- int ofs = strlen(pwd->pw_name)+strlen(salt);
- char tmpBuf[42];
- char tmp[ofs+20];
- char *pass = getpass("Password: ");
- uint8_t h[20];
-
- // Create hash string
- // <username><salt><hash>
- strcpy(tmp, pwd->pw_name);
- strcat(tmp, salt);
- SHA1( (unsigned char*)pass, strlen(pass), h );
- memcpy(tmp+ofs, h, 20);
-
- // Hash all that
- SHA1( (unsigned char*)tmp, ofs+20, h );
- sprintf(tmpBuf, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
- h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
- h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
- );
-
- // Send password
- sendf(Socket, "PASS %s\n", tmpBuf);
- buf = ReadLine(Socket);
-
- responseCode = atoi(buf);
- // Auth OK?
- if( responseCode == 200 ) break;
- // Bad username/password
- if( responseCode == 401 ) continue;
-
- fprintf(stderr, "Unknown repsonse code %i from server\n%s\n", responseCode, buf);
- free(buf);
- return RV_UNKNOWN_ERROR;
- }
- free(buf);
- if( i == 3 )
- return RV_INVALID_USER; // 2 = Bad Password
-
- #else
- fprintf(stderr, "Untrusted host, AUTOAUTH unavaliable\n");
- return RV_INVALID_USER;
- #endif
- break;
-
- case 404: // Bad Username
- fprintf(stderr, "Bad Username '%s'\n", pwd->pw_name);
- free(buf);
- return RV_INVALID_USER;
-
- default:
- fprintf(stderr, "Unkown response code %i from server\n", responseCode);
- printf("%s\n", buf);
- free(buf);
- return RV_UNKNOWN_ERROR;
- }
-
- // Set effective user
- if( gsEffectiveUser ) {
- sendf(Socket, "SETEUSER %s\n", gsEffectiveUser);
-
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
-
- switch(responseCode)
- {
- case 200:
- printf("Running as '%s' by '%s'\n", gsEffectiveUser, pwd->pw_name);
- break;
-
- case 403:
- printf("Only coke members can use `dispense -u`\n");
- free(buf);
- return RV_PERMISSIONS;
-
- case 404:
- printf("Invalid user selected\n");
- free(buf);
- return RV_INVALID_USER;
-
- default:
- fprintf(stderr, "Unkown response code %i from server\n", responseCode);
- printf("%s\n", buf);
- free(buf);
- return RV_UNKNOWN_ERROR;
- }
-
- free(buf);
- }
-
- gbIsAuthenticated = 1;
-
- return 0;
-}
-
-int GetUserBalance(int Socket)
-{
- regmatch_t matches[6];
- struct passwd *pwd;
- char *buf;
- int responseCode;
-
- if( !gsUserName )
- {
- if( gsEffectiveUser ) {
- gsUserName = gsEffectiveUser;
- }
- else {
- pwd = getpwuid( getuid() );
- gsUserName = strdup(pwd->pw_name);
- }
- }
-
- sendf(Socket, "USER_INFO %s\n", gsUserName);
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
- switch(responseCode)
- {
- case 202: break; // Ok
-
- case 404:
- printf("Invalid user? (USER_INFO failed)\n");
- free(buf);
- return RV_INVALID_USER;
-
- default:
- fprintf(stderr, "Unkown response code %i from server\n", responseCode);
- printf("%s\n", buf);
- free(buf);
- return RV_UNKNOWN_ERROR;
- }
-
- RunRegex(&gUserInfoRegex, buf, 6, matches, "Malformed server response");
-
- giUserBalance = atoi( buf + matches[4].rm_so );
- gsUserFlags = strdup( buf + matches[5].rm_so );
-
- free(buf);
-
- return 0;
-}
-
-/**
- * \brief Read an item info response from the server
- * \param Dest Destination for the read item (strings will be on the heap)
- */
-int ReadItemInfo(int Socket, tItem *Dest)
-{
- char *buf;
- int responseCode;
-
- regmatch_t matches[8];
- char *statusStr;
-
- // Get item info
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
-
- switch(responseCode)
- {
- case 202: break;
-
- case 406:
- printf("Bad item name\n");
