src/server/server.c

   1 /*
   2  * OpenDispense 2
   3  * UCC (University [of WA] Computer Club) Electronic Accounting System
   4  *
   5  * server.c - Client Server Code
   6  *
   7  * This file is licenced under the 3-clause BSD Licence. See the file
   8  * COPYING for full details.
   9  */
  10 #include <stdio.h>
  11 #include <stdlib.h>
  12 #include "common.h"
  13 #include <sys/socket.h>
  14 #include <netinet/in.h>
  15 #include <arpa/inet.h>
  16 #include <unistd.h>
  17 #include <string.h>
  18 #include <limits.h>
  19 #include <stdarg.h>
  20
  21 #define DEBUG_TRACE_CLIENT      0
  22
  23 // Statistics
  24 #define MAX_CONNECTION_QUEUE    5
  25 #define INPUT_BUFFER_SIZE       256
  26 #define CLIENT_TIMEOUT  10      // Seconds
  27
  28 #define HASH_TYPE       SHA1
  29 #define HASH_LENGTH     20
  30
  31 #define MSG_STR_TOO_LONG        "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
  32
  33 // === TYPES ===
  34 typedef struct sClient
  35 {
  36          int    Socket; // Client socket ID
  37          int    ID;     // Client ID
  38
  39          int    bIsTrusted;     // Is the connection from a trusted host/port
  40
  41         char    *Username;
  42         char    Salt[9];
  43
  44          int    UID;
  45          int    EffectiveUID;
  46          int    bIsAuthed;
  47 }       tClient;
  48
  49 // === PROTOTYPES ===
  50 void    Server_Start(void);
  51 void    Server_Cleanup(void);
  52 void    Server_HandleClient(int Socket, int bTrusted);
  53 void    Server_ParseClientCommand(tClient *Client, char *CommandString);
  54 // --- Commands ---
  55 void    Server_Cmd_USER(tClient *Client, char *Args);
  56 void    Server_Cmd_PASS(tClient *Client, char *Args);
  57 void    Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
  58 void    Server_Cmd_SETEUSER(tClient *Client, char *Args);
  59 void    Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
  60 void    Server_Cmd_ITEMINFO(tClient *Client, char *Args);
  61 void    Server_Cmd_DISPENSE(tClient *Client, char *Args);
  62 void    Server_Cmd_GIVE(tClient *Client, char *Args);
  63 void    Server_Cmd_DONATE(tClient *Client, char *Args);
  64 void    Server_Cmd_ADD(tClient *Client, char *Args);
  65 void    Server_Cmd_SET(tClient *Client, char *Args);
  66 void    Server_Cmd_ENUMUSERS(tClient *Client, char *Args);
  67 void    Server_Cmd_USERINFO(tClient *Client, char *Args);
  68 void    _SendUserInfo(tClient *Client, int UserID);
  69 void    Server_Cmd_USERADD(tClient *Client, char *Args);
  70 void    Server_Cmd_USERFLAGS(tClient *Client, char *Args);
  71 // --- Helpers ---
  72 void    Debug(tClient *Client, const char *Format, ...);
  73  int    sendf(int Socket, const char *Format, ...);
  74  int    Server_int_ParseArgs(int bUseLongArg, char *ArgStr, ...);
  75  int    Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value);
  76
  77 // === CONSTANTS ===
  78 // - Commands
  79 const struct sClientCommand {
  80         const char      *Name;
  81         void    (*Function)(tClient *Client, char *Arguments);
  82 }       gaServer_Commands[] = {
  83         {"USER", Server_Cmd_USER},
  84         {"PASS", Server_Cmd_PASS},
  85         {"AUTOAUTH", Server_Cmd_AUTOAUTH},
  86         {"SETEUSER", Server_Cmd_SETEUSER},
  87         {"ENUM_ITEMS", Server_Cmd_ENUMITEMS},
  88         {"ITEM_INFO", Server_Cmd_ITEMINFO},
  89         {"DISPENSE", Server_Cmd_DISPENSE},
  90         {"GIVE", Server_Cmd_GIVE},
  91         {"DONATE", Server_Cmd_DONATE},
  92         {"ADD", Server_Cmd_ADD},
  93         {"SET", Server_Cmd_SET},
  94         {"ENUM_USERS", Server_Cmd_ENUMUSERS},
  95         {"USER_INFO", Server_Cmd_USERINFO},
  96         {"USER_ADD", Server_Cmd_USERADD},
  97         {"USER_FLAGS", Server_Cmd_USERFLAGS}
  98 };
  99 #define NUM_COMMANDS    ((int)(sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0])))
 100
 101 // === GLOBALS ===
 102  int    giServer_Port = 1020;
 103  int    giServer_NextClientID = 1;
 104  int    giServer_Socket;
 105
 106 // === CODE ===
 107 /**
 108  * \brief Open listenting socket and serve connections
 109  */
 110 void Server_Start(void)
 111 {
 112          int    client_socket;
 113         struct sockaddr_in      server_addr, client_addr;
 114
 115         atexit(Server_Cleanup);
 116
 117         // Create Server
 118         giServer_Socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
 119         if( giServer_Socket < 0 ) {
 120                 fprintf(stderr, "ERROR: Unable to create server socket\n");
 121                 return ;
 122         }
 123
 124         // Make listen address
 125         memset(&server_addr, 0, sizeof(server_addr));
 126         server_addr.sin_family = AF_INET;       // Internet Socket
 127         server_addr.sin_addr.s_addr = htonl(INADDR_ANY);        // Listen on all interfaces
 128         server_addr.sin_port = htons(giServer_Port);    // Port
 129
 130         // Bind
 131         if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
 132                 fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port);
 133                 perror("Binding");
 134                 return ;
 135         }
 136
 137         // Listen
 138         if( listen(giServer_Socket, MAX_CONNECTION_QUEUE) < 0 ) {
 139                 fprintf(stderr, "ERROR: Unable to listen to socket\n");
 140                 perror("Listen");
 141                 return ;
 142         }
 143
 144         printf("Listening on 0.0.0.0:%i\n", giServer_Port);
 145
 146         for(;;)
 147         {
 148                 uint    len = sizeof(client_addr);
 149                  int    bTrusted = 0;
 150
 151                 // Accept a connection
 152                 client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len);
 153                 if(client_socket < 0) {
 154                         fprintf(stderr, "ERROR: Unable to accept client connection\n");
 155                         return ;
 156                 }
 157
 158                 // Set a timeout on the user conneciton
 159                 {
 160                         struct timeval tv;
 161                         tv.tv_sec = CLIENT_TIMEOUT;
 162                         tv.tv_usec = 0;
 163                         if( setsockopt(client_socket, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) )
 164                         {
 165                                 perror("setsockopt");
 166                                 return ;
 167                         }
 168                 }
 169
