Cleaning up

- Fixed autoauth
- Removed debug manual auth hack
- Fixed server argument parsing
- Disabled negative

diff --git a/src/client/main.c b/src/client/main.c
index 9b0f746..46e1259 100644 (file)
--- a/src/client/main.c
+++ b/src/client/main.c
@@ -27,6 +27,7 @@
 
 #define        USE_NCURSES_INTERFACE   0
 #define DEBUG_TRACE_SERVER     0
+#define USE_AUTOAUTH   1
 
 // === TYPES ===
 typedef struct sItem {
@@ -65,7 +66,7 @@ char  *trim(char *string);
 void   CompileRegex(regex_t *regex, const char *pattern, int flags);
 
 // === GLOBALS ===
-char   *gsDispenseServer = "localhost";
+char   *gsDispenseServer = "heathred";
  int   giDispensePort = 11020;
 
 tItem  *gaItems;
@@ -678,16 +679,24 @@ int OpenConnection(const char *Host, int Port)
                return -1;
        }
        
-       #if USE_AUTOAUTH
+       if( geteuid() == 0 )
        {
+                int    i;
                struct sockaddr_in      localAddr;
                memset(&localAddr, 0, sizeof(localAddr));
                localAddr.sin_family = AF_INET; // IPv4
-               localAddr.sin_port = 1023;      // IPv4
-               // Attempt to bind to low port for autoauth
-               bind(sock, &localAddr, sizeof(localAddr));
+               
+               // Loop through all the top ports until one is avaliable
+               for( i = 1001; i < 1024; i ++)
+               {
+                       localAddr.sin_port = htons(i);  // IPv4
+                       // Attempt to bind to low port for autoauth
+                       if( bind(sock, (struct sockaddr*)&localAddr, sizeof(localAddr)) == 0 )
+                               break;
+               }
+               if( i == 1024 )
+                       printf("Warning: AUTOAUTH unavaliable\n");
        }
-       #endif
        
        if( connect(sock, (struct sockaddr *) &serverAddr, sizeof(serverAddr)) < 0 ) {
                fprintf(stderr, "Failed to connect to server\n");

diff --git a/src/cokebank_sqlite/main.c b/src/cokebank_sqlite/main.c
index ef87b7b..c386ee9 100644 (file)
--- a/src/cokebank_sqlite/main.c
+++ b/src/cokebank_sqlite/main.c
@@ -456,7 +456,7 @@ int Bank_GetUserAuth(const char *Salt, const char *Username, const char *Passwor
 {
        Salt = Password = Username;     // Shut up GCC
        // DEBUG HACKS!
-       #if 1
+       #if 0
        return Bank_GetAcctByName(Username);
        #else
        return -1;

diff --git a/src/server/dispense.c b/src/server/dispense.c
index c631bed..3fb5652 100644 (file)
--- a/src/server/dispense.c
+++ b/src/server/dispense.c
@@ -197,10 +197,10 @@ int _GetMinBalance(int Account)
        if( flags & USER_FLAG_INTERNAL )        return INT_MIN;
        
        // Admin to -$10
-       if( flags & USER_FLAG_ADMIN )   return -1000;
+       //if( flags & USER_FLAG_ADMIN ) return -1000;
        
        // Coke to -$5
-       if( flags & USER_FLAG_COKE )    return -500;
+       //if( flags & USER_FLAG_COKE )  return -500;
        
        // Anyone else, non-negative
        return 0;

diff --git a/src/server/server.c b/src/server/server.c
index cd69224..04f1c39 100644 (file)
--- a/src/server/server.c
+++ b/src/server/server.c
@@ -70,8 +70,9 @@ void  Server_Cmd_USERADD(tClient *Client, char *Args);
 void   Server_Cmd_USERFLAGS(tClient *Client, char *Args);
 // --- Helpers ---
 void   Debug(tClient *Client, const char *Format, ...);
- int   Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value);
  int   sendf(int Socket, const char *Format, ...);
+ int   Server_int_ParseArgs(int bUseLongArg, char *ArgStr, ...);
+ int   Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value);
 
