X-Git-Url: https://code.citadel.org/?p=citadel.git;a=blobdiff_plain;f=citadel%2Fuser_ops.c;h=32734200e55b19f633760e961e2c6943d8b24ee1;hp=7c9ed32b33630c7cd32926a0ef1a37a9ba0e1eab;hb=2bcd29b7be1638c9b3038556a2f2eabd4b0e3af3;hpb=2a557d1e1aeee5b4bb8d829a1cff40c37f8d4d2c diff --git a/citadel/user_ops.c b/citadel/user_ops.c index 7c9ed32b3..32734200e 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -1,123 +1,69 @@ /* - * $Id$ - * * Server functions which perform operations on user objects. * + * Copyright (c) 1987-2017 by the citadel.org team + * + * This program is open source software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License, version 3. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ -#include "sysdep.h" -#include #include #include +#include "sysdep.h" #include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_STAT_H #include -#endif - -#if TIME_WITH_SYS_TIME -# include -# include -#else -# if HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include -#include #include -#include "auth.h" -#include "citadel.h" -#include "server.h" -#include "database.h" -#include "user_ops.h" -#include "sysdep_decls.h" -#include "support.h" -#include "room_ops.h" -#include "file_ops.h" #include "control.h" -#include "msgbase.h" -#include "config.h" +#include "support.h" #include "citserver.h" -#include "citadel_dirs.h" -#include "genstamp.h" -#include "threads.h" +#include "config.h" #include "citadel_ldap.h" -#include "context.h" - #include "ctdl_module.h" +#include "user_ops.h" +#include "internet_addressing.h" /* These pipes are used to talk to the chkpwd daemon, which is forked during startup */ int chkpwd_write_pipe[2]; int chkpwd_read_pipe[2]; -/* - * makeuserkey() - convert a username into the format used as a database key - * (it's just the username converted into lower case) - */ -INLINE void makeuserkey(char *key, char *username) { - int i, len; - - len = strlen(username); - if (len >= USERNAME_SIZE) - { - CtdlLogPrintf (CTDL_EMERG, "Username to long: %s", username); - cit_backtrace (); - len = USERNAME_SIZE - 1; - username[USERNAME_SIZE - 1]='\0'; - } - for (i=0; i<=len; ++i) { - key[i] = tolower(username[i]); - } -} - /* - * getuser() - retrieve named user into supplied buffer. - * returns 0 on success + * CtdlGetUser() retrieve named user into supplied buffer. + * returns 0 on success */ -int getuser(struct ctdluser *usbuf, char name[]) +int CtdlGetUser(struct ctdluser *usbuf, char *name) { - return CtdlGetUser(usbuf, name); -} - - -/* - * CtdlGetUser() - retrieve named user into supplied buffer. - * returns 0 on success - */ -int CtdlGetUser(struct ctdluser *usbuf, char name[]) -{ - char usernamekey[USERNAME_SIZE]; struct cdbdata *cdbus; + long len = cutuserkey(name); if (usbuf != NULL) { memset(usbuf, 0, sizeof(struct ctdluser)); } - makeuserkey(usernamekey, name); + makeuserkey(usernamekey, name, len); cdbus = cdb_fetch(CDB_USERS, usernamekey, strlen(usernamekey)); if (cdbus == NULL) { /* user not found */ return(1); } if (usbuf != NULL) { - memcpy(usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); + memcpy(usbuf, cdbus->ptr, ((cdbus->len > sizeof(struct ctdluser)) ? sizeof(struct ctdluser) : cdbus->len)); } cdb_free(cdbus); + return(0); +} + - return (0); +int CtdlLockGetCurrentUser(void) +{ + CitContext *CCC = CC; + return CtdlGetUser(&CCC->user, CCC->curr_user); } @@ -132,16 +78,7 @@ int CtdlGetUserLock(struct ctdluser *usbuf, char *name) if (retcode == 0) { begin_critical_section(S_USERS); } - return (retcode); -} - - -/* - * lgetuser() - same as getuser() but locks the record - */ -int lgetuser(struct ctdluser *usbuf, char *name) -{ - return CtdlGetUserLock(usbuf, name); + return(retcode); } @@ -152,22 +89,15 @@ void CtdlPutUser(struct ctdluser *usbuf) { char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, usbuf->fullname); - + makeuserkey(usernamekey, usbuf->fullname, cutuserkey(usbuf->fullname)); usbuf->version = REV_LEVEL; - cdb_store(CDB_USERS, - usernamekey, strlen(usernamekey), - usbuf, sizeof(struct ctdluser)); - + cdb_store(CDB_USERS, usernamekey, strlen(usernamekey), usbuf, sizeof(struct ctdluser)); } -/* - * putuser() - write user buffer into the correct place on disk - */ -void putuser(struct ctdluser *usbuf) +void CtdlPutCurrentUserLock() { - CtdlPutUser(usbuf); + CtdlPutUser(&CC->user); } @@ -181,15 +111,6 @@ void CtdlPutUserLock(struct ctdluser *usbuf) } -/* - * lputuser() - same as putuser() but locks the record - */ -void lputuser(struct ctdluser *usbuf) -{ - CtdlPutUserLock(usbuf); -} - - /* * rename_user() - this is tricky because the user's display name is the database key * @@ -197,32 +118,25 @@ void lputuser(struct ctdluser *usbuf) * */ int rename_user(char *oldname, char *newname) { - CitContext *cptr; int retcode = RENAMEUSER_OK; struct ctdluser usbuf; char oldnamekey[USERNAME_SIZE]; char newnamekey[USERNAME_SIZE]; - /* We cannot rename a user who is currently logged in */ -/* FIXME: This is very broken!!!! - * We check that the user is not already logged in because we can't rename them - * if they are logged in. - * BUT THEN WE LEAVE A HUGE WINDOW FOR THEM TO LOG IN BEFORE WE LOCK TO RENAME THEM!!!!! - */ - for (cptr = ContextList; cptr != NULL; cptr = cptr->next) { - if (!strcasecmp(cptr->user.fullname, oldname)) { - return(RENAMEUSER_LOGGED_IN); - } - } - /* Create the database keys... */ - makeuserkey(oldnamekey, oldname); - makeuserkey(newnamekey, newname); + makeuserkey(oldnamekey, oldname, cutuserkey(oldname)); + makeuserkey(newnamekey, newname, cutuserkey(newname)); /* Lock up and get going */ begin_critical_section(S_USERS); + /* We cannot rename a user who is currently logged in */ + if (CtdlIsUserLoggedIn(oldname)) { + end_critical_section(S_USERS); + return RENAMEUSER_LOGGED_IN; + } + if (CtdlGetUser(&usbuf, newname) == 0) { retcode = RENAMEUSER_ALREADY_EXISTS; } @@ -235,16 +149,14 @@ int rename_user(char *oldname, char *newname) { else { /* Sanity checks succeeded. Now rename the user. */ if (usbuf.usernum == 0) { - CtdlLogPrintf (CTDL_DEBUG, "Can not rename user \"Citadel\".\n"); + syslog(LOG_DEBUG, "user_ops: can not rename user \"Citadel\"."); retcode = RENAMEUSER_NOT_FOUND; } else { - CtdlLogPrintf(CTDL_DEBUG, "Renaming <%s> to <%s>\n", oldname, newname); + syslog(LOG_DEBUG, "user_ops: renaming <%s> to <%s>", oldname, newname); cdb_delete(CDB_USERS, oldnamekey, strlen(oldnamekey)); safestrncpy(usbuf.fullname, newname, sizeof usbuf.fullname); CtdlPutUser(&usbuf); - cdb_store(CDB_USERSBYNUMBER, &usbuf.usernum, sizeof(long), - usbuf.fullname, strlen(usbuf.fullname)+1 ); - + cdb_store(CDB_USERSBYNUMBER, &usbuf.usernum, sizeof(long), usbuf.fullname, strlen(usbuf.fullname)+1 ); retcode = RENAMEUSER_OK; } } @@ -256,7 +168,6 @@ int rename_user(char *oldname, char *newname) { } - /* * Index-generating function used by Ctdl[Get|Set]Relationship */ @@ -277,44 +188,36 @@ int GenerateRelationshipIndex(char *IndexBuf, TheIndex.iUserID = UserID; memcpy(IndexBuf, &TheIndex, sizeof(TheIndex)); - return (sizeof(TheIndex)); + return(sizeof(TheIndex)); } - /* * Back end for CtdlSetRelationship() */ -void put_visit(struct visit *newvisit) +void put_visit(visit *newvisit) { char IndexBuf[32]; int IndexLen = 0; memset (IndexBuf, 0, sizeof (IndexBuf)); /* Generate an index */ - IndexLen = GenerateRelationshipIndex(IndexBuf, - newvisit->v_roomnum, - newvisit->v_roomgen, - newvisit->v_usernum); + IndexLen = GenerateRelationshipIndex(IndexBuf, newvisit->v_roomnum, newvisit->v_roomgen, newvisit->v_usernum); /* Store the record */ cdb_store(CDB_VISIT, IndexBuf, IndexLen, - newvisit, sizeof(struct visit) + newvisit, sizeof(visit) ); } - - /* * Define a relationship between a user and a room */ -void CtdlSetRelationship(struct visit *newvisit, +void CtdlSetRelationship(visit *newvisit, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - - /* We don't use these in Citadel because they're implicit by the * index, but they must be present if the database is exported. */ @@ -325,32 +228,27 @@ void CtdlSetRelationship(struct visit *newvisit, put_visit(newvisit); } + /* * Locate a relationship between a user and a room */ -void CtdlGetRelationship(struct visit *vbuf, +void CtdlGetRelationship(visit *vbuf, struct ctdluser *rel_user, struct ctdlroom *rel_room) { - char IndexBuf[32]; int IndexLen; struct cdbdata *cdbvisit; /* Generate an index */ - IndexLen = GenerateRelationshipIndex(IndexBuf, - rel_room->QRnumber, - rel_room->QRgen, - rel_user->usernum); + IndexLen = GenerateRelationshipIndex(IndexBuf, rel_room->QRnumber, rel_room->QRgen, rel_user->usernum); /* Clear out the buffer */ - memset(vbuf, 0, sizeof(struct visit)); + memset(vbuf, 0, sizeof(visit)); cdbvisit = cdb_fetch(CDB_VISIT, IndexBuf, IndexLen); if (cdbvisit != NULL) { - memcpy(vbuf, cdbvisit->ptr, - ((cdbvisit->len > sizeof(struct visit)) ? - sizeof(struct visit) : cdbvisit->len)); + memcpy(vbuf, cdbvisit->ptr, ((cdbvisit->len > sizeof(visit)) ? sizeof(visit) : cdbvisit->len)); cdb_free(cdbvisit); } else { @@ -380,35 +278,98 @@ void MailboxName(char *buf, size_t n, const struct ctdluser *who, const char *pr /* - * Is the user currently logged in an Aide? + * Check to see if the specified user has Internet mail permission + * (returns nonzero if permission is granted) + */ +int CtdlCheckInternetMailPermission(struct ctdluser *who) { + + /* Do not allow twits to send Internet mail */ + if (who->axlevel <= AxProbU) return(0); + + /* Globally enabled? */ + if (CtdlGetConfigInt("c_restrict") == 0) return(1); + + /* User flagged ok? */ + if (who->flags & US_INTERNET) return(2); + + /* Admin level access? */ + if (who->axlevel >= AxAideU) return(3); + + /* No mail for you! */ + return(0); +} + + +/* + * Convenience function. + */ +int CtdlAccessCheck(int required_level) +{ + if (CC->internal_pgm) return(0); + if (required_level >= ac_internal) { + cprintf("%d This is not a user-level command.\n", ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + if ((required_level >= ac_logged_in_or_guest) && (CC->logged_in == 0) && (CtdlGetConfigInt("c_guest_logins") == 0)) { + cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); + return(-1); + } + + if ((required_level >= ac_logged_in) && (CC->logged_in == 0)) { + cprintf("%d Not logged in.\n", ERROR + NOT_LOGGED_IN); + return(-1); + } + + if (CC->user.axlevel >= AxAideU) return(0); + if (required_level >= ac_aide) { + cprintf("%d This command requires Admin access.\n", + ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + if (is_room_aide()) return(0); + if (required_level >= ac_room_aide) { + cprintf("%d This command requires Admin or Room Admin access.\n", + ERROR + HIGHER_ACCESS_REQUIRED); + return(-1); + } + + /* shhh ... succeed quietly */ + return(0); +} + + +/* + * Is the user currently logged in an Admin? */ int is_aide(void) { - if (CC->user.axlevel >= 6) - return (1); + if (CC->user.axlevel >= AxAideU) + return(1); else - return (0); + return(0); } /* - * Is the user currently logged in an Aide *or* the room aide for this room? + * Is the user currently logged in an Admin *or* the room Admin for this room? */ int is_room_aide(void) { if (!CC->logged_in) { - return (0); + return(0); } - if ((CC->user.axlevel >= 6) - || (CC->room.QRroomaide == CC->user.usernum)) { - return (1); + if ((CC->user.axlevel >= AxAideU) || (CC->room.QRroomaide == CC->user.usernum)) { + return(1); } else { - return (0); + return(0); } } + /* * CtdlGetUserByNumber() - get user by number * returns 0 if user was found @@ -422,28 +383,16 @@ int CtdlGetUserByNumber(struct ctdluser *usbuf, long number) cdbun = cdb_fetch(CDB_USERSBYNUMBER, &number, sizeof(long)); if (cdbun == NULL) { - CtdlLogPrintf(CTDL_INFO, "User %ld not found\n", number); + syslog(LOG_INFO, "user_ops: %ld not found", number); return(-1); } - CtdlLogPrintf(CTDL_INFO, "User %ld maps to %s\n", number, cdbun->ptr); + syslog(LOG_INFO, "user_ops: %ld maps to %s", number, cdbun->ptr); r = CtdlGetUser(usbuf, cdbun->ptr); cdb_free(cdbun); return(r); } -/* - * getuserbynumber() - get user by number - * returns 0 if user was found - * - * Note: fetching a user this way requires one additional database operation. - */ -int getuserbynumber(struct ctdluser *usbuf, long number) -{ - return CtdlGetUserByNumber(usbuf, number); -} - - /* * Helper function for rebuild_usersbynumber() @@ -475,10 +424,8 @@ void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { } while (u != NULL) { - CtdlLogPrintf(CTDL_DEBUG, "Rebuilding usersbynumber index %10ld : %s\n", - u->usernum, u->username); + syslog(LOG_DEBUG, "user_ops: rebuilding usersbynumber index %10ld : %s", u->usernum, u->username); cdb_store(CDB_USERSBYNUMBER, &u->usernum, sizeof(long), u->username, strlen(u->username)+1); - ptr = u; u = u->next; free(ptr); @@ -486,7 +433,6 @@ void rebuild_ubn_for_user(struct ctdluser *usbuf, void *data) { } - /* * Rebuild the users-by-number index */ @@ -497,45 +443,47 @@ void rebuild_usersbynumber(void) { } - /* - * getuserbyuid() - get user by system uid (for PAM mode authentication) - * returns 0 if user was found - * - * WARNING: don't use this function unless you absolutely have to. It does - * a sequential search and therefore is computationally expensive. + * getuserbyuid() Get user by system uid (for PAM mode authentication) + * Returns 0 if user was found + * This now uses an extauth index. */ int getuserbyuid(struct ctdluser *usbuf, uid_t number) { - struct cdbdata *cdbus; + struct cdbdata *cdbextauth; + long usernum = 0; + StrBuf *claimed_id; + + claimed_id = NewStrBuf(); + StrBufPrintf(claimed_id, "uid:%d", number); + cdbextauth = cdb_fetch(CDB_EXTAUTH, ChrPtr(claimed_id), StrLength(claimed_id)); + FreeStrBuf(&claimed_id); + if (cdbextauth == NULL) { + return(-1); + } - cdb_rewind(CDB_USERS); + memcpy(&usernum, cdbextauth->ptr, sizeof(long)); + cdb_free(cdbextauth); - while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) { - memset(usbuf, 0, sizeof(struct ctdluser)); - memcpy(usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); - cdb_free(cdbus); - if (usbuf->uid == number) { - cdb_close_cursor(CDB_USERS); - return (0); - } + if (!CtdlGetUserByNumber(usbuf, usernum)) { + return(0); } - return (-1); + + return(-1); } + /* * Back end for cmd_user() and its ilk * * NOTE: "authname" should only be used if we are attempting to use the "master user" feature */ -int CtdlLoginExistingUser(char *authname, char *trythisname) +int CtdlLoginExistingUser(char *authname, const char *trythisname) { char username[SIZ]; int found_user; - CtdlLogPrintf(9, "CtdlLoginExistingUser(%s, %s)\n", authname, trythisname); + syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname); if ((CC->logged_in)) { return login_already_logged_in; @@ -545,27 +493,29 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) if (!strncasecmp(trythisname, "SYS_", 4)) { - CtdlLogPrintf(CTDL_DEBUG, "System user \"%s\" is not allowed to log in.