#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
+#include <fcntl.h> // O_*
#include <string.h>
+#include <limits.h>
+#include <stdarg.h>
+#include <signal.h> // Signal handling
+#include <ident.h> // AUTHIDENT
+#include <time.h> // time(2)
-// HACKS
-#define HACK_TPG_NOAUTH 1
-#define HACK_ROOT_NOAUTH 1
+#define DEBUG_TRACE_CLIENT 0
+#define HACK_NO_REFUNDS 1
// Statistics
#define MAX_CONNECTION_QUEUE 5
#define INPUT_BUFFER_SIZE 256
+#define CLIENT_TIMEOUT 10 // Seconds
#define HASH_TYPE SHA1
#define HASH_LENGTH 20
#define MSG_STR_TOO_LONG "499 Command too long (limit "EXPSTR(INPUT_BUFFER_SIZE)")\n"
+#define IDENT_TRUSTED_NETWORK 0x825F0D00
+#define IDENT_TRUSTED_NETMASK 0xFFFFFFC0
+
// === TYPES ===
typedef struct sClient
{
+ int Socket; // Client socket ID
int ID; // Client ID
int bIsTrusted; // Is the connection from a trusted host/port
char Salt[9];
int UID;
+ int EffectiveUID;
int bIsAuthed;
} tClient;
void Server_Start(void);
void Server_Cleanup(void);
void Server_HandleClient(int Socket, int bTrusted);
-char *Server_ParseClientCommand(tClient *Client, char *CommandString);
+void Server_ParseClientCommand(tClient *Client, char *CommandString);
// --- Commands ---
-char *Server_Cmd_USER(tClient *Client, char *Args);
-char *Server_Cmd_PASS(tClient *Client, char *Args);
-char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
-char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
-char *Server_Cmd_ITEMINFO(tClient *Client, char *Args);
-char *Server_Cmd_DISPENSE(tClient *Client, char *Args);
+void Server_Cmd_USER(tClient *Client, char *Args);
+void Server_Cmd_PASS(tClient *Client, char *Args);
+void Server_Cmd_AUTOAUTH(tClient *Client, char *Args);
+void Server_Cmd_AUTHIDENT(tClient *Client, char *Args);
+void Server_Cmd_SETEUSER(tClient *Client, char *Args);
+void Server_Cmd_ENUMITEMS(tClient *Client, char *Args);
+void Server_Cmd_ITEMINFO(tClient *Client, char *Args);
+void Server_Cmd_DISPENSE(tClient *Client, char *Args);
+void Server_Cmd_REFUND(tClient *Client, char *Args);
+void Server_Cmd_GIVE(tClient *Client, char *Args);
+void Server_Cmd_DONATE(tClient *Client, char *Args);
+void Server_Cmd_ADD(tClient *Client, char *Args);
+void Server_Cmd_SET(tClient *Client, char *Args);
+void Server_Cmd_ENUMUSERS(tClient *Client, char *Args);
+void Server_Cmd_USERINFO(tClient *Client, char *Args);
+void _SendUserInfo(tClient *Client, int UserID);
+void Server_Cmd_USERADD(tClient *Client, char *Args);
+void Server_Cmd_USERFLAGS(tClient *Client, char *Args);
+void Server_Cmd_UPDATEITEM(tClient *Client, char *Args);
// --- Helpers ---
- int GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash);
-void HexBin(uint8_t *Dest, char *Src, int BufSize);
+void Debug(tClient *Client, const char *Format, ...);
+ int sendf(int Socket, const char *Format, ...);
+ int Server_int_ParseArgs(int bUseLongArg, char *ArgStr, ...);
+ int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value);
-// === GLOBALS ===
- int giServer_Port = 1020;
- int giServer_NextClientID = 1;
+// === CONSTANTS ===
// - Commands
-struct sClientCommand {
- char *Name;
- char *(*Function)(tClient *Client, char *Arguments);
+const struct sClientCommand {
+ const char *Name;
+ void (*Function)(tClient *Client, char *Arguments);
} gaServer_Commands[] = {
{"USER", Server_Cmd_USER},
{"PASS", Server_Cmd_PASS},
{"AUTOAUTH", Server_Cmd_AUTOAUTH},
+ {"AUTHIDENT", Server_Cmd_AUTHIDENT},
+ {"SETEUSER", Server_Cmd_SETEUSER},
{"ENUM_ITEMS", Server_Cmd_ENUMITEMS},
{"ITEM_INFO", Server_Cmd_ITEMINFO},
- {"DISPENSE", Server_Cmd_DISPENSE}
+ {"DISPENSE", Server_Cmd_DISPENSE},
+ {"REFUND", Server_Cmd_REFUND},
+ {"GIVE", Server_Cmd_GIVE},
+ {"DONATE", Server_Cmd_DONATE},
+ {"ADD", Server_Cmd_ADD},
+ {"SET", Server_Cmd_SET},
+ {"ENUM_USERS", Server_Cmd_ENUMUSERS},
+ {"USER_INFO", Server_Cmd_USERINFO},
+ {"USER_ADD", Server_Cmd_USERADD},
+ {"USER_FLAGS", Server_Cmd_USERFLAGS},
+ {"UPDATE_ITEM", Server_Cmd_UPDATEITEM}
};
-#define NUM_COMMANDS (sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))
- int giServer_Socket;
+#define NUM_COMMANDS ((int)(sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0])))
+
+// === GLOBALS ===
+// - Configuration
+ int giServer_Port = 11020;
+ int gbServer_RunInBackground = 0;
+char *gsServer_LogFile = "/var/log/dispsrv.log";
+char *gsServer_ErrorLog = "/var/log/dispsrv.err";
+// - State variables
+ int giServer_Socket; // Server socket
+ int giServer_NextClientID = 1; // Debug client ID
+
// === CODE ===
/**
struct sockaddr_in server_addr, client_addr;
atexit(Server_Cleanup);
+ // Ignore SIGPIPE (stops crashes when the client exits early)
+ signal(SIGPIPE, SIG_IGN);
// Create Server
giServer_Socket = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
perror("Binding");
return ;
}
+
+ // Fork into background
+ if( gbServer_RunInBackground )
+ {
+ int pid = fork();
+ if( pid == -1 ) {
+ fprintf(stderr, "ERROR: Unable to fork\n");
+ perror("fork background");
+ exit(-1);
+ }
+ if( pid != 0 ) {
+ // Parent, quit
