3 * UCC (University [of WA] Computer Club) Electronic Accounting System
5 * server.c - Client Server Code
7 * This file is licenced under the 3-clause BSD Licence. See the file
8 * COPYING for full details.
13 #include <sys/socket.h>
14 #include <netinet/in.h>
15 #include <arpa/inet.h>
20 #define HACK_TPG_NOAUTH 1
21 #define HACK_ROOT_NOAUTH 1
24 #define MAX_CONNECTION_QUEUE 5
25 #define INPUT_BUFFER_SIZE 256
27 #define HASH_TYPE SHA1
28 #define HASH_LENGTH 20
30 #define MSG_STR_TOO_LONG "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
33 typedef struct sClient
37 int bIsTrusted; // Is the connection from a trusted host/port
47 void Server_Start(void);
48 void Server_Cleanup(void);
49 void Server_HandleClient(int Socket, int bTrusted);
50 char *Server_ParseClientCommand(tClient *Client, char *CommandString);
52 char *Server_Cmd_USER(tClient *Client, char *Args);
53 char *Server_Cmd_PASS(tClient *Client, char *Args);
54 char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
55 char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
56 char *Server_Cmd_ITEMINFO(tClient *Client, char *Args);
57 char *Server_Cmd_DISPENSE(tClient *Client, char *Args);
58 char *Server_Cmd_GIVE(tClient *Client, char *Args);
59 char *Server_Cmd_ADD(tClient *Client, char *Args);
61 int GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash);
62 void HexBin(uint8_t *Dest, char *Src, int BufSize);
65 int giServer_Port = 1020;
66 int giServer_NextClientID = 1;
68 struct sClientCommand {
70 char *(*Function)(tClient *Client, char *Arguments);
71 } gaServer_Commands[] = {
72 {"USER", Server_Cmd_USER},
73 {"PASS", Server_Cmd_PASS},
74 {"AUTOAUTH", Server_Cmd_AUTOAUTH},
75 {"ENUM_ITEMS", Server_Cmd_ENUMITEMS},
76 {"ITEM_INFO", Server_Cmd_ITEMINFO},
77 {"DISPENSE", Server_Cmd_DISPENSE},
78 {"GIVE", Server_Cmd_GIVE},
79 {"ADD", Server_Cmd_ADD}
81 #define NUM_COMMANDS (sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))
86 * \brief Open listenting socket and serve connections
88 void Server_Start(void)
91 struct sockaddr_in server_addr, client_addr;
93 atexit(Server_Cleanup);
96 giServer_Socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
97 if( giServer_Socket < 0 ) {
98 fprintf(stderr, "ERROR: Unable to create server socket\n");
102 // Make listen address
103 memset(&server_addr, 0, sizeof(server_addr));
104 server_addr.sin_family = AF_INET; // Internet Socket
105 server_addr.sin_addr.s_addr = htonl(INADDR_ANY); // Listen on all interfaces
106 server_addr.sin_port = htons(giServer_Port); // Port
109 if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
110 fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port);
116 if( listen(giServer_Socket, MAX_CONNECTION_QUEUE) < 0 ) {
117 fprintf(stderr, "ERROR: Unable to listen to socket\n");
122 printf("Listening on 0.0.0.0:%i\n", giServer_Port);
126 uint len = sizeof(client_addr);
129 client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len);
130 if(client_socket < 0) {
131 fprintf(stderr, "ERROR: Unable to accept client connection\n");
135 if(giDebugLevel >= 2) {
136 char ipstr[INET_ADDRSTRLEN];
137 inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN);
138 printf("Client connection from %s:%i\n",
139 ipstr, ntohs(client_addr.sin_port));
142 // Trusted Connections
143 if( ntohs(client_addr.sin_port) < 1024 )
145 // TODO: Make this runtime configurable
146 switch( ntohl( client_addr.sin_addr.s_addr ) )
148 case 0x7F000001: // 127.0.0.1 localhost
149 //case 0x825E0D00: // 130.95.13.0
150 case 0x825E0D12: // 130.95.13.18 mussel
151 case 0x825E0D17: // 130.95.13.23 martello
159 // TODO: Multithread this?
