X-Git-Url: https://code.citadel.org/?p=citadel.git;a=blobdiff_plain;f=webcit%2Fauth.c;h=76fb13dc1dfcf0b4eb80e6d7e2bd1a59cdb6465b;hp=d182b40238be0efbf55132017a721ad9cbca0c0f;hb=8f0a07617656512ca31a029814d04fc254ca9d33;hpb=f573ffd76f7b76fe677cff1ba60e17c6b9eddbec diff --git a/webcit/auth.c b/webcit/auth.c index d182b4023..76fb13dc1 100644 --- a/webcit/auth.c +++ b/webcit/auth.c @@ -1,15 +1,28 @@ /* - * $Id$ + * These functions handle authentication of users to a Citadel server. * - * WebcitAuth; Handles authentication of users to a Citadel server. + * Copyright (c) 1996-2011 by the citadel.org team + * + * This program is open source software. You can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #include "webcit.h" #include "webserver.h" #include - -void display_reg(int during_login); +extern uint32_t hashlittle( const void *key, size_t length, uint32_t initval); /* * Access level definitions. This is initialized from a function rather than a @@ -18,54 +31,31 @@ void display_reg(int during_login); char *axdefs[7]; void initialize_axdefs(void) { - axdefs[0] = _("Deleted"); /* an erased user */ - axdefs[1] = _("New User"); /* a new user */ - axdefs[2] = _("Problem User"); /* a trouble maker */ - axdefs[3] = _("Local User"); /* user with normal privileges */ - axdefs[4] = _("Network User"); /* a user that may access network resources */ - axdefs[5] = _("Preferred User");/* a moderator */ - axdefs[6] = _("Aide"); /* chief */ -} -int ReEstablish_Session(void) -{ - StrBuf *Buf = NewStrBuf(); - wcsession *WCC = WC; + /* an erased user */ + axdefs[0] = _("Deleted"); - serv_printf("USER %s", ChrPtr(WCC->Hdr->c_username)); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 3) { - serv_printf("PASS %s", ChrPtr(WCC->Hdr->c_password)); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 2) { - become_logged_in(WCC->Hdr->c_username, - WCC->Hdr->c_password, Buf); - get_preference("default_header_charset", &WCC->DefaultCharset); - } - } - /* - * If we don't have a current room, but a cookie specifying the - * current room is supplied, make an effort to go there. - */ - if ((StrLength(WCC->wc_roomname) == 0) && (StrLength(WCC->Hdr->c_roomname) > 0)) { - serv_printf("GOTO %s", - ChrPtr(WCC->Hdr->c_roomname)); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 2) { - if (WCC->wc_roomname == NULL) { - WCC->wc_roomname = NewStrBufDup(WCC->Hdr->c_roomname); - } - else { - FlushStrBuf(WCC->wc_roomname); - StrBufAppendBuf(WCC->wc_roomname, WCC->Hdr->c_roomname, 0); - } - } - } - FreeStrBuf(&Buf); - return 0; + /* a new user */ + axdefs[1] = _("New User"); + + /* a trouble maker */ + axdefs[2] = _("Problem User"); + + /* user with normal privileges */ + axdefs[3] = _("Local User"); + + /* a user that may access network resources */ + axdefs[4] = _("Network User"); + + /* a moderator */ + axdefs[5] = _("Preferred User"); + + /* chief */ + axdefs[6] = _("Aide"); } + /* * Display the login screen * mesg = the error message if last attempt failed. @@ -74,66 +64,13 @@ void display_login(void) { begin_burst(); output_headers(1, 0, 0, 0, 1, 0); - do_template("login", NULL); + do_template("login"); end_burst(); } -/* - * Display the openid-enabled login screen - * mesg = the error message if last attempt failed. - */ -void display_openid_login(char *mesg) -{ - begin_burst(); - output_headers(1, 0, 0, 0, 1, 0); - do_template("openid_login", NULL); - end_burst(); -} - - -void display_openid_name_request(const StrBuf *claimed_id, const StrBuf *username) -{ - StrBuf *Buf = NULL; - - output_headers(1, 1, 2, 0, 0, 0); - wprintf("
