From: Wilfried Göesgens Date: Tue, 18 May 2010 21:34:56 +0000 (+0000) Subject: * split cutuserkey() out of makeuserkey(); its name doesn't show that theres a modifi... X-Git-Tag: v7.86~206 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=263eb53ff5e8a68b61789dad6ac3f999d98e8f2c * split cutuserkey() out of makeuserkey(); its name doesn't show that theres a modification of the buffer inside. * modify several functions so their callers have to call cutuserkey() * harmonize the user length to USERNAME_SIZE; apply cutting after cleanup of invalid characters --- diff --git a/citadel/citadel_ldap.h b/citadel/citadel_ldap.h index d29df7fc8..e8c65a5d2 100644 --- a/citadel/citadel_ldap.h +++ b/citadel/citadel_ldap.h @@ -21,5 +21,5 @@ */ int CtdlTryUserLDAP(char *username, char *found_dn, int found_dn_size, char *fullname, int fullname_size, uid_t *found_uid); -int CtdlTryPasswordLDAP(char *user_dn, char *password); +int CtdlTryPasswordLDAP(char *user_dn, const char *password); int Ctdl_LDAP_to_vCard(char *ldap_dn, struct vCard *v); diff --git a/citadel/context.c b/citadel/context.c index 90516d7d8..b00f6c07c 100644 --- a/citadel/context.c +++ b/citadel/context.c @@ -34,6 +34,9 @@ #include #include #include +/* +#include +*/ #if TIME_WITH_SYS_TIME # include @@ -427,17 +430,19 @@ CitContext *CtdlGetContextArray(int *count) */ void CtdlFillSystemContext(CitContext *context, char *name) { - char sysname[USERNAME_SIZE]; + char sysname[SIZ]; + long len; memset(context, 0, sizeof(CitContext)); context->internal_pgm = 1; context->cs_pid = 0; strcpy (sysname, "SYS_"); strcat (sysname, name); + len = cutuserkey(sysname); /* internal_create_user has the side effect of loading the user regardless of wether they * already existed or needed to be created */ - internal_create_user (sysname, &(context->user), -1) ; + internal_create_user (sysname, len, &(context->user), -1) ; /* Check to see if the system user needs upgrading */ if (context->user.usernum == 0) @@ -582,7 +587,16 @@ void InitializeMasterCC(void) { * Bind a thread to a context. (It's inline merely to speed things up.) */ INLINE void become_session(CitContext *which_con) { +/* + pid_t tid = syscall(SYS_gettid); +*/ citthread_setspecific(MyConKey, (void *)which_con ); +/* + CtdlLogPrintf(CTDL_DEBUG, "[%d]: Now doing %s\n", + (int) tid, + ((which_con != NULL) && (which_con->ServiceName != NULL)) ? + which_con->ServiceName:""); +*/ } diff --git a/citadel/include/ctdl_module.h b/citadel/include/ctdl_module.h index 8f3d3f741..290c90543 100644 --- a/citadel/include/ctdl_module.h +++ b/citadel/include/ctdl_module.h @@ -302,7 +302,8 @@ extern struct config config; /* * Expose API calls from user_ops.c */ -int CtdlGetUser(struct ctdluser *usbuf, const char *name); +int CtdlGetUser(struct ctdluser *usbuf, char *name); +int CtdlGetUserLen(struct ctdluser *usbuf, const char *name, long len); int CtdlGetUserLock(struct ctdluser *usbuf, char *name); void CtdlPutUser(struct ctdluser *usbuf); void CtdlPutUserLock(struct ctdluser *usbuf); @@ -328,7 +329,7 @@ enum { pass_wrong_password }; -int CtdlTryPassword(char *password); +int CtdlTryPassword(const char *password, long len); /* * Values which may be returned by CtdlTryPassword() */ diff --git a/citadel/ldap.c b/citadel/ldap.c index 7701b6c29..1ea3bb09b 100644 --- a/citadel/ldap.c +++ b/citadel/ldap.c @@ -223,7 +223,7 @@ int CtdlTryUserLDAP(char *username, } -int CtdlTryPasswordLDAP(char *user_dn, char *password) +int CtdlTryPasswordLDAP(char *user_dn, const char *password) { LDAP *ldserver = NULL; int i = (-1); diff --git a/citadel/modules/imap/serv_imap.c b/citadel/modules/imap/serv_imap.c index fd1050538..5ddae608a 100644 --- a/citadel/modules/imap/serv_imap.c +++ b/citadel/modules/imap/serv_imap.c @@ -550,7 +550,7 @@ void imap_login(int num_parms, ConstStr *Params) } case 4: if (CtdlLoginExistingUser(NULL, Params[2].Key) == login_ok) { - if (CtdlTryPassword(Params[3].Key) == pass_ok) { + if (CtdlTryPassword(Params[3].Key, Params[3].len) == pass_ok) { cprintf("%s OK [", Params[0].Key); imap_output_capability_string(); cprintf("] Hello, %s\r\n", CC->user.fullname); @@ -616,6 +616,7 @@ void imap_auth_plain(void) char user[256]; char pass[256]; int result; + long len; memset(pass, 0, sizeof(pass)); StrBufDecodeBase64(IMAP->Cmd.CmdBuf); @@ -623,7 +624,9 @@ void imap_auth_plain(void) decoded_authstring = ChrPtr(IMAP->Cmd.CmdBuf); safestrncpy(ident, decoded_authstring, sizeof ident); safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); - safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len < 0) + len = sizeof(pass) - 1; IMAP->authstate = imap_as_normal; @@ -635,7 +638,7 @@ void imap_auth_plain(void) } if (result == login_ok) { - if (CtdlTryPassword(pass) == pass_ok) { + if (CtdlTryPassword(pass, len) == pass_ok) { cprintf("%s OK authentication succeeded\r\n", IMAP->authseq); return; } @@ -672,18 +675,24 @@ void imap_auth_login_pass(long state) { citimap *Imap = IMAP; const char *pass = NULL; + long len = 0; switch (state) { default: case imap_as_expecting_password: StrBufDecodeBase64(Imap->Cmd.CmdBuf); pass = ChrPtr(Imap->Cmd.CmdBuf); + len = StrLength(Imap->Cmd.CmdBuf); break; case imap_as_expecting_multilinepassword: pass = ChrPtr(Imap->Cmd.CmdBuf); + len = StrLength(Imap->Cmd.CmdBuf); break; } - if (CtdlTryPassword(pass) == pass_ok) { + if (len > USERNAME_SIZE) + StrBufCutAt(Imap->Cmd.CmdBuf, USERNAME_SIZE, NULL); + + if (CtdlTryPassword(pass, len) == pass_ok) { cprintf("%s OK authentication succeeded\r\n", IMAP->authseq); } else { cprintf("%s NO authentication failed\r\n", IMAP->authseq); diff --git a/citadel/modules/managesieve/serv_managesieve.c b/citadel/modules/managesieve/serv_managesieve.c index 5c0e02030..e96378104 100644 --- a/citadel/modules/managesieve/serv_managesieve.c +++ b/citadel/modules/managesieve/serv_managesieve.c @@ -243,11 +243,12 @@ void cmd_mgsve_auth(int num_parms, char **parms, struct sdm_userdata *u) if (login_ok == CtdlLoginExistingUser(NULL, username)) { char *pass; + pass = &(auth[strlen(auth)+1]); /* for some reason the php script sends us the username twice. y? */ pass = &(pass[strlen(pass)+1]); - if (pass_ok == CtdlTryPassword(pass)) + if (pass_ok == CtdlTryPassword(pass, strlen(pass))) { MGSVE->command_state = mgsve_password; cprintf("OK\r\n"); diff --git a/citadel/modules/openid/serv_openid_rp.c b/citadel/modules/openid/serv_openid_rp.c index 3e10bc30d..384e2b6e0 100644 --- a/citadel/modules/openid/serv_openid_rp.c +++ b/citadel/modules/openid/serv_openid_rp.c @@ -416,6 +416,7 @@ int openid_create_user_via_sreg(StrBuf *claimed_id, HashList *sreg_keys) { char *desired_name = NULL; char new_password[32]; + long len; if (config.c_auth_mode != AUTHMODE_NATIVE) return(1); if (config.c_disable_newu) return(2); @@ -424,6 +425,7 @@ int openid_create_user_via_sreg(StrBuf *claimed_id, HashList *sreg_keys) CtdlLogPrintf(CTDL_DEBUG, "The desired account name is <%s>\n", desired_name); + len = cutuserkey(desired_name); if (!CtdlGetUser(&CC->user, desired_name)) { CtdlLogPrintf(CTDL_DEBUG, "<%s> is already taken by another user.