160 Server_HandleClient(client_socket, bTrusted);
162 close(client_socket);
166 void Server_Cleanup(void)
168 printf("Close(%i)\n", giServer_Socket);
169 close(giServer_Socket);
173 * \brief Reads from a client socket and parses the command strings
174 * \param Socket Client socket number/handle
175 * \param bTrusted Is the client trusted?
177 void Server_HandleClient(int Socket, int bTrusted)
179 char inbuf[INPUT_BUFFER_SIZE];
181 int remspace = INPUT_BUFFER_SIZE-1;
183 tClient clientInfo = {0};
185 // Initialise Client info
186 clientInfo.ID = giServer_NextClientID ++;
187 clientInfo.bIsTrusted = bTrusted;
192 * - The `buf` and `remspace` variables allow a line to span several
193 * calls to recv(), if a line is not completed in one recv() call
194 * it is saved to the beginning of `inbuf` and `buf` is updated to
197 while( (bytes = recv(Socket, buf, remspace, 0)) > 0 )
200 buf[bytes] = '\0'; // Allow us to use stdlib string functions on it
204 while( (eol = strchr(start, '\n')) )
208 ret = Server_ParseClientCommand(&clientInfo, start);
209 // `ret` is a string on the heap
210 send(Socket, ret, strlen(ret), 0);
215 // Check if there was an incomplete line
216 if( *start != '\0' ) {
217 int tailBytes = bytes - (start-buf);
218 // Roll back in buffer
219 memcpy(inbuf, start, tailBytes);
220 remspace -= tailBytes;
222 send(Socket, MSG_STR_TOO_LONG, sizeof(MSG_STR_TOO_LONG), 0);
224 remspace = INPUT_BUFFER_SIZE - 1;
229 remspace = INPUT_BUFFER_SIZE - 1;
235 fprintf(stderr, "ERROR: Unable to recieve from client on socket %i\n", Socket);
239 if(giDebugLevel >= 2) {
240 printf("Client %i: Disconnected\n", clientInfo.ID);
245 * \brief Parses a client command and calls the required helper function
246 * \param Client Pointer to client state structure
247 * \param CommandString Command from client (single line of the command)
248 * \return Heap String to return to the client
250 char *Server_ParseClientCommand(tClient *Client, char *CommandString)
255 // Split at first space
256 space = strchr(CommandString, ' ');
266 for( i = 0; i < NUM_COMMANDS; i++ )
268 if(strcmp(CommandString, gaServer_Commands[i].Name) == 0)
269 return gaServer_Commands[i].Function(Client, args);
272 return strdup("400 Unknown Command\n");
279 * \brief Set client username
281 * Usage: USER <username>
283 char *Server_Cmd_USER(tClient *Client, char *Args)
289 printf("Client %i authenticating as '%s'\n", Client->ID, Args);
293 free(Client->Username);
294 Client->Username = strdup(Args);
297 // Create a salt (that changes if the username is changed)
298 // Yes, I know, I'm a little paranoid, but who isn't?
