X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fuser_ops.c;h=99543f719c7e26efd640e939faa114eb15204707;hb=9ffea7c3315046ddcea2589656c13da5f5e0c076;hp=e35953debce23c49e0aa6316c27efe408e96a314;hpb=6b7ec622dd2a18715d3c0f353d23ade3f463f3f3;p=citadel.git diff --git a/citadel/user_ops.c b/citadel/user_ops.c index e35953deb..99543f719 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -1,7 +1,7 @@ /* * Server functions which perform operations on user objects. * - * Copyright (c) 1987-2017 by the citadel.org team + * Copyright (c) 1987-2019 by the citadel.org team * * This program is open source software; you can redistribute it and/or * modify it under the terms of the GNU General Public License, version 3. @@ -12,10 +12,12 @@ * GNU General Public License for more details. */ +#include +#include #include "sysdep.h" #include +#include #include - #include "control.h" #include "support.h" #include "citserver.h" @@ -29,16 +31,49 @@ int chkpwd_write_pipe[2]; int chkpwd_read_pipe[2]; +/* + * Trim a string down to the maximum username size and return the new length + */ +long cutusername(char *username) { + long len; + len = strlen(username); + if (len >= USERNAME_SIZE) + { + syslog(LOG_INFO, "Username too long: %s", username); + len = USERNAME_SIZE - 1; + username[len]='\0'; + } + return len; +} + /* - * CtdlGetUser() - retrieve named user into supplied buffer. - * returns 0 on success + * makeuserkey() - convert a username into the format used as a database key + * (it's just the username converted into lower case) */ -int CtdlGetUserLen(struct ctdluser *usbuf, const char *name, long len) -{ +void makeuserkey(char *key, const char *username, long len) { + int i; + if (len >= USERNAME_SIZE) + { + syslog(LOG_INFO, "Username too long: %s", username); + len = USERNAME_SIZE - 1; + } + for (i=0; i<=len; ++i) { + key[i] = tolower(username[i]); + } +} + + +/* + * CtdlGetUser() retrieve named user into supplied buffer. + * returns 0 on success + */ +int CtdlGetUser(struct ctdluser *usbuf, char *name) +{ char usernamekey[USERNAME_SIZE]; struct cdbdata *cdbus; + long len = cutusername(name); if (usbuf != NULL) { memset(usbuf, 0, sizeof(struct ctdluser)); @@ -51,28 +86,20 @@ int CtdlGetUserLen(struct ctdluser *usbuf, const char *name, long len) return(1); } if (usbuf != NULL) { - memcpy(usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); + memcpy(usbuf, cdbus->ptr, ((cdbus->len > sizeof(struct ctdluser)) ? sizeof(struct ctdluser) : cdbus->len)); } cdb_free(cdbus); - - return (0); + return(0); } -int CtdlGetUser(struct ctdluser *usbuf, char *name) -{ - return CtdlGetUserLen(usbuf, name, cutuserkey(name)); -} - int CtdlLockGetCurrentUser(void) { CitContext *CCC = CC; - - return CtdlGetUserLen(&CCC->user, CCC->curr_user, cutuserkey(CCC->curr_user)); + return CtdlGetUser(&CCC->user, CCC->curr_user); } + /* * CtdlGetUserLock() - same as getuser() but locks the record */ @@ -84,7 +111,7 @@ int CtdlGetUserLock(struct ctdluser *usbuf, char *name) if (retcode == 0) { begin_critical_section(S_USERS); } - return (retcode); + return(retcode); } @@ -95,17 +122,12 @@ void CtdlPutUser(struct ctdluser *usbuf) { char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, - usbuf->fullname, - cutuserkey(usbuf->fullname)); - + makeuserkey(usernamekey, usbuf->fullname, cutusername(usbuf->fullname)); usbuf->version = REV_LEVEL; - cdb_store(CDB_USERS, - usernamekey, strlen(usernamekey), - usbuf, sizeof(struct