src/server/server.c

   1 /*
   2  * OpenDispense 2
   3  * UCC (University [of WA] Computer Club) Electronic Accounting System
   4  *
   5  * server.c - Client Server Code
   6  *
   7  * This file is licenced under the 3-clause BSD Licence. See the file
   8  * COPYING for full details.
   9  */
  10 #include <stdio.h>
  11 #include <stdlib.h>
  12 #include "common.h"
  13 #include <sys/socket.h>
  14 #include <netinet/in.h>
  15 #include <arpa/inet.h>
  16 #include <unistd.h>
  17 #include <string.h>
  18 #include <limits.h>
  19 #include <stdarg.h>
  20
  21 #define DEBUG_TRACE_CLIENT      0
  22
  23 // Statistics
  24 #define MAX_CONNECTION_QUEUE    5
  25 #define INPUT_BUFFER_SIZE       256
  26 #define CLIENT_TIMEOUT  10      // Seconds
  27
  28 #define HASH_TYPE       SHA1
  29 #define HASH_LENGTH     20
  30
  31 #define MSG_STR_TOO_LONG        "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
  32
  33 // === TYPES ===
  34 typedef struct sClient
  35 {
  36          int    Socket; // Client socket ID
  37          int    ID;     // Client ID
  38
  39          int    bIsTrusted;     // Is the connection from a trusted host/port
  40
  41         char    *Username;
  42         char    Salt[9];
  43
  44          int    UID;
  45          int    EffectiveUID;
  46          int    bIsAuthed;
  47 }       tClient;
  48
  49 // === PROTOTYPES ===
  50 void    Server_Start(void);
  51 void    Server_Cleanup(void);
  52 void    Server_HandleClient(int Socket, int bTrusted);
  53 void    Server_ParseClientCommand(tClient *Client, char *CommandString);
  54 // --- Commands ---
  55 void    Server_Cmd_USER(tClient *Client, char *Args);
  56 void    Server_Cmd_PASS(tClient *Client, char *Args);
  57 void    Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
  58 void    Server_Cmd_SETEUSER(tClient *Client, char *Args);
  59 void    Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
  60 void    Server_Cmd_ITEMINFO(tClient *Client, char *Args);
  61 void    Server_Cmd_DISPENSE(tClient *Client, char *Args);
  62 void    Server_Cmd_GIVE(tClient *Client, char *Args);
  63 void    Server_Cmd_DONATE(tClient *Client, char *Args);
  64 void    Server_Cmd_ADD(tClient *Client, char *Args);
  65 void    Server_Cmd_SET(tClient *Client, char *Args);
  66 void    Server_Cmd_ENUMUSERS(tClient *Client, char *Args);
  67 void    Server_Cmd_USERINFO(tClient *Client, char *Args);
  68 void    _SendUserInfo(tClient *Client, int UserID);
  69 void    Server_Cmd_USERADD(tClient *Client, char *Args);
  70 void    Server_Cmd_USERFLAGS(tClient *Client, char *Args);
  71 // --- Helpers ---
  72 void    Debug(tClient *Client, const char *Format, ...);
  73  int    sendf(int Socket, const char *Format, ...);
  74  int    Server_int_ParseArgs(int bUseLongArg, char *ArgStr, ...);
  75  int    Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value);
  76
  77 // === CONSTANTS ===
  78 // - Commands
  79 const struct sClientCommand {
  80         const char      *Name;
  81         void    (*Function)(tClient *Client, char *Arguments);
  82 }       gaServer_Commands[] = {
  83         {"USER", Server_Cmd_USER},
  84         {"PASS", Server_Cmd_PASS},
  85         {"AUTOAUTH", Server_Cmd_AUTOAUTH},
  86         {"SETEUSER", Server_Cmd_SETEUSER},
  87         {"ENUM_ITEMS", Server_Cmd_ENUMITEMS},
  88         {"ITEM_INFO", Server_Cmd_ITEMINFO},
  89         {"DISPENSE", Server_Cmd_DISPENSE},
  90         {"GIVE", Server_Cmd_GIVE},
  91         {"DONATE", Server_Cmd_DONATE},
  92         {"ADD", Server_Cmd_ADD},
  93         {"SET", Server_Cmd_SET},
  94         {"ENUM_USERS", Server_Cmd_ENUMUSERS},
  95         {"USER_INFO", Server_Cmd_USERINFO},
  96         {"USER_ADD", Server_Cmd_USERADD},
  97         {"USER_FLAGS", Server_Cmd_USERFLAGS}
  98 };
  99 #define NUM_COMMANDS    ((int)(sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0])))
 100
 101 // === GLOBALS ===
 102  int    giServer_Port = 1020;
 103  int    giServer_NextClientID = 1;
 104  int    giServer_Socket;
 105
 106 // === CODE ===
 107 /**
 108  * \brief Open listenting socket and serve connections
 109  */
 110 void Server_Start(void)
 111 {
 112          int    client_socket;
 113         struct sockaddr_in      server_addr, client_addr;
 114
 115         atexit(Server_Cleanup);
 116
 117         // Create Server
 118         giServer_Socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
 119         if( giServer_Socket < 0 ) {
 120                 fprintf(stderr, "ERROR: Unable to create server socket\n");
 121                 return ;
 122         }
 123
 124         // Make listen address
 125         memset(&server_addr, 0, sizeof(server_addr));
 126         server_addr.sin_family = AF_INET;       // Internet Socket
 127         server_addr.sin_addr.s_addr = htonl(INADDR_ANY);        // Listen on all interfaces