\n", desired_name); memset(&CC->user, 0, sizeof(struct ctdluser)); @@ -431,7 +433,7 @@ int openid_create_user_via_sreg(StrBuf *claimed_id, HashList *sreg_keys) } /* The desired account name is available. Create the account and log it in! */ - if (create_user(desired_name, 1)) return(6); + if (create_user(desired_name, len, 1)) return(6); snprintf(new_password, sizeof new_password, "%08lx%08lx", random(), random()); CtdlSetPassword(new_password); @@ -712,6 +714,7 @@ void cmd_oids(char *argbuf) { * Finalize an OpenID authentication */ void cmd_oidf(char *argbuf) { + long len; char buf[2048]; char thiskey[1024]; char thisdata[1024]; @@ -734,10 +737,12 @@ void cmd_oidf(char *argbuf) { cprintf("%d Transmit OpenID data now\n", START_CHAT_MODE); while (client_getln(buf, sizeof buf), strcmp(buf, "000")) { - extract_token(thiskey, buf, 0, '|', sizeof thiskey); + len = extract_token(thiskey, buf, 0, '|', sizeof thiskey); + if (len < 0) + len = sizeof(thiskey) - 1; extract_token(thisdata, buf, 1, '|', sizeof thisdata); CtdlLogPrintf(CTDL_DEBUG, "%s: [%d] %s\n", thiskey, strlen(thisdata), thisdata); - Put(keys, thiskey, strlen(thiskey), strdup(thisdata), NULL); + Put(keys, thiskey, len, strdup(thisdata), NULL); } diff --git a/citadel/modules/pop3/serv_pop3.c b/citadel/modules/pop3/serv_pop3.c index 107e0366d..33fa1203d 100644 --- a/citadel/modules/pop3/serv_pop3.c +++ b/citadel/modules/pop3/serv_pop3.c @@ -284,11 +284,11 @@ void pop3_apop(char *argbuf) void pop3_pass(char *argbuf) { char password[SIZ]; - strcpy(password, argbuf); + safestrncpy(password, argbuf, sizeof password); striplt(password); /* CtdlLogPrintf(CTDL_DEBUG, "Trying <%s>\n", password); */ - if (CtdlTryPassword(password) == pass_ok) { + if (CtdlTryPassword(password, strlen(password)) == pass_ok) { pop3_login(); } else { diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c index cfb9b28d7..f21225671 100644 --- a/citadel/modules/smtp/serv_smtp.c +++ b/citadel/modules/smtp/serv_smtp.c @@ -339,11 +339,12 @@ void smtp_get_user(char *argbuf) { */ void smtp_get_pass(char *argbuf) { char password[SIZ]; + long len; memset(password, 0, sizeof(password)); - CtdlDecodeBase64(password, argbuf, SIZ); + len = CtdlDecodeBase64(password, argbuf, SIZ); /* CtdlLogPrintf(CTDL_DEBUG, "Trying <%s>\n", password); */ - if (CtdlTryPassword(password) == pass_ok) { + if (CtdlTryPassword(password, len) == pass_ok) { smtp_auth_greeting(); } else { @@ -362,11 +363,14 @@ void smtp_try_plain(char *encoded_authstring) { char user[256]; char pass[256]; int result; + long len; CtdlDecodeBase64(decoded_authstring, encoded_authstring, strlen(encoded_authstring) ); safestrncpy(ident, decoded_authstring, sizeof ident); safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); - safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len == -1) + len = sizeof(pass) - 1; SMTP->command_state = smtp_command; @@ -378,7 +382,7 @@ void smtp_try_plain(char *encoded_authstring) { } if (result == login_ok) { - if (CtdlTryPassword(pass) == pass_ok) { + if (CtdlTryPassword(pass, len) == pass_ok) { smtp_auth_greeting(); return; } diff --git a/citadel/modules/upgrade/serv_upgrade.c b/citadel/modules/upgrade/serv_upgrade.c index ea10f7403..4b6079905 100644 --- a/citadel/modules/upgrade/serv_upgrade.c +++ b/citadel/modules/upgrade/serv_upgrade.c @@ -93,7 +93,9 @@ void fix_sys_user_name(void) { if (strncmp(usbuf.fullname, "SYS_", 4)) { /** Delete any user 0 that doesn't start with SYS_ */ - makeuserkey(usernamekey, usbuf.fullname); + makeuserkey(usernamekey, + usbuf.fullname, + cutuserkey(usbuf.fullname)); cdb_delete(CDB_USERS, usernamekey, strlen(usernamekey)); } else diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c index a9d73b360..aee8bb757 100644 --- a/citadel/modules/xmpp/xmpp_sasl_service.c +++ b/citadel/modules/xmpp/xmpp_sasl_service.c @@ -72,6 +72,7 @@ int xmpp_auth_plain(char *authstring) char user[256]; char pass[256]; int result; + long len; /* Take apart the authentication string */ @@ -80,8 +81,9 @@ int xmpp_auth_plain(char *authstring) CtdlDecodeBase64(decoded_authstring, authstring, strlen(authstring)); safestrncpy(ident, decoded_authstring, sizeof ident); safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); - safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); - + len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); + if (len < 0) + len = -len; /* If there are underscores in either string, change them to spaces. Some clients * do not allow spaces so we can tell the user to substitute underscores if their @@ -100,7 +102,7 @@ int xmpp_auth_plain(char *authstring) } if (result == login_ok) { - if (CtdlTryPassword(pass) == pass_ok) { + if (CtdlTryPassword(pass, len) == pass_ok) { return(0); /* success */ } } @@ -162,7 +164,7 @@ void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password, cha result = CtdlLoginExistingUser(NULL, username); if (result == login_ok) { - result = CtdlTryPassword(password); + result = CtdlTryPassword(password, strlen(password)); if (result == pass_ok) { cprintf("", xmlesc(xmlbuf, iq_id, sizeof xmlbuf)); /* success */ return; diff --git a/citadel/user_ops.c b/citadel/user_ops.c index f95c3bab5..4da586ef8 100644 --- a/citadel/user_ops.c +++ b/citadel/user_ops.c @@ -59,21 +59,32 @@ int chkpwd_write_pipe[2]; int chkpwd_read_pipe[2]; + +INLINE long cutuserkey(char *username) { + long len; + len = strlen(username); + if (len >= USERNAME_SIZE) + { + CtdlLogPrintf (CTDL_EMERG, "Username to long: %s", username); + cit_backtrace (); + len = USERNAME_SIZE - 1; + ((char*)username)[USERNAME_SIZE - 1]='\0'; + } + return len; +} + /* * makeuserkey() - convert a username into the format used as a database key * (it's just the username converted into lower case) */ -INLINE void makeuserkey(char *key, const char *username) { - int i, len; +INLINE void makeuserkey(char *key, const char *username, long len) { + int i; - len = strlen(username); if (len >= USERNAME_SIZE) { CtdlLogPrintf (CTDL_EMERG, "Username to long: %s", username); cit_backtrace (); len = USERNAME_SIZE - 1; - /* WHOOPSI! whats that??? todo. */ - ((char*)username)[USERNAME_SIZE - 1]='\0'; } for (i=0; i<=len; ++i) { key[i] = tolower(username[i]); @@ -95,7 +106,7 @@ int getuser(struct ctdluser *usbuf, char name[]) * CtdlGetUser() - retrieve named user into supplied buffer. * returns 0 on success */ -int CtdlGetUser(struct ctdluser *usbuf, const char *name) +int CtdlGetUserLen(struct ctdluser *usbuf, const char *name, long len) { char usernamekey[USERNAME_SIZE]; @@ -105,7 +116,7 @@ int CtdlGetUser(struct ctdluser *usbuf, const char *name) memset(usbuf, 0, sizeof(struct ctdluser)); } - makeuserkey(usernamekey, name); + makeuserkey(usernamekey, name, len); cdbus = cdb_fetch(CDB_USERS, usernamekey, strlen(usernamekey)); if (cdbus == NULL) { /* user not found */ @@ -122,6 +133,12 @@ int CtdlGetUser(struct ctdluser *usbuf, const char *name) } +int CtdlGetUser(struct ctdluser *usbuf, char *name) +{ + return CtdlGetUserLen(usbuf, name, cutuserkey(name)); +} + + /* * CtdlGetUserLock() - same as getuser() but locks the record */ @@ -153,7 +170,9 @@ void CtdlPutUser(struct ctdluser *usbuf) { char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, usbuf->fullname); + makeuserkey(usernamekey, + usbuf->fullname, + cutuserkey(usbuf->fullname)); usbuf->version = REV_LEVEL; cdb_store(CDB_USERS, @@ -205,8 +224,8 @@ int rename_user(char *oldname, char *newname) { char newnamekey[USERNAME_SIZE]; /* Create the database keys... */ - makeuserkey(oldnamekey, oldname); - makeuserkey(newnamekey, newname); + makeuserkey(oldnamekey, oldname, cutuserkey(oldname)); + makeuserkey(newnamekey, newname, cutuserkey(newname)); /* Lock up and get going */ begin_critical_section(S_USERS); @@ -528,6 +547,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) { char username[SIZ]; int found_user; + long len; CtdlLogPrintf(9, "CtdlLoginExistingUser(%s, %s)\n", authname, trythisname); @@ -552,8 +572,9 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) } /* Continue attempting user validation... */ - safestrncpy(username, trythisname, USERNAME_SIZE); + safestrncpy(username, trythisname, sizeof (username)); striplt(username); + len = cutuserkey(username); if (IsEmptyStr(username)) { return login_not_found; @@ -592,7 +613,8 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) CtdlLogPrintf(CTDL_DEBUG, "found it: uid=%ld, gecos=%s here: %d\n", (long)pd.pw_uid, pd.pw_gecos, found_user); if (found_user != 0) { - create_user(username, 0); + len = cutuserkey(username); + create_user(username, len, 0); found_user = getuserbyuid(&CC->user, pd.pw_uid); } @@ -614,7 +636,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname) found_user = getuserbyuid(&CC->user, ldap_uid); if (found_user != 0) { - create_user(trythisname, 0); + create_user(username, len, 0); found_user = getuserbyuid(&CC->user, ldap_uid); } @@ -901,7 +923,7 @@ void start_chkpwd_daemon(void) { } -int CtdlTryPassword(char *password) +int CtdlTryPassword(const char *password, long len) { int code; @@ -973,13 +995,16 @@ int CtdlTryPassword(char *password) else { /* native auth mode */ + char *pw; - strproc(password); + pw = (char*) malloc(len + 1); + memcpy(pw, password, len + 1); + strproc(pw); strproc(CC->user.password); - code = strcasecmp(CC->user.password, password); - strproc(password); + code = strcasecmp(CC->user.password, pw); + strproc(pw); strproc(CC->user.password); - code = strcasecmp(CC->user.password, password); + code = strcasecmp(CC->user.password, pw); } if (!code) { @@ -994,12 +1019,13 @@ int CtdlTryPassword(char *password) void cmd_pass(char *buf) { - char password[256]; + char password[SIZ]; int a; + long len; memset(password, 0, sizeof(password)); - extract_token(password, buf, 0, '|', sizeof password); - a = CtdlTryPassword(password); + len = extract_token(password, buf, 0, '|', sizeof password); + a = CtdlTryPassword(password, len); switch (a) { case pass_already_logged_in: @@ -1029,7 +1055,7 @@ int purge_user(char pname[]) struct ctdluser usbuf; char usernamekey[USERNAME_SIZE]; - makeuserkey(usernamekey, pname); + makeuserkey(usernamekey, pname, cutuserkey(pname)); /* If the name is empty we can't find them in the DB any way so just return */ if (IsEmptyStr(pname)) @@ -1093,9 +1119,9 @@ int purge_user(char pname[]) } -int internal_create_user (const char *username, struct ctdluser *usbuf, uid_t uid) +int internal_create_user (const char *username, long len, struct ctdluser *usbuf, uid_t uid) { - if (!CtdlGetUser(usbuf, username)) { + if (!CtdlGetUserLen(usbuf, username, len)) { return (ERROR + ALREADY_EXISTS); } @@ -1134,7 +1160,7 @@ int internal_create_user (const char *username, struct ctdluser *usbuf, uid_t ui * Set 'become_user' to nonzero if this is