X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=src%2Fserver%2Fserver.c;h=cd692242c87f499e9f9af97f072e46da0cad9b07;hb=91d11fd7f9bf911c6abc59a18e17ec5890cee148;hp=bd451ee0dba762c5502f2a01543c7f1044f55305;hpb=1cb4c25d8821698d15bcfe223ee510ebb1b972c2;p=tpg%2Fopendispense2.git diff --git a/src/server/server.c b/src/server/server.c index bd451ee..cd69224 100644 --- a/src/server/server.c +++ b/src/server/server.c @@ -15,13 +15,15 @@ #include #include #include +#include +#include -// HACKS -#define HACK_TPG_NOAUTH 1 +#define DEBUG_TRACE_CLIENT 0 // Statistics #define MAX_CONNECTION_QUEUE 5 #define INPUT_BUFFER_SIZE 256 +#define CLIENT_TIMEOUT 10 // Seconds #define HASH_TYPE SHA1 #define HASH_LENGTH 20 @@ -31,6 +33,7 @@ // === TYPES === typedef struct sClient { + int Socket; // Client socket ID int ID; // Client ID int bIsTrusted; // Is the connection from a trusted host/port @@ -39,6 +42,7 @@ typedef struct sClient char Salt[9]; int UID; + int EffectiveUID; int bIsAuthed; } tClient; @@ -46,34 +50,56 @@ typedef struct sClient void Server_Start(void); void Server_Cleanup(void); void Server_HandleClient(int Socket, int bTrusted); -char *Server_ParseClientCommand(tClient *Client, char *CommandString); +void Server_ParseClientCommand(tClient *Client, char *CommandString); // --- Commands --- -char *Server_Cmd_USER(tClient *Client, char *Args); -char *Server_Cmd_PASS(tClient *Client, char *Args); -char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args); -char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args); -char *Server_Cmd_ITEMINFO(tClient *Client, char *Args); -char *Server_Cmd_DISPENSE(tClient *Client, char *Args); +void Server_Cmd_USER(tClient *Client, char *Args); +void Server_Cmd_PASS(tClient *Client, char *Args); +void Server_Cmd_AUTOAUTH(tClient *Client, char *Args); +void Server_Cmd_SETEUSER(tClient *Client, char *Args); +void Server_Cmd_ENUMITEMS(tClient *Client, char *Args); +void Server_Cmd_ITEMINFO(tClient *Client, char *Args); +void Server_Cmd_DISPENSE(tClient *Client, char *Args); +void Server_Cmd_GIVE(tClient *Client, char *Args); +void Server_Cmd_DONATE(tClient *Client, char *Args); +void Server_Cmd_ADD(tClient *Client, char *Args); +void Server_Cmd_SET(tClient *Client, char *Args); +void Server_Cmd_ENUMUSERS(tClient *Client, char *Args); +void Server_Cmd_USERINFO(tClient *Client, char *Args); +void _SendUserInfo(tClient *Client, int UserID); +void Server_Cmd_USERADD(tClient *Client, char *Args); +void Server_Cmd_USERFLAGS(tClient *Client, char *Args); // --- Helpers --- - int GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash); -void HexBin(uint8_t *Dest, char *Src, int BufSize); +void Debug(tClient *Client, const char *Format, ...); + int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value); + int sendf(int Socket, const char *Format, ...); -// === GLOBALS === - int giServer_Port = 1020; - int giServer_NextClientID = 1; +// === CONSTANTS === // - Commands -struct sClientCommand { - char *Name; - char *(*Function)(tClient *Client, char *Arguments); +const struct sClientCommand { + const char *Name; + void (*Function)(tClient *Client, char *Arguments); } gaServer_Commands[] = { {"USER", Server_Cmd_USER}, {"PASS", Server_Cmd_PASS}, {"AUTOAUTH", Server_Cmd_AUTOAUTH}, + {"SETEUSER", Server_Cmd_SETEUSER}, {"ENUM_ITEMS", Server_Cmd_ENUMITEMS}, {"ITEM_INFO", Server_Cmd_ITEMINFO}, - {"DISPENSE", Server_Cmd_DISPENSE} + {"DISPENSE", Server_Cmd_DISPENSE}, + {"GIVE", Server_Cmd_GIVE}, + {"DONATE", Server_Cmd_DONATE}, + {"ADD", Server_Cmd_ADD}, + {"SET", Server_Cmd_SET}, + {"ENUM_USERS", Server_Cmd_ENUMUSERS}, + {"USER_INFO", Server_Cmd_USERINFO}, + {"USER_ADD", Server_Cmd_USERADD}, + {"USER_FLAGS", Server_Cmd_USERFLAGS} }; -#define NUM_COMMANDS (sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0])) +#define NUM_COMMANDS ((int)(sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))) + +// === GLOBALS === + int giServer_Port = 1020; + int giServer_NextClientID = 1; int