projects / citadel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
* First cut at Solaris fixes. There may still be some *printf("%s", NULL)
[citadel.git] / citadel / user_ops.c
diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index 212ac5d63fcd3f04357730056187e6b441800792..6e69ef068a494213248394790714b97e9c9262b4 100644 (file)
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -1,12 +1,7 @@
 /* $Id$ */
 
-/* needed to properly enable crypt() stuff on some systems */
-#define _XOPEN_SOURCE
-/* needed for str[n]casecmp() on some systems if the above is defined */
-#define _XOPEN_SOURCE_EXTENDED
-/* needed to enable threads on some systems if the above are defined */
-#define _POSIX_C_SOURCE 199506L
-
+#include "sysdep.h"
+#include <errno.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <stdio.h>
@@ -14,11 +9,14 @@
 #include <signal.h>
 #include <pwd.h>
 #include <sys/types.h>
+#include <sys/wait.h>
 #include <sys/time.h>
 #include <string.h>
 #include <syslog.h>
 #include <limits.h>
-#include <pthread.h>
+#ifndef ENABLE_CHKPWD
+#include "auth.h"
+#endif
 #include "citadel.h"
 #include "server.h"
 #include "database.h"
@@ -32,7 +30,7 @@
 #include "msgbase.h"
 #include "config.h"
 #include "dynloader.h"
-#include "sysdep.h"
+#include "tools.h"
 
 
 /*
@@ -45,10 +43,12 @@ int getuser(struct usersupp *usbuf, char name[]) {
        int a;
        struct cdbdata *cdbus;
 
-       bzero(usbuf, sizeof(struct usersupp));
+       memset(usbuf, 0, sizeof(struct usersupp));
        for (a=0; a<=strlen(name); ++a) {
-               lowercase_name[a] = tolower(name[a]);
+               if (a < sizeof(lowercase_name))
+                       lowercase_name[a] = tolower(name[a]);
                }
+       lowercase_name[sizeof(lowercase_name)-1] = 0;
 
        cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
        if (cdbus == NULL) {
@@ -81,15 +81,18 @@ int lgetuser(struct usersupp *usbuf, char *name)
 /*
  * putuser()  -  write user buffer into the correct place on disk
  */
-void putuser(struct usersupp *usbuf, char *name)
+void putuser(struct usersupp *usbuf)
 {
        char lowercase_name[32];
        int a;
 
-       for (a=0; a<=strlen(name); ++a) {
-               lowercase_name[a] = tolower(name[a]);
+       for (a=0; a<=strlen(usbuf->fullname); ++a) {
+               if (a < sizeof(lowercase_name))
+                       lowercase_name[a] = tolower(usbuf->fullname[a]);
                }
+       lowercase_name[sizeof(lowercase_name)-1] = 0;
 
+       usbuf->version = config.c_setup_level;
        cdb_store(CDB_USERSUPP,
                lowercase_name, strlen(lowercase_name),
                usbuf, sizeof(struct usersupp));
@@ -100,11 +103,32 @@ void putuser(struct usersupp *usbuf, char *name)
 /*
  * lputuser()  -  same as putuser() but locks the record
  */
-void lputuser(struct usersupp *usbuf, char *name) {
-       putuser(usbuf,name);
+void lputuser(struct usersupp *usbuf) {
+       putuser(usbuf);
        end_critical_section(S_USERSUPP);
        }
 
+/*
+ * Index-generating function used by Ctdl[Get|Set]Relationship
+ */
+int GenerateRelationshipIndex( char *IndexBuf,
+                               long RoomID,
+                               long RoomGen,
+                               long UserID) {
+
+       struct {
+               long iRoomID;
+               long iRoomGen;
+               long iUserID;
+               } TheIndex;
+
+       TheIndex.iRoomID = RoomID;
+       TheIndex.iRoomGen = RoomGen;
+       TheIndex.iUserID = UserID;
+
+       memcpy(IndexBuf, &TheIndex, sizeof(TheIndex));
+       return(sizeof(TheIndex));
+       }
 
 /*
  * Define a relationship between a user and a room
@@ -113,49 +137,26 @@ void CtdlSetRelationship(struct visit *newvisit,
                        struct usersupp *rel_user,
                        struct quickroom *rel_room) {
 
-       struct cdbdata *cdbvisit;
-       struct visit *visits;
-       int num_visits;
-       int a;
-       int replaced = 0;
-
-       cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
-       if (cdbvisit != NULL) {
-               num_visits = cdbvisit->len / sizeof(struct visit);
-               visits = (struct visit *)
-                       malloc(num_visits * sizeof(struct visit));
-               memcpy(visits, cdbvisit->ptr,
-                       (num_visits * sizeof(struct visit)));
-               cdb_free(cdbvisit);
-               }
-       else {
-               num_visits = 0;
-               visits = NULL;
-               }
+       char IndexBuf[32];
+       int IndexLen;
 
