+ // Item number (6 = coke)
+ else if( strcmp(gsItemPattern, "0") == 0 || atoi(gsItemPattern) > 0 )
+ {
+ i = atoi(gsItemPattern);
+ }
+ // Item prefix
+ else
+ {
+ int j;
+ int best = -1;
+ for( i = 0; i < giNumItems; i ++ )
+ {
+ // Prefix match (with case-insensitive match)
+ for( j = 0; gsItemPattern[j]; j ++ )
+ {
+ if( gaItems[i].Desc[j] == gsItemPattern[j] )
+ continue;
+ if( tolower(gaItems[i].Desc[j]) == tolower(gsItemPattern[j]) )
+ continue;
+ break;
+ }
+ // Check if the prefix matched
+ if( gsItemPattern[j] != '\0' )
+ continue;
+
+ // Prefect match
+ if( gaItems[i].Desc[j] == '\0' ) {
+ best = i;
+ break;
+ }
+
+ // Only one match allowed
+ if( best == -1 ) {
+ best = i;
+ }
+ else {
+ // TODO: Allow ambiguous matches?
+ // or just print a wanrning
+ printf("Warning - Ambiguous pattern, stopping\n");
+ return 1;
+ }
+ }
+
+ // Was a match found?
+ if( best == -1 )
+ {
+ fprintf(stderr, "No item matches the passed string\n");
+ return 1;
+ }
+
+ i = best;
+ }
+ }
+ else if( giUIMode != UI_MODE_BASIC )
+ {
+ i = ShowNCursesUI();
+ }
+ else
+ {
+ // Very basic dispense interface
+ for( i = 0; i < giNumItems; i ++ ) {
+ // Add a separator
+ if( i && strcmp(gaItems[i].Type, gaItems[i-1].Type) != 0 )
+ printf(" ---\n");
+
+ printf("%2i %s:%i\t%3i %s\n", i, gaItems[i].Type, gaItems[i].ID,
+ gaItems[i].Price, gaItems[i].Desc);
+ }
+ printf(" q Quit\n");
+ for(;;)
+ {
+ char *buf;
+
+ i = -1;
+
+ fgets(buffer, BUFSIZ, stdin);
+
+ buf = trim(buffer);
+
+ if( buf[0] == 'q' ) break;
+
+ i = atoi(buf);
+
+ if( i != 0 || buf[0] == '0' )
+ {
+ if( i < 0 || i >= giNumItems ) {
+ printf("Bad item %i (should be between 0 and %i)\n", i, giNumItems);
+ continue;
+ }
+ break;
+ }
+ }
+ }
+
+
+ // Check for a valid item ID
+ if( i >= 0 )
+ {
+ // Connect, Authenticate, dispense and close
+ sock = OpenConnection(gsDispenseServer, giDispensePort);
+ if( sock < 0 ) return -1;
+
+ Dispense_ItemInfo(sock, gaItems[i].Type, gaItems[i].ID);
+
+ Authenticate(sock);
+ ret = DispenseItem(sock, gaItems[i].Type, gaItems[i].ID);
+ close(sock);
+ }
+
+ return ret;
+}
+
+void ShowUsage(void)
+{
+ printf(
+ "Usage:\n"
+ " == Everyone ==\n"
+ " dispense\n"
+ " Show interactive list\n"
+ " dispense <item>\n"
+ " Dispense named item\n"
+ " dispense give <user> <ammount> \"<reason>\"\n"
+ " Give money to another user\n"
+ " dispense donate <ammount> \"<reason>\"\n"
+ " Donate to the club\n"
+ " == Coke members == \n"
+ " dispense acct [<user>]\n"
+ " Show user balances\n"
+ " dispense acct <user> [+-]<ammount> \"<reason>\"\n"
+ " Alter a account value\n"
+ " == Dispense administrators ==\n"
+ " dispense acct <user> =<ammount> \"<reason>\"\n"
+ " Set an account balance\n"
+ " dispense user add <user>\n"
+ " Create new coke account (Admins only)\n"
+ " dispense user type <user> <flags>\n"
+ " Alter a user's flags\n"
+ " <flags> is a comma-separated list of user, coke, admin or disabled\n"
+ " Flags are removed by preceding the name with '-' or '!'\n"
+ "\n"
+ "General Options:\n"
+ " -u <username>\n"
+ " Set a different user (Coke members only)\n"
+ " -h / -?\n"
+ " Show help text\n"
+ " -G\n"
+ " Use alternate GUI\n"
+ " -m <min balance>\n"
+ " -M <max balance>\n"
+ " Set the Maximum/Minimum balances shown in `dispense acct`\n"