 // === CONSTANTS ===
 // - Commands
@@ -185,8 +186,9 @@ void Server_Start(void)
                        switch( ntohl( client_addr.sin_addr.s_addr ) )
                        {
                        case 0x7F000001:        // 127.0.0.1    localhost
-                       //case 0x825E0D00:      // 130.95.13.0
+               //      case 0x825E0D00:        // 130.95.13.0
                        case 0x825E0D07:        // 130.95.13.7  motsugo
+                       case 0x825E0D11:        // 130.95.13.17 mermaid
                        case 0x825E0D12:        // 130.95.13.18 mussel
                        case 0x825E0D17:        // 130.95.13.23 martello
                                bTrusted = 1;
@@ -292,40 +294,17 @@ void Server_HandleClient(int Socket, int bTrusted)
  */
 void Server_ParseClientCommand(tClient *Client, char *CommandString)
 {
-       char    *space, *args;
+       char    *command, *args;
         int    i;
        #if 0
        char    **argList;
         int    numArgs = 0;
        #endif
        
-       // Split at first space
-       space = strchr(CommandString, ' ');
-       if(space == NULL) {
-               args = NULL;
-       }
-       else {
-               *space = '\0';
-               args = space + 1;
-               while( *space == ' ' )  space ++;
-               
-               #if 0
-               // Count arguments
-               numArgs = 1;
-               for( i = 0; args[i]; )
-               {
-                       while( CommandString[i] != ' ' ) {
-                               if( CommandString[i] == '"' ) {
-                                       while( !(CommandString[i] != '\\' CommandString[i+1] == '"' ) )
-                                               i ++;
-                                       i ++;
-                               }
-                               i ++;
-                       }
-                       numArgs ++;
-                       while( CommandString[i] == ' ' )        i ++;
-               }
-               #endif
+       if( Server_int_ParseArgs(1, CommandString, &command, &args, NULL) )
+       {
+               // Is this an error? (just ignore for now)
+               args = "";
        }
        
        
@@ -351,17 +330,18 @@ void Server_ParseClientCommand(tClient *Client, char *CommandString)
  */
 void Server_Cmd_USER(tClient *Client, char *Args)
 {
-       char    *space = strchr(Args, ' ');
-       if(space)       *space = '\0';  // Remove characters after the ' '
+       char    *username;
+       
+       Server_int_ParseArgs(0, Args, &username, NULL);
        
        // Debug!
        if( giDebugLevel )
-               Debug(Client, "Authenticating as '%s'", Args);
+               Debug(Client, "Authenticating as '%s'", username);
        
        // Save username
        if(Client->Username)
                free(Client->Username);
-       Client->Username = strdup(Args);
+       Client->Username = strdup(username);
        
        #if USE_SALT
        // Create a salt (that changes if the username is changed)
@@ -389,11 +369,12 @@ void Server_Cmd_USER(tClient *Client, char *Args)
  */
 void Server_Cmd_PASS(tClient *Client, char *Args)
 {
-       char    *space = strchr(Args, ' ');
-       if(space)       *space = '\0';  // Remove characters after the ' '
+       char    *passhash;
+       
+       Server_int_ParseArgs(0, Args, &passhash, NULL);
        
        // Pass on to cokebank
-       Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, Args);
+       Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, passhash);
 
        if( Client->UID != -1 ) {
                Client->bIsAuthed = 1;
@@ -411,8 +392,9 @@ void Server_Cmd_PASS(tClient *Client, char *Args)
  */
 void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
 {
-       char    *space = strchr(Args, ' ');
-       if(space)       *space = '\0';  // Remove characters after the ' '
+       char    *username;
+       
+       Server_int_ParseArgs(0, Args, &username, NULL);
        