 170                 // Debug: Print the connection string
 171                 if(giDebugLevel >= 2) {
 172                         char    ipstr[INET_ADDRSTRLEN];
 173                         inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN);
 174                         printf("Client connection from %s:%i\n",
 175                                 ipstr, ntohs(client_addr.sin_port));
 176                 }
 177
 178                 // Doesn't matter what, localhost is trusted
 179                 if( ntohl( client_addr.sin_addr.s_addr ) == 0x7F000001 )
 180                         bTrusted = 1;
 181
 182                 // Trusted Connections
 183                 if( ntohs(client_addr.sin_port) < 1024 )
 184                 {
 185                         // TODO: Make this runtime configurable
 186                         switch( ntohl( client_addr.sin_addr.s_addr ) )
 187                         {
 188                         case 0x7F000001:        // 127.0.0.1    localhost
 189                 //      case 0x825E0D00:        // 130.95.13.0
 190                         case 0x825E0D07:        // 130.95.13.7  motsugo
 191                         case 0x825E0D11:        // 130.95.13.17 mermaid
 192                         case 0x825E0D12:        // 130.95.13.18 mussel
 193                         case 0x825E0D17:        // 130.95.13.23 martello
 194                                 bTrusted = 1;
 195                                 break;
 196                         default:
 197                                 break;
 198                         }
 199                 }
 200
 201                 // TODO: Multithread this?
 202                 Server_HandleClient(client_socket, bTrusted);
 203
 204                 close(client_socket);
 205         }
 206 }
 207
 208 void Server_Cleanup(void)
 209 {
 210         printf("Close(%i)\n", giServer_Socket);
 211         close(giServer_Socket);
 212 }
 213
 214 /**
 215  * \brief Reads from a client socket and parses the command strings
 216  * \param Socket        Client socket number/handle
 217  * \param bTrusted      Is the client trusted?
 218  */
 219 void Server_HandleClient(int Socket, int bTrusted)
 220 {
 221         char    inbuf[INPUT_BUFFER_SIZE];
 222         char    *buf = inbuf;
 223          int    remspace = INPUT_BUFFER_SIZE-1;
 224          int    bytes = -1;
 225         tClient clientInfo;
 226
 227         memset(&clientInfo, 0, sizeof(clientInfo));
 228
 229         // Initialise Client info
 230         clientInfo.Socket = Socket;
 231         clientInfo.ID = giServer_NextClientID ++;
 232         clientInfo.bIsTrusted = bTrusted;
 233         clientInfo.EffectiveUID = -1;
 234
 235         // Read from client
 236         /*
 237          * Notes:
 238          * - The `buf` and `remspace` variables allow a line to span several
 239          *   calls to recv(), if a line is not completed in one recv() call
 240          *   it is saved to the beginning of `inbuf` and `buf` is updated to
 241          *   the end of it.
 242          */
 243         // TODO: Use select() instead (to give a timeout)
 244         while( (bytes = recv(Socket, buf, remspace, 0)) > 0 )
 245         {
 246                 char    *eol, *start;
 247                 buf[bytes] = '\0';      // Allow us to use stdlib string functions on it
 248
 249                 // Split by lines
 250                 start = inbuf;
 251                 while( (eol = strchr(start, '\n')) )
 252                 {
 253                         *eol = '\0';
 254
 255                         Server_ParseClientCommand(&clientInfo, start);
 256
 257                         start = eol + 1;
 258                 }
 259
 260                 // Check if there was an incomplete line
 261                 if( *start != '\0' ) {
 262                          int    tailBytes = bytes - (start-buf);
 263                         // Roll back in buffer
 264                         memcpy(inbuf, start, tailBytes);
 265                         remspace -= tailBytes;
 266                         if(remspace == 0) {
 267                                 send(Socket, MSG_STR_TOO_LONG, sizeof(MSG_STR_TOO_LONG), 0);
 268                                 buf = inbuf;
 269                                 remspace = INPUT_BUFFER_SIZE - 1;
 270                         }
 271                 }
 272                 else {
 273                         buf = inbuf;
 274                         remspace = INPUT_BUFFER_SIZE - 1;
 275                 }
 276         }
 277
 278         // Check for errors
 279         if( bytes < 0 ) {
 280                 fprintf(stderr, "ERROR: Unable to recieve from client on socket %i\n", Socket);
 281                 return ;
 282         }
 283
 284         if(giDebugLevel >= 2) {
 285                 printf("Client %i: Disconnected\n", clientInfo.ID);
 286         }
 287 }
 288
 289 /**
 290  * \brief Parses a client command and calls the required helper function
 291  * \param Client        Pointer to client state structure
 292  * \param CommandString Command from client (single line of the command)
 293  * \return Heap String to return to the client
 294  */
 295 void Server_ParseClientCommand(tClient *Client, char *CommandString)
 296 {
 297         char    *command, *args;
 298          int    i;
 299
 300         if( giDebugLevel >= 2 )
 301                 Debug(Client, "Server_ParseClientCommand: (CommandString = '%s')", CommandString);
 302
 303         if( Server_int_ParseArgs(1, CommandString, &command, &args, NULL) )
 304         {
 305                 // Is this an error? (just ignore for now)
 306                 //args = "";
 307         }
 308
 309
 310         // Find command
 311         for( i = 0; i < NUM_COMMANDS; i++ )
 312         {
 313                 if(strcmp(command, gaServer_Commands[i].Name) == 0) {
 314                         if( giDebugLevel >= 2 )
 315                                 Debug(Client, "CMD %s - \"%s\"", command, args);
 316                         gaServer_Commands[i].Function(Client, args);
 317                         return ;
 318                 }
 319         }
 320
 321         sendf(Client->Socket, "400 Unknown Command\n");
 322 }
 323
 324 // ---
 325 // Commands
 326 // ---
 327 /**
 328  * \brief Set client username
 329  *
 330  * Usage: USER <username>
 331  */
 332 void Server_Cmd_USER(tClient *Client, char *Args)
 333 {
 334         char    *username;
 335
 336         Server_int_ParseArgs(0, Args, &username, NULL);
 337
 338         // Debug!