+ );
+}
+
+// -------------------
+// --- NCurses GUI ---
+// -------------------
+/**
+ * \brief Render the NCurses UI
+ */
+int ShowNCursesUI(void)
+{
+ // TODO: ncurses interface (with separation between item classes)
+ // - Hmm... that would require standardising the item ID to be <class>:<index>
+ // Oh, why not :)
+ int ch;
+ int i, times;
+ int xBase, yBase;
+ const int displayMinWidth = 40;
+ char *titleString = "Dispense";
+ int itemCount;
+ int maxItemIndex;
+ int itemBase = 0;
+ int currentItem;
+ int ret = -2; // -2: Used for marking "no return yet"
+
+ char balance_str[5+1+2+1]; // If $9999.99 is too little, something's wrong
+ char *username;
+ struct passwd *pwd;
+
+ int height, width;
+
+ // Get Username
+ if( gsEffectiveUser )
+ username = gsEffectiveUser;
+ else {
+ pwd = getpwuid( getuid() );
+ username = pwd->pw_name;
+ }
+ // Get balance
+ snprintf(balance_str, sizeof balance_str, "$%i.%02i", giUserBalance/100, giUserBalance%100);
+
+ // Enter curses mode
+ initscr();
+ raw(); noecho();
+
+ // Get max index
+ maxItemIndex = ShowItemAt(0, 0, 0, -1, 0);
+ // Get item count per screen
+ // - 6: randomly chosen (Need at least 3)
+ itemCount = LINES - 6;
+ if( itemCount > maxItemIndex )
+ itemCount = maxItemIndex;
+ // Get first index
+ currentItem = 0;
+ while( ShowItemAt(0, 0, 0, currentItem, 0) == -1 )
+ currentItem ++;
+
+
+ // Get dimensions
+ height = itemCount + 3;
+ width = displayMinWidth;
+
+ // Get positions
+ xBase = COLS/2 - width/2;
+ yBase = LINES/2 - height/2;
+
+ for( ;; )
+ {
+ // Header
+ PrintAlign(yBase, xBase, width, "/", '-', titleString, '-', "\\");
+
+ // Items
+ for( i = 0; i < itemCount; i ++ )
+ {
+ int pos = 0;
+
+ move( yBase + 1 + i, xBase );
+ printw("| ");
+
+ pos += 2;
+
+ // Check for the '...' row
+ // - Oh god, magic numbers!
+ if( (i == 0 && itemBase > 0)
+ || (i == itemCount - 1 && itemBase < maxItemIndex - itemCount) )
+ {
+ printw(" ..."); pos += 8;
+ times = (width - pos) - 1;
+ while(times--) addch(' ');
+ }
+ // Show an item
+ else {
+ ShowItemAt(
+ yBase + 1 + i, xBase + pos, // Position
+ (width - pos) - 3, // Width
+ itemBase + i, // Index
+ !!(currentItem == itemBase + i) // Hilighted
+ );
+ printw(" ");
+ }
+
+ // Scrollbar (if needed)
+ if( maxItemIndex > itemCount ) {
+ if( i == 0 ) {
+ addch('A');
+ }
+ else if( i == itemCount - 1 ) {
+ addch('V');
+ }
+ else {
+ int percentage = itemBase * 100 / (maxItemIndex-itemCount);
+ if( i-1 == percentage*(itemCount-3)/100 ) {
+ addch('#');
+ }
+ else {
+ addch('|');
+ }
+ }
+ }
+ else {
+ addch('|');
+ }
+ }
+
+ // Footer
+ PrintAlign(yBase+height-2, xBase, width, "\\", '-', "", '-', "/");
+
+ // User line
+ // - Username, balance, flags
+ PrintAlign(yBase+height-1, xBase+1, width-2,
+ username, ' ', balance_str, ' ', gsUserFlags);
+
+
+ // Get input
+ ch = getch();
+
+ if( ch == '\x1B' ) {
+ ch = getch();
+ if( ch == '[' ) {
+ ch = getch();
+
+ switch(ch)
+ {
+ case 'B':
+ currentItem ++;
+ // Skip over spacers
+ while( ShowItemAt(0, 0, 0, currentItem, 0) == -1 )
+ currentItem ++;
+
+ if( currentItem >= maxItemIndex ) {
+ currentItem = 0;
+ // Skip over spacers
+ while( ShowItemAt(0, 0, 0, currentItem, 0) == -1 )
+ currentItem ++;
+ }
+ break;
