X-Git-Url: https://code.citadel.org/?p=citadel.git;a=blobdiff_plain;f=citadel%2Fcitserver.c;h=0c8955a8a2b3fb10386b589818e6a3618aff6088;hp=79ebddefa18d789b5cdf04031231ce64b2346eed;hb=5365493a013629f909c27528febb9660e5d1d863;hpb=591b04f1fcb1d91c8da29a1bee0b3182da96f9f7 diff --git a/citadel/citserver.c b/citadel/citserver.c index 79ebddefa..0c8955a8a 100644 --- a/citadel/citserver.c +++ b/citadel/citserver.c @@ -1,8 +1,15 @@ /* - * $Id$ - * * Main source module for the Citadel server * + * Copyright (c) 1987-2011 by the citadel.org team + * + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #include "sysdep.h" @@ -14,7 +21,6 @@ #include #include - #if TIME_WITH_SYS_TIME # include # include @@ -40,9 +46,11 @@ #include #include #include +#include #include "citadel.h" #include "server.h" #include "sysdep_decls.h" +#include "threads.h" #include "citserver.h" #include "config.h" #include "database.h" @@ -53,30 +61,29 @@ #include "locate_host.h" #include "room_ops.h" #include "file_ops.h" -#include "policy.h" #include "control.h" -#include "tools.h" #include "euidindex.h" +#include "context.h" +#include "svn_revision.h" #ifndef HAVE_SNPRINTF #include "snprintf.h" #endif -struct CitContext *ContextList = NULL; -struct CitContext* next_session = NULL; +#include "ctdl_module.h" + char *unique_session_numbers; int ScheduledShutdown = 0; -int do_defrag = 0; time_t server_startup_time; int panic_fd; +int openid_level_supported = 0; -/** - * \brief print the actual stack frame. +/* + * print the actual stack frame. */ void cit_backtrace(void) { #ifdef HAVE_BACKTRACE -snatoehu void *stack_frames[50]; size_t size, i; char **strings; @@ -86,16 +93,42 @@ snatoehu strings = backtrace_symbols(stack_frames, size); for (i = 0; i < size; i++) { if (strings != NULL) - lprintf(1, "%s\n", strings[i]); + syslog(LOG_ALERT, "%s\n", strings[i]); else - lprintf(1, "%p\n", stack_frames[i]); + syslog(LOG_ALERT, "%p\n", stack_frames[i]); } free(strings); #endif } -/** - * \brief print the actual stack frame. +void cit_oneline_backtrace(void) +{ +#ifdef HAVE_BACKTRACE + void *stack_frames[50]; + size_t size, i; + char **strings; + StrBuf *Buf; + + size = backtrace(stack_frames, sizeof(stack_frames) / sizeof(void*)); + strings = backtrace_symbols(stack_frames, size); + if (size > 0) + { + Buf = NewStrBuf(); + for (i = 1; i < size; i++) { + if (strings != NULL) + StrBufAppendPrintf(Buf, "%s : ", strings[i]); + else + StrBufAppendPrintf(Buf, "%p : ", stack_frames[i]); + } + free(strings); + syslog(LOG_ALERT, "%s\n", ChrPtr(Buf)); + FreeStrBuf(&Buf); + } +#endif +} + +/* + * print the actual stack frame. */ void cit_panic_backtrace(int SigNum) { @@ -109,9 +142,9 @@ void cit_panic_backtrace(int SigNum) strings = backtrace_symbols(stack_frames, size); for (i = 0; i < size; i++) { if (strings != NULL) - lprintf(1, "%s\n", strings[i]); + syslog(LOG_ALERT, "%s\n", strings[i]); else - lprintf(1, "%p\n", stack_frames[i]); + syslog(LOG_ALERT, "%p\n", stack_frames[i]); } free(strings); #endif @@ -126,49 +159,53 @@ void master_startup(void) { unsigned int seed; FILE *urandom; struct ctdlroom qrbuf; + int rv; - lprintf(CTDL_DEBUG, "master_startup() started\n"); + syslog(LOG_DEBUG, "master_startup() started\n"); time(&server_startup_time); + get_config(); - lprintf(CTDL_INFO, "Opening databases\n"); + syslog(LOG_INFO, "Opening databases\n"); open_databases(); - - if (do_defrag) { - defrag_databases(); - } - check_ref_counts(); - lprintf(CTDL_INFO, "Creating base rooms (if necessary)\n"); - create_room(config.c_baseroom, 0, "", 0, 1, 0, VIEW_BBS); - create_room(AIDEROOM, 3, "", 0, 1, 0, VIEW_BBS); - create_room(SYSCONFIGROOM, 3, "", 0, 1, 0, VIEW_BBS); - create_room(config.c_twitroom, 0, "", 0, 1, 0, VIEW_BBS); + syslog(LOG_INFO, "Creating base rooms (if necessary)\n"); + CtdlCreateRoom(config.c_baseroom, 0, "", 0, 1, 0, VIEW_BBS); + CtdlCreateRoom(AIDEROOM, 3, "", 0, 1, 0, VIEW_BBS); + CtdlCreateRoom(SYSCONFIGROOM, 3, "", 0, 1, 0, VIEW_BBS); + CtdlCreateRoom(config.c_twitroom, 0, "", 0, 1, 0, VIEW_BBS); /* The "Local System Configuration" room doesn't need to be visible */ - if (lgetroom(&qrbuf, SYSCONFIGROOM) == 0) { + if (CtdlGetRoomLock(&qrbuf, SYSCONFIGROOM) == 0) { qrbuf.QRflags2 |= QR2_SYSTEM; - lputroom(&qrbuf); + CtdlPutRoomLock(&qrbuf); } - lprintf(CTDL_INFO, "Seeding the pseudo-random number generator...\n"); + /* Aide needs to be public postable, else we're not RFC conformant. */ + if (CtdlGetRoomLock(&qrbuf, AIDEROOM) == 0) { + qrbuf.QRflags2 |= QR2_SMTP_PUBLIC; + CtdlPutRoomLock(&qrbuf); + } + + syslog(LOG_INFO, "Seeding the pseudo-random number generator...\n"); urandom = fopen("/dev/urandom", "r"); if (urandom != NULL) { - fread(&seed, sizeof seed, 1, urandom); + rv = fread(&seed, sizeof seed, 1, urandom); + if (rv == -1) + syslog(LOG_EMERG, "failed to read random seed: %s\n", + strerror(errno)); fclose(urandom); } else { gettimeofday(&tv, NULL); seed = tv.tv_usec; } + srand(seed); srandom(seed); - lprintf(CTDL_INFO, "Initializing ipgm secret\n"); - get_config(); - config.c_ipgm_secret = rand(); put_config(); - lprintf(CTDL_DEBUG, "master_startup() finished\n"); + syslog(LOG_DEBUG, "master_startup() finished\n"); } @@ -177,10 +214,9 @@ void master_startup(void) { */ void master_cleanup(int exitcode) { struct CleanupFunctionHook *fcn; - struct MaintenanceThreadHook *m_fcn; static int already_cleaning_up = 0; - if (already_cleaning_up) while(1) sleep(1); + if (already_cleaning_up) while(1) usleep(1000000); already_cleaning_up = 1; /* Run any cleanup routines registered by loadable modules */ @@ -191,26 +227,16 @@ void master_cleanup(int exitcode) { /* Close the AdjRefCount queue file */ AdjRefCount(-1, 0); - for (m_fcn = MaintenanceThreadHookTable; m_fcn != NULL; m_fcn = m_fcn->next) { - lprintf(CTDL_INFO, "Waiting for maintenance thread \"%s\" to shut down\n", m_fcn->name); - pthread_join(m_fcn->MaintenanceThread_tid, NULL); - } - - - /* Close databases */ - lprintf(CTDL_INFO, "Closing databases\n"); - close_databases(); - /* Do system-dependent stuff */ sysdep_master_cleanup(); -#ifdef DEBUG_MEMORY_LEAKS - dump_heap(); -#endif + /* Close databases */ + syslog(LOG_INFO, "Closing databases\n"); + close_databases(); /* If the operator requested a halt but not an exit, halt here. */ if (shutdown_and_halt) { - lprintf(CTDL_NOTICE, "citserver: Halting server without exiting.\n"); + syslog(LOG_NOTICE, "citserver: Halting server without exiting.\n"); fflush(stdout); fflush(stderr); while(1) { sleep(32767); @@ -220,57 +246,22 @@ void master_cleanup(int exitcode) { release_control(); /* Now go away. */ - lprintf(CTDL_NOTICE, "citserver: Exiting with status %d\n", exitcode); + syslog(LOG_NOTICE, "citserver: Exiting with status %d\n", exitcode); fflush(stdout); fflush(stderr); if (restart_server != 0) exit(1); + if ((running_as_daemon != 0) && ((exitcode == 0) )) + exitcode = CTDLEXIT_SHUTDOWN; exit(exitcode); } -/* - * Terminate a session. - */ -void RemoveContext (struct CitContext *con) -{ - if (con==NULL) { - lprintf(CTDL_ERR, - "WARNING: RemoveContext() called with NULL!