-       /* Replace an existing relationship if possible */
-       if (num_visits > 0) for (a=0; a<num_visits; ++a) {
-               if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
-                  && (visits[a].v_generation == rel_room->QRgen) ) {
-                       memcpy(&visits[a], newvisit, sizeof(struct visit));
-                       replaced = 1;
-                       }
-               }
-
-       /* Otherwise, define a new one */
-       if (replaced == 0) {
-               ++num_visits;
-               visits = realloc(visits, 
-                       (num_visits * sizeof(struct visit)));
-               memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
-               }
-
-       /* Now write the relationship back to disk */
-       cdb_store(CDB_VISIT,
-               &rel_user->usernum, sizeof(long),
-               visits,
-               (num_visits * sizeof(struct visit)));
-       free(visits);
+       /* We don't use these in Citadel because they're implicit by the
+        * index, but they must be present if the database is exported.
+        */
+        newvisit->v_roomnum = rel_room->QRnumber;
+        newvisit->v_roomgen = rel_room->QRgen;
+        newvisit->v_usernum = rel_user->usernum;
+
+       /* Generate an index */
+       IndexLen = GenerateRelationshipIndex(IndexBuf,
+               rel_room->QRnumber,
+               rel_room->QRgen,
+               rel_user->usernum);
+
+       /* Store the record */
+       cdb_store(CDB_VISIT, IndexBuf, IndexLen,
+               newvisit, sizeof(struct visit)
+               );
        }
 
 /*
@@ -165,98 +166,30 @@ void CtdlGetRelationship(struct visit *vbuf,
                        struct usersupp *rel_user,
                        struct quickroom *rel_room) {
 
+       char IndexBuf[32];
+       int IndexLen;
        struct cdbdata *cdbvisit;
-       struct visit *visits;
-       int num_visits;
-       int a;
 
-       bzero(vbuf, sizeof(struct visit));
-       strcpy(vbuf->v_roomname, rel_room->QRname);
-       vbuf->v_generation = rel_room->QRgen;
+       /* Generate an index */
+       IndexLen = GenerateRelationshipIndex(IndexBuf,
+               rel_room->QRnumber,
+               rel_room->QRgen,
+               rel_user->usernum);
 
-       cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
-       if (cdbvisit != NULL) {
-               if ((num_visits = cdbvisit->len / sizeof(struct visit)) == 0) {
-                       cdb_free(cdbvisit);
-                       return;
-               }
-               visits = (struct visit *)
-                       malloc(num_visits * sizeof(struct visit));
-               memcpy(visits, cdbvisit->ptr,
-                       (num_visits * sizeof(struct visit)));
-               cdb_free(cdbvisit);
-               }
-       else return;
+       /* Clear out the buffer */
+       memset(vbuf, 0, sizeof(struct visit));
 
-       for (a=0; a<num_visits; ++a) {
-       
-               if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
-                  && (visits[a].v_generation == rel_room->QRgen) ) {
-                       memcpy(vbuf, &visits[a], sizeof(struct visit));
-                       }
-               }
-       
-       free(visits);
-       }
-
-
-void PurgeStaleRelationships(void) {
-
-       struct cdbdata *cdbvisit;
-       struct visit *visits;
-       struct quickroom qrbuf;
-       int num_visits;
-       int a, purge;
-
-       cdbvisit = cdb_fetch(CDB_VISIT, &CC->usersupp.usernum, sizeof(long));
+       cdbvisit = cdb_fetch(CDB_VISIT, IndexBuf, IndexLen);
        if (cdbvisit != NULL) {
-               if ((num_visits = cdbvisit->len / sizeof(struct visit)) == 0) {
-                       cdb_free(cdbvisit);
-                       return;
-                       }
-               visits = (struct visit *)
-                       malloc(num_visits * sizeof(struct visit));
-               memcpy(visits, cdbvisit->ptr,
-                       (num_visits * sizeof(struct visit)));
+               memcpy(vbuf, cdbvisit->ptr,
+                       ( (cdbvisit->len > sizeof(struct visit)) ?
+                       sizeof(struct visit) : cdbvisit->len) );
                cdb_free(cdbvisit);
+               return;
                }
-       else return;
-
-       for (a=0; a<num_visits; ++a) {
-               if (getroom(&qrbuf, visits[a].v_roomname)!=0) {
-                       purge = 1;
-                       }
-               else if (qrbuf.QRgen != visits[a].v_generation) {
-                       purge = 1;
-                       }
-               else {
-                       purge = 0;
-                       }
-
-               /*
-               lprintf(9, "U/R REL: <%s> <%ld> <%ld> <%d> %s\n",
-                       visits[a].v_roomname,
-                       visits[a].v_generation,
-                       visits[a].v_lastseen,
-                       visits[a].v_flags,
-                       (purge ? "**purging**" : "") );
-               */
-
-               if (purge) {
-                       memcpy(&visits[a], &visits[a+1],
-                               (((num_visits-a)-1) * sizeof(struct visit)) );
-                       --num_visits;
-                       }
-
-               }
-       
-       cdb_store(CDB_VISIT, &CC->usersupp.usernum, sizeof(long),
-                       visits, (num_visits * sizeof(struct visit)));
-       free(visits);
        }
 