 339         if( giDebugLevel )
 340                 Debug(Client, "Authenticating as '%s'", username);
 341
 342         // Save username
 343         if(Client->Username)
 344                 free(Client->Username);
 345         Client->Username = strdup(username);
 346
 347         #if USE_SALT
 348         // Create a salt (that changes if the username is changed)
 349         // Yes, I know, I'm a little paranoid, but who isn't?
 350         Client->Salt[0] = 0x21 + (rand()&0x3F);
 351         Client->Salt[1] = 0x21 + (rand()&0x3F);
 352         Client->Salt[2] = 0x21 + (rand()&0x3F);
 353         Client->Salt[3] = 0x21 + (rand()&0x3F);
 354         Client->Salt[4] = 0x21 + (rand()&0x3F);
 355         Client->Salt[5] = 0x21 + (rand()&0x3F);
 356         Client->Salt[6] = 0x21 + (rand()&0x3F);
 357         Client->Salt[7] = 0x21 + (rand()&0x3F);
 358
 359         // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
 360         sendf(Client->Socket, "100 SALT %s\n", Client->Salt);
 361         #else
 362         sendf(Client->Socket, "100 User Set\n");
 363         #endif
 364 }
 365
 366 /**
 367  * \brief Authenticate as a user
 368  *
 369  * Usage: PASS <hash>
 370  */
 371 void Server_Cmd_PASS(tClient *Client, char *Args)
 372 {
 373         char    *passhash;
 374
 375         Server_int_ParseArgs(0, Args, &passhash, NULL);
 376
 377         // Pass on to cokebank
 378         Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, passhash);
 379
 380         if( Client->UID != -1 ) {
 381                 Client->bIsAuthed = 1;
 382                 sendf(Client->Socket, "200 Auth OK\n");
 383                 return ;
 384         }
 385
 386         sendf(Client->Socket, "401 Auth Failure\n");
 387 }
 388
 389 /**
 390  * \brief Authenticate as a user without a password
 391  *
 392  * Usage: AUTOAUTH <user>
 393  */
 394 void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
 395 {
 396         char    *username;
 397
 398         if( Server_int_ParseArgs(0, Args, &username, NULL) )
 399         {
 400                 sendf(Client->Socket, "407 AUTOAUTH takes 1 argument\n");
 401                 return ;
 402         }
 403
 404         // Check if trusted
 405         if( !Client->bIsTrusted ) {
 406                 if(giDebugLevel)
 407                         Debug(Client, "Untrusted client attempting to AUTOAUTH");
 408                 sendf(Client->Socket, "401 Untrusted\n");
 409                 return ;
 410         }
 411
 412         // Get UID
 413         Client->UID = Bank_GetAcctByName( username );
 414         if( Client->UID < 0 ) {
 415                 if(giDebugLevel)
 416                         Debug(Client, "Unknown user '%s'", username);
 417                 sendf(Client->Socket, "401 Auth Failure\n");
 418                 return ;
 419         }
 420
 421         // You can't be an internal account
 422         if( Bank_GetFlags(Client->UID) & USER_FLAG_INTERNAL ) {
 423                 if(giDebugLevel)
 424                         Debug(Client, "Autoauth as '%s', not allowed", username);
 425                 Client->UID = -1;
 426                 sendf(Client->Socket, "401 Auth Failure\n");
 427                 return ;
 428         }
 429
 430         Client->bIsAuthed = 1;
 431
 432         if(giDebugLevel)
 433                 Debug(Client, "Auto authenticated as '%s' (%i)", username, Client->UID);
 434
 435         sendf(Client->Socket, "200 Auth OK\n");
 436 }
 437
 438 /**
 439  * \brief Set effective user
 440  */
 441 void Server_Cmd_SETEUSER(tClient *Client, char *Args)
 442 {
 443         char    *username;
 444
 445         Server_int_ParseArgs(0, Args, &username, NULL);
 446
 447         if( !strlen(Args) ) {
 448                 sendf(Client->Socket, "407 SETEUSER expects an argument\n");
 449                 return ;
 450         }
 451
 452         // Check user permissions
 453         if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
 454                 sendf(Client->Socket, "403 Not in coke\n");
 455                 return ;
 456         }
 457
 458         // Set id
 459         Client->EffectiveUID = Bank_GetAcctByName(username);
 460         if( Client->EffectiveUID == -1 ) {
 461                 sendf(Client->Socket, "404 User not found\n");
 462                 return ;
 463         }
 464
 465         // You can't be an internal account
 466         if( Bank_GetFlags(Client->EffectiveUID) & USER_FLAG_INTERNAL ) {
 467                 Client->EffectiveUID = -1;
 468                 sendf(Client->Socket, "404 User not found\n");
 469                 return ;
 470         }
 471
 472         sendf(Client->Socket, "200 User set\n");
 473 }
 474
 475 /**
 476  * \brief Send an item status to the client
 477  * \param Client        Who to?