        // Check if trusted
        if( !Client->bIsTrusted ) {
@@ -423,10 +405,10 @@ void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
        }
        
        // Get UID
-       Client->UID = Bank_GetAcctByName( Args );       
+       Client->UID = Bank_GetAcctByName( username );   
        if( Client->UID < 0 ) {
                if(giDebugLevel)
-                       Debug(Client, "Unknown user '%s'", Args);
+                       Debug(Client, "Unknown user '%s'", username);
                sendf(Client->Socket, "401 Auth Failure\n");
                return ;
        }
@@ -441,7 +423,7 @@ void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
        Client->bIsAuthed = 1;
        
        if(giDebugLevel)
-               Debug(Client, "Auto authenticated as '%s' (%i)", Args, Client->UID);
+               Debug(Client, "Auto authenticated as '%s' (%i)", username, Client->UID);
        
        sendf(Client->Socket, "200 Auth OK\n");
 }
@@ -451,11 +433,9 @@ void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
  */
 void Server_Cmd_SETEUSER(tClient *Client, char *Args)
 {
-       char    *space;
-       
-       space = strchr(Args, ' ');
+       char    *username;
        
-       if(space)       *space = '\0';
+       Server_int_ParseArgs(0, Args, &username, NULL);
        
        if( !strlen(Args) ) {
                sendf(Client->Socket, "407 SETEUSER expects an argument\n");
@@ -469,7 +449,7 @@ void Server_Cmd_SETEUSER(tClient *Client, char *Args)
        }
        
        // Set id
-       Client->EffectiveUID = Bank_GetAcctByName(Args);
+       Client->EffectiveUID = Bank_GetAcctByName(username);
        if( Client->EffectiveUID == -1 ) {
                sendf(Client->Socket, "404 User not found\n");
                return ;
@@ -559,7 +539,14 @@ tItem *_GetItemFromString(char *String)
  */
 void Server_Cmd_ITEMINFO(tClient *Client, char *Args)
 {
-       tItem   *item = _GetItemFromString(Args);
+       tItem   *item;
+       char    *itemname;
+       
+       if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
+               sendf(Client->Socket, "407 ITEMINFO takes 1 argument\n");
+               return ;
+       }
+       item = _GetItemFromString(Args);
        
        if( !item ) {
                sendf(Client->Socket, "406 Bad Item ID\n");
@@ -577,13 +564,19 @@ void Server_Cmd_DISPENSE(tClient *Client, char *Args)
        tItem   *item;
         int    ret;
         int    uid;
+       char    *itemname;
+       
+       if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
+               sendf(Client->Socket, "407 DISPENSE takes only 1 argument\n");
+               return ;
+       }
         
        if( !Client->bIsAuthed ) {
                sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
 
-       item = _GetItemFromString(Args);
+       item = _GetItemFromString(itemname);
        if( !item ) {
                sendf(Client->Socket, "406 Bad Item ID\n");
                return ;
@@ -613,28 +606,16 @@ void Server_Cmd_GIVE(tClient *Client, char *Args)
         int    uid, iAmmount;
         int    thisUid;
        
-       if( !Client->bIsAuthed ) {
-               sendf(Client->Socket, "401 Not Authenticated\n");
-               return ;
-       }
-
-       recipient = Args;
-
-       ammount = strchr(Args, ' ');
-       if( !ammount ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n");
+       // Parse arguments
+       if( Server_int_ParseArgs(1, Args, &recipient, &ammount, &reason, NULL) ) {
+               sendf(Client->Socket, "407 GIVE takes only 3 arguments\n");
                return ;
        }
-       *ammount = '\0';
-       ammount ++;
-
-       reason = strchr(ammount, ' ');
-       if( !reason ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n");
+       // Check for authed
+       if( !Client->bIsAuthed ) {
+               sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
-       *reason = '\0';
-       reason ++;
 
        // Get recipient
        uid = Bank_GetAcctByName(recipient);
@@ -684,25 +665,14 @@ void Server_Cmd_DONATE(tClient *Client, char *Args)
         int    iAmmount;
         int    thisUid;
        