 
-
 void MailboxName(char *buf, struct usersupp *who, char *prefix) {
        sprintf(buf, "%010ld.%s", who->usernum, prefix);
        }
@@ -295,7 +228,7 @@ int getuserbynumber(struct usersupp *usbuf, long int number)
        cdb_rewind(CDB_USERSUPP);
 
        while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
-               bzero(usbuf, sizeof(struct usersupp));
+               memset(usbuf, 0, sizeof(struct usersupp));
                memcpy(usbuf, cdbus->ptr,
                        ( (cdbus->len > sizeof(struct usersupp)) ?
                        sizeof(struct usersupp) : cdbus->len) );
@@ -309,24 +242,21 @@ int getuserbynumber(struct usersupp *usbuf, long int number)
 
 
 /*
- * USER cmd
+ * Back end for cmd_user() and its ilk
  */
-void cmd_user(char *cmdbuf)
+int CtdlLoginExistingUser(char *username)
 {
-       char username[256];
        char autoname[256];
        int found_user = 0;
        struct passwd *p;
        int a;
 
-       extract(username,cmdbuf,0);
        username[25] = 0;
        strproc(username);
 
        if ((CC->logged_in)) {
-               cprintf("%d Already logged in.\n",ERROR);
-               return;
-               }
+               return login_already_logged_in;
+       }
 
        found_user = getuser(&CC->usersupp,username);
        if (found_user != 0) {
@@ -336,24 +266,56 @@ void cmd_user(char *cmdbuf)
                        for (a=0; a<strlen(autoname); ++a)
                                if (autoname[a]==',') autoname[a]=0;
                        found_user = getuser(&CC->usersupp,autoname);
-                       }
                }
+       }
        if (found_user == 0) {
                if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
-                       cprintf("%d %s: Too many users are already online (maximum is %d)\n",
-                       ERROR+MAX_SESSIONS_EXCEEDED,
-                       config.c_nodename,config.c_maxsessions);
-                       }
+                       return login_too_many_users;
+               }
                else {
                        strcpy(CC->curr_user,CC->usersupp.fullname);
+                       return login_ok;
+               }
+       }
+       return login_not_found;
+}
+
+
+
+/*
+ * USER cmd
+ */
+void cmd_user(char *cmdbuf)
+{
+       char username[256];
+       int a;
+
+       extract(username,cmdbuf,0);
+       username[25] = 0;
+       strproc(username);
+
+       a = CtdlLoginExistingUser(username);
+       switch(a) {
+               case login_already_logged_in:
+                       cprintf("%d Already logged in.\n",ERROR);
+                       return;
+               case login_too_many_users:
+                       cprintf("%d %s: "
+                               "Too many users are already online "
+                               "(maximum is %d)\n",
+                               ERROR+MAX_SESSIONS_EXCEEDED,
+                               config.c_nodename,config.c_maxsessions);
+                       return;
+               case login_ok:
                        cprintf("%d Password required for %s\n",
                                MORE_DATA,CC->curr_user);
-                       }
-               }
-       else {
-               cprintf("%d %s not found.\n",ERROR,username);
-               }
+                       return;
+               case login_not_found:
+                       cprintf("%d %s not found.\n", ERROR, username);
+                       return;
+               cprintf("%d Internal error\n", ERROR);
        }
+}
 
 
 
@@ -369,7 +331,6 @@ void session_startup(void) {
        CC->fake_postname[0] = '\0';
        CC->fake_hostname[0] = '\0';
        CC->fake_roomname[0] = '\0';
-       CC->last_pager[0] = '\0';
        time(&CC->usersupp.lastcall);
 
        /* If this user's name is the name of the system administrator
@@ -379,19 +340,26 @@ void session_startup(void) {
                CC->usersupp.axlevel = 6;
                }
 
-       lputuser(&CC->usersupp,CC->curr_user);
+       lputuser(&CC->usersupp);
 
         /* Run any cleanup routines registered by loadable modules */
        PerformSessionHooks(EVT_LOGIN);
 
-       cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
-               CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
-               CC->usersupp.usernum);
        usergoto(BASEROOM,0);           /* Enter the lobby */   
        rec_log(CL_LOGIN,CC->curr_user);
        }
 
