-CFLAGS := -Wall -Werror -g
+CFLAGS := -Wall -Werror -g -std=gnu99
LDFLAGS := -g -lncurses
# -lssl
return -1;
}
-// printf("geteuid() = %i, getuid() = %i\n", geteuid(), getuid());
-
if( geteuid() == 0 || getuid() == 0 )
{
int i;
}
if( i == 1024 )
printf("Warning: AUTOAUTH unavaliable\n");
-// else
-// printf("Bound to 0.0.0.0:%i\n", i);
}
if( connect(sock, (struct sockaddr *) &serverAddr, sizeof(serverAddr)) < 0 ) {
return 0;
}
+int DispenseCheckPin(int Socket, const char *Username, const char *Pin)
+{
+ int ret, responseCode;
+ char *buf;
+
+ if( strlen(Pin) != 4 ) {
+ fprintf(stderr, "Pin format incorrect (not 4 characters long)\n");
+ return RV_ARGUMENTS;
+ }
+
+ for( int i = 0; i < 4; i ++ )
+ if( !isdigit(Pin[i]) ) {
+ fprintf(stderr, "Pin format incorrect (character %i not a digit)\n", i);
+ return RV_ARGUMENTS;
+ }
+ }
+
+ sendf(Socket, "CHECK_PIN %s %s\n", Username, Pin);
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+ switch( responseCode )
+ {
+ case 200: // Pin correct
+ printf("Pin OK\n");
+ ret = 0;
+ break;
+ case 201:
+ printf("Pin incorrect\n");
+ ret = RV_INVALID_USER;
+ break;
+ case 401:
+ printf("Not authenticated\n");
+ ret = RV_PERMISSIONS;
+ break;
+ case 403:
+ printf("Only coke members can check accounts other than their own\n");
+ ret = RV_PERMISSIONS;
+ break;
+ case 404:
+ printf("User '%s' not found\n", Username);
+ ret = RV_INVALID_USER;
+ break;
+ case 407:
+ printf("Rate limited or client-server disagree on pin format\n");
+ ret = RV_SERVER_ERROR;
+ break;
+ default:
+ printf("Unknown response code %i ('%s')\n", responseCode, buf);
+ ret = RV_UNKNOWN_ERROR;
+ break;
+ }
+ free(buf);
+ return ret;
+}
+
/**
* \brief Dispense an item
* \return Boolean Failure
sendf(Client->Socket, "404 User not found\n");
return ;
}
- // Disabled only avaliable to admins
- if( eUserFlags & USER_FLAG_DISABLED ) {
- Client->EffectiveUID = -1;
- sendf(Client->Socket, "403 Account disabled\n");
- return ;
- }
}
// Disabled accounts
- if( userFlags & USER_FLAG_DISABLED ) {
+ // - If disabled and the actual user is not an admin (and not root)
+ // return 403
+ if( (eUserFlags & USER_FLAG_DISABLED) && (Client->UID == 0 || !(userFlags & USER_FLAG_ADMIN)) ) {
Client->EffectiveUID = -1;
sendf(Client->Socket, "403 Account disabled\n");
return ;
uid = Client->UID;
}
+// if( Bank_GetFlags(Client->UID) & USER_FLAG_DISABLED ) {
+// }
+
switch( ret = DispenseItem( Client->UID, uid, item ) )
{
case 0: sendf(Client->Socket, "200 Dispense OK\n"); return ;
return ;
}
- // Check user permissions
- if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
- sendf(Client->Socket, "403 Not in coke\n");
- return ;
- }
-
// Get user
int uid = Bank_GetAcctByName(username, 0);
if( uid == -1 ) {
return ;
}
+ // Check user permissions
+ if( uid != Client->UID && !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
// Get the pin
static time_t last_wrong_pin_time;
static int backoff = 1;
last_wrong_pin_time = time(NULL);
if( !Bank_IsPinValid(uid, pin) )
{
- sendf(Client->Socket, "403 Pin incorrect\n");
+ sendf(Client->Socket, "201 Pin incorrect\n");
if( backoff < 5)
backoff ++;
return ;
git.ucc.asn.au / tpg / opendispense2.git / commitdiff
UCC git Repository :: git.ucc.asn.au