X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fuser_ops.c;h=c5eeabd2cbca8bd9fec607d7d10fc542f15af69d;hb=bdfa2e9b6af7e32b11461433a28dd6551f830888;hp=32af98e9105ec3cc5a1c230aac8631fd70f73891;hpb=4c784ba6a0328985908081a7f0991894960eaa2a;p=citadel.git

diff --git a/citadel/user_ops.c b/citadel/user_ops.c
index 32af98e91..c5eeabd2c 100644
--- a/citadel/user_ops.c
+++ b/citadel/user_ops.c
@@ -1,7 +1,7 @@
 /* 
  * Server functions which perform operations on user objects.
  *
- * Copyright (c) 1987-2017 by the citadel.org team
+ * Copyright (c) 1987-2019 by the citadel.org team
  *
  * This program is open source software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License, version 3.
@@ -32,6 +32,41 @@ int chkpwd_write_pipe[2];
 int chkpwd_read_pipe[2];
 
 
+
+/*
+ * Trim a string down to the maximum username size and return the new length
+ */
+long cutusername(char *username) { 
+	long len;
+	len = strlen(username);
+	if (len >= USERNAME_SIZE)
+	{
+		syslog(LOG_INFO, "Username too long: %s", username);
+		len = USERNAME_SIZE - 1; 
+		username[len]='\0';
+	}
+	return len;
+}
+
+
+/*
+ * makeuserkey() - convert a username into the format used as a database key
+ *		 (it's just the username converted into lower case)
+ */
+void makeuserkey(char *key, const char *username, long len) {
+	int i;
+
+	if (len >= USERNAME_SIZE)
+	{
+		syslog(LOG_INFO, "Username too long: %s", username);
+		len = USERNAME_SIZE - 1; 
+	}
+	for (i=0; i<=len; ++i) {
+		key[i] = tolower(username[i]);
+	}
+}
+
+
 /*
  * CtdlGetUser()	retrieve named user into supplied buffer.
  *			returns 0 on success
@@ -40,7 +75,7 @@ int CtdlGetUser(struct ctdluser *usbuf, char *name)
 {
 	char usernamekey[USERNAME_SIZE];
 	struct cdbdata *cdbus;
-	long len = cutuserkey(name);
+	long len = cutusername(name);
 
 	if (usbuf != NULL) {
 		memset(usbuf, 0, sizeof(struct ctdluser));
@@ -89,7 +124,7 @@ void CtdlPutUser(struct ctdluser *usbuf)
 {
 	char usernamekey[USERNAME_SIZE];
 
-	makeuserkey(usernamekey, usbuf->fullname, cutuserkey(usbuf->fullname));
+	makeuserkey(usernamekey, usbuf->fullname, cutusername(usbuf->fullname));
 	usbuf->version = REV_LEVEL;
 	cdb_store(CDB_USERS, usernamekey, strlen(usernamekey), usbuf, sizeof(struct ctdluser));
 }
@@ -125,8 +160,8 @@ int rename_user(char *oldname, char *newname) {
 	char newnamekey[USERNAME_SIZE];
 
 	/* Create the database keys... */
-	makeuserkey(oldnamekey, oldname, cutuserkey(oldname));
-	makeuserkey(newnamekey, newname, cutuserkey(newname));
+	makeuserkey(oldnamekey, oldname, cutusername(oldname));
+	makeuserkey(newnamekey, newname, cutusername(newname));
 
 	/* Lock up and get going */
 	begin_critical_section(S_USERS);
@@ -475,15 +510,13 @@ int getuserbyuid(struct ctdluser *usbuf, uid_t number)
 
 /*
  * Back end for cmd_user() and its ilk
- *
- * NOTE: "authname" should only be used if we are attempting to use the "master user" feature
  */
-int CtdlLoginExistingUser(char *authname, const char *trythisname)
+int CtdlLoginExistingUser(const char *trythisname)
 {
 	char username[SIZ];
 	int found_user;
 