\n", trythisname); + syslog(LOG_DEBUG, "user_ops: system user \"%s\" is not allowed to log in.", trythisname); return login_not_found; } /* If a "master user" is defined, handle its authentication if specified */ CC->is_master = 0; - if (strlen(config.c_master_user) > 0) if (strlen(config.c_master_pass) > 0) if (authname) { - if (!strcasecmp(authname, config.c_master_user)) { - CC->is_master = 1; - } + if ( (!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && + (!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) && + (authname != NULL) && + (!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) ) + { + CC->is_master = 1; } /* Continue attempting user validation... */ - safestrncpy(username, trythisname, USERNAME_SIZE); + safestrncpy(username, trythisname, sizeof (username)); striplt(username); if (IsEmptyStr(username)) { return login_not_found; } - if (config.c_auth_mode == AUTHMODE_HOST) { + if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ @@ -573,21 +523,21 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) struct passwd *tempPwdPtr; char pwdbuffer[256]; - CtdlLogPrintf(CTDL_DEBUG, "asking host about <%s>\n", username); + syslog(LOG_DEBUG, "user_ops: asking host about <%s>", username); #ifdef HAVE_GETPWNAM_R #ifdef SOLARIS_GETPWUID - CtdlLogPrintf(CTDL_DEBUG, "Calling getpwnam_r()\n"); + syslog(LOG_DEBUG, "user_ops: calling getpwnam_r()"); tempPwdPtr = getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer); #else // SOLARIS_GETPWUID - CtdlLogPrintf(CTDL_DEBUG, "Calling getpwnam_r()\n"); + syslog(LOG_DEBUG, "user_ops: calling getpwnam_r()"); getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer, &tempPwdPtr); #endif // SOLARIS_GETPWUID #else // HAVE_GETPWNAM_R - CtdlLogPrintf(CTDL_DEBUG, "SHOULD NEVER GET HERE!!!\n"); + syslog(LOG_DEBUG, "user_ops: SHOULD NEVER GET HERE!!!"); tempPwdPtr = NULL; #endif // HAVE_GETPWNAM_R if (tempPwdPtr == NULL) { - CtdlLogPrintf(CTDL_DEBUG, "no such user <%s>\n", username); + syslog(LOG_DEBUG, "user_ops: no such user <%s>", username); return login_not_found; } @@ -595,17 +545,16 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) * If not found, make one attempt to create it. */ found_user = getuserbyuid(&CC->user, pd.pw_uid); - CtdlLogPrintf(CTDL_DEBUG, "found it: uid=%ld, gecos=%s here: %d\n", - (long)pd.pw_uid, pd.pw_gecos, found_user); if (found_user != 0) { - create_user(username, 0); + create_user(username, CREATE_USER_DO_NOT_BECOME_USER, pd.pw_uid); found_user = getuserbyuid(&CC->user, pd.pw_uid); } + syslog(LOG_DEBUG, "user_ops: found it: uid=%ld, gecos=%s here: %d", (long)pd.pw_uid, pd.pw_gecos, found_user); } #ifdef HAVE_LDAP - else if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { + else if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { /* LDAP auth mode */ @@ -620,7 +569,7 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) found_user = getuserbyuid(&CC->user, ldap_uid); if (found_user != 0) { - create_user(trythisname, 0); + create_user(ldap_cn, CREATE_USER_DO_NOT_BECOME_USER, ldap_uid); found_user = getuserbyuid(&CC->user, ldap_uid); } @@ -635,14 +584,12 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) else { /* native auth mode */ - struct recptypes *valid = NULL; + recptypes *valid = NULL; /* First, try to log in as if the supplied name is a display name */ found_user = CtdlGetUser(&CC->user, username); - /* If that didn't work, try to log in as if the supplied name - * is an e-mail address - */ + /* If that didn't work, try to log in as if the supplied name * is an e-mail address */ if (found_user != 0) { valid = validate_recipients(username, NULL, 0); if (valid != NULL) { @@ -656,11 +603,10 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) /* Did we find something? */ if (found_user == 0) { - if (((CC->nologin)) && (CC->user.axlevel < 6)) { + if (((CC->nologin)) && (CC->user.axlevel < AxAideU)) { return login_too_many_users; } else { - safestrncpy(CC->curr_user, CC->user.fullname, - sizeof CC->curr_user); + safestrncpy(CC->curr_user, CC->user.fullname, sizeof CC->curr_user); return login_ok; } } @@ -668,54 +614,13 @@ int CtdlLoginExistingUser(char *authname, char *trythisname) } - -/* - * USER cmd - */ -void cmd_user(char *cmdbuf) -{ - char username[256]; - int a; - - CtdlLogPrintf(CTDL_DEBUG, "cmd_user(%s)\n", cmdbuf); - extract_token(username, cmdbuf, 0, '|', sizeof username); - CtdlLogPrintf(CTDL_DEBUG, "username: %s\n", username); - striplt(username); - CtdlLogPrintf(CTDL_DEBUG, "username: %s\n", username); - - a = CtdlLoginExistingUser(NULL, username); - switch (a) { - case login_already_logged_in: - cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN); - return; - case login_too_many_users: - cprintf("%d %s: " - "Too many users are already online " - "(maximum is %d)\n", - ERROR + MAX_SESSIONS_EXCEEDED, - config.c_nodename, config.c_maxsessions); - return; - case login_ok: - cprintf("%d Password required for %s\n", - MORE_DATA, CC->curr_user); - return; - case login_not_found: - cprintf("%d %s not found.\n", ERROR + NO_SUCH_USER, username); - return; - default: - cprintf("%d Internal error\n", ERROR + INTERNAL_ERROR); - } -} - - - /* * session startup code which is common to both cmd_pass() and cmd_newu() */ void do_login(void) { CC->logged_in = 1; - CtdlLogPrintf(CTDL_NOTICE, "<%s> logged in\n", CC->curr_user); + syslog(LOG_NOTICE, "user_ops: <%s> logged in", CC->curr_user); CtdlGetUserLock(&CC->user, CC->curr_user); ++(CC->user.timescalled); @@ -725,29 +630,53 @@ void do_login(void) /* If this user's name is the name of the system administrator * (as specified in setup), automatically assign access level 6. */ - if (!strcasecmp(CC->user.fullname, config.c_sysadm)) { - CC->user.axlevel = 6; + if ( (!IsEmptyStr(CtdlGetConfigStr("c_sysadm"))) && (!strcasecmp(CC->user.fullname, CtdlGetConfigStr("c_sysadm"))) ) { + CC->user.axlevel = AxAideU; } /* If we're authenticating off the host system, automatically give * root the highest level of access. */ - if (config.c_auth_mode == AUTHMODE_HOST) { + if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { if (CC->user.uid == 0) { - CC->user.axlevel = 6; + CC->user.axlevel = AxAideU; } } - CtdlPutUserLock(&CC->user); /* - * Populate CC->cs_inet_email with a default address. This will be - * overwritten with the user's directory address, if one exists, when - * the vCard module's login hook runs. + * If we are using LDAP authentication, extract the user's email addresses from the directory. + */ +#ifdef HAVE_LDAP + if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { + char new_emailaddrs[512]; + if (CtdlGetConfigInt("c_ldap_sync_email_addrs") > 0) { + if (extract_email_addresses_from_ldap(CC->ldap_dn, new_emailaddrs) == 0) { + CtdlSetEmailAddressesForUser(CC->user.fullname, new_emailaddrs); + } + } + } +#endif + + /* + * No email address for user? Make one up. (Apparently this broke something in the past. What was it?) + */ + if (IsEmptyStr(CC->user.emailaddrs)) { + sprintf(CC->user.emailaddrs, "cit%ld@%s", CC->user.usernum, CtdlGetConfigStr("c_fqdn")); + } + + /* + * Populate cs_inet_email and cs_inet_other_emails with valid email addresses from the user record */ - snprintf(CC->cs_inet_email, sizeof CC->cs_inet_email, "%s@%s", - CC->user.fullname, config.c_fqdn); - convert_spaces_to_underscores(CC->cs_inet_email); + strcpy(CC->cs_inet_email, CC->user.emailaddrs); + char *firstsep = strstr(CC->cs_inet_email, "|"); + if (firstsep) { + strcpy(CC->cs_inet_other_emails, firstsep+1); + *firstsep = 0; + } + else { + CC->cs_inet_other_emails[0] = 0; + } /* Create any personal rooms required by the system. * (Technically, MAILROOM should be there already, but just in case...) @@ -755,13 +684,13 @@ void do_login(void) CtdlCreateRoom(MAILROOM, 4, "", 0, 1, 0, VIEW_MAILBOX); CtdlCreateRoom(SENTITEMS, 4, "", 0, 1, 0, VIEW_MAILBOX); CtdlCreateRoom(USERTRASHROOM, 4, "", 0, 1, 0, VIEW_MAILBOX); - /* CtdlCreateRoom(USERDRAFTROOM, 4, "", 0, 1, 0, VIEW_MAILBOX); temporarily disabled for 7.60 */ + CtdlCreateRoom(USERDRAFTROOM, 4, "", 0, 1, 0, VIEW_MAILBOX); /* Run any startup routines registered by loadable modules */ PerformSessionHooks(EVT_LOGIN); /* Enter the lobby */ - CtdlUserGoto(config.c_baseroom, 0, 0, NULL, NULL); + CtdlUserGoto(CtdlGetConfigStr("c_baseroom"), 0, 0, NULL, NULL, NULL, NULL); } @@ -771,38 +700,16 @@ void logged_in_response(void) CIT_OK, CC->user.fullname, CC->user.axlevel, CC->user.timescalled, CC->user.posted, CC->user.flags, CC->user.usernum, - CC->previous_login); + CC->previous_login + ); } - -/* - * misc things to be taken care of when a user is logged out - */ -void logout(void) +void CtdlUserLogout(void) { - CitContext *CCC = CC; /* CachedCitContext - performance boost */ - /* - * If there is a download in progress, abort it. - */ - if (CCC->download_fp != NULL) { - fclose(CCC->download_fp); - CCC->download_fp = NULL; - } - - /* - * If there is an upload in progress, abort it. - */ - if (CCC->upload_fp != NULL) { - abort_upl(CCC); - } + CitContext *CCC = MyContext(); - /* - * If we were talking to a network node, we're not anymore... - */ - if (!IsEmptyStr(CCC->net_node)) { - network_talking_to(CCC->net_node, NTT_REMOVE); - } + syslog(LOG_DEBUG, "user_ops: CtdlUserLogout() logging out <%s> from session %d", CCC->curr_user, CCC->cs_pid); /* Run any hooks registered by modules... */ PerformSessionHooks(EVT_LOGOUT); @@ -819,13 +726,26 @@ void logout(void) CCC->logged_in = 0; /* Check to see if the user was deleted whilst logged in and purge them if necessary */ - if ((CCC->user.axlevel == 0) && (CCC->user.usernum)) + if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) { purge_user(CCC->user.fullname); + } + + /* Clear out the user record in memory so we don't behave like a ghost */ + memset(&CCC->user, 0, sizeof(struct ctdluser)); + CCC->curr_user[0] = 0; + CCC->is_master = 0; + CCC->cs_inet_email[0] = 0; + CCC->cs_inet_other_emails[0] = 0; + CCC->cs_inet_fn[0] = 0; + CCC->fake_username[0] = 0; + CCC->fake_hostname[0] = 0; + CCC->fake_roomname[0] = 0; /* Free any output buffers */ unbuffer_output(); } + /* * Validate a password on the host unix system by talking to the chkpwd daemon */ @@ -835,27 +755,43 @@ static int validpw(uid_t uid, const char *pass) int rv = 0; if (IsEmptyStr(pass)) { - CtdlLogPrintf(CTDL_DEBUG, "refusing to check empty password for uid=%d using chkpwd...\n", uid); + syslog(LOG_DEBUG, "user_ops: refusing to chkpwd for uid=%d with empty password", uid); return 0; } - CtdlLogPrintf(CTDL_DEBUG, "Validating password for uid=%d using chkpwd...\n", uid); + syslog(LOG_DEBUG, "user_ops: validating password for uid=%d using chkpwd...", uid); begin_critical_section(S_CHKPWD); rv = write(chkpwd_write_pipe[1], &uid, sizeof(uid_t)); + if (rv == -1) { + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); + end_critical_section(S_CHKPWD); + return 0; + } rv = write(chkpwd_write_pipe[1], pass, 256); + if (rv == -1) { + syslog(LOG_ERR, "user_ops: communication with chkpwd broken: %m"); + end_critical_section(S_CHKPWD); + return 0; + } rv = read(chkpwd_read_pipe[0], buf, 4); + if (rv == -1) { + syslog(LOG_ERR, "user_ops: ommunication with chkpwd broken: %m"); + end_critical_section(S_CHKPWD); + return 0; + } end_critical_section(S_CHKPWD); if (!strncmp(buf, "PASS", 4)) { - CtdlLogPrintf(CTDL_DEBUG, "...pass\n"); + syslog(LOG_DEBUG, "user_ops: chkpwd pass"); return(1); } - CtdlLogPrintf(CTDL_DEBUG, "...fail\n"); + syslog(LOG_DEBUG, "user_ops: chkpwd fail"); return 0; } + /* * Start up the chkpwd daemon so validpw() has something to talk to */ @@ -864,74 +800,69 @@ void start_chkpwd_daemon(void) { struct stat filestats; int i; - CtdlLogPrintf(CTDL_DEBUG, "Starting chkpwd daemon for host authentication mode\n"); + syslog(LOG_DEBUG, "user_ops: starting chkpwd daemon for host authentication mode"); - if ((stat(file_chkpwd, &filestats)==-1) || - (filestats.st_size==0)){ - printf("didn't find chkpwd daemon in %s: %s\n", file_chkpwd, strerror(errno)); + if ((stat(file_chkpwd, &filestats)==-1) || (filestats.st_size==0)) { + syslog(LOG_ERR, "user_ops: %s: %m", file_chkpwd); abort(); } if (pipe(chkpwd_write_pipe) != 0) { - CtdlLogPrintf(CTDL_EMERG, "Unable to create pipe for chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } if (pipe(chkpwd_read_pipe) != 0) { - CtdlLogPrintf(CTDL_EMERG, "Unable to create pipe for chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to create pipe for chkpwd daemon: %m"); abort(); } chkpwd_pid = fork(); if (chkpwd_pid < 0) { - CtdlLogPrintf(CTDL_EMERG, "Unable to fork chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to fork chkpwd daemon: %m"); abort(); } if (chkpwd_pid == 0) { - CtdlLogPrintf(CTDL_DEBUG, "Now calling dup2() write\n"); dup2(chkpwd_write_pipe[0], 0); - CtdlLogPrintf(CTDL_DEBUG, "Now calling dup2() write\n"); dup2(chkpwd_read_pipe[1], 1); - CtdlLogPrintf(CTDL_DEBUG, "Now closing stuff\n"); for (i=2; i<256; ++i) close(i); - CtdlLogPrintf(CTDL_DEBUG, "Now calling execl(%s)\n", file_chkpwd); execl(file_chkpwd, file_chkpwd, NULL); - CtdlLogPrintf(CTDL_EMERG, "Unable to exec chkpwd daemon: %s\n", strerror(errno)); + syslog(LOG_ERR, "user_ops: unable to exec chkpwd daemon: %m"); abort(); exit(errno); } } -int CtdlTryPassword(char *password) +int CtdlTryPassword(const char *password, long len) { int code; + CitContext *CCC = CC; - if ((CC->logged_in)) { - CtdlLogPrintf(CTDL_WARNING, "CtdlTryPassword: already logged in\n"); + if ((CCC->logged_in)) { + syslog(LOG_WARNING, "user_ops: CtdlTryPassword: already logged in"); return pass_already_logged_in; } - if (!strcmp(CC->curr_user, NLI)) { - CtdlLogPrintf(CTDL_WARNING, "CtdlTryPassword: no user selected\n"); + if (!strcmp(CCC->curr_user, NLI)) { + syslog(LOG_WARNING, "user_ops: CtdlTryPassword: no user selected"); return pass_no_user; } - if (CtdlGetUser(&CC->user, CC->curr_user)) { - CtdlLogPrintf(CTDL_ERR, "CtdlTryPassword: internal error\n"); + if (CtdlGetUser(&CCC->user, CCC->curr_user)) { + syslog(LOG_ERR, "user_ops: CtdlTryPassword: internal error"); return