 
+void logged_in_response(void) {
+       cprintf("%d %s|%d|%d|%d|%u|%ld\n",
+               OK, CC->usersupp.fullname, CC->usersupp.axlevel,
+               CC->usersupp.timescalled, CC->usersupp.posted,
+               CC->usersupp.flags,
+               CC->usersupp.usernum);
+}
+
+
+
 /* 
  * misc things to be taken care of when a user is logged out
  */
@@ -410,70 +378,150 @@ void logout(struct CitContext *who)
        PerformSessionHooks(EVT_LOGOUT);
        }
 
+#ifdef ENABLE_CHKPWD
+/*
+ * an alternate version of validpw() which executes `chkpwd' instead of
+ * verifying the password directly
+ */
+static int validpw(uid_t uid, const char *pass)
+{
+       pid_t pid;
+       int status, pipev[2];
+       char buf[24];
+
+       if (pipe(pipev)) {
+               lprintf(1, "pipe failed (%s): denying autologin access for "
+                          "uid %u\n", strerror(errno), uid);
+               return 0;
+               }
+
+       switch (pid = fork()) {
+           case -1:
+               lprintf(1, "fork failed (%s): denying autologin access for "
+                          "uid %u\n", strerror(errno), uid);
+               close(pipev[0]);
+               close(pipev[1]);
+               return 0;
+
+           case 0:
+               close(pipev[1]);
+               if (dup2(pipev[0], 0) == -1) {
+                       perror("dup2");
+                       exit(1);
+                       }
+               close(pipev[0]);
 
-void cmd_pass(char *buf)
+               execl(BBSDIR "/chkpwd", BBSDIR "/chkpwd", NULL);
+               perror(BBSDIR "/chkpwd");
+               exit(1);
+               }
+
+       close(pipev[0]);
+       write(pipev[1], buf, sprintf(buf, "%lu\n", (unsigned long)uid));
+       write(pipev[1], pass, strlen(pass));
+       write(pipev[1], "\n", 1);
+       close(pipev[1]);
+
+       while (waitpid(pid, &status, 0) == -1)
+               if (errno != EINTR) {
+                       lprintf(1, "waitpid failed (%s): denying autologin "
+                                  "access for uid %u\n",
+                               strerror(errno), uid);
+                       return 0;
+                       }
+
+       if (WIFEXITED(status) && !WEXITSTATUS(status))
+               return 1;
+
+       return 0;
+       }
+#endif
+
+
+
+int CtdlTryPassword(char *password)
 {
-       char password[256];
        int code;
-       struct passwd *p;
-
-       extract(password,buf,0);
 
        if ((CC->logged_in)) {
-               cprintf("%d Already logged in.\n",ERROR);
-               return;
+               return pass_already_logged_in;
                }
-       if (!strcmp(CC->curr_user,"")) {
-               cprintf("%d You must send a name with USER first.\n",ERROR);
-               return;
+       if (!strcmp(CC->curr_user, NLI)) {
+               return pass_no_user;
                }
-       if (getuser(&CC->usersupp,CC->curr_user)) {
-               cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
-               return;
+       if (getuser(&CC->usersupp, CC->curr_user)) {
+               return pass_internal_error;
                }
 
        code = (-1);
-       if (CC->usersupp.USuid == BBSUID) {
+       if (CC->usersupp.uid == BBSUID) {
                strproc(password);
                strproc(CC->usersupp.password);
                code = strcasecmp(CC->usersupp.password,password);
                }
-       else {
-               p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 #ifdef ENABLE_AUTOLOGIN
-               if (p!=NULL) {
-                       if (!strcmp(p->pw_passwd,
-                          (char *)crypt(password,p->pw_passwd))) {
-                               code = 0;
-                               lgetuser(&CC->usersupp, CC->curr_user);
-                               strcpy(CC->usersupp.password, password);
-                               lputuser(&CC->usersupp, CC->curr_user);
-                               }
+       else {
+               if (validpw(CC->usersupp.uid, password)) {
+                       code = 0;
+                       lgetuser(&CC->usersupp, CC->curr_user);
+                       safestrncpy(CC->usersupp.password, password,
+                                   sizeof CC->usersupp.password);
+                       lputuser(&CC->usersupp);
                        }
-#endif
                }
+#endif
 
        if (!code) {
                (CC->logged_in) = 1;
                session_startup();
+               return pass_ok;
                }
        else {
-               cprintf("%d Wrong password.\n",ERROR);
                rec_log(CL_BADPW,CC->curr_user);
+               return pass_wrong_password;
                }
        }
 