+ printf("Forked child %i\n", pid);
+ exit(0);
+ }
+ // In child
+ // - Sort out stdin/stdout
+ #if 0
+ dup2( open("/dev/null", O_RDONLY, 0644), STDIN_FILENO );
+ dup2( open(gsServer_LogFile, O_CREAT|O_APPEND, 0644), STDOUT_FILENO );
+ dup2( open(gsServer_ErrorLog, O_CREAT|O_APPEND, 0644), STDERR_FILENO );
+ #else
+ freopen("/dev/null", "r", stdin);
+ freopen(gsServer_LogFile, "a", stdout);
+ freopen(gsServer_ErrorLog, "a", stderr);
+ fprintf(stdout, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL));
+ fprintf(stderr, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL));
+ #endif
+ }
+
+ // Start the helper thread
+ StartPeriodicThread();
// Listen
if( listen(giServer_Socket, MAX_CONNECTION_QUEUE) < 0 ) {
printf("Listening on 0.0.0.0:%i\n", giServer_Port);
+ // write pidfile
+ {
+ FILE *fp = fopen("/var/run/dispsrv.pid", "w");
+ if( fp ) {
+ fprintf(fp, "%i", getpid());
+ fclose(fp);
+ }
+ }
+
for(;;)
{
uint len = sizeof(client_addr);
int bTrusted = 0;
+ // Accept a connection
client_socket = accept(giServer_Socket, (struct sockaddr *) &client_addr, &len);
if(client_socket < 0) {
fprintf(stderr, "ERROR: Unable to accept client connection\n");
return ;
}
+ // Set a timeout on the user conneciton
+ {
+ struct timeval tv;
+ tv.tv_sec = CLIENT_TIMEOUT;
+ tv.tv_usec = 0;
+ if( setsockopt(client_socket, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) )
+ {
+ perror("setsockopt");
+ return ;
+ }
+ }
+
+ // Debug: Print the connection string
if(giDebugLevel >= 2) {
char ipstr[INET_ADDRSTRLEN];
inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN);
ipstr, ntohs(client_addr.sin_port));
}
+ // Doesn't matter what, localhost is trusted
+ if( ntohl( client_addr.sin_addr.s_addr ) == 0x7F000001 )
+ bTrusted = 1;
+
// Trusted Connections
if( ntohs(client_addr.sin_port) < 1024 )
{
switch( ntohl( client_addr.sin_addr.s_addr ) )
{
case 0x7F000001: // 127.0.0.1 localhost
- //case 0x825E0D00: // 130.95.13.0
- case 0x825E0D12: // 130.95.13.18 mussel
- case 0x825E0D17: // 130.95.13.23 martello
+ // case 0x825F0D00: // 130.95.13.0
+ case 0x825F0D04: // 130.95.13.4 merlo
+ // case 0x825F0D05: // 130.95.13.5 heathred (MR)
+ case 0x825F0D07: // 130.95.13.7 motsugo
+ case 0x825F0D11: // 130.95.13.17 mermaid
+ case 0x825F0D12: // 130.95.13.18 mussel
+ case 0x825F0D17: // 130.95.13.23 martello
+ case 0x825F0D2A: // 130.95.13.42 meersau
+ // case 0x825F0D42: // 130.95.13.66 heathred (Clubroom)
bTrusted = 1;
break;
default:
void Server_Cleanup(void)
{
- printf("Close(%i)\n", giServer_Socket);
+ printf("\nClose(%i)\n", giServer_Socket);
close(giServer_Socket);
+ unlink("/var/run/dispsrv.pid");
}
/**
char *buf = inbuf;
int remspace = INPUT_BUFFER_SIZE-1;
int bytes = -1;
- tClient clientInfo = {0};
+ tClient clientInfo;
+
+ memset(&clientInfo, 0, sizeof(clientInfo));
// Initialise Client info
+ clientInfo.Socket = Socket;
clientInfo.ID = giServer_NextClientID ++;
clientInfo.bIsTrusted = bTrusted;
+ clientInfo.EffectiveUID = -1;
// Read from client
/*
* it is saved to the beginning of `inbuf` and `buf` is updated to
* the end of it.
*/
+ // TODO: Use select() instead (to give a timeout)
while( (bytes = recv(Socket, buf, remspace, 0)) > 0 )
{
char *eol, *start;
start = inbuf;
while( (eol = strchr(start, '\n')) )
{
- char *ret;
*eol = '\0';
- ret = Server_ParseClientCommand(&clientInfo, start);
- // `ret` is a string on the heap
- send(Socket, ret, strlen(ret), 0);
- free(ret);
+
+ Server_ParseClientCommand(&clientInfo, start);
+
start = eol + 1;
}
* \param CommandString Command from client (single line of the command)
* \return Heap String to return to the client
*/
-char *Server_ParseClientCommand(tClient *Client, char *CommandString)
+void Server_ParseClientCommand(tClient *Client, char *CommandString)
{
- char *space, *args;
+ char *command, *args;
int i;
- // Split at first space
- space = strchr(CommandString, ' ');
- if(space == NULL) {
- args = NULL;
- }
- else {
- *space = '\0';
- args = space + 1;
+ if( giDebugLevel >= 2 )
+ Debug(Client, "Server_ParseClientCommand: (CommandString = '%s')", CommandString);
+
+ if( Server_int_ParseArgs(1, CommandString, &command, &args, NULL) )
+ {
+ if( command == NULL ) return ;
+ // Is this an error? (just ignore for now)
}
+
// Find command
for( i = 0; i < NUM_COMMANDS; i++ )
{
- if(strcmp(CommandString, gaServer_Commands[i].Name) == 0)
- return gaServer_Commands[i].Function(Client, args);
+ if(strcmp(command, gaServer_Commands[i].Name) == 0) {
+ if( giDebugLevel >= 2 )
+ Debug(Client, "CMD %s - \"%s\"", command, args);
+ gaServer_Commands[i].Function(Client, args);
+ return ;
+ }
}
- return strdup("400 Unknown Command\n");
+ sendf(Client->Socket, "400 Unknown Command\n");
}
// ---
*
* Usage: USER <username>
*/
-char *Server_Cmd_USER(tClient *Client, char *Args)
+void Server_Cmd_USER(tClient *Client, char *Args)
{
- char *ret;
+ char *username;
+
+ if( Server_int_ParseArgs(0, Args, &username, NULL) )
+ {
+ sendf(Client->Socket, "407 USER takes 1 argument\n");
+ return ;
+ }
// Debug!
