#include <string.h>
#include <limits.h>
+#include <libcitadel.h>
#include "auth.h"
#include "citadel.h"
#include "server.h"
#include "control.h"
#include "msgbase.h"
#include "config.h"
-#include "tools.h"
#include "citserver.h"
#include "citadel_dirs.h"
#include "genstamp.h"
int i, len;
len = strlen(username);
+ if (len >= USERNAME_SIZE)
+ {
+ lprintf (CTDL_EMERG, "Username to long: %s", username);
+ cit_backtrace ();
+ len = USERNAME_SIZE - 1;
+ username[USERNAME_SIZE - 1]='\0';
+ }
for (i=0; i<=len; ++i) {
key[i] = tolower(username[i]);
}
char IndexBuf[32];
int IndexLen = 0;
+ memset (IndexBuf, 0, sizeof (IndexBuf));
/* Generate an index */
IndexLen = GenerateRelationshipIndex(IndexBuf,
newvisit->v_roomnum,
return (-1);
}
-#define MASTER_USER "master"
-#define MASTER_PASSWORD "d0nuts"
-
/*
* Back end for cmd_user() and its ilk
*
if (trythisname == NULL) return login_not_found;
+ /* If a "master user" is defined, handle its authentication if specified */
CC->is_master = 0;
-#ifdef MASTER_USER_HACK
- /* This lives inside an ifdef for now, because it isn't yet secure enough for general deployment */
- if (authname) {
- if (!strcasecmp(authname, MASTER_USER)) {
+ if (strlen(config.c_master_user) > 0) if (strlen(config.c_master_pass) > 0) if (authname) {
+ if (!strcasecmp(authname, config.c_master_user)) {
CC->is_master = 1;
}
}
-#endif
+ /* Continue attempting user validation... */
safestrncpy(username, trythisname, USERNAME_SIZE);
striplt(username);
* is an e-mail address
*/
if (found_user != 0) {
- valid = validate_recipients(username);
+ valid = validate_recipients(username, NULL, 0);
if (valid != NULL) {
if (valid->num_local == 1) {
found_user = getuser(&CC->user, valid->recp_local);
code = (-1);
if (CC->is_master) {
- code = strcmp(password, MASTER_PASSWORD);
+ code = strcmp(password, config.c_master_pass);
}
else if (config.c_auth_mode == 1) {
"with no password");
return;
} else if (a == ERROR + ALREADY_EXISTS) {
- cprintf("%d '%s' already exists.\n",
- ERROR + ALREADY_EXISTS, username);
+ cprintf("%d '%s' already exists.\n", ERROR + ALREADY_EXISTS, username);
+ return;
+ } else if ( (config.c_auth_mode == 1) && (a == ERROR + NO_SUCH_USER) ) {
+ cprintf("%d User accounts are not created within Citadel in host authentication mode.\n",
+ ERROR + NO_SUCH_USER);
return;
} else {
- cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
+ cprintf("%d An error occurred creating the user account.\n", ERROR + INTERNAL_ERROR);
}
}