/* needed to properly enable crypt() stuff on some systems */
#define _XOPEN_SOURCE
+/* needed for str[n]casecmp() on some systems if the above is defined */
+#define _XOPEN_SOURCE_EXTENDED
#include <stdlib.h>
#include <unistd.h>
#include "citadel.h"
#include "server.h"
#include "proto.h"
+#include "database.h"
extern struct config config;
-/*
- * pwcrypt() - simple password encryption (not in use)
-void pwcrypt(char *text, int code)
-{
- int a;
- for (a=0; a<strlen(text); ++a) text[a]=(text[a]^(((code|128)^a)&0xFF));
- }
- */
-
-
/*
* hash() - hash table function for user lookup
*/
}
cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
- if (cdbus == NULL) { /* not found */
- return(1);
+ if (cdbus == NULL) {
+ return(1); /* user not found */
}
- memcpy(usbuf, cdbus->ptr, cdbus->len);
+ memcpy(usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
return(0);
}
lowercase_name[a] = tolower(name[a]);
}
- cdb_store(CDB_USERSUPP, lowercase_name, strlen(lowercase_name),
+ cdb_store(CDB_USERSUPP,
+ lowercase_name, strlen(lowercase_name),
usbuf, sizeof(struct usersupp));
}
/*
* lputuser() - same as putuser() but locks the record
*/
-void lputuser(struct usersupp *usbuf, char *name)
-{
+void lputuser(struct usersupp *usbuf, char *name) {
putuser(usbuf,name);
end_critical_section(S_USERSUPP);
}
*/
int is_room_aide(void) {
if ( (CC->usersupp.axlevel >= 6)
- || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) return(1);
- else return(0);
+ || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
+ return(1);
+ }
+ else {
+ return(0);
+ }
}
/*
while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(usbuf, sizeof(struct usersupp));
- memcpy(usbuf, cdbus->ptr, cdbus->len);
+ memcpy(usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if (usbuf->usernum == number) {
return(0);
/* If this user's name is the name of the system administrator
* (as specified in setup), automatically assign access level 6.
*/
- if (!strucmp(CC->usersupp.fullname, config.c_sysadm)) {
+ if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
CC->usersupp.axlevel = 6;
}
code = (-1);
if (CC->usersupp.USuid == BBSUID) {
strproc(password);
- /* pwcrypt(CC->usersupp.password,config.c_pwcrypt); */
strproc(CC->usersupp.password);
- code = strucmp(CC->usersupp.password,password);
- /* pwcrypt(CC->usersupp.password,config.c_pwcrypt); */
+ code = strcasecmp(CC->usersupp.password,password);
}
else {
p = (struct passwd *)getpwuid(CC->usersupp.USuid);
code = 0;
lgetuser(&CC->usersupp, CC->curr_user);
strcpy(CC->usersupp.password, password);
- /* pwcrypt(CC->usersupp.password, config.c_pwcrypt); */
lputuser(&CC->usersupp, CC->curr_user);
}
}
}
a = create_user(username);
- if ((!strucmp(username, "bbs")) ||
- (!strucmp(username, "new")) ||
- (!strucmp(username, ".")))
+ if ((!strcasecmp(username, "bbs")) ||
+ (!strcasecmp(username, "new")) ||
+ (!strcasecmp(username, ".")))
