From e329db30593524cc2d8851a4500bac41f2340354 Mon Sep 17 00:00:00 2001
From: Art Cancro <ajc@citadel.org>
Date: Thu, 20 Dec 2018 17:12:07 -0500
Subject: [PATCH] Removed the 'master user' feature ... if we still need this
 we'll find another way

---
 citadel/config.c                              |  2 --
 citadel/context.h                             |  1 -
 citadel/control.c                             |  8 +++----
 citadel/include/ctdl_module.h                 |  2 +-
 citadel/modules/ctdlproto/serv_user.c         |  9 ++------
 citadel/modules/imap/serv_imap.c              | 12 +++++-----
 .../modules/managesieve/serv_managesieve.c    |  4 ++--
 citadel/modules/nntp/serv_nntp.c              |  4 ++--
 citadel/modules/pop3/serv_pop3.c              |  4 ++--
 citadel/modules/smtp/serv_smtp.c              |  6 ++---
 citadel/modules/xmpp/xmpp_sasl_service.c      | 22 +++++++++++++------
 citadel/user_ops.c                            | 21 ++----------------
 textclient/tuiconfig.c                        | 13 -----------
 .../static/t/aide/siteconfig/tab_access.html  |  8 -------
 14 files changed, 39 insertions(+), 77 deletions(-)

diff --git a/citadel/config.c b/citadel/config.c
index 907d27fce..2507abfee 100644
--- a/citadel/config.c
+++ b/citadel/config.c
@@ -205,8 +205,6 @@ void migrate_legacy_config(struct legacy_config *lconfig)
 	CtdlSetConfigInt(	"c_managesieve_port"	,	lconfig->c_managesieve_port	);
 	CtdlSetConfigInt(	"c_auth_mode"		,	lconfig->c_auth_mode		);
 	CtdlSetConfigInt(	"c_rbl_at_greeting"	,	lconfig->c_rbl_at_greeting	);
-	CtdlSetConfigStr(	"c_master_user"		,	lconfig->c_master_user		);
-	CtdlSetConfigStr(	"c_master_pass"		,	lconfig->c_master_pass		);
 	CtdlSetConfigStr(	"c_pager_program"	,	lconfig->c_pager_program	);
 	CtdlSetConfigInt(	"c_imap_keep_from"	,	lconfig->c_imap_keep_from	);
 	CtdlSetConfigInt(	"c_xmpp_c2s_port"	,	lconfig->c_xmpp_c2s_port	);
diff --git a/citadel/context.h b/citadel/context.h
index fd486caa3..585b5b1c7 100644
--- a/citadel/context.h
+++ b/citadel/context.h
@@ -80,7 +80,6 @@ struct CitContext {
 	int internal_pgm;	/* authenticated as internal program */
 	int nologin;		/* not allowed to log in */
 	int curr_view;		/* The view type for the current user/room */
-	int is_master;		/* Is this session logged in using the master user? */
 
 	time_t previous_login;	/* Date/time of previous login */
 	char lastcmdname[5];	/* name of last command executed */
diff --git a/citadel/control.c b/citadel/control.c
index cf587a044..6f3a1d7ec 100644
--- a/citadel/control.c
+++ b/citadel/control.c
@@ -318,8 +318,8 @@ void cmd_conf(char *argbuf)
 	        cprintf("\n");
 	        cprintf("\n");
 		cprintf("%d\n",		CtdlGetConfigInt("c_rbl_at_greeting"));
-		cprintf("%s\n",		CtdlGetConfigStr("c_master_user"));
-		cprintf("%s\n",		CtdlGetConfigStr("c_master_pass"));
+		cprintf("\n");
+		cprintf("\n");
 		cprintf("%s\n",		CtdlGetConfigStr("c_pager_program"));
 		cprintf("%d\n",		CtdlGetConfigInt("c_imap_keep_from"));
 		cprintf("%d\n",		CtdlGetConfigInt("c_xmpp_c2s_port"));
@@ -538,10 +538,10 @@ void cmd_conf(char *argbuf)
 				CtdlSetConfigInt("c_rbl_at_greeting", confbool(buf));
 				break;
 			case 58:
-				CtdlSetConfigStr("c_master_user", buf);
+				/* niu */
 				break;
 			case 59:
-				CtdlSetConfigStr("c_master_pass", buf);
+				/* niu */
 				break;
 			case 60:
 				CtdlSetConfigStr("c_pager_program", buf);
diff --git a/citadel/include/ctdl_module.h b/citadel/include/ctdl_module.h
index 3b3d794c3..1f5c8fcfb 100644
--- a/citadel/include/ctdl_module.h
+++ b/citadel/include/ctdl_module.h
@@ -375,7 +375,7 @@ int CtdlGetUserByNumber(struct ctdluser *usbuf, long number);
 void CtdlGetRelationship(visit *vbuf, struct ctdluser *rel_user, struct ctdlroom *rel_room);
 void CtdlSetRelationship(visit *newvisit, struct ctdluser *rel_user, struct ctdlroom *rel_room);
 void CtdlMailboxName(char *buf, size_t n, const struct ctdluser *who, const char *prefix);
-int CtdlLoginExistingUser(char *authname, const char *username);
+int CtdlLoginExistingUser(const char *username);
 