+ case 'A':
+ currentItem --;
+ // Skip over spacers
+ while( ShowItemAt(0, 0, 0, currentItem, 0) == -1 )
+ currentItem --;
+
+ if( currentItem < 0 ) {
+ currentItem = maxItemIndex - 1;
+ // Skip over spacers
+ while( ShowItemAt(0, 0, 0, currentItem, 0) == -1 )
+ currentItem --;
+ }
+ break;
+ }
+ }
+ else {
+
+ }
+
+ if( itemCount > maxItemIndex && currentItem < itemBase + 2 && itemBase > 0 )
+ itemBase = currentItem - 2;
+ if( itemCount > maxItemIndex && currentItem > itemBase + itemCount - 2 && itemBase < maxItemIndex-1 )
+ itemBase = currentItem - itemCount + 2;
+ }
+ else {
+ switch(ch)
+ {
+ case '\n':
+ ret = ShowItemAt(0, 0, 0, currentItem, 0);
+ break;
+ case 'q':
+ ret = -1; // -1: Return with no dispense
+ break;
+ }
+
+ // Check if the return value was changed
+ if( ret != -2 ) break;
+ }
+
+ }
+
+
+ // Leave
+ endwin();
+ return ret;
+}
+
+/**
+ * \brief Show item \a Index at (\a Col, \a Row)
+ * \return Dispense index of item
+ * \note Part of the NCurses UI
+ */
+int ShowItemAt(int Row, int Col, int Width, int Index, int bHilighted)
+{
+ int _x, _y, times;
+ char *name = NULL;
+ int price = 0;
+ int status = -1;
+
+ switch(giUIMode)
+ {
+ // Standard UI
+ // - This assumes that
+ case UI_MODE_STANDARD:
+ // Bounds check
+ // Index = -1, request limit
+ if( Index < 0 || Index >= giNumItems+2 )
+ return giNumItems+2;
+ // Drink label
+ if( Index == 0 )
+ {
+ price = 0;
+ name = "Coke Machine";
+ Index = -1; // -1 indicates a label
+ break;
+ }
+ Index --;
+ // Drinks 0 - 6
+ if( Index <= 6 )
+ {
+ name = gaItems[Index].Desc;
+ price = gaItems[Index].Price;
+ status = gaItems[Index].Status;
+ break;
+ }
+ Index -= 7;
+ // EPS label
+ if( Index == 0 )
+ {
+ price = 0;
+ name = "Electronic Payment System";
+ Index = -1; // -1 indicates a label
+ break;
+ }
+ Index --;
+ Index += 7;
+ name = gaItems[Index].Desc;
+ price = gaItems[Index].Price;
+ status = gaItems[Index].Status;
+ break;
+ default:
+ return -1;
+ }
+
+ // Width = 0, don't print
+ if( Width > 0 )
+ {
+ move( Row, Col );
+
+ if( Index >= 0 )
+ {
+ // Show hilight and status
+ switch( status )
+ {
+ case 0:
+ if( bHilighted )
+ printw("-> ");
+ else
+ printw(" ");
+ break;
+ case 1:
+ printw("SLD");
+ break;
+
+ default:
+ case -1:
+ printw("ERR");
+ break;
+ }
+
+ printw(" %s", name);
+
+ getyx(stdscr, _y, _x);
+ // Assumes max 4 digit prices
+ times = Width - 5 - (_x - Col); // TODO: Better handling for large prices
+ while(times--) addch(' ');
+
+ printw(" %4i", price);
+ }
+ else
+ {
+ printw("-- %s", name);
+ getyx(stdscr, _y, _x);
+ times = Width - 4 - (_x - Col);
+ while(times--) addch(' ');
+ printw(" ");
+ }
+ }
+
+ // If the item isn't availiable for sale, return -1 (so it's skipped)
+ if( status )
+ Index = -1;
+
+ return Index;
+}
+
+/**
+ * \brief Print a three-part string at the specified position (formatted)
+ * \note NCurses UI Helper
+ *
+ * Prints \a Left on the left of the area, \a Right on the righthand side
+ * and \a Mid in the middle of the area. These are padded with \a Pad1
+ * between \a Left and \a Mid, and \a Pad2 between \a Mid and \a Right.
+ *
+ * ::printf style format codes are allowed in \a Left, \a Mid and \a Right,
+ * and the arguments to these are read in that order.
