+ // Check if trusted (only works with INET sockets at present)
+ len = sizeof(client_addr);
+ if( getpeername(Client->Socket, (struct sockaddr*)&client_addr, &len) == -1 ) {
+ Debug(Client, "500 getpeername() failed\n");
+ perror("Getting AUTHIDENT peer name");
+ sendf(Client->Socket, "500 getpeername() failed\n");
+ return ;
+ }
+
+ client_ip = client_addr.sin_addr.s_addr;
+ if(giDebugLevel >= 2) {
+ Debug(Client, "client_ip = %x, ntohl(client_ip) = %x", client_ip, ntohl(client_ip));
+ }
+ if( ntohl(client_ip) != 0x7F000001 && (ntohl(client_ip) & IDENT_TRUSTED_NETMASK) != IDENT_TRUSTED_NETWORK ) {
+ if(giDebugLevel)
+ Debug(Client, "Untrusted client attempting to AUTHIDENT");
+ sendf(Client->Socket, "401 Untrusted\n");
+ return ;
+ }
+
+ // Get username via IDENT
+ username = ident_id(Client->Socket, ident_timeout);
+ if( !username ) {
+ sendf(Client->Socket, "403 Authentication failure: IDENT auth timed out\n");
+ return ;
+ }
+
+ // Get UID
+ Client->UID = Bank_GetAcctByName( username, 0 );
+ if( Client->UID < 0 ) {
+ if(giDebugLevel)
+ Debug(Client, "Unknown user '%s'", username);
+ sendf(Client->Socket, "403 Authentication failure: unknown account\n");
+ free(username);
+ return ;
+ }
+
+ userflags = Bank_GetFlags(Client->UID);
+ // You can't be an internal account
+ if( userflags & USER_FLAG_INTERNAL ) {
+ if(giDebugLevel)
+ Debug(Client, "IDENT auth as '%s', not allowed", username);
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Authentication failure: that account is internal\n");
+ free(username);
+ return ;
+ }
+
+ // Disabled accounts
+ if( userflags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Authentication failure: account disabled\n");
+ free(username);
+ return ;
+ }
+
+ // Save username
+ if(Client->Username)
+ free(Client->Username);
+ Client->Username = strdup(username);
+
+ Client->bIsAuthed = 1;
+
+ if(giDebugLevel)
+ Debug(Client, "IDENT authenticated as '%s' (%i)", username, Client->UID);
+ free(username);
+
+ sendf(Client->Socket, "200 Auth OK\n");
+}
+
+/**
+ * \brief Set effective user
+ */
+void Server_Cmd_SETEUSER(tClient *Client, char *Args)
+{
+ char *username;
+ int eUserFlags, userFlags;
+
+ if( Server_int_ParseArgs(0, Args, &username, NULL) )
+ {
+ sendf(Client->Socket, "407 SETEUSER takes 1 argument\n");
+ return ;
+ }
+
+ if( !strlen(Args) ) {
+ sendf(Client->Socket, "407 SETEUSER expects an argument\n");
+ return ;
+ }
+
+ // Check authentication
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ userFlags = Bank_GetFlags(Client->UID);
+ if( !(userFlags & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
+ // Set id
+ Client->EffectiveUID = Bank_GetAcctByName(username, 0);
+ if( Client->EffectiveUID == -1 ) {
+ sendf(Client->Socket, "404 User not found\n");
+ return ;
+ }
+
+ // You can't be an internal account
+ if( !(userFlags & USER_FLAG_ADMIN) )
+ {
+ eUserFlags = Bank_GetFlags(Client->EffectiveUID);
+ if( eUserFlags & USER_FLAG_INTERNAL ) {
+ Client->EffectiveUID = -1;
+ sendf(Client->Socket, "404 User not found\n");
+ return ;
+ }
+ // Disabled only avaliable to admins
+ if( eUserFlags & USER_FLAG_DISABLED ) {
+ Client->EffectiveUID = -1;
+ sendf(Client->Socket, "403 Account disabled\n");
+ return ;
+ }
+ }
+
+ sendf(Client->Socket, "200 User set\n");
+}
+
+/**
+ * \brief Send an item status to the client
+ * \param Client Who to?
+ * \param Item Item to send
+ */
+void Server_int_SendItem(tClient *Client, tItem *Item)
+{
+ char *status = "avail";
+
+ if( Item->Handler->CanDispense )