#include <unistd.h>
#include <string.h>
+// HACKS
+#define HACK_TPG_NOAUTH 1
+
+// Statistics
#define MAX_CONNECTION_QUEUE 5
#define INPUT_BUFFER_SIZE 256
-#define HASH_TYPE SHA512
-#define HASH_LENGTH 64
+#define HASH_TYPE SHA1
+#define HASH_LENGTH 20
#define MSG_STR_TOO_LONG "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
// === PROTOTYPES ===
void Server_Start(void);
+void Server_Cleanup(void);
void Server_HandleClient(int Socket, int bTrusted);
char *Server_ParseClientCommand(tClient *Client, char *CommandString);
// --- Commands ---
char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
char *Server_Cmd_ITEMINFO(tClient *Client, char *Args);
+char *Server_Cmd_DISPENSE(tClient *Client, char *Args);
// --- Helpers ---
+ int GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash);
void HexBin(uint8_t *Dest, char *Src, int BufSize);
// === GLOBALS ===
{"PASS", Server_Cmd_PASS},
{"AUTOAUTH", Server_Cmd_AUTOAUTH},
{"ENUM_ITEMS", Server_Cmd_ENUMITEMS},
- {"ITEM_INFO", Server_Cmd_ITEMINFO}
+ {"ITEM_INFO", Server_Cmd_ITEMINFO},
+ {"DISPENSE", Server_Cmd_DISPENSE}
};
#define NUM_COMMANDS (sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))
+ int giServer_Socket;
// === CODE ===
/**
*/
void Server_Start(void)
{
- int server_socket, client_socket;
+ int client_socket;
struct sockaddr_in server_addr, client_addr;
+ atexit(Server_Cleanup);
+
// Create Server
- server_socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
- if( server_socket < 0 ) {
+ giServer_Socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ if( giServer_Socket < 0 ) {
fprintf(stderr, "ERROR: Unable to create server socket\n");
return ;
}
server_addr.sin_port = htons(giServer_Port); // Port
// Bind
- if( bind(server_socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
+ if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port);
+ perror("Binding");
return ;
}
// Listen
- if( listen(server_socket, MAX_CONNECTION_QUEUE) < 0 ) {
+ if( listen(giServer_Socket, MAX_CONNECTION_QUEUE) < 0 ) {
fprintf(stderr, "ERROR: Unable to listen to socket\n");
+ perror("Listen");
return ;
}
uint len = sizeof(client_addr);
int bTrusted = 0;
- client_socket = accept(server_socket, (struct sockaddr *) &client_addr, &len);
+ client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len);
if(client_socket < 0) {
fprintf(stderr, "ERROR: Unable to accept client connection\n");
return ;
}
}
+void Server_Cleanup(void)
+{
+ printf("Close(%i)\n", giServer_Socket);
+ close(giServer_Socket);
+}
+
/**
* \brief Reads from a client socket and parses the command strings
* \param Socket Client socket number/handle
Client->Salt[6] = 0x21 + (rand()&0x3F);
Client->Salt[7] = 0x21 + (rand()&0x3F);
+ // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
// "100 Salt xxxxXXXX\n"
ret = strdup("100 SALT xxxxXXXX\n");
sprintf(ret, "100 SALT %s\n", Client->Salt);
// Read user's hash
HexBin(clienthash, Args, HASH_LENGTH);
+ // TODO: Decrypt password passed
+
+ Client->UID = GetUserAuth(Client->Salt, Client->Username, clienthash);
+
+ if( Client->UID != -1 ) {
+ Client->bIsAuthed = 1;
+ return strdup("200 Auth OK\n");
+ }
+
if( giDebugLevel ) {
int i;
printf("Client %i: Password hash ", Client->ID);
return ret;
}
-/**
- * \brief Fetch information on a specific item
- */
-char *Server_Cmd_ITEMINFO(tClient *Client, char *Args)
+tItem *_GetItemFromString(char *String)
{
- int retLen = 0;
- char *ret;
- tItem *item;
tHandler *handler;
- char *type = Args;
