Working on password-based user auth

[tpg/opendispense2.git] / src / server / server.c

diff --git a/src/server/server.c b/src/server/server.c
index 9f59489..5d375ee 100644 (file)
--- a/src/server/server.c
+++ b/src/server/server.c
@@ -50,6 +50,7 @@ char  *Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
 char   *Server_Cmd_ITEMINFO(tClient *Client, char *Args);
 char   *Server_Cmd_DISPENSE(tClient *Client, char *Args);
 // --- Helpers ---
+ int   GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash);
 void   HexBin(uint8_t *Dest, char *Src, int BufSize);
 
 // === GLOBALS ===
@@ -283,6 +284,7 @@ char *Server_Cmd_USER(tClient *Client, char *Args)
        Client->Salt[6] = 0x21 + (rand()&0x3F);
        Client->Salt[7] = 0x21 + (rand()&0x3F);
        
+       // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
        // "100 Salt xxxxXXXX\n"
        ret = strdup("100 SALT xxxxXXXX\n");
        sprintf(ret, "100 SALT %s\n", Client->Salt);
@@ -306,7 +308,7 @@ char *Server_Cmd_PASS(tClient *Client, char *Args)
        
        // TODO: Decrypt password passed
        
-       Client->UID = GetUserAuth(Client->Username, "");
+       Client->UID = GetUserAuth(Client->Salt, Client->Username, clienthash);
 
        if( Client->UID != -1 ) {
                Client->bIsAuthed = 1;
@@ -465,6 +467,80 @@ char *Server_Cmd_DISPENSE(tClient *Client, char *Args)
        }
 }
 
+char *Server_Cmd_GIVE(tClient *Client, char *Args)
+{
+       char    *recipient, *ammount, *reason;
+        int    uid, iAmmount;
+       
+       if( !Client->bIsAuthed )        return strdup("401 Not Authenticated\n");
+
+       recipient = Args;
+
+       ammount = strchr(Args, ' ');
+       if( !ammount )  return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n");
+       *ammount = '\0';
+       ammount ++;
+
+       reason = strchr(ammount, ' ');
+       if( !reason )   return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n");
+       *reason = '\0';
+       reason ++;
+
+       // Get recipient
+       uid = GetUserID(recipient);
+       if( uid == -1 ) return strdup("404 Invalid target user");
+
+       // Parse ammount
+       iAmmount = atoi(ammount);
+       if( iAmmount <= 0 )     return strdup("407 Invalid Argument, ammount must be > zero\n");
+
+       // Do give
+       switch( Transfer(Client->UID, uid, iAmmount, reason) )
+       {
+       case 0:
+               return strdup("200 Give OK\n");
+       default:
+               return strdup("402 Poor You\n");
+       }
+}
+
+/**
+ * \brief Authenticate a user
+ * \return User ID, or -1 if authentication failed
+ */
+int GetUserAuth(const char *Salt, const char *Username, const uint8_t *ProvidedHash)
+{
+       #if 0
+       uint8_t h[20];
+        int    ofs = strlen(Username) + strlen(Salt);
+       char    input[ ofs + 40 + 1];
+       char    tmp[4 + strlen(Username) + 1];  // uid=%s
+       #endif
+       
+       #if HACK_TPG_NOAUTH
+       if( strcmp(Username, "tpg") == 0 )
+               return GetUserID("tpg");
+       #endif
+       
+       #if 0
+       //
+       strcpy(input, Username);
+       strcpy(input, Salt);
+       // TODO: Get user's SHA-1 hash
+       sprintf(tmp, "uid=%s", Username);
+       ldap_search_s(ld, "", LDAP_SCOPE_BASE, tmp, "userPassword", 0, res);
+       
+       sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+               h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
+               h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
+               );
+       // Then create the hash from the provided salt
+       // Compare that with the provided hash
+       #endif
+       
+       return -1;
+}
+
 // --- INTERNAL HELPERS ---
 // TODO: Move to another file
 void HexBin(uint8_t *Dest, char *Src, int BufSize)