pass_internal_error; } if (password == NULL) { - CtdlLogPrintf(CTDL_INFO, "CtdlTryPassword: NULL password string supplied\n"); + syslog(LOG_INFO, "user_ops: CtdlTryPassword: NULL password string supplied"); return pass_wrong_password; } - code = (-1); - if (CC->is_master) { - code = strcmp(password, config.c_master_pass); + if (CCC->is_master) { + code = strcmp(password, CtdlGetConfigStr("c_master_pass")); } - else if (config.c_auth_mode == AUTHMODE_HOST) { + else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) { /* host auth mode */ - if (validpw(CC->user.uid, password)) { + if (validpw(CCC->user.uid, password)) { code = 0; /* @@ -942,14 +873,13 @@ int CtdlTryPassword(char *password) * this is a security hazard, comment it out. */ - CtdlGetUserLock(&CC->user, CC->curr_user); - safestrncpy(CC->user.password, password, sizeof CC->user.password); - CtdlPutUserLock(&CC->user); + CtdlGetUserLock(&CCC->user, CCC->curr_user); + safestrncpy(CCC->user.password, password, sizeof CCC->user.password); + CtdlPutUserLock(&CCC->user); /* * (sooper-seekrit hack ends here) */ - } else { code = (-1); @@ -957,11 +887,11 @@ int CtdlTryPassword(char *password) } #ifdef HAVE_LDAP - else if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { + else if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) { /* LDAP auth mode */ - if ((CC->ldap_dn) && (!CtdlTryPasswordLDAP(CC->ldap_dn, password))) { + if ((CCC->ldap_dn) && (!CtdlTryPasswordLDAP(CCC->ldap_dn, password))) { code = 0; } else { @@ -973,93 +903,69 @@ int CtdlTryPassword(char *password) else { /* native auth mode */ - - strproc(password); - strproc(CC->user.password); - code = strcasecmp(CC->user.password, password); - strproc(password); - strproc(CC->user.password); - code = strcasecmp(CC->user.password, password); + char *pw; + + pw = (char*) malloc(len + 1); + memcpy(pw, password, len + 1); + strproc(pw); + strproc(CCC->user.password); + code = strcasecmp(CCC->user.password, pw); + if (code != 0) { + strproc(pw); + strproc(CCC->user.password); + code = strcasecmp(CCC->user.password, pw); + } + free (pw); } if (!code) { do_login(); return pass_ok; - } else { - CtdlLogPrintf(CTDL_WARNING, "Bad password specified for <%s>\n", CC->curr_user); - return pass_wrong_password; } -} - - -void cmd_pass(char *buf) -{ - char password[256]; - int a; - - memset(password, 0, sizeof(password)); - extract_token(password, buf, 0, '|', sizeof password); - a = CtdlTryPassword(password); - - switch (a) { - case pass_already_logged_in: - cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN); - return; - case pass_no_user: - cprintf("%d You must send a name with USER first.\n", - ERROR + USERNAME_REQUIRED); - return; - case pass_wrong_password: - cprintf("%d Wrong password.\n", ERROR + PASSWORD_REQUIRED); - return; - case pass_ok: - logged_in_response(); - return; + else { + syslog(LOG_WARNING, "user_ops: bad password specified for <%s> Service <%s> Port <%ld> Remote <%s / %s>", + CCC->curr_user, + CCC->ServiceName, + CCC->tcp_port, + CCC->cs_host, + CCC->cs_addr + ); + return pass_wrong_password; } } - /* * Delete a user record *and* all of its related resources. */ int purge_user(char pname[]) { - char filename[64]; struct ctdluser usbuf; char usernamekey[USERNAME_SIZE]; - CitContext *ccptr; - int user_is_logged_in = 0; - makeuserkey(usernamekey, pname); + makeuserkey(usernamekey, pname, cutuserkey(pname)); /* If the name is empty we can't find them in the DB any way so just return */ if (IsEmptyStr(pname)) - return (ERROR + NO_SUCH_USER); + return(ERROR + NO_SUCH_USER); if (CtdlGetUser(&usbuf, pname) != 0) { - CtdlLogPrintf(CTDL_ERR, "Cannot purge user <%s> - not found\n", pname); - return (ERROR + NO_SUCH_USER); + syslog(LOG_ERR, "user_ops: cannot purge user <%s> - not found", pname); + return(ERROR + NO_SUCH_USER); } + /* Don't delete a user who is currently logged in. Instead, just * set the access level to 0, and let the account get swept up * during the next purge. */ - user_is_logged_in = 0; - begin_critical_section(S_SESSION_TABLE); - for (ccptr = ContextList; ccptr != NULL; ccptr = ccptr->next) { - if (ccptr->user.usernum == usbuf.usernum) { - user_is_logged_in = 1; - } - } - end_critical_section(S_SESSION_TABLE); - if (user_is_logged_in == 1) { - CtdlLogPrintf(CTDL_WARNING, "User <%s> is logged in; not deleting.\n", pname); - usbuf.axlevel = 0; + if (CtdlIsUserLoggedInByNum(usbuf.usernum)) { + syslog(LOG_WARNING, "user_ops: <%s> is logged in; not deleting", pname); + usbuf.axlevel = AxDeleted; CtdlPutUser(&usbuf); - return (1); + return(1); } - CtdlLogPrintf(CTDL_NOTICE, "Deleting user <%s>\n", pname); + + syslog(LOG_NOTICE, "user_ops: deleting <%s>", pname); /* Perform any purge functions registered by server extensions */ PerformUserHooks(&usbuf, EVT_PURGEUSER); @@ -1073,30 +979,14 @@ int purge_user(char pname[]) /* delete the userlog entry */ cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey)); - /* remove the user's bio file */ - snprintf(filename, - sizeof filename, - "%s/%ld", - ctdl_bio_dir, - usbuf.usernum); - unlink(filename); - - /* remove the user's picture */ - snprintf(filename, - sizeof filename, - "%s/%ld.gif", - ctdl_image_dir, - usbuf.usernum); - unlink(filename); - - return (0); + return(0); } -int internal_create_user (char *username, struct ctdluser *usbuf, uid_t uid) +int internal_create_user(char *username, struct ctdluser *usbuf, uid_t uid) { if (!CtdlGetUser(usbuf, username)) { - return (ERROR + ALREADY_EXISTS); + return(ERROR + ALREADY_EXISTS); } /* Go ahead and initialize a new user record */ @@ -1110,9 +1000,7 @@ int internal_create_user (char *username, struct ctdluser *usbuf, uid_t uid) usbuf->timescalled = 0; usbuf->posted = 0; - usbuf->axlevel = config.c_initax; - usbuf->USscreenwidth = 80; - usbuf->USscreenheight = 24; + usbuf->axlevel = CtdlGetConfigInt("c_initax"); usbuf->lastcall = time(NULL); /* fetch a new user number */ @@ -1122,74 +1010,39 @@ int internal_create_user (char *username, struct ctdluser *usbuf, uid_t uid) CtdlPutUser(usbuf); cdb_store(CDB_USERSBYNUMBER, &usbuf->usernum, sizeof(long), usbuf->fullname, strlen(usbuf->fullname)+1); - return 0; -} + /* If non-native auth, index by uid */ + if ((usbuf->uid > 0) && (usbuf->uid != NATIVE_AUTH_UID)) { + StrBuf *claimed_id = NewStrBuf(); + StrBufPrintf(claimed_id, "uid:%d", usbuf->uid); + attach_extauth(usbuf, claimed_id); + FreeStrBuf(&claimed_id); + } + return(0); +} /* * create_user() - back end processing to create a new user * * Set 'newusername' to the desired account name. - * Set 'become_user' to nonzero if this is self-service account creation and we want - * to actually log in as the user we just created, otherwise set it to 0. + * Set 'become_user' to CREATE_USER_BECOME_USER if this is self-service account creation and we want to + * actually log in as the user we just created, otherwise set it to CREATE_USER_DO_NOT_BECOME_USER + * Set 'uid' to some uid_t value to associate the account with an external auth user, or (-1) for native auth */ -int create_user(char *newusername, int become_user) +int create_user(char *username, int become_user, uid_t uid) { struct ctdluser usbuf; struct ctdlroom qrbuf; - char username[256]; char