 /*
  * Values which may be returned by CtdlLoginExistingUser()
diff --git a/citadel/modules/ctdlproto/serv_user.c b/citadel/modules/ctdlproto/serv_user.c
index 5f8e9791b..48799de77 100644
--- a/citadel/modules/ctdlproto/serv_user.c
+++ b/citadel/modules/ctdlproto/serv_user.c
@@ -1,7 +1,7 @@
 /* 
  * Server functions which perform operations on user objects.
  *
- * Copyright (c) 1987-2017 by the citadel.org team
+ * Copyright (c) 1987-2018 by the citadel.org team
  *
  * This program is open source software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License, version 3.
@@ -34,7 +34,7 @@ void cmd_user(char *cmdbuf)
 	striplt(username);
 	syslog(LOG_DEBUG, "user_ops: cmd_user(%s)", username);
 
-	a = CtdlLoginExistingUser(NULL, username);
+	a = CtdlLoginExistingUser(username);
 	switch (a) {
 	case login_already_logged_in:
 		cprintf("%d Already logged in.\n", ERROR + ALREADY_LOGGED_IN);
@@ -162,11 +162,6 @@ void cmd_setp(char *new_pw)
 		cprintf("%d Not allowed.  Use the 'passwd' command.\n", ERROR + NOT_HERE);
 		return;
 	}
-	if (CC->is_master) {
-		cprintf("%d The master prefix password cannot be changed with this command.\n",
-			ERROR + NOT_HERE);
-		return;
-	}
 
 	if (!strcasecmp(new_pw, "GENERATE_RANDOM_PASSWORD")) {
 		char random_password[17];
diff --git a/citadel/modules/imap/serv_imap.c b/citadel/modules/imap/serv_imap.c
index e3c55ae4f..7bc97b6ed 100644
--- a/citadel/modules/imap/serv_imap.c
+++ b/citadel/modules/imap/serv_imap.c
@@ -1,7 +1,7 @@
 /*
  * IMAP server for the Citadel system
  *
- * Copyright (C) 2000-2017 by Art Cancro and others.
+ * Copyright (C) 2000-2018 by Art Cancro and others.
  * This code is released under the terms of the GNU General Public License.
  *
  * WARNING: the IMAP protocol is badly designed.  No implementation of it
@@ -628,7 +628,7 @@ void imap_login(int num_parms, ConstStr *Params)
 			return;
 		}
 	case 4:
-		if (CtdlLoginExistingUser(NULL, Params[2].Key) == login_ok) {
+		if (CtdlLoginExistingUser(Params[2].Key) == login_ok) {
 			if (CtdlTryPassword(Params[3].Key, Params[3].len) == pass_ok) {
 				/* hm, thats not doable by IReply :-( */
 				IAPrintf("%s OK [", Params[0].Key);
@@ -744,10 +744,10 @@ void imap_auth_plain(void)
 	Imap->authstate = imap_as_normal;
 