\n"); - return; - } - lprintf(CTDL_DEBUG, "RemoveContext() session %d\n", con->cs_pid); - - /* Run any cleanup routines registered by loadable modules. - * Note: We have to "become_session()" because the cleanup functions - * might make references to "CC" assuming it's the right one. - */ - become_session(con); - PerformSessionHooks(EVT_STOP); - become_session(NULL); - - /* Now handle all of the administrivia. */ - lprintf(CTDL_DEBUG, "Calling logout(%d)\n", con->cs_pid); - logout(con); - - lprintf(CTDL_NOTICE, "[%3d] Session ended.\n", con->cs_pid); - - /* If the client is still connected, blow 'em away. */ - lprintf(CTDL_DEBUG, "Closing socket %d\n", con->client_socket); - close(con->client_socket); - - lprintf(CTDL_DEBUG, "Done with RemoveContext()\n"); -} - - - - - /* * cmd_info() - tell the client about this server */ -void cmd_info(void) { +void cmd_info(char *cmdbuf) { cprintf("%d Server info:\n", LISTING_FOLLOWS); cprintf("%d\n", CC->cs_pid); cprintf("%s\n", config.c_nodename); @@ -284,7 +275,7 @@ void cmd_info(void) { cprintf("%s\n", config.c_moreprompt); cprintf("1\n"); /* 1 = yes, this system supports floors */ cprintf("1\n"); /* 1 = we support the extended paging options */ - cprintf("%s\n", CC->cs_nonce); + cprintf("\n"); /* nonce no longer supported */ cprintf("1\n"); /* 1 = yes, this system supports the QNOP command */ #ifdef HAVE_LDAP @@ -293,15 +284,33 @@ void cmd_info(void) { cprintf("0\n"); /* 1 = no, this server is not LDAP-enabled */ #endif - if (config.c_auth_mode == 1) { - cprintf("1\n"); /* "create new user" never works with host auth */ + if (config.c_auth_mode == AUTHMODE_NATIVE) { + cprintf("%d\n", config.c_disable_newu); } else { - cprintf("%d\n", config.c_disable_newu); /* otherwise, site defined */ + cprintf("1\n"); /* "create new user" does not work with non-native auth modes */ } cprintf("%s\n", config.c_default_cal_zone); + /* thread load averages -- temporarily disabled during refactoring of this code */ + cprintf("0\n"); /* load average */ + cprintf("0\n"); /* worker average */ + cprintf("0\n"); /* thread count */ + + cprintf("1\n"); /* yes, Sieve mail filtering is supported */ + cprintf("%d\n", config.c_enable_fulltext); + cprintf("%s\n", svn_revision()); + + if (config.c_auth_mode == AUTHMODE_NATIVE) { + cprintf("%d\n", openid_level_supported); /* OpenID is enabled when using native auth */ + } + else { + cprintf("0\n"); /* OpenID is disabled when using non-native auth */ + } + + cprintf("%d\n", config.c_guest_logins); + cprintf("000\n"); } @@ -319,7 +328,7 @@ char CtdlCheckExpress(void) { } } -void cmd_time(void) +void cmd_time(char *argbuf) { time_t tv; struct tm tmp; @@ -329,9 +338,9 @@ void cmd_time(void) /* timezone and daylight global variables are not portable. */ #ifdef HAVE_STRUCT_TM_TM_GMTOFF - cprintf("%d %ld|%ld|%d\n", CIT_OK, (long)tv, tmp.tm_gmtoff, tmp.tm_isdst); + cprintf("%d %ld|%ld|%d|%ld\n", CIT_OK, (long)tv, tmp.tm_gmtoff, tmp.tm_isdst, server_startup_time); #else - cprintf("%d %ld|%ld|%d\n", CIT_OK, (long)tv, timezone, tmp.tm_isdst); + cprintf("%d %ld|%ld|%d|%ld\n", CIT_OK, (long)tv, timezone, tmp.tm_isdst, server_startup_time); #endif } @@ -348,15 +357,17 @@ int is_public_client(void) char addrbuf[1024]; FILE *fp; int i; + char *public_clientspos; + char *public_clientsend; + char *paddr = NULL; struct stat statbuf; static time_t pc_timestamp = 0; static char public_clients[SIZ]; static char public_clients_file[SIZ]; - snprintf(public_clients_file, - sizeof public_clients_file, - "%s/public_clients", - ctdl_etc_dir); +#define LOCALHOSTSTR "127.0.0.1" + + snprintf(public_clients_file, sizeof public_clients_file, "%s/public_clients", ctdl_etc_dir); /* * Check the time stamp on the public_clients file. If it's been @@ -366,62 +377,71 @@ int is_public_client(void) */ if (stat(public_clients_file, &statbuf) != 0) { /* No public_clients file exists, so bail out */ - lprintf(CTDL_WARNING, "Warning: '%s' does not exist\n", + syslog(LOG_WARNING, "Warning: '%s' does not exist\n", public_clients_file); return(0); } if (statbuf.st_mtime > pc_timestamp) { begin_critical_section(S_PUBLIC_CLIENTS); - lprintf(CTDL_INFO, "Loading %s\n", public_clients_file); + syslog(LOG_INFO, "Loading %s\n", public_clients_file); - safestrncpy(public_clients, "127.0.0.1", sizeof public_clients); + public_clientspos = &public_clients[0]; + public_clientsend = public_clientspos + SIZ; + safestrncpy(public_clientspos, LOCALHOSTSTR, sizeof public_clients); + public_clientspos += sizeof(LOCALHOSTSTR) - 1; + if (hostname_to_dotted_quad(addrbuf, config.c_fqdn) == 0) { - strcat(public_clients, "|"); - strcat(public_clients, addrbuf); + *(public_clientspos++) = '|'; + paddr = &addrbuf[0]; + while (!IsEmptyStr (paddr) && + (public_clientspos < public_clientsend)) + *(public_clientspos++) = *(paddr++); } fp = fopen(public_clients_file, "r"); - if (fp != NULL) while (fgets(buf, sizeof buf, fp)!=NULL) { - char *ptr; - ptr = buf; - while (!IsEmptyStr(ptr)) { - if (*ptr == '#') { - *ptr = 0; - break; - } + if (fp != NULL) + while ((fgets(buf, sizeof buf, fp)!=NULL) && + (public_clientspos < public_clientsend)){ + char *ptr; + ptr = buf; + while (!IsEmptyStr(ptr)) { + if (*ptr == '#') { + *ptr = 0; + break; + } else ptr++; - } - ptr--; - while (ptr>buf && isspace(*ptr)) { - *(ptr--) = 0; - } - if (hostname_to_dotted_quad(addrbuf, buf) == 0) { - if ((strlen(public_clients) + - strlen(addrbuf) + 2) - < sizeof(public_clients)) { - strcat(public_clients, "|"); - strcat(public_clients, addrbuf); + } + ptr--; + while (ptr>buf && isspace(*ptr)) { + *(ptr--) = 0; + } + if (hostname_to_dotted_quad(addrbuf, buf) == 0) { + *(public_clientspos++) = '|'; + paddr = addrbuf; + while (!IsEmptyStr(paddr) && + (public_clientspos < public_clientsend)){ + *(public_clientspos++) = *(paddr++); + } } } - } - fclose(fp); + if (fp != NULL) fclose(fp); pc_timestamp = time(NULL); end_critical_section(S_PUBLIC_CLIENTS); } - lprintf(CTDL_DEBUG, "Checking whether %s is a local or public client\n", + syslog(LOG_DEBUG, "Checking whether %s is a local or public client\n", CC->cs_addr); for (i=0; ics_addr, addrbuf)) { - lprintf(CTDL_DEBUG, "... yes it is.\n"); + syslog(LOG_DEBUG, "... yes its local.\n"); return(1); } } /* No hits. This is not a public client. */ - lprintf(CTDL_DEBUG, "... no it isn't.\n"); + syslog(LOG_DEBUG, "... no it isn't.