#include <ctype.h>
#include <sys/types.h>
#include <sys/wait.h>
+#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
+#endif
#if TIME_WITH_SYS_TIME
# include <sys/time.h>
#include <string.h>
#include <limits.h>
+#include <libcitadel.h>
#include "auth.h"
#include "citadel.h"
#include "server.h"
#include "database.h"
#include "user_ops.h"
-#include "serv_extensions.h"
#include "sysdep_decls.h"
#include "support.h"
#include "room_ops.h"
#include "control.h"
#include "msgbase.h"
#include "config.h"
-#include "tools.h"
#include "citserver.h"
#include "citadel_dirs.h"
#include "genstamp.h"
int i, len;
len = strlen(username);
+ if (len >= USERNAME_SIZE)
+ {
+ lprintf (CTDL_EMERG, "Username to long: %s", username);
+ cit_backtrace ();
+ len = USERNAME_SIZE - 1;
+ username[USERNAME_SIZE - 1]='\0';
+ }
for (i=0; i<=len; ++i) {
key[i] = tolower(username[i]);
}
char IndexBuf[32];
int IndexLen = 0;
+ memset (IndexBuf, 0, sizeof (IndexBuf));
/* Generate an index */
IndexLen = GenerateRelationshipIndex(IndexBuf,
newvisit->v_roomnum,
return (-1);
}
-#define MASTER_USER "master"
-#define MASTER_PASSWORD "d0nuts"
-
/*
* Back end for cmd_user() and its ilk
*
if (trythisname == NULL) return login_not_found;
+ /* If a "master user" is defined, handle its authentication if specified */
CC->is_master = 0;
-/* This code WORKS! It's commented out because we don't want anyone using the hardcoded password.
- if (authname) {
- if (!strcasecmp(authname, MASTER_USER)) {
+ if (strlen(config.c_master_user) > 0) if (strlen(config.c_master_pass) > 0) if (authname) {
+ if (!strcasecmp(authname, config.c_master_user)) {
CC->is_master = 1;
}
}
-*/
+ /* Continue attempting user validation... */
safestrncpy(username, trythisname, USERNAME_SIZE);
striplt(username);
- if (strlen(username) == 0) {
+ if (IsEmptyStr(username)) {
return login_not_found;
}
* is an e-mail address
*/
if (found_user != 0) {
- valid = validate_recipients(username);
+ valid = validate_recipients(username, NULL, 0);
if (valid != NULL) {
if (valid->num_local == 1) {
found_user = getuser(&CC->user, valid->recp_local);
*/
snprintf(CC->cs_inet_email, sizeof CC->cs_inet_email, "%s@%s",
CC->user.fullname, config.c_fqdn);
- for (i=0; i<strlen(CC->cs_inet_email); ++i) {
+ for (i=0; !IsEmptyStr(&CC->cs_inet_email[i]); ++i) {
if (isspace(CC->cs_inet_email[i])) {
CC->cs_inet_email[i] = '_';
}
/*
* If we were talking to a network node, we're not anymore...
*/
- if (strlen(who->net_node) > 0) {
+ if (!IsEmptyStr(who->net_node)) {
network_talking_to(who->net_node, NTT_REMOVE);
}
code = (-1);
if (CC->is_master) {
- code = strcmp(password, MASTER_PASSWORD);
+ code = strcmp(password, config.c_master_pass);
}
else if (config.c_auth_mode == 1) {
username[25] = 0;
strproc(username);
- if (strlen(username) == 0) {
+ if (IsEmptyStr(username)) {
cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
return;
}
strproc(new_pw);
- if (strlen(new_pw) == 0) {
+ if (IsEmptyStr(new_pw)) {
cprintf("%d Password unchanged.\n", CIT_OK);
return;
}
strproc(username);
strproc(password);
- if (strlen(username) == 0) {
+ if (IsEmptyStr(username)) {
cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED);
return;
}
a = create_user(username, 0);
if (a == 0) {
- if (strlen(password) > 0) {
+ if (!IsEmptyStr(password)) {
lgetuser(&tmp, username);
safestrncpy(tmp.password, password, sizeof(tmp.password));
lputuser(&tmp);
}
cprintf("%d User '%s' created %s.\n", CIT_OK, username,
- (strlen(password) > 0) ? "and password set" :
+ (!IsEmptyStr(password)) ? "and password set" :
"with no password");
return;
} else if (a == ERROR + ALREADY_EXISTS) {
- cprintf("%d '%s' already exists.\n",
- ERROR + ALREADY_EXISTS, username);
+ cprintf("%d '%s' already exists.\n", ERROR + ALREADY_EXISTS, username);
+ return;
+ } else if ( (config.c_auth_mode == 1) && (a == ERROR + NO_SUCH_USER) ) {
+ cprintf("%d User accounts are not created within Citadel in host authentication mode.\n",
+ ERROR + NO_SUCH_USER);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
+ cprintf("%d An error occurred creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}