_in) {
- cprintf("%d Already logged in.\n", ERROR);
+ cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
return;
}
if (CC->nologin) {
ERROR + MAX_SESSIONS_EXCEEDED,
config.c_nodename, config.c_maxsessions);
}
- extract(username, cmdbuf, 0);
+ extract_token(username, cmdbuf, 0, '|', sizeof username);
username[25] = 0;
strproc(username);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
if ((!strcasecmp(username, "bbs")) ||
(!strcasecmp(username, "new")) ||
(!strcasecmp(username, "."))) {
- cprintf("%d '%s' is an invalid login name.\n", ERROR, username);
+ cprintf("%d '%s' is an invalid login name.\n", ERROR + ILLEGAL_VALUE, username);
return;
}
ERROR + INTERNAL_ERROR);
return;
} else {
- cprintf("%d unknown error\n", ERROR);
+ cprintf("%d unknown error\n", ERROR + INTERNAL_ERROR);
}
}
if (CtdlAccessCheck(ac_logged_in)) {
return;
}
- if ( (CC->user.uid != BBSUID) && (CC->user.uid != (-1)) ) {
- cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR);
+ if ( (CC->user.uid != CTDLUID) && (CC->user.uid != (-1)) ) {
+ cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE);
return;
}
strproc(new_pw);
safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password));
lputuser(&CC->user);
cprintf("%d Password changed.\n", CIT_OK);
- lprintf(3, "Password changed for user <%s>\n", CC->curr_user);
+ lprintf(CTDL_INFO, "Password changed for user <%s>\n", CC->curr_user);
PerformSessionHooks(EVT_SETPASS);
}
void cmd_creu(char *cmdbuf)
{
int a;
- char username[SIZ];
- char password[SIZ];
+ char username[26];
+ char password[32];
struct ctdluser tmp;
if (CtdlAccessCheck(ac_aide)) {
return;
}
- extract(username, cmdbuf, 0);
- extract(password, cmdbuf, 1);
+ extract_token(username, cmdbuf, 0, '|', sizeof username);
+ extract_token(password, cmdbuf, 1, '|', sizeof password);
username[25] = 0;
password[31] = 0;
strproc(username);
strproc(password);
if (strlen(username) == 0) {
- cprintf("%d You must supply a user name.\n", ERROR);
+ cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
ERROR + ALREADY_EXISTS, username);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR);
+ cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}
return;
if (num_parms(new_parms) < 3) {
- cprintf("%d Usage error.\n", ERROR);
+ cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE);
return;
}
lgetuser(&CC->user, CC->curr_user);
}
if (num_parms(argbuf) != 2) {
- cprintf("%d Invalid parameters\n", ERROR);
+ cprintf("%d Invalid parameters\n", ERROR + ILLEGAL_VALUE);
return;
}
}
-
/*
- * INVT and KICK commands
+ * API function for cmd_invt_kick() and anything else that needs to
+ * invite or kick out a user to/from a room.
+ *
+ * Set iuser to the name of the user, and op to 1=invite or 0=kick
*/
-void cmd_invt_kick(char *iuser, int op)
- /* user name */
-{ /* 1 = invite, 0 = kick out */
+int CtdlInvtKick(char *iuser, int op) {
struct ctdluser USscratch;
- char bbb[SIZ];
struct visit vbuf;
+ char bbb[SIZ];
+
+ if (getuser(&USscratch, iuser) != 0) {
+ return(1);
+ }
+
+ CtdlGetRelationship(&vbuf, &USscratch, &CC->room);
+ if (op == 1) {
+ vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
+ vbuf.v_flags = vbuf.v_flags | V_ACCESS;
+ }
+ if (op == 0) {
+ vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
+ vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
+ }
+ CtdlSetRelationship(&vbuf, &USscratch, &CC->room);
+
+ /* post a message in Aide> saying what we just did */
+ snprintf(bbb, sizeof bbb, "%s %s %s> by %s\n",
+ iuser,
+ ((op == 1) ? "invited to" : "kicked out of"),
+ CC->room.QRname,
+ CC->user.fullname);
+ aide_message(bbb);
+
+ return(0);
+}
+
+
+/*
+ * INVT and KICK commands
+ */
+void cmd_invt_kick(char *iuser, int op) {
/*
* These commands are only allowed by aides, room aides,
return;
}
- if (lgetuser(&USscratch, iuser) != 0) {
- cprintf("%d No such user.\n", ERROR);
+ if (CtdlInvtKick(iuser, op) != 0) {
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
}
- CtdlGetRelationship(&vbuf, &USscratch, &CC->room);
-
- if (op == 1) {
- vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
- vbuf.v_flags = vbuf.v_flags | V_ACCESS;
- }
- if (op == 0) {
- vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
- vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
- }
- CtdlSetRelationship(&vbuf, &USscratch, &CC->room);
-
- lputuser(&USscratch);
-
- /* post a message in Aide> saying what we just did */
- snprintf(bbb, sizeof bbb, "%s %s %s> by %s\n",
- iuser,
- ((op == 1) ? "invited to" : "kicked out of"),
- CC->room.QRname,
- CC->user.fullname);
- aide_message(bbb);
cprintf("%d %s %s %s.\n",
CIT_OK, iuser,
cprintf("%d Ok\n", CIT_OK);
}
else {
- cprintf("%d You may not forget this room.\n", ERROR);
+ cprintf("%d You may not forget this room.\n", ERROR + NOT_HERE);
}
}
*/
void cmd_vali(char *v_args)
{
- char user[SIZ];
+ char user[128];
int newax;
struct ctdluser userbuf;
- extract(user, v_args, 0);
+ extract_token(user, v_args, 0, '|', sizeof user);
newax = extract_int(v_args, 1);
if (CtdlAccessCheck(ac_aide)) {
void cmd_agup(char *cmdbuf)
{
struct ctdluser usbuf;
- char requested_user[SIZ];
+ char requested_user[128];
if (CtdlAccessCheck(ac_aide)) {
return;
}
- extract(requested_user, cmdbuf, 0);
+ extract_token(requested_user, cmdbuf, 0, '|', sizeof requested_user);
if (getuser(&usbuf, requested_user) != 0) {
cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
void cmd_asup(char *cmdbuf)
{
struct ctdluser usbuf;
- char requested_user[SIZ];
+ char requested_user[128];
char notify[SIZ];
int np;
int newax;
if (CtdlAccessCheck(ac_aide))
return;
- extract(requested_user, cmdbuf, 0);
+ extract_token(requested_user, cmdbuf, 0, '|', sizeof requested_user);
if (lgetuser(&usbuf, requested_user) != 0) {
cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
return;
}
np = num_parms(cmdbuf);
if (np > 1)
- extract(usbuf.password, cmdbuf, 1);
+ extract_token(usbuf.password, cmdbuf, 1, '|', sizeof usbuf.password);
if (np > 2)
usbuf.flags = extract_int(cmdbuf, 2);
if (np > 3)
cdbfr = cdb_fetch(CDB_MSGLISTS, &mailbox.QRnumber, sizeof(long));
if (cdbfr != NULL) {
- msglist = mallok(cdbfr->len);
+ msglist = malloc(cdbfr->len);
memcpy(msglist, cdbfr->ptr, cdbfr->len);
num_msgs = cdbfr->len / sizeof(long);
cdb_free(cdbfr);
}
}
if (msglist != NULL)
- phree(msglist);
+ free(msglist);
return (num_newmsgs);
}