mailboxname[ROOMNAMELEN]; char buf[SIZ]; int retval; - uid_t uid = (-1); - - safestrncpy(username, newusername, sizeof username); strproc(username); - - - if (config.c_auth_mode == AUTHMODE_HOST) { - - /* host auth mode */ - - struct passwd pd; - struct passwd *tempPwdPtr; - char pwdbuffer[256]; - -#ifdef HAVE_GETPWNAM_R -#ifdef SOLARIS_GETPWUID - tempPwdPtr = getpwnam_r(username, &pd, pwdbuffer, sizeof(pwdbuffer)); -#else // SOLARIS_GETPWUID - getpwnam_r(username, &pd, pwdbuffer, sizeof pwdbuffer, &tempPwdPtr); -#endif // SOLARIS_GETPWUID -#else // HAVE_GETPWNAM_R - tempPwdPtr = NULL; -#endif // HAVE_GETPWNAM_R - if (tempPwdPtr != NULL) { - extract_token(username, pd.pw_gecos, 0, ',', sizeof username); - uid = pd.pw_uid; - if (IsEmptyStr (username)) - { - safestrncpy(username, pd.pw_name, sizeof username); - } - } - else { - return (ERROR + NO_SUCH_USER); - } + if ((retval = internal_create_user(username, &usbuf, uid)) != 0) { + return retval; } -#ifdef HAVE_LDAP - if ((config.c_auth_mode == AUTHMODE_LDAP) || (config.c_auth_mode == AUTHMODE_LDAP_AD)) { - if (CtdlTryUserLDAP(username, NULL, 0, username, sizeof username, &uid) != 0) { - return(ERROR + NO_SUCH_USER); - } - } -#endif /* HAVE_LDAP */ - - if ((retval = internal_create_user(username, &usbuf, uid)) != 0) - return retval; - /* * Give the user a private mailbox and a configuration room. * Make the latter an invisible system room. @@ -1211,7 +1064,7 @@ int create_user(char *newusername, int become_user) * creating a user, instead of doing self-service account creation */ - if (become_user) { + if (become_user == CREATE_USER_BECOME_USER) { /* Now become the user we just created */ memcpy(&CC->user, &usbuf, sizeof(struct ctdluser)); safestrncpy(CC->curr_user, username, sizeof CC->curr_user); @@ -1219,7 +1072,7 @@ int create_user(char *newusername, int become_user) /* Check to make sure we're still who we think we are */ if (CtdlGetUser(&CC->user, CC->curr_user)) { - return (ERROR + INTERNAL_ERROR); + return(ERROR + INTERNAL_ERROR); } } @@ -1230,291 +1083,24 @@ int create_user(char *newusername, int become_user) CC->cs_addr ); CtdlAideMessage(buf, "User Creation Notice"); - CtdlLogPrintf(CTDL_NOTICE, "New user <%s> created\n", username); - return (0); + syslog(LOG_NOTICE, "user_ops: <%s> created", username); + return(0); } - /* - * cmd_newu() - create a new user account and log in as that user - */ -void cmd_newu(char *cmdbuf) -{ - int a; - char username[26]; - - if (config.c_auth_mode != AUTHMODE_NATIVE) { - cprintf("%d This system does not use native mode authentication.\n", - ERROR + NOT_HERE); - return; - } - - if (config.c_disable_newu) { - cprintf("%d Self-service user account creation " - "is disabled on this system.\n", ERROR + NOT_HERE); - return; - } - - if (CC->logged_in) { - cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN); - return; - } - if (CC->nologin) { - cprintf("%d %s: Too many users are already online (maximum is %d)\n", - ERROR + MAX_SESSIONS_EXCEEDED, - config.c_nodename, config.c_maxsessions); - } - extract_token(username, cmdbuf, 0, '|', sizeof username); - username[25] = 0; - strproc(username); - - if (IsEmptyStr(username)) { - cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED); - return; - } - - if ((!strcasecmp(username, "bbs")) || - (!strcasecmp(username, "new")) || - (!strcasecmp(username, "."))) { - cprintf("%d '%s' is an invalid login name.\n", ERROR + ILLEGAL_VALUE, username); - return; - } - - a = create_user(username, 1); - - if (a == 0) { - logged_in_response(); - } else if (a == ERROR + ALREADY_EXISTS) { - cprintf("%d '%s' already exists.\n", - ERROR + ALREADY_EXISTS, username); - return; - } else if (a == ERROR + INTERNAL_ERROR) { - cprintf("%d Internal error - user record disappeared?\n", - ERROR + INTERNAL_ERROR); - return; - } else { - cprintf("%d unknown error\n", ERROR + INTERNAL_ERROR); - } -} - - -/* - * set password - back end api code + * set password - back end api code */ void CtdlSetPassword(char *new_pw) { CtdlGetUserLock(&CC->user, CC->curr_user); safestrncpy(CC->user.password, new_pw, sizeof(CC->user.password)); CtdlPutUserLock(&CC->user); - CtdlLogPrintf(CTDL_INFO, "Password changed for user <%s>\n", CC->curr_user); + syslog(LOG_INFO, "user_ops: password changed for <%s>", CC->curr_user); PerformSessionHooks(EVT_SETPASS); } -/* - * set password - citadel protocol implementation - */ -void cmd_setp(char *new_pw) -{ - int generate_random_password = 0; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - if ( (CC->user.uid != CTDLUID) && (CC->user.uid != (-1)) ) { - cprintf("%d Not allowed. Use the 'passwd' command.\n", ERROR + NOT_HERE); - return; - } - if (CC->is_master) { - cprintf("%d The master prefix password cannot be changed with this command.\n", - ERROR + NOT_HERE); - return; - } - - if (!strcasecmp(new_pw, "GENERATE_RANDOM_PASSWORD")) { - char random_password[17]; - generate_random_password = 1; - snprintf(random_password, sizeof random_password, "%08lx%08lx", random(), random()); - CtdlSetPassword(random_password); - cprintf("%d %s\n", CIT_OK, random_password); - } - else { - strproc(new_pw); - if (IsEmptyStr(new_pw)) { - cprintf("%d Password unchanged.\n", CIT_OK); - return; - } - CtdlSetPassword(new_pw); - cprintf("%d Password changed.\n", CIT_OK); - } -} - - -/* - * cmd_creu() - administratively create a new user account (do not log in to it) - */ -void cmd_creu(char *cmdbuf) -{ - int a; - char username[26]; - char password[32]; - struct ctdluser tmp; - - if (CtdlAccessCheck(ac_aide)) { - return; - } - - extract_token(username, cmdbuf, 0, '|', sizeof username); - extract_token(password, cmdbuf, 1, '|', sizeof password); - username[25] = 0; - password[31] = 0; - strproc(username); - strproc(password); - - if (IsEmptyStr(username)) { - cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED); - return; - } - - a = create_user(username, 0); - - if (a == 0) { - if (!IsEmptyStr(password)) { - CtdlGetUserLock(&tmp, username); - safestrncpy(tmp.password, password, sizeof(tmp.password)); - CtdlPutUserLock(&tmp); - } - cprintf("%d User '%s' created %s.\n", CIT_OK, username, - (!IsEmptyStr(password)) ? "and password set" : - "with no password"); - return; - } else if (a == ERROR + ALREADY_EXISTS) { - cprintf("%d '%s' already exists.\n", ERROR + ALREADY_EXISTS, username); - return; - } else if ( (config.c_auth_mode != AUTHMODE_NATIVE) && (a == ERROR + NO_SUCH_USER) ) { - cprintf("%d User accounts are not created within Citadel in host authentication mode.\n", - ERROR + NO_SUCH_USER); - return; - } else { - cprintf("%d An error occurred creating the user account.\n", ERROR + INTERNAL_ERROR); - } -} - - - -/* - * get user parameters - */ -void cmd_getu(char *cmdbuf) -{ - - if (CtdlAccessCheck(ac_logged_in)) - return; - - CtdlGetUser(&CC->user, CC->curr_user); - cprintf("%d %d|%d|%d|\n", - CIT_OK, - CC->user.USscreenwidth, - CC->user.USscreenheight, - (CC->user.flags & US_USER_SET) - ); -} - -/* - * set user parameters - */ -void cmd_setu(char *new_parms) -{ - if (CtdlAccessCheck(ac_logged_in)) - return; - - if (num_parms(new_parms) < 3) { - cprintf("%d Usage error.