/* needed to properly enable crypt() stuff on some systems */
#define _XOPEN_SOURCE
+/* needed for str[n]casecmp() on some systems if the above is defined */
+#define _XOPEN_SOURCE_EXTENDED
#include <stdlib.h>
#include <unistd.h>
#include "citadel.h"
#include "server.h"
#include "proto.h"
+#include "database.h"
extern struct config config;
-/*
- * pwcrypt() - simple password encryption
- */
-void pwcrypt(char *text, int code)
-{
- int a;
- for (a=0; a<strlen(text); ++a) text[a]=(text[a]^(((code|128)^a)&0xFF));
- }
-
-
/*
* hash() - hash table function for user lookup
*/
}
cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
- if (cdbus == NULL) { /* not found */
- return(1);
+ if (cdbus == NULL) {
+ return(1); /* user not found */
}
- memcpy(usbuf, cdbus->ptr, cdbus->len);
+ memcpy(usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
return(0);
}
lowercase_name[a] = tolower(name[a]);
}
- cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
+ cdb_store(CDB_USERSUPP,
+ lowercase_name, strlen(lowercase_name),
usbuf, sizeof(struct usersupp));
}
/*
* lputuser() - same as putuser() but locks the record
*/
-void lputuser(struct usersupp *usbuf, char *name)
-{
+void lputuser(struct usersupp *usbuf, char *name) {
putuser(usbuf,name);
end_critical_section(S_USERSUPP);
}
*/
int is_room_aide(void) {
if ( (CC->usersupp.axlevel >= 6)
- || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
- else return(0);
+ || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
+ return(1);
+ }
+ else {
+ return(0);
+ }
}
/*
while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(usbuf, sizeof(struct usersupp));
- memcpy(usbuf, cdbus->ptr, cdbus->len);
+ memcpy(usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if (usbuf->usernum == number) {
return(0);
hook_user_login(CC->cs_pid, CC->curr_user);
lgetuser(&CC->usersupp,CC->curr_user);
++(CC->usersupp.timescalled);
- /* <bc> */
CC->fake_username[0] = '\0';
CC->fake_postname[0] = '\0';
CC->fake_hostname[0] = '\0';
CC->fake_roomname[0] = '\0';
CC->last_pager[0] = '\0';
- /* <bc> */
time(&CC->usersupp.lastcall);
/* If this user's name is the name of the system administrator
* (as specified in setup), automatically assign access level 6.
*/
- if (!strucmp(CC->usersupp.fullname, config.c_sysadm)) {
+ if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
CC->usersupp.axlevel = 6;
}
code = (-1);
if (CC->usersupp.USuid == BBSUID) {
strproc(password);
- pwcrypt(CC->usersupp.password,config.c_pwcrypt);
strproc(CC->usersupp.password);
- code = strucmp(CC->usersupp.password,password);
- pwcrypt(CC->usersupp.password,config.c_pwcrypt);
+ code = strcasecmp(CC->usersupp.password,password);
}
else {
p = (struct passwd *)getpwuid(CC->usersupp.USuid);
code = 0;
lgetuser(&CC->usersupp, CC->curr_user);
strcpy(CC->usersupp.password, password);
- pwcrypt(CC->usersupp.password, config.c_pwcrypt);
lputuser(&CC->usersupp, CC->curr_user);
}
}
char filename[64];
struct usersupp usbuf;
int a;
+ struct cdbdata *cdbmb;
+ long *mailbox;
+ int num_mails;
if (getuser(&usbuf, pname) != 0) {
lprintf(5, "Cannot purge user <%s> - not found\n", pname);
}
/* delete any messages in the user's mailbox */
- for (a=0; a<MAILSLOTS; ++a) {
- if (usbuf.mailnum[a] > 0L) {
- cdb_delete(CDB_MSGMAIN, &usbuf.mailnum[a],
- sizeof(long));
+ cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
+ if (cdbmb != NULL) {
+ num_mails = cdbmb->len / sizeof(long);
+ mailbox = (long *) cdbmb->ptr;
+ if (num_mails > 0) for (a=0; a<num_mails; ++a) {
+ cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
}
+ cdb_free(cdbmb);
+ /* now delete the mailbox itself */
+ cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
}
+
+ /* delete the userlog entry */
+ cdb_delete(CDB_USERSUPP, pname, strlen(pname));
+
/* remove the user's bio file */
sprintf(filename, "./bio/%ld", usbuf.usernum);
unlink(filename);
int create_user(char *newusername)
{
struct usersupp usbuf;
- int a,file;
- long aa;
+ int a;
struct passwd *p = NULL;
char username[64];
CC->usersupp.generation[a]=(-1);
CC->usersupp.forget[a]=(-1);
}
- for (a=0; a<MAILSLOTS; ++a) {
- CC->usersupp.mailnum[a]=0L;
- }
strcpy(CC->usersupp.password,"");
/* These are the default flags on new accounts */
}
a = create_user(username);
- if ((!strucmp(username, "bbs")) ||
- (!strucmp(username, "new")) ||
- (!strucmp(username, ".")))
+ if ((!strcasecmp(username, "bbs")) ||
+ (!strcasecmp(username, "new")) ||
+ (!strcasecmp(username, ".")))
