X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fuser_ops.c;h=0a61cb0e28a01dc6c6b7788e7be1eab8b5f40332;hb=56e1a9496ac3e2445f44c5cdfee4b3b28134c65e;hp=3e28fec7cbd39ffc1eb0ad09d294b2a22550be22;hpb=e750a47a92b48dfa6faf63a61a71f103871c9e5b;p=citadel.git diff --git a/citadel/user_ops.c b/citadel/user_ops.c index 3e28fec7c..0a61cb0e2 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -1,7 +1,7 @@ /* * Server functions which perform operations on user objects. * - * Copyright (c) 1987-2011 by the citadel.org team + * Copyright (c) 1987-2017 by the citadel.org team * * This program is open source software; you can redistribute it and/or * modify it under the terms of the GNU General Public License, version 3. @@ -12,52 +12,17 @@ * GNU General Public License for more details. */ -#include "sysdep.h" -#include #include #include +#include "sysdep.h" #include -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_STAT_H #include -#endif - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include -#include #include -#include "auth.h" -#include "citadel.h" -#include "server.h" -#include "database.h" -#include "sysdep_decls.h" -#include "support.h" -#include "room_ops.h" #include "control.h" -#include "msgbase.h" -#include "config.h" +#include "support.h" #include "citserver.h" -#include "citadel_dirs.h" -#include "genstamp.h" -#include "threads.h" +#include "config.h" #include "citadel_ldap.h" -#include "context.h" #include "ctdl_module.h" #include "user_ops.h" #include "internet_addressing.h" @@ -67,24 +32,12 @@ int chkpwd_write_pipe[2]; int chkpwd_read_pipe[2]; - -/* - * getuser() - retrieve named user into supplied buffer. - * returns 0 on success - */ -int getuser(struct ctdluser *usbuf, char name[]) -{ - return CtdlGetUser(usbuf, name); -} - - /* * CtdlGetUser() - retrieve named user into supplied buffer. * returns 0 on success */ int CtdlGetUserLen(struct ctdluser *usbuf, const char *name, long len) { - char usernamekey[USERNAME_SIZE]; struct cdbdata *cdbus; @@ -115,6 +68,13 @@ int CtdlGetUser(struct ctdluser *usbuf, char *name) } +int CtdlLockGetCurrentUser(void) +{ + CitContext *CCC = CC; + return CtdlGetUserLen(&CCC->user, CCC->curr_user, cutuserkey(CCC->curr_user)); +} + + /* * CtdlGetUserLock() - same as getuser() but locks the record */ @@ -130,15 +90,6 @@ int CtdlGetUserLock(struct ctdluser *usbuf, char *name) } -/* - * lgetuser() - same as getuser() but locks the record - */ -int lgetuser(struct ctdluser *usbuf, char *name) -{ - return CtdlGetUserLock(usbuf, name); -} - - /* * CtdlPutUser() - write user buffer into the correct place on disk */ @@ -146,24 +97,15 @@ void CtdlPutUser(struct ctdluser *usbuf) { char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, - usbuf->fullname, - cutuserkey(usbuf->fullname)); - + makeuserkey(usernamekey, usbuf->fullname, cutuserkey(usbuf->fullname)); usbuf->version = REV_LEVEL; - cdb_store(CDB_USERS, - usernamekey, strlen(usernamekey), - usbuf, sizeof(struct ctdluser)); - + cdb_store(CDB_USERS, usernamekey, strlen(usernamekey), usbuf, sizeof(struct ctdluser)); } -/* - * putuser() - write user buffer into the correct place on disk - */ -void putuser(struct ctdluser *usbuf) +void CtdlPutCurrentUserLock() { - CtdlPutUser(usbuf); + CtdlPutUser(&CC->user); } @@ -177,15 +119,6 @@ void CtdlPutUserLock(struct ctdluser *usbuf) } -/* - * lputuser() - same as putuser() but locks the record - */ -void lputuser(struct ctdluser *usbuf) -{ - CtdlPutUserLock(usbuf); -} - - /* * rename_user() - this is tricky because the user's display name is the database key * @@ -224,16 +157,14 @@ int rename_user(char *oldname, char *newname) { else { /* Sanity checks succeeded. Now rename the user. */ if (usbuf.usernum == 0) { - CONM_syslog(LOG_DEBUG, "Can not rename user \"Citadel\".