ctdluser)); - + cdb_store(CDB_USERS, usernamekey, strlen(usernamekey), usbuf, sizeof(struct ctdluser)); } + void CtdlPutCurrentUserLock() { CtdlPutUser(&CC->user); @@ -122,7 +144,6 @@ void CtdlPutUserLock(struct ctdluser *usbuf) } - /* * rename_user() - this is tricky because the user's display name is the database key * @@ -137,8 +158,8 @@ int rename_user(char *oldname, char *newname) { char newnamekey[USERNAME_SIZE]; /* Create the database keys... */ - makeuserkey(oldnamekey, oldname, cutuserkey(oldname)); - makeuserkey(newnamekey, newname, cutuserkey(newname)); + makeuserkey(oldnamekey, oldname, cutusername(oldname)); + makeuserkey(newnamekey, newname, cutusername(newname)); /* Lock up and get going */ begin_critical_section(S_USERS); @@ -164,7 +185,7 @@ int rename_user(char *oldname, char *newname) { syslog(LOG_DEBUG, "user_ops: can not rename user \"Citadel\"."); retcode = RENAMEUSER_NOT_FOUND; } else { - syslog(LOG_DEBUG, "user_ops: renaming <%s> to <%s>\n", oldname, newname); + syslog(LOG_DEBUG, "user_ops: renaming <%s> to <%s>", oldname, newname); cdb_delete(CDB_USERS, oldnamekey, strlen(oldnamekey)); safestrncpy(usbuf.fullname, newname, sizeof usbuf.fullname); CtdlPutUser(&usbuf); @@ -180,7 +201,6 @@ int rename_user(char *oldname, char *newname) { } - /* * Index-generating function used by Ctdl[Get|Set]Relationship */ @@ -201,7 +221,7 @@ int GenerateRelationshipIndex(char *IndexBuf, TheIndex.iUserID = UserID; memcpy(IndexBuf, &TheIndex, sizeof(TheIndex)); - return (sizeof(TheIndex)); + return(sizeof(TheIndex)); } @@ -231,8 +251,6 @@ void CtdlSetRelationship(visit *newvisit, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - - /* We don't use these in Citadel because they're implicit by the * index, but they must be present if the database is exported. */ @@ -243,6 +261,7 @@ void CtdlSetRelationship(visit *newvisit, put_visit(newvisit); } + /* * Locate a relationship between a user and a room */ @@ -250,25 +269,19 @@ void CtdlGetRelationship(visit *vbuf, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - char IndexBuf[32]; int IndexLen; struct cdbdata *cdbvisit; /* Generate an index */ - IndexLen = GenerateRelationshipIndex(IndexBuf, - rel_room->QRnumber, - rel_room->QRgen, - rel_user->usernum); + IndexLen = GenerateRelationshipIndex(IndexBuf, rel_room->QRnumber, rel_room->QRgen, rel_user->usernum); /* Clear out the buffer */ memset(vbuf, 0, sizeof(visit)); cdbvisit = cdb_fetch(CDB_VISIT, IndexBuf, IndexLen); if (cdbvisit != NULL) { - memcpy(vbuf, cdbvisit->ptr, - ((cdbvisit->len > sizeof(visit)) ? - sizeof(visit) : cdbvisit->len)); + memcpy(vbuf, cdbvisit->ptr, ((cdbvisit->len > sizeof(visit)) ? sizeof(visit) : cdbvisit->len)); cdb_free(cdbvisit); } else { @@ -319,6 +332,7 @@ int CtdlCheckInternetMailPermission(struct ctdluser *who) { return(0); } + /* * Convenience function. */ @@ -326,8 +340,7 @@ int CtdlAccessCheck(int required_level) { if (CC->internal_pgm) return(0); if (required_level >= ac_internal) { - cprintf("%d This is not a user-level command.\n", - ERROR + HIGHER_ACCESS_REQUIRED); + cprintf("%d This is not a user-level command.