 478  * \param Item  Item to send
 479  */
 480 void Server_int_SendItem(tClient *Client, tItem *Item)
 481 {
 482         char    *status = "avail";
 483
 484         if( Item->Handler->CanDispense )
 485         {
 486                 switch(Item->Handler->CanDispense(Item->ID, Client->UID))
 487                 {
 488                 case  0:        status = "avail";       break;
 489                 case  1:        status = "sold";        break;
 490                 default:
 491                 case -1:        status = "error";       break;
 492                 }
 493         }
 494
 495         sendf(Client->Socket,
 496                 "202 Item %s:%i %s %i %s\n",
 497                 Item->Handler->Name, Item->ID, status, Item->Price, Item->Name
 498                 );
 499 }
 500
 501 /**
 502  * \brief Enumerate the items that the server knows about
 503  */
 504 void Server_Cmd_ENUMITEMS(tClient *Client, char *Args)
 505 {
 506          int    i, count;
 507
 508         if( Args != NULL && strlen(Args) ) {
 509                 sendf(Client->Socket, "407 ENUM_ITEMS takes no arguments\n");
 510                 return ;
 511         }
 512
 513         // Count shown items
 514         count = 0;
 515         for( i = 0; i < giNumItems; i ++ ) {
 516                 if( gaItems[i].bHidden )        continue;
 517                 count ++;
 518         }
 519
 520         sendf(Client->Socket, "201 Items %i\n", count);
 521
 522         for( i = 0; i < giNumItems; i ++ ) {
 523                 if( gaItems[i].bHidden )        continue;
 524                 Server_int_SendItem( Client, &gaItems[i] );
 525         }
 526
 527         sendf(Client->Socket, "200 List end\n");
 528 }
 529
 530 tItem *_GetItemFromString(char *String)
 531 {
 532         tHandler        *handler;
 533         char    *type = String;
 534         char    *colon = strchr(String, ':');
 535          int    num, i;
 536
 537         if( !colon ) {
 538                 return NULL;
 539         }
 540
 541         num = atoi(colon+1);
 542         *colon = '\0';
 543
 544         // Find handler
 545         handler = NULL;
 546         for( i = 0; i < giNumHandlers; i ++ )
 547         {
 548                 if( strcmp(gaHandlers[i]->Name, type) == 0) {
 549                         handler = gaHandlers[i];
 550                         break;
 551                 }
 552         }
 553         if( !handler ) {
 554                 return NULL;
 555         }
 556
 557         // Find item
 558         for( i = 0; i < giNumItems; i ++ )
 559         {
 560                 if( gaItems[i].Handler != handler )     continue;
 561                 if( gaItems[i].ID != num )      continue;
 562                 return &gaItems[i];
 563         }
 564         return NULL;
 565 }
 566
 567 /**
 568  * \brief Fetch information on a specific item
 569  */
 570 void Server_Cmd_ITEMINFO(tClient *Client, char *Args)
 571 {
 572         tItem   *item;
 573         char    *itemname;
 574
 575         if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
 576                 sendf(Client->Socket, "407 ITEMINFO takes 1 argument\n");
 577                 return ;
 578         }
 579         item = _GetItemFromString(Args);
 580
 581         if( !item ) {
 582                 sendf(Client->Socket, "406 Bad Item ID\n");
 583                 return ;
 584         }
 585
 586         Server_int_SendItem( Client, item );
 587 }
 588
 589 void Server_Cmd_DISPENSE(tClient *Client, char *Args)
 590 {
 591         tItem   *item;
 592          int    ret;
 593          int    uid;
 594         char    *itemname;
 595
 596         if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
 597                 sendf(Client->Socket, "407 DISPENSE takes only 1 argument\n");
 598                 return ;
 599         }
 600
 601         if( !Client->bIsAuthed ) {
 602                 sendf(Client->Socket, "401 Not Authenticated\n");
 603                 return ;
 604         }
 605
 606         item = _GetItemFromString(itemname);
 607         if( !item ) {
 608                 sendf(Client->Socket, "406 Bad Item ID\n");
 609                 return ;
 610         }
 611
 612         if( Client->EffectiveUID != -1 ) {
 613                 uid = Client->EffectiveUID;
 614         }
 615         else {
 616                 uid = Client->UID;
 617         }
 618
 619         switch( ret = DispenseItem( Client->UID, uid, item ) )
 620         {
 621         case 0: sendf(Client->Socket, "200 Dispense OK\n");     return ;
 622         case 1: sendf(Client->Socket, "501 Unable to dispense\n");      return ;
 623         case 2: sendf(Client->Socket, "402 Poor You\n");        return ;
 624         default:
 625                 sendf(Client->Socket, "500 Dispense Error\n");
 626                 return ;
 627         }
 628 }
 629
 630 void Server_Cmd_GIVE(tClient *Client, char *Args)
 631 {
 632         char    *recipient, *ammount, *reason;
 633          int    uid, iAmmount;
 634          int    thisUid;
 635
 636         // Parse arguments
 637         if( Server_int_ParseArgs(1, Args, &recipient, &ammount, &reason, NULL) ) {
 638                 sendf(Client->Socket, "407 GIVE takes only 3 arguments\n");
 639                 return ;
 640         }
 641         // Check for authed
 642         if( !Client->bIsAuthed ) {
 643                 sendf(Client->Socket, "401 Not Authenticated\n");
 644                 return ;
 645         }
 646
 647         // Get recipient
 648         uid = Bank_GetAcctByName(recipient);
 649         if( uid == -1 ) {
 650                 sendf(Client->Socket, "404 Invalid target user\n");
 651                 return ;
 652         }
 653
 654         // You can't alter an internal account
 655         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 656                 sendf(Client->Socket, "404 Invalid target user\n");
 657                 return ;
 658         }
 659
 660         // Parse ammount
 661         iAmmount = atoi(ammount);
 662         if( iAmmount <= 0 ) {
 663                 sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