\n"); + syslog(LOG_DEBUG, "user_ops: can not rename user \"Citadel\"."); retcode = RENAMEUSER_NOT_FOUND; } else { - CON_syslog(LOG_DEBUG, "Renaming <%s> to <%s>\n", oldname, newname); + syslog(LOG_DEBUG, "user_ops: renaming <%s> to <%s>", oldname, newname); cdb_delete(CDB_USERS, oldnamekey, strlen(oldnamekey)); safestrncpy(usbuf.fullname, newname, sizeof usbuf.fullname); CtdlPutUser(&usbuf); - cdb_store(CDB_USERSBYNUMBER, &usbuf.usernum, sizeof(long), - usbuf.fullname, strlen(usbuf.fullname)+1 ); - + cdb_store(CDB_USERSBYNUMBER, &usbuf.usernum, sizeof(long), usbuf.fullname, strlen(usbuf.fullname)+1 ); retcode = RENAMEUSER_OK; } } @@ -245,7 +176,6 @@ int rename_user(char *oldname, char *newname) { } - /* * Index-generating function used by Ctdl[Get|Set]Relationship */ @@ -270,7 +200,6 @@ int GenerateRelationshipIndex(char *IndexBuf, } - /* * Back end for CtdlSetRelationship() */ @@ -281,10 +210,7 @@ void put_visit(visit *newvisit) memset (IndexBuf, 0, sizeof (IndexBuf)); /* Generate an index */ - IndexLen = GenerateRelationshipIndex(IndexBuf, - newvisit->v_roomnum, - newvisit->v_roomgen, - newvisit->v_usernum); + IndexLen = GenerateRelationshipIndex(IndexBuf, newvisit->v_roomnum, newvisit->v_roomgen, newvisit->v_usernum); /* Store the record */ cdb_store(CDB_VISIT, IndexBuf, IndexLen, @@ -293,8 +219,6 @@ void put_visit(visit *newvisit) } - - /* * Define a relationship between a user and a room */ @@ -302,8 +226,6 @@ void CtdlSetRelationship(visit *newvisit, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - - /* We don't use these in Citadel because they're implicit by the * index, but they must be present if the database is exported. */ @@ -314,6 +236,7 @@ void CtdlSetRelationship(visit *newvisit, put_visit(newvisit); } + /* * Locate a relationship between a user and a room */ @@ -321,7 +244,6 @@ void CtdlGetRelationship(visit *vbuf, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - char IndexBuf[32]; int IndexLen; struct cdbdata *cdbvisit; @@ -378,7 +300,7 @@ int CtdlCheckInternetMailPermission(struct ctdluser *who) { if (who->axlevel <= AxProbU) return(0); /* Globally enabled? */ - if (config.c_restrict == 0) return(1); + if (CtdlGetConfigInt("c_restrict") == 0) return(1); /* User flagged ok? */ if (who->flags & US_INTERNET) return(2); @@ -391,6 +313,46 @@ int CtdlCheckInternetMailPermission(struct ctdluser *who) { } +/* + * Convenience function. + */ +int CtdlAccessCheck(int required_level) +{ + if (CC->internal_pgm) return(0); + if (required_level >= ac_internal) { + cprintf("%d This is not a user-level command.\n", ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + if ((required_level >= ac_logged_in_or_guest) && (CC->logged_in == 0) && (CtdlGetConfigInt("c_guest_logins") == 0)) { + cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); + return(-1); + } + + if ((required_level >= ac_logged_in) && (CC->logged_in == 0)) { + cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); + return(-1); + } + + if (CC->user.axlevel >= AxAideU) return(0); + if (required_level >= ac_aide) { + cprintf("%d This command requires Admin access.\n", + ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + if (is_room_aide()) return(0); + if (required_level >= ac_room_aide) { + cprintf("%d This command requires Admin or Room Admin access.\n", + ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + /* shhh ... succeed quietly */ + return(0); +} + + /* * Is the user currently logged in an Admin? */ @@ -421,6 +383,7 @@ int is_room_aide(void) } } + /* * CtdlGetUserByNumber() - get user by number * returns 0 if user was found @@ -434,28 +397,16 @@ int CtdlGetUserByNumber(struct ctdluser *usbuf, long number) cdbun = cdb_fetch(CDB_USERSBYNUMBER, &number, sizeof(long)); if (cdbun == NULL) { - CON_syslog(LOG_INFO, "User %ld not found\n", number); + syslog(LOG_INFO, "user_ops: %ld not found", number); return(-1); } - CON_syslog(LOG_INFO, "User %ld maps to %s\n", number, cdbun->ptr); + syslog(LOG_INFO, "user_ops: %ld maps to %s", number, cdbun->ptr); r = CtdlGetUser(usbuf, cdbun->ptr); cdb_free(cdbun); return(r); } -/* - * getuserbynumber() - get user by number - * returns 0 if user was found - * - * Note: fetching a user this way requires one additional database operation. - */ -int getuserbynumber(struct ctdluser *usbuf, long number) -{ - return CtdlGetUserByNumber(usbuf, number); -} - - /* * Helper function for rebuild_usersbynumber() @@ -487,10 +438,8 @@ void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { } while (u != NULL) { - CON_syslog(LOG_DEBUG, "Rebuilding usersbynumber index %10ld : %s\n", - u->usernum, u->username); + syslog(LOG_DEBUG, "user_ops: rebuilding usersbynumber index %10ld : %s", u->usernum, u->username); cdb_store(CDB_USERSBYNUMBER, &u->usernum, sizeof(long), u->username, strlen(u->username)+1); - ptr = u; u = u->next; free(ptr); @@ -498,7 +447,6 @@ void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { } - /* * Rebuild the users-by-number index */ @@ -509,7 +457,6 @@ void rebuild_usersbynumber(void) { } - /* * getuserbyuid() - get user by system uid (for PAM mode authentication) * returns 0 if user was found @@ -537,6 +484,7 @@ int getuserbyuid(struct ctdluser *usbuf, uid_t number) return (-1); } + /* * Back end for cmd_user() and its ilk * @@ -548,7 +496,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) int found_user; long len; - CON_syslog(LOG_DEBUG, "CtdlLoginExistingUser(%s, %s)\n", authname, trythisname); + syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname); if ((CC->logged_in)) { return login_already_logged_in; @@ -558,16 +506,18 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) if (!strncasecmp(trythisname, "SYS_", 4)) { - CON_syslog(LOG_DEBUG, "System user \"%s\" is not allowed to log in.\n", trythisname); + syslog(LOG_DEBUG, "user_ops: system user \"%s\" is not allowed to log in.", trythisname); return login_not_found; } /* If a "master user" is defined, handle its authentication if specified */ CC->is_master = 0; - if (strlen(config.c_master_user) > 0) if (strlen(config.c_master_pass) > 0) if (authname) { - if (!strcasecmp(authname, config.c_master_user)) { - CC->is_master = 1; - } + if ( (!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && + (!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) && + (authname != NULL) && + (!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) ) + { + CC->is_master = 1; } /* Continue attempting user validation... */ @@ -579,7 +529,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) return login_not_found; } - if (config.c_auth_mode == AUTHMODE_HOST) { + if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -587,21 +537,21 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) struct passwd *tempPwdPtr; char pwdbuffer[256]; - CON_syslog(LOG_DEBUG, "asking host about <%s>\n", username); + syslog(LOG_DEBUG, "user_ops: asking host about <%s>", username); #ifdef HAVE_GETPWNAM_R #ifdef SOLARIS_GETPWUID - CON_syslog(LOG_DEBUG, "Calling getpwnam_r()\n"); + syslog(LOG_DEBUG, "user_ops: calling getpwnam_r()"); tempPwdPtr = getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer); #else // SOLARIS_GETPWUID - CONM_syslog(LOG_DEBUG, "Calling getpwnam_r()\n"); + syslog(LOG_DEBUG, "user_ops: calling getpwnam_r()"); getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer, &tempPwdPtr); #endif // SOLARIS_GETPWUID #else // HAVE_GETPWNAM_R - CON_syslog(LOG_DEBUG, "SHOULD NEVER GET HERE!!!