\n", ERROR + HIGHER_ACCESS_REQUIRED); return(-1); } @@ -360,16 +373,15 @@ int CtdlAccessCheck(int required_level) } - /* * Is the user currently logged in an Admin? */ int is_aide(void) { if (CC->user.axlevel >= AxAideU) - return (1); + return(1); else - return (0); + return(0); } @@ -380,14 +392,13 @@ int is_room_aide(void) { if (!CC->logged_in) { - return (0); + return(0); } - if ((CC->user.axlevel >= AxAideU) - || (CC->room.QRroomaide == CC->user.usernum)) { - return (1); + if ((CC->user.axlevel >= AxAideU) || (CC->room.QRroomaide == CC->user.usernum)) { + return(1); } else { - return (0); + return(0); } } @@ -419,38 +430,12 @@ int CtdlGetUserByNumber(struct ctdluser *usbuf, long number) /* * Helper function for rebuild_usersbynumber() */ -void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { - - struct ubnlist { - struct ubnlist *next; - char username[USERNAME_SIZE]; - long usernum; - }; - - static struct ubnlist *u = NULL; - struct ubnlist *ptr = NULL; +void rebuild_ubn_for_user(char *username, void *data) { + struct ctdluser u; - /* Lazy programming here. Call this function as a ForEachUser backend - * in order to queue up the room names, or call it with a null user - * to make it do the processing. - */ - if (usbuf != NULL) { - ptr = (struct ubnlist *) malloc(sizeof (struct ubnlist)); - if (ptr == NULL) return; - - ptr->usernum = usbuf->usernum; - safestrncpy(ptr->username, usbuf->fullname, sizeof ptr->username); - ptr->next = u; - u = ptr; - return; - } - - while (u != NULL) { - syslog(LOG_DEBUG, "user_ops: rebuilding usersbynumber index %10ld : %s", u->usernum, u->username); - cdb_store(CDB_USERSBYNUMBER, &u->usernum, sizeof(long), u->username, strlen(u->username)+1); - ptr = u; - u = u->next; - free(ptr); + syslog(LOG_DEBUG, "user_ops: rebuilding usersbynumber index for %s", username); + if (CtdlGetUser(&u, username) == 0) { + cdb_store(CDB_USERSBYNUMBER, &(u.usernum), sizeof(long), u.fullname, strlen(u.fullname)+1); } } @@ -461,50 +446,48 @@ void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { void rebuild_usersbynumber(void) { cdb_trunc(CDB_USERSBYNUMBER); /* delete the old indices */ ForEachUser(rebuild_ubn_for_user, NULL); /* enumerate the users */ - rebuild_ubn_for_user(NULL, NULL); /* and index them */ } /* - * getuserbyuid() - get user by system uid (for PAM mode authentication) - * returns 0 if user was found - * - * WARNING: don't use this function unless you absolutely have to. It does - * a sequential search and therefore is computationally expensive. + * getuserbyuid() Get user by system uid (for PAM mode authentication) + * Returns 0 if user was found + * This now uses an extauth index. */ int getuserbyuid(struct ctdluser *usbuf, uid_t number) { - struct cdbdata *cdbus; + struct cdbdata *cdbextauth; + long usernum = 0; + StrBuf *claimed_id; + + claimed_id = NewStrBuf(); + StrBufPrintf(claimed_id, "uid:%d", number); + cdbextauth = cdb_fetch(CDB_EXTAUTH, ChrPtr(claimed_id), StrLength(claimed_id)); + FreeStrBuf(&claimed_id); + if (cdbextauth == NULL) { + return(-1); + } - cdb_rewind(CDB_USERS); + memcpy(&usernum, cdbextauth->ptr, sizeof(long)); + cdb_free(cdbextauth); - while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) { - memset(usbuf, 0, sizeof(struct ctdluser)); - memcpy(usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); - cdb_free(cdbus); - if (usbuf->uid == number) { - cdb_close_cursor(CDB_USERS); - return (0); - } + if (!CtdlGetUserByNumber(usbuf, usernum)) { + return(0); } - return (-1); + + return(-1); } /* * Back end for cmd_user() and its ilk - * - * NOTE: "authname" should only be used if we are attempting to use the "master user" feature */ -int CtdlLoginExistingUser(char *authname, const char *trythisname) +int CtdlLoginExistingUser(const char *trythisname) { char username[SIZ]; int found_user; - long len; - syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname); + syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s)", trythisname); if ((CC->logged_in)) { return login_already_logged_in; @@ -518,20 +501,9 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) return login_not_found; } - /* If a "master user" is defined, handle its authentication if specified */ - CC->is_master = 0; - if ( (!