-	syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s, %s)", authname, trythisname);
+	syslog(LOG_DEBUG, "user_ops: CtdlLoginExistingUser(%s)", trythisname);
 
 	if ((CC->logged_in)) {
 		return login_already_logged_in;
@@ -497,16 +530,6 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname)
 		return login_not_found;
 	}
 
-	/* If a "master user" is defined, handle its authentication if specified */
-	CC->is_master = 0;
-	if (	(!IsEmptyStr(CtdlGetConfigStr("c_master_user"))) && 
-	    	(!IsEmptyStr(CtdlGetConfigStr("c_master_pass"))) &&
-		(authname != NULL) &&
-		(!strcasecmp(authname, CtdlGetConfigStr("c_master_user"))) )
-	{
-		CC->is_master = 1;
-	}
-
 	/* Continue attempting user validation... */
 	safestrncpy(username, trythisname, sizeof (username));
 	striplt(username);
@@ -541,9 +564,7 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname)
 			return login_not_found;
 		}
 	
-		/* Locate the associated Citadel account.
-		 * If not found, make one attempt to create it.
-		 */
+		/* Locate the associated Citadel account.  If not found, make one attempt to create it. */
 		found_user = getuserbyuid(&CC->user, pd.pw_uid);
 		if (found_user != 0) {
 			create_user(username, CREATE_USER_DO_NOT_BECOME_USER, pd.pw_uid);
@@ -619,66 +640,57 @@ int CtdlLoginExistingUser(char *authname, const char *trythisname)
  */
 void do_login(void)
 {
-	struct CitContext *CCC = CC;
+	CC->logged_in = 1;
+	syslog(LOG_NOTICE, "user_ops: <%s> logged in", CC->curr_user);
 
-	CCC->logged_in = 1;
-	syslog(LOG_NOTICE, "user_ops: <%s> logged in", CCC->curr_user);
-
-	CtdlGetUserLock(&CCC->user, CCC->curr_user);
-	++(CCC->user.timescalled);
-	CCC->previous_login = CCC->user.lastcall;
-	time(&CCC->user.lastcall);
+	CtdlGetUserLock(&CC->user, CC->curr_user);
+	++(CC->user.timescalled);
+	CC->previous_login = CC->user.lastcall;
+	time(&CC->user.lastcall);
 
 	/* If this user's name is the name of the system administrator
 	 * (as specified in setup), automatically assign access level 6.
 	 */
-	if (!strcasecmp(CCC->user.fullname, CtdlGetConfigStr("c_sysadm"))) {
-		CCC->user.axlevel = AxAideU;
+	if ( (!IsEmptyStr(CtdlGetConfigStr("c_sysadm"))) && (!strcasecmp(CC->user.fullname, CtdlGetConfigStr("c_sysadm"))) ) {
+		CC->user.axlevel = AxAideU;
 	}
 
-	/* If we're authenticating off the host system, automatically give
-	 * root the highest level of access.
-	 */
+	/* If we're authenticating off the host system, automatically give root the highest level of access. */
 	if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) {
-		if (CCC->user.uid == 0) {
-			CCC->user.axlevel = AxAideU;
+		if (CC->user.uid == 0) {
+			CC->user.axlevel = AxAideU;
 		}
 	}
-	CtdlPutUserLock(&CCC->user);
+	CtdlPutUserLock(&CC->user);
 
-	/*
-	 * If we are using LDAP authentication, extract the user's email addresses from the directory.
-	 */
+	/* If we are using LDAP authentication, extract the user's email addresses from the directory. */
 #ifdef HAVE_LDAP
 	if ((CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP) || (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_LDAP_AD)) {
 		char new_emailaddrs[512];
 		if (CtdlGetConfigInt("c_ldap_sync_email_addrs") > 0) {
-			if (extract_email_addresses_from_ldap(CCC->ldap_dn, new_emailaddrs) == 0) {
-				CtdlSetEmailAddressesForUser(CCC->user.fullname, new_emailaddrs);
+			if (extract_email_addresses_from_ldap(CC->ldap_dn, new_emailaddrs) == 0) {
+				CtdlSetEmailAddressesForUser(CC->user.fullname, new_emailaddrs);
 			}
 		}
 	}
 #endif
 
