All - Rework config API to allow default/optional values

[tpg/opendispense2.git] / src / server / server.c

diff --git a/src/server/server.c b/src/server/server.c
index 9bf9eba..b09c794 100644 (file)
--- a/src/server/server.c
+++ b/src/server/server.c
@@ -10,6 +10,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include "common.h"
+#include "../common/config.h"
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
@@ -147,7 +148,7 @@ void Server_Start(void)
        gaServer_TrustedHosts = malloc(giServer_NumTrustedHosts * sizeof(*gaServer_TrustedHosts));
        for( int i = 0; i < giServer_NumTrustedHosts; i ++ )
        {
-               const char      *addr = Config_GetValue("trusted_host", i);
+               const char      *addr = Config_GetValue_Idx("trusted_host", i);
                
                if( inet_aton(addr, &gaServer_TrustedHosts[i]) == 0 ) {
                        fprintf(stderr, "Invalid IP address '%s'\n", addr);
@@ -155,7 +156,6 @@ void Server_Start(void)
                }
        }
 
-       atexit(Server_Cleanup);
        // Ignore SIGPIPE (stops crashes when the client exits early)
        signal(SIGPIPE, SIG_IGN);
 
@@ -176,6 +176,7 @@ void Server_Start(void)
        if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
                fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port);
                perror("Binding");
+               close(giServer_Socket);
                return ;
        }
 
@@ -190,7 +191,7 @@ void Server_Start(void)
                }
                if( pid != 0 ) {
                        // Parent, quit
-                       printf("Forked child %i\n", pid);
+                       Debug_Notice("Forked child server as PID %i\n", pid);
                        exit(0);
                }
                // In child
@@ -207,6 +208,7 @@ void Server_Start(void)
                fprintf(stderr, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL));
                #endif
        }
+       atexit(Server_Cleanup);
 
        // Start the helper thread
        StartPeriodicThread();
@@ -218,7 +220,7 @@ void Server_Start(void)
                return ;
        }
        
-       printf("Listening on 0.0.0.0:%i\n", giServer_Port);
+       Debug_Notice("Listening on 0.0.0.0:%i", giServer_Port);
        
        // write pidfile
        {
@@ -258,7 +260,7 @@ void Server_Start(void)
                if(giDebugLevel >= 2) {
                        char    ipstr[INET_ADDRSTRLEN];
                        inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN);
-                       printf("Client connection from %s:%i\n",
+                       Debug_Debug("Client connection from %s:%i",
                                ipstr, ntohs(client_addr.sin_port));
                }
                
@@ -312,7 +314,7 @@ void Server_Start(void)
 
 void Server_Cleanup(void)
 {
-       printf("\nClose(%i)\n", giServer_Socket);
+       Debug_Debug("Close(%i)", giServer_Socket);
        close(giServer_Socket);
        unlink(PIDFILE);
 }
@@ -699,16 +701,12 @@ void Server_Cmd_SETEUSER(tClient *Client, char *Args)
                        sendf(Client->Socket, "404 User not found\n");
                        return ;
                }
-               // Disabled only avaliable to admins
-               if( eUserFlags & USER_FLAG_DISABLED ) {
-                       Client->EffectiveUID = -1;
-                       sendf(Client->Socket, "403 Account disabled\n");
-                       return ;
-               }
        }
 
        // Disabled accounts
-       if( userFlags & USER_FLAG_DISABLED ) {
+       // - If disabled and the actual user is not an admin (and not root)
+       //   return 403
+       if( (eUserFlags & USER_FLAG_DISABLED) && (Client->UID == 0 || !(userFlags & USER_FLAG_ADMIN)) ) {
                Client->EffectiveUID = -1;
                sendf(Client->Socket, "403 Account disabled\n");
                return ;
@@ -874,6 +872,9 @@ void Server_Cmd_DISPENSE(tClient *Client, char *Args)
                uid = Client->UID;
        }
 