 128         server_addr.sin_port = htons(giServer_Port);    // Port
 129
 130         // Bind
 131         if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) {
 132                 fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port);
 133                 perror("Binding");
 134                 return ;
 135         }
 136
 137         // Listen
 138         if( listen(giServer_Socket, MAX_CONNECTION_QUEUE) < 0 ) {
 139                 fprintf(stderr, "ERROR: Unable to listen to socket\n");
 140                 perror("Listen");
 141                 return ;
 142         }
 143
 144         printf("Listening on 0.0.0.0:%i\n", giServer_Port);
 145
 146         for(;;)
 147         {
 148                 uint    len = sizeof(client_addr);
 149                  int    bTrusted = 0;
 150
 151                 // Accept a connection
 152                 client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len);
 153                 if(client_socket < 0) {
 154                         fprintf(stderr, "ERROR: Unable to accept client connection\n");
 155                         return ;
 156                 }
 157
 158                 // Set a timeout on the user conneciton
 159                 {
 160                         struct timeval tv;
 161                         tv.tv_sec = CLIENT_TIMEOUT;
 162                         tv.tv_usec = 0;
 163                         if( setsockopt(client_socket, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) )
 164                         {
 165                                 perror("setsockopt");
 166                                 return ;
 167                         }
 168                 }
 169
 170                 // Debug: Print the connection string
 171                 if(giDebugLevel >= 2) {
 172                         char    ipstr[INET_ADDRSTRLEN];
 173                         inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN);
 174                         printf("Client connection from %s:%i\n",
 175                                 ipstr, ntohs(client_addr.sin_port));
 176                 }
 177
 178                 // Doesn't matter what, localhost is trusted
 179                 if( ntohl( client_addr.sin_addr.s_addr ) == 0x7F000001 )
 180                         bTrusted = 1;
 181
 182                 // Trusted Connections
 183                 if( ntohs(client_addr.sin_port) < 1024 )
 184                 {
 185                         // TODO: Make this runtime configurable
 186                         switch( ntohl( client_addr.sin_addr.s_addr ) )
 187                         {
 188                         case 0x7F000001:        // 127.0.0.1    localhost
 189                 //      case 0x825F0D00:        // 130.95.13.0
 190                         case 0x825F0D07:        // 130.95.13.7  motsugo
 191                         case 0x825F0D11:        // 130.95.13.17 mermaid
 192                         case 0x825F0D12:        // 130.95.13.18 mussel
 193                         case 0x825F0D17:        // 130.95.13.23 martello
 194                         case 0x825F0D42:        // 130.95.13.66 heathred
 195                                 bTrusted = 1;
 196                                 break;
 197                         default:
 198                                 break;
 199                         }
 200                 }
 201
 202                 // TODO: Multithread this?
 203                 Server_HandleClient(client_socket, bTrusted);
 204
 205                 close(client_socket);
 206         }
 207 }
 208
 209 void Server_Cleanup(void)
 210 {
 211         printf("Close(%i)\n", giServer_Socket);
 212         close(giServer_Socket);
 213 }
 214
 215 /**
 216  * \brief Reads from a client socket and parses the command strings
 217  * \param Socket        Client socket number/handle
 218  * \param bTrusted      Is the client trusted?
 219  */
 220 void Server_HandleClient(int Socket, int bTrusted)
 221 {
 222         char    inbuf[INPUT_BUFFER_SIZE];
 223         char    *buf = inbuf;
 224          int    remspace = INPUT_BUFFER_SIZE-1;
 225          int    bytes = -1;
 226         tClient clientInfo;
 227
 228         memset(&clientInfo, 0, sizeof(clientInfo));
 229
 230         // Initialise Client info
 231         clientInfo.Socket = Socket;
 232         clientInfo.ID = giServer_NextClientID ++;
 233         clientInfo.bIsTrusted = bTrusted;
 234         clientInfo.EffectiveUID = -1;
 235
 236         // Read from client
 237         /*
 238          * Notes:
 239          * - The `buf` and `remspace` variables allow a line to span several
 240          *   calls to recv(), if a line is not completed in one recv() call
 241          *   it is saved to the beginning of `inbuf` and `buf` is updated to
 242          *   the end of it.