- free(buf);
- return RV_BAD_ITEM;
-
- default:
- fprintf(stderr, "Unknown response from dispense server (Response Code %i)\n%s", responseCode, buf);
- free(buf);
- return RV_UNKNOWN_ERROR;
- }
-
- RunRegex(&gItemRegex, buf, 8, matches, "Malformed server response");
-
- buf[ matches[3].rm_eo ] = '\0';
- buf[ matches[5].rm_eo ] = '\0';
- buf[ matches[7].rm_eo ] = '\0';
-
- statusStr = &buf[ matches[5].rm_so ];
-
- Dest->ID = atoi( buf + matches[4].rm_so );
-
- if( strcmp(statusStr, "avail") == 0 )
- Dest->Status = 0;
- else if( strcmp(statusStr, "sold") == 0 )
- Dest->Status = 1;
- else if( strcmp(statusStr, "error") == 0 )
- Dest->Status = -1;
- else {
- fprintf(stderr, "Unknown response from dispense server (status '%s')\n",
- statusStr);
- return RV_UNKNOWN_ERROR;
- }
- Dest->Price = atoi( buf + matches[6].rm_so );
-
- // Hack a little to reduce heap fragmentation
- {
- char tmpType[strlen(buf + matches[3].rm_so) + 1];
- char tmpDesc[strlen(buf + matches[7].rm_so) + 1];
- strcpy(tmpType, buf + matches[3].rm_so);
- strcpy(tmpDesc, buf + matches[7].rm_so);
- free(buf);
- Dest->Type = strdup( tmpType );
- Dest->Desc = strdup( tmpDesc );
- }
-
- return 0;
-}
-
-/**
- * \brief Fill the item information structure
- * \return Boolean Failure
- */
-void PopulateItemList(int Socket)
-{
- char *buf;
- int responseCode;
-
- char *itemType, *itemStart;
- int count, i;
- regmatch_t matches[4];
-
- // Ask server for stock list
- send(Socket, "ENUM_ITEMS\n", 11, 0);
- buf = ReadLine(Socket);
-
- //printf("Output: %s\n", buf);
-
- responseCode = atoi(buf);
- if( responseCode != 201 ) {
- fprintf(stderr, "Unknown response from dispense server (Response Code %i)\n", responseCode);
- exit(RV_UNKNOWN_ERROR);
- }
-
- // - Get item list -
-
- // Expected format:
- // 201 Items <count>
- // 202 Item <count>
- RunRegex(&gArrayRegex, buf, 4, matches, "Malformed server response");
-
- itemType = &buf[ matches[2].rm_so ]; buf[ matches[2].rm_eo ] = '\0';
- count = atoi( &buf[ matches[3].rm_so ] );
-
- // Check array type
- if( strcmp(itemType, "Items") != 0 ) {
- // What the?!
- fprintf(stderr, "Unexpected array type, expected 'Items', got '%s'\n",
- itemType);
- exit(RV_UNKNOWN_ERROR);
- }
-
- itemStart = &buf[ matches[3].rm_eo ];
-
- free(buf);
-
- giNumItems = count;
- gaItems = malloc( giNumItems * sizeof(tItem) );
-
- // Fetch item information
- for( i = 0; i < giNumItems; i ++ )
- {
- ReadItemInfo( Socket, &gaItems[i] );
- }
-
- // Read end of list
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
-
- if( responseCode != 200 ) {
- fprintf(stderr, "Unknown response from dispense server %i\n'%s'",
- responseCode, buf
- );
- exit(-1);
- }
-
- free(buf);
-}
-
-
-/**
- * \brief Get information on an item
- * \return Boolean Failure
- */
-int Dispense_ItemInfo(int Socket, const char *Type, int ID)
-{
- tItem item;
- int ret;
-
- // Query
- sendf(Socket, "ITEM_INFO %s:%i\n", Type, ID);
-
- ret = ReadItemInfo(Socket, &item);
- if(ret) return ret;
-
- printf("%8s:%-2i %2i.%02i %s\n",
- item.Type, item.ID,
- item.Price/100, item.Price%100,
- item.Desc);
-
- free(item.Type);
- free(item.Desc);
-
- return 0;
-}
-
-/**
- * \brief Dispense an item
- * \return Boolean Failure
- */
-int DispenseItem(int Socket, const char *Type, int ID)
-{
- int ret, responseCode;
- char *buf;
-
- // Check for a dry run
- if( gbDryRun ) {
- printf("Dry Run - No action\n");
- return 0;
- }
-
- // Dispense!
