* give message sender in while evaluating the recipient...

[citadel.git] / citadel / user_ops.c

diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index b23a4426eaf1db8549d0c1e7fbea2a1f7a143d3a..fc54495cd0b2a3a71accba3e2bc8dadf39fd8640 100644 (file)
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -33,6 +33,7 @@
 
 #include <string.h>
 #include <limits.h>
+#include <libcitadel.h>
 #include "auth.h"
 #include "citadel.h"
 #include "server.h"
@@ -45,7 +46,6 @@
 #include "control.h"
 #include "msgbase.h"
 #include "config.h"
-#include "tools.h"
 #include "citserver.h"
 #include "citadel_dirs.h"
 #include "genstamp.h"
@@ -62,6 +62,13 @@ static INLINE void makeuserkey(char *key, char *username) {
        int i, len;
 
        len = strlen(username);
+       if (len >= USERNAME_SIZE)
+       {
+               lprintf (CTDL_EMERG, "Username to long: %s", username);
+               cit_backtrace ();
+               len = USERNAME_SIZE - 1; 
+               username[USERNAME_SIZE - 1]='\0';
+       }
        for (i=0; i<=len; ++i) {
                key[i] = tolower(username[i]);
        }
@@ -173,6 +180,7 @@ void put_visit(struct visit *newvisit)
        char IndexBuf[32];
        int IndexLen = 0;
 
+       memset (IndexBuf, 0, sizeof (IndexBuf));
        /* Generate an index */
        IndexLen = GenerateRelationshipIndex(IndexBuf,
                                             newvisit->v_roomnum,
@@ -340,9 +348,6 @@ int getuserbyuid(struct ctdluser *usbuf, uid_t number)
        return (-1);
 }
 
-#define MASTER_USER            "master"
-#define MASTER_PASSWORD                "d0nuts"
-
 /*
  * Back end for cmd_user() and its ilk
  *
@@ -359,16 +364,15 @@ int CtdlLoginExistingUser(char *authname, char *trythisname)
 
        if (trythisname == NULL) return login_not_found;
 
+       /* If a "master user" is defined, handle its authentication if specified */
        CC->is_master = 0;
-#ifdef MASTER_USER_HACK
-       /* This lives inside an ifdef for now, because it isn't yet secure enough for general deployment */
-       if (authname) {
-               if (!strcasecmp(authname, MASTER_USER)) {
+       if (strlen(config.c_master_user) > 0) if (strlen(config.c_master_pass) > 0) if (authname) {
+               if (!strcasecmp(authname, config.c_master_user)) {
                        CC->is_master = 1;
                }
        }
-#endif
 
+       /* Continue attempting user validation... */
        safestrncpy(username, trythisname, USERNAME_SIZE);
        striplt(username);
 
@@ -418,7 +422,7 @@ int CtdlLoginExistingUser(char *authname, char *trythisname)
                * is an e-mail address
                */
                if (found_user != 0) {
-                       valid = validate_recipients(username);
+                       valid = validate_recipients(username, NULL, 0);
                        if (valid != NULL) {
                                if (valid->num_local == 1) {
                                        found_user = getuser(&CC->user, valid->recp_local);
@@ -697,7 +701,7 @@ int CtdlTryPassword(char *password)
        code = (-1);
 
        if (CC->is_master) {
-               code = strcmp(password, MASTER_PASSWORD);
+               code = strcmp(password, config.c_master_pass);
        }
 
        else if (config.c_auth_mode == 1) {
@@ -1098,11 +1102,14 @@ void cmd_creu(char *cmdbuf)
                                "with no password");
                return;
        } else if (a == ERROR + ALREADY_EXISTS) {
-               cprintf("%d '%s' already exists.\n",
-                       ERROR + ALREADY_EXISTS, username);
+               cprintf("%d '%s' already exists.\n", ERROR + ALREADY_EXISTS, username);
+               return;
+       } else if ( (config.c_auth_mode == 1) && (a == ERROR + NO_SUCH_USER) ) {
+               cprintf("%d User accounts are not created within Citadel in host authentication mode.\n",
+                       ERROR + NO_SUCH_USER);
                return;
        } else {
-               cprintf("%d An error occured creating the user account.\n", ERROR + INTERNAL_ERROR);
+               cprintf("%d An error occurred creating the user account.\n", ERROR + INTERNAL_ERROR);
        }
 }