 243          */
 244         // TODO: Use select() instead (to give a timeout)
 245         while( (bytes = recv(Socket, buf, remspace, 0)) > 0 )
 246         {
 247                 char    *eol, *start;
 248                 buf[bytes] = '\0';      // Allow us to use stdlib string functions on it
 249
 250                 // Split by lines
 251                 start = inbuf;
 252                 while( (eol = strchr(start, '\n')) )
 253                 {
 254                         *eol = '\0';
 255
 256                         Server_ParseClientCommand(&clientInfo, start);
 257
 258                         start = eol + 1;
 259                 }
 260
 261                 // Check if there was an incomplete line
 262                 if( *start != '\0' ) {
 263                          int    tailBytes = bytes - (start-buf);
 264                         // Roll back in buffer
 265                         memcpy(inbuf, start, tailBytes);
 266                         remspace -= tailBytes;
 267                         if(remspace == 0) {
 268                                 send(Socket, MSG_STR_TOO_LONG, sizeof(MSG_STR_TOO_LONG), 0);
 269                                 buf = inbuf;
 270                                 remspace = INPUT_BUFFER_SIZE - 1;
 271                         }
 272                 }
 273                 else {
 274                         buf = inbuf;
 275                         remspace = INPUT_BUFFER_SIZE - 1;
 276                 }
 277         }
 278
 279         // Check for errors
 280         if( bytes < 0 ) {
 281                 fprintf(stderr, "ERROR: Unable to recieve from client on socket %i\n", Socket);
 282                 return ;
 283         }
 284
 285         if(giDebugLevel >= 2) {
 286                 printf("Client %i: Disconnected\n", clientInfo.ID);
 287         }
 288 }
 289
 290 /**
 291  * \brief Parses a client command and calls the required helper function
 292  * \param Client        Pointer to client state structure
 293  * \param CommandString Command from client (single line of the command)
 294  * \return Heap String to return to the client
 295  */
 296 void Server_ParseClientCommand(tClient *Client, char *CommandString)
 297 {
 298         char    *command, *args;
 299          int    i;
 300         #if 0
 301         char    **argList;
 302          int    numArgs = 0;
 303         #endif
 304
 305         if( Server_int_ParseArgs(1, CommandString, &command, &args, NULL) )
 306         {
 307                 printf("command=%s, args=%s\n", command, args);
 308                 // Is this an error? (just ignore for now)
 309                 args = "";
 310         }
 311
 312
 313         // Find command
 314         for( i = 0; i < NUM_COMMANDS; i++ )
 315         {
 316                 if(strcmp(CommandString, gaServer_Commands[i].Name) == 0) {
 317                         gaServer_Commands[i].Function(Client, args);
 318                         return ;
 319                 }
 320         }
 321
 322         sendf(Client->Socket, "400 Unknown Command\n");
 323 }
 324
 325 // ---
 326 // Commands
 327 // ---
 328 /**
 329  * \brief Set client username
 330  *
 331  * Usage: USER <username>
 332  */
 333 void Server_Cmd_USER(tClient *Client, char *Args)
 334 {
 335         char    *username;
 336
 337         if( Server_int_ParseArgs(0, Args, &username, NULL) )
 338         {
 339                 sendf(Client->Socket, "407 USER takes 1 argument\n");
 340                 return ;
 341         }
 342
 343         // Debug!
 344         if( giDebugLevel )
 345                 Debug(Client, "Authenticating as '%s'", username);
 346
 347         // Save username
 348         if(Client->Username)
 349                 free(Client->Username);
 350         Client->Username = strdup(username);
 351
 352         #if USE_SALT
 353         // Create a salt (that changes if the username is changed)
 354         // Yes, I know, I'm a little paranoid, but who isn't?
 355         Client->Salt[0] = 0x21 + (rand()&0x3F);
 356         Client->Salt[1] = 0x21 + (rand()&0x3F);
 357         Client->Salt[2] = 0x21 + (rand()&0x3F);
 358         Client->Salt[3] = 0x21 + (rand()&0x3F);
 359         Client->Salt[4] = 0x21 + (rand()&0x3F);
 360         Client->Salt[5] = 0x21 + (rand()&0x3F);
 361         Client->Salt[6] = 0x21 + (rand()&0x3F);
 362         Client->Salt[7] = 0x21 + (rand()&0x3F);
 363
 364         // TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
 365         sendf(Client->Socket, "100 SALT %s\n", Client->Salt);
 366         #else
 367         sendf(Client->Socket, "100 User Set\n");
 368         #endif
 369 }
 370
 371 /**
 372  * \brief Authenticate as a user
 373  *
 374  * Usage: PASS <hash>
 375  */
 376 void Server_Cmd_PASS(tClient *Client, char *Args)
 377 {
 378         char    *passhash;
 379
 380         if( Server_int_ParseArgs(0, Args, &passhash, NULL) )
 381         {
 382                 sendf(Client->Socket, "407 PASS takes 1 argument\n");
 383                 return ;
 384         }
 385
 386         // Pass on to cokebank
 387         Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, passhash);
 388
 389         if( Client->UID != -1 ) {
 390                 Client->bIsAuthed = 1;
 391                 sendf(Client->Socket, "200 Auth OK\n");
 392                 return ;
 393         }
 394
 395         sendf(Client->Socket, "401 Auth Failure\n");
 396 }
 397
 398 /**
 399  * \brief Authenticate as a user without a password
 400  *
 401  * Usage: AUTOAUTH <user>
 402  */
 403 void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
 404 {
 405         char    *username;
 406
 407         if( Server_int_ParseArgs(0, Args, &username, NULL) )
 408         {
 409                 sendf(Client->Socket, "407 AUTOAUTH takes 1 argument\n");
 410                 return ;
 411         }
 412
 413         // Check if trusted
 414         if( !Client->bIsTrusted ) {
 415                 if(giDebugLevel)
 416                         Debug(Client, "Untrusted client attempting to AUTOAUTH");
 417                 sendf(Client->Socket, "401 Untrusted\n");
 418                 return ;
 419         }
 420
 421         // Get UID
 422         Client->UID = Bank_GetAcctByName( username );
 423         if( Client->UID < 0 ) {
 424                 if(giDebugLevel)
 425                         Debug(Client, "Unknown user '%s'", username);
 426                 sendf(Client->Socket, "401 Auth Failure\n");