if( giDebugLevel )
- printf("Client %i authenticating as '%s'\n", Client->ID, Args);
+ Debug(Client, "Authenticating as '%s'", username);
// Save username
if(Client->Username)
free(Client->Username);
- Client->Username = strdup(Args);
+ Client->Username = strdup(username);
#if USE_SALT
// Create a salt (that changes if the username is changed)
Client->Salt[7] = 0x21 + (rand()&0x3F);
// TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
- // "100 Salt xxxxXXXX\n"
- ret = strdup("100 SALT xxxxXXXX\n");
- sprintf(ret, "100 SALT %s\n", Client->Salt);
+ sendf(Client->Socket, "100 SALT %s\n", Client->Salt);
#else
- ret = strdup("100 User Set\n");
+ sendf(Client->Socket, "100 User Set\n");
#endif
- return ret;
}
/**
*
* Usage: PASS <hash>
*/
-char *Server_Cmd_PASS(tClient *Client, char *Args)
+void Server_Cmd_PASS(tClient *Client, char *Args)
{
- uint8_t clienthash[HASH_LENGTH] = {0};
-
- // Read user's hash
- HexBin(clienthash, Args, HASH_LENGTH);
-
- // TODO: Decrypt password passed
+ char *passhash;
+ int flags;
+
+ if( Server_int_ParseArgs(0, Args, &passhash, NULL) )
+ {
+ sendf(Client->Socket, "407 PASS takes 1 argument\n");
+ return ;
+ }
- Client->UID = GetUserAuth(Client->Salt, Client->Username, clienthash);
+ // Pass on to cokebank
+ Client->UID = Bank_GetUserAuth(Client->Salt, Client->Username, passhash);
- if( Client->UID != -1 ) {
- Client->bIsAuthed = 1;
- return strdup("200 Auth OK\n");
+ if( Client->UID == -1 ) {
+ sendf(Client->Socket, "401 Auth Failure\n");
+ return ;
}
- if( giDebugLevel ) {
- int i;
- printf("Client %i: Password hash ", Client->ID);
- for(i=0;i<HASH_LENGTH;i++)
- printf("%02x", clienthash[i]&0xFF);
- printf("\n");
+ flags = Bank_GetFlags(Client->UID);
+ if( flags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Account Disabled\n");
+ return ;
+ }
+ if( flags & USER_FLAG_INTERNAL ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Internal account\n");
+ return ;
}
- return strdup("401 Auth Failure\n");
+ Client->bIsAuthed = 1;
+ sendf(Client->Socket, "200 Auth OK\n");
}
/**
*
* Usage: AUTOAUTH <user>
*/
-char *Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
+void Server_Cmd_AUTOAUTH(tClient *Client, char *Args)
{
- char *spos = strchr(Args, ' ');
- if(spos) *spos = '\0'; // Remove characters after the ' '
+ char *username;
+ int userflags;
+
+ if( Server_int_ParseArgs(0, Args, &username, NULL) )
+ {
+ sendf(Client->Socket, "407 AUTOAUTH takes 1 argument\n");
+ return ;
+ }
// Check if trusted
if( !Client->bIsTrusted ) {
if(giDebugLevel)
- printf("Client %i: Untrusted client attempting to AUTOAUTH\n", Client->ID);
- return strdup("401 Untrusted\n");
+ Debug(Client, "Untrusted client attempting to AUTOAUTH");
+ sendf(Client->Socket, "401 Untrusted\n");
+ return ;
}
// Get UID
- Client->UID = GetUserID( Args );
+ Client->UID = Bank_GetAcctByName( username, 0 );
if( Client->UID < 0 ) {
if(giDebugLevel)
- printf("Client %i: Unknown user '%s'\n", Client->ID, Args);
- return strdup("401 Auth Failure\n");
+ Debug(Client, "Unknown user '%s'", username);
+ sendf(Client->Socket, "403 Auth Failure\n");
+ return ;
}
+ userflags = Bank_GetFlags(Client->UID);
+ // You can't be an internal account
+ if( userflags & USER_FLAG_INTERNAL ) {
+ if(giDebugLevel)
+ Debug(Client, "Autoauth as '%s', not allowed", username);
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Account is internal\n");
+ return ;
+ }
+
+ // Disabled accounts
+ if( userflags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Account disabled\n");
+ return ;
+ }
+
+ // Save username
+ if(Client->Username)
+ free(Client->Username);
+ Client->Username = strdup(username);
+
+ Client->bIsAuthed = 1;
+
if(giDebugLevel)
- printf("Client %i: Authenticated as '%s' (%i)\n", Client->ID, Args, Client->UID);
+ Debug(Client, "Auto authenticated as '%s' (%i)", username, Client->UID);
- return strdup("200 Auth OK\n");
+ sendf(Client->Socket, "200 Auth OK\n");
}
/**
- * \brief Enumerate the items that the server knows about
+ * \brief Authenticate as a user using the IDENT protocol
+ *
+ * Usage: AUTHIDENT
*/
-char *Server_Cmd_ENUMITEMS(tClient *Client, char *Args)
+void Server_Cmd_AUTHIDENT(tClient *Client, char *Args)
{
- int retLen;
- int i;
- char *ret;
+ char *username;
+ int userflags;
+ const int ident_timeout = 5;
+ socklen_t len;
+ struct sockaddr_in client_addr;
+ uint32_t client_ip;
+
+ if( Args != NULL && strlen(Args) ) {
+ sendf(Client->Socket, "407 AUTHIDENT takes no arguments\n");
+ return ;
+ }
- retLen = snprintf(NULL, 0, "201 Items %i", giNumItems);
+ // Check if trusted (only works with INET sockets at present)
+ len = sizeof(client_addr);
+ if( getpeername(Client->Socket, (struct sockaddr*)&client_addr, &len) == -1 ) {
+ Debug(Client, "500 getpeername() failed\n");
+ perror("Getting AUTHIDENT peer name");
+ sendf(Client->Socket, "500 getpeername() failed\n");
+ return ;
+ }
- for( i = 0; i < giNumItems; i ++ )
+ client_ip = client_addr.sin_addr.s_addr;
+ if(giDebugLevel >= 2) {
+ Debug(Client, "client_ip = %x, ntohl(client_ip) = %x", client_ip, ntohl(client_ip));
+ }
+ if( ntohl(client_ip) != 0x7F000001 && (ntohl(client_ip) & IDENT_TRUSTED_NETMASK) != IDENT_TRUSTED_NETWORK ) {
+ if(giDebugLevel)
+ Debug(Client, "Untrusted client attempting to AUTHIDENT");
+ sendf(Client->Socket, "401 Untrusted\n");
+ return ;
+ }
+
+ // Get username via IDENT
+ username = ident_id(Client->Socket, ident_timeout);
+ if( !username ) {
+ sendf(Client->Socket, "403 Authentication failure: IDENT auth timed out\n");
+ return ;
+ }
+
+ // Get UID
+ Client->UID = Bank_GetAcctByName( username, 0 );
+ if( Client->UID < 0 ) {
+ if(giDebugLevel)
+ Debug(Client, "Unknown user '%s'", username);
+ sendf(Client->Socket, "403 Authentication failure: unknown account\n");
+ free(username);
+ return ;
+ }
+
+ userflags = Bank_GetFlags(Client->UID);
+ // You can't be an internal account
+ if( userflags & USER_FLAG_INTERNAL ) {
+ if(giDebugLevel)
+ Debug(Client, "IDENT auth as '%s', not allowed", username);