\n"); return(0); } @@ -436,8 +456,6 @@ void cmd_iden(char *argbuf) int rev_level; char desc[128]; char from_host[128]; - struct in_addr addr; - int do_lookup = 0; if (num_parms(argbuf)<4) { cprintf("%d usage error\n", ERROR + ILLEGAL_VALUE); @@ -459,35 +477,25 @@ void cmd_iden(char *argbuf) safestrncpy(CC->cs_clientname, desc, sizeof CC->cs_clientname); CC->cs_clientname[31] = 0; - if (!IsEmptyStr(from_host)) { - if (CC->is_local_socket) do_lookup = 1; - else if (is_public_client()) do_lookup = 1; + /* For local sockets and public clients, trust the hostname supplied by the client */ + if ( (CC->is_local_socket) || (is_public_client()) ) { + safestrncpy(CC->cs_host, from_host, sizeof CC->cs_host); + CC->cs_host[sizeof CC->cs_host - 1] = 0; + CC->cs_addr[0] = 0; } - if (do_lookup) { - lprintf(CTDL_DEBUG, "Looking up hostname '%s'\n", from_host); - if ((addr.s_addr = inet_addr(from_host)) != -1) { - locate_host(CC->cs_host, sizeof CC->cs_host, - CC->cs_addr, sizeof CC->cs_addr, - &addr); - } - else { - safestrncpy(CC->cs_host, from_host, sizeof CC->cs_host); - CC->cs_host[sizeof CC->cs_host - 1] = 0; - } - } - - lprintf(CTDL_NOTICE, "Client %d/%d/%01d.%02d (%s) from %s\n", + syslog(LOG_NOTICE, "Client %d/%d/%01d.%02d (%s) from %s\n", dev_code, cli_code, (rev_level / 100), (rev_level % 100), desc, - CC->cs_host); + CC->cs_host + ); cprintf("%d Ok\n",CIT_OK); } - +typedef const char *ccharp; /* * display system messages or help */ @@ -529,15 +537,15 @@ void cmd_mesg(char *mname) /* Otherwise, look for the requested file by name. */ else { - mesg_locate(targ, sizeof targ, buf2, 2, (const char **)dirs); + mesg_locate(targ, sizeof targ, buf2, 2, (const ccharp*)dirs); if (IsEmptyStr(targ)) { snprintf(buf2, sizeof buf2, "%s.%d", buf, CC->cs_clientdev); mesg_locate(targ, sizeof targ, buf2, 2, - (const char **)dirs); + (const ccharp*)dirs); if (IsEmptyStr(targ)) { mesg_locate(targ, sizeof targ, buf, 2, - (const char **)dirs); + (const ccharp*)dirs); } } } @@ -597,7 +605,7 @@ void cmd_emsg(char *mname) dirs[0] = strdup(ctdl_message_dir); dirs[1] = strdup(ctdl_hlp_dir); - mesg_locate(targ, sizeof targ, buf, 2, (const char**)dirs); + mesg_locate(targ, sizeof targ, buf, 2, (const ccharp*)dirs); free(dirs[0]); free(dirs[1]); @@ -615,7 +623,7 @@ void cmd_emsg(char *mname) } cprintf("%d %s\n", SEND_LISTING, targ); - while (client_getln(buf, sizeof buf), strcmp(buf, "000")) { + while (client_getln(buf, sizeof buf) >=0 && strcmp(buf, "000")) { fprintf(mfp, "%s\n", buf); } @@ -627,8 +635,8 @@ void cmd_emsg(char *mname) * user also knows the rooms. */ void GenerateRoomDisplay(char *real_room, - struct CitContext *viewed, - struct CitContext *viewer) { + CitContext *viewed, + CitContext *viewer) { int ra; @@ -639,14 +647,14 @@ void GenerateRoomDisplay(char *real_room, if (viewed->room.QRflags & QR_PRIVATE) { CtdlRoomAccess(&viewed->room, &viewer->user, &ra, NULL); if ( (ra & UA_KNOWN) == 0) { - strcpy(real_room, ""); + strcpy(real_room, " "); } } if (viewed->cs_flags & CS_CHAT) { - while (strlen(real_room) < 14) + while (strlen(real_room) < 14) { strcat(real_room, " "); - + } strcpy(&real_room[14], ""); } @@ -664,21 +672,26 @@ int CtdlAccessCheck(int required_level) { return(-1); } + if ((required_level >= ac_logged_in_or_guest) && (CC->logged_in == 0) && (!config.c_guest_logins)) { + cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); + return(-1); + } + if ((required_level >= ac_logged_in) && (CC->logged_in == 0)) { cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); return(-1); } - if (CC->user.axlevel >= 6) return(0); + if (CC->user.axlevel >= AxAideU) return(0); if (required_level >= ac_aide) { - cprintf("%d This command requires Aide access.