+ */
+void PrintAlign(int Row, int Col, int Width, const char *Left, char Pad1,
+ const char *Mid, char Pad2, const char *Right, ...)
+{
+ int lLen, mLen, rLen;
+ int times;
+
+ va_list args;
+
+ // Get the length of the strings
+ va_start(args, Right);
+ lLen = vsnprintf(NULL, 0, Left, args);
+ mLen = vsnprintf(NULL, 0, Mid, args);
+ rLen = vsnprintf(NULL, 0, Right, args);
+ va_end(args);
+
+ // Sanity check
+ if( lLen + mLen/2 > Width/2 || mLen/2 + rLen > Width/2 ) {
+ return ; // TODO: What to do?
+ }
+
+ move(Row, Col);
+
+ // Render strings
+ va_start(args, Right);
+ // - Left
+ {
+ char tmp[lLen+1];
+ vsnprintf(tmp, lLen+1, Left, args);
+ addstr(tmp);
+ }
+ // - Left padding
+ times = (Width - mLen)/2 - lLen;
+ while(times--) addch(Pad1);
+ // - Middle
+ {
+ char tmp[mLen+1];
+ vsnprintf(tmp, mLen+1, Mid, args);
+ addstr(tmp);
+ }
+ // - Right Padding
+ times = (Width - mLen)/2 - rLen;
+ if( (Width - mLen) % 2 ) times ++;
+ while(times--) addch(Pad2);
+ // - Right
+ {
+ char tmp[rLen+1];
+ vsnprintf(tmp, rLen+1, Right, args);
+ addstr(tmp);
+ }
+}
+
+// ---------------------
+// --- Coke Protocol ---
+// ---------------------
+int OpenConnection(const char *Host, int Port)
+{
+ struct hostent *host;
+ struct sockaddr_in serverAddr;
+ int sock;
+
+ host = gethostbyname(Host);
+ if( !host ) {
+ fprintf(stderr, "Unable to look up '%s'\n", Host);
+ return -1;
+ }
+
+ memset(&serverAddr, 0, sizeof(serverAddr));
+
+ serverAddr.sin_family = AF_INET; // IPv4
+ // NOTE: I have a suspicion that IPv6 will play sillybuggers with this :)
+ serverAddr.sin_addr.s_addr = *((unsigned long *) host->h_addr_list[0]);
+ serverAddr.sin_port = htons(Port);
+
+ sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
+ if( sock < 0 ) {
+ fprintf(stderr, "Failed to create socket\n");
+ return -1;
+ }
+
+// printf("geteuid() = %i, getuid() = %i\n", geteuid(), getuid());
+
+ if( geteuid() == 0 || getuid() == 0 )
+ {
+ int i;
+ struct sockaddr_in localAddr;
+ memset(&localAddr, 0, sizeof(localAddr));
+ localAddr.sin_family = AF_INET; // IPv4
+
+ // Loop through all the top ports until one is avaliable
+ for( i = 512; i < 1024; i ++)
+ {
+ localAddr.sin_port = htons(i); // IPv4
+ // Attempt to bind to low port for autoauth
+ if( bind(sock, (struct sockaddr*)&localAddr, sizeof(localAddr)) == 0 )
+ break;
+ }
+ if( i == 1024 )
+ printf("Warning: AUTOAUTH unavaliable\n");
+// else
+// printf("Bound to 0.0.0.0:%i\n", i);
+ }
+
+ if( connect(sock, (struct sockaddr *) &serverAddr, sizeof(serverAddr)) < 0 ) {
+ fprintf(stderr, "Failed to connect to server\n");
+ return -1;
+ }
+
+ return sock;
+}
+
+/**
+ * \brief Authenticate with the server
+ * \return Boolean Failure
+ */
+int Authenticate(int Socket)
+{
+ struct passwd *pwd;
+ char *buf;
+ int responseCode;
+ char salt[32];
+ int i;
+ regmatch_t matches[4];
+
+ if( gbIsAuthenticated ) return 0;
+
+ // Get user name
+ pwd = getpwuid( getuid() );
+
+ // Attempt automatic authentication
+ sendf(Socket, "AUTOAUTH %s\n", pwd->pw_name);
+
+ // Check if it worked
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+ switch( responseCode )
+ {
+ case 200: // Autoauth succeeded, return
+ free(buf);
+ break;
+
+ case 401: // Untrusted, attempt password authentication
+ free(buf);
+
+ sendf(Socket, "USER %s\n", pwd->pw_name);
+ printf("Using username %s\n", pwd->pw_name);
+
+ buf = ReadLine(Socket);
+
+ // TODO: Get Salt
+ // Expected format: 100 SALT <something> ...
