From 06bf4eeae8f104fee9c6edfbd55ef00b4a03b942 Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Fri, 28 Jan 2011 11:49:53 -0500 Subject: [PATCH] arrgh --- citadel/euidindex.c | 42 ++++++++++++++++++------------------------ citadel/msgbase.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+), 24 deletions(-) diff --git a/citadel/euidindex.c b/citadel/euidindex.c index a1d5ec960..8bad12925 100644 --- a/citadel/euidindex.c +++ b/citadel/euidindex.c @@ -217,28 +217,16 @@ void rebuild_euid_index(void) { -struct euid_callback { - long msgnum; - int found_it; -}; - -/* - * callback for cmd_euid - */ -void euid_is_msg_in_room(long msgnum, void *userdata) { - struct euid_callback *ec = (struct euid_callback *) userdata; - - if (msgnum == ec->msgnum) ec->found_it = 1; -} - - /* * Server command to fetch a message number given an euid. */ void cmd_euid(char *cmdbuf) { char euid[256]; long msgnum; - struct euid_callback ec; + struct cdbdata *cdbfr; + long *msglist = NULL; + int num_msgs = 0; + int i; if (CtdlAccessCheck(ac_logged_in_or_guest)) return; @@ -249,21 +237,27 @@ void cmd_euid(char *cmdbuf) { return; } - ec.msgnum = msgnum; - ec.found_it = 0; - CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL, NULL, euid_is_msg_in_room, (void *)&ec); - - if (ec.found_it) { - cprintf("%d %ld\n", CIT_OK, msgnum); - return; + cdbfr = cdb_fetch(CDB_MSGLISTS, &CC->room.QRnumber, sizeof(long)); + if (cdbfr != NULL) { + num_msgs = cdbfr->len / sizeof(long); + msglist = (long *) cdbfr->ptr; + for (i = 0; i < num_msgs; ++i) { + if (msglist[i] == msgnum) { + cdb_free(cdbfr); + cprintf("%d %ld\n", CIT_OK, msgnum); + return; + } + } + cdb_free(cdbfr); } + cprintf("%d not found\n", ERROR + MESSAGE_NOT_FOUND); } CTDL_MODULE_INIT(euidindex) { if (!threading) { - CtdlRegisterProtoHook(cmd_euid, "EUID", "Fetch the msgnum associated with an EUID"); + CtdlRegisterProtoHook(cmd_euid, "EUID", "Perform operations on Extended IDs for messages"); } /* return our Subversion id for the Log */ return "euidindex"; diff --git a/citadel/msgbase.c b/citadel/msgbase.c index 7b46dbee5..21a967ec8 100644 --- a/citadel/msgbase.c +++ b/citadel/msgbase.c @@ -695,6 +695,22 @@ int CtdlForEachMessage(int mode, long ref, char *search_string, cdb_free(cdbfr); /* we own this memory now */ /* +<<<<<<< HEAD +======= + * We cache the most recent msglist in order to do security checks later + */ + if (CC->client_socket > 0) { + if (CC->cached_msglist != NULL) { + free(CC->cached_msglist); + } + + CC->cached_msglist = msglist; + CC->cached_num_msgs = num_msgs; + syslog(LOG_DEBUG, "\033[34m RELOAD \033[0m\n"); + } + + /* +>>>>>>> parent of 4ec6a9d... Updating cmd_euid() to use the CtdlForEachMessage() API fixes the security check in blog view and saves some code * Now begin the traversal. */ if (num_msgs > 0) for (a = 0; a < num_msgs; ++a) { @@ -1602,8 +1618,27 @@ int check_cached_msglist(long msgnum) { if (CC->client_socket <= 0) return om_ok; /* not a client session */ if (CC->cached_msglist == NULL) return om_access_denied; /* no msglist fetched */ +<<<<<<< HEAD if (seenit_isthere(CC->cached_msglist, msgnum)) { return om_ok; +======= + /* Do a binary search within the cached_msglist for the requested msgnum */ + int min = 0; + int max = (CC->cached_num_msgs - 1); + + while (max >= min) { + syslog(LOG_DEBUG, "\033[35m Checking from %d to %d \033[0m\n", min, max); + int middle = min + (max-min) / 2 ; + if (msgnum == CC->cached_msglist[middle]) { + return om_ok; + } + if (msgnum > CC->cached_msglist[middle]) { + min = middle + 1; + } + else { + max = middle - 1; + } +>>>>>>> parent of 4ec6a9d... Updating cmd_euid() to use the CtdlForEachMessage() API fixes the security check in blog view and saves some code } return om_access_denied; @@ -1661,6 +1696,7 @@ int CtdlOutputMsg(long msg_num, /* message number (local) to fetch */ } r = check_cached_msglist(msg_num); +<<<<<<< HEAD if (r != om_ok) { syslog(LOG_DEBUG, "Denying access to message %ld - not yet listed\n", msg_num); if (do_proto) { @@ -1675,7 +1711,15 @@ int CtdlOutputMsg(long msg_num, /* message number (local) to fetch */ } return(r); } +======= + if (r == om_ok) { + syslog(LOG_DEBUG, "\033[32m PASS \033[0m\n"); + } + else { + syslog(LOG_DEBUG, "\033[31m FAIL \033[0m\n"); +>>>>>>> parent of 4ec6a9d... Updating cmd_euid() to use the CtdlForEachMessage() API fixes the security check in blog view and saves some code } + /* FIXME after testing, this is where we deny access */ /* * Fetch the message from disk. If we're in HEADERS_FAST mode, -- 2.30.2