\n"); - - Buf = NewStrBufPlain(NULL, StrLength(claimed_id)); - StrEscAppend(Buf, claimed_id, NULL, 0, 0); - svprintf(HKEY("VERIFIED"), WCS_STRING, _("Your OpenID %s was successfully verified."), - ChrPtr(Buf)); - SVPutBuf("CLAIMED_ID", Buf, 0); - - - if (StrLength(username) > 0) { - Buf = NewStrBufPlain(NULL, StrLength(username)); - StrEscAppend(Buf, claimed_id, NULL, 0, 0); - svprintf(HKEY("REASON"), WCS_STRING, - _("However, the user name '%s' conflicts with an existing user."), - ChrPtr(Buf)); - FreeStrBuf(&Buf); - } - else { - svput("REASON", WCS_STRING, ""); - } - - svput("ACTION_REQUESTED", WCS_STRING, _("Please specify the user name you would like to use.")); - - svput("USERNAME_BOX", WCS_STRING, _("User name:")); - svput("NEWUSER_BUTTON", WCS_STRING, _("New User")); - svput("EXIT_BUTTON", WCS_STRING, _("Exit")); - - svprintf(HKEY("BOXTITLE"), WCS_STRING, _("%s - powered by Citadel"), - ChrPtr(WC->serv_info->serv_humannode)); - - do_template("openid_manual_create", NULL); - wDumpContent(2); -} - - /* Initialize the session * @@ -152,7 +89,6 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo wcsession *WCC = WC; StrBuf *Buf; StrBuf *FloorDiv; - StrBuf *Language = NULL; WCC->logged_in = 1; @@ -176,7 +112,7 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo } WCC->axlevel = StrBufExtract_int(serv_response, 1, '|'); - if (WCC->axlevel >= 6) { /* TODO: make this a define, else it might trick us later */ + if (WCC->axlevel >= 6) { WCC->is_aide = 1; } @@ -189,117 +125,66 @@ void become_logged_in(const StrBuf *user, const StrBuf *pass, StrBuf *serv_respo const char *pch; pch = ChrPtr(Buf) + 4; - WCC->new_mail = StrBufExtractNext_long(Buf, &pch, '|'); + /*WCC->new_mail =*/ StrBufExtractNext_long(Buf, &pch, '|'); WCC->need_regi = StrBufExtractNext_long(Buf, &pch, '|'); WCC->need_vali = StrBufExtractNext_long(Buf, &pch, '|'); if (WCC->cs_inet_email == NULL) WCC->cs_inet_email = NewStrBuf(); StrBufExtract_NextToken(WCC->cs_inet_email, Buf, &pch, '|'); } - if (havebstr("language")) - set_preference("language", NewStrBufDup(SBSTR("language")), 1); - else { - get_preference("language", &Language); - if (Language != NULL) { - set_selected_language(ChrPtr(Language)); - go_selected_language(); /* set locale */ - } - } get_preference("floordiv_expanded", &FloorDiv); WCC->floordiv_expanded = FloorDiv; FreeStrBuf(&Buf); + FlushRoomlist(); } /* - * Perform authentication using a user name and password + * modal/ajax version of 'login' (username and password) */ -void do_login(void) -{ - wcsession *WCC = WC; - StrBuf *Buf; - - if (havebstr("language")) { - set_selected_language(bstr("language")); - go_selected_language(); - } +void ajax_login_username_password(void) { + StrBuf *Buf = NewStrBuf(); - if (havebstr("exit_action")) { - do_logout(); - return; - } - Buf = NewStrBuf(); - if (havebstr("login_action")) { - serv_printf("USER %s", bstr("name")); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 3) { - serv_printf("PASS %s", bstr("pass")); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 2) { - become_logged_in(sbstr("name"), sbstr("pass"), Buf); - } else { - snprintf(WCC->ImportantMessage, - sizeof (WCC->ImportantMessage), - "%s", - &(ChrPtr(Buf))[4]); - display_login(); - FreeStrBuf(&Buf); - return; - } - } else { - snprintf(WCC->ImportantMessage, - sizeof (WCC->ImportantMessage), - "%s", - &(ChrPtr(Buf))[4]); - display_login(); - FreeStrBuf(&Buf); - return; - } - } - if (havebstr("newuser_action")) { - if (!havebstr("pass")) { - snprintf(WCC->ImportantMessage, - sizeof (WCC->ImportantMessage), - "%s", - _("Blank passwords are not allowed.")); - display_login(); - FreeStrBuf(&Buf); - return; - } - serv_printf("NEWU %s", bstr("name")); + serv_printf("USER %s", bstr("name")); + StrBuf_ServGetln(Buf); + if (GetServerStatus(Buf, NULL) == 3) { + serv_printf("PASS %s", bstr("pass")); StrBuf_ServGetln(Buf); if (GetServerStatus(Buf, NULL) == 2) { become_logged_in(sbstr("name"), sbstr("pass"), Buf); - serv_printf("SETP %s", bstr("pass")); - StrBuf_ServGetln(Buf); /* Don't care? */ - } else { - snprintf(WCC->ImportantMessage, - sizeof (WCC->ImportantMessage), - "%s", - &(ChrPtr(Buf))[4]); - display_login(); - FreeStrBuf(&Buf); - return; } } - if (WCC->logged_in) { - if (WCC->need_regi) { - display_reg(1); - } else if (WCC->need_vali) { - validate(); - } else { - do_welcome(); - } - } else { - snprintf(WCC->ImportantMessage, - sizeof (WCC->ImportantMessage), - "%s", - _("Your password was not accepted.")); - display_login(); - } + + /* The client is expecting to read back a citadel protocol response */ + wc_printf("%s", ChrPtr(Buf)); FreeStrBuf(&Buf); } + + +/* + * modal/ajax version of 'new user' (username and password) + */ +void