\n"); + syslog(LOG_DEBUG, "user_ops: SHOULD NEVER GET HERE!!!"); tempPwdPtr = NULL; #endif // HAVE_GETPWNAM_R if (tempPwdPtr == NULL) { - CON_syslog(LOG_DEBUG, "no such user <%s>\n", username); + syslog(LOG_DEBUG, "user_ops: no such user <%s>", username); return login_not_found; } @@ -609,8 +559,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) * If not found, make one attempt to create it. */ found_user = getuserbyuid(&CC->user, pd.pw_uid); - CON_syslog(LOG_DEBUG, "found it: uid=%ld, gecos=%s here: %d\n", - (long)pd.pw_uid, pd.pw_gecos, found_user); + syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user); if (found_user != 0) { len = cutuserkey(username); create_user(username, len, 0); @@ -620,7 +569,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) } #ifdef HAVE_LDAP - else if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { + else if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { /* LDAP auth mode */ @@ -628,7 +577,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) char ldap_cn[256]; char ldap_dn[256]; - found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid); + found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid, 0); if (found_user != 0) { return login_not_found; } @@ -650,7 +599,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) else { /* native auth mode */ - struct recptypes *valid = NULL; + recptypes *valid = NULL; /* First, try to log in as if the supplied name is a display name */ found_user = CtdlGetUser(&CC->user, username); @@ -674,8 +623,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) if (((CC->nologin)) && (CC->user.axlevel < AxAideU)) { return login_too_many_users; } else { - safestrncpy(CC->curr_user, CC->user.fullname, - sizeof CC->curr_user); + safestrncpy(CC->curr_user, CC->user.fullname, sizeof CC->curr_user); return login_ok; } } @@ -683,9 +631,6 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) } - - - /* * session startup code which is common to both cmd_pass() and cmd_newu() */ @@ -694,7 +639,7 @@ void do_login(void) struct CitContext *CCC = CC; CCC->logged_in = 1; - CON_syslog(LOG_NOTICE, "<%s> logged in\n", CCC->curr_user); + syslog(LOG_NOTICE, "user_ops: <%s> logged in", CCC->curr_user); CtdlGetUserLock(&CCC->user, CCC->curr_user); ++(CCC->user.timescalled); @@ -704,29 +649,53 @@ void do_login(void) /* If this user's name is the name of the system administrator * (as specified in setup), automatically assign access level 6. */ - if (!strcasecmp(CCC->user.fullname, config.c_sysadm)) { + if (!strcasecmp(CCC->user.fullname, CtdlGetConfigStr("c_sysadm"))) { CCC->user.axlevel = AxAideU; } /* If we're authenticating off the host system, automatically give * root the highest level of access. */ - if (config.c_auth_mode == AUTHMODE_HOST) { + if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { if (CCC->user.uid == 0) { CCC->user.axlevel = AxAideU; } } + /* + * If we are using LDAP authentication, extract the user's email addresses from the directory. + * FIXME make this a site configurable setting + */ + #ifdef HAVE_LDAP + if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { + char new_emailaddrs[512]; + if (extract_email_addresses_from_ldap(CCC->ldap_dn, new_emailaddrs) == 0) { + strcpy(CCC->user.emailaddrs, new_emailaddrs); + } + } + #endif + + /* + * No email address for user? Make one up. + */ + if (IsEmptyStr(CCC->user.emailaddrs)) { + sprintf(CCC->user.emailaddrs, "cit%ld@%s", CCC->user.usernum, CtdlGetConfigStr("c_fqdn")); + } + CtdlPutUserLock(&CCC->user); /* - * Populate CCC->cs_inet_email with a default address. This will be - * overwritten with the user's directory address, if one exists, when - * the vCard module's login hook runs. + * Populate cs_inet_email and cs_inet_other_emails with valid email addresses from the user record */ - snprintf(CCC->cs_inet_email, sizeof CCC->cs_inet_email, "%s@%s", - CCC->user.fullname, config.c_fqdn); - convert_spaces_to_underscores(CCC->cs_inet_email); + strcpy(CCC->cs_inet_email, CCC->user.emailaddrs); + char *firstsep = strstr(CCC->cs_inet_email, "|"); + if (firstsep) { + strcpy(CCC->cs_inet_other_emails, firstsep+1); + *firstsep = 0; + } + else { + CCC->cs_inet_other_emails[0] = 0; + } /* Create any personal rooms required by the system. * (Technically, MAILROOM should be there already, but just in case...) @@ -740,7 +709,7 @@ void do_login(void) PerformSessionHooks(EVT_LOGIN); /* Enter the lobby */ - CtdlUserGoto(config.c_baseroom, 0, 0, NULL, NULL); + CtdlUserGoto(CtdlGetConfigStr("c_baseroom"), 0, 0, NULL, NULL, NULL, NULL); } @@ -750,18 +719,16 @@ void logged_in_response(void) CIT_OK, CC->user.fullname, CC->user.axlevel, CC->user.timescalled, CC->user.posted, CC->user.flags, CC->user.usernum, - CC->previous_login); + CC->previous_login + ); } - void CtdlUserLogout(void) { CitContext *CCC = MyContext(); - CON_syslog(LOG_DEBUG, "CtdlUserLogout() logging out <%s> from session %d", - CCC->curr_user, CCC->cs_pid - ); + syslog(LOG_DEBUG, "user_ops: CtdlUserLogout() logging out <%s> from session %d", CCC->curr_user, CCC->cs_pid); /* Run any hooks registered by modules... */ PerformSessionHooks(EVT_LOGOUT); @@ -778,8 +745,9 @@ void CtdlUserLogout(void) CCC->logged_in = 0; /* Check to see if the user was deleted whilst logged in and purge them if necessary */ - if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) + if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) { purge_user(CCC->user.fullname); + } /* Clear out the user record in memory so we don't behave like a ghost */ memset(&CCC->user, 0, sizeof(struct ctdluser)); @@ -791,7 +759,6 @@ void CtdlUserLogout(void) CCC->fake_username[0] = 0; CCC->fake_hostname[0] = 0; CCC->fake_roomname[0] = 0; - /* Free any output buffers */ unbuffer_output(); @@ -807,42 +774,43 @@ static int validpw(uid_t uid, const char *pass) int rv = 0; if (IsEmptyStr(pass)) { - CON_syslog(LOG_DEBUG, "Refusing to chkpwd for uid=%d with empty password.\n", uid); + syslog(LOG_DEBUG, "user_ops: refusing to chkpwd for uid=%d with empty password", uid); return 0; } - CON_syslog(LOG_DEBUG, "Validating password for uid=%d using chkpwd...\n", uid); + syslog(LOG_DEBUG, "user_ops: validating password for uid=%d using chkpwd...", uid); begin_critical_section(S_CHKPWD); rv = write(chkpwd_write_pipe[1], &uid, sizeof(uid_t)); if (rv == -1) { - CON_syslog(LOG_EMERG, "Communicatino with chkpwd broken: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } rv = write(chkpwd_write_pipe[1], pass, 256); if (rv == -1) { - CON_syslog(LOG_EMERG, "Communicatino with chkpwd broken: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } rv = read(chkpwd_read_pipe[0], buf, 4); if (rv == -1) { - CON_syslog(LOG_EMERG, "Communicatino with chkpwd broken: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: ommunication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } end_critical_section(S_CHKPWD); if (!strncmp(buf, "PASS", 4)) { - CONM_syslog(LOG_DEBUG, "...pass\n"); + syslog(LOG_DEBUG, "user_ops: chkpwd pass"); return(1); } - CONM_syslog(LOG_DEBUG, "...fail\n"); + syslog(LOG_DEBUG, "user_ops: chkpwd fail"); return 0; } + /* * Start up the chkpwd daemon so validpw() has something to talk to */ @@ -851,37 +819,32 @@ void start_chkpwd_daemon(void) { struct stat filestats; int i; - CONM_syslog(LOG_DEBUG, "Starting chkpwd daemon for host authentication mode\n"); + syslog(LOG_DEBUG, "user_ops: starting chkpwd daemon for host authentication mode"); - if ((stat(file_chkpwd, &filestats)==-1) || - (filestats.st_size==0)){ - printf("didn't find chkpwd daemon in %s: %s\n", file_chkpwd, strerror(errno)); + if ((stat(file_chkpwd, &filestats)==-1) || (filestats.st_size==0)) { + syslog(LOG_ERR, "user_ops: %s: %m", file_chkpwd); abort(); } if (pipe(chkpwd_write_pipe) != 0) { - CON_syslog(LOG_EMERG, "Unable to create pipe for chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } if (pipe(chkpwd_read_pipe) != 0) { - CON_syslog(LOG_EMERG, "Unable to create pipe for chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } chkpwd_pid = fork(); if (chkpwd_pid < 0) { - CON_syslog(LOG_EMERG, "Unable to fork chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to fork chkpwd daemon: %m"); abort(); } if (chkpwd_pid == 0) { - CONM_syslog(LOG_DEBUG, "Now calling dup2() write\n"); dup2(chkpwd_write_pipe[0], 0); - CONM_syslog(LOG_DEBUG, "Now calling dup2() write\n"); dup2(chkpwd_read_pipe[1], 1); - CONM_syslog(LOG_DEBUG, "Now closing stuff\n"); for (i=2; i<256; ++i) close(i); - CON_syslog(LOG_DEBUG, "Now calling execl(%s)\n", file_chkpwd); execl(file_chkpwd, file_chkpwd, NULL); - CON_syslog(LOG_EMERG, "Unable to exec chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to exec chkpwd daemon: %m"); abort(); exit(errno); } @@ -894,27 +857,27 @@ int CtdlTryPassword(const char *password, long len) CitContext *CCC = CC; if ((CCC->logged_in)) { - CONM_syslog(LOG_WARNING, "CtdlTryPassword: already logged in\n"); + syslog(LOG_WARNING, "user_ops: CtdlTryPassword: already logged in"); return pass_already_logged_in; } if (!strcmp(CCC->curr_user, NLI)) { - CONM_syslog(LOG_WARNING, "CtdlTryPassword: no user selected\n"); + syslog(LOG_WARNING, "user_ops: CtdlTryPassword: no user selected"); return pass_no_user; } if (CtdlGetUser(&CCC->user, CCC->curr_user)) { - CONM_syslog(LOG_ERR, "CtdlTryPassword: internal error\n"); + syslog(LOG_ERR, "user_ops: CtdlTryPassword: internal error"); return pass_internal_error; } if (password == NULL) { - CONM_syslog(LOG_INFO, "CtdlTryPassword: NULL password string supplied\n"); + syslog(LOG_INFO, "user_ops: CtdlTryPassword: NULL password string supplied"); return pass_wrong_password; } if (CCC->is_master) { - code = strcmp(password, config.c_master_pass); + code = strcmp(password, CtdlGetConfigStr("c_master_pass")); } - else if (config.c_auth_mode == AUTHMODE_HOST) { + else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -936,7 +899,6 @@ int CtdlTryPassword(const char *password, long len) /* * (sooper-seekrit hack ends here) */ - } else { code = (-1); @@ -944,7 +906,7 @@ int CtdlTryPassword(const char *password, long len) } #ifdef HAVE_LDAP - else if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { + else if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { /* LDAP auth mode */ @@ -978,30 +940,25 @@ int CtdlTryPassword(const char *password, long len) if (!code) { do_login(); return pass_ok; - } else { - CON_syslog(LOG_WARNING, "Bad password specified for <%s> Service <%s> Port <%ld> Remote <%s / %s>\n", - CCC->curr_user, - CCC->ServiceName, - CCC->tcp_port, - CCC->cs_host, - CCC->cs_addr); - - -//citserver[5610]: Bad password specified for Service Remote - + } + else { + syslog(LOG_WARNING, "user_ops: bad password specified for <%s> Service <%s> Port <%ld> Remote <%s / %s>", + CCC->curr_user, + CCC->ServiceName, + CCC->tcp_port, + CCC->cs_host, + CCC->cs_addr + ); return pass_wrong_password; } } - - /* * Delete a user record *and* all of its related resources. */ int purge_user(char pname[]) { - char filename[64]; struct ctdluser usbuf; char usernamekey[USERNAME_SIZE]; @@ -1012,7 +969,7 @@ int purge_user(char pname[]) return (ERROR + NO_SUCH_USER); if (CtdlGetUser(&usbuf, pname) != 0) { - CON_syslog(LOG_ERR, "Cannot purge user <%s> - not found\n", pname); + syslog(LOG_ERR, "user_ops: cannot purge user <%s> - not found", pname); return (ERROR + NO_SUCH_USER); } /* Don't delete a user who is currently logged in. Instead, just @@ -1020,12 +977,12 @@ int purge_user(char pname[]) * during the next purge. */ if (CtdlIsUserLoggedInByNum(usbuf.usernum)) { - CON_syslog(LOG_WARNING, "User <%s> is logged in; not deleting.