#include <string.h>
#include <limits.h>
#include <stdarg.h>
-#include <signal.h>
-#include <ident.h>
+#include <signal.h> // Signal handling
+#include <ident.h> // AUTHIDENT
+#include <time.h> // time(2)
#define DEBUG_TRACE_CLIENT 0
#define HACK_NO_REFUNDS 1
#define MSG_STR_TOO_LONG "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
+#define IDENT_TRUSTED_NETWORK 0x825F0D00
+#define IDENT_TRUSTED_NETMASK 0xFFFFFFC0
+
// === TYPES ===
typedef struct sClient
{
}
if( pid != 0 ) {
// Parent, quit
+ printf("Forked child %i\n", pid);
exit(0);
}
// In child
freopen("/dev/null", "r", stdin);
freopen(gsServer_LogFile, "a", stdout);
freopen(gsServer_ErrorLog, "a", stderr);
+ fprintf(stdout, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL));
+ fprintf(stderr, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL));
#endif
}
char *username;
int userflags;
const int ident_timeout = 5;
+ socklen_t len;
+ struct sockaddr_in client_addr;
+ uint32_t client_ip;
if( Args != NULL && strlen(Args) ) {
sendf(Client->Socket, "407 AUTHIDENT takes no arguments\n");
return ;
}
- // Check if trusted
- if( !Client->bIsTrusted ) {
- if(giDebugLevel)
- Debug(Client, "Untrusted client attempting to AUTHIDENT");
- sendf(Client->Socket, "401 Untrusted\n");
+ // Check if trusted (only works with INET sockets at present)
+ len = sizeof(client_addr);
+ if( getpeername(Client->Socket, (struct sockaddr*)&client_addr, &len) == -1 ) {
+ Debug(Client, "500 getpeername() failed\n");
+ perror("Getting AUTHIDENT peer name");
+ sendf(Client->Socket, "500 getpeername() failed\n");
return ;
}
+ client_ip = client_addr.sin_addr.s_addr;
+ if(giDebugLevel >= 2) {
+ Debug(Client, "client_ip = %x, ntohl(client_ip) = %x", client_ip, ntohl(client_ip));
+ }
+ if( ntohl(client_ip) != 0x7F000001 && (ntohl(client_ip) & IDENT_TRUSTED_NETMASK) != IDENT_TRUSTED_NETWORK ) {
+ if(giDebugLevel)
+ Debug(Client, "Untrusted client attempting to AUTHIDENT");
+ sendf(Client->Socket, "401 Untrusted\n");
+ return ;
+ }
+
// Get username via IDENT
username = ident_id(Client->Socket, ident_timeout);
- if (!username) {
+ if( !username ) {
sendf(Client->Socket, "403 Authentication failure: IDENT auth timed out\n");
+ return ;
}
// Get UID
return ;
}
}
+
+ // Disabled accounts
+ if( userFlags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Account disabled\n");
+ return ;
+ }
sendf(Client->Socket, "200 User set\n");
}
}
}
+ if( Item->Price == 0 )
+ status = "error";
// KNOWN HACK: Naming a slot 'dead' disables it
if( strcmp(Item->Name, "dead") == 0 )
status = "sold"; // Another status?