- sendf(Socket, "DISPENSE %s:%i\n", Type, ID);
- buf = ReadLine(Socket);
-
- responseCode = atoi(buf);
- switch( responseCode )
- {
- case 200:
- printf("Dispense OK\n");
- ret = 0;
- break;
- case 401:
- printf("Not authenticated\n");
- ret = RV_PERMISSIONS;
- break;
- case 402:
- printf("Insufficient balance\n");
- ret = RV_BALANCE;
- break;
- case 406:
- printf("Bad item name\n");
- ret = RV_BAD_ITEM;
- break;
- case 500:
- printf("Item failed to dispense, is the slot empty?\n");
- ret = RV_SERVER_ERROR;
- break;
- case 501:
- printf("Dispense not possible (slot empty/permissions)\n");
- ret = RV_SERVER_ERROR;
- break;
- default:
- printf("Unknown response code %i ('%s')\n", responseCode, buf);
- ret = RV_UNKNOWN_ERROR;
- break;
- }
-
- free(buf);
- return ret;
-}
-
-/**
- * \brief Alter a user's balance
- */
-int Dispense_AlterBalance(int Socket, const char *Username, int Ammount, const char *Reason)
-{
- char *buf;
- int responseCode;
-
- // Check for a dry run
- if( gbDryRun ) {
- printf("Dry Run - No action\n");
- return 0;
- }
-
- // Sanity
- if( Ammount == 0 ) {
- printf("An ammount would be nice\n");
- return RV_ARGUMENTS;
- }
-
- sendf(Socket, "ADD %s %i %s\n", Username, Ammount, Reason);
- buf = ReadLine(Socket);
-
- responseCode = atoi(buf);
- free(buf);
-
- switch(responseCode)
- {
- case 200: return 0; // OK
- case 402:
- fprintf(stderr, "Insufficient balance\n");
- return RV_BAD_ITEM;
- case 403: // Not in coke
- fprintf(stderr, "You are not in coke (sucker)\n");
- return RV_PERMISSIONS;
- case 404: // Unknown user
- fprintf(stderr, "Unknown user '%s'\n", Username);
- return RV_INVALID_USER;
- default:
- fprintf(stderr, "Unknown response code %i\n", responseCode);
- return RV_UNKNOWN_RESPONSE;
- }
-
- return -1;
-}
-
-/**
- * \brief Set a user's balance
- * \note Only avaliable to dispense admins
- */
-int Dispense_SetBalance(int Socket, const char *Username, int Balance, const char *Reason)
-{
- char *buf;
- int responseCode;
-
- // Check for a dry run
- if( gbDryRun ) {
- printf("Dry Run - No action\n");
- return 0;
- }
-
- sendf(Socket, "SET %s %i %s\n", Username, Balance, Reason);
- buf = ReadLine(Socket);
-
- responseCode = atoi(buf);
- free(buf);
-
- switch(responseCode)
- {
- case 200: return 0; // OK
- case 403: // Not in coke
- fprintf(stderr, "You are not an admin\n");
- return RV_PERMISSIONS;
- case 404: // Unknown user
- fprintf(stderr, "Unknown user '%s'\n", Username);
- return RV_INVALID_USER;
- default:
- fprintf(stderr, "Unknown response code %i\n", responseCode);
- return RV_UNKNOWN_RESPONSE;
- }
-
- return -1;
-}
-
-/**
- * \brief Give money to another user
- */
-int Dispense_Give(int Socket, const char *Username, int Ammount, const char *Reason)
-{
- char *buf;
- int responseCode;
-
- if( Ammount < 0 ) {
- printf("Sorry, you can only give, you can't take.\n");
- return RV_ARGUMENTS;
- }
-
- // Fast return on zero
- if( Ammount == 0 ) {
- printf("Are you actually going to give any?\n");
- return RV_ARGUMENTS;
- }
-
- // Check for a dry run
- if( gbDryRun ) {
- printf("Dry Run - No action\n");
- return 0;
- }
-
- sendf(Socket, "GIVE %s %i %s\n", Username, Ammount, Reason);