{
cprintf("%d '%s' is an invalid login name.\n", ERROR);
return;
}
lgetuser(&CC->usersupp,CC->curr_user);
strcpy(CC->usersupp.password,new_pw);
- pwcrypt(CC->usersupp.password,config.c_pwcrypt);
lputuser(&CC->usersupp,CC->curr_user);
cprintf("%d Password changed.\n",OK);
rec_log(CL_PWCHANGE,CC->curr_user);
return;
}
getuser(&CC->usersupp,CC->curr_user);
- cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
- CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
+ cprintf("%d %d|%d|%d\n",
+ OK,
+ CC->usersupp.USscreenwidth,
+ CC->usersupp.USscreenheight,
+ (CC->usersupp.flags & US_USER_SET)
+ );
}
/*
return;
}
- if (!struncmp(new_ptr,"highest",7)) {
+ if (!strncasecmp(new_ptr,"highest",7)) {
newlr = CC->quickroom.QRhighest;
}
else {
void cmd_gnur(void) {
struct cdbdata *cdbus;
struct usersupp usbuf;
- FILE *fp;
if (!(CC->logged_in)) {
cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
cdb_rewind(CDB_USERSUPP);
while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(&usbuf, sizeof(struct usersupp));
- memcpy(&usbuf, cdbus->ptr, cdbus->len);
+ memcpy(&usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if ((usbuf.flags & US_NEEDVALID)
&&(usbuf.axlevel > 0)) {
return;
}
- if (!strucmp(who,"_SELF_")) strcpy(who,CC->curr_user);
+ if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
- if ((CC->usersupp.axlevel < 6) && (strucmp(who,CC->curr_user))) {
+ if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
cprintf("%d Higher access required.\n",
ERROR+HIGHER_ACCESS_REQUIRED);
return;
cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
cprintf("%ld\n",usbuf.usernum);
- pwcrypt(usbuf.password,PWCRYPT);
cprintf("%s\n",usbuf.password);
cprintf("%s\n",usbuf.USname);
cprintf("%s\n",usbuf.USaddr);
userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
lputuser(&userbuf,user);
+
+ /* If the access level was set to zero, delete the user */
+ if (newax == 0) {
+ purge_user(user);
+ cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
+ return;
+ }
+
cprintf("%d ok\n",OK);
}
while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(&usbuf, sizeof(struct usersupp));
- memcpy(&usbuf, cdbus->ptr, cdbus->len);
+ memcpy(&usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if (usbuf.axlevel > 0) {
usbuf.lastcall,
usbuf.timescalled,
usbuf.posted);
- pwcrypt(usbuf.password,config.c_pwcrypt);
if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
cprintf("\n");
}
*/
void cmd_regi(void) {
int a,b,c;
- FILE *fp;
char buf[256];
char tmpname[256];
int mail = 0;
int regis = 0;
int vali = 0;
- int a,file;
+ int a;
+ struct cdbdata *cdbmb;
+ long *mailbox;
+ int num_mails;
+
if (!(CC->logged_in)) {
cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
if (CitControl.MMflags&MM_VALID) vali = 1;
}
- mail=0; /* check for mail */
- for (a=0; a<MAILSLOTS; ++a)
- if ((CC->usersupp.mailnum[a])>(CC->usersupp.lastseen[1]))
- ++mail;
+
+ /* check for mail */
+ mail = 0;
+ cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
+ if (cdbmb != NULL) {
+ num_mails = cdbmb->len / sizeof(long);
+ mailbox = (long *) cdbmb->ptr;
+ if (num_mails > 0) for (a=0; a<num_mails; ++a) {
+ if (mailbox[a] > (CC->usersupp.lastseen[1])) ++mail;
+ }
+ cdb_free(cdbmb);
+ }
+
cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
}
pclose(ls);
cprintf("000\n");
}
+
+
+/*
+ * Administrative Get User Parameters
+ */
+void cmd_agup(char *cmdbuf) {
+ struct usersupp usbuf;
+ char requested_user[256];
+
+ if ( (CC->internal_pgm==0)
+ && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
+ cprintf("%d Higher access required.\n",
+ ERROR + HIGHER_ACCESS_REQUIRED);
+ return;
+ }
+
+ extract(requested_user, cmdbuf, 0);
+ if (getuser(&usbuf, requested_user) != 0) {
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
+ return;
+ }
+
+ cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
+ OK,
+ usbuf.fullname,
+ usbuf.password,
+ usbuf.flags,
+ usbuf.timescalled,
+ usbuf.posted,
+ (int)usbuf.axlevel,
+ usbuf.usernum);
+
+ }
+
+
+
+/*
+ * Administrative Set User Parameters
+ */
+void cmd_asup(char *cmdbuf) {
+ struct usersupp usbuf;
+ char requested_user[256];
+ int np;
+
+ if ( (CC->internal_pgm==0)
+ && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
+ cprintf("%d Higher access required.\n",
+ ERROR + HIGHER_ACCESS_REQUIRED);
+ return;
+ }
+
+ extract(requested_user, cmdbuf, 0);
+ if (lgetuser(&usbuf, requested_user) != 0) {
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
+ return;
+ }
+
+ np = num_parms(cmdbuf);
+ if (np > 1) extract(usbuf.password, cmdbuf, 1);
+ if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
+ if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
+ if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
+ if (np > 5) usbuf.axlevel = extract_int(cmdbuf, 5);
+
+ lputuser(&usbuf, requested_user);
+ cprintf("%d Ok\n", OK);
+ }