 	if (!IsEmptyStr(ident)) {
-		result = CtdlLoginExistingUser(user, ident);
+		result = CtdlLoginExistingUser(ident);
 	}
 	else {
-		result = CtdlLoginExistingUser(NULL, user);
+		result = CtdlLoginExistingUser(user);
 	}
 
 	if (result == login_ok) {
@@ -768,7 +768,7 @@ void imap_auth_login_user(long state)
 	switch (state){
 	case imap_as_expecting_username:
 		StrBufDecodeBase64(Imap->Cmd.CmdBuf);
-		CtdlLoginExistingUser(NULL, ChrPtr(Imap->Cmd.CmdBuf));
+		CtdlLoginExistingUser(ChrPtr(Imap->Cmd.CmdBuf));
 		size_t len = CtdlEncodeBase64(PWBuf, "Password:", 9, 0);
 		if (PWBuf[len - 1] == '\n') {
 			PWBuf[len - 1] = '\0';
@@ -780,7 +780,7 @@ void imap_auth_login_user(long state)
 		return;
 	case imap_as_expecting_multilineusername:
 		extract_token(PWBuf, ChrPtr(Imap->Cmd.CmdBuf), 1, ' ', sizeof(PWBuf));
-		CtdlLoginExistingUser(NULL, ChrPtr(Imap->Cmd.CmdBuf));
+		CtdlLoginExistingUser(ChrPtr(Imap->Cmd.CmdBuf));
 		IAPuts("+ go ahead\r\n");
 		Imap->authstate = imap_as_expecting_multilinepassword;
 		return;
diff --git a/citadel/modules/managesieve/serv_managesieve.c b/citadel/modules/managesieve/serv_managesieve.c
index 6bfe11264..e085d5991 100644
--- a/citadel/modules/managesieve/serv_managesieve.c
+++ b/citadel/modules/managesieve/serv_managesieve.c
@@ -6,7 +6,7 @@
  * as this draft expires with this writing, you might need to search for
  * the new one.
  *
- * Copyright (c) 2007-2015 by the citadel.org team
+ * Copyright (c) 2007-2018 by the citadel.org team
  *
  * This program is open source software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3.
@@ -284,7 +284,7 @@ void cmd_mgsve_auth(int num_parms, char **parms, struct sdm_userdata *u)
 		if ((*username == '\0') && (*(username + 1) != '\0'))
 			username ++;
 		
-		if (login_ok == CtdlLoginExistingUser(NULL, username))
+		if (login_ok == CtdlLoginExistingUser(username))
 		{
 			char *pass;
 
diff --git a/citadel/modules/nntp/serv_nntp.c b/citadel/modules/nntp/serv_nntp.c
index 9e77f8dae..14f75db6c 100644
--- a/citadel/modules/nntp/serv_nntp.c
+++ b/citadel/modules/nntp/serv_nntp.c
@@ -1,7 +1,7 @@
 //
 // NNTP server module (RFC 3977)
 //
-// Copyright (c) 2014-2015 by the citadel.org team
+// Copyright (c) 2014-2018 by the citadel.org team
 //
 // This program is open source software; you can redistribute it and/or modify
 // it under the terms of the GNU General Public License version 3.
@@ -278,7 +278,7 @@ void nntp_cleanup(void)
 //
 void nntp_authinfo_user(const char *username)
 {
-	int a = CtdlLoginExistingUser(NULL, username);
+	int a = CtdlLoginExistingUser(username);
 	switch (a) {
 	case login_already_logged_in:
 		cprintf("482 Already logged in\r\n");
diff --git a/citadel/modules/pop3/serv_pop3.c b/citadel/modules/pop3/serv_pop3.c
index 0b20e0059..3058ef315 100644
--- a/citadel/modules/pop3/serv_pop3.c
+++ b/citadel/modules/pop3/serv_pop3.c
@@ -1,7 +1,7 @@
 /*
  * POP3 service for the Citadel system
  *
- * Copyright (c) 1998-2017 by the citadel.org team
+ * Copyright (c) 1998-2018 by the citadel.org team
  *
  * This program is open source software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3.
@@ -133,7 +133,7 @@ void pop3_user(char *argbuf)
 	strcpy(username, argbuf);
 	striplt(username);
 
