X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fuser_ops.c;h=168639ed91da8c3a93e6d84f2668e4c04c63b589;hb=03b525bdbd5fa51c1b5a56c5fdecfdb8200cb046;hp=32734200e55b19f633760e961e2c6943d8b24ee1;hpb=2bcd29b7be1638c9b3038556a2f2eabd4b0e3af3;p=citadel.git diff --git a/citadel/user_ops.c b/citadel/user_ops.c index 32734200e..168639ed9 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -1,7 +1,7 @@ /* * Server functions which perform operations on user objects. * - * Copyright (c) 1987-2017 by the citadel.org team + * Copyright (c) 1987-2019 by the citadel.org team * * This program is open source software; you can redistribute it and/or * modify it under the terms of the GNU General Public License, version 3. @@ -32,6 +32,41 @@ int chkpwd_write_pipe[2]; int chkpwd_read_pipe[2]; + +/* + * Figure out what this does and make it cleaner + */ +long cutuserkey(char *username) { + long len; + len = strlen(username); + if (len >= USERNAME_SIZE) + { + syslog(LOG_INFO, "Username too long: %s", username); + len = USERNAME_SIZE - 1; + username[len]='\0'; + } + return len; +} + + +/* + * makeuserkey() - convert a username into the format used as a database key + * (it's just the username converted into lower case) + */ +void makeuserkey(char *key, const char *username, long len) { + int i; + + if (len >= USERNAME_SIZE) + { + syslog(LOG_INFO, "Username too long: %s", username); + len = USERNAME_SIZE - 1; + } + for (i=0; i<=len; ++i) { + key[i] = tolower(username[i]); + } +} + + /* * CtdlGetUser() retrieve named user into supplied buffer. * returns 0 on success @@ -475,15 +510,13 @@ int getuserbyuid(struct ctdluser *usbuf, uid_t number) /* * Back end for cmd_user() and its ilk - * - * NOTE: "authname" should only be used if we are attempting to use the "master user" feature */ -int CtdlLoginExistingUser(char *authname, const char *trythisname) +int CtdlLoginExistingUser(const char *trythisname) { char username[SIZ]; int found_user; - syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname); + syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s)", trythisname); if ((CC->logged_in)) { return login_already_logged_in; @@ -497,16 +530,6 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) return login_not_found; } - /* If a "master user" is defined, handle its authentication if specified */ - CC->is_master = 0; - if ( (!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && - (!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) && - (authname != NULL) && - (!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) ) - { - CC->is_master = 1; - } - /* Continue attempting user validation... */ safestrncpy(username, trythisname, sizeof (username)); striplt(username); @@ -541,9 +564,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) return login_not_found; } - /* Locate the associated Citadel account. - * If not found, make one attempt to create it. - */ + /* Locate the associated Citadel account. If not found, make one attempt to create it. */ found_user = getuserbyuid(&CC->user, pd.pw_uid); if (found_user != 0) { create_user(username, CREATE_USER_DO_NOT_BECOME_USER, pd.pw_uid); @@ -634,9 +655,7 @@ void do_login(void) CC->user.axlevel = AxAideU; } - /* If we're authenticating off the host system, automatically give - * root the highest level of access. - */ + /* If we're authenticating off the host system, automatically give root the highest level of access. */ if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { if (CC->user.uid == 0) { CC->user.axlevel = AxAideU; @@ -644,9 +663,7 @@ void do_login(void) } CtdlPutUserLock(&CC->user); - /* - * If we are using LDAP authentication, extract the user's email addresses from the directory. - */ + /* If we are using LDAP authentication, extract the user's email addresses from the directory. */ #ifdef HAVE_LDAP if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { char new_emailaddrs[512]; @@ -658,11 +675,9 @@ void do_login(void) } #endif - /* - * No email address for user? Make one up. (Apparently this broke something in the past. What was it?) - */ + /* If the user does not have any email addresses assigned, generate one. */ if (IsEmptyStr(CC->user.emailaddrs)) { - sprintf(CC->user.emailaddrs, "cit%ld@%s", CC->user.usernum, CtdlGetConfigStr("c_fqdn")); + AutoGenerateEmailAddressForUser(&CC->user); } /* @@ -720,12 +735,9 @@ void CtdlUserLogout(void) * since it's possible to log in again without reconnecting, we cannot * make that assumption. */ - strcpy(CCC->fake_username, ""); - strcpy(CCC->fake_hostname, ""); - strcpy(CCC->fake_roomname, ""); CCC->logged_in = 0; - /* Check to see if the user was deleted whilst logged in and purge them if necessary */ + /* Check to see if the user was deleted while logged in and purge them if necessary */ if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) { purge_user(CCC->user.fullname); } @@ -733,13 +745,9 @@ void CtdlUserLogout(void) /* Clear out the user record in memory so we don't behave like a ghost */ memset(&CCC->user, 0, sizeof(struct ctdluser)); CCC->curr_user[0] = 0; - CCC->is_master = 0; CCC->cs_inet_email[0] = 0; CCC->cs_inet_other_emails[0] = 0; CCC->cs_inet_fn[0] = 0; - CCC->fake_username[0] = 0; - CCC->fake_hostname[0] = 0; - CCC->fake_roomname[0] = 0; /* Free any output buffers */ unbuffer_output(); @@ -854,10 +862,6 @@ int CtdlTryPassword(const char *password, long len) return pass_wrong_password; } - if (CCC->is_master) { - code = strcmp(password, CtdlGetConfigStr("c_master_pass")); - } - else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -946,8 +950,9 @@ int purge_user(char pname[]) makeuserkey(usernamekey, pname, cutuserkey(pname)); /* If the name is empty we can't find them in the DB any way so just return */ - if (IsEmptyStr(pname)) + if (IsEmptyStr(pname)) { return(ERROR + NO_SUCH_USER); + } if (CtdlGetUser(&usbuf, pname) != 0) { syslog(LOG_ERR, "user_ops: cannot purge user <%s> - not found", pname);