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && - (!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) && - (authname != NULL) && - (!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) ) - { - CC->is_master = 1; - } - /* Continue attempting user validation... */ safestrncpy(username, trythisname, sizeof (username)); striplt(username); - len = cutuserkey(username); if (IsEmptyStr(username)) { return login_not_found; @@ -563,16 +535,13 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) return login_not_found; } - /* Locate the associated Citadel account. - * If not found, make one attempt to create it. - */ + /* Locate the associated Citadel account. If not found, make one attempt to create it. */ found_user = getuserbyuid(&CC->user, pd.pw_uid); - syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user); if (found_user != 0) { - len = cutuserkey(username); - create_user(username, len, 0); + create_user(username, CREATE_USER_DO_NOT_BECOME_USER, pd.pw_uid); found_user = getuserbyuid(&CC->user, pd.pw_uid); } + syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user); } @@ -585,14 +554,14 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) char ldap_cn[256]; char ldap_dn[256]; - found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid, 0); + found_user = CtdlTryUserLDAP(username, ldap_dn, sizeof ldap_dn, ldap_cn, sizeof ldap_cn, &ldap_uid); if (found_user != 0) { return login_not_found; } found_user = getuserbyuid(&CC->user, ldap_uid); if (found_user != 0) { - create_user(username, len, 0); + create_user(ldap_cn, CREATE_USER_DO_NOT_BECOME_USER, ldap_uid); found_user = getuserbyuid(&CC->user, ldap_uid); } @@ -612,9 +581,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) /* First, try to log in as if the supplied name is a display name */ found_user = CtdlGetUser(&CC->user, username); - /* If that didn't work, try to log in as if the supplied name - * is an e-mail address - */ + /* If that didn't work, try to log in as if the supplied name * is an e-mail address */ if (found_user != 0) { valid = validate_recipients(username, NULL, 0); if (valid != NULL) { @@ -631,8 +598,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) if (((CC->nologin)) && (CC->user.axlevel < AxAideU)) { return login_too_many_users; } else { - safestrncpy(CC->curr_user, CC->user.fullname, - sizeof CC->curr_user); + safestrncpy(CC->curr_user, CC->user.fullname, sizeof CC->curr_user); return login_ok; } } @@ -645,42 +611,58 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) */ void do_login(void) { - struct CitContext *CCC = CC; - - CCC->logged_in = 1; - syslog(LOG_NOTICE, "user_ops: <%s> logged in", CCC->curr_user); + CC->logged_in = 1; + syslog(LOG_NOTICE, "user_ops: <%s> logged in", CC->curr_user); - CtdlGetUserLock(&CCC->user, CCC->curr_user); - ++(CCC->user.timescalled); - CCC->previous_login = CCC->user.lastcall; - time(&CCC->user.lastcall); + CtdlGetUserLock(&CC->user, CC->curr_user); + ++(CC->user.timescalled); + CC->previous_login = CC->user.lastcall; + time(&CC->user.lastcall); /* If this user's name is the name of the system administrator * (as specified