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Authentication failure: that account is internal\n");
+ free(username);
+ return ;
+ }
+
+ // Disabled accounts
+ if( userflags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Authentication failure: account disabled\n");
+ free(username);
+ return ;
+ }
+
+ // Save username
+ if(Client->Username)
+ free(Client->Username);
+ Client->Username = strdup(username);
+
+ Client->bIsAuthed = 1;
+
+ if(giDebugLevel)
+ Debug(Client, "IDENT authenticated as '%s' (%i)", username, Client->UID);
+ free(username);
+
+ sendf(Client->Socket, "200 Auth OK\n");
+}
+
+/**
+ * \brief Set effective user
+ */
+void Server_Cmd_SETEUSER(tClient *Client, char *Args)
+{
+ char *username;
+ int eUserFlags, userFlags;
+
+ if( Server_int_ParseArgs(0, Args, &username, NULL) )
+ {
+ sendf(Client->Socket, "407 SETEUSER takes 1 argument\n");
+ return ;
+ }
+
+ if( !strlen(Args) ) {
+ sendf(Client->Socket, "407 SETEUSER expects an argument\n");
+ return ;
+ }
+
+ // Check authentication
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ userFlags = Bank_GetFlags(Client->UID);
+ if( !(userFlags & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
+ // Set id
+ Client->EffectiveUID = Bank_GetAcctByName(username, 0);
+ if( Client->EffectiveUID == -1 ) {
+ sendf(Client->Socket, "404 User not found\n");
+ return ;
+ }
+
+ // You can't be an internal account
+ if( !(userFlags & USER_FLAG_ADMIN) )
+ {
+ eUserFlags = Bank_GetFlags(Client->EffectiveUID);
+ if( eUserFlags & USER_FLAG_INTERNAL ) {
+ Client->EffectiveUID = -1;
+ sendf(Client->Socket, "404 User not found\n");
+ return ;
+ }
+ // Disabled only avaliable to admins
+ if( eUserFlags & USER_FLAG_DISABLED ) {
+ Client->EffectiveUID = -1;
+ sendf(Client->Socket, "403 Account disabled\n");
+ return ;
+ }
+ }
+
+ // Disabled accounts
+ if( userFlags & USER_FLAG_DISABLED ) {
+ Client->UID = -1;
+ sendf(Client->Socket, "403 Account disabled\n");
+ return ;
+ }
+
+ sendf(Client->Socket, "200 User set\n");
+}
+
+/**
+ * \brief Send an item status to the client
+ * \param Client Who to?
+ * \param Item Item to send
+ */
+void Server_int_SendItem(tClient *Client, tItem *Item)
+{
+ char *status = "avail";
+
+ if( Item->Handler->CanDispense )
{
- retLen += snprintf(NULL, 0, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID);
+ switch(Item->Handler->CanDispense(Client->UID, Item->ID))
+ {
+ case 0: status = "avail"; break;
+ case 1: status = "sold"; break;
+ default:
+ case -1: status = "error"; break;
+ }
}
+
+ if( Item->Price == 0 )
+ status = "error";
+ // KNOWN HACK: Naming a slot 'dead' disables it
+ if( strcmp(Item->Name, "dead") == 0 )
+ status = "sold"; // Another status?
+
+ sendf(Client->Socket,
+ "202 Item %s:%i %s %i %s\n",
+ Item->Handler->Name, Item->ID, status, Item->Price, Item->Name
+ );
+}
- ret = malloc(retLen+1);
- retLen = 0;
- retLen += sprintf(ret+retLen, "201 Items %i", giNumItems);
+/**
+ * \brief Enumerate the items that the server knows about
+ */
+void Server_Cmd_ENUMITEMS(tClient *Client, char *Args)
+{
+ int i, count;
+ if( Args != NULL && strlen(Args) ) {
+ sendf(Client->Socket, "407 ENUM_ITEMS takes no arguments\n");
+ return ;
+ }
+
+ // Count shown items
+ count = 0;
for( i = 0; i < giNumItems; i ++ ) {
- retLen += sprintf(ret+retLen, " %s:%i", gaItems[i].Handler->Name, gaItems[i].ID);
+ if( gaItems[i].bHidden ) continue;
+ count ++;
}
- strcat(ret, "\n");
+ sendf(Client->Socket, "201 Items %i\n", count);
+
+ for( i = 0; i < giNumItems; i ++ ) {
+ if( gaItems[i].bHidden ) continue;
+ Server_int_SendItem( Client, &gaItems[i] );
+ }
- return ret;
+ sendf(Client->Socket, "200 List end\n");
}
tItem *_GetItemFromString(char *String)
/**
* \brief Fetch information on a specific item
*/
-char *Server_Cmd_ITEMINFO(tClient *Client, char *Args)
+void Server_Cmd_ITEMINFO(tClient *Client, char *Args)
{
- int retLen = 0;
- char *ret;
- tItem *item = _GetItemFromString(Args);
+ tItem *item;
+ char *itemname;
+
+ if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
+ sendf(Client->Socket, "407 ITEMINFO takes 1 argument\n");
+ return ;
+ }
+ item = _GetItemFromString(Args);
if( !item ) {
- return strdup("406 Bad Item ID\n");
+ sendf(Client->Socket, "406 Bad Item ID\n");
+ return ;
}
+
+ Server_int_SendItem( Client, item );
+}
- // Create return
- retLen = snprintf(NULL, 0, "202 Item %s:%i %i %s\n",
- item->Handler->Name, item->ID, item->Price, item->Name);
- ret = malloc(retLen+1);
- sprintf(ret, "202 Item %s:%i %i %s\n",
- item->Handler->Name, item->ID, item->Price, item->Name);
+void Server_Cmd_DISPENSE(tClient *Client, char *Args)
+{
+ tItem *item;
+ int ret;
+ int uid;
+ char *itemname;
+
+ if( Server_int_ParseArgs(0, Args, &itemname, NULL) ) {
+ sendf(Client->Socket, "407 DISPENSE takes only 1 argument\n");
+ return ;
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
- return ret;
+ item = _GetItemFromString(itemname);
+ if( !item ) {
+ sendf(Client->Socket, "406 Bad Item ID\n");
+ return ;
+ }
+
+ if( Client->EffectiveUID != -1 ) {
+ uid = Client->EffectiveUID;
+ }
+ else {
+ uid = Client->UID;
+ }
+
+ switch( ret = DispenseItem( Client->UID, uid, item ) )
+ {
+ case 0: sendf(Client->Socket, "200 Dispense OK\n"); return ;
+ case 1: sendf(Client->Socket, "501 Unable to dispense\n"); return ;
+ case 2: sendf(Client->Socket, "402 Poor You\n"); return ;
+ default:
+ sendf(Client->Socket, "500 Dispense Error (%i)\n", ret);
+ return ;
+ }
}
-char *Server_Cmd_DISPENSE(tClient *Client, char *Args)
+void Server_Cmd_REFUND(tClient *Client, char *Args)
{
tItem *item;
- int ret;
- if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
+ int uid, price_override = 0;
+ char *username, *itemname, *price_str;
- item = _GetItemFromString(Args);
+ if( Server_int_ParseArgs(0, Args, &username, &itemname, &price_str, NULL) ) {
+ if( !itemname || price_str ) {
+ sendf(Client->Socket, "407 REFUND takes 2 or 3 arguments\n");
+ return ;
+ }
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