\n", + cprintf("%d This command requires Admin access.\n", ERROR + HIGHER_ACCESS_REQUIRED); return(-1); } if (is_room_aide()) return(0); if (required_level >= ac_room_aide) { - cprintf("%d This command requires Aide or Room Aide access.\n", + cprintf("%d This command requires Admin or Room Admin access.\n", ERROR + HIGHER_ACCESS_REQUIRED); return(-1); } @@ -695,35 +708,19 @@ int CtdlAccessCheck(int required_level) { void cmd_term(char *cmdbuf) { int session_num; - struct CitContext *ccptr; - int found_it = 0; - int allowed = 0; + int terminated = 0; session_num = extract_int(cmdbuf, 0); - if (session_num == CC->cs_pid) { + + terminated = CtdlTerminateOtherSession(session_num); + + if (terminated < 0) { cprintf("%d You can't kill your own session.\n", ERROR + ILLEGAL_VALUE); return; } - lprintf(CTDL_DEBUG, "Locating session to kill\n"); - begin_critical_section(S_SESSION_TABLE); - for (ccptr = ContextList; ccptr != NULL; ccptr = ccptr->next) { - if (session_num == ccptr->cs_pid) { - found_it = 1; - if ((ccptr->user.usernum == CC->user.usernum) - || (CC->user.axlevel >= 6)) { - allowed = 1; - ccptr->kill_me = 1; - } - else { - allowed = 0; - } - } - } - end_critical_section(S_SESSION_TABLE); - - if (found_it) { - if (allowed) { + if (terminated & TERM_FOUND) { + if (terminated == TERM_KILLED) { cprintf("%d Session terminated.\n", CIT_OK); } else { @@ -737,16 +734,14 @@ void cmd_term(char *cmdbuf) } - - - /* * get the paginator prompt */ -void cmd_more(void) { +void cmd_more(char *argbuf) { cprintf("%d %s\n", CIT_OK, config.c_moreprompt); } + /* * echo */ @@ -757,49 +752,6 @@ void cmd_echo(char *etext) -/* - * identify as internal program - */ -void cmd_ipgm(char *argbuf) -{ - int secret; - - secret = extract_int(argbuf, 0); - - /* For security reasons, we do NOT allow this command to run - * over the network. Local sockets only. - */ - if (!CC->is_local_socket) { - sleep(5); - cprintf("%d Authentication failed.\n", - ERROR + PASSWORD_REQUIRED); - } - else if (secret == config.c_ipgm_secret) { - CC->internal_pgm = 1; - strcpy(CC->curr_user, ""); - CC->cs_flags = CC->cs_flags|CS_STEALTH; - cprintf("%d Authenticated as an internal program.\n", CIT_OK); - } - else { - sleep(5); - cprintf("%d Authentication failed.\n", - ERROR + PASSWORD_REQUIRED); - lprintf(CTDL_ERR, "Warning: ipgm authentication failed.\n"); - CC->kill_me = 1; - } - - /* Now change the ipgm secret for the next round. - * (Disabled because it breaks concurrent scripts. The fact that - * we no longer accept IPGM over the network should be sufficient - * to prevent brute-force attacks. If you don't agree, uncomment - * this block.) - get_config(); - config.c_ipgm_secret = rand(); - put_config(); - */ -} - - /* * Shut down the server */ @@ -814,34 +766,39 @@ void cmd_down(char *argbuf) { restart_server = extract_int(argbuf, 0); if (restart_server > 0) - Reply = "%d Restarting server. See you soon.\n"; + { + Reply = "%d citserver will now shut down and automatically restart.\n"; + } if ((restart_server > 0) && !running_as_daemon) { - lprintf(CTDL_ERR, "The user requested restart, but not running as deamon! Geronimooooooo!\n"); - Reply = "%d Warning, not running in deamon mode. maybe we will come up again, but don't lean on it.\n"; + syslog(LOG_ERR, "The user requested restart, but not running as daemon! Geronimooooooo!