-       if( !Client->bIsAuthed ) {
-               sendf(Client->Socket, "401 Not Authenticated\n");
-               return ;
-       }
-
-       ammount = Args;
-
-       // Get the start of the reason
-       reason = strchr(Args, ' ');
-       if( !ammount ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 2 parameters, 1 encountered\n");
+       // Parse arguments
+       if( Server_int_ParseArgs(1, Args, &ammount, &reason, NULL) ) {
+               sendf(Client->Socket, "407 DONATE takes 2 arguments\n");
                return ;
        }
-       *reason = '\0';
-       reason ++;
        
-       // Check the end of the reason
-       if( strchr(reason, ' ') ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 2 parameters, more encountered\n");
+       if( !Client->bIsAuthed ) {
+               sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
 
@@ -741,28 +711,16 @@ void Server_Cmd_ADD(tClient *Client, char *Args)
        char    *user, *ammount, *reason;
         int    uid, iAmmount;
        
-       if( !Client->bIsAuthed ) {
-               sendf(Client->Socket, "401 Not Authenticated\n");
-               return ;
-       }
-
-       user = Args;
-
-       ammount = strchr(Args, ' ');
-       if( !ammount ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n");
+       // Parse arguments
+       if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
+               sendf(Client->Socket, "407 ADD takes 3 arguments\n");
                return ;
        }
-       *ammount = '\0';
-       ammount ++;
-
-       reason = strchr(ammount, ' ');
-       if( !reason ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n");
+       
+       if( !Client->bIsAuthed ) {
+               sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
-       *reason = '\0';
-       reason ++;
 
        // Check user permissions
        if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN))  ) {
@@ -810,28 +768,16 @@ void Server_Cmd_SET(tClient *Client, char *Args)
        char    *user, *ammount, *reason;
         int    uid, iAmmount;
        
-       if( !Client->bIsAuthed ) {
-               sendf(Client->Socket, "401 Not Authenticated\n");
-               return ;
-       }
-
-       user = Args;
-
-       ammount = strchr(Args, ' ');
-       if( !ammount ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 1 encountered\n");
+       // Parse arguments
+       if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
+               sendf(Client->Socket, "407 SET takes 3 arguments\n");
                return ;
        }
-       *ammount = '\0';
-       ammount ++;
-
-       reason = strchr(ammount, ' ');
-       if( !reason ) {
-               sendf(Client->Socket, "407 Invalid Argument, expected 3 parameters, 2 encountered\n");
+       
+       if( !Client->bIsAuthed ) {
+               sendf(Client->Socket, "401 Not Authenticated\n");
                return ;
        }
-       *reason = '\0';
-       reason ++;
 
        // Check user permissions
        if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN)  ) {
@@ -894,6 +840,7 @@ void Server_Cmd_ENUMUSERS(tClient *Client, char *Args)
                do
                {
                        type = space;
+                       while(*type == ' ')     type ++;
                        // Get next space
                        space = strchr(space, ' ');
                        if(space)       *space = '\0';
@@ -1047,11 +994,13 @@ void Server_Cmd_ENUMUSERS(tClient *Client, char *Args)
 void Server_Cmd_USERINFO(tClient *Client, char *Args)
 {
         int    uid;
-       char    *user = Args;
-       char    *space;
+       char    *user;
        
-       space = strchr(user, ' ');
-       if(space)       *space = '\0';
+       // Parse arguments
+       if( Server_int_ParseArgs(0, Args, &user, NULL) ) {
+               sendf(Client->Socket, "407 USER_INFO takes 1 argument\n");
+               return ;
+       }
        
        if( giDebugLevel )      Debug(Client, "User Info '%s'", user);
        