in setup), automatically assign access level 6. */ - if (!strcasecmp(CCC->user.fullname, CtdlGetConfigStr("c_sysadm"))) { - CCC->user.axlevel = AxAideU; + if ( (!IsEmptyStr(CtdlGetConfigStr("c_sysadm"))) && (!strcasecmp(CC->user.fullname, CtdlGetConfigStr("c_sysadm"))) ) { + CC->user.axlevel = AxAideU; } - /* If we're authenticating off the host system, automatically give - * root the highest level of access. - */ + /* If we're authenticating off the host system, automatically give root the highest level of access. */ if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { - if (CCC->user.uid == 0) { - CCC->user.axlevel = AxAideU; + if (CC->user.uid == 0) { + CC->user.axlevel = AxAideU; } } + CtdlPutUserLock(&CC->user); - CtdlPutUserLock(&CCC->user); + /* If we are using LDAP authentication, extract the user's email addresses from the directory. */ +#ifdef HAVE_LDAP + if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { + char new_emailaddrs[512]; + if (CtdlGetConfigInt("c_ldap_sync_email_addrs") > 0) { + if (extract_email_addresses_from_ldap(CC->ldap_dn, new_emailaddrs) == 0) { + CtdlSetEmailAddressesForUser(CC->user.fullname, new_emailaddrs); + } + } + } +#endif + + /* If the user does not have any email addresses assigned, generate one. */ + if (IsEmptyStr(CC->user.emailaddrs)) { + AutoGenerateEmailAddressForUser(&CC->user); + } /* - * Populate CCC->cs_inet_email with a default address. This will be - * overwritten with the user's directory address, if one exists, when - * the vCard module's login hook runs. + * Populate cs_inet_email and cs_inet_other_emails with valid email addresses from the user record */ - snprintf(CCC->cs_inet_email, sizeof CCC->cs_inet_email, "%s@%s", - CCC->user.fullname, CtdlGetConfigStr("c_fqdn")); - convert_spaces_to_underscores(CCC->cs_inet_email); + strcpy(CC->cs_inet_email, CC->user.emailaddrs); + char *firstsep = strstr(CC->cs_inet_email, "|"); + if (firstsep) { + strcpy(CC->cs_inet_other_emails, firstsep+1); + *firstsep = 0; + } + else { + CC->cs_inet_other_emails[0] = 0; + } /* Create any personal rooms required by the system. * (Technically, MAILROOM should be there already, but just in case...) @@ -724,12 +706,9 @@ void CtdlUserLogout(void) * since it's possible to log in again without reconnecting, we cannot * make that assumption. */ - strcpy(CCC->fake_username, ""); - strcpy(CCC->fake_hostname, ""); - strcpy(CCC->fake_roomname, ""); CCC->logged_in = 0; - /* Check to see if the user was deleted whilst logged in and purge them if necessary */ + /* Check to see if the user was deleted while logged in and purge them if necessary */ if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) { purge_user(CCC->user.fullname); } @@ -737,13 +716,9 @@ void CtdlUserLogout(void) /* Clear out the user record in memory so we don't behave like a ghost */ memset(&CCC->user, 0, sizeof(struct ctdluser)); CCC->curr_user[0] = 0; - CCC->is_master = 0; CCC->cs_inet_email[0] = 0; CCC->cs_inet_other_emails[0] = 0; CCC->cs_inet_fn[0] = 0; - CCC->fake_username[0] = 0; - CCC->fake_hostname[0] = 0; - CCC->fake_roomname[0] = 0; /* Free any output buffers */ unbuffer_output(); @@ -768,19 +743,19 @@ static int validpw(uid_t uid, const char *pass) begin_critical_section(S_CHKPWD); rv = write(chkpwd_write_pipe[1], &uid, sizeof(uid_t)); if (rv == -1) { - syslog(LOG_EMERG, "user_ops: communication with chkpwd broken: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } rv = write(chkpwd_write_pipe[1], pass, 