+ // OR : 100 User Set
+ RunRegex(&gSaltRegex, buf, 4, matches, "Malformed server response");
+ responseCode = atoi(buf);
+ if( responseCode != 100 ) {
+ fprintf(stderr, "Unknown repsonse code %i from server\n%s\n", responseCode, buf);
+ free(buf);
+ return -1; // ERROR
+ }
+
+ // Check for salt
+ if( memcmp( buf+matches[2].rm_so, "SALT", matches[2].rm_eo - matches[2].rm_so) == 0) {
+ // Store it for later
+ memcpy( salt, buf + matches[3].rm_so, matches[3].rm_eo - matches[3].rm_so );
+ salt[ matches[3].rm_eo - matches[3].rm_so ] = 0;
+ }
+ free(buf);
+
+ // Give three attempts
+ for( i = 0; i < 3; i ++ )
+ {
+ int ofs = strlen(pwd->pw_name)+strlen(salt);
+ char tmpBuf[42];
+ char tmp[ofs+20];
+ char *pass = getpass("Password: ");
+ uint8_t h[20];
+
+ // Create hash string
+ // <username><salt><hash>
+ strcpy(tmp, pwd->pw_name);
+ strcat(tmp, salt);
+ SHA1( (unsigned char*)pass, strlen(pass), h );
+ memcpy(tmp+ofs, h, 20);
+
+ // Hash all that
+ SHA1( (unsigned char*)tmp, ofs+20, h );
+ sprintf(tmpBuf, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
+ h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
+ );
+
+ // Send password
+ sendf(Socket, "PASS %s\n", tmpBuf);
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+ // Auth OK?
+ if( responseCode == 200 ) break;
+ // Bad username/password
+ if( responseCode == 401 ) continue;
+
+ fprintf(stderr, "Unknown repsonse code %i from server\n%s\n", responseCode, buf);
+ free(buf);
+ return -1;
+ }
+ free(buf);
+ if( i == 3 )
+ return 2; // 2 = Bad Password
+ break;
+
+ case 404: // Bad Username
+ fprintf(stderr, "Bad Username '%s'\n", pwd->pw_name);
+ free(buf);
+ return 1;
+
+ default:
+ fprintf(stderr, "Unkown response code %i from server\n", responseCode);
+ printf("%s\n", buf);
+ free(buf);
+ return -1;
+ }
+
+ // Set effective user
+ if( gsEffectiveUser ) {
+ sendf(Socket, "SETEUSER %s\n", gsEffectiveUser);
+
+ buf = ReadLine(Socket);
+ responseCode = atoi(buf);
+
+ switch(responseCode)
+ {
+ case 200:
+ printf("Running as '%s' by '%s'\n", gsEffectiveUser, pwd->pw_name);
+ break;
+
+ case 403:
+ printf("Only coke members can use `dispense -u`\n");
+ free(buf);
+ return -1;
+
+ case 404:
+ printf("Invalid user selected\n");
+ free(buf);
+ return -1;
+
+ default:
+ fprintf(stderr, "Unkown response code %i from server\n", responseCode);
+ printf("%s\n", buf);
+ free(buf);
+ exit(-1);
+ }
+
+ free(buf);
+ }
+
+ gbIsAuthenticated = 1;
+
+ return 0;
+}
+
+int GetUserBalance(int Socket)
+{
+ regmatch_t matches[6];
+ struct passwd *pwd;
+ char *buf;
+ int responseCode;
+
+ if( !gsUserName )
+ {
+ if( gsEffectiveUser ) {
+ gsUserName = gsEffectiveUser;
+ }
+ else {
+ pwd = getpwuid( getuid() );
+ gsUserName = strdup(pwd->pw_name);
+ }
+ }
+
+ sendf(Socket, "USER_INFO %s\n", gsUserName);
+ buf = ReadLine(Socket);
+ responseCode = atoi(buf);
+ switch(responseCode)
+ {
+ case 202: break; // Ok
+
+ case 404:
+ printf("Invalid user? (USER_INFO failed)\n");
+ free(buf);
+ return -1;
+
+ default:
+ fprintf(stderr, "Unkown response code %i from server\n", responseCode);
+ printf("%s\n", buf);
+ free(buf);
+ exit(-1);