 
+void cmd_pass(char *buf)
+{
+       char password[256];
+       int a;
+
+       extract(password, buf, 0);
+       a = CtdlTryPassword(password);
+
+       switch (a) {
+               case pass_already_logged_in:
+                       cprintf("%d Already logged in.\n",ERROR);
+                       return;
+               case pass_no_user:
+                       cprintf("%d You must send a name with USER first.\n",
+                               ERROR);
+                       return;
+               case pass_wrong_password:
+                       cprintf("%d Wrong password.\n", ERROR);
+                       return;
+               case pass_ok:
+                       logged_in_response();
+                       return;
+               cprintf("%d Can't find user record!\n",
+                       ERROR+INTERNAL_ERROR);
+       }
+}
+
+
+
 /*
  * Delete a user record *and* all of its related resources.
  */
 int purge_user(char pname[]) {
        char filename[64];
-       char mailboxname[ROOMNAMELEN];
        struct usersupp usbuf;
-       struct quickroom qrbuf;
        char lowercase_name[32];
        int a;
+       struct CitContext *ccptr;
+       int user_is_logged_in = 0;
 
        for (a=0; a<=strlen(pname); ++a) {
                lowercase_name[a] = tolower(pname[a]);
@@ -484,9 +532,26 @@ int purge_user(char pname[]) {
                return(ERROR+NO_SUCH_USER);
                }
 
-       lprintf(5, "Deleting user <%s>\n", pname);
+       /* Don't delete a user who is currently logged in.  Instead, just
+        * set the access level to 0, and let the account get swept up
+        * during the next purge.
+        */
+       user_is_logged_in = 0;
+       begin_critical_section(S_SESSION_TABLE);
+       for (ccptr=ContextList; ccptr!=NULL; ccptr=ccptr->next) {
+               if (ccptr->usersupp.usernum == usbuf.usernum) {
+                       user_is_logged_in = 1;
+                       }
+               }
+       end_critical_section(S_SESSION_TABLE);
+       if (user_is_logged_in == 1) {
+               lprintf(5, "User <%s> is logged in; not deleting.\n", pname);
+               usbuf.axlevel = 0;
+               putuser(&usbuf);
+               return(1);
+               }
 
-       /* FIX   Don't delete a user who is currently logged in. */
+       lprintf(5, "Deleting user <%s>\n", pname);
 
        /* Perform any purge functions registered by server extensions */
        PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
@@ -494,12 +559,6 @@ int purge_user(char pname[]) {
        /* delete any existing user/room relationships */
        cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 
-       /* Delete the user's mailbox and its contents */
-       MailboxName(mailboxname, &usbuf, MAILROOM);
-       if (getroom(&qrbuf, mailboxname)==0) {
-               delete_room(&qrbuf);
-               }
-
        /* delete the userlog entry */
        cdb_delete(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
 
@@ -537,10 +596,10 @@ int create_user(char *newusername)
                for (a=0; a<strlen(username); ++a) {
                        if (username[a] == ',') username[a] = 0;
                        }
-               CC->usersupp.USuid = p->pw_uid;
+               CC->usersupp.uid = p->pw_uid;
                }
        else {
-               CC->usersupp.USuid = BBSUID;
+               CC->usersupp.uid = BBSUID;
                }
 
        if (!getuser(&usbuf,username)) {
@@ -562,12 +621,6 @@ int create_user(char *newusername)
        CC->usersupp.USscreenwidth = 80;
        CC->usersupp.USscreenheight = 24;
        time(&CC->usersupp.lastcall);
-       strcpy(CC->usersupp.USname, "");
-       strcpy(CC->usersupp.USaddr, "");
-       strcpy(CC->usersupp.UScity, "");
-       strcpy(CC->usersupp.USstate, "");
-       strcpy(CC->usersupp.USzip, "");
-       strcpy(CC->usersupp.USphone, "");
 
        /* fetch a new user number */
        CC->usersupp.usernum = get_new_user_number();
@@ -577,7 +630,7 @@ int create_user(char *newusername)
                }
 
        /* add user to userlog */
-       putuser(&CC->usersupp,CC->curr_user);
+       putuser(&CC->usersupp);
        if (getuser(&CC->usersupp,CC->curr_user)) {
                return(ERROR+INTERNAL_ERROR);
                }
@@ -641,6 +694,7 @@ void cmd_newu(char *cmdbuf)
                }
        else if (a==0) {
                session_startup();
+               logged_in_response();
                }
        else {
                cprintf("%d unknown error\n",ERROR);
@@ -659,7 +713,7 @@ void cmd_setp(char *new_pw)
                cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
                return;
                }
-       if (CC->usersupp.USuid != BBSUID) {
+       if (CC->usersupp.uid != BBSUID) {
                cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
                return;
                }
@@ -670,7 +724,7 @@ void cmd_setp(char *new_pw)
                }
        lgetuser(&CC->usersupp,CC->curr_user);
        strcpy(CC->usersupp.password,new_pw);
-       lputuser(&CC->usersupp,CC->curr_user);
+       lputuser(&CC->usersupp);
        cprintf("%d Password changed.\n",OK);
        rec_log(CL_PWCHANGE,CC->curr_user);
        PerformSessionHooks(EVT_SETPASS);
@@ -713,7 +767,7 @@ void cmd_setu(char *new_parms)
        CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
        CC->usersupp.flags = CC->usersupp.flags | 
                (extract_int(new_parms,2) & US_USER_SET);
-       lputuser(&CC->usersupp,CC->curr_user);
+       lputuser(&CC->usersupp);
        cprintf("%d Ok\n",OK);
        }
 