 664                 return ;
 665         }
 666
 667         if( Client->EffectiveUID != -1 ) {
 668                 thisUid = Client->EffectiveUID;
 669         }
 670         else {
 671                 thisUid = Client->UID;
 672         }
 673
 674         // Do give
 675         switch( DispenseGive(Client->UID, thisUid, uid, iAmmount, reason) )
 676         {
 677         case 0:
 678                 sendf(Client->Socket, "200 Give OK\n");
 679                 return ;
 680         case 2:
 681                 sendf(Client->Socket, "402 Poor You\n");
 682                 return ;
 683         default:
 684                 sendf(Client->Socket, "500 Unknown error\n");
 685                 return ;
 686         }
 687 }
 688
 689 void Server_Cmd_DONATE(tClient *Client, char *Args)
 690 {
 691         char    *ammount, *reason;
 692          int    iAmmount;
 693          int    thisUid;
 694
 695         // Parse arguments
 696         if( Server_int_ParseArgs(1, Args, &ammount, &reason, NULL) ) {
 697                 sendf(Client->Socket, "407 DONATE takes 2 arguments\n");
 698                 return ;
 699         }
 700
 701         if( !Client->bIsAuthed ) {
 702                 sendf(Client->Socket, "401 Not Authenticated\n");
 703                 return ;
 704         }
 705
 706         // Parse ammount
 707         iAmmount = atoi(ammount);
 708         if( iAmmount <= 0 ) {
 709                 sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
 710                 return ;
 711         }
 712
 713         // Handle effective users
 714         if( Client->EffectiveUID != -1 ) {
 715                 thisUid = Client->EffectiveUID;
 716         }
 717         else {
 718                 thisUid = Client->UID;
 719         }
 720
 721         // Do give
 722         switch( DispenseDonate(Client->UID, thisUid, iAmmount, reason) )
 723         {
 724         case 0:
 725                 sendf(Client->Socket, "200 Give OK\n");
 726                 return ;
 727         case 2:
 728                 sendf(Client->Socket, "402 Poor You\n");
 729                 return ;
 730         default:
 731                 sendf(Client->Socket, "500 Unknown error\n");
 732                 return ;
 733         }
 734 }
 735
 736 void Server_Cmd_ADD(tClient *Client, char *Args)
 737 {
 738         char    *user, *ammount, *reason;
 739          int    uid, iAmmount;
 740
 741         // Parse arguments
 742         if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
 743                 sendf(Client->Socket, "407 ADD takes 3 arguments\n");
 744                 return ;
 745         }
 746
 747         if( !Client->bIsAuthed ) {
 748                 sendf(Client->Socket, "401 Not Authenticated\n");
 749                 return ;
 750         }
 751
 752         // Check user permissions
 753         if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN))  ) {
 754                 sendf(Client->Socket, "403 Not in coke\n");
 755                 return ;
 756         }
 757
 758         // Get recipient
 759         uid = Bank_GetAcctByName(user);
 760         if( uid == -1 ) {
 761                 sendf(Client->Socket, "404 Invalid user\n");
 762                 return ;
 763         }
 764
 765         // You can't alter an internal account
 766         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 767                 sendf(Client->Socket, "404 Invalid user\n");
 768                 return ;
 769         }
 770
 771         // Parse ammount
 772         iAmmount = atoi(ammount);
 773         if( iAmmount == 0 && ammount[0] != '0' ) {
 774                 sendf(Client->Socket, "407 Invalid Argument\n");
 775                 return ;
 776         }
 777
 778         // Do give
 779         switch( DispenseAdd(Client->UID, uid, iAmmount, reason) )
 780         {
 781         case 0:
 782                 sendf(Client->Socket, "200 Add OK\n");
 783                 return ;
 784         case 2:
 785                 sendf(Client->Socket, "402 Poor Guy\n");
 786                 return ;
 787         default:
 788                 sendf(Client->Socket, "500 Unknown error\n");
 789                 return ;
 790         }
 791 }
 792
 793 void Server_Cmd_SET(tClient *Client, char *Args)
 794 {
 795         char    *user, *ammount, *reason;
 796          int    uid, iAmmount;
 797
 798         // Parse arguments
 799         if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
 800                 sendf(Client->Socket, "407 SET takes 3 arguments\n");
 801                 return ;
 802         }
 803
 804         if( !Client->bIsAuthed ) {
 805                 sendf(Client->Socket, "401 Not Authenticated\n");
 806                 return ;
 807         }
 808
 809         // Check user permissions
 810         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN)  ) {
 811                 sendf(Client->Socket, "403 Not an admin\n");
 812                 return ;
 813         }
 814
 815         // Get recipient
 816         uid = Bank_GetAcctByName(user);
 817         if( uid == -1 ) {
 818                 sendf(Client->Socket, "404 Invalid user\n");
 819                 return ;
 820         }
 821
 822         // You can't alter an internal account
 823         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 824                 sendf(Client->Socket, "404 Invalid user\n");
 825                 return ;
 826         }
 827
 828         // Parse ammount
 829         iAmmount = atoi(ammount);
 830         if( iAmmount == 0 && ammount[0] != '0' ) {
 831                 sendf(Client->Socket, "407 Invalid Argument\n");
 832                 return ;
 833         }
 834
 835         // Do give
 836         switch( DispenseSet(Client->UID, uid, iAmmount, reason) )
 837         {
 838         case 0:
 839                 sendf(Client->Socket, "200 Add OK\n");
 840                 return ;
 841         case 2:
 842                 sendf(Client->Socket, "402 Poor Guy\n");
 843                 return ;
 844         default:
 845                 sendf(Client->Socket, "500 Unknown error\n");