ajax_login_newuser(void) { + StrBuf *NBuf = NewStrBuf(); + StrBuf *SBuf = NewStrBuf(); + + serv_printf("NEWU %s", bstr("name")); + StrBuf_ServGetln(NBuf); + if (GetServerStatus(NBuf, NULL) == 2) { + become_logged_in(sbstr("name"), sbstr("pass"), NBuf); + serv_printf("SETP %s", bstr("pass")); + StrBuf_ServGetln(SBuf); + } + + /* The client is expecting to read back a citadel protocol response */ + wc_printf("%s", ChrPtr(NBuf)); + FreeStrBuf(&NBuf); + FreeStrBuf(&SBuf); +} + + + /* * Try to create an account manually after an OpenID was verified */ @@ -307,38 +192,54 @@ void openid_manual_create(void) { StrBuf *Buf; + /* Did the user change his mind? Pack up and go home. */ if (havebstr("exit_action")) { - do_logout(); + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + do_template("authpopup_finished"); + end_burst(); return; } - if (havebstr("newuser_action")) { - Buf = NewStrBuf(); - serv_printf("OIDC %s", bstr("name")); - StrBuf_ServGetln(Buf); - if (GetServerStatus(Buf, NULL) == 2) { - StrBuf *gpass; - - gpass = NewStrBuf(); - serv_puts("SETP GENERATE_RANDOM_PASSWORD"); - StrBuf_ServGetln(gpass); - StrBufCutLeft(gpass, 4); - become_logged_in(sbstr("name"), gpass, Buf); - FreeStrBuf(&gpass); - } - FreeStrBuf(&Buf); + + /* Ok, let's give this a try. Can we create the new user? */ + + Buf = NewStrBuf(); + serv_printf("OIDC %s", bstr("name")); + StrBuf_ServGetln(Buf); + if (GetServerStatus(Buf, NULL) == 2) { + StrBuf *gpass; + + gpass = NewStrBuf(); + serv_puts("SETP GENERATE_RANDOM_PASSWORD"); + StrBuf_ServGetln(gpass); + StrBufCutLeft(gpass, 4); + become_logged_in(sbstr("name"), gpass, Buf); + FreeStrBuf(&gpass); } + FreeStrBuf(&Buf); + /* Did we manage to log in? If so, continue with the normal flow... */ if (WC->logged_in) { - if (WC->need_regi) { - display_reg(1); - } else if (WC->need_vali) { - validate(); - } else { - do_welcome(); + if (WC->logged_in) { + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + do_template("authpopup_finished"); + end_burst(); } } else { - display_openid_name_request(sbstr("openid_url"), sbstr("name")); + /* Still no good! Go back to teh dialog to select a username */ + const StrBuf *Buf; + putbstr("__claimed_id", NewStrBufDup(sbstr("openid_url"))); + Buf = sbstr("name"); + if (StrLength(Buf) > 0) + putbstr("__username", NewStrBufDup(Buf)); + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + wc_printf(""); + do_template("openid_manual_create"); + wc_printf(""); + end_burst(); } } @@ -350,43 +251,32 @@ void openid_manual_create(void) */ void do_openid_login(void) { - wcsession *WCC = WC; char buf[4096]; - if (havebstr("language")) { - set_selected_language(bstr("language")); - go_selected_language(); - } + snprintf(buf, sizeof buf, + "OIDS %s|%s/finalize_openid_login|%s", + bstr("openid_url"), + ChrPtr(site_prefix), + ChrPtr(site_prefix) + ); - if (havebstr("exit_action")) { - do_logout(); + serv_puts(buf); + serv_getln(buf, sizeof buf); + if (buf[0] == '2') { + syslog(LOG_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]); + http_redirect(&buf[4]); return; } - if (havebstr("login_action")) { - snprintf(buf, sizeof buf, - "OIDS %s|%s://%s/finalize_openid_login|%s://%s", - bstr("openid_url"), - (is_https ? "https" : "http"), ChrPtr(WCC->Hdr->http_host), - (is_https ? "https" : "http"), ChrPtr(WCC->Hdr->http_host) - ); - - serv_puts(buf); - serv_getln(buf, sizeof buf); - if (buf[0] == '2') { - lprintf(CTDL_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]); - http_redirect(&buf[4]); - return; - } - else { - display_openid_login(&buf[4]); - return; - } - } - /* If we get to this point then something failed. */ - display_openid_login(_("Your password was not accepted.")); + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + wc_printf(""); + escputs(&buf[4]); + wc_printf(""); + end_burst(); } + /* * Complete the authentication using OpenID * This function handles the positive or negative assertion from the user's Identity Provider @@ -395,7 +285,6 @@ void finalize_openid_login(void) { StrBuf *Buf; wcsession *WCC = WC; - int already_logged_in = (WCC->logged_in) ; int linecount = 0; StrBuf *result = NULL; StrBuf *username = NULL; @@ -414,6 +303,7 @@ void finalize_openid_login(void) long HKLen; const char *HKey; HashPos *Cursor; + int len; Cursor = GetNewHashPos (WCC->Hdr->urlstrings, 0); while (GetNextHashPos(WCC->Hdr->urlstrings, Cursor, &HKLen, &HKey, &U)) { @@ -426,7 +316,9 @@ void finalize_openid_login(void) serv_puts("000"); linecount = 0; - while (StrBuf_ServGetln(Buf), strcmp(ChrPtr(Buf), "000")) + while (len = StrBuf_ServGetln(Buf), + ((len >= 0) && + ((len != 3) || strcmp(ChrPtr(Buf), "000") ))) { if (linecount == 0) result = NewStrBufDup(Buf); if (!strcasecmp(ChrPtr(result), "authenticate")) { @@ -455,41 +347,62 @@ void finalize_openid_login(void) } } - /* If we were already logged in, this was an attempt to associate an OpenID account */ - if (already_logged_in) { + /* + * Is this an attempt to associate a new OpenID with an account that is already logged in? + */ + if ( (WCC->logged_in) && (havebstr("attach_existing")) ) { display_openids(); - FreeStrBuf(&result); - FreeStrBuf(&username); - FreeStrBuf(&password); - FreeStrBuf(&claimed_id); - FreeStrBuf(&logged_in_response); - return; } /* If this operation logged us in, either by connecting with an existing account or by * auto-creating one using Simple Registration Extension, we're already on our way. */ - if (!strcasecmp(ChrPtr(result), "authenticate")) { + else if (!strcasecmp(ChrPtr(result), "authenticate")) { become_logged_in(username, password, logged_in_response); + + /* Did we manage to log in? If so, continue with the normal flow... */ + if (WC->logged_in) { + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + do_template("authpopup_finished"); + end_burst(); + } else { + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + wc_printf(""); + wc_printf(_("An error has occurred.")); + wc_printf(""); + end_burst(); + } } - /* The specified OpenID was verified but the desired user name was either not specified via SRI + /* The specified OpenID was verified but the desired user name was either not specified via SRE * or conflicts with an existing user. Either way the user will need to specify a new name. */ - else if (!strcasecmp(ChrPtr(result), "verify_only")) { - display_openid_name_request(claimed_id, username); + putbstr("__claimed_id", claimed_id); + claimed_id = NULL; + if (StrLength(username) > 0) { + putbstr("__username", username); + username = NULL; + } + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + wc_printf(""); + do_template("openid_manual_create"); + wc_printf(""); + end_burst(); } - /* Did we manage to log in? If so, continue with the normal flow... */ - if (WC->logged_in) { - if (WC->need_regi) { - display_reg(1); - } else { - do_welcome(); - } - } else { - display_openid_login(_("Your password was not accepted.")); + /* Something went VERY wrong if we get to this point */ + else { + syslog(1, "finalize_openid_login() failed to do anything. This is a code problem.\n"); + begin_burst(); + output_headers(1, 0, 0, 0, 1, 0); + wc_printf(""); + wc_printf(_("An error has occurred.")); + wc_printf(""); + end_burst(); } FreeStrBuf(&result); @@ -520,23 +433,17 @@ void do_welcome(void) if (!setup_wizard) { int len; sprintf(wizard_filename, "setupwiz.%s.%s", - ctdlhost, ctdlport); - len = strlen(wizard_filename); - for (i=0; iwc_username); FlushStrBuf(WCC->wc_password); - FlushStrBuf(WCC->wc_roomname); FlushStrBuf(WCC->wc_fullname); + FlushRoomlist(); - /* FIXME: this is to suppress the iconbar displaying, because we aren't - actually logged out yet */ + serv_puts("LOUT"); + serv_getln(buf, sizeof buf); WCC->logged_in = 0; - - /** Calling output_headers() this way causes the cookies to be un-set */ + + FlushStrBuf(WCC->CurRoom.name); + + /* Calling output_headers() this way causes the cookies to be un-set */ output_headers(1, 1, 0, 1, 0, 0); - wprintf("
"); - wprintf("
"); - wprintf("
"); - wprintf(_("Log off")); - wprintf("
"); + /* For sites in guest mode, redirect to the landing page after we're logged out */ + if (WC->serv_info->serv_supports_guest) { + wc_printf(" " + ); + } + + wc_printf("
"); + wc_printf("
"); + wc_printf("
"); + wc_printf(_("Log off")); + wc_printf("