@@ -743,7 +797,7 @@ void cmd_slrp(char *new_ptr)
        vbuf.v_lastseen = newlr;
        CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 
-       lputuser(&CC->usersupp, CC->curr_user);
+       lputuser(&CC->usersupp);
        cprintf("%d %ld\n",OK,newlr);
        }
 
@@ -788,10 +842,10 @@ void cmd_invt_kick(char *iuser, int op)
 
        CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 
-       lputuser(&USscratch,iuser);
+       lputuser(&USscratch);
 
        /* post a message in Aide> saying what we just did */
-       sprintf(bbb,"%s %s %s> by %s",
+       sprintf(bbb,"%s %s %s> by %s\n",
                iuser,
                ((op == 1) ? "invited to" : "kicked out of"),
                CC->quickroom.QRname,
@@ -826,9 +880,10 @@ void cmd_forg(void) {
        CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 
        vbuf.v_flags = vbuf.v_flags | V_FORGET;
+       vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
 
        CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
-       lputuser(&CC->usersupp,CC->curr_user);
+       lputuser(&CC->usersupp);
        cprintf("%d Ok\n",OK);
        usergoto(BASEROOM, 0);
        }
@@ -861,7 +916,7 @@ void cmd_gnur(void) {
         */
        cdb_rewind(CDB_USERSUPP);
        while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
-               bzero(&usbuf, sizeof(struct usersupp));
+               memset(&usbuf, 0, sizeof(struct usersupp));
                memcpy(&usbuf, cdbus->ptr,
                        ( (cdbus->len > sizeof(struct usersupp)) ?
                        sizeof(struct usersupp) : cdbus->len) );
@@ -888,67 +943,6 @@ void cmd_gnur(void) {
        }
 
 
-/*
- * get registration info for a user
- */
-void cmd_greg(char *who)
-{
-       struct usersupp usbuf;
-       int a,b;
-       char pbuf[32];
-
-       if (!(CC->logged_in)) {
-               cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
-               return;
-               }
-
-       if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
-
-       if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
-               cprintf("%d Higher access required.\n",
-                       ERROR+HIGHER_ACCESS_REQUIRED);
-               return;
-               }
-
-       if (getuser(&usbuf,who) != 0) {
-               cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
-               return;
-               }
-
-       cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
-       cprintf("%ld\n",usbuf.usernum);
-       cprintf("%s\n",usbuf.password);
-       cprintf("%s\n",usbuf.USname);
-       cprintf("%s\n",usbuf.USaddr);
-       cprintf("%s\n%s\n%s\n",
-               usbuf.UScity,usbuf.USstate,usbuf.USzip);
-       strcpy(pbuf,usbuf.USphone);
-       usbuf.USphone[0]=0;
-       for (a=0; a<strlen(pbuf); ++a) {
-               if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
-                       b=strlen(usbuf.USphone);
-                       usbuf.USphone[b]=pbuf[a];
-                       usbuf.USphone[b+1]=0;
-                       }
-               }
-       while(strlen(usbuf.USphone)<10) {
-               strcpy(pbuf,usbuf.USphone);
-               strcpy(usbuf.USphone," ");
-               strcat(usbuf.USphone,pbuf);
-               }
-
-       cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
-               usbuf.USphone[0],usbuf.USphone[1],
-               usbuf.USphone[2],usbuf.USphone[3],
-               usbuf.USphone[4],usbuf.USphone[5],
-               usbuf.USphone[6],usbuf.USphone[7],
-               usbuf.USphone[8],usbuf.USphone[9]);
-
-       cprintf("%d\n",usbuf.axlevel);
-       cprintf("%s\n",usbuf.USemail);
-       cprintf("000\n");
-       }
-
 /*
  * validate a user
  */
@@ -980,7 +974,7 @@ void cmd_vali(char *v_args)
        userbuf.axlevel = newax;
        userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 
-       lputuser(&userbuf,user);
+       lputuser(&userbuf);
 
        /* If the access level was set to zero, delete the user */
        if (newax == 0) {
@@ -998,19 +992,20 @@ void cmd_vali(char *v_args)
 /* 
  *  Traverse the user file...
  */
-void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
+void ForEachUser(void (*CallBack)(struct usersupp *EachUser, void *out_data),
+               void *in_data) {
        struct usersupp usbuf;
        struct cdbdata *cdbus;
 
        cdb_rewind(CDB_USERSUPP);
 
        while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
-               bzero(&usbuf, sizeof(struct usersupp));
+               memset(&usbuf, 0, sizeof(struct usersupp));
                memcpy(&usbuf, cdbus->ptr,
                        ( (cdbus->len > sizeof(struct usersupp)) ?
                        sizeof(struct usersupp) : cdbus->len) );
                cdb_free(cdbus);
-               (*CallBack)(&usbuf);
+               (*CallBack)(&usbuf, in_data);
                }
        }
 