 427                 return ;
 428         }
 429
 430         // You can't be an internal account
 431         if( Bank_GetFlags(Client->UID) & USER_FLAG_INTERNAL ) {
 432                 Client->UID = -1;
 433                 sendf(Client->Socket, "401 Auth Failure\n");
 434                 return ;
 435         }
 436
 437         Client->bIsAuthed = 1;
 438
 439         if(giDebugLevel)
 440                 Debug(Client, "Auto authenticated as '%s' (%i)", username, Client->UID);
 441
 442         sendf(Client->Socket, "200 Auth OK\n");
 443 }
 444
 445 /**
 446  * \brief Set effective user
 447  */
 448 void Server_Cmd_SETEUSER(tClient *Client, char *Args)
 449 {
 450         char    *username;
 451
 452         if( Server_int_ParseArgs(0, Args, &username, NULL) )
 453         {
 454                 sendf(Client->Socket, "407 SETEUSER takes 1 argument\n");
 455                 return ;
 456         }
 457
 458         if( !strlen(Args) ) {
 459                 sendf(Client->Socket, "407 SETEUSER expects an argument\n");
 460                 return ;
 461         }
 462
 463         // Check user permissions
 464         if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
 465                 sendf(Client->Socket, "403 Not in coke\n");
 466                 return ;
 467         }
 468
 469         // Set id
 470         Client->EffectiveUID = Bank_GetAcctByName(username);
 471         if( Client->EffectiveUID == -1 ) {
 472                 sendf(Client->Socket, "404 User not found\n");
 473                 return ;
 474         }
 475
 476         // You can't be an internal account
 477         if( Bank_GetFlags(Client->EffectiveUID) & USER_FLAG_INTERNAL ) {
 478                 Client->EffectiveUID = -1;
 479                 sendf(Client->Socket, "404 User not found\n");
 480                 return ;
 481         }
 482
 483         sendf(Client->Socket, "200 User set\n");
 484 }
 485
 486 /**
 487  * \brief Enumerate the items that the server knows about
 488  */
 489 void Server_Cmd_ENUMITEMS(tClient *Client, char *Args)
 490 {
 491          int    i, count;
 492
 493         if( Args != NULL && strlen(Args) ) {
 494                 sendf(Client->Socket, "407 ENUM_ITEMS takes no arguments\n");
 495                 return ;
 496         }
 497
 498         // Count shown items
 499         count = 0;
 500         for( i = 0; i < giNumItems; i ++ ) {
 501                 if( gaItems[i].bHidden )        continue;
 502                 count ++;
 503         }
 504
 505         sendf(Client->Socket, "201 Items %i\n", count);
 506
 507         for( i = 0; i < giNumItems; i ++ ) {
 508                 if( gaItems[i].bHidden )        continue;
 509                 sendf(Client->Socket,
 510                         "202 Item %s:%i %i %s\n",
 511                          gaItems[i].Handler->Name, gaItems[i].ID, gaItems[i].Price, gaItems[i].Name
 512                          );
 513         }
 514
 515         sendf(Client->Socket, "200 List end\n");
 516 }
 517
 518 tItem *_GetItemFromString(char *String)
 519 {
 520         tHandler        *handler;
 521         char    *type = String;
 522         char    *colon = strchr(String, ':');
 523          int    num, i;
 524
 525         if( !colon ) {
 526                 return NULL;
 527         }
 528
 529         num = atoi(colon+1);
 530         *colon = '\0';
 531
 532         // Find handler
 533         handler = NULL;
 534         for( i = 0; i < giNumHandlers; i ++ )
 535         {
 536                 if( strcmp(gaHandlers[i]->Name, type) == 0) {
 537                         handler = gaHandlers[i];
 538                         break;
 539                 }
 540         }
 541         if( !handler ) {
 542                 return NULL;
 543         }
 544
 545         // Find item
 546         for( i = 0; i < giNumItems; i ++ )
 547         {
 548                 if( gaItems[i].Handler != handler )     continue;
 549                 if( gaItems[i].ID != num )      continue;
 550                 return &gaItems[i];
 551         }
 552         return NULL;
 553 }
 554
 555 /**
 556  * \brief Fetch information on a specific item
 557  */
 558 void Server_Cmd_ITEMINFO(tClient *Client, char *Args)
 559 {
 560         tItem   *item;
 561         char    *itemname;
 562
 563         if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
 564                 sendf(Client->Socket, "407 ITEMINFO takes 1 argument\n");
 565                 return ;
 566         }
 567         item = _GetItemFromString(Args);
 568
 569         if( !item ) {
 570                 sendf(Client->Socket, "406 Bad Item ID\n");
 571                 return ;
 572         }
 573
 574         sendf(Client->Socket,
 575                 "202 Item %s:%i %i %s\n",
 576                  item->Handler->Name, item->ID, item->Price, item->Name
 577                  );
 578 }
 579
 580 void Server_Cmd_DISPENSE(tClient *Client, char *Args)
 581 {
 582         tItem   *item;
 583          int    ret;
 584          int    uid;
 585         char    *itemname;
 586
 587         if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
 588                 sendf(Client->Socket, "407 DISPENSE takes only 1 argument\n");
 589                 return ;
 590         }
 591
 592         if( !Client->bIsAuthed ) {
 593                 sendf(Client->Socket, "401 Not Authenticated\n");
 594                 return ;
 595         }
 596
 597         item = _GetItemFromString(itemname);
 598         if( !item ) {
 599                 sendf(Client->Socket, "406 Bad Item ID\n");
 600                 return ;
 601         }
 602
 603         if( Client->EffectiveUID != -1 ) {
 604                 uid = Client->EffectiveUID;
 605         }
 606         else {
 607                 uid = Client->UID;
 608         }
 609
 610         switch( ret = DispenseItem( Client->UID, uid, item ) )
 611         {
 612         case 0: sendf(Client->Socket, "200 Dispense OK\n");     return ;
 613         case 1: sendf(Client->Socket, "501 Unable to dispense\n");      return ;
 614         case 2: sendf(Client->Socket, "402 Poor You\n");        return ;
 615         default:
 616                 sendf(Client->Socket, "500 Dispense Error\n");
 617                 return ;
 618         }
 619 }
 620
 621 void Server_Cmd_GIVE(tClient *Client, char *Args)
 622 {
 623         char    *recipient, *ammount, *reason;
 624          int    uid, iAmmount;
 625          int    thisUid;
 626