+//     if( Bank_GetFlags(Client->UID) & USER_FLAG_DISABLED  ) {
+//     }
+
        switch( ret = DispenseItem( Client->UID, uid, item ) )
        {
        case 0: sendf(Client->Socket, "200 Dispense OK\n");     return ;
@@ -1101,7 +1102,7 @@ void Server_Cmd_ADD(tClient *Client, char *Args)
        if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) )
        {
                if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
-                       sendf(Client->Socket, "404 Invalid user\n");
+                       sendf(Client->Socket, "403 Admin only\n");
                        return ;
                }
                // TODO: Maybe disallow changes to disabled?
@@ -1165,17 +1166,15 @@ void Server_Cmd_SET(tClient *Client, char *Args)
                return ;
        }
 
+       int origBalance, rv;
        // Do give
-       switch( DispenseSet(Client->UID, uid, iAmmount, reason) )
+       switch( rv = DispenseSet(Client->UID, uid, iAmmount, reason, &origBalance) )
        {
        case 0:
-               sendf(Client->Socket, "200 Add OK\n");
-               return ;
-       case 2:
-               sendf(Client->Socket, "402 Poor Guy\n");
+               sendf(Client->Socket, "200 Add OK (%i)\n", origBalance);
                return ;
        default:
-               sendf(Client->Socket, "500 Unknown error\n");
+               sendf(Client->Socket, "500 Unknown error (%i)\n", rv);
                return ;
        }
 }
@@ -1561,18 +1560,12 @@ void Server_Cmd_PINCHECK(tClient *Client, char *Args)
        }
        pin = atoi(pinstr);
 
-       // Not strictly needed, but ensures that randoms don't do brute forcing
+       // Not authenticated? go away!
        if( !Client->bIsAuthed ) {
                sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
        
-       // Check user permissions
-       if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN))  ) {
-               sendf(Client->Socket, "403 Not in coke\n");
-               return ;
-       }
-       
        // Get user
        int uid = Bank_GetAcctByName(username, 0);
        if( uid == -1 ) {
@@ -1580,6 +1573,12 @@ void Server_Cmd_PINCHECK(tClient *Client, char *Args)
                return ;
        }
        
+       // Check user permissions
+       if( uid != Client->UID && !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN))  ) {
+               sendf(Client->Socket, "403 Not in coke\n");
+               return ;
+       }
+       
        // Get the pin
        static time_t   last_wrong_pin_time;
        static int      backoff = 1;
@@ -1591,7 +1590,14 @@ void Server_Cmd_PINCHECK(tClient *Client, char *Args)
        last_wrong_pin_time = time(NULL);
        if( !Bank_IsPinValid(uid, pin) )
        {
-               sendf(Client->Socket, "403 Pin incorrect\n");
+               sendf(Client->Socket, "201 Pin incorrect\n");
+               struct sockaddr_storage addr;
+               socklen_t len = sizeof(addr);
+               char ipstr[INET6_ADDRSTRLEN];
+               getpeername(Client->Socket, (void*)&addr, &len);
+               struct sockaddr_in *s = (struct sockaddr_in *)&addr;
+               inet_ntop(addr.ss_family, &s->sin_addr, ipstr, sizeof(ipstr));
+               Debug_Notice("Bad pin from %s for %s by %i", ipstr, username, Client->UID);
                if( backoff < 5)
                        backoff ++;
                return ;
@@ -1609,7 +1615,7 @@ void Server_Cmd_PINSET(tClient *Client, char *Args)
        
 
        if( Server_int_ParseArgs(0, Args, &pinstr, NULL) ) {
-               sendf(Client->Socket, "407 PIN_SET takes 2 arguments\n");
+               sendf(Client->Socket, "407 PIN_SET takes 1 argument\n");
                return ;
        }
        
@@ -1619,7 +1625,6 @@ void Server_Cmd_PINSET(tClient *Client, char *Args)
        }
        pin = atoi(pinstr);
 
-       // Not strictly needed, but ensures that randoms don't do brute forcing
        if( !Client->bIsAuthed ) {
                sendf(Client->Socket, "401 Not Authenticated\n");
                return ;