- char *colon = strchr(Args, ':');
+ char *type = String;
+ char *colon = strchr(String, ':');
int num, i;
if( !colon ) {
- return strdup("406 Bad Item ID\n");
+ return NULL;
}
num = atoi(colon+1);
}
}
if( !handler ) {
- return strdup("406 Bad Item ID\n");
+ return NULL;
}
// Find item
{
if( gaItems[i].Handler != handler ) continue;
if( gaItems[i].ID != num ) continue;
- item = &gaItems[i];
- break;
+ return &gaItems[i];
}
+ return NULL;
+}
+
+/**
+ * \brief Fetch information on a specific item
+ */
+char *Server_Cmd_ITEMINFO(tClient *Client, char *Args)
+{
+ int retLen = 0;
+ char *ret;
+ tItem *item = _GetItemFromString(Args);
+
if( !item ) {
return strdup("406 Bad Item ID\n");
}
// Create return
retLen = snprintf(NULL, 0, "202 Item %s:%i %i %s\n",
- handler->Name, item->ID, item->Price, item->Name);
+ item->Handler->Name, item->ID, item->Price, item->Name);
ret = malloc(retLen+1);
sprintf(ret, "202 Item %s:%i %i %s\n",
- handler->Name, item->ID, item->Price, item->Name);
+ item->Handler->Name, item->ID, item->Price, item->Name);
return ret;
}
+char *Server_Cmd_DISPENSE(tClient *Client, char *Args)
+{
+ tItem *item;
+ int ret;
+ if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
+
+ item = _GetItemFromString(Args);
+ if( !item ) {
+ return strdup("406 Bad Item ID\n");
+ }
+
+ switch( ret = DispenseItem( Client->UID, item ) )
+ {
+ case 0: return strdup("200 Dispense OK\n");
+ case 1: return strdup("501 Unable to dispense\n");
+ case 2: return strdup("402 Poor You\n");
+ default:
+ return strdup("500 Dispense Error\n");
+ }
+}
+
+char *Server_Cmd_GIVE(tClient *Client, char *Args)
+{
+ char *recipient, *ammount, *reason;
+ int uid, iAmmount;
+
+ if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
+
+ recipient = Args;
+
+ ammount = strchr(Args, ' ');
+ if( !ammount ) return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n");
+ *ammount = '\0';
+ ammount ++;
+
+ reason = strchr(ammount, ' ');
+ if( !reason ) return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n");
+ *reason = '\0';
+ reason ++;
+
+ // Get recipient
+ uid = GetUserID(recipient);
+ if( uid == -1 ) return strdup("404 Invalid target user");
+
+ // Parse ammount
+ iAmmount = atoi(ammount);
+ if( iAmmount <= 0 ) return strdup("407 Invalid Argument, ammount must be > zero\n");
+
+ // Do give
+ switch( Transfer(Client->UID, uid, iAmmount, reason) )
+ {
+ case 0:
+ return strdup("200 Give OK\n");
+ default:
+ return strdup("402 Poor You\n");
+ }
+}
+
+/**
+ * \brief Authenticate a user
+ * \return User ID, or -1 if authentication failed
+ */
+int GetUserAuth(const char *Salt, const char *Username, const uint8_t *ProvidedHash)
+{
+ #if 0
+ uint8_t h[20];
+ int ofs = strlen(Username) + strlen(Salt);
+ char input[ ofs + 40 + 1];
+ char tmp[4 + strlen(Username) + 1]; // uid=%s
+ #endif
+
+ #if HACK_TPG_NOAUTH
+ if( strcmp(Username, "tpg") == 0 )
+ return GetUserID("tpg");
+ #endif
+
+ #if 0
+ //
+ strcpy(input, Username);
+ strcpy(input, Salt);
+ // TODO: Get user's SHA-1 hash
+ sprintf(tmp, "uid=%s", Username);
+ ldap_search_s(ld, "", LDAP_SCOPE_BASE, tmp, "userPassword", 0, res);
+
+ sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
+ h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
+ );
+ // Then create the hash from the provided salt
+ // Compare that with the provided hash
+ #endif
+
+ return -1;
+}
+
// --- INTERNAL HELPERS ---
// TODO: Move to another file
void HexBin(uint8_t *Dest, char *Src, int BufSize)