 846                 return ;
 847         }
 848 }
 849
 850 void Server_Cmd_ENUMUSERS(tClient *Client, char *Args)
 851 {
 852          int    i, numRet = 0;
 853         tAcctIterator   *it;
 854          int    maxBal = INT_MAX, minBal = INT_MIN;
 855          int    flagMask = 0, flagVal = 0;
 856          int    sort = BANK_ITFLAG_SORT_NAME;
 857         time_t  lastSeenAfter=0, lastSeenBefore=0;
 858
 859          int    flags;  // Iterator flags
 860          int    balValue;       // Balance value for iterator
 861         time_t  timeValue;      // Time value for iterator
 862
 863         // Parse arguments
 864         if( Args && strlen(Args) )
 865         {
 866                 char    *space = Args, *type, *val;
 867                 do
 868                 {
 869                         type = space;
 870                         while(*type == ' ')     type ++;
 871                         // Get next space
 872                         space = strchr(space, ' ');
 873                         if(space)       *space = '\0';
 874
 875                         // Get type
 876                         val = strchr(type, ':');
 877                         if( val ) {
 878                                 *val = '\0';
 879                                 val ++;
 880
 881                                 // Types
 882                                 // - Minium Balance
 883                                 if( strcmp(type, "min_balance") == 0 ) {
 884                                         minBal = atoi(val);
 885                                 }
 886                                 // - Maximum Balance
 887                                 else if( strcmp(type, "max_balance") == 0 ) {
 888                                         maxBal = atoi(val);
 889                                 }
 890                                 // - Flags
 891                                 else if( strcmp(type, "flags") == 0 ) {
 892                                         if( Server_int_ParseFlags(Client, val, &flagMask, &flagVal) )
 893                                                 return ;
 894                                 }
 895                                 // - Last seen before timestamp
 896                                 else if( strcmp(type, "last_seen_before") == 0 ) {
 897                                         lastSeenAfter = atoll(val);
 898                                 }
 899                                 // - Last seen after timestamp
 900                                 else if( strcmp(type, "last_seen_after") == 0 ) {
 901                                         lastSeenAfter = atoll(val);
 902                                 }
 903                                 // - Sorting
 904                                 else if( strcmp(type, "sort") == 0 ) {
 905                                         char    *dash = strchr(val, '-');
 906                                         if( dash ) {
 907                                                 *dash = '\0';
 908                                                 dash ++;
 909                                         }
 910                                         if( strcmp(val, "name") == 0 ) {
 911                                                 sort = BANK_ITFLAG_SORT_NAME;
 912                                         }
 913                                         else if( strcmp(val, "balance") == 0 ) {
 914                                                 sort = BANK_ITFLAG_SORT_BAL;
 915                                         }
 916                                         else if( strcmp(val, "lastseen") == 0 ) {
 917                                                 sort = BANK_ITFLAG_SORT_LASTSEEN;
 918                                         }
 919                                         else {
 920                                                 sendf(Client->Socket, "407 Unknown sort field ('%s')\n", val);
 921                                                 return ;
 922                                         }
 923                                         // Handle sort direction
 924                                         if( dash ) {
 925                                                 if( strcmp(dash, "desc") == 0 ) {
 926                                                         sort |= BANK_ITFLAG_REVSORT;
 927                                                 }
 928                                                 else {
 929                                                         sendf(Client->Socket, "407 Unknown sort direction '%s'\n", dash);
 930                                                         return ;
 931                                                 }
 932                                                 dash[-1] = '-';
 933                                         }
 934                                 }
 935                                 else {
 936                                         sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s:%s'\n", type, val);
 937                                         return ;
 938                                 }
 939
 940                                 val[-1] = ':';
 941                         }
 942                         else {
 943                                 sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s'\n", type);
 944                                 return ;
 945                         }
 946
 947                         // Eat whitespace
 948                         if( space ) {
 949                                 *space = ' ';   // Repair (to be nice)
 950                                 space ++;
 951                                 while(*space == ' ')    space ++;
 952                         }
 953                 }       while(space);
 954         }
 955
 956         // Create iterator
 957         if( maxBal != INT_MAX ) {
 958                 flags = sort|BANK_ITFLAG_MAXBALANCE;
 959                 balValue = maxBal;
 960         }
 961         else if( minBal != INT_MIN ) {
 962                 flags = sort|BANK_ITFLAG_MINBALANCE;