\n", ERROR + ILLEGAL_VALUE); - return; - } - CtdlGetUserLock(&CC->user, CC->curr_user); - CC->user.USscreenwidth = extract_int(new_parms, 0); - CC->user.USscreenheight = extract_int(new_parms, 1); - CC->user.flags = CC->user.flags & (~US_USER_SET); - CC->user.flags = CC->user.flags | - (extract_int(new_parms, 2) & US_USER_SET); - - CtdlPutUserLock(&CC->user); - cprintf("%d Ok\n", CIT_OK); -} - -/* - * set last read pointer - */ -void cmd_slrp(char *new_ptr) -{ - long newlr; - struct visit vbuf; - struct visit original_vbuf; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - if (!strncasecmp(new_ptr, "highest", 7)) { - newlr = CC->room.QRhighest; - } else { - newlr = atol(new_ptr); - } - - CtdlGetUserLock(&CC->user, CC->curr_user); - - CtdlGetRelationship(&vbuf, &CC->user, &CC->room); - memcpy(&original_vbuf, &vbuf, sizeof(struct visit)); - vbuf.v_lastseen = newlr; - snprintf(vbuf.v_seen, sizeof vbuf.v_seen, "*:%ld", newlr); - - /* Only rewrite the record if it changed */ - if ( (vbuf.v_lastseen != original_vbuf.v_lastseen) - || (strcmp(vbuf.v_seen, original_vbuf.v_seen)) ) { - CtdlSetRelationship(&vbuf, &CC->user, &CC->room); - } - - CtdlPutUserLock(&CC->user); - cprintf("%d %ld\n", CIT_OK, newlr); -} - - -void cmd_seen(char *argbuf) { - long target_msgnum = 0L; - int target_setting = 0; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - if (num_parms(argbuf) != 2) { - cprintf("%d Invalid parameters\n", ERROR + ILLEGAL_VALUE); - return; - } - - target_msgnum = extract_long(argbuf, 0); - target_setting = extract_int(argbuf, 1); - - CtdlSetSeen(&target_msgnum, 1, target_setting, - ctdlsetseen_seen, NULL, NULL); - cprintf("%d OK\n", CIT_OK); -} - - -void cmd_gtsn(char *argbuf) { - char buf[SIZ]; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - CtdlGetSeen(buf, ctdlsetseen_seen); - cprintf("%d %s\n", CIT_OK, buf); -} - - /* * API function for cmd_invt_kick() and anything else that needs to * invite or kick out a user to/from a room. @@ -1523,7 +1109,7 @@ void cmd_gtsn(char *argbuf) { */ int CtdlInvtKick(char *iuser, int op) { struct ctdluser USscratch; - struct visit vbuf; + visit vbuf; char bbb[SIZ]; if (CtdlGetUser(&USscratch, iuser) != 0) { @@ -1546,63 +1132,22 @@ int CtdlInvtKick(char *iuser, int op) { iuser, ((op == 1) ? "invited to" : "kicked out of"), CC->room.QRname, - CC->user.fullname); + (CC->logged_in ? CC->user.fullname : "an administrator") + ); CtdlAideMessage(bbb,"User Admin Message"); - return(0); } -/* - * INVT and KICK commands - */ -void cmd_invt_kick(char *iuser, int op) { - - /* - * These commands are only allowed by aides, room aides, - * and room namespace owners - */ - if (is_room_aide() - || (atol(CC->room.QRname) == CC->user.usernum) ) { - /* access granted */ - } else { - /* access denied */ - cprintf("%d Higher access or room ownership required.\n", - ERROR + HIGHER_ACCESS_REQUIRED); - return; - } - - if (!strncasecmp(CC->room.QRname, config.c_baseroom, - ROOMNAMELEN)) { - cprintf("%d Can't add/remove users from this room.\n", - ERROR + NOT_HERE); - return; - } - - if (CtdlInvtKick(iuser, op) != 0) { - cprintf("%d No such user.\n", ERROR + NO_SUCH_USER); - return; - } - - cprintf("%d %s %s %s.\n", - CIT_OK, iuser, - ((op == 1) ? "invited to" : "kicked out of"), - CC->room.QRname); - return; -} - -void cmd_invt(char *iuser) {cmd_invt_kick(iuser, 1);} -void cmd_kick(char *iuser) {cmd_invt_kick(iuser, 0);} - /* * Forget (Zap) the current room (API call) * Returns 0 on success */ int CtdlForgetThisRoom(void) { - struct visit vbuf; + visit vbuf; - /* On some systems, Aides are not allowed to forget rooms */ - if (is_aide() && (config.c_aide_zap == 0) + /* On some systems, Admins are not allowed to forget rooms */ + if (is_aide() && (CtdlGetConfigInt("c_aide_zap") == 0) && ((CC->room.QRflags & QR_MAILBOX) == 0) ) { return(1); } @@ -1617,118 +1162,11 @@ int CtdlForgetThisRoom(void) { CtdlPutUserLock(&CC->user); /* Return to the Lobby, so we don't end up in an undefined room */ - CtdlUserGoto(config.c_baseroom, 0, 0, NULL, NULL); + CtdlUserGoto(CtdlGetConfigStr("c_baseroom"), 0, 0, NULL, NULL, NULL, NULL); return(0); - -} - - -/* - * forget (Zap) the current room - */ -void cmd_forg(char *argbuf) -{ - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - if (CtdlForgetThisRoom() == 0) { - cprintf("%d Ok\n", CIT_OK); - } - else { - cprintf("%d You may not forget this room.\n", ERROR + NOT_HERE); - } -} - -/* - * Get Next Unregistered User - */ -void cmd_gnur(char *argbuf) -{ - struct cdbdata *cdbus; - struct ctdluser usbuf; - - if (CtdlAccessCheck(ac_aide)) { - return; - } - - if ((CitControl.MMflags & MM_VALID) == 0) { - cprintf("%d There are no unvalidated users.\n", CIT_OK); - return; - } - - /* There are unvalidated users. Traverse the user database, - * and return the first user we find that needs validation. - */ - cdb_rewind(CDB_USERS); - while (cdbus = cdb_next_item(CDB_USERS), cdbus != NULL) { - memset(&usbuf, 0, sizeof(struct ctdluser)); - memcpy(&usbuf, cdbus->ptr, - ((cdbus->len > sizeof(struct ctdluser)) ? - sizeof(struct ctdluser) : cdbus->len)); - cdb_free(cdbus); - if ((usbuf.flags & US_NEEDVALID) - && (usbuf.axlevel > 0)) { - cprintf("%d %s\n", MORE_DATA, usbuf.fullname); - cdb_close_cursor(CDB_USERS); - return; - } - } - - /* If we get to this point, there are no more unvalidated users. - * Therefore we clear the "users need validation" flag. - */ - - begin_critical_section(S_CONTROL); - get_control(); - CitControl.MMflags = CitControl.MMflags & (~MM_VALID); - put_control(); - end_critical_section(S_CONTROL); - cprintf("%d *** End of registration.\n", CIT_OK); - - } -/* - * validate a user - */ -void cmd_vali(char *v_args) -{ - char user[128]; - int newax; - struct ctdluser userbuf; - - extract_token(user, v_args, 0, '|', sizeof user); - newax = extract_int(v_args, 1); - - if (CtdlAccessCheck(ac_aide)) { - return; - } - - if (CtdlGetUserLock(&userbuf, user) != 0) { - cprintf("%d '%s' not found.\n", ERROR + NO_SUCH_USER, user); - return; - } - - userbuf.axlevel = newax; - userbuf.flags = (userbuf.flags & ~US_NEEDVALID); - - CtdlPutUserLock(&userbuf); - - /* If the access level was set to zero, delete the user */ - if (newax == 0) { - if (purge_user(user) == 0) { - cprintf("%d %s Deleted.\n", CIT_OK, userbuf.fullname); - return; - } - } - cprintf("%d User '%s' validated.\n", CIT_OK, userbuf.fullname); -} - - - /* * Traverse the user file... */ @@ -1763,8 +1201,8 @@ void ListThisUser(struct ctdluser *usbuf, void *data) return; } - if (usbuf->axlevel > 0) { - if ((CC->user.axlevel >= 6) + if (usbuf->axlevel > AxDeleted) { + if ((CC->user.axlevel >= AxAideU) || ((usbuf->flags & US_UNLISTED) == 0) || ((CC->internal_pgm))) { cprintf("%s|%d|%ld|%ld|%ld|%ld||\n", @@ -1778,181 +1216,6 @@ void ListThisUser(struct ctdluser *usbuf, void *data) } } -/* - * List users (searchstring may be empty to list all users) - */ -void cmd_list(char *cmdbuf) -{ - char searchstring[256]; - extract_token(searchstring, cmdbuf, 0, '|', sizeof searchstring); - striplt(searchstring); - cprintf("%d \n", LISTING_FOLLOWS); - ForEachUser(ListThisUser, (void *)searchstring ); - cprintf("000\n"); -} - - - - -/* - * assorted info we need to check at login - */ -void cmd_chek(char *argbuf) -{ - int mail = 0; - int regis = 0; - int vali = 0; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - CtdlGetUser(&CC->user, CC->curr_user); /* no lock is needed here */ - if ((REGISCALL != 0) && ((CC->user.flags & US_REGIS) == 0)) - regis = 1; - - if (CC->user.axlevel >= 6) { - get_control(); - if (CitControl.MMflags & MM_VALID) - vali = 1; - } - - /* check for mail */ - mail = InitialMailCheck(); - - cprintf("%d %d|%d|%d|%s|\n", CIT_OK, mail, regis, vali, CC->cs_inet_email); -} - - -/* - * check to see if a user exists - */ -void cmd_qusr(char *who) -{ - struct ctdluser usbuf; - - if (CtdlGetUser(&usbuf, who) == 0) { - cprintf("%d %s\n", CIT_OK, usbuf.fullname); - } else { - cprintf("%d No such user.