299 Client->Salt[0] = 0x21 + (rand()&0x3F);
300 Client->Salt[1] = 0x21 + (rand()&0x3F);
301 Client->Salt[2] = 0x21 + (rand()&0x3F);
302 Client->Salt[3] = 0x21 + (rand()&0x3F);
303 Client->Salt[4] = 0x21 + (rand()&0x3F);
304 Client->Salt[5] = 0x21 + (rand()&0x3F);
305 Client->Salt[6] = 0x21 + (rand()&0x3F);
306 Client->Salt[7] = 0x21 + (rand()&0x3F);
308 // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
309 // "100 Salt xxxxXXXX\n"
310 ret = strdup("100 SALT xxxxXXXX\n");
311 sprintf(ret, "100 SALT %s\n", Client->Salt);
313 ret = strdup("100 User Set\n");
319 * \brief Authenticate as a user
323 char *Server_Cmd_PASS(tClient *Client, char *Args)
325 uint8_t clienthash[HASH_LENGTH] = {0};
328 HexBin(clienthash, Args, HASH_LENGTH);
330 // TODO: Decrypt password passed
332 Client->UID = GetUserAuth(Client->Salt, Client->Username, clienthash);
334 if( Client->UID != -1 ) {
335 Client->bIsAuthed = 1;
336 return strdup("200 Auth OK\n");
341 printf("Client %i: Password hash ", Client->ID);
342 for(i=0;i<HASH_LENGTH;i++)
343 printf("%02x", clienthash[i]&0xFF);
347 return strdup("401 Auth Failure\n");
351 * \brief Authenticate as a user without a password
353 * Usage: AUTOAUTH <user>
355 char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
357 char *spos = strchr(Args, ' ');
358 if(spos) *spos = '\0'; // Remove characters after the ' '
361 if( !Client->bIsTrusted ) {
363 printf("Client %i: Untrusted client attempting to AUTOAUTH\n", Client->ID);
364 return strdup("401 Untrusted\n");
368 Client->UID = GetUserID( Args );
369 if( Client->UID < 0 ) {
371 printf("Client %i: Unknown user '%s'\n", Client->ID, Args);
372 return strdup("401 Auth Failure\n");
376 printf("Client %i: Authenticated as '%s' (%i)\n", Client->ID, Args, Client->UID);
378 return strdup("200 Auth OK\n");
382 * \brief Enumerate the items that the server knows about
384 char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args)
390 retLen = snprintf(NULL, 0, "201 Items %i", giNumItems);
392 for( i = 0; i < giNumItems; i ++ )
394 retLen += snprintf(NULL, 0, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID);
397 ret = malloc(retLen+1);
399 retLen += sprintf(ret+retLen, "201 Items %i", giNumItems);
401 for( i = 0; i < giNumItems; i ++ ) {
402 retLen += sprintf(ret+retLen, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID);
410 tItem *_GetItemFromString(char *String)
414 char *colon = strchr(String, ':');
426 for( i = 0; i < giNumHandlers; i ++ )
428 if( strcmp(gaHandlers[i]->Name, type) == 0) {
429 handler = gaHandlers[i];
438 for( i = 0; i < giNumItems; i ++ )
440 if( gaItems[i].Handler != handler ) continue;
441 if( gaItems[i].ID != num ) continue;
448 * \brief Fetch information on a specific item
450 char *Server_Cmd_ITEMINFO(tClient *Client, char *Args)
454 tItem *item = _GetItemFromString(Args);
457 return strdup("406 Bad Item ID\n");
461 retLen = snprintf(NULL, 0, "202 Item %s:%i %i %s\n",
462 item->Handler->Name, item->ID, item->Price, item->Name);
463 ret = malloc(retLen+1);
464 sprintf(ret, "202 Item %s:%i %i %s\n",
465 item->Handler->Name, item->ID, item->Price, item->Name);
470 char *Server_Cmd_DISPENSE(tClient *Client, char *Args)
474 if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
476 item = _GetItemFromString(Args);
478 return strdup("406 Bad Item ID\n");
481 switch( ret = DispenseItem( Client->UID, item ) )
483 case 0: return strdup("200 Dispense OK\n");
484 case 1: return strdup("501 Unable to dispense\n");
485 case 2: return strdup("402 Poor You\n");
487 return strdup("500 Dispense Error\n");
491 char *Server_Cmd_GIVE(tClient *Client, char *Args)
493 char *recipient, *ammount, *reason;