+ uid = Bank_GetAcctByName(username, 0);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 Unknown user\n");
+ return ;
+ }
+
+ item = _GetItemFromString(itemname);
if( !item ) {
- return strdup("406 Bad Item ID\n");
+ sendf(Client->Socket, "406 Bad Item ID\n");
+ return ;
}
- switch( ret = DispenseItem( Client->UID, item ) )
+ if( price_str )
+ price_override = atoi(price_str);
+
+ switch( DispenseRefund( Client->UID, uid, item, price_override ) )
{
- case 0: return strdup("200 Dispense OK\n");
- case 1: return strdup("501 Unable to dispense\n");
- case 2: return strdup("402 Poor You\n");
+ case 0: sendf(Client->Socket, "200 Item Refunded\n"); return ;
default:
- return strdup("500 Dispense Error\n");
+ sendf(Client->Socket, "500 Dispense Error\n");
+ return;
}
}
-char *Server_Cmd_GIVE(tClient *Client, char *Args)
+void Server_Cmd_GIVE(tClient *Client, char *Args)
{
char *recipient, *ammount, *reason;
int uid, iAmmount;
+ int thisUid;
- if( !Client->bIsAuthed ) return strdup("401 Not Authenticated\n");
+ // Parse arguments
+ if( Server_int_ParseArgs(1, Args, &recipient, &ammount, &reason, NULL) ) {
+ sendf(Client->Socket, "407 GIVE takes only 3 arguments\n");
+ return ;
+ }
+
+ // Check for authed
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
- recipient = Args;
+ // Get recipient
+ uid = Bank_GetAcctByName(recipient, 0);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 Invalid target user\n");
+ return ;
+ }
+
+ // You can't alter an internal account
+// if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
+// sendf(Client->Socket, "404 Invalid target user\n");
+// return ;
+// }
- ammount = strchr(Args, ' ');
- if( !ammount ) return strdup("407 Invalid Argument, expected 3 parameters, 1 encountered\n");
- *ammount = '\0';
- ammount ++;
+ // Parse ammount
+ iAmmount = atoi(ammount);
+ if( iAmmount <= 0 ) {
+ sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
+ return ;
+ }
+
+ if( Client->EffectiveUID != -1 ) {
+ thisUid = Client->EffectiveUID;
+ }
+ else {
+ thisUid = Client->UID;
+ }
- reason = strchr(ammount, ' ');
- if( !reason ) return strdup("407 Invalid Argument, expected 3 parameters, 2 encountered\n");
- *reason = '\0';
- reason ++;
+ // Do give
+ switch( DispenseGive(Client->UID, thisUid, uid, iAmmount, reason) )
+ {
+ case 0:
+ sendf(Client->Socket, "200 Give OK\n");
+ return ;
+ case 2:
+ sendf(Client->Socket, "402 Poor You\n");
+ return ;
+ default:
+ sendf(Client->Socket, "500 Unknown error\n");
+ return ;
+ }
+}
- // Get recipient
- uid = GetUserID(recipient);
- if( uid == -1 ) return strdup("404 Invalid target user");
+void Server_Cmd_DONATE(tClient *Client, char *Args)
+{
+ char *ammount, *reason;
+ int iAmmount;
+ int thisUid;
+
+ // Parse arguments
+ if( Server_int_ParseArgs(1, Args, &ammount, &reason, NULL) ) {
+ sendf(Client->Socket, "407 DONATE takes 2 arguments\n");
+ return ;
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
// Parse ammount
iAmmount = atoi(ammount);
- if( iAmmount <= 0 ) return strdup("407 Invalid Argument, ammount must be > zero\n");
+ if( iAmmount <= 0 ) {
+ sendf(Client->Socket, "407 Invalid Argument, ammount must be > zero\n");
+ return ;
+ }
+
+ // Handle effective users
+ if( Client->EffectiveUID != -1 ) {
+ thisUid = Client->EffectiveUID;
+ }
+ else {
+ thisUid = Client->UID;
+ }
// Do give
- switch( DispenseGive(Client->UID, uid, iAmmount, reason) )
+ switch( DispenseDonate(Client->UID, thisUid, iAmmount, reason) )
{
case 0:
- return strdup("200 Give OK\n");
+ sendf(Client->Socket, "200 Give OK\n");
+ return ;
case 2:
- return strdup("402 Poor You\n");
+ sendf(Client->Socket, "402 Poor You\n");
+ return ;
default:
- return strdup("500 Unknown error\n");
+ sendf(Client->Socket, "500 Unknown error\n");
+ return ;
}
}
-/**
- * \brief Authenticate a user
- * \return User ID, or -1 if authentication failed
- */
-int GetUserAuth(const char *Salt, const char *Username, const uint8_t *ProvidedHash)
+void Server_Cmd_ADD(tClient *Client, char *Args)
{
- #if 0
- uint8_t h[20];
- int ofs = strlen(Username) + strlen(Salt);
- char input[ ofs + 40 + 1];
- char tmp[4 + strlen(Username) + 1]; // uid=%s
- #endif
+ char *user, *ammount, *reason;
+ int uid, iAmmount;
- #if HACK_TPG_NOAUTH
- if( strcmp(Username, "tpg") == 0 )
- return GetUserID("tpg");
+ // Parse arguments
+ if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
+ sendf(Client->Socket, "407 ADD takes 3 arguments\n");
+ return ;
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
+ #if !ROOT_CAN_ADD
+ if( strcmp( Client->Username, "root" ) == 0 ) {
+ // Allow adding for new users
+ if( strcmp(reason, "treasurer: new user") != 0 ) {
+ sendf(Client->Socket, "403 Root may not add\n");
+ return ;
+ }
+ }
#endif
- #if HACK_ROOT_NOAUTH
- if( strcmp(Username, "root") == 0 )
- return GetUserID("root");
+
+ #if HACK_NO_REFUNDS
+ if( strstr(reason, "refund") != NULL || strstr(reason, "misdispense") != NULL )
+ {
+ sendf(Client->Socket, "499 Don't use `dispense acct` for refunds, use `dispense refund` (and `dispense -G` to get item IDs)\n");
+ return ;
+ }
#endif
+
+ // Get recipient
+ uid = Bank_GetAcctByName(user, 0);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 Invalid user\n");
+ return ;
+ }
- #if 0
- //
- strcpy(input, Username);
- strcpy(input, Salt);
- // TODO: Get user's SHA-1 hash
- sprintf(tmp, "uid=%s", Username);
- ldap_search_s(ld, "", LDAP_SCOPE_BASE, tmp, "userPassword", 0, res);
-
- sprintf(input+ofs, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
- h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
- h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
- );
- // Then create the hash from the provided salt
- // Compare that with the provided hash
- #endif
+ // You can't alter an internal account
+ if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) )
+ {
+ if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) {
+ sendf(Client->Socket, "404 Invalid user\n");
+ return ;
+ }
+ // TODO: Maybe disallow changes to disabled?
