X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=src%2Fcokebank_basic%2Fmain.c;h=87bfc9ef486ee50bbaf35e93858ade78936550ee;hb=e1fdf2ccb6a7b5301e44aaf7927fdb49f511a30d;hp=9ddb85ea1a6811e6106a20e3ef406fd003aca64b;hpb=02f0775b2a83325fe9b8768dc19bcf2ef35d1cf2;p=tpg%2Fopendispense2.git diff --git a/src/cokebank_basic/main.c b/src/cokebank_basic/main.c index 9ddb85e..87bfc9e 100644 --- a/src/cokebank_basic/main.c +++ b/src/cokebank_basic/main.c @@ -8,22 +8,36 @@ * for full details. */ #include +#include #include #include #include #include "common.h" +// === HACKS === +#define HACK_TPG_NOAUTH 1 +#define HACK_ROOT_NOAUTH 1 + // === PROTOTYPES === void Init_Cokebank(const char *Argument); int Transfer(int SourceUser, int DestUser, int Ammount, const char *Reason); int GetBalance(int User); char *GetUserName(int User); - int GetUserID(const char *Username); - int GetUserAuth(const char *Username, const char *Password); + int GetUserID(const char *Username); int GetMaxID(void); + int GetUserAuth(const char *Salt, const char *Username, const char *PasswordString); +#if USE_LDAP +char *ReadLDAPValue(const char *Filter, char *Value); +#endif +void HexBin(uint8_t *Dest, int BufSize, char *Src); // === GLOBALS === FILE *gBank_LogFile; +#if USE_LDAP +char *gsLDAPServer = "mussel"; + int giLDAPPort = 389; +LDAP *gpLDAP; +#endif // === CODE === /** @@ -31,6 +45,11 @@ FILE *gBank_LogFile; */ void Init_Cokebank(const char *Argument) { + #if USE_LDAP + int rv; + #endif + + // Open Cokebank gBank_File = fopen(Argument, "rb+"); if( !gBank_File ) { gBank_File = fopen(Argument, "wb+"); @@ -39,14 +58,51 @@ void Init_Cokebank(const char *Argument) perror("Opening coke bank"); } + // Open log file + // TODO: Do I need this? gBank_LogFile = fopen("cokebank.log", "a"); if( !gBank_LogFile ) gBank_LogFile = stdout; + // Read in cokebank fseek(gBank_File, 0, SEEK_END); giBank_NumUsers = ftell(gBank_File) / sizeof(gaBank_Users[0]); fseek(gBank_File, 0, SEEK_SET); gaBank_Users = malloc( giBank_NumUsers * sizeof(gaBank_Users[0]) ); fread(gaBank_Users, sizeof(gaBank_Users[0]), giBank_NumUsers, gBank_File); + + #if USE_LDAP + // Connect to LDAP + rv = ldap_create(&gpLDAP); + if(rv) { + fprintf(stderr, "ldap_create: %s\n", ldap_err2string(rv)); + exit(1); + } + rv = ldap_initialize(&gpLDAP, "ldap://mussel:389"); + if(rv) { + fprintf(stderr, "ldap_initialize: %s\n", ldap_err2string(rv)); + exit(1); + } + { int ver = LDAP_VERSION3; ldap_set_option(gpLDAP, LDAP_OPT_PROTOCOL_VERSION, &ver); } + # if 0 + rv = ldap_start_tls_s(gpLDAP, NULL, NULL); + if(rv) { + fprintf(stderr, "ldap_start_tls_s: %s\n", ldap_err2string(rv)); + exit(1); + } + # endif + { + struct berval cred; + struct berval *servcred; + cred.bv_val = "secret"; + cred.bv_len = 6; + rv = ldap_sasl_bind_s(gpLDAP, "cn=root,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au", + "", &cred, NULL, NULL, NULL); + if(rv) { + fprintf(stderr, "ldap_start_tls_s: %s\n", ldap_err2string(rv)); + exit(1); + } + } + #endif } /** @@ -122,3 +178,139 @@ int GetMaxID(void) return giBank_NumUsers; } +/** + * \brief Authenticate a user + * \return User ID, or -1 if authentication failed + */ +int GetUserAuth(const char *Salt, const char *Username, const char *PasswordString) +{ + #if USE_LDAP + uint8_t hash[20]; + uint8_t h[20]; + int ofs = strlen(Username) + strlen(Salt); + char input[ ofs + 40 + 1]; + char tmp[4 + strlen(Username) + 1]; // uid=%s + char *passhash; + #endif + + #if HACK_TPG_NOAUTH + if( strcmp(Username, "tpg") == 0 ) + return GetUserID("tpg"); + #endif + #if HACK_ROOT_NOAUTH + if( strcmp(Username, "root") == 0 ) { + int ret = GetUserID("root"); + if( ret == -1 ) + return CreateUser("root"); + return ret; + } + #endif + + #if USE_LDAP + HexBin(hash, 20, PasswordString); + + // Build string to hash + strcpy(input, Username); + strcpy(input, Salt); + + // TODO: Get user's SHA-1 hash + sprintf(tmp, "uid=%s", Username); + printf("tmp = '%s'\n", tmp); + passhash = ReadLDAPValue(tmp, "userPassword"); + if( !passhash ) { + return -1; + } + printf("LDAP hash '%s'\n", passhash); + + sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9], + h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19] + ); + // Then create the hash from the provided salt + // Compare that with the provided hash + + + if( giDebugLevel ) { + int i; + printf("Client %i: Password hash ", Client->ID); + for(i=0;ibv_val, attrValues[0]->bv_len); + + ldap_value_free_len(attrValues); + + + return ret; +} +#endif + +// TODO: Move to another file +void HexBin(uint8_t *Dest, int BufSize, char *Src) +{ + int i; + for( i = 0; i < BufSize; i ++ ) + { + uint8_t val = 0; + + if('0' <= *Src && *Src <= '9') + val |= (*Src-'0') << 4; + else if('A' <= *Src && *Src <= 'F') + val |= (*Src-'A'+10) << 4; + else if('a' <= *Src && *Src <= 'f') + val |= (*Src-'a'+10) << 4; + else + break; + Src ++; + + if('0' <= *Src && *Src <= '9') + val |= (*Src-'0'); + else if('A' <= *Src && *Src <= 'F') + val |= (*Src-'A'+10); + else if('a' <= *Src && *Src <= 'f') + val |= (*Src-'a'+10); + else + break; + Src ++; + + Dest[i] = val; + } + for( ; i < BufSize; i++ ) + Dest[i] = 0; +} +