-	/*
-	 * No email address for user?  Make one up.	(commented out because it appears to break things)
-	if (IsEmptyStr(CCC->user.emailaddrs)) {
-		sprintf(CCC->user.emailaddrs, "cit%ld@%s", CCC->user.usernum, CtdlGetConfigStr("c_fqdn"));
+	/* If the user does not have any email addresses assigned, generate one. */
+	if (IsEmptyStr(CC->user.emailaddrs)) {
+		AutoGenerateEmailAddressForUser(&CC->user);
 	}
-	 */
-	
 
 	/*
 	 * Populate cs_inet_email and cs_inet_other_emails with valid email addresses from the user record
 	 */
-	strcpy(CCC->cs_inet_email, CCC->user.emailaddrs);
-	char *firstsep = strstr(CCC->cs_inet_email, "|");
+	strcpy(CC->cs_inet_email, CC->user.emailaddrs);
+	char *firstsep = strstr(CC->cs_inet_email, "|");
 	if (firstsep) {
-		strcpy(CCC->cs_inet_other_emails, firstsep+1);
+		strcpy(CC->cs_inet_other_emails, firstsep+1);
 		*firstsep = 0;
 	}
 	else {
-		CCC->cs_inet_other_emails[0] = 0;
+		CC->cs_inet_other_emails[0] = 0;
 	}
 
 	/* Create any personal rooms required by the system.
@@ -723,12 +735,9 @@ void CtdlUserLogout(void)
 	 * since it's possible to log in again without reconnecting, we cannot
 	 * make that assumption.
 	 */
-	strcpy(CCC->fake_username, "");
-	strcpy(CCC->fake_hostname, "");
-	strcpy(CCC->fake_roomname, "");
 	CCC->logged_in = 0;
 
-	/* Check to see if the user was deleted whilst logged in and purge them if necessary */
+	/* Check to see if the user was deleted while logged in and purge them if necessary */
 	if ((CCC->user.axlevel == AxDeleted) && (CCC->user.usernum)) {
 		purge_user(CCC->user.fullname);
 	}
@@ -736,13 +745,9 @@ void CtdlUserLogout(void)
 	/* Clear out the user record in memory so we don't behave like a ghost */
 	memset(&CCC->user, 0, sizeof(struct ctdluser));
 	CCC->curr_user[0] = 0;
-	CCC->is_master = 0;
 	CCC->cs_inet_email[0] = 0;
 	CCC->cs_inet_other_emails[0] = 0;
 	CCC->cs_inet_fn[0] = 0;
-	CCC->fake_username[0] = 0;
-	CCC->fake_hostname[0] = 0;
-	CCC->fake_roomname[0] = 0;
 
 	/* Free any output buffers */
 	unbuffer_output();
@@ -857,10 +862,6 @@ int CtdlTryPassword(const char *password, long len)
 		return pass_wrong_password;
 	}
 
-	if (CCC->is_master) {
-		code = strcmp(password, CtdlGetConfigStr("c_master_pass"));
-	}
-
 	else if (CtdlGetConfigInt("c_auth_mode") == AUTHMODE_HOST) {
 
 		/* host auth mode */
@@ -946,11 +947,12 @@ int purge_user(char pname[])
 	struct ctdluser usbuf;
 	char usernamekey[USERNAME_SIZE];
 
-	makeuserkey(usernamekey, pname, cutuserkey(pname));
+	makeuserkey(usernamekey, pname, cutusername(pname));
 
 	/* If the name is empty we can't find them in the DB any way so just return */
-	if (IsEmptyStr(pname))
+	if (IsEmptyStr(pname)) {
 		return(ERROR + NO_SUCH_USER);
+	}
 
 	if (CtdlGetUser(&usbuf, pname) != 0) {
 		syslog(LOG_ERR, "user_ops: cannot purge user <%s> - not found", pname);