@@ -1018,7 +1013,7 @@ void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
 /*
  * List one user (this works with cmd_list)
  */
-void ListThisUser(struct usersupp *usbuf) {
+void ListThisUser(struct usersupp *usbuf, void *data) {
        if (usbuf->axlevel > 0) {
                if ((CC->usersupp.axlevel>=6)
                   ||((usbuf->flags&US_UNLISTED)==0)
@@ -1042,95 +1037,11 @@ void ListThisUser(struct usersupp *usbuf) {
  */
 void cmd_list(void) {
        cprintf("%d \n",LISTING_FOLLOWS);
-       ForEachUser(ListThisUser);
+       ForEachUser(ListThisUser, NULL);
        cprintf("000\n");
        }
 
 
-/*
- * enter registration info
- */
-void cmd_regi(void) {
-       int a,b,c;
-       char buf[256];
-
-       char tmpname[256];
-       char tmpaddr[256];
-       char tmpcity[256];
-       char tmpstate[256];
-       char tmpzip[256];
-       char tmpphone[256];
-       char tmpemail[256];
-
-       if (!(CC->logged_in)) {
-               cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
-               return;
-               }
-
-       strcpy(tmpname,"");
-       strcpy(tmpaddr,"");
-       strcpy(tmpcity,"");
-       strcpy(tmpstate,"");
-       strcpy(tmpzip,"");
-       strcpy(tmpphone,"");
-       strcpy(tmpemail,"");
-
-       cprintf("%d Send registration...\n",SEND_LISTING);
-       a=0;
-       while (client_gets(buf), strcmp(buf,"000")) {
-               if (a==0) strcpy(tmpname,buf);
-               if (a==1) strcpy(tmpaddr,buf);
-               if (a==2) strcpy(tmpcity,buf);
-               if (a==3) strcpy(tmpstate,buf);
-               if (a==4) {
-                       for (c=0; c<strlen(buf); ++c) {
-                               if ((buf[c]>='0')&&(buf[c]<='9')) {
-                                       b=strlen(tmpzip);
-                                       tmpzip[b]=buf[c];
-                                       tmpzip[b+1]=0;
-                                       }
-                               }
-                       }
-               if (a==5) {
-                       for (c=0; c<strlen(buf); ++c) {
-                               if ((buf[c]>='0')&&(buf[c]<='9')) {
-                                       b=strlen(tmpphone);
-                                       tmpphone[b]=buf[c];
-                                       tmpphone[b+1]=0;
-                                       }
-                               }
-                       }
-               if (a==6) strncpy(tmpemail,buf,31);
-               ++a;
-               }
-
-       tmpname[29]=0;
-       tmpaddr[24]=0;
-       tmpcity[14]=0;
-       tmpstate[2]=0;
-       tmpzip[9]=0;
-       tmpphone[10]=0;
-       tmpemail[31]=0;
-
-       lgetuser(&CC->usersupp,CC->curr_user);
-       strcpy(CC->usersupp.USname,tmpname);
-       strcpy(CC->usersupp.USaddr,tmpaddr);
-       strcpy(CC->usersupp.UScity,tmpcity);
-       strcpy(CC->usersupp.USstate,tmpstate);
-       strcpy(CC->usersupp.USzip,tmpzip);
-       strcpy(CC->usersupp.USphone,tmpphone);
-       strcpy(CC->usersupp.USemail,tmpemail);
-       CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
-       lputuser(&CC->usersupp,CC->curr_user);
-
-       /* set global flag calling for validation */
-       begin_critical_section(S_CONTROL);
-       get_control();
-       CitControl.MMflags = CitControl.MMflags | MM_VALID ;
-       put_control();
-       end_critical_section(S_CONTROL);
-       cprintf("%d *** End of registration.\n",OK);
-       }
 