496 if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
500 ammount = strchr(Args, ' ');
501 if( !ammount ) return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n");
505 reason = strchr(ammount, ' ');
506 if( !reason ) return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n");
511 uid = GetUserID(recipient);
512 if( uid == -1 ) return strdup("404 Invalid target user");
515 iAmmount = atoi(ammount);
516 if( iAmmount <= 0 ) return strdup("407 Invalid Argument, ammount must be > zero\n");
519 switch( DispenseGive(Client->UID, uid, iAmmount, reason) )
522 return strdup("200 Give OK\n");
524 return strdup("402 Poor You\n");
526 return strdup("500 Unknown error\n");
530 char *Server_Cmd_ADD(tClient *Client, char *Args)
532 char *user, *ammount, *reason;
535 if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
539 ammount = strchr(Args, ' ');
540 if( !ammount ) return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n");
544 reason = strchr(ammount, ' ');
545 if( !reason ) return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n");
550 uid = GetUserID(user);
551 if( uid == -1 ) return strdup("404 Invalid user");
554 iAmmount = atoi(ammount);
555 if( iAmmount == 0 && ammount[0] != '0' ) return strdup("407 Invalid Argument, ammount must be > zero\n");
558 switch( DispenseAdd(uid, Client->UID, iAmmount, reason) )
561 return strdup("200 Add OK\n");
563 return strdup("402 Poor Guy\n");
565 return strdup("500 Unknown error\n");
570 * \brief Authenticate a user
571 * \return User ID, or -1 if authentication failed
573 int GetUserAuth(const char *Salt, const char *Username, const uint8_t *ProvidedHash)
577 int ofs = strlen(Username) + strlen(Salt);
578 char input[ ofs + 40 + 1];
579 char tmp[4 + strlen(Username) + 1]; // uid=%s
583 if( strcmp(Username, "tpg") == 0 )
584 return GetUserID("tpg");
587 if( strcmp(Username, "root") == 0 )
588 return GetUserID("root");
593 strcpy(input, Username);
595 // TODO: Get user's SHA-1 hash
596 sprintf(tmp, "uid=%s", Username);
597 ldap_search_s(ld, "", LDAP_SCOPE_BASE, tmp, "userPassword", 0, res);
599 sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
600 h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
601 h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
603 // Then create the hash from the provided salt
604 // Compare that with the provided hash
610 // --- INTERNAL HELPERS ---
611 // TODO: Move to another file
612 void HexBin(uint8_t *Dest, char *Src, int BufSize)
615 for( i = 0; i < BufSize; i ++ )
619 if('0' <= *Src && *Src <= '9')
620 val |= (*Src-'0') << 4;
621 else if('A' <= *Src && *Src <= 'F')
622 val |= (*Src-'A'+10) << 4;
623 else if('a' <= *Src && *Src <= 'f')
624 val |= (*Src-'a'+10) << 4;
629 if('0' <= *Src && *Src <= '9')
631 else if('A' <= *Src && *Src <= 'F')
632 val |= (*Src-'A'+10);
633 else if('a' <= *Src && *Src <= 'f')
634 val |= (*Src-'a'+10);
641 for( ; i < BufSize; i++ )
646 * \brief Decode a Base64 value
648 int UnBase64(uint8_t *Dest, char *Src, int BufSize)
652 char *start_src = Src;
654 for( i = 0; i+2 < BufSize; i += 3 )
657 for( j = 0; j < 4; j++, Src ++ ) {
658 if('A' <= *Src && *Src <= 'Z')
659 val |= (*Src - 'A') << ((3-j)*6);
660 else if('a' <= *Src && *Src <= 'z')
661 val |= (*Src - 'a' + 26) << ((3-j)*6);
662 else if('0' <= *Src && *Src <= '9')
663 val |= (*Src - '0' + 52) << ((3-j)*6);
665 val |= 62 << ((3-j)*6);
667 val |= 63 << ((3-j)*6);
671 j --; // Ignore invalid characters
673 Dest[i ] = (val >> 16) & 0xFF;
674 Dest[i+1] = (val >> 8) & 0xFF;
675 Dest[i+2] = val & 0xFF;
681 Dest[i] = (val >> 16) & 0xFF;
683 Dest[i+1] = (val >> 8) & 0xFF;
685 return Src - start_src;