 627         // Parse arguments
 628         if( Server_int_ParseArgs(1, Args, &recipient, &ammount, &reason, NULL) ) {
 629                 sendf(Client->Socket, "407 GIVE takes only 3 arguments\n");
 630                 return ;
 631         }
 632         // Check for authed
 633         if( !Client->bIsAuthed ) {
 634                 sendf(Client->Socket, "401 Not Authenticated\n");
 635                 return ;
 636         }
 637
 638         // Get recipient
 639         uid = Bank_GetAcctByName(recipient);
 640         if( uid == -1 ) {
 641                 sendf(Client->Socket, "404 Invalid target user\n");
 642                 return ;
 643         }
 644
 645         // You can't alter an internal account
 646         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 647                 sendf(Client->Socket, "404 Invalid target user\n");
 648                 return ;
 649         }
 650
 651         // Parse ammount
 652         iAmmount = atoi(ammount);
 653         if( iAmmount <= 0 ) {
 654                 sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
 655                 return ;
 656         }
 657
 658         if( Client->EffectiveUID != -1 ) {
 659                 thisUid = Client->EffectiveUID;
 660         }
 661         else {
 662                 thisUid = Client->UID;
 663         }
 664
 665         // Do give
 666         switch( DispenseGive(Client->UID, thisUid, uid, iAmmount, reason) )
 667         {
 668         case 0:
 669                 sendf(Client->Socket, "200 Give OK\n");
 670                 return ;
 671         case 2:
 672                 sendf(Client->Socket, "402 Poor You\n");
 673                 return ;
 674         default:
 675                 sendf(Client->Socket, "500 Unknown error\n");
 676                 return ;
 677         }
 678 }
 679
 680 void Server_Cmd_DONATE(tClient *Client, char *Args)
 681 {
 682         char    *ammount, *reason;
 683          int    iAmmount;
 684          int    thisUid;
 685
 686         // Parse arguments
 687         if( Server_int_ParseArgs(1, Args, &ammount, &reason, NULL) ) {
 688                 sendf(Client->Socket, "407 DONATE takes 2 arguments\n");
 689                 return ;
 690         }
 691
 692         if( !Client->bIsAuthed ) {
 693                 sendf(Client->Socket, "401 Not Authenticated\n");
 694                 return ;
 695         }
 696
 697         // Parse ammount
 698         iAmmount = atoi(ammount);
 699         if( iAmmount <= 0 ) {
 700                 sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
 701                 return ;
 702         }
 703
 704         // Handle effective users
 705         if( Client->EffectiveUID != -1 ) {
 706                 thisUid = Client->EffectiveUID;
 707         }
 708         else {
 709                 thisUid = Client->UID;
 710         }
 711
 712         // Do give
 713         switch( DispenseDonate(Client->UID, thisUid, iAmmount, reason) )
 714         {
 715         case 0:
 716                 sendf(Client->Socket, "200 Give OK\n");
 717                 return ;
 718         case 2:
 719                 sendf(Client->Socket, "402 Poor You\n");
 720                 return ;
 721         default:
 722                 sendf(Client->Socket, "500 Unknown error\n");
 723                 return ;
 724         }
 725 }
 726
 727 void Server_Cmd_ADD(tClient *Client, char *Args)
 728 {
 729         char    *user, *ammount, *reason;
 730          int    uid, iAmmount;
 731
 732         // Parse arguments
 733         if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
 734                 sendf(Client->Socket, "407 ADD takes 3 arguments\n");
 735                 return ;
 736         }
 737
 738         if( !Client->bIsAuthed ) {
 739                 sendf(Client->Socket, "401 Not Authenticated\n");
 740                 return ;
 741         }
 742
 743         // Check user permissions
 744         if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN))  ) {
 745                 sendf(Client->Socket, "403 Not in coke\n");
 746                 return ;
 747         }
 748
 749         // Get recipient
 750         uid = Bank_GetAcctByName(user);
 751         if( uid == -1 ) {
 752                 sendf(Client->Socket, "404 Invalid user\n");
 753                 return ;
 754         }
 755
 756         // You can't alter an internal account
 757         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 758                 sendf(Client->Socket, "404 Invalid user\n");
 759                 return ;
 760         }
 761
 762         // Parse ammount
 763         iAmmount = atoi(ammount);
 764         if( iAmmount == 0 && ammount[0] != '0' ) {
 765                 sendf(Client->Socket, "407 Invalid Argument\n");
 766                 return ;
 767         }
 768
 769         // Do give
 770         switch( DispenseAdd(Client->UID, uid, iAmmount, reason) )
 771         {
 772         case 0:
 773                 sendf(Client->Socket, "200 Add OK\n");
 774                 return ;
 775         case 2:
 776                 sendf(Client->Socket, "402 Poor Guy\n");
 777                 return ;
 778         default:
 779                 sendf(Client->Socket, "500 Unknown error\n");
 780                 return ;
 781         }
 782 }
 783
 784 void Server_Cmd_SET(tClient *Client, char *Args)
 785 {
 786         char    *user, *ammount, *reason;
 787          int    uid, iAmmount;
 788
 789         // Parse arguments
 790         if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
 791                 sendf(Client->Socket, "407 SET takes 3 arguments\n");
 792                 return ;
 793         }
 794
 795         if( !Client->bIsAuthed ) {
 796                 sendf(Client->Socket, "401 Not Authenticated\n");
 797                 return ;
 798         }
 799
 800         // Check user permissions
 801         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN)  ) {
 802                 sendf(Client->Socket, "403 Not an admin\n");
 803                 return ;
 804         }
 805
 806         // Get recipient
 807         uid = Bank_GetAcctByName(user);
 808         if( uid == -1 ) {
 809                 sendf(Client->Socket, "404 Invalid user\n");
 810                 return ;
 811         }
 812
 813         // You can't alter an internal account
 814         if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
 815                 sendf(Client->Socket, "404 Invalid user\n");