 963                 balValue = minBal;
 964         }
 965         else {
 966                 flags = sort;
 967                 balValue = 0;
 968         }
 969         if( lastSeenBefore ) {
 970                 timeValue = lastSeenBefore;
 971                 flags |= BANK_ITFLAG_SEENBEFORE;
 972         }
 973         else if( lastSeenAfter ) {
 974                 timeValue = lastSeenAfter;
 975                 flags |= BANK_ITFLAG_SEENAFTER;
 976         }
 977         else {
 978                 timeValue = 0;
 979         }
 980         it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
 981
 982         // Get return number
 983         while( (i = Bank_IteratorNext(it)) != -1 )
 984         {
 985                 int bal = Bank_GetBalance(i);
 986
 987                 if( bal == INT_MIN )    continue;
 988
 989                 if( bal < minBal )      continue;
 990                 if( bal > maxBal )      continue;
 991
 992                 numRet ++;
 993         }
 994
 995         Bank_DelIterator(it);
 996
 997         // Send count
 998         sendf(Client->Socket, "201 Users %i\n", numRet);
 999
1000
1001         // Create iterator
1002         it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
1003
1004         while( (i = Bank_IteratorNext(it)) != -1 )
1005         {
1006                 int bal = Bank_GetBalance(i);
1007
1008                 if( bal == INT_MIN )    continue;
1009
1010                 if( bal < minBal )      continue;
1011                 if( bal > maxBal )      continue;
1012
1013                 _SendUserInfo(Client, i);
1014         }
1015
1016         Bank_DelIterator(it);
1017
1018         sendf(Client->Socket, "200 List End\n");
1019 }
1020
1021 void Server_Cmd_USERINFO(tClient *Client, char *Args)
1022 {
1023          int    uid;
1024         char    *user;
1025
1026         // Parse arguments
1027         if( Server_int_ParseArgs(0, Args, &user, NULL) ) {
1028                 sendf(Client->Socket, "407 USER_INFO takes 1 argument\n");
1029                 return ;
1030         }
1031
1032         if( giDebugLevel )      Debug(Client, "User Info '%s'", user);
1033
1034         // Get recipient
1035         uid = Bank_GetAcctByName(user);
1036
1037         if( giDebugLevel >= 2 ) Debug(Client, "uid = %i", uid);
1038         if( uid == -1 ) {
1039                 sendf(Client->Socket, "404 Invalid user\n");
1040                 return ;
1041         }
1042
1043         _SendUserInfo(Client, uid);
1044 }
1045
1046 void _SendUserInfo(tClient *Client, int UserID)
1047 {
1048         char    *type, *disabled="", *door="";
1049          int    flags = Bank_GetFlags(UserID);
1050
1051         if( flags & USER_FLAG_INTERNAL ) {
1052                 type = "internal";
1053         }
1054         else if( flags & USER_FLAG_COKE ) {
1055                 if( flags & USER_FLAG_ADMIN )
1056                         type = "coke,admin";
1057                 else
1058                         type = "coke";
1059         }
1060         else if( flags & USER_FLAG_ADMIN ) {
1061                 type = "admin";
1062         }
1063         else {
1064                 type = "user";
1065         }
1066
1067         if( flags & USER_FLAG_DISABLED )
1068                 disabled = ",disabled";
1069         if( flags & USER_FLAG_DOORGROUP )
1070                 door = ",door";
1071
1072         // TODO: User flags/type
1073         sendf(
1074                 Client->Socket, "202 User %s %i %s%s%s\n",
1075                 Bank_GetAcctName(UserID), Bank_GetBalance(UserID),
1076                 type, disabled, door
1077                 );
1078 }
1079
1080 void Server_Cmd_USERADD(tClient *Client, char *Args)
1081 {
1082         char    *username;
1083
1084         // Parse arguments
1085         if( Server_int_ParseArgs(0, Args, &username, NULL) ) {
1086                 sendf(Client->Socket, "407 USER_ADD takes 1 argument\n");
1087                 return ;
1088         }
1089
1090         // Check permissions
1091         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
1092                 sendf(Client->Socket, "403 Not a coke admin\n");
1093                 return ;
1094         }
1095
1096         // Try to create user
1097         if( Bank_CreateAcct(username) == -1 ) {
1098                 sendf(Client->Socket, "404 User exists\n");
1099                 return ;
1100         }
1101
1102         {
1103                 char    *thisName = Bank_GetAcctName(Client->UID);
1104                 Log_Info("Account '%s' created by '%s'", username, thisName);
1105                 free(thisName);
1106         }
1107
1108         sendf(Client->Socket, "200 User Added\n");
1109 }
1110
1111 void Server_Cmd_USERFLAGS(tClient *Client, char *Args)
1112 {
1113         char    *username, *flags;
1114          int    mask=0, value=0;
1115          int    uid;
1116
1117         // Parse arguments
1118         if( Server_int_ParseArgs(0, Args, &username, &flags, NULL) ) {
1119                 sendf(Client->Socket, "407 USER_FLAGS takes 2 arguments\n");
1120                 return ;
1121         }
1122
1123         // Check permissions
1124         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
1125                 sendf(Client->Socket, "403 Not a coke admin\n");
1126                 return ;
1127         }
1128
1129         // Get UID
1130         uid = Bank_GetAcctByName(username);
1131         if( uid == -1 ) {
1132                 sendf(Client->Socket, "404 User '%s' not found\n", username);
1133                 return ;
1134         }
1135
1136         // Parse flags
1137         if( Server_int_ParseFlags(Client, flags, &mask, &value) )
1138                 return ;
1139
1140         if( giDebugLevel )
1141                 Debug(Client, "Set %i(%s) flags to %x (masked %x)\n",
1142                         uid, username, mask, value);
1143
1144         // Apply flags
1145         Bank_SetFlags(uid, mask, value);
1146
1147         // Return OK
1148         sendf(Client->Socket, "200 User Updated\n");
1149 }
1150
1151 // --- INTERNAL HELPERS ---
1152 void Debug(tClient *Client, const char *Format, ...)
