cdbfr->ptr = NULL; /* clear this so that cdb_free() doesn't free it */
cdb_free(cdbfr); /* we own this memory now */
- /*
- * We cache the most recent msglist in order to do security checks later
- */
- if (CC->client_socket > 0) {
- if (CC->cached_msglist != NULL) {
- free(CC->cached_msglist);
- }
-
- CC->cached_msglist = msglist;
- CC->cached_num_msgs = num_msgs;
- syslog(LOG_DEBUG, "\033[34m RELOAD \033[0m\n");
- }
-
/*
* Now begin the traversal.
*/
}
}
if (need_to_free_re) regfree(&re);
- if (CC->client_socket <= 0) free(msglist);
+
+ /*
+ * We cache the most recent msglist in order to do security checks later
+ */
+ if (CC->client_socket > 0) {
+ if (CC->cached_msglist != NULL) {
+ free(CC->cached_msglist);
+ }
+ CC->cached_msglist = msglist;
+ CC->cached_num_msgs = num_msgs;
+ }
+ else {
+ free(msglist);
+ }
+
return num_processed;
}
int max = (CC->cached_num_msgs - 1);
while (max >= min) {
- syslog(LOG_DEBUG, "\033[35m Checking from %d to %d \033[0m\n", min, max);
int middle = min + (max-min) / 2 ;
if (msgnum == CC->cached_msglist[middle]) {
return om_ok;
return(r);
}
+ /*
+ * Check to make sure the message is actually IN this room
+ */
r = check_cached_msglist(msg_num);
- if (r == om_ok) {
- syslog(LOG_DEBUG, "\033[32m PASS \033[0m\n");
+ if (r == om_access_denied) {
+ /* Not in the cache? We get ONE shot to check it again. */
+ CtdlForEachMessage(MSGS_ALL, 0L, NULL, NULL, NULL, NULL, NULL);
+ r = check_cached_msglist(msg_num);
}
- else {
- syslog(LOG_DEBUG, "\033[31m FAIL \033[0m\n");
+ if (r != om_ok) {
+ syslog(LOG_DEBUG, "Security check fail: message %ld is not in %s\n",
+ msg_num, CC->room.QRname
+ );
+ if (do_proto) {
+ if (r == om_access_denied) {
+ cprintf("%d message %ld was not found in this room\n",
+ ERROR + HIGHER_ACCESS_REQUIRED,
+ msg_num
+ );
+ }
+ }
+ return(r);
}
- /* FIXME after testing, this is where we deny access */
/*
* Fetch the message from disk. If we're in HEADERS_FAST mode,
/* Get a new message number */
newmsgid = get_new_message_number();
- snprintf(msgidbuf, sizeof msgidbuf, "%010ld@%s", newmsgid, config.c_fqdn);
+ snprintf(msgidbuf, sizeof msgidbuf, "%08lX-%08lX@%s",
+ (long unsigned int) time(NULL),
+ (long unsigned int) newmsgid,
+ config.c_fqdn
+ );
/* Generate an ID if we don't have one already */
if (msg->cm_fields['I']==NULL) {