 
 /*
@@ -1178,82 +1089,6 @@ void cmd_qusr(char *who)
        }
 
 
-/*
- * enter user bio
- */
-void cmd_ebio(void) {
-       char buf[256];
-       FILE *fp;
-
-       if (!(CC->logged_in)) {
-               cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
-               return;
-               }
-
-       sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
-       fp = fopen(buf,"w");
-       if (fp == NULL) {
-               cprintf("%d Cannot create file\n",ERROR);
-               return;
-               }
-       cprintf("%d  \n",SEND_LISTING);
-       while(client_gets(buf), strcmp(buf,"000")) {
-               fprintf(fp,"%s\n",buf);
-               }
-       fclose(fp);
-       }
-
-/*
- * read user bio
- */
-void cmd_rbio(char *cmdbuf)
-{
-       struct usersupp ruser;
-       char buf[256];
-       FILE *fp;
-
-       extract(buf,cmdbuf,0);
-       if (getuser(&ruser,buf)!=0) {
-               cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
-               return;
-               }
-       sprintf(buf,"./bio/%ld",ruser.usernum);
-       
-       fp = fopen(buf,"r");
-       if (fp == NULL) {
-               cprintf("%d %s has no bio on file.\n",
-                       ERROR+FILE_NOT_FOUND,ruser.fullname);
-               return;
-               }
-       cprintf("%d  \n",LISTING_FOLLOWS);
-       while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
-       fclose(fp);
-       cprintf("000\n");
-       }
-
-/*
- * list of users who have entered bios
- */
-void cmd_lbio(void) {
-       char buf[256];
-       FILE *ls;
-       struct usersupp usbuf;
-
-       ls=popen("cd ./bio; ls","r");
-       if (ls==NULL) {
-               cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
-               return;
-               }
-
-       cprintf("%d\n",LISTING_FOLLOWS);
-       while (fgets(buf,255,ls)!=NULL)
-               if (getuserbynumber(&usbuf,atol(buf))==0)
-                       cprintf("%s\n",usbuf.fullname);
-       pclose(ls);
-       cprintf("000\n");
-       }
-
-
 /*
  * Administrative Get User Parameters
  */
@@ -1274,7 +1109,7 @@ void cmd_agup(char *cmdbuf) {
                return;
                }
 
-       cprintf("%d %s|%s|%u|%d|%d|%d|%ld|%d\n", 
+       cprintf("%d %s|%s|%u|%d|%d|%d|%ld|%ld|%d\n", 
                OK,
                usbuf.fullname,
                usbuf.password,
@@ -1283,6 +1118,7 @@ void cmd_agup(char *cmdbuf) {
                usbuf.posted,
                (int)usbuf.axlevel,
                usbuf.usernum,
+               usbuf.lastcall,
                usbuf.USuserpurge);
        }
 
@@ -1296,6 +1132,7 @@ void cmd_asup(char *cmdbuf) {
        char requested_user[256];
        int np;
        int newax;
+       int deleted = 0;
        
        if ( (CC->internal_pgm==0)
           && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
@@ -1322,16 +1159,21 @@ void cmd_asup(char *cmdbuf) {
                        }
                }
        if (np > 7) {
-               usbuf.USuserpurge = extract_int(cmdbuf, 7);
+               usbuf.lastcall = extract_long(cmdbuf, 7);
+               }
+       if (np > 8) {
+               usbuf.USuserpurge = extract_int(cmdbuf, 8);
                }
 
-       lputuser(&usbuf, requested_user);
+       lputuser(&usbuf);
        if (usbuf.axlevel == 0) {
                if (purge_user(requested_user)==0) {
-                       cprintf("%d %s deleted.\n", OK, requested_user);
+                       deleted = 1;
                        }
                }
-       cprintf("%d Ok\n", OK);
+       cprintf("%d Ok", OK);
+       if (deleted) cprintf(" (%s deleted)", requested_user);
+       cprintf("\n");
        }
 
 
@@ -1341,22 +1183,35 @@ void cmd_asup(char *cmdbuf) {
 int NewMailCount() {
        int num_newmsgs = 0;
        int a;
-       char mailboxname[32];
+       char mailboxname[ROOMNAMELEN];
        struct quickroom mailbox;
        struct visit vbuf;
+        struct cdbdata *cdbfr;
+       long *msglist = NULL;
+       int num_msgs = 0;
 
        MailboxName(mailboxname, &CC->usersupp, MAILROOM);
        if (getroom(&mailbox, mailboxname)!=0) return(0);
        CtdlGetRelationship(&vbuf, &CC->usersupp, &mailbox);
 
-       get_msglist(&mailbox);
-       for (a=0; a<CC->num_msgs; ++a) {
-               if (MessageFromList(a)>0L) {
-                       if (MessageFromList(a) > vbuf.v_lastseen) {
+        cdbfr = cdb_fetch(CDB_MSGLISTS, &mailbox.QRnumber, sizeof(long));
+
+        if (cdbfr != NULL) {
+               msglist = mallok(cdbfr->len);
+               memcpy(msglist, cdbfr->ptr, cdbfr->len);
+               num_msgs = cdbfr->len / sizeof(long);
+               cdb_free(cdbfr);
+       }
+
+       if (num_msgs > 0) for (a=0; a<num_msgs; ++a) {
+               if (msglist[a]>0L) {
+                       if (msglist[a] > vbuf.v_lastseen) {
                                ++num_newmsgs;
                                }
                        }
                }
 
+       if (msglist != NULL) phree(msglist);
+
        return(num_newmsgs);
        }
Citadel server, clients, utilities