{
cprintf("%d '%s' is an invalid login name.\n", ERROR);
return;
}
lgetuser(&CC->usersupp,CC->curr_user);
strcpy(CC->usersupp.password,new_pw);
- /* pwcrypt(CC->usersupp.password,config.c_pwcrypt); */
lputuser(&CC->usersupp,CC->curr_user);
cprintf("%d Password changed.\n",OK);
rec_log(CL_PWCHANGE,CC->curr_user);
return;
}
getuser(&CC->usersupp,CC->curr_user);
- cprintf("%d %d|%d|%d\n",OK,CC->usersupp.USscreenwidth,
- CC->usersupp.USscreenheight,(CC->usersupp.flags & US_USER_SET));
+ cprintf("%d %d|%d|%d\n",
+ OK,
+ CC->usersupp.USscreenwidth,
+ CC->usersupp.USscreenheight,
+ (CC->usersupp.flags & US_USER_SET)
+ );
}
/*
return;
}
- if (!struncmp(new_ptr,"highest",7)) {
+ if (!strncasecmp(new_ptr,"highest",7)) {
newlr = CC->quickroom.QRhighest;
}
else {
cdb_rewind(CDB_USERSUPP);
while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(&usbuf, sizeof(struct usersupp));
- memcpy(&usbuf, cdbus->ptr, cdbus->len);
+ memcpy(&usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if ((usbuf.flags & US_NEEDVALID)
&&(usbuf.axlevel > 0)) {
return;
}
- if (!strucmp(who,"_SELF_")) strcpy(who,CC->curr_user);
+ if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
- if ((CC->usersupp.axlevel < 6) && (strucmp(who,CC->curr_user))) {
+ if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
cprintf("%d Higher access required.\n",
ERROR+HIGHER_ACCESS_REQUIRED);
return;
cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
cprintf("%ld\n",usbuf.usernum);
- /* pwcrypt(usbuf.password,PWCRYPT); */
cprintf("%s\n",usbuf.password);
cprintf("%s\n",usbuf.USname);
cprintf("%s\n",usbuf.USaddr);
while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
bzero(&usbuf, sizeof(struct usersupp));
- memcpy(&usbuf, cdbus->ptr, cdbus->len);
+ memcpy(&usbuf, cdbus->ptr,
+ ( (cdbus->len > sizeof(struct usersupp)) ?
+ sizeof(struct usersupp) : cdbus->len) );
cdb_free(cdbus);
if (usbuf.axlevel > 0) {
usbuf.lastcall,
usbuf.timescalled,
usbuf.posted);
- /* pwcrypt(usbuf.password,config.c_pwcrypt); */
if (CC->usersupp.axlevel >= 6) cprintf("%s",usbuf.password);
cprintf("\n");
}
pclose(ls);
cprintf("000\n");
}
+
+
+/*
+ * Administrative Get User Parameters
+ */
+void cmd_agup(char *cmdbuf) {
+ struct usersupp usbuf;
+ char requested_user[256];
+
+ if ( (CC->internal_pgm==0)
+ && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
+ cprintf("%d Higher access required.\n",
+ ERROR + HIGHER_ACCESS_REQUIRED);
+ return;
+ }
+
+ extract(requested_user, cmdbuf, 0);
+ if (getuser(&usbuf, requested_user) != 0) {
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
+ return;
+ }
+
+ cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
+ OK,
+ usbuf.fullname,
+ usbuf.password,
+ usbuf.flags,
+ usbuf.timescalled,
+ usbuf.posted,
+ (int)usbuf.axlevel,
+ usbuf.usernum);
+
+ }
+
+
+
+/*
+ * Administrative Set User Parameters
+ */
+void cmd_asup(char *cmdbuf) {
+ struct usersupp usbuf;
+ char requested_user[256];
+ int np;
+
+ if ( (CC->internal_pgm==0)
+ && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
+ cprintf("%d Higher access required.\n",
+ ERROR + HIGHER_ACCESS_REQUIRED);
+ return;
+ }
+
+ extract(requested_user, cmdbuf, 0);
+ if (lgetuser(&usbuf, requested_user) != 0) {
+ cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
+ return;
+ }
+
+ np = num_parms(cmdbuf);
+ if (np > 1) extract(usbuf.password, cmdbuf, 1);
+ if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
+ if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
+ if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
+ if (np > 5) usbuf.axlevel = extract_int(cmdbuf, 5);
+
+ lputuser(&usbuf, requested_user);
+ cprintf("%d Ok\n", OK);
+ }