-	if (CtdlLoginExistingUser(NULL, username) == login_ok) {
+	if (CtdlLoginExistingUser(username) == login_ok) {
 		cprintf("+OK Password required for %s\r\n", username);
 	}
 	else {
diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c
index c8cd70173..b7ee16a69 100644
--- a/citadel/modules/smtp/serv_smtp.c
+++ b/citadel/modules/smtp/serv_smtp.c
@@ -407,7 +407,7 @@ void smtp_get_user(long offset)
 
 	StrBufDecodeBase64(sSMTP->Cmd);
 
-	if (CtdlLoginExistingUser(NULL, ChrPtr(sSMTP->Cmd)) == login_ok) {
+	if (CtdlLoginExistingUser(ChrPtr(sSMTP->Cmd)) == login_ok) {
 		size_t len = CtdlEncodeBase64(buf, "Password:", 9, 0);
 
 		if (buf[len - 1] == '\n') {
@@ -492,10 +492,10 @@ void smtp_try_plain(long offset, long Flags)
 	sSMTP->command_state = smtp_command;
 
 	if (!IsEmptyStr(ident)) {
-		result = CtdlLoginExistingUser(user, ident);
+		result = CtdlLoginExistingUser(ident);
 	}
 	else {
-		result = CtdlLoginExistingUser(NULL, user);
+		result = CtdlLoginExistingUser(user);
 	}
 
 	if (result == login_ok) {
diff --git a/citadel/modules/xmpp/xmpp_sasl_service.c b/citadel/modules/xmpp/xmpp_sasl_service.c
index da7637498..1b2e98ae9 100644
--- a/citadel/modules/xmpp/xmpp_sasl_service.c
+++ b/citadel/modules/xmpp/xmpp_sasl_service.c
@@ -3,7 +3,7 @@
  *
  * Note: RFC3920 says we "must" support DIGEST-MD5 but we only support PLAIN.
  *
- * Copyright (c) 2007-2009 by Art Cancro
+ * Copyright (c) 2007-2018 by Art Cancro
  *
  * This program is open source software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3.
@@ -64,7 +64,7 @@ int xmpp_auth_plain(char *authstring)
 	char pass[256];
 	int result;
 	long len;
-
+	int i;
 
 	/* Take apart the authentication string */
 	memset(pass, 0, sizeof(pass));
@@ -80,16 +80,24 @@ int xmpp_auth_plain(char *authstring)
 	 * do not allow spaces so we can tell the user to substitute underscores if their
 	 * login name contains spaces.
 	 */
-	convert_spaces_to_underscores(ident);
-	convert_spaces_to_underscores(user);
+	for (i=0; ident[i]!=0; ++i) {
+		if (ident[i] == '_') {
+			ident[i] = ' ';
+		}
+	}
+	for (i=0; user[i]!=0; ++i) {
+		if (user[i] == '_') {
+			user[i] = ' ';
+		}
+	}
 
 	/* Now attempt authentication */
 
 	if (!IsEmptyStr(ident)) {
-		result = CtdlLoginExistingUser(user, ident);
+		result = CtdlLoginExistingUser(ident);
 	}
 	else {
-		result = CtdlLoginExistingUser(NULL, user);
+		result = CtdlLoginExistingUser(user);
 	}
 
 	if (result == login_ok) {
@@ -153,7 +161,7 @@ void xmpp_non_sasl_authenticate(char *iq_id, char *username, char *password) {
 
         if (CC->logged_in) CtdlUserLogout();  /* Client may try to log in twice.  Handle this. */
 
-	result = CtdlLoginExistingUser(NULL, username);
+	result = CtdlLoginExistingUser(username);
 	if (result == login_ok) {
 		result = CtdlTryPassword(password, strlen(password));
 		if (result == pass_ok) {
diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index dab7f296b..397907524 100644
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -475,15 +475,13 @@ int getuserbyuid(struct ctdluser *usbuf, uid_t number)
 