"); serv_puts("MESG goodbye"); serv_getln(buf, sizeof buf); if (WCC->serv_sock >= 0) { if (buf[0] == '1') { - fmout("CENTER"); + fmout("'CENTER'"); } else { - wprintf("Goodbye\n"); + wc_printf("Goodbye\n"); } } else { - wprintf(_("This program was unable to connect or stay " + wc_printf(_("This program was unable to connect or stay " "connected to the Citadel server. Please report " "this problem to your system administrator.") ); - wprintf("%s", + wc_printf("%s", _("Read More...")); } - wprintf("
" + wc_printf("
" ""); - wprintf(_("Log in again")); - wprintf(""); - - /* The "close window" link is commented out because some browsers don't - * allow it to work. - * - wprintf("   " - ""); - wprintf(_("Close window")); - wprintf(""); - */ + wc_printf(_("Log in again")); + wc_printf(""); + wc_printf("
\n"); + if (WC->serv_info->serv_supports_guest) { + display_default_landing_page(); + return; + } - wprintf("
\n"); wDumpContent(2); end_webcit_session(); } +/* + * Special page for monitoring scripts etc + */ +void monitor(void) +{ + output_headers(0, 0, 0, 0, 0, 0); + + hprintf("Content-type: text/plain\r\n" + "Server: " PACKAGE_STRING "\r\n" + "Connection: close\r\n" + ); + begin_burst(); + + wc_printf("Connection to Citadel server at %s:%s : %s\r\n", + ctdlhost, ctdlport, + (WC->connected ? "SUCCESS" : "FAIL") + ); + + wDumpContent(0); +} + + /* * validate new users */ @@ -649,14 +586,11 @@ void validate(void) char buf[SIZ]; int a; - output_headers(1, 1, 2, 0, 0, 0); - wprintf("
\n"); - wprintf("

"); - wprintf(_("Validate new users")); - wprintf("

"); - wprintf("
\n"); + output_headers(1, 1, 1, 0, 0, 0); - wprintf("
\n"); + do_template("box_begin_1"); + StrBufAppendBufPlain(WC->WBuf, _("Validate new users"), -1, 0); + do_template("box_begin_2"); /* If the user just submitted a validation, process it... */ safestrncpy(buf, bstr("user"), sizeof buf); @@ -665,7 +599,7 @@ void validate(void) serv_printf("VALI %s|%s", buf, bstr("axlevel")); serv_getln(buf, sizeof buf); if (buf[0] != '2') { - wprintf("%s
\n", &buf[4]); + wc_printf("%s
\n", &buf[4]); } } } @@ -674,21 +608,20 @@ void validate(void) serv_puts("GNUR"); serv_getln(buf, sizeof buf); if (buf[0] == '2') { - wprintf(""); - wprintf(_("No users require validation at this time.")); - wprintf("
\n"); + wc_printf(""); + wc_printf(_("No users require validation at this time.")); + wc_printf("
\n"); wDumpContent(1); return; } if (buf[0] != '3') { - wprintf("%s
\n", &buf[4]); + wc_printf("%s
\n", &buf[4]); wDumpContent(1); return; } - wprintf("
" - "
\n"); - wprintf("
"); + wc_printf("
\n"); + wc_printf("
"); safestrncpy(user, &buf[4], sizeof user); serv_printf("GREG %s", user); @@ -699,14 +632,14 @@ void validate(void) serv_getln(buf, sizeof buf); ++a; if (a == 1) - wprintf("#%s

%s

", + wc_printf("#%s

%s

", buf, &cmd[4]); if (a == 2) { char *pch; int haveChar = 0; int haveNum = 0; int haveOther = 0; - int count = 0; + int haveLong = 0; pch = buf; while (!IsEmptyStr(pch)) { @@ -718,10 +651,13 @@ void validate(void) haveOther = 1; pch ++; } - count = pch - buf; - if (count > 7) - count = 0; - switch (count){ + if (pch - buf > 7) + haveLong = 1; + switch (haveLong + + haveChar + + haveNum + + haveOther) + { case 0: pch = _("very weak"); break; @@ -736,46 +672,46 @@ void validate(void) pch = _("strong"); } - wprintf("PW: %s
\n", pch); + wc_printf("PW: %s
\n", pch); } if (a == 3) - wprintf("%s
\n", buf); + wc_printf("%s
\n", buf); if (a == 4) - wprintf("%s
\n", buf); + wc_printf("%s
\n", buf); if (a == 5) - wprintf("%s, ", buf); + wc_printf("%s, ", buf); if (a == 6) - wprintf("%s ", buf); + wc_printf("%s ", buf); if (a == 7) - wprintf("%s
\n", buf); + wc_printf("%s
\n", buf); if (a == 8) - wprintf("%s
\n", buf); + wc_printf("%s
\n", buf); if (a == 9) - wprintf(_("Current access level: %d (%s)\n"), + wc_printf(_("Current access level: %d (%s)\n"), atoi(buf), axdefs[atoi(buf)]); } while (strcmp(buf, "000")); } else { - wprintf("

%s

%s
\n", user, &cmd[4]); + wc_printf("

%s

%s
\n", user, &cmd[4]); } - wprintf("
"); - wprintf(_("Select access level for this user:")); - wprintf("
\n"); + wc_printf("
"); + wc_printf(_("Select access level for this user:")); + wc_printf("