giServer_Socket; // === CODE === @@ -121,12 +147,26 @@ void Server_Start(void) uint len = sizeof(client_addr); int bTrusted = 0; + // Accept a connection client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len); if(client_socket < 0) { fprintf(stderr, "ERROR: Unable to accept client connection\n"); return ; } + // Set a timeout on the user conneciton + { + struct timeval tv; + tv.tv_sec = CLIENT_TIMEOUT; + tv.tv_usec = 0; + if( setsockopt(client_socket, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) ) + { + perror("setsockopt"); + return ; + } + } + + // Debug: Print the connection string if(giDebugLevel >= 2) { char ipstr[INET_ADDRSTRLEN]; inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN); @@ -134,6 +174,10 @@ void Server_Start(void) ipstr, ntohs(client_addr.sin_port)); } + // Doesn't matter what, localhost is trusted + if( ntohl( client_addr.sin_addr.s_addr ) == 0x7F000001 ) + bTrusted = 1; + // Trusted Connections if( ntohs(client_addr.sin_port) < 1024 ) { @@ -142,6 +186,7 @@ void Server_Start(void) { case 0x7F000001: // 127.0.0.1 localhost //case 0x825E0D00: // 130.95.13.0 + case 0x825E0D07: // 130.95.13.7 motsugo case 0x825E0D12: // 130.95.13.18 mussel case 0x825E0D17: // 130.95.13.23 martello bTrusted = 1; @@ -175,11 +220,15 @@ void Server_HandleClient(int Socket, int bTrusted) char *buf = inbuf; int remspace = INPUT_BUFFER_SIZE-1; int bytes = -1; - tClient clientInfo = {0}; + tClient clientInfo; + + memset(&clientInfo, 0, sizeof(clientInfo)); // Initialise Client info + clientInfo.Socket = Socket; clientInfo.ID = giServer_NextClientID ++; clientInfo.bIsTrusted = bTrusted; + clientInfo.EffectiveUID = -1; // Read from client /* @@ -189,6 +238,7 @@ void Server_HandleClient(int Socket, int bTrusted) * it is saved to the beginning of `inbuf` and `buf` is updated to * the end of it. */ + // TODO: Use select() instead (to give a timeout) while( (bytes = recv(Socket, buf, remspace, 0)) > 0 ) { char *eol, *start; @@ -198,12 +248,10 @@ void Server_HandleClient(int Socket, int bTrusted) start = inbuf; while( (eol = strchr(start, '\n')) ) { - char *ret; *eol = '\0'; - ret = Server_ParseClientCommand(&clientInfo, start); - // `ret` is a string on the heap - send(Socket, ret, strlen(ret), 0); - free(ret); + + Server_ParseClientCommand(&clientInfo, start); + start = eol + 1; } @@ -242,10 +290,14 @@ void Server_HandleClient(int Socket, int bTrusted) * \param CommandString Command from client (single line of the command) * \return Heap String to return to the client */ -char *Server_ParseClientCommand(tClient *Client, char *CommandString) +void Server_ParseClientCommand(tClient *Client, char *CommandString) { char *space, *args; int i; + #if 0 + char **argList; + int numArgs = 0; + #endif // Split at first space space = strchr(CommandString, ' '); @@ -255,16 +307,38 @@ char *Server_ParseClientCommand(tClient *Client, char *CommandString) else { *space = '\0'; args = space + 1; + while( *space == ' ' ) space ++; + + #if 0 + // Count arguments + numArgs = 1; + for( i = 0; args[i]; ) + { + while( CommandString[i] != ' ' ) { + if( CommandString[i] == '"' ) { + while( !(CommandString[i] != '\\' CommandString[i+1] == '"' ) ) + i ++; + i ++; + } + i ++; + } + numArgs ++; + while( CommandString[i] == ' ' ) i ++; + } + #endif } + // Find command for( i = 0; i < NUM_COMMANDS; i++ ) { - if(strcmp(CommandString, gaServer_Commands[i].Name) == 0) - return gaServer_Commands[i].Function(Client, args); + if(strcmp(CommandString, gaServer_Commands[i].Name) == 0) { + gaServer_Commands[i].Function(Client, args); + return ; + } } - return strdup("400 Unknown Command\n"); + sendf(Client->Socket, "400 Unknown Command\n"); } // --- @@ -275,13 +349,14 @@ char *Server_ParseClientCommand(tClient *Client, char *CommandString) * * Usage: USER */ -char *Server_Cmd_USER(tClient *Client, char *Args) +void Server_Cmd_USER(tClient *Client, char *Args) { - char *ret; + char *space = strchr(Args, ' '); + if(space) *space = '\0'; // Remove characters after