X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=server%2Ffastcgi.c;h=d7e057b6f5f19d9a65ded5276225a3543db56fbb;hb=4c11eff00a00e4b744eff9a6633c1b5608844632;hp=d88dc20448883289305dfe70d2036f36a6ea3ce9;hpb=5a9a05166c4b22e7b7a522063d3dd6f75d1fa589;p=matches%2FMCTX3420.git

diff --git a/server/fastcgi.c b/server/fastcgi.c
index d88dc20..d7e057b 100644
--- a/server/fastcgi.c
+++ b/server/fastcgi.c
@@ -35,9 +35,13 @@
  */ 
 static void IdentifyHandler(FCGIContext *context, char *params) {
 	bool ident_sensors = false, ident_actuators = false;
-	bool has_control = FCGI_HasControl(context, getenv("COOKIE_STRING"));
+	char control_key[CONTROL_KEY_BUFSIZ];
+	bool has_control;
 	int i;
 
+	snprintf(control_key, CONTROL_KEY_BUFSIZ, "%s", getenv("COOKIE_STRING"));
+	has_control = FCGI_HasControl(context, control_key);
+	
 	FCGIValue values[2] = {{"sensors", &ident_sensors, FCGI_BOOL_T},
 					 {"actuators", &ident_actuators, FCGI_BOOL_T}};
 	if (!FCGI_ParseRequest(context, params, values, 2))
@@ -94,6 +98,7 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use
 	// Get current time
 	time_t now = time(NULL);
 	bool expired = now - context->control_timestamp > CONTROL_TIMEOUT;
+	int i;
 
 	// Can't lock control if: User not actually logged in (sanity), or key is still valid and the user is not an admin
 	if (user_type == USER_UNAUTH || 
@@ -109,7 +114,7 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use
 	// Generate a SHA1 hash for the user
 	SHA_CTX sha1ctx;
 	unsigned char sha1[20];
-	int i = rand();
+	i = rand();
 	SHA1_Init(&sha1ctx);
 	SHA1_Update(&sha1ctx, &now, sizeof(now));
 	SHA1_Update(&sha1ctx, &i, sizeof(i));
@@ -117,25 +122,38 @@ bool FCGI_LockControl(FCGIContext *context, const char * user_name, UserType use
 	for (i = 0; i < sizeof(sha1); i++)
 		sprintf(context->control_key + i * 2, "%02x", sha1[i]);
 
-	// Set the IP address
+	// Set the IPv4 address
 	snprintf(context->control_ip, 16, "%s", getenv("REMOTE_ADDR"));
+
 	// Set the user name
 	int uname_len = strlen(user_name);
-	if (snprintf(context->user_name, sizeof(context->user_name), "%s", user_name) < uname_len)
-	{
-		Log(LOGERR, "Username at %d characters too long (limit %d)", uname_len, sizeof(context->user_name));
+	i = snprintf(context->user_name, sizeof(context->user_name), "%s", user_name);
+	if (i < uname_len) {
+		Log(LOGERR, "Username at %d characters too long (limit %d)", 
+			uname_len, sizeof(context->user_name));
 		return false; // :-(
 	}
 	// Set the user type
 	context->user_type = user_type;
+
+	// Build the user directory
+	i = snprintf(context->user_dir, sizeof(context->user_dir), "%s/%s", 
+					g_options.experiment_dir, context->user_name);
+	if (i >= sizeof(context->user_dir)) {
+		Log(LOGERR, "Experiment dir too long (required %d, limit %d)",
+			i, sizeof(context->user_dir));
+		return false;
+	}
+
+	Log(LOGDEBUG, "User dir: %s", context->user_dir);
 	// Create directory
-	if (mkdir(user_name, 0777) != 0 && errno != EEXIST)
+	if (mkdir(context->user_dir, 0777) != 0 && errno != EEXIST)
 	{
-		Log(LOGERR, "Couldn't create user directory %s/%s - %s", g_options.root_dir, user_name, strerror(errno));
+		Log(LOGERR, "Couldn't create user directory %s - %s", 
+			context->user_dir, strerror(errno));
 		return false; // :-(
 	}
 
-
 	return true; // :-)
 }
 
@@ -370,7 +388,7 @@ void FCGI_JSONLong(const char *key, long value)
  */
 void FCGI_JSONDouble(const char *key, double value)
 {
-	printf(",\r\n\t\"%s\" : %f", key, value);
+	printf(",\r\n\t\"%s\" : %.9f", key, value);
 }
 
 /**
@@ -496,16 +514,32 @@ void * FCGI_RequestLoop (void *data)
 	while (FCGI_Accept() >= 0) {
 		
 		ModuleHandler module_handler = NULL;
-		char module[BUFSIZ], params[BUFSIZ];
-		//Don't need to copy if we're not modifying string contents
-		const char *cookie = getenv("COOKIE_STRING");
+		char module[BUFSIZ], params[BUFSIZ], control_key[CONTROL_KEY_BUFSIZ];
 		
 		//strncpy doesn't zero-truncate properly
 		snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
 		snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
 
+		
+		//char cookies[BUFSIZ];
+		//snprintf(cookies, BUFSIZ, "%s", getenv("COOKIE_STRING"));
+		//Log(LOGDEBUG, "ALL cookies %s", cookies); //mmmm
+
+		//Hack to get the nameless cookie only
+		// (works as long as browsers send the nameless cookie first...)
+		snprintf(control_key, CONTROL_KEY_BUFSIZ, "%s", getenv("COOKIE_STRING"));
+		// Ignore any other cookies if the nameless cookie is empty
+		for (int i = 0; i < CONTROL_KEY_BUFSIZ; ++i)
+		{
+			if (control_key[i] == ';')
+			{
+				control_key[i] = '\0';
+				break;
+			}
+		}
+
 		Log(LOGDEBUG, "Got request #%d - Module %s, params %s", context.response_number, module, params);
-		Log(LOGDEBUG, "Cookie: %s", cookie);
+		Log(LOGDEBUG, "Control key: %s", control_key);
 
 		
 		//Remove trailing slashes (if present) from module query
@@ -540,10 +574,10 @@ void * FCGI_RequestLoop (void *data)
 		
 		if (module_handler) 
 		{
-			//if (module_handler != Login_Handler && module_handler != IdentifyHandler && module_handler)
-			if (false) // Testing
+			if (g_options.auth_method != AUTH_NONE && module_handler != Login_Handler && module_handler != IdentifyHandler && module_handler)
+			//if (false) // Testing
 			{
-				if (!FCGI_HasControl(&context, cookie))
+				if (!FCGI_HasControl(&context, control_key))
 				{
 					FCGI_RejectJSON(&context, "Please login. Invalid control key.");
 					continue;