 816                 return ;
 817         }
 818
 819         // Parse ammount
 820         iAmmount = atoi(ammount);
 821         if( iAmmount == 0 && ammount[0] != '0' ) {
 822                 sendf(Client->Socket, "407 Invalid Argument\n");
 823                 return ;
 824         }
 825
 826         // Do give
 827         switch( DispenseSet(Client->UID, uid, iAmmount, reason) )
 828         {
 829         case 0:
 830                 sendf(Client->Socket, "200 Add OK\n");
 831                 return ;
 832         case 2:
 833                 sendf(Client->Socket, "402 Poor Guy\n");
 834                 return ;
 835         default:
 836                 sendf(Client->Socket, "500 Unknown error\n");
 837                 return ;
 838         }
 839 }
 840
 841 void Server_Cmd_ENUMUSERS(tClient *Client, char *Args)
 842 {
 843          int    i, numRet = 0;
 844         tAcctIterator   *it;
 845          int    maxBal = INT_MAX, minBal = INT_MIN;
 846          int    flagMask = 0, flagVal = 0;
 847          int    sort = BANK_ITFLAG_SORT_NAME;
 848         time_t  lastSeenAfter=0, lastSeenBefore=0;
 849
 850          int    flags;  // Iterator flags
 851          int    balValue;       // Balance value for iterator
 852         time_t  timeValue;      // Time value for iterator
 853
 854         // Parse arguments
 855         if( Args && strlen(Args) )
 856         {
 857                 char    *space = Args, *type, *val;
 858                 do
 859                 {
 860                         type = space;
 861                         while(*type == ' ')     type ++;
 862                         // Get next space
 863                         space = strchr(space, ' ');
 864                         if(space)       *space = '\0';
 865
 866                         // Get type
 867                         val = strchr(type, ':');
 868                         if( val ) {
 869                                 *val = '\0';
 870                                 val ++;
 871
 872                                 // Types
 873                                 // - Minium Balance
 874                                 if( strcmp(type, "min_balance") == 0 ) {
 875                                         minBal = atoi(val);
 876                                 }
 877                                 // - Maximum Balance
 878                                 else if( strcmp(type, "max_balance") == 0 ) {
 879                                         maxBal = atoi(val);
 880                                 }
 881                                 // - Flags
 882                                 else if( strcmp(type, "flags") == 0 ) {
 883                                         if( Server_int_ParseFlags(Client, val, &flagMask, &flagVal) )
 884                                                 return ;
 885                                 }
 886                                 // - Last seen before timestamp
 887                                 else if( strcmp(type, "last_seen_before") == 0 ) {
 888                                         lastSeenAfter = atoll(val);
 889                                 }
 890                                 // - Last seen after timestamp
 891                                 else if( strcmp(type, "last_seen_after") == 0 ) {
 892                                         lastSeenAfter = atoll(val);
 893                                 }
 894                                 // - Sorting
 895                                 else if( strcmp(type, "sort") == 0 ) {
 896                                         char    *dash = strchr(val, '-');
 897                                         if( dash ) {
 898                                                 *dash = '\0';
 899                                                 dash ++;
 900                                         }
 901                                         if( strcmp(val, "name") == 0 ) {
 902                                                 sort = BANK_ITFLAG_SORT_NAME;
 903                                         }
 904                                         else if( strcmp(val, "balance") == 0 ) {
 905                                                 sort = BANK_ITFLAG_SORT_BAL;
 906                                         }
 907                                         else if( strcmp(val, "lastseen") == 0 ) {
 908                                                 sort = BANK_ITFLAG_SORT_LASTSEEN;
 909                                         }
 910                                         else {
 911                                                 sendf(Client->Socket, "407 Unknown sort field ('%s')\n", val);
 912                                                 return ;
 913                                         }
 914                                         // Handle sort direction
 915                                         if( dash ) {
 916                                                 if( strcmp(dash, "desc") == 0 ) {
 917                                                         sort |= BANK_ITFLAG_REVSORT;
 918                                                 }
 919                                                 else {
 920                                                         sendf(Client->Socket, "407 Unknown sort direction '%s'\n", dash);
 921                                                         return ;
 922                                                 }
 923                                                 dash[-1] = '-';
 924                                         }
 925                                 }
 926                                 else {
 927                                         sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s:%s'\n", type, val);
 928                                         return ;
 929                                 }
 930
 931                                 val[-1] = ':';
 932                         }
 933                         else {
 934                                 sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s'\n", type);
 935                                 return ;
 936                         }
 937
 938                         // Eat whitespace
 939                         if( space ) {
 940                                 *space = ' ';   // Repair (to be nice)
 941                                 space ++;
 942                                 while(*space == ' ')    space ++;
 943                         }