the ' ' // Debug! if( giDebugLevel ) - printf("Client %i authenticating as '%s'\n", Client->ID, Args); + Debug(Client, "Authenticating as '%s'", Args); // Save username if(Client->Username) @@ -301,13 +376,10 @@ char *Server_Cmd_USER(tClient *Client, char *Args) Client->Salt[7] = 0x21 + (rand()&0x3F); // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA]) - // "100 Salt xxxxXXXX\n" - ret = strdup("100 SALT xxxxXXXX\n"); - sprintf(ret, "100 SALT %s\n", Client->Salt); + sendf(Client->Socket, "100 SALT %s\n", Client->Salt); #else - ret = strdup("100 User Set\n"); + sendf(Client->Socket, "100 User Set\n"); #endif - return ret; } /** @@ -315,31 +387,21 @@ char *Server_Cmd_USER(tClient *Client, char *Args) * * Usage: PASS */ -char *Server_Cmd_PASS(tClient *Client, char *Args) +void Server_Cmd_PASS(tClient *Client, char *Args) { - uint8_t clienthash[HASH_LENGTH] = {0}; - - // Read user's hash - HexBin(clienthash, Args, HASH_LENGTH); - - // TODO: Decrypt password passed + char *space = strchr(Args, ' '); + if(space) *space = '\0'; // Remove characters after the ' ' - Client->UID = GetUserAuth(Client->Salt, Client->Username, clienthash); + // Pass on to cokebank + Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, Args); if( Client->UID != -1 ) { Client->bIsAuthed = 1; - return strdup("200 Auth OK\n"); - } - - if( giDebugLevel ) { - int i; - printf("Client %i: Password hash ", Client->ID); - for(i=0;iSocket, "200 Auth OK\n"); + return ; } - return strdup("401 Auth Failure\n"); + sendf(Client->Socket, "401 Auth Failure\n"); } /** @@ -347,60 +409,112 @@ char *Server_Cmd_PASS(tClient *Client, char *Args) * * Usage: AUTOAUTH */ -char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args) +void Server_Cmd_AUTOAUTH(tClient *Client, char *Args) { - char *spos = strchr(Args, ' '); - if(spos) *spos = '\0'; // Remove characters after the ' ' + char *space = strchr(Args, ' '); + if(space) *space = '\0'; // Remove characters after the ' ' // Check if trusted if( !Client->bIsTrusted ) { if(giDebugLevel) - printf("Client %i: Untrusted client attempting to AUTOAUTH\n", Client->ID); - return strdup("401 Untrusted\n"); + Debug(Client, "Untrusted client attempting to AUTOAUTH"); + sendf(Client->Socket, "401 Untrusted\n"); + return ; } // Get UID - Client->UID = GetUserID( Args ); + Client->UID = Bank_GetAcctByName( Args ); if( Client->UID < 0 ) { if(giDebugLevel) - printf("Client %i: Unknown user '%s'\n", Client->ID, Args); - return strdup("401 Auth Failure\n"); + Debug(Client, "Unknown user '%s'", Args); + sendf(Client->Socket, "401 Auth Failure\n"); + return ; } + // You can't be an internal account + if( Bank_GetFlags(Client->UID) & USER_FLAG_INTERNAL ) { + Client->UID = -1; + sendf(Client->Socket, "401 Auth Failure\n"); + return ; + } + + Client->bIsAuthed = 1; + if(giDebugLevel) - printf("Client %i: Authenticated as '%s' (%i)\n", Client->ID, Args, Client->UID); + Debug(Client, "Auto authenticated as '%s' (%i)", Args, Client->UID); - return strdup("200 Auth OK\n"); + sendf(Client->Socket, "200 Auth OK\n"); } /** - * \brief Enumerate the items that the server knows about + * \brief Set effective user */ -char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args) +void Server_Cmd_SETEUSER(tClient *Client, char *Args) { -// int nItems = giNumItems; - int retLen; - int i; - char *ret; - - retLen = snprintf(NULL, 0, "201 Items %i", giNumItems); + char *space; + + space = strchr(Args, ' '); + + if(space) *space = '\0'; + + if( !strlen(Args) ) { + sendf(Client->Socket, "407 SETEUSER expects an argument\n"); + return ; + } - for( i = 0; i < giNumItems; i ++ ) - { - retLen += snprintf(NULL, 0, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID); + // Check user permissions + if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) { + sendf(Client->Socket, "403 Not in coke\n"); + return ; + } + + // Set id + Client->EffectiveUID = Bank_GetAcctByName(Args); + if( Client->EffectiveUID == -1 ) { + sendf(Client->Socket, "404 User not