\n"); for (a = 0; a <= 6; ++a) { - wprintf("nonce); + wc_printf("nonce); urlescputs(user); - wprintf("&axlevel=%d\">%s   \n", + wc_printf("&axlevel=%d\">%s   \n", a, axdefs[a]); } - wprintf("
\n"); + wc_printf("
\n"); - wprintf("
\n"); - wprintf("
\n"); + wc_printf("\n"); + wc_printf("
\n"); + do_template("box_end"); wDumpContent(1); } - /* * Display form for registration. * @@ -784,44 +720,61 @@ void validate(void) */ void display_reg(int during_login) { + folder Room; StrBuf *Buf; - message_summary *VCMsg; - wc_mime_attachment *VCAtt; + message_summary *VCMsg = NULL; + wc_mime_attachment *VCAtt = NULL; long vcard_msgnum; Buf = NewStrBuf(); - if (goto_config_room(Buf) != 0) { - if (during_login) do_welcome(); - else display_main_menu(); + memset(&Room, 0, sizeof(folder)); + if (goto_config_room(Buf, &Room) != 0) { + syslog(9, "display_reg() exiting because goto_config_room() failed\n"); + if (during_login) { + pop_destination(); + } + else { + display_main_menu(); + } FreeStrBuf(&Buf); + FlushFolder(&Room); return; } + FlushFolder(&Room); FreeStrBuf(&Buf); vcard_msgnum = locate_user_vcard_in_this_room(&VCMsg, &VCAtt); if (vcard_msgnum < 0L) { - if (during_login) do_welcome(); - else display_main_menu(); + syslog(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n"); + if (during_login) { + pop_destination(); + } + else { + display_main_menu(); + } return; } if (during_login) { - do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, "do_welcome", USERCONFIGROOM); + do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, "pop", USERCONFIGROOM); } else { - do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, "display_main_menu", USERCONFIGROOM); + StrBuf *ReturnTo; + ReturnTo = NewStrBufPlain(HKEY("display_main_menu?go=")); + StrBufAppendBuf(ReturnTo, WC->CurRoom.name, 0); + do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, ChrPtr(ReturnTo), USERCONFIGROOM); + FreeStrBuf(&ReturnTo); } } - - /* * display form for changing your password */ void display_changepw(void) { + wcsession *WCC = WC; WCTemplputParams SubTP; char buf[SIZ]; StrBuf *Buf; @@ -831,14 +784,14 @@ void display_changepw(void) memset(&SubTP, 0, sizeof(WCTemplputParams)); SubTP.Filter.ContextType = CTX_STRBUF; SubTP.Context = Buf; - DoTemplate(HKEY("beginbox"), NULL, &SubTP); + DoTemplate(HKEY("box_begin"), NULL, &SubTP); FreeStrBuf(&Buf); - if (!IsEmptyStr(WC->ImportantMessage)) { - wprintf("" - "%s
\n", WC->ImportantMessage); - safestrncpy(WC->ImportantMessage, "", sizeof WC->ImportantMessage); + if (StrLength(WCC->ImportantMsg) > 0) { + wc_printf("" + "%s
\n", ChrPtr(WCC->ImportantMsg)); + FlushStrBuf(WCC->ImportantMsg); } serv_puts("MESG changepw"); @@ -847,27 +800,27 @@ void display_changepw(void) fmout("CENTER"); } - wprintf("
\n"); - wprintf("\n", WC->nonce); - wprintf("\n"); - wprintf("\n"); - wprintf("
"); - wprintf(_("Enter new password:")); - wprintf(""); - wprintf("
"); - wprintf(_("Enter it again to confirm:")); - wprintf(""); - wprintf("
\n"); - - wprintf("
\n"); - wprintf("", _("Change password")); - wprintf(" "); - wprintf("\n", _("Cancel")); - wprintf("
\n"); - wprintf("
\n"); - - do_template("endbox", NULL); + wc_printf("
\n"); + wc_printf("\n", WC->nonce); + wc_printf("\n"); + wc_printf("\n"); + wc_printf("
"); + wc_printf(_("Enter new password:")); + wc_printf(""); + wc_printf("
"); + wc_printf(_("Enter it again to confirm:")); + wc_printf(""); + wc_printf("
\n"); + + wc_printf("
\n"); + wc_printf("", _("Change password")); + wc_printf(" "); + wc_printf("\n", _("Cancel")); + wc_printf("
\n"); + wc_printf("