 944                 }       while(space);
 945         }
 946
 947         // Create iterator
 948         if( maxBal != INT_MAX ) {
 949                 flags = sort|BANK_ITFLAG_MAXBALANCE;
 950                 balValue = maxBal;
 951         }
 952         else if( minBal != INT_MIN ) {
 953                 flags = sort|BANK_ITFLAG_MINBALANCE;
 954                 balValue = minBal;
 955         }
 956         else {
 957                 flags = sort;
 958                 balValue = 0;
 959         }
 960         if( lastSeenBefore ) {
 961                 timeValue = lastSeenBefore;
 962                 flags |= BANK_ITFLAG_SEENBEFORE;
 963         }
 964         else if( lastSeenAfter ) {
 965                 timeValue = lastSeenAfter;
 966                 flags |= BANK_ITFLAG_SEENAFTER;
 967         }
 968         else {
 969                 timeValue = 0;
 970         }
 971         it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
 972
 973         // Get return number
 974         while( (i = Bank_IteratorNext(it)) != -1 )
 975         {
 976                 int bal = Bank_GetBalance(i);
 977
 978                 if( bal == INT_MIN )    continue;
 979
 980                 if( bal < minBal )      continue;
 981                 if( bal > maxBal )      continue;
 982
 983                 numRet ++;
 984         }
 985
 986         Bank_DelIterator(it);
 987
 988         // Send count
 989         sendf(Client->Socket, "201 Users %i\n", numRet);
 990
 991
 992         // Create iterator
 993         it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
 994
 995         while( (i = Bank_IteratorNext(it)) != -1 )
 996         {
 997                 int bal = Bank_GetBalance(i);
 998
 999                 if( bal == INT_MIN )    continue;
1000
1001                 if( bal < minBal )      continue;
1002                 if( bal > maxBal )      continue;
1003
1004                 _SendUserInfo(Client, i);
1005         }
1006
1007         Bank_DelIterator(it);
1008
1009         sendf(Client->Socket, "200 List End\n");
1010 }
1011
1012 void Server_Cmd_USERINFO(tClient *Client, char *Args)
1013 {
1014          int    uid;
1015         char    *user;
1016
1017         // Parse arguments
1018         if( Server_int_ParseArgs(0, Args, &user, NULL) ) {
1019                 sendf(Client->Socket, "407 USER_INFO takes 1 argument\n");
1020                 return ;
1021         }
1022
1023         if( giDebugLevel )      Debug(Client, "User Info '%s'", user);
1024
1025         // Get recipient
1026         uid = Bank_GetAcctByName(user);
1027
1028         if( giDebugLevel >= 2 ) Debug(Client, "uid = %i", uid);
1029         if( uid == -1 ) {
1030                 sendf(Client->Socket, "404 Invalid user\n");
1031                 return ;
1032         }
1033
1034         _SendUserInfo(Client, uid);
1035 }
1036
1037 void _SendUserInfo(tClient *Client, int UserID)
1038 {
1039         char    *type, *disabled="", *door="";
1040          int    flags = Bank_GetFlags(UserID);
1041
1042         if( flags & USER_FLAG_INTERNAL ) {
1043                 type = "internal";
1044         }
1045         else if( flags & USER_FLAG_COKE ) {
1046                 if( flags & USER_FLAG_ADMIN )
1047                         type = "coke,admin";
1048                 else
1049                         type = "coke";
1050         }
1051         else if( flags & USER_FLAG_ADMIN ) {
1052                 type = "admin";
1053         }
1054         else {
1055                 type = "user";
1056         }
1057
1058         if( flags & USER_FLAG_DISABLED )
1059                 disabled = ",disabled";
1060         if( flags & USER_FLAG_DOORGROUP )
1061                 door = ",door";
1062
1063         // TODO: User flags/type
1064         sendf(
1065                 Client->Socket, "202 User %s %i %s%s%s\n",
1066                 Bank_GetAcctName(UserID), Bank_GetBalance(UserID),
1067                 type, disabled, door
1068                 );
1069 }
1070
1071 void Server_Cmd_USERADD(tClient *Client, char *Args)
1072 {
1073         char    *username;
1074
1075         // Parse arguments
1076         if( Server_int_ParseArgs(0, Args, &username, NULL) ) {
1077                 sendf(Client->Socket, "407 USER_ADD takes 1 argument\n");
1078                 return ;
1079         }
1080
1081         // Check permissions
1082         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
1083                 sendf(Client->Socket, "403 Not a coke admin\n");
1084                 return ;
1085         }
1086
1087         // Try to create user
1088         if( Bank_CreateAcct(username) == -1 ) {
1089                 sendf(Client->Socket, "404 User exists\n");
1090                 return ;
1091         }
1092
1093         {
1094                 char    *thisName = Bank_GetAcctName(Client->UID);
1095                 Log_Info("Account '%s' created by '%s'", username, thisName);
1096                 free(thisName);
1097         }
1098
1099         sendf(Client->Socket, "200 User Added\n");
1100 }
1101
1102 void Server_Cmd_USERFLAGS(tClient *Client, char *Args)
1103 {
1104         char    *username, *flags;
1105          int    mask=0, value=0;
1106          int    uid;
1107
1108         // Parse arguments
1109         if( Server_int_ParseArgs(0, Args, &username, &flags, NULL) ) {
1110                 sendf(Client->Socket, "407 USER_FLAGS takes 2 arguments\n");
1111                 return ;
1112         }
1113
1114         // Check permissions
1115         if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
1116                 sendf(Client->Socket, "403 Not a coke admin\n");
1117                 return ;
1118         }
1119
1120         // Get UID
1121         uid = Bank_GetAcctByName(username);
1122         if( uid == -1 ) {
1123                 sendf(Client->Socket, "404 User '%s' not found\n", username);
1124                 return ;
1125         }
1126
1127         // Parse flags
1128         if( Server_int_ParseFlags(Client, flags, &mask, &value) )
1129                 return ;
1130
1131         if( giDebugLevel )
1132                 Debug(Client, "Set %i(%s) flags to %x (masked %x)\n",
1133                         uid, username, mask, value);
1134
1135         // Apply flags
1136         Bank_SetFlags(uid, mask, value);
1137
1138         // Return OK
1139         sendf(Client->Socket, "200 User Updated\n");
1140 }
1141
1142 // --- INTERNAL HELPERS ---
1143 void Debug(tClient *Client, const char *Format, ...)