found\n"); + return ; } + + // You can't be an internal account + if( Bank_GetFlags(Client->EffectiveUID) & USER_FLAG_INTERNAL ) { + Client->EffectiveUID = -1; + sendf(Client->Socket, "404 User not found\n"); + return ; + } + + sendf(Client->Socket, "200 User set\n"); +} - ret = malloc(retLen+1); - retLen = 0; - retLen += sprintf(ret+retLen, "201 Items %i", giNumItems); +/** + * \brief Enumerate the items that the server knows about + */ +void Server_Cmd_ENUMITEMS(tClient *Client, char *Args) +{ + int i, count; + if( Args != NULL && strlen(Args) ) { + sendf(Client->Socket, "407 ENUM_ITEMS takes no arguments\n"); + return ; + } + + // Count shown items + count = 0; for( i = 0; i < giNumItems; i ++ ) { - retLen += sprintf(ret+retLen, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID); + if( gaItems[i].bHidden ) continue; + count ++; } - strcat(ret, "\n"); + sendf(Client->Socket, "201 Items %i\n", count); - return ret; + for( i = 0; i < giNumItems; i ++ ) { + if( gaItems[i].bHidden ) continue; + sendf(Client->Socket, + "202 Item %s:%i %i %s\n", + gaItems[i].Handler->Name, gaItems[i].ID, gaItems[i].Price, gaItems[i].Name + ); + } + + sendf(Client->Socket, "200 List end\n"); } tItem *_GetItemFromString(char *String) @@ -443,195 +557,730 @@ tItem *_GetItemFromString(char *String) /** * \brief Fetch information on a specific item */ -char *Server_Cmd_ITEMINFO(tClient *Client, char *Args) +void Server_Cmd_ITEMINFO(tClient *Client, char *Args) { - int retLen = 0; - char *ret; tItem *item = _GetItemFromString(Args); if( !item ) { - return strdup("406 Bad Item ID\n"); + sendf(Client->Socket, "406 Bad Item ID\n"); + return ; } - - // Create return - retLen = snprintf(NULL, 0, "202 Item %s:%i %i %s\n", - item->Handler->Name, item->ID, item->Price, item->Name); - ret = malloc(retLen+1); - sprintf(ret, "202 Item %s:%i %i %s\n", - item->Handler->Name, item->ID, item->Price, item->Name); - - return ret; + + sendf(Client->Socket, + "202 Item %s:%i %i %s\n", + item->Handler->Name, item->ID, item->Price, item->Name + ); } -char *Server_Cmd_DISPENSE(tClient *Client, char *Args) +void Server_Cmd_DISPENSE(tClient *Client, char *Args) { tItem *item; int ret; - if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n"); + int uid; + + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } item = _GetItemFromString(Args); if( !item ) { - return strdup("406 Bad Item ID\n"); + sendf(Client->Socket, "406 Bad Item ID\n"); + return ; + } + + if( Client->EffectiveUID != -1 ) { + uid = Client->EffectiveUID; + } + else { + uid = Client->UID; } - switch( ret = DispenseItem( Client->UID, item ) ) + switch( ret = DispenseItem( Client->UID, uid, item ) ) { - case 0: return strdup("200 Dispense OK\n"); - case 1: return strdup("501 Unable to dispense\n"); - case 2: return strdup("402 Poor You\n"); + case 0: sendf(Client->Socket, "200 Dispense OK\n"); return ; + case 1: sendf(Client->Socket, "501 Unable to dispense\n"); return ; + case 2: sendf(Client->Socket, "402 Poor You\n"); return ; default: - return strdup("500 Dispense Error\n"); + sendf(Client->Socket, "500 Dispense Error\n"); + return ; } } -char *Server_Cmd_GIVE(tClient *Client, char *Args) +void Server_Cmd_GIVE(tClient *Client, char *Args) { char *recipient, *ammount, *reason; int uid, iAmmount; + int thisUid; - if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n"); + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } recipient = Args; ammount = strchr(Args, ' '); - if( !ammount ) return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n"); + if( !ammount ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n"); + return ; + } *ammount = '\0'; ammount ++; reason = strchr(ammount, ' '); - if( !reason ) return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n"); + if( !reason ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n"); + return ; + } *reason = '\0'; reason ++; // Get recipient - uid = GetUserID(recipient); - if( uid == -1 ) return strdup("404 Invalid target user"); + uid = Bank_GetAcctByName(recipient); + if( uid == -1 ) { + sendf(Client->Socket, "404 Invalid target user\n"); + return ; + } + + // You can't alter an internal account + if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) { + sendf(Client->Socket, "404 Invalid target user\n"); + return ; + } // Parse ammount iAmmount = atoi(ammount); - if( iAmmount <= 0 ) return strdup("407 Invalid Argument, ammount must be > zero\n"); + if( iAmmount <= 0 ) { + sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n"); + return ; + } + + if( Client->EffectiveUID != -1 ) { + thisUid = Client->EffectiveUID; + } + else { + thisUid = Client->UID; + } // Do give - switch( Transfer(Client->UID, uid, iAmmount, reason) ) + switch( DispenseGive(Client->UID, thisUid, uid, iAmmount, reason) ) { case 0: - return strdup("200 Give OK\n"); + sendf(Client->Socket, "200 Give OK\n"); + return ; + case 2: + sendf(Client->Socket, "402 Poor You\n"); + return ; default: - return strdup("402 Poor You\n"); + sendf(Client->Socket, "500 Unknown error\n"); + return ; } } -/** - * \brief Authenticate a user - * \return User ID, or -1 if authentication failed - */ -int GetUserAuth(const char *Salt, const char *Username, const uint8_t *ProvidedHash) +void Server_Cmd_DONATE(tClient *Client, char *Args) { - #if 0 - uint8_t h[20]; - int ofs = strlen(Username) + strlen(Salt); - char input[ ofs + 40 + 1]; - char tmp[4 + strlen(Username) + 1]; // uid=%s - #endif + char *ammount, *reason; + int iAmmount; + int thisUid; - #if HACK_TPG_NOAUTH - if( strcmp(Username, "tpg") == 0 ) - return GetUserID("tpg"); - #endif + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } + + ammount = Args; + + // Get the start of the reason + reason = strchr(Args, ' '); + if( !ammount ) { + sendf(Client->Socket, "407 Invalid Argument, expected 2 parameters, 1 encountered\n"); + return ; + } + *reason = '\0'; + reason ++; - #if 0 - // - strcpy(input, Username); - strcpy(input, Salt); - // TODO: Get user's SHA-1 hash - sprintf(tmp, "uid=%s", Username); - ldap_search_s(ld, "", LDAP_SCOPE_BASE, tmp, "userPassword", 0, res); - - sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", - h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9], - h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19] - ); - // Then create the hash from the provided salt - // Compare that with the provided hash - #endif + // Check the end of the reason + if( strchr(reason, ' ') ) { + sendf(Client->Socket, "407 Invalid Argument, expected 2 parameters, more encountered\n"); + return ; + } + + // Parse ammount + iAmmount = atoi(ammount); + if( iAmmount <= 0 ) { + sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n"); + return ; + } - return -1; + // Handle effective users + if( Client->EffectiveUID != -1 ) { + thisUid = Client->EffectiveUID; + } + else { + thisUid = Client->UID; + } + + // Do give + switch( DispenseDonate(Client->UID, thisUid, iAmmount, reason) ) + { + case 0: + sendf(Client->Socket, "200 Give OK\n"); + return ; + case 2: + sendf(Client->Socket, "402 Poor You\n"); + return ; + default: + sendf(Client->Socket, "500 Unknown error\n"); + return ; + } } -// --- INTERNAL HELPERS --- -// TODO: Move to another file -void HexBin(uint8_t *Dest, char *Src, int BufSize) +void Server_Cmd_ADD(tClient *Client, char *Args) { - int i; - for( i = 0; i < BufSize; i ++ ) + char *user, *ammount, *reason; + int uid, iAmmount; + + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } + + user = Args; + + ammount = strchr(Args, ' '); + if( !ammount ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n"); + return ; + } + *ammount = '\0'; + ammount ++; + + reason = strchr(ammount, ' '); + if( !reason ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n"); + return ; + } + *reason = '\0'; + reason ++; + + // Check user permissions + if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) { + sendf(Client->Socket, "403 Not in coke\n"); + return ; + } + + // Get recipient + uid = Bank_GetAcctByName(user); + if( uid == -1 ) { + sendf(Client->Socket, "404 Invalid user\n"); + return ; + } + + // You can't alter an internal account + if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) { + sendf(Client->Socket, "404 Invalid user\n"); + return ; + } + + // Parse ammount + iAmmount = atoi(ammount); + if( iAmmount == 0 && ammount[0] != '0' ) { + sendf(Client->Socket, "407 Invalid Argument\n"); + return ; + } + + // Do give + switch( DispenseAdd(Client->UID, uid, iAmmount, reason) ) { - uint8_t val = 0; + case 0: + sendf(Client->Socket, "200 Add OK\n"); + return ; + case 2: + sendf(Client->Socket, "402 Poor Guy\n"); + return ; + default: + sendf(Client->Socket, "500 Unknown error\n"); + return ; + } +} + +void Server_Cmd_SET(tClient *Client, char *Args) +{ + char *user, *ammount, *reason; + int uid, iAmmount; + + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } + + user = Args; + + ammount = strchr(Args, ' '); + if( !ammount ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n"); + return ; + } + *ammount = '\0'; + ammount ++; + + reason = strchr(ammount, ' '); + if( !reason ) { + sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n"); + return ; + } + *reason = '\0'; + reason ++; + + // Check user permissions + if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) { + sendf(Client->Socket, "403 Not an admin\n"); + return ; + } + + // Get recipient + uid = Bank_GetAcctByName(user); + if( uid == -1 ) { + sendf(Client->Socket, "404 Invalid user\n"); + return ; + } + + // You can't alter an internal account + if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) { + sendf(Client->Socket, "404 Invalid user\n"); + return ; + } + + // Parse ammount + iAmmount = atoi(ammount); + if( iAmmount == 0 && ammount[0] != '0' ) { + sendf(Client->Socket, "407 Invalid Argument\n"); + return ; + } + + // Do give + switch( DispenseSet(Client->UID, uid, iAmmount, reason) ) + { + case 0: + sendf(Client->Socket, "200 Add OK\n"); + return ; + case 2: + sendf(Client->Socket, "402 Poor Guy\n"); + return ; + default: + sendf(Client->Socket, "500 Unknown error\n"); + return ; + } +} + +void Server_Cmd_ENUMUSERS(tClient *Client, char *Args) +{ + int i, numRet = 0; + tAcctIterator *it; + int maxBal = INT_MAX, minBal = INT_MIN; + int flagMask = 0, flagVal = 0; + int sort = BANK_ITFLAG_SORT_NAME; + time_t lastSeenAfter=0, lastSeenBefore=0; + + int flags; // Iterator flags + int balValue; // Balance value for iterator + time_t timeValue; // Time value for iterator + + // Parse arguments + if( Args && strlen(Args) ) + { + char *space = Args, *type, *val; + do + { + type = space; + // Get next space + space = strchr(space, ' '); + if(space) *space = '\0'; + + // Get type + val = strchr(type, ':'); + if( val ) { + *val = '\0'; + val ++; + + // Types + // - Minium Balance + if( strcmp(type, "min_balance") == 0 ) { + minBal = atoi(val); + } + // - Maximum Balance + else if( strcmp(type, "max_balance") == 0 ) { + maxBal = atoi(val); + } + // - Flags + else if( strcmp(type, "flags") == 0 ) { + if( Server_int_ParseFlags(Client, val, &flagMask, &flagVal) ) + return ; + } + // - Last seen before timestamp + else if( strcmp(type, "last_seen_before") == 0 ) { + lastSeenAfter = atoll(val); + } + // - Last seen after timestamp + else if( strcmp(type, "last_seen_after") == 0 ) { + lastSeenAfter = atoll(val); + } + // - Sorting + else if( strcmp(type, "sort") == 0 ) { + char *dash = strchr(val, '-'); + if( dash ) { + *dash = '\0'; + dash ++; + } + if( strcmp(val, "name") == 0 ) { + sort = BANK_ITFLAG_SORT_NAME; + } + else if( strcmp(val, "balance") == 0 ) { + sort = BANK_ITFLAG_SORT_BAL; + } + else if( strcmp(val, "lastseen") == 0 ) { + sort = BANK_ITFLAG_SORT_LASTSEEN; + } + else { + sendf(Client->Socket, "407 Unknown sort field ('%s')\n", val); + return ; + } + // Handle sort direction + if( dash ) { + if( strcmp(dash, "desc") == 0 ) { + sort |= BANK_ITFLAG_REVSORT; + } + else { + sendf(Client->Socket, "407 Unknown sort direction '%s'\n", dash); + return ; + } + dash[-1] = '-'; + } + } + else { + sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s:%s'\n", type, val); + return ; + } + + val[-1] = ':'; + } + else { + sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s'\n", type); + return ; + } + + // Eat whitespace + if( space ) { + *space = ' '; // Repair (to be nice) + space ++; + while(*space == ' ') space ++; + } + } while(space); + } + + // Create iterator + if( maxBal != INT_MAX ) { + flags = sort|BANK_ITFLAG_MAXBALANCE; + balValue = maxBal; + } + else if( minBal != INT_MIN ) { + flags = sort|BANK_ITFLAG_MINBALANCE; + balValue = minBal; + } + else { + flags = sort; + balValue = 0; + } + if( lastSeenBefore ) { + timeValue = lastSeenBefore; + flags |= BANK_ITFLAG_SEENBEFORE; + } + else if( lastSeenAfter ) { + timeValue = lastSeenAfter; + flags |= BANK_ITFLAG_SEENAFTER; + } + else { + timeValue = 0; + } + it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue); + + // Get return number + while( (i = Bank_IteratorNext(it)) != -1 ) + { + int bal = Bank_GetBalance(i); - if('0' <= *Src && *Src <= '9') - val |= (*Src-'0') << 4; - else if('A' <= *Src && *Src <= 'F') - val |= (*Src-'A'+10) << 4; - else if('a' <= *Src && *Src <= 'f') - val |= (*Src-'a'+10) << 4; - else - break; - Src ++; + if( bal == INT_MIN ) continue; - if('0' <= *Src && *Src <= '9') - val |= (*Src-'0'); - else if('A' <= *Src && *Src <= 'F') - val |= (*Src-'A'+10); - else if('a' <= *Src && *Src <= 'f') - val |= (*Src-'a'+10); - else - break; - Src ++; + if( bal < minBal ) continue; + if( bal > maxBal ) continue; - Dest[i] = val; + numRet ++; } - for( ; i < BufSize; i++ ) - Dest[i] = 0; + + Bank_DelIterator(it); + + // Send count + sendf(Client->Socket, "201 Users %i\n", numRet); + + + // Create iterator + it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue); + + while( (i = Bank_IteratorNext(it)) != -1 ) + { + int bal = Bank_GetBalance(i); + + if( bal == INT_MIN ) continue; + + if( bal < minBal ) continue; + if( bal > maxBal ) continue; + + _SendUserInfo(Client, i); + } + + Bank_DelIterator(it); + + sendf(Client->Socket, "200 List End\n"); } -/** - * \brief Decode a Base64 value - */ -int UnBase64(uint8_t *Dest, char *Src, int BufSize) +void Server_Cmd_USERINFO(tClient *Client, char *Args) { - uint32_t val; - int i, j; - char *start_src = Src; + int uid; + char *user = Args; + char *space; + + space = strchr(user, ' '); + if(space) *space = '\0'; + + if( giDebugLevel ) Debug(Client, "User Info '%s'", user); + + // Get recipient + uid = Bank_GetAcctByName(user); + + if( giDebugLevel >= 2 ) Debug(Client, "uid = %i", uid); + if( uid == -1 ) { + sendf(Client->Socket, "404 Invalid user\n"); + return ; + } + + _SendUserInfo(Client, uid); +} + +void _SendUserInfo(tClient *Client, int UserID) +{ + char *type, *disabled="", *door=""; + int flags = Bank_GetFlags(UserID); + + if( flags & USER_FLAG_INTERNAL ) { + type = "internal"; + } + else if( flags & USER_FLAG_COKE ) { + if( flags & USER_FLAG_ADMIN ) + type = "coke,admin"; + else + type = "coke"; + } + else if( flags & USER_FLAG_ADMIN ) { + type = "admin"; + } + else { + type = "user"; + } + + if( flags & USER_FLAG_DISABLED ) + disabled = ",disabled"; + if( flags & USER_FLAG_DOORGROUP ) + door = ",door"; + + // TODO: User flags/type + sendf( + Client->Socket, "202 User %s %i %s%s%s\n", + Bank_GetAcctName(UserID), Bank_GetBalance(UserID), + type, disabled, door + ); +} + +void Server_Cmd_USERADD(tClient *Client, char *Args) +{ + char *username, *space; + + // Check permissions + if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) { + sendf(Client->Socket, "403 Not a coke admin\n"); + return ; + } + + // Read arguments + username = Args; + while( *username == ' ' ) username ++; + space = strchr(username, ' '); + if(space) *space = '\0'; + + // Try to create user + if( Bank_CreateAcct(username) == -1 ) { + sendf(Client->Socket, "404 User exists\n"); + return ; + } - for( i = 0; i+2 < BufSize; i += 3 ) { - val = 0; - for( j = 0; j < 4; j++, Src ++ ) { - if('A' <= *Src && *Src <= 'Z') - val |= (*Src - 'A') << ((3-j)*6); - else if('a' <= *Src && *Src <= 'z') - val |= (*Src - 'a' + 26) << ((3-j)*6); - else if('0' <= *Src && *Src <= '9') - val |= (*Src - '0' + 52) << ((3-j)*6); - else if(*Src == '+') - val |= 62 << ((3-j)*6); - else if(*Src == '/') - val |= 63 << ((3-j)*6); - else if(!