\n"); + + do_template("box_end"); wDumpContent(1); } @@ -877,13 +830,11 @@ void display_changepw(void) */ void changepw(void) { - char buf[SIZ]; + StrBuf *Line; char newpass1[32], newpass2[32]; if (!havebstr("change_action")) { - safestrncpy(WC->ImportantMessage, - _("Cancelled. Password was not changed."), - sizeof WC->ImportantMessage); + AppendImportantMessage(_("Cancelled. Password was not changed."), -1); display_main_menu(); return; } @@ -892,87 +843,223 @@ void changepw(void) safestrncpy(newpass2, bstr("newpass2"), sizeof newpass2); if (strcasecmp(newpass1, newpass2)) { - safestrncpy(WC->ImportantMessage, - _("They don't match. Password was not changed."), - sizeof WC->ImportantMessage); + AppendImportantMessage(_("They don't match. Password was not changed."), -1); display_changepw(); return; } if (IsEmptyStr(newpass1)) { - safestrncpy(WC->ImportantMessage, - _("Blank passwords are not allowed."), - sizeof WC->ImportantMessage); + AppendImportantMessage(_("Blank passwords are not allowed."), -1); display_changepw(); return; } + Line = NewStrBuf(); serv_printf("SETP %s", newpass1); - serv_getln(buf, sizeof buf); - sprintf(WC->ImportantMessage, "%s", &buf[4]); - if (buf[0] == '2') { + StrBuf_ServGetln(Line); + if (GetServerStatusMsg(Line, NULL, 1, 0) == 2) { if (WC->wc_password == NULL) - WC->wc_password = NewStrBufPlain(buf, -1); + WC->wc_password = NewStrBufPlain( + ChrPtr(Line) + 4, + StrLength(Line) - 4); else { FlushStrBuf(WC->wc_password); - StrBufAppendBufPlain(WC->wc_password, buf, -1, 0); + StrBufAppendBufPlain(WC->wc_password, + ChrPtr(Line) + 4, + StrLength(Line) - 4, 0); } display_main_menu(); } else { display_changepw(); } + FreeStrBuf(&Line); } + +int ConditionalHaveAccessCreateRoom(StrBuf *Target, WCTemplputParams *TP) +{ + StrBuf *Buf; + + Buf = NewStrBuf(); + serv_puts("CRE8 0"); + StrBuf_ServGetln(Buf); + + if (GetServerStatus(Buf, NULL) == 2) { + StrBufCutLeft(Buf, 4); + AppendImportantMessage(SKEY(Buf)); + FreeStrBuf(&Buf); + return 0; + } + FreeStrBuf(&Buf); + return 1; +} + + int ConditionalAide(StrBuf *Target, WCTemplputParams *TP) { - return (WC->is_aide == 0); + wcsession *WCC = WC; + return (WCC != NULL) ? ((WCC->logged_in == 0)||(WC->is_aide == 0)) : 0; } -int ConditionalRoomAide(StrBuf *Target, WCTemplputParams *TP) + +int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP) { - return (WC->is_room_aide == 0); + wcsession *WCC = WC; + return (WCC != NULL) ? (WCC->logged_in == 0) : 0; + +} + + +/* + * toggle the session over to a different language + */ +void switch_language(void) { + set_selected_language(bstr("lang")); + pop_destination(); } -int ConditionalIsLoggedIn(StrBuf *Target, WCTemplputParams *TP) { - return (WC->logged_in == 0); + +void _display_reg(void) { + display_reg(0); } -int ConditionalRoomAcessDelete(StrBuf *Target, WCTemplputParams *TP) + + +void Header_HandleAuth(StrBuf *Line, ParsedHttpHdrs *hdr) { - wcsession *WCC = WC; - return ( (WCC->is_room_aide) || (WCC->is_mailbox) || (WCC->room_flags2 & QR2_COLLABDEL) ); + if (hdr->HR.got_auth == NO_AUTH) /* don't override cookie auth... */ + { + if (strncasecmp(ChrPtr(Line), "Basic", 5) == 0) { + StrBufCutLeft(Line, 6); + StrBufDecodeBase64(Line); + hdr->HR.plainauth = Line; + hdr->HR.got_auth = AUTH_BASIC; + } + else + syslog(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line)); + } } +void CheckAuthBasic(ParsedHttpHdrs *hdr) +{ +/* + todo: enable this if we can have other sessions than authenticated ones. + if (hdr->DontNeedAuth) + return; +*/ + StrBufAppendBufPlain(hdr->HR.plainauth, HKEY(":"), 0); + StrBufAppendBuf(hdr->HR.plainauth, hdr->HR.user_agent, 0); + hdr->HR.SessionKey = hashlittle(SKEY(hdr->HR.plainauth), 89479832); +/* + syslog(1, "CheckAuthBasic: calculated sessionkey %ld\n", + hdr->HR.SessionKey); +*/ +} -void _display_openid_login(void) {display_openid_login(NULL);} -void _display_reg(void) {display_reg(0);} + +void GetAuthBasic(ParsedHttpHdrs *hdr) +{ + const char *Pos = NULL; + if (hdr->c_username == NULL) + hdr->c_username = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER)); + if (hdr->c_password == NULL) + hdr->c_password = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS)); + StrBufExtract_NextToken(hdr->c_username, hdr->HR.plainauth, &Pos, ':'); + StrBufExtract_NextToken(hdr->c_password, hdr->HR.plainauth, &Pos, ':'); +} + + +void Header_HandleCookie(StrBuf *Line, ParsedHttpHdrs *hdr) +{ + const char *pch; +/* + todo: enable this if we can have other sessions than authenticated ones. + if (hdr->DontNeedAuth) + return; +*/ + pch = strstr(ChrPtr(Line), "webcit="); + if (pch == NULL) { + return; + } + + hdr->HR.RawCookie = Line; + StrBufCutLeft(hdr->HR.RawCookie, (pch - ChrPtr(hdr->HR.RawCookie)) + 7); + StrBufDecodeHex(hdr->HR.RawCookie); + + cookie_to_stuff(Line, &hdr->HR.desired_session, + hdr->c_username, + hdr->c_password, + hdr->c_roomname, + hdr->c_language + ); + hdr->HR.got_auth = AUTH_COOKIE; +} + + +void +HttpNewModule_AUTH +(ParsedHttpHdrs *httpreq) +{ + httpreq->c_username = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER)); + httpreq->c_password = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS)); + httpreq->c_roomname = NewStrBuf(); + httpreq->c_language = NewStrBuf(); +} + + +void +HttpDetachModule_AUTH +(ParsedHttpHdrs *httpreq) +{ + FLUSHStrBuf(httpreq->c_username); + FLUSHStrBuf(httpreq->c_password); + FLUSHStrBuf(httpreq->c_roomname); + FLUSHStrBuf(httpreq->c_language); +} + + +void +HttpDestroyModule_AUTH +(ParsedHttpHdrs *httpreq) +{ + FreeStrBuf(&httpreq->c_username); + FreeStrBuf(&httpreq->c_password); + FreeStrBuf(&httpreq->c_roomname); + FreeStrBuf(&httpreq->c_language); +} void InitModule_AUTH (void) { - WebcitAddUrlHandler(HKEY(""), do_welcome, ANONYMOUS|COOKIEUNNEEDED); /* no url pattern at all? Show login. */ - WebcitAddUrlHandler(HKEY("do_welcome"), do_welcome, ANONYMOUS|COOKIEUNNEEDED); - WebcitAddUrlHandler(HKEY("login"), do_login, ANONYMOUS|COOKIEUNNEEDED); - WebcitAddUrlHandler(HKEY("display_openid_login"), _display_openid_login, ANONYMOUS); - WebcitAddUrlHandler(HKEY("openid_login"), do_openid_login, ANONYMOUS); - WebcitAddUrlHandler(HKEY("finalize_openid_login"), finalize_openid_login, ANONYMOUS); - WebcitAddUrlHandler(HKEY("openid_manual_create"), openid_manual_create, ANONYMOUS); - WebcitAddUrlHandler(HKEY("do_logout"), do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE); - WebcitAddUrlHandler(HKEY("validate"), validate, 0); - WebcitAddUrlHandler(HKEY("display_reg"), _display_reg, 0); - WebcitAddUrlHandler(HKEY("display_changepw"), display_changepw, 0); - WebcitAddUrlHandler(HKEY("changepw"), changepw, 0); - WebcitAddUrlHandler(HKEY("termquit"), do_logout, 0); - + initialize_axdefs(); + RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie); + RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth); + + /* no url pattern at all? Show login. */ + WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED); + + WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED); + WebcitAddUrlHandler(HKEY("openid_login"), "", 0, do_openid_login, ANONYMOUS); + WebcitAddUrlHandler(HKEY("finalize_openid_login"), "", 0, finalize_openid_login, ANONYMOUS); + WebcitAddUrlHandler(HKEY("openid_manual_create"), "", 0, openid_manual_create, ANONYMOUS); + WebcitAddUrlHandler(HKEY("validate"), "", 0, validate, 0); + WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, 0); + WebcitAddUrlHandler(HKEY("display_reg"), "", 0, _display_reg, 0); + WebcitAddUrlHandler(HKEY("display_changepw"), "", 0, display_changepw, 0); + WebcitAddUrlHandler(HKEY("changepw"), "", 0, changepw, 0); + WebcitAddUrlHandler(HKEY("termquit"), "", 0, do_logout, 0); + WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE); + WebcitAddUrlHandler(HKEY("monitor"), "", 0, monitor, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE); + WebcitAddUrlHandler(HKEY("ajax_login_username_password"), "", 0, ajax_login_username_password, AJAX|ANONYMOUS); + WebcitAddUrlHandler(HKEY("ajax_login_newuser"), "", 0, ajax_login_newuser, AJAX|ANONYMOUS); + WebcitAddUrlHandler(HKEY("switch_language"), "", 0, switch_language, ANONYMOUS); RegisterConditional(HKEY("COND:AIDE"), 2, ConditionalAide, CTX_NONE); - RegisterConditional(HKEY("COND:ROOMAIDE"), 2, ConditionalRoomAide, CTX_NONE); - RegisterConditional(HKEY("COND:ACCESS:DELETE"), 2, ConditionalRoomAcessDelete, CTX_NONE); RegisterConditional(HKEY("COND:LOGGEDIN"), 2, ConditionalIsLoggedIn, CTX_NONE); - - return ; + RegisterConditional(HKEY("COND:MAY_CREATE_ROOM"), 2, ConditionalHaveAccessCreateRoom, CTX_NONE); + return; } @@ -983,8 +1070,6 @@ SessionDestroyModule_AUTH FreeStrBuf(&sess->wc_username); FreeStrBuf(&sess->wc_fullname); FreeStrBuf(&sess->wc_password); - FreeStrBuf(&sess->wc_roomname); - FreeStrBuf(&sess->httpauth_user); FreeStrBuf(&sess->httpauth_pass); FreeStrBuf(&sess->cs_inet_email); }