\n", ERROR + NO_SUCH_USER); - } -} - - -/* - * Administrative Get User Parameters - */ -void cmd_agup(char *cmdbuf) -{ - struct ctdluser usbuf; - char requested_user[128]; - - if (CtdlAccessCheck(ac_aide)) { - return; - } - - extract_token(requested_user, cmdbuf, 0, '|', sizeof requested_user); - if (CtdlGetUser(&usbuf, requested_user) != 0) { - cprintf("%d No such user.\n", ERROR + NO_SUCH_USER); - return; - } - cprintf("%d %s|%s|%u|%ld|%ld|%d|%ld|%ld|%d\n", - CIT_OK, - usbuf.fullname, - usbuf.password, - usbuf.flags, - usbuf.timescalled, - usbuf.posted, - (int) usbuf.axlevel, - usbuf.usernum, - (long)usbuf.lastcall, - usbuf.USuserpurge); -} - - - -/* - * Administrative Set User Parameters - */ -void cmd_asup(char *cmdbuf) -{ - struct ctdluser usbuf; - char requested_user[128]; - char notify[SIZ]; - int np; - int newax; - int deleted = 0; - - if (CtdlAccessCheck(ac_aide)) - return; - - extract_token(requested_user, cmdbuf, 0, '|', sizeof requested_user); - if (CtdlGetUserLock(&usbuf, requested_user) != 0) { - cprintf("%d No such user.\n", ERROR + NO_SUCH_USER); - return; - } - np = num_parms(cmdbuf); - if (np > 1) - extract_token(usbuf.password, cmdbuf, 1, '|', sizeof usbuf.password); - if (np > 2) - usbuf.flags = extract_int(cmdbuf, 2); - if (np > 3) - usbuf.timescalled = extract_int(cmdbuf, 3); - if (np > 4) - usbuf.posted = extract_int(cmdbuf, 4); - if (np > 5) { - newax = extract_int(cmdbuf, 5); - if ((newax >= 0) && (newax <= 6)) { - usbuf.axlevel = extract_int(cmdbuf, 5); - } - } - if (np > 7) { - usbuf.lastcall = extract_long(cmdbuf, 7); - } - if (np > 8) { - usbuf.USuserpurge = extract_int(cmdbuf, 8); - } - CtdlPutUserLock(&usbuf); - if (usbuf.axlevel == 0) { - if (purge_user(requested_user) == 0) { - deleted = 1; - } - } - - if (deleted) { - snprintf(notify, SIZ, - "User \"%s\" has been deleted by %s.\n", - usbuf.fullname, CC->user.fullname); - CtdlAideMessage(notify, "User Deletion Message"); - } - - cprintf("%d Ok", CIT_OK); - if (deleted) - cprintf(" (%s deleted)", requested_user); - cprintf("\n"); -} - - - -/* - * Check to see if the user who we just sent mail to is logged in. If yes, - * bump the 'new mail' counter for their session. That enables them to - * receive a new mail notification without having to hit the database. - */ -void BumpNewMailCounter(long which_user) { - CitContext *ptr; - - begin_critical_section(S_SESSION_TABLE); - - for (ptr = ContextList; ptr != NULL; ptr = ptr->next) { - if (ptr->user.usernum == which_user) { - ptr->newmail += 1; - } - } - - end_critical_section(S_SESSION_TABLE); -} - /* * Count the number of new mail messages the user has @@ -1960,11 +1223,9 @@ void BumpNewMailCounter(long which_user) { int NewMailCount() { int num_newmsgs = 0; - num_newmsgs = CC->newmail; CC->newmail = 0; - - return (num_newmsgs); + return(num_newmsgs); } @@ -1977,14 +1238,14 @@ int InitialMailCheck() int a; char mailboxname[ROOMNAMELEN]; struct ctdlroom mailbox; - struct visit vbuf; + visit vbuf; struct cdbdata *cdbfr; long *msglist = NULL; int num_msgs = 0; CtdlMailboxName(mailboxname, sizeof mailboxname, &CC->user, MAILROOM); if (CtdlGetRoom(&mailbox, mailboxname) != 0) - return (0); + return(0); CtdlGetRelationship(&vbuf, &CC->user, &mailbox); cdbfr = cdb_fetch(CDB_MSGLISTS, &mailbox.QRnumber, sizeof(long)); @@ -2006,101 +1267,5 @@ int InitialMailCheck() if (msglist != NULL) free(msglist); - return (num_newmsgs); -} - - - -/* - * Set the preferred view for the current user/room combination - */ -void cmd_view(char *cmdbuf) { - int requested_view; - struct visit vbuf; - - if (CtdlAccessCheck(ac_logged_in)) { - return; - } - - requested_view = extract_int(cmdbuf, 0); - - CtdlGetRelationship(&vbuf, &CC->user, &CC->room); - vbuf.v_view = requested_view; - CtdlSetRelationship(&vbuf, &CC->user, &CC->room); - - cprintf("%d ok\n", CIT_OK); -} - - -/* - * Rename a user - */ -void cmd_renu(char *cmdbuf) -{ - int retcode; - char oldname[USERNAME_SIZE]; - char newname[USERNAME_SIZE]; - - if (CtdlAccessCheck(ac_aide)) { - return; - } - - extract_token(oldname, cmdbuf, 0, '|', sizeof oldname); - extract_token(newname, cmdbuf, 1, '|', sizeof newname); - - retcode = rename_user(oldname, newname); - switch(retcode) { - case RENAMEUSER_OK: - cprintf("%d '%s' has been renamed to '%s'.\n", CIT_OK, oldname, newname); - return; - case RENAMEUSER_LOGGED_IN: - cprintf("%d '%s' is currently logged in and cannot be renamed.\n", - ERROR + ALREADY_LOGGED_IN , oldname); - return; - case RENAMEUSER_NOT_FOUND: - cprintf("%d '%s' does not exist.\n", ERROR + NO_SUCH_USER, oldname); - return; - case RENAMEUSER_ALREADY_EXISTS: - cprintf("%d A user named '%s' already exists.\n", ERROR + ALREADY_EXISTS, newname); - return; - } - - cprintf("%d An unknown error occurred.\n", ERROR); -} - - - -/*****************************************************************************/ -/* MODULE INITIALIZATION STUFF */ -/*****************************************************************************/ - - -CTDL_MODULE_INIT(user_ops) -{ - if (!threading) { - CtdlRegisterProtoHook(cmd_user, "USER", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_pass, "PASS", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_creu, "CREU", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_setp, "SETP", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_getu, "GETU", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_setu, "SETU", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_slrp, "SLRP", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_invt, "INVT", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_kick, "KICK", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_forg, "FORG", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_gnur, "GNUR", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_vali, "VALI", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_list, "LIST", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_chek, "CHEK", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_qusr, "QUSR", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_agup, "AGUP", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_asup, "ASUP", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_seen, "SEEN", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_gtsn, "GTSN", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_view, "VIEW", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_renu, "RENU", "Autoconverted. TODO: document me."); - CtdlRegisterProtoHook(cmd_newu, "NEWU", "Autoconverted. TODO: document me."); - } - /* return our Subversion id for the Log */ - return "$Id$"; + return(num_newmsgs); }