+ }
+
+ // Parse ammount
+ iAmmount = atoi(ammount);
+ if( iAmmount == 0 && ammount[0] != '0' ) {
+ sendf(Client->Socket, "407 Invalid Argument\n");
+ return ;
+ }
+
+ // Do give
+ switch( DispenseAdd(Client->UID, uid, iAmmount, reason) )
+ {
+ case 0:
+ sendf(Client->Socket, "200 Add OK\n");
+ return ;
+ case 2:
+ sendf(Client->Socket, "402 Poor Guy\n");
+ return ;
+ default:
+ sendf(Client->Socket, "500 Unknown error\n");
+ return ;
+ }
+}
+
+void Server_Cmd_SET(tClient *Client, char *Args)
+{
+ char *user, *ammount, *reason;
+ int uid, iAmmount;
- return -1;
+ // Parse arguments
+ if( Server_int_ParseArgs(1, Args, &user, &ammount, &reason, NULL) ) {
+ sendf(Client->Socket, "407 SET takes 3 arguments\n");
+ return ;
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
+ sendf(Client->Socket, "403 Not an admin\n");
+ return ;
+ }
+
+ // Get recipient
+ uid = Bank_GetAcctByName(user, 0);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 Invalid user\n");
+ return ;
+ }
+
+ // Parse ammount
+ iAmmount = atoi(ammount);
+ if( iAmmount == 0 && ammount[0] != '0' ) {
+ sendf(Client->Socket, "407 Invalid Argument\n");
+ return ;
+ }
+
+ // Do give
+ switch( DispenseSet(Client->UID, uid, iAmmount, reason) )
+ {
+ case 0:
+ sendf(Client->Socket, "200 Add OK\n");
+ return ;
+ case 2:
+ sendf(Client->Socket, "402 Poor Guy\n");
+ return ;
+ default:
+ sendf(Client->Socket, "500 Unknown error\n");
+ return ;
+ }
}
-// --- INTERNAL HELPERS ---
-// TODO: Move to another file
-void HexBin(uint8_t *Dest, char *Src, int BufSize)
+void Server_Cmd_ENUMUSERS(tClient *Client, char *Args)
{
- int i;
- for( i = 0; i < BufSize; i ++ )
+ int i, numRet = 0;
+ tAcctIterator *it;
+ int maxBal = INT_MAX, minBal = INT_MIN;
+ int flagMask = 0, flagVal = 0;
+ int sort = BANK_ITFLAG_SORT_NAME;
+ time_t lastSeenAfter=0, lastSeenBefore=0;
+
+ int flags; // Iterator flags
+ int balValue; // Balance value for iterator
+ time_t timeValue; // Time value for iterator
+
+ // Parse arguments
+ if( Args && strlen(Args) )
{
- uint8_t val = 0;
+ char *space = Args, *type, *val;
+ do
+ {
+ type = space;
+ while(*type == ' ') type ++;
+ // Get next space
+ space = strchr(space, ' ');
+ if(space) *space = '\0';
+
+ // Get type
+ val = strchr(type, ':');
+ if( val ) {
+ *val = '\0';
+ val ++;
+
+ // Types
+ // - Minium Balance
+ if( strcmp(type, "min_balance") == 0 ) {
+ minBal = atoi(val);
+ }
+ // - Maximum Balance
+ else if( strcmp(type, "max_balance") == 0 ) {
+ maxBal = atoi(val);
+ }
+ // - Flags
+ else if( strcmp(type, "flags") == 0 ) {
+ if( Server_int_ParseFlags(Client, val, &flagMask, &flagVal) )
+ return ;
+ }
+ // - Last seen before timestamp
+ else if( strcmp(type, "last_seen_before") == 0 ) {
+ lastSeenAfter = atoll(val);
+ }
+ // - Last seen after timestamp
+ else if( strcmp(type, "last_seen_after") == 0 ) {
+ lastSeenAfter = atoll(val);
+ }
+ // - Sorting
+ else if( strcmp(type, "sort") == 0 ) {
+ char *dash = strchr(val, '-');
+ if( dash ) {
+ *dash = '\0';
+ dash ++;
+ }
+ if( strcmp(val, "name") == 0 ) {
+ sort = BANK_ITFLAG_SORT_NAME;
+ }
+ else if( strcmp(val, "balance") == 0 ) {
+ sort = BANK_ITFLAG_SORT_BAL;
+ }
+ else if( strcmp(val, "lastseen") == 0 ) {
+ sort = BANK_ITFLAG_SORT_LASTSEEN;
+ }
+ else {
+ sendf(Client->Socket, "407 Unknown sort field ('%s')\n", val);
+ return ;
+ }
+ // Handle sort direction
+ if( dash ) {
+ if( strcmp(dash, "desc") == 0 ) {
+ sort |= BANK_ITFLAG_REVSORT;
+ }
+ else {
+ sendf(Client->Socket, "407 Unknown sort direction '%s'\n", dash);
+ return ;
+ }
+ dash[-1] = '-';
+ }
+ }
+ else {
+ sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s:%s'\n", type, val);
+ return ;
+ }
+
+ val[-1] = ':';
+ }
+ else {
+ sendf(Client->Socket, "407 Unknown argument to ENUM_USERS '%s'\n", type);
+ return ;
+ }
+
+ // Eat whitespace
+ if( space ) {
+ *space = ' '; // Repair (to be nice)
+ space ++;
+ while(*space == ' ') space ++;
+ }
+ } while(space);
+ }
+
+ // Create iterator
+ if( maxBal != INT_MAX ) {
+ flags = sort|BANK_ITFLAG_MAXBALANCE;
+ balValue = maxBal;
+ }
+ else if( minBal != INT_MIN ) {
+ flags = sort|BANK_ITFLAG_MINBALANCE;
+ balValue = minBal;
+ }
+ else {
+ flags = sort;
+ balValue = 0;
+ }
+ if( lastSeenBefore ) {
+ timeValue = lastSeenBefore;
+ flags |= BANK_ITFLAG_SEENBEFORE;
+ }
+ else if( lastSeenAfter ) {
+ timeValue = lastSeenAfter;
+ flags |= BANK_ITFLAG_SEENAFTER;
+ }
+ else {
+ timeValue = 0;
+ }
+ it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
+
+ // Get return number
+ while( (i = Bank_IteratorNext(it)) != -1 )
+ {
+ int bal = Bank_GetBalance(i);
- if('0' <= *Src && *Src <= '9')
- val |= (*Src-'0') << 4;
- else if('A' <= *Src && *Src <= 'F')
- val |= (*Src-'A'+10) << 4;