1144 {
1145         va_list args;
1146         //printf("%010i [%i] ", (int)time(NULL), Client->ID);
1147         printf("[%i] ", Client->ID);
1148         va_start(args, Format);
1149         vprintf(Format, args);
1150         va_end(args);
1151         printf("\n");
1152 }
1153
1154 int sendf(int Socket, const char *Format, ...)
1155 {
1156         va_list args;
1157          int    len;
1158
1159         va_start(args, Format);
1160         len = vsnprintf(NULL, 0, Format, args);
1161         va_end(args);
1162
1163         {
1164                 char    buf[len+1];
1165                 va_start(args, Format);
1166                 vsnprintf(buf, len+1, Format, args);
1167                 va_end(args);
1168
1169                 #if DEBUG_TRACE_CLIENT
1170                 printf("sendf: %s", buf);
1171                 #endif
1172
1173                 return send(Socket, buf, len, 0);
1174         }
1175 }
1176
1177 // Takes a series of char *'s in
1178 /**
1179  * \brief Parse space-separated entries into
1180  */
1181 int Server_int_ParseArgs(int bUseLongLast, char *ArgStr, ...)
1182 {
1183         va_list args;
1184         char    savedChar = *ArgStr;
1185         char    **dest;
1186         va_start(args, ArgStr);
1187
1188         printf("Server_int_ParseArgs: ArgStr = '%s'\n", ArgStr);
1189
1190         while( (dest = va_arg(args, char **)) )
1191         {
1192                 printf(" dest = %p\n", dest);
1193                 // Trim leading spaces
1194                 while( *ArgStr == ' ' || *ArgStr == '\t' )
1195                         ArgStr ++;
1196
1197                 // ... oops, not enough arguments
1198                 if( *ArgStr == '\0' )
1199                 {
1200                         // NULL unset arguments
1201                         do {
1202                                 *dest = NULL;
1203                         }       while( (dest = va_arg(args, char **)) );
1204                         return -1;
1205                 }
1206
1207                 // Set destination
1208                 *dest = ArgStr;
1209
1210                 if( *ArgStr == '"' )
1211                 {
1212                         // Read until quote
1213                         while( *ArgStr && *ArgStr != '"' )
1214                                 ArgStr ++;
1215                 }
1216                 else
1217                 {
1218                         // Read until a space
1219                         while( *ArgStr && *ArgStr != ' ' && *ArgStr != '\t' )
1220                                 ArgStr ++;
1221                 }
1222                 savedChar = *ArgStr;    // savedChar is used to un-mangle the last string
1223                 *ArgStr = '\0';
1224                 ArgStr ++;
1225         }
1226
1227         // Oops, extra arguments, and greedy not set
1228         if( savedChar == ' ' && bUseLongLast )
1229                 return -1;
1230
1231         // Un-mangle last
1232         if(bUseLongLast) {
1233                 ArgStr --;
1234                 *ArgStr = savedChar;
1235         }
1236
1237         va_end(args);
1238
1239         return 0;       // Success!
1240 }
1241
1242 int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value)
1243 {
1244         struct {
1245                 const char      *Name;
1246                  int    Mask;
1247                  int    Value;
1248         }       cFLAGS[] = {
1249                  {"disabled", USER_FLAG_DISABLED, USER_FLAG_DISABLED}
1250                 ,{"door", USER_FLAG_DOORGROUP, USER_FLAG_DOORGROUP}
1251                 ,{"coke", USER_FLAG_COKE, USER_FLAG_COKE}
1252                 ,{"admin", USER_FLAG_ADMIN, USER_FLAG_ADMIN}
1253                 ,{"internal", USER_FLAG_INTERNAL, USER_FLAG_INTERNAL}
1254         };
1255         const int       ciNumFlags = sizeof(cFLAGS)/sizeof(cFLAGS[0]);
1256
1257         char    *space;
1258
1259         *Mask = 0;
1260         *Value = 0;
1261
1262         do {
1263                  int    bRemove = 0;
1264                  int    i;
1265                  int    len;
1266
1267                 while( *Str == ' ' )    Str ++; // Eat whitespace
1268                 space = strchr(Str, ',');       // Find the end of the flag
1269                 if(space)
1270                         len = space - Str;
1271                 else
1272                         len = strlen(Str);
1273
1274                 // Check for inversion/removal
1275                 if( *Str == '!' || *Str == '-' ) {
1276                         bRemove = 1;
1277                         Str ++;
1278                 }
1279                 else if( *Str == '+' ) {
1280                         Str ++;
1281                 }
1282
1283                 // Check flag values
1284                 for( i = 0; i < ciNumFlags; i ++ )
1285                 {
1286                         if( strncmp(Str, cFLAGS[i].Name, len) == 0 ) {
1287                                 *Mask |= cFLAGS[i].Mask;
1288                                 *Value &= ~cFLAGS[i].Mask;
1289                                 if( !bRemove )
1290                                         *Value |= cFLAGS[i].Value;
1291                                 break;
1292                         }
1293                 }
1294
1295                 // Error check
1296                 if( i == ciNumFlags ) {
1297                         char    val[len+1];
1298                         strncpy(val, Str, len+1);
1299                         sendf(Client->Socket, "407 Unknown flag value '%s'\n", val);
1300                         return -1;
1301                 }
1302
1303                 Str = space + 1;
1304         } while(space);
1305
1306         return 0;
1307 }