*Src) - break; - else if(*Src != '=') - j --; // Ignore invalid characters - } - Dest[i ] = (val >> 16) & 0xFF; - Dest[i+1] = (val >> 8) & 0xFF; - Dest[i+2] = val & 0xFF; - if(j != 4) break; + char *thisName = Bank_GetAcctName(Client->UID); + Log_Info("Account '%s' created by '%s'", username, thisName); + free(thisName); + } + + sendf(Client->Socket, "200 User Added\n"); +} + +void Server_Cmd_USERFLAGS(tClient *Client, char *Args) +{ + char *username, *flags; + char *space; + int mask=0, value=0; + int uid; + + // Check permissions + if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) { + sendf(Client->Socket, "403 Not a coke admin\n"); + return ; + } + + // Read arguments + // - Username + username = Args; + while( *username == ' ' ) username ++; + space = strchr(username, ' '); + if(!space) { + sendf(Client->Socket, "407 USER_FLAGS requires 2 arguments, 1 given\n"); + return ; } + *space = '\0'; + // - Flags + flags = space + 1; + while( *flags == ' ' ) flags ++; + space = strchr(flags, ' '); + if(space) *space = '\0'; - // Finish things off - if(i < BufSize) - Dest[i] = (val >> 16) & 0xFF; - if(i+1 < BufSize) - Dest[i+1] = (val >> 8) & 0xFF; + // Get UID + uid = Bank_GetAcctByName(username); + if( uid == -1 ) { + sendf(Client->Socket, "404 User '%s' not found\n", username); + return ; + } + + // Parse flags + if( Server_int_ParseFlags(Client, flags, &mask, &value) ) + return ; + + if( giDebugLevel ) + Debug(Client, "Set %i(%s) flags to %x (masked %x)\n", + uid, username, mask, value); + + // Apply flags + Bank_SetFlags(uid, mask, value); + + // Return OK + sendf(Client->Socket, "200 User Updated\n"); +} + +// --- INTERNAL HELPERS --- +void Debug(tClient *Client, const char *Format, ...) +{ + va_list args; + //printf("%010i [%i] ", (int)time(NULL), Client->ID); + printf("[%i] ", Client->ID); + va_start(args, Format); + vprintf(Format, args); + va_end(args); + printf("\n"); +} + +int sendf(int Socket, const char *Format, ...) +{ + va_list args; + int len; + + va_start(args, Format); + len = vsnprintf(NULL, 0, Format, args); + va_end(args); + + { + char buf[len+1]; + va_start(args, Format); + vsnprintf(buf, len+1, Format, args); + va_end(args); + + #if DEBUG_TRACE_CLIENT + printf("sendf: %s", buf); + #endif + + return send(Socket, buf, len, 0); + } +} + +int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value) +{ + struct { + const char *Name; + int Mask; + int Value; + } cFLAGS[] = { + {"disabled", USER_FLAG_DISABLED, USER_FLAG_DISABLED} + ,{"door", USER_FLAG_DOORGROUP, USER_FLAG_DOORGROUP} + ,{"coke", USER_FLAG_COKE, USER_FLAG_COKE} + ,{"admin", USER_FLAG_ADMIN, USER_FLAG_ADMIN} + ,{"internal", USER_FLAG_INTERNAL, USER_FLAG_INTERNAL} + }; + const int ciNumFlags = sizeof(cFLAGS)/sizeof(cFLAGS[0]); + + char *space; + + *Mask = 0; + *Value = 0; + + do { + int bRemove = 0; + int i; + int len; + + while( *Str == ' ' ) Str ++; // Eat whitespace + space = strchr(Str, ','); // Find the end of the flag + if(space) + len = space - Str; + else + len = strlen(Str); + + // Check for inversion/removal + if( *Str == '!' || *Str == '-' ) { + bRemove = 1; + Str ++; + } + else if( *Str == '+' ) { + Str ++; + } + + // Check flag values + for( i = 0; i < ciNumFlags; i ++ ) + { + if( strncmp(Str, cFLAGS[i].Name, len) == 0 ) { + *Mask |= cFLAGS[i].Mask; + *Value &= ~cFLAGS[i].Mask; + if( !bRemove ) + *Value |= cFLAGS[i].Value; + break; + } + } + + // Error check + if( i == ciNumFlags ) { + char val[len+1]; + strncpy(val, Str, len+1); + sendf(Client->Socket, "407 Unknown flag value '%s'\n", val); + return -1; + } + + Str = space + 1; + } while(space); - return Src - start_src; + return 0; }