 /*
  * Back end for cmd_user() and its ilk
- *
- * NOTE: "authname" should only be used if we are attempting to use the "master user" feature
  */
-int CtdlLoginExistingUser(char *authname, const char *trythisname)
+int CtdlLoginExistingUser(const char *trythisname)
 {
 	char username[SIZ];
 	int found_user;
 
-	syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname);
+	syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s)", trythisname);
 
 	if ((CC->logged_in)) {
 		return login_already_logged_in;
@@ -497,16 +495,6 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname)
 		return login_not_found;
 	}
 
-	/* If a "master user" is defined, handle its authentication if specified */
-	CC->is_master = 0;
-	if (	(!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && 
-	    	(!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) &&
-		(authname != NULL) &&
-		(!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) )
-	{
-		CC->is_master = 1;
-	}
-
 	/* Continue attempting user validation... */
 	safestrncpy(username, trythisname, sizeof (username));
 	striplt(username);
@@ -725,7 +713,6 @@ void CtdlUserLogout(void)
 	/* Clear out the user record in memory so we don't behave like a ghost */
 	memset(&CCC->user, 0, sizeof(struct ctdluser));
 	CCC->curr_user[0] = 0;
-	CCC->is_master = 0;
 	CCC->cs_inet_email[0] = 0;
 	CCC->cs_inet_other_emails[0] = 0;
 	CCC->cs_inet_fn[0] = 0;
@@ -846,10 +833,6 @@ int CtdlTryPassword(const char *password, long len)
 		return pass_wrong_password;
 	}
 
-	if (CCC->is_master) {
-		code = strcmp(password, CtdlGetConfigStr("c_master_pass"));
-	}
-
 	else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) {
 
 		/* host auth mode */
diff --git a/textclient/tuiconfig.c b/textclient/tuiconfig.c
index 48e009750..80f0c94fe 100644
--- a/textclient/tuiconfig.c
+++ b/textclient/tuiconfig.c
@@ -261,19 +261,6 @@ void do_system_configuration(CtdlIPC * ipc)
 		sc[60][0] = 0;
 	}
 
-	/* Master user account */
-	int yes_muacct = 0;
-	if (strlen(sc[58]) > 0)
-		yes_muacct = 1;
-	yes_muacct = boolprompt("Enable a 'master user' account", yes_muacct);
-	if (yes_muacct) {
-		strprompt("Master user name", &sc[58][0], 31);
-		strprompt("Master user password", &sc[59][0], -31);
-	} else {
-		strcpy(&sc[58][0], "");
-		strcpy(&sc[59][0], "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx");
-	}
-
 	/* Save it */
 	scr_printf("Save this configuration? ");
 	if (yesno()) {
diff --git a/webcit/static/t/aide/siteconfig/tab_access.html b/webcit/static/t/aide/siteconfig/tab_access.html
index a1dfb7d9f..c334a3b77 100644
--- a/webcit/static/t/aide/siteconfig/tab_access.html
+++ b/webcit/static/t/aide/siteconfig/tab_access.html
@@ -30,14 +30,6 @@
 <tr><td><?_("Allow anonymous guest access")></td><td>
 <input type="checkbox" NAME="c_guest_logins" VALUE="yes" <?%("COND:SERVCFG", 1, "c_guest_logins", 1, "CHECKED", "")>></td></tr>
 
-<tr><td><?_("Master user name (blank to disable)")></td><td>
-<input type="text" NAME="c_master_user" MAXLENGTH="31" VALUE='<?SERV:CFG("c_master_user")>'></td></tr>
-
-<tr><td><?_("Master user password")></td><td>
-<input type="password" NAME="c_master_pass" MAXLENGTH="31" VALUE='<?SERV:CFG("c_master_pass")>'></td></tr>
-<tr><td colspan=2><hr></td></tr>
-
-
 <tr><td><?_("Initial access level for new users")></td><td>
 <select name="c_initax" size="1">
 	<option <?%("COND:SERVCFG", 1, "c_initax", 0, 'selected="selected"', "")> value="0">0 - <?_("Deleted")></option>
-- 
2.30.2