-
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
- free(buf);
- switch(responseCode)
- {
- case 200:
- printf("Give succeeded\n");
- return RV_SUCCESS; // OK
-
- case 402:
- fprintf(stderr, "Insufficient balance\n");
- return RV_BALANCE;
-
- case 404: // Unknown user
- fprintf(stderr, "Unknown user '%s'\n", Username);
- return RV_INVALID_USER;
-
- default:
- fprintf(stderr, "Unknown response code %i\n", responseCode);
- return RV_UNKNOWN_RESPONSE;
- }
-
- return -1;
-}
-
-int Dispense_Refund(int Socket, const char *Username, const char *Item, int PriceOverride)
-{
- char *buf;
- int responseCode, ret = -1;
-
- // Check item id
- if( RunRegex(&gUserItemIdentRegex, Item, 0, NULL, NULL) != 0 )
- {
- fprintf(stderr, "Error: Invalid item ID passed (should be <type>:<num>)\n");
- return RV_ARGUMENTS;
- }
-
- // Check username (quick)
- if( strchr(Username, ' ') || strchr(Username, '\n') )
- {
- fprintf(stderr, "Error: Username is invalid (no spaces or newlines please)\n");
- return RV_ARGUMENTS;
- }
-
- // Send the query
- sendf(Socket, "REFUND %s %s %i\n", Username, Item, PriceOverride);
-
- buf = ReadLine(Socket);
- responseCode = atoi(buf);
- switch(responseCode)
- {
- case 200:
- Dispense_ShowUser(Socket, Username); // Show destination account
- ret = 0;
- break;
- case 403:
- fprintf(stderr, "Refund access is only avaliable to coke members\n");
- ret = RV_PERMISSIONS;
- break;
- case 404:
- fprintf(stderr, "Unknown user '%s' passed\n", Username);
- ret = RV_INVALID_USER;
- break;
- case 406:
- fprintf(stderr, "Invalid item '%s' passed\n", Item);
- ret = RV_BAD_ITEM;
- break;
- default:
- fprintf(stderr, "Unknown response from server %i\n%s\n", responseCode, buf);
- ret = -1;
- break;
- }
- free(buf);
- return ret;
-}
-
-/**
- * \brief Donate money to the club
- */
-int Dispense_Donate(int Socket, int Ammount, const char *Reason)
-{
- char *buf;
- int responseCode;
-
- if( Ammount < 0 ) {
- printf("Sorry, you can only give, you can't take.\n");
- return -1;
- }
-
- // Fast return on zero
- if( Ammount == 0 ) {
- printf("Are you actually going to give any?\n");
- return 1;
- }
-
- // Check for a dry run
- if( gbDryRun ) {
- printf("Dry Run - No action\n");
- return 0;
- }
-
- sendf(Socket, "DONATE %i %s\n", Ammount, Reason);
- buf = ReadLine(Socket);
-
- responseCode = atoi(buf);
- free(buf);
-
- switch(responseCode)
- {
- case 200: return 0; // OK
-
- case 402:
- fprintf(stderr, "Insufficient balance\n");
- return 1;
-
- default:
- fprintf(stderr, "Unknown response code %i\n", responseCode);
- return -1;
- }
-
- return -1;
-}
-
-/**
- * \brief Enumerate users
- */
-int Dispense_EnumUsers(int Socket)
-{
- char *buf;
- int responseCode;
- int nUsers;
- regmatch_t matches[4];
-
- if( giMinimumBalance != INT_MIN ) {
- if( giMaximumBalance != INT_MAX ) {
- sendf(Socket, "ENUM_USERS min_balance:%i max_balance:%i\n", giMinimumBalance, giMaximumBalance);
- }
- else {
- sendf(Socket, "ENUM_USERS min_balance:%i\n", giMinimumBalance);
- }
- }
- else {
- if( giMaximumBalance != INT_MAX ) {
- sendf(Socket, "ENUM_USERS max_balance:%i\n", giMaximumBalance);
- }
- else {
- sendf(Socket, "ENUM_USERS\n");