self-service account creation and we want * to actually log in as the user we just created, otherwise set it to 0. */ -int create_user(const char *newusername, int become_user) +int create_user(const char *newusername, long len, int become_user) { struct ctdluser usbuf; struct ctdlroom qrbuf; @@ -1155,7 +1181,7 @@ int create_user(const char *newusername, int become_user) struct passwd pd; struct passwd *tempPwdPtr; - char pwdbuffer[256]; + char pwdbuffer[SIZ]; #ifdef HAVE_GETPWNAM_R #ifdef SOLARIS_GETPWUID @@ -1172,6 +1198,7 @@ int create_user(const char *newusername, int become_user) if (IsEmptyStr (username)) { safestrncpy(username, pd.pw_name, sizeof username); + len = cutuserkey(username); } } else { @@ -1187,7 +1214,7 @@ int create_user(const char *newusername, int become_user) } #endif /* HAVE_LDAP */ - if ((retval = internal_create_user(username, &usbuf, uid)) != 0) + if ((retval = internal_create_user(username, len, &usbuf, uid)) != 0) return retval; /* @@ -1242,6 +1269,7 @@ int create_user(const char *newusername, int become_user) void cmd_newu(char *cmdbuf) { int a; + long len; char username[26]; if (config.c_auth_mode != AUTHMODE_NATIVE) { @@ -1266,8 +1294,8 @@ void cmd_newu(char *cmdbuf) config.c_nodename, config.c_maxsessions); } extract_token(username, cmdbuf, 0, '|', sizeof username); - username[25] = 0; strproc(username); + len = cutuserkey(username); if (IsEmptyStr(username)) { cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED); @@ -1281,7 +1309,7 @@ void cmd_newu(char *cmdbuf) return; } - a = create_user(username, 1); + a = create_user(username, len, 1); if (a == 0) { logged_in_response(); @@ -1357,8 +1385,9 @@ void cmd_setp(char *new_pw) void cmd_creu(char *cmdbuf) { int a; - char username[26]; - char password[32]; + long len; + char username[SIZ]; + char password[SIZ]; struct ctdluser tmp; if (CtdlAccessCheck(ac_aide)) { @@ -1367,17 +1396,18 @@ void cmd_creu(char *cmdbuf) extract_token(username, cmdbuf, 0, '|', sizeof username); extract_token(password, cmdbuf, 1, '|', sizeof password); - username[25] = 0; - password[31] = 0; + ////username[25] = 0; + //password[31] = 0; strproc(username); strproc(password); + len = cutuserkey(username); if (IsEmptyStr(username)) { cprintf("%d You must supply a user name.\n", ERROR + USERNAME_REQUIRED); return; } - a = create_user(username, 0); + a = create_user(username, len, 0); if (a == 0) { if (!IsEmptyStr(password)) { diff --git a/citadel/user_ops.h b/citadel/user_ops.h index da50749d2..8355e3e78 100644 --- a/citadel/user_ops.h +++ b/citadel/user_ops.h @@ -19,7 +19,7 @@ void logged_in_response(void); /* logout() is deprecated use CtdlUserLogout() instead */ void logout (void) __attribute__ ((deprecated)); int purge_user (char *pname); -int create_user (const char *newusername, int become_user); +int create_user (const char *newusername, long len, int become_user); void do_login(void); int CtdlInvtKick(char *iuser, int op); void ForEachUser(void (*CallBack)(struct ctdluser *EachUser, void *out_data), @@ -54,5 +54,7 @@ void start_chkpwd_daemon(void); #define RENAMEUSER_ALREADY_EXISTS 3 /* An account with the desired new name already exists */ int rename_user(char *oldname, char *newname); -INLINE void makeuserkey(char *key, const char *username); -int internal_create_user (const char *username, struct ctdluser *usbuf, uid_t uid); +INLINE void makeuserkey(char *key, const char *username, long len); +INLINE long cutuserkey(char *username); + +int internal_create_user (const char *username, long len, struct ctdluser *usbuf, uid_t uid);