256); if (rv == -1) { - syslog(LOG_EMERG, "user_ops: communication with chkpwd broken: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } rv = read(chkpwd_read_pipe[0], buf, 4); if (rv == -1) { - syslog(LOG_EMERG, "user_ops: ommunication with chkpwd broken: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: ommunication with chkpwd broken: %m"); end_critical_section(S_CHKPWD); return 0; } @@ -807,21 +782,21 @@ void start_chkpwd_daemon(void) { syslog(LOG_DEBUG, "user_ops: starting chkpwd daemon for host authentication mode"); if ((stat(file_chkpwd, &filestats)==-1) || (filestats.st_size==0)) { - printf("didn't find chkpwd daemon in %s: %s\n", file_chkpwd, strerror(errno)); + syslog(LOG_ERR, "user_ops: %s: %m", file_chkpwd); abort(); } if (pipe(chkpwd_write_pipe) != 0) { - syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } if (pipe(chkpwd_read_pipe) != 0) { - syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } chkpwd_pid = fork(); if (chkpwd_pid < 0) { - syslog(LOG_ERR, "user_ops: unable to fork chkpwd daemon: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to fork chkpwd daemon: %m"); abort(); } if (chkpwd_pid == 0) { @@ -829,7 +804,7 @@ void start_chkpwd_daemon(void) { dup2(chkpwd_read_pipe[1], 1); for (i=2; i<256; ++i) close(i); execl(file_chkpwd, file_chkpwd, NULL); - syslog(LOG_ERR, "user_ops: unable to exec chkpwd daemon: %s", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to exec chkpwd daemon: %m"); abort(); exit(errno); } @@ -858,10 +833,6 @@ int CtdlTryPassword(const char *password, long len) return pass_wrong_password; } - if (CCC->is_master) { - code = strcmp(password, CtdlGetConfigStr("c_master_pass")); - } - else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -947,16 +918,18 @@ int purge_user(char pname[]) struct ctdluser usbuf; char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, pname, cutuserkey(pname)); + makeuserkey(usernamekey, pname, cutusername(pname)); /* If the name is empty we can't find them in the DB any way so just return */ - if (IsEmptyStr(pname)) - return (ERROR + NO_SUCH_USER); + if (IsEmptyStr(pname)) { + return(ERROR + NO_SUCH_USER); + } if (CtdlGetUser(&usbuf, pname) != 0) { syslog(LOG_ERR, "user_ops: cannot purge user <%s> - not found", pname); - return (ERROR + NO_SUCH_USER); + return(ERROR + NO_SUCH_USER); } + /* Don't delete a user who is currently logged in. Instead, just * set the access level to 0, and let the account get swept up * during the next purge. @@ -965,19 +938,10 @@ int purge_user(char pname[]) syslog(LOG_WARNING, "user_ops: <%s> is logged in; not deleting", pname); usbuf.axlevel = AxDeleted; CtdlPutUser(&usbuf); - return (1); + return(1); } - syslog(LOG_NOTICE, "user_ops: deleting <%s>", pname); -/* - * FIXME: - * This should all be wrapped in a S_USERS mutex. - * Without the mutex the user could log in before we get to the next function - * That would truly mess things up :-( - * I would like to see the S_USERS start before the CtdlIsUserLoggedInByNum() above - * and end after the user has been deleted from the database, below. - * Question is should we enter the EVT_PURGEUSER while S_USERS is active? - */ + syslog(LOG_NOTICE, "user_ops: deleting <%s>", pname); /* Perform any purge functions registered by server extensions */ PerformUserHooks(&usbuf, EVT_PURGEUSER); @@ -991,14 +955,14 @@ int purge_user(char pname[]) /* delete the userlog entry */ cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey)); - return (0); + return(0); } -int internal_create_user (const char *username, long len, struct ctdluser *usbuf, uid_t uid) +int internal_create_user(char *username, struct ctdluser *usbuf, uid_t uid) { - if (!CtdlGetUserLen(usbuf, username, len)) { - return (ERROR + ALREADY_EXISTS); + if (!CtdlGetUser(usbuf, username)) { + return(ERROR + ALREADY_EXISTS); } /* Go ahead and initialize a new user record */ @@ -1022,7 +986,15 @@ int internal_create_user (const char *username, long len, struct ctdluser *usbuf CtdlPutUser(usbuf); cdb_store(CDB_USERSBYNUMBER, &usbuf->usernum, sizeof(long), usbuf->fullname, strlen(usbuf->fullname)+1); - return 0; + /* If non-native auth, index by uid */ + if ((usbuf->uid > 0) && (usbuf->uid != NATIVE_AUTH_UID)) { + StrBuf *claimed_id = NewStrBuf(); + StrBufPrintf(claimed_id, "uid:%d", usbuf->uid); + attach_extauth(usbuf, claimed_id); + FreeStrBuf(&claimed_id); + } + + return(0); } @@ -1030,66 +1002,23 @@ int internal_create_user (const char *username, long len, struct ctdluser *usbuf * create_user() - back end processing to create a new user * * Set 'newusername' to the desired account name. - * Set 'become_user' to nonzero if this is self-service account creation and we want - * to actually log in as the user we just created, otherwise set it to 0. + * Set 'become_user' to CREATE_USER_BECOME_USER if this is self-service account creation and we want to + * actually log in as the user we just created, otherwise set it to CREATE_USER_DO_NOT_BECOME_USER + * Set 'uid' to some uid_t value to associate the account with an external auth user, or (-1) for native auth */ -int create_user(const char *newusername, long len, int become_user) +int create_user(char *username, int become_user, uid_t uid) { struct ctdluser usbuf; struct ctdlroom qrbuf; - char username[256]; char mailboxname[ROOMNAMELEN]; char buf[SIZ]; int retval; - uid_t uid = (-1); - - safestrncpy(username, newusername, sizeof username); strproc(username); - - - if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { - - /* host auth mode */ - - struct passwd pd; - struct passwd *tempPwdPtr; - char pwdbuffer[SIZ]; - -#ifdef HAVE_GETPWNAM_R -#ifdef SOLARIS_GETPWUID - tempPwdPtr = getpwnam_r(username, &pd, pwdbuffer, sizeof(pwdbuffer)); -#else // SOLARIS_GETPWUID - getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer, &tempPwdPtr); -#endif // SOLARIS_GETPWUID -#else // HAVE_GETPWNAM_R - tempPwdPtr = NULL; -#endif // HAVE_GETPWNAM_R - if (tempPwdPtr != NULL) { - extract_token(username, pd.pw_gecos, 0, ',', sizeof username); - uid = pd.pw_uid; - if (IsEmptyStr (username)) - { - safestrncpy(username, pd.pw_name, sizeof username); - len = cutuserkey(username); - } - } - else { - return (ERROR + NO_SUCH_USER); - } + if ((retval = internal_create_user(username, &usbuf, uid)) != 0) { + return retval; } -#ifdef HAVE_LDAP - if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { - if (CtdlTryUserLDAP(username, NULL, 0, username, sizeof username, &uid, 0) != 0) { - return(ERROR + NO_SUCH_USER); - } - } -#endif /* HAVE_LDAP */ - - if ((retval = internal_create_user(username, len, &usbuf, uid)) != 0) - return retval; - /* * Give the user a private mailbox and a configuration room. * Make the latter an invisible system room. @@ -1111,7 +1040,7 @@ int create_user(const char *newusername, long len, int become_user) * creating a user, instead of doing self-service account creation */ - if (become_user) { + if (become_user == CREATE_USER_BECOME_USER) { /* Now become