1153 {
1154         va_list args;
1155         //printf("%010i [%i] ", (int)time(NULL), Client->ID);
1156         printf("[%i] ", Client->ID);
1157         va_start(args, Format);
1158         vprintf(Format, args);
1159         va_end(args);
1160         printf("\n");
1161 }
1162
1163 int sendf(int Socket, const char *Format, ...)
1164 {
1165         va_list args;
1166          int    len;
1167
1168         va_start(args, Format);
1169         len = vsnprintf(NULL, 0, Format, args);
1170         va_end(args);
1171
1172         {
1173                 char    buf[len+1];
1174                 va_start(args, Format);
1175                 vsnprintf(buf, len+1, Format, args);
1176                 va_end(args);
1177
1178                 #if DEBUG_TRACE_CLIENT
1179                 printf("sendf: %s", buf);
1180                 #endif
1181
1182                 return send(Socket, buf, len, 0);
1183         }
1184 }
1185
1186 // Takes a series of char *'s in
1187 /**
1188  * \brief Parse space-separated entries into
1189  */
1190 int Server_int_ParseArgs(int bUseLongLast, char *ArgStr, ...)
1191 {
1192         va_list args;
1193         char    savedChar;
1194         char    **dest;
1195         va_start(args, ArgStr);
1196
1197         // Check for null
1198         if( !ArgStr )
1199         {
1200                 while( (dest = va_arg(args, char **)) )
1201                         *dest = NULL;
1202                 va_end(args);
1203                 return 1;
1204         }
1205
1206         savedChar = *ArgStr;
1207
1208         while( (dest = va_arg(args, char **)) )
1209         {
1210                 // Trim leading spaces
1211                 while( *ArgStr == ' ' || *ArgStr == '\t' )
1212                         ArgStr ++;
1213
1214                 // ... oops, not enough arguments
1215                 if( *ArgStr == '\0' )
1216                 {
1217                         // NULL unset arguments
1218                         do {
1219                                 *dest = NULL;
1220                         }       while( (dest = va_arg(args, char **)) );
1221                 va_end(args);
1222                         return -1;
1223                 }
1224
1225                 if( *ArgStr == '"' )
1226                 {
1227                         ArgStr ++;
1228                         *dest = ArgStr;
1229                         // Read until quote
1230                         while( *ArgStr && *ArgStr != '"' )
1231                                 ArgStr ++;
1232                 }
1233                 else
1234                 {
1235                         // Set destination
1236                         *dest = ArgStr;
1237                         // Read until a space
1238                         while( *ArgStr && *ArgStr != ' ' && *ArgStr != '\t' )
1239                                 ArgStr ++;
1240                 }
1241                 savedChar = *ArgStr;    // savedChar is used to un-mangle the last string
1242                 *ArgStr = '\0';
1243                 ArgStr ++;
1244         }
1245         va_end(args);
1246
1247         // Oops, extra arguments, and greedy not set
1248         if( (savedChar == ' ' || savedChar == '\t') && !bUseLongLast ) {
1249                 return -1;
1250         }
1251
1252         // Un-mangle last
1253         if(bUseLongLast) {
1254                 ArgStr --;
1255                 *ArgStr = savedChar;
1256         }
1257
1258         return 0;       // Success!
1259 }
1260
1261 int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value)
1262 {
1263         struct {
1264                 const char      *Name;
1265                  int    Mask;
1266                  int    Value;
1267         }       cFLAGS[] = {
1268                  {"disabled", USER_FLAG_DISABLED, USER_FLAG_DISABLED}
1269                 ,{"door", USER_FLAG_DOORGROUP, USER_FLAG_DOORGROUP}
1270                 ,{"coke", USER_FLAG_COKE, USER_FLAG_COKE}
1271                 ,{"admin", USER_FLAG_ADMIN, USER_FLAG_ADMIN}
1272                 ,{"internal", USER_FLAG_INTERNAL, USER_FLAG_INTERNAL}
1273         };
1274         const int       ciNumFlags = sizeof(cFLAGS)/sizeof(cFLAGS[0]);
1275
1276         char    *space;
1277
1278         *Mask = 0;
1279         *Value = 0;
1280
1281         do {
1282                  int    bRemove = 0;
1283                  int    i;
1284                  int    len;
1285
1286                 while( *Str == ' ' )    Str ++; // Eat whitespace
1287                 space = strchr(Str, ',');       // Find the end of the flag
1288                 if(space)
1289                         len = space - Str;
1290                 else
1291                         len = strlen(Str);
1292
1293                 // Check for inversion/removal
1294                 if( *Str == '!' || *Str == '-' ) {
1295                         bRemove = 1;
1296                         Str ++;
1297                 }
1298                 else if( *Str == '+' ) {
1299                         Str ++;
1300                 }
1301
1302                 // Check flag values
1303                 for( i = 0; i < ciNumFlags; i ++ )
1304                 {
1305                         if( strncmp(Str, cFLAGS[i].Name, len) == 0 ) {
1306                                 *Mask |= cFLAGS[i].Mask;
1307                                 *Value &= ~cFLAGS[i].Mask;
1308                                 if( !bRemove )
1309                                         *Value |= cFLAGS[i].Value;
1310                                 break;
1311                         }
1312                 }
1313
1314                 // Error check
1315                 if( i == ciNumFlags ) {
1316                         char    val[len+1];
1317                         strncpy(val, Str, len+1);
1318                         sendf(Client->Socket, "407 Unknown flag value '%s'\n", val);
1319                         return -1;
1320                 }
1321
1322                 Str = space + 1;
1323         } while(space);
1324
1325         return 0;
1326 }