- else if('a' <= *Src && *Src <= 'f')
- val |= (*Src-'a'+10) << 4;
- else
- break;
- Src ++;
+ if( bal == INT_MIN ) continue;
+
+ if( bal < minBal ) continue;
+ if( bal > maxBal ) continue;
- if('0' <= *Src && *Src <= '9')
- val |= (*Src-'0');
- else if('A' <= *Src && *Src <= 'F')
- val |= (*Src-'A'+10);
- else if('a' <= *Src && *Src <= 'f')
- val |= (*Src-'a'+10);
+ numRet ++;
+ }
+
+ Bank_DelIterator(it);
+
+ // Send count
+ sendf(Client->Socket, "201 Users %i\n", numRet);
+
+
+ // Create iterator
+ it = Bank_Iterator(flagMask, flagVal, flags, balValue, timeValue);
+
+ while( (i = Bank_IteratorNext(it)) != -1 )
+ {
+ int bal = Bank_GetBalance(i);
+
+ if( bal == INT_MIN ) continue;
+
+ if( bal < minBal ) continue;
+ if( bal > maxBal ) continue;
+
+ _SendUserInfo(Client, i);
+ }
+
+ Bank_DelIterator(it);
+
+ sendf(Client->Socket, "200 List End\n");
+}
+
+void Server_Cmd_USERINFO(tClient *Client, char *Args)
+{
+ int uid;
+ char *user;
+
+ // Parse arguments
+ if( Server_int_ParseArgs(0, Args, &user, NULL) ) {
+ sendf(Client->Socket, "407 USER_INFO takes 1 argument\n");
+ return ;
+ }
+
+ if( giDebugLevel ) Debug(Client, "User Info '%s'", user);
+
+ // Get recipient
+ uid = Bank_GetAcctByName(user, 0);
+
+ if( giDebugLevel >= 2 ) Debug(Client, "uid = %i", uid);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 Invalid user\n");
+ return ;
+ }
+
+ _SendUserInfo(Client, uid);
+}
+
+void _SendUserInfo(tClient *Client, int UserID)
+{
+ char *type, *disabled="", *door="";
+ int flags = Bank_GetFlags(UserID);
+
+ if( flags & USER_FLAG_INTERNAL ) {
+ type = "internal";
+ }
+ else if( flags & USER_FLAG_COKE ) {
+ if( flags & USER_FLAG_ADMIN )
+ type = "coke,admin";
else
- break;
- Src ++;
+ type = "coke";
+ }
+ else if( flags & USER_FLAG_ADMIN ) {
+ type = "admin";
+ }
+ else {
+ type = "user";
+ }
+
+ if( flags & USER_FLAG_DISABLED )
+ disabled = ",disabled";
+ if( flags & USER_FLAG_DOORGROUP )
+ door = ",door";
+
+ // TODO: User flags/type
+ sendf(
+ Client->Socket, "202 User %s %i %s%s%s\n",
+ Bank_GetAcctName(UserID), Bank_GetBalance(UserID),
+ type, disabled, door
+ );
+}
+
+void Server_Cmd_USERADD(tClient *Client, char *Args)
+{
+ char *username;
+
+ // Parse arguments
+ if( Server_int_ParseArgs(0, Args, &username, NULL) ) {
+ sendf(Client->Socket, "407 USER_ADD takes 1 argument\n");
+ return ;
+ }
+
+ // Check authentication
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check permissions
+ if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
+ sendf(Client->Socket, "403 Not a coke admin\n");
+ return ;
+ }
+
+ // Try to create user
+ if( Bank_CreateAcct(username) == -1 ) {
+ sendf(Client->Socket, "404 User exists\n");
+ return ;
+ }
+
+ {
+ char *thisName = Bank_GetAcctName(Client->UID);
+ Log_Info("Account '%s' created by '%s'", username, thisName);
+ free(thisName);
+ }
+
+ sendf(Client->Socket, "200 User Added\n");
+}
+
+void Server_Cmd_USERFLAGS(tClient *Client, char *Args)
+{
+ char *username, *flags, *reason=NULL;
+ int mask=0, value=0;
+ int uid;
+
+ // Parse arguments
+ if( Server_int_ParseArgs(1, Args, &username, &flags, &reason, NULL) ) {
+ if( !flags ) {
+ sendf(Client->Socket, "407 USER_FLAGS takes at least 2 arguments\n");
+ return ;
+ }
+ reason = "";
+ }
+
+ // Check authentication
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check permissions
+ if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) {
+ sendf(Client->Socket, "403 Not a coke admin\n");
+ return ;
+ }
+
+ // Get UID
+ uid = Bank_GetAcctByName(username, 0);
+ if( uid == -1 ) {
+ sendf(Client->Socket, "404 User '%s' not found\n", username);
+ return ;
+ }
+
+ // Parse flags
+ if( Server_int_ParseFlags(Client, flags, &mask, &value) )
+ return ;
+
+ if( giDebugLevel )
+ Debug(Client, "Set %i(%s) flags to %x (masked %x)\n",
+ uid, username, mask, value);
+
+ // Apply flags
+ Bank_SetFlags(uid, mask, value);
+
+ // Log the change
+ Log_Info("Updated '%s' with flag set '%s' by '%s' - Reason: %s",
+ username, flags, Client->Username, reason);
+
+ // Return OK
+ sendf(Client->Socket, "200 User Updated\n");
+}
+
+void Server_Cmd_UPDATEITEM(tClient *Client, char *Args)
+{
+ char *itemname, *price_str, *description;
+ int price;
+ tItem *item;
+
+ if( Server_int_ParseArgs(1, Args, &itemname, &price_str, &description, NULL) ) {
+ sendf(Client->Socket, "407 UPDATE_ITEM takes 3 arguments\n");
+ return ;
+ }
+
+ if( !Client->bIsAuthed ) {
+ sendf(Client->Socket, "401 Not Authenticated\n");
+ return ;
+ }
+
+ // Check user permissions
+ if( !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) {
+ sendf(Client->Socket, "403 Not in coke\n");
+ return ;
+ }
+
+ item = _GetItemFromString(itemname);
+ if( !item ) {
+ // TODO: Create item?