\n", pname); + syslog(LOG_WARNING, "user_ops: <%s> is logged in; not deleting", pname); usbuf.axlevel = AxDeleted; CtdlPutUser(&usbuf); return (1); } - CON_syslog(LOG_NOTICE, "Deleting user <%s>\n", pname); + syslog(LOG_NOTICE, "user_ops: deleting <%s>", pname); /* * FIXME: @@ -1034,7 +991,7 @@ int purge_user(char pname[]) * That would truly mess things up :-( * I would like to see the S_USERS start before the CtdlIsUserLoggedInByNum() above * and end after the user has been deleted from the database, below. - * Question is should we enter the EVT_PURGEUSER whilst S_USERS is active? + * Question is should we enter the EVT_PURGEUSER while S_USERS is active? */ /* Perform any purge functions registered by server extensions */ @@ -1049,22 +1006,6 @@ int purge_user(char pname[]) /* delete the userlog entry */ cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey)); - /* remove the user's bio file */ - snprintf(filename, - sizeof filename, - "%s/%ld", - ctdl_bio_dir, - usbuf.usernum); - unlink(filename); - - /* remove the user's picture */ - snprintf(filename, - sizeof filename, - "%s/%ld.gif", - ctdl_image_dir, - usbuf.usernum); - unlink(filename); - return (0); } @@ -1086,7 +1027,7 @@ int internal_create_user (const char *username, long len, struct ctdluser *usbuf usbuf->timescalled = 0; usbuf->posted = 0; - usbuf->axlevel = config.c_initax; + usbuf->axlevel = CtdlGetConfigInt("c_initax"); usbuf->lastcall = time(NULL); /* fetch a new user number */ @@ -1100,7 +1041,6 @@ int internal_create_user (const char *username, long len, struct ctdluser *usbuf } - /* * create_user() - back end processing to create a new user * @@ -1117,13 +1057,11 @@ int create_user(const char *newusername, long len, int become_user) char buf[SIZ]; int retval; uid_t uid = (-1); - safestrncpy(username, newusername, sizeof username); strproc(username); - - if (config.c_auth_mode == AUTHMODE_HOST) { + if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -1155,8 +1093,8 @@ int create_user(const char *newusername, long len, int become_user) } #ifdef HAVE_LDAP - if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { - if (CtdlTryUserLDAP(username, NULL, 0, username, sizeof username, &uid) != 0) { + if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { + if (CtdlTryUserLDAP(username, NULL, 0, username, sizeof username, &uid, 0) != 0) { return(ERROR + NO_SUCH_USER); } } @@ -1205,12 +1143,11 @@ int create_user(const char *newusername, long len, int become_user) CC->cs_addr ); CtdlAideMessage(buf, "User Creation Notice"); - CON_syslog(LOG_NOTICE, "New user <%s> created\n", username); + syslog(LOG_NOTICE, "user_ops: <%s> created", username); return (0); } - /* * set password - back end api code */ @@ -1219,13 +1156,11 @@ void CtdlSetPassword(char *new_pw) CtdlGetUserLock(&CC->user, CC->curr_user); safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password)); CtdlPutUserLock(&CC->user); - CON_syslog(LOG_INFO, "Password changed for user <%s>\n", CC->curr_user); + syslog(LOG_INFO, "user_ops: password changed for <%s>", CC->curr_user); PerformSessionHooks(EVT_SETPASS); } - - /* * API function for cmd_invt_kick() and anything else that needs to * invite or kick out a user to/from a room. @@ -1273,7 +1208,7 @@ int CtdlForgetThisRoom(void) { visit vbuf; /* On some systems, Admins are not allowed to forget rooms */ - if (is_aide() && (config.c_aide_zap == 0) + if (is_aide() && (CtdlGetConfigInt("c_aide_zap") == 0) && ((CC->room.QRflags & QR_MAILBOX) == 0) ) { return(1); } @@ -1288,14 +1223,12 @@ int CtdlForgetThisRoom(void) { CtdlPutUserLock(&CC->user); /* Return to the Lobby, so we don't end up in an undefined room */ - CtdlUserGoto(config.c_baseroom, 0, 0, NULL, NULL); + CtdlUserGoto(CtdlGetConfigStr("c_baseroom"), 0, 0, NULL, NULL, NULL, NULL); return(0); } - - /* * Traverse the user file... */ @@ -1346,8 +1279,6 @@ void ListThisUser(struct ctdluser *usbuf, void *data) } - - /* * Count the number of new mail messages the user has */ @@ -1402,7 +1333,3 @@ int InitialMailCheck() return (num_newmsgs); } - - - -