@@ -1103,7 +1052,13 @@ void _SendUserInfo(tClient *Client, int UserID)
 
 void Server_Cmd_USERADD(tClient *Client, char *Args)
 {
-       char    *username, *space;
+       char    *username;
+       
+       // Parse arguments
+       if( Server_int_ParseArgs(0, Args, &username, NULL) ) {
+               sendf(Client->Socket, "407 USER_ADD takes 1 argument\n");
+               return ;
+       }
        
        // Check permissions
        if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
@@ -1111,12 +1066,6 @@ void Server_Cmd_USERADD(tClient *Client, char *Args)
                return ;
        }
        
-       // Read arguments
-       username = Args;
-       while( *username == ' ' )       username ++;
-       space = strchr(username, ' ');
-       if(space)       *space = '\0';
-       
        // Try to create user
        if( Bank_CreateAcct(username) == -1 ) {
                sendf(Client->Socket, "404 User exists\n");
@@ -1135,31 +1084,20 @@ void Server_Cmd_USERADD(tClient *Client, char *Args)
 void Server_Cmd_USERFLAGS(tClient *Client, char *Args)
 {
        char    *username, *flags;
-       char    *space;
         int    mask=0, value=0;
         int    uid;
        
-       // Check permissions
-       if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
-               sendf(Client->Socket, "403 Not a coke admin\n");
+       // Parse arguments
+       if( Server_int_ParseArgs(0, Args, &username, &flags, NULL) ) {
+               sendf(Client->Socket, "407 USER_FLAGS takes 2 arguments\n");
                return ;
        }
        
-       // Read arguments
-       // - Username
-       username = Args;
-       while( *username == ' ' )       username ++;
-       space = strchr(username, ' ');
-       if(!space) {
-               sendf(Client->Socket, "407 USER_FLAGS requires 2 arguments, 1 given\n");
+       // Check permissions
+       if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
+               sendf(Client->Socket, "403 Not a coke admin\n");
                return ;
        }
-       *space = '\0';
-       // - Flags
-       flags = space + 1;
-       while( *flags == ' ' )  flags ++;
-       space = strchr(flags, ' ');
-       if(space)       *space = '\0';
        
        // Get UID
        uid = Bank_GetAcctByName(username);
@@ -1218,6 +1156,65 @@ int sendf(int Socket, const char *Format, ...)
        }
 }
 
+// Takes a series of char *'s in
+/**
+ * \brief Parse space-separated entries into 
+ */
+int Server_int_ParseArgs(int bUseLongLast, char *ArgStr, ...)
+{
+       va_list args;
+       char    savedChar = *ArgStr;
+       char    **dest;
+       va_start(args, ArgStr);
+       
+       while( (dest = va_arg(args, char **)) )
+       {
+               // Trim leading spaces
+               while( *ArgStr == ' ' || *ArgStr == '\t' )
+                       ArgStr ++;
+               
+               // ... oops, not enough arguments
+               if( *ArgStr == '\0' )
+               {
+                       // NULL unset arguments
+                       do {
+                               *dest = NULL;
+                       }       while( (dest = va_arg(args, char **)) );
+                       return -1;
+               }
+               
+               // Set destination
+               *dest = ArgStr;
+               
+               if( *ArgStr == '"' )
+               {
+                       // Read until quote
+                       while( *ArgStr && *ArgStr != '"' )
+                               ArgStr ++;
+               }
+               else
+               {
+                       // Read until a space
+                       while( *ArgStr && *ArgStr != ' ' && *ArgStr != '\t' )
+                               ArgStr ++;
+               }
+               savedChar = *ArgStr;    // savedChar is used to un-mangle the last string
+               *ArgStr = '\0';
+       }
+       
+       // Oops, extra arguments, and greedy not set
+       if( savedChar == ' ' && bUseLongLast )
+               return -1;
+       
+       // Un-mangle last
+       if(bUseLongLast)
+               *ArgStr = savedChar;
+       
+       va_end(args);
+       
+       return 0;       // Success!
+}
+
 int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value)
 {
        struct {