+ sendf(Client->Socket, "406 Bad Item ID\n");
+ return ;
+ }
+
+ price = atoi(price_str);
+ if( price <= 0 && price_str[0] != '0' ) {
+ sendf(Client->Socket, "407 Invalid price set\n");
+ }
+
+ switch( DispenseUpdateItem( Client->UID, item, description, price ) )
+ {
+ case 0:
+ // Return OK
+ sendf(Client->Socket, "200 Item updated\n");
+ break;
+ default:
+ break;
+ }
+}
+
+// --- INTERNAL HELPERS ---
+void Debug(tClient *Client, const char *Format, ...)
+{
+ va_list args;
+ //printf("%010i [%i] ", (int)time(NULL), Client->ID);
+ printf("[%i] ", Client->ID);
+ va_start(args, Format);
+ vprintf(Format, args);
+ va_end(args);
+ printf("\n");
+}
+
+int sendf(int Socket, const char *Format, ...)
+{
+ va_list args;
+ int len;
+
+ va_start(args, Format);
+ len = vsnprintf(NULL, 0, Format, args);
+ va_end(args);
+
+ {
+ char buf[len+1];
+ va_start(args, Format);
+ vsnprintf(buf, len+1, Format, args);
+ va_end(args);
+
+ #if DEBUG_TRACE_CLIENT
+ printf("sendf: %s", buf);
+ #endif
- Dest[i] = val;
+ return send(Socket, buf, len, 0);
}
- for( ; i < BufSize; i++ )
- Dest[i] = 0;
}
+// Takes a series of char *'s in
/**
- * \brief Decode a Base64 value
+ * \brief Parse space-separated entries into
*/
-int UnBase64(uint8_t *Dest, char *Src, int BufSize)
+int Server_int_ParseArgs(int bUseLongLast, char *ArgStr, ...)
{
- uint32_t val;
- int i, j;
- char *start_src = Src;
+ va_list args;
+ char savedChar;
+ char **dest;
+ va_start(args, ArgStr);
+
+ // Check for null
+ if( !ArgStr )
+ {
+ while( (dest = va_arg(args, char **)) )
+ *dest = NULL;
+ va_end(args);
+ return 1;
+ }
+
+ savedChar = *ArgStr;
- for( i = 0; i+2 < BufSize; i += 3 )
+ while( (dest = va_arg(args, char **)) )
{
- val = 0;
- for( j = 0; j < 4; j++, Src ++ ) {
- if('A' <= *Src && *Src <= 'Z')
- val |= (*Src - 'A') << ((3-j)*6);
- else if('a' <= *Src && *Src <= 'z')
- val |= (*Src - 'a' + 26) << ((3-j)*6);
- else if('0' <= *Src && *Src <= '9')
- val |= (*Src - '0' + 52) << ((3-j)*6);
- else if(*Src == '+')
- val |= 62 << ((3-j)*6);
- else if(*Src == '/')
- val |= 63 << ((3-j)*6);
- else if(!*Src)
- break;
- else if(*Src != '=')
- j --; // Ignore invalid characters
+ // Trim leading spaces
+ while( *ArgStr == ' ' || *ArgStr == '\t' )
+ ArgStr ++;
+
+ // ... oops, not enough arguments
+ if( *ArgStr == '\0' )
+ {
+ // NULL unset arguments
+ do {
+ *dest = NULL;
+ } while( (dest = va_arg(args, char **)) );
+ va_end(args);
+ return -1;
}
- Dest[i ] = (val >> 16) & 0xFF;
- Dest[i+1] = (val >> 8) & 0xFF;
- Dest[i+2] = val & 0xFF;
- if(j != 4) break;
+
+ if( *ArgStr == '"' )
+ {
+ ArgStr ++;
+ *dest = ArgStr;
+ // Read until quote
+ while( *ArgStr && *ArgStr != '"' )
+ ArgStr ++;
+ }
+ else
+ {
+ // Set destination
+ *dest = ArgStr;
+ // Read until a space
+ while( *ArgStr && *ArgStr != ' ' && *ArgStr != '\t' )
+ ArgStr ++;
+ }
+ savedChar = *ArgStr; // savedChar is used to un-mangle the last string
+ *ArgStr = '\0';
+ ArgStr ++;
+ }
+ va_end(args);
+
+ // Oops, extra arguments, and greedy not set
+ if( (savedChar == ' ' || savedChar == '\t') && !bUseLongLast ) {
+ return -1;
}
- // Finish things off
- if(i < BufSize)
- Dest[i] = (val >> 16) & 0xFF;
- if(i+1 < BufSize)
- Dest[i+1] = (val >> 8) & 0xFF;
+ // Un-mangle last
+ if(bUseLongLast) {
+ ArgStr --;
+ *ArgStr = savedChar;
+ }
+
+ return 0; // Success!
+}
+
+int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Value)
+{
+ struct {
+ const char *Name;
+ int Mask;
+ int Value;
+ } cFLAGS[] = {
+ {"disabled", USER_FLAG_DISABLED, USER_FLAG_DISABLED}
+ ,{"door", USER_FLAG_DOORGROUP, USER_FLAG_DOORGROUP}
+ ,{"coke", USER_FLAG_COKE, USER_FLAG_COKE}
+ ,{"admin", USER_FLAG_ADMIN, USER_FLAG_ADMIN}
+ ,{"internal", USER_FLAG_INTERNAL, USER_FLAG_INTERNAL}
+ };
+ const int ciNumFlags = sizeof(cFLAGS)/sizeof(cFLAGS[0]);
+
+ char *space;
+
+ *Mask = 0;
+ *Value = 0;
+
+ do {
+ int bRemove = 0;
+ int i;
+ int len;
+
+ while( *Str == ' ' ) Str ++; // Eat whitespace
+ space = strchr(Str, ','); // Find the end of the flag
+ if(space)
+ len = space - Str;
+ else
+ len = strlen(Str);
+
+ // Check for inversion/removal
+ if( *Str == '!' || *Str == '-' ) {
+ bRemove = 1;
+ Str ++;
+ }
+ else if( *Str == '+' ) {
+ Str ++;
+ }
+
+ // Check flag values
+ for( i = 0; i < ciNumFlags; i ++ )
+ {
+ if( strncmp(Str, cFLAGS[i].Name, len) == 0 ) {
+ *Mask |= cFLAGS[i].Mask;
+ *Value &= ~cFLAGS[i].Mask;
+ if( !bRemove )
+ *Value |= cFLAGS[i].Value;
+ break;
+ }
+ }
+
+ // Error check
+ if( i == ciNumFlags ) {
+ char val[len+1];
+ strncpy(val, Str, len+1);
+ sendf(Client->Socket, "407 Unknown flag value '%s'\n", val);
+ return -1;
+ }
+
+ Str = space + 1;
+ } while(space);
- return Src - start_src;
+ return 0;
}
git.ucc.asn.au / tpg / opendispense2.git / blobdiff
UCC git Repository :: git.ucc.asn.au