\n"); + Reply = "%d Warning: citserver is not running in daemon mode and is therefore unlikely to restart automatically.\n"; state = ERROR; } cprintf(Reply, state); } else { - cprintf(Reply, CIT_OK); + cprintf(Reply, CIT_OK + SERVER_SHUTTING_DOWN); } - time_to_die = 1; + CC->kill_me = KILLME_SERVER_SHUTTING_DOWN; + server_shutting_down = 1; } + /* * Halt the server without exiting the server process. */ -void cmd_halt(void) { +void cmd_halt(char *argbuf) { if (CtdlAccessCheck(ac_aide)) return; cprintf("%d Halting server. Goodbye.\n", CIT_OK); - time_to_die = 1; + server_shutting_down = 1; shutdown_and_halt = 1; } + /* * Schedule or cancel a server shutdown */ @@ -859,7 +816,7 @@ void cmd_scdn(char *argbuf) restart_server = 1; if (!running_as_daemon) { - lprintf(CTDL_ERR, "The user requested restart, but not running as deamon! Geronimooooooo!\n"); + syslog(LOG_ERR, "The user requested restart, but not running as deamon! Geronimooooooo!\n"); Reply = "%d %d Warning, not running in deamon mode. maybe we will come up again, but don't lean on it.\n"; state = ERROR; } @@ -889,33 +846,12 @@ void cmd_asyn(char *argbuf) } -/* - * Generate a "nonce" for APOP-style authentication. - * - * RFC 1725 et al specify a PID to be placed in front of the nonce. - * Quoth BTX: That would be stupid. - */ -void generate_nonce(struct CitContext *con) { - struct timeval tv; - - memset(con->cs_nonce, NONCE_SIZE, 0); - gettimeofday(&tv, NULL); - memset(con->cs_nonce, NONCE_SIZE, 0); - snprintf(con->cs_nonce, NONCE_SIZE, "<%d%ld@%s>", - rand(), (long)tv.tv_usec, config.c_fqdn); -} - - - /* * Back-end function for starting a session */ -void begin_session(struct CitContext *con) +void begin_session(CitContext *con) { - socklen_t len; - struct sockaddr_in sin; - /* * Initialize some variables specific to our context. */ @@ -923,42 +859,81 @@ void begin_session(struct CitContext *con) con->internal_pgm = 0; con->download_fp = NULL; con->upload_fp = NULL; + con->cached_msglist = NULL; + con->cached_num_msgs = 0; con->FirstExpressMessage = NULL; time(&con->lastcmd); time(&con->lastidle); strcpy(con->lastcmdname, " "); strcpy(con->cs_clientname, "(unknown)"); strcpy(con->curr_user, NLI); - strcpy(con->net_node, ""); - strcpy(con->fake_username, ""); - strcpy(con->fake_hostname, ""); - strcpy(con->fake_roomname, ""); - generate_nonce(con); + *con->net_node = '\0'; + *con->fake_username = '\0'; + *con->fake_hostname = '\0'; + *con->fake_roomname = '\0'; + *con->cs_clientinfo = '\0'; safestrncpy(con->cs_host, config.c_fqdn, sizeof con->cs_host); safestrncpy(con->cs_addr, "", sizeof con->cs_addr); + con->cs_UDSclientUID = -1; con->cs_host[sizeof con->cs_host - 1] = 0; - len = sizeof sin; if (!CC->is_local_socket) { - if (!getpeername(con->client_socket, (struct sockaddr *) &sin, &len)) { - locate_host(con->cs_host, sizeof con->cs_host, - con->cs_addr, sizeof con->cs_addr, - &sin.sin_addr - ); - } + locate_host(con->cs_host, sizeof con->cs_host, + con->cs_addr, sizeof con->cs_addr, + con->client_socket + ); } else { - strcpy(con->cs_host, ""); + con->cs_host[0] = 0; + con->cs_addr[0] = 0; +#ifdef HAVE_STRUCT_UCRED + { + /* as http://www.wsinnovations.com/softeng/articles/uds.html told us... */ + struct ucred credentials; + socklen_t ucred_length = sizeof(struct ucred); + + /*fill in the user data structure */ + if(getsockopt(con->client_socket, SOL_SOCKET, SO_PEERCRED, &credentials, &ucred_length)) { + syslog(LOG_NOTICE, "could obtain credentials from unix domain socket"); + + } + else { + /* the process ID of the process on the other side of the socket */ + /* credentials.pid; */ + + /* the effective UID of the process on the other side of the socket */ + con->cs_UDSclientUID = credentials.uid; + + /* the effective primary GID of the process on the other side of the socket */ + /* credentials.gid; */ + + /* To get supplemental groups, we will have to look them up in our account + database, after a reverse lookup on the UID to get the account name. + We can take this opportunity to check to see if this is a legit account. + */ + snprintf(con->cs_clientinfo, sizeof(con->cs_clientinfo), + "PID: "F_PID_T"; UID: "F_UID_T"; GID: "F_XPID_T" ", + credentials.pid, + credentials.uid, + credentials.gid); + } + } +#endif } con->cs_flags = 0; con->upload_type = UPL_FILE; con->dl_is_net = 0; con->nologin = 0; - if ((config.c_maxsessions > 0)&&(num_sessions > config.c_maxsessions)) { + if (((config.c_maxsessions > 0)&&(num_sessions > config.c_maxsessions)) || CtdlWantSingleUser()) { con->nologin = 1; } - lprintf(CTDL_NOTICE, "Session started.\n"); + if (!CC->is_local_socket) { + syslog(LOG_NOTICE, "Session (%s) started from %s (%s).\n", con->ServiceName, con->cs_host, con->cs_addr); + } + else { + syslog(LOG_NOTICE, "Session (%s) started via local socket UID:%d.\n", con->ServiceName, con->cs_UDSclientUID); + } /* Run any session startup routines registered by loadable modules */ PerformSessionHooks(EVT_START); @@ -971,15 +946,46 @@ void citproto_begin_session() { ERROR + MAX_SESSIONS_EXCEEDED, config.c_nodename, config.c_maxsessions ); - CC->kill_me = 1; + CC->kill_me = KILLME_MAX_SESSIONS_EXCEEDED; } else { - cprintf("%d %s Citadel server ready.\n", - CIT_OK, config.c_nodename); + cprintf("%d %s Citadel server ready.\n", CIT_OK, config.c_nodename); + CC->can_receive_im = 1; } } +void citproto_begin_admin_session() { + CC->internal_pgm = 1; + cprintf("%d %s Citadel server ADMIN CONNECTION ready.\n", CIT_OK, config.c_nodename); +} + + +void cmd_noop(char *argbuf) +{ + cprintf("%d%cok\n", CIT_OK, CtdlCheckExpress() ); +} + + +void cmd_qnop(char *argbuf) +{ + /* do nothing, this command returns no response */ +} + + +void cmd_quit(char *argbuf) +{ + cprintf("%d Goodbye.\n", CIT_OK); + CC->kill_me = KILLME_CLIENT_LOGGED_OUT; +} + + +void cmd_lout(char *argbuf) +{ + if (CC->logged_in) + CtdlUserLogout(); + cprintf("%d logged out.\n", CIT_OK); +} /* @@ -987,22 +993,25 @@ void citproto_begin_session() { */ void do_command_loop(void) { char cmdbuf[SIZ]; - + time(&CC->lastcmd); memset(cmdbuf, 0, sizeof cmdbuf); /* Clear it, just in case */ if (client_getln(cmdbuf, sizeof cmdbuf) < 1) { - lprintf(CTDL_ERR, "Client disconnected: ending session.\n"); - CC->kill_me = 1; + syslog(LOG_ERR, "Citadel client disconnected: ending session.\n"); + CC->kill_me = KILLME_CLIENT_DISCONNECTED; return; } /* Log the server command, but don't show passwords... */ - if ( (strncasecmp(cmdbuf, "PASS", 4)) - && (strncasecmp(cmdbuf, "SETP", 4)) ) { - lprintf(CTDL_INFO, "%s\n", cmdbuf); + if ( (strncasecmp(cmdbuf, "PASS", 4)) && (strncasecmp(cmdbuf, "SETP", 4)) ) { + syslog(LOG_INFO, "[%d][%s(%ld)] %s", + CC->cs_pid, CC->curr_user, CC->user.usernum, cmdbuf + ); } else { - lprintf(CTDL_INFO, "\n"); + syslog(LOG_INFO, "[%d][%s(%ld)]