the user we just created */ memcpy(&CC->user, &usbuf, sizeof(struct ctdluser)); safestrncpy(CC->curr_user, username, sizeof CC->curr_user); @@ -1119,7 +1048,7 @@ int create_user(const char *newusername, long len, int become_user) /* Check to make sure we're still who we think we are */ if (CtdlGetUser(&CC->user, CC->curr_user)) { - return (ERROR + INTERNAL_ERROR); + return(ERROR + INTERNAL_ERROR); } } @@ -1131,7 +1060,7 @@ int create_user(const char *newusername, long len, int become_user) ); CtdlAideMessage(buf, "User Creation Notice"); syslog(LOG_NOTICE, "user_ops: <%s> created", username); - return (0); + return(0); } @@ -1182,7 +1111,6 @@ int CtdlInvtKick(char *iuser, int op) { (CC->logged_in ? CC->user.fullname : "an administrator") ); CtdlAideMessage(bbb,"User Admin Message"); - return(0); } @@ -1212,57 +1140,53 @@ int CtdlForgetThisRoom(void) { /* Return to the Lobby, so we don't end up in an undefined room */ CtdlUserGoto(CtdlGetConfigStr("c_baseroom"), 0, 0, NULL, NULL, NULL, NULL); return(0); - } /* - * Traverse the user file... + * Traverse the user file and perform a callback for each user record. + * (New improved version that runs in two phases so that callbacks can perform writes without having a r/o cursor open) */ -void ForEachUser(void (*CallBack) (struct ctdluser * EachUser, void *out_data), - void *in_data) +void ForEachUser(void (*CallBack) (char *, void *out_data), void *in_data) { - struct ctdluser usbuf; + struct feu { + char username[USERNAME_SIZE]; + int version; + }; + struct cdbdata *cdbus; + struct ctdluser *usptr; + int i = 0; + struct feu *usernames = NULL; + int num_users = 0; + int num_users_alloc = 0; cdb_rewind(CDB_USERS); + // Phase 1 : load list of usernames while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) { - memset(&usbuf, 0, sizeof(struct ctdluser)); - memcpy(&usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); - cdb_free(cdbus); - (*CallBack) (&usbuf, in_data); - } -} + usptr = (struct ctdluser *) cdbus->ptr; + if (strlen(usptr->fullname) > 0) { + ++num_users; + if (num_users > num_users_alloc) { + num_users_alloc = ((num_users_alloc == 0) ? 1 : (num_users_alloc * 2)); + usernames = realloc(usernames, num_users_alloc * sizeof(struct feu)); + } + strcpy(usernames[num_users-1].username, usptr->fullname); + usernames[num_users-1].version = usptr->version; + } + } -/* - * List one user (this works with cmd_list) - */ -void ListThisUser(struct ctdluser *usbuf, void *data) -{ - char *searchstring; - - searchstring = (char *)data; - if (bmstrcasestr(usbuf->fullname, searchstring) == NULL) { - return; - } - - if (usbuf->axlevel > AxDeleted) { - if ((CC->user.axlevel >= AxAideU) - || ((usbuf->flags & US_UNLISTED) == 0) - || ((CC->internal_pgm))) { - cprintf("%s|%d|%ld|%ld|%ld|%ld||\n", - usbuf->fullname, - usbuf->axlevel, - usbuf->usernum, - (long)usbuf->lastcall, - usbuf->timescalled, - usbuf->posted); + // Phase 2 : perform the callback for each username + for (i=0; inewmail; CC->newmail = 0; - - return (num_newmsgs); + return(num_newmsgs); } @@ -1296,7 +1218,7 @@ int InitialMailCheck() CtdlMailboxName(mailboxname, sizeof mailboxname, &CC->user, MAILROOM); if (CtdlGetRoom(&mailbox, mailboxname) != 0) - return (0); + return(0); CtdlGetRelationship(&vbuf, &CC->user, &mailbox); cdbfr = cdb_fetch(CDB_MSGLISTS, &mailbox.QRnumber, sizeof(long)); @@ -1318,5 +1240,5 @@ int InitialMailCheck() if (msglist != NULL) free(msglist); - return (num_newmsgs); + return(num_newmsgs); }