X-Git-Url: https://git.ucc.asn.au/?p=tpg%2Fopendispense2.git;a=blobdiff_plain;f=src%2Fserver%2Fserver.c;h=11846bb21fceb1836dba743e28f60e3bdfbddd76;hp=2bcd8d3e7e0c60f82cd4337c5bd934b32b750d30;hb=6d657891a5410b7d93cc90f376a3ef27b72b20f6;hpb=de8c5fd93c75b8611cba5530b255a3dcfd97db41 diff --git a/src/server/server.c b/src/server/server.c index 2bcd8d3..11846bb 100644 --- a/src/server/server.c +++ b/src/server/server.c @@ -10,6 +10,7 @@ #include #include #include "common.h" +#include "../common/config.h" #include #include #include @@ -21,10 +22,13 @@ #include // Signal handling #include // AUTHIDENT #include // time(2) +#include #define DEBUG_TRACE_CLIENT 0 #define HACK_NO_REFUNDS 1 +#define PIDFILE "/var/run/dispsrv.pid" + // Statistics #define MAX_CONNECTION_QUEUE 5 #define INPUT_BUFFER_SIZE 256 @@ -80,6 +84,8 @@ void _SendUserInfo(tClient *Client, int UserID); void Server_Cmd_USERADD(tClient *Client, char *Args); void Server_Cmd_USERFLAGS(tClient *Client, char *Args); void Server_Cmd_UPDATEITEM(tClient *Client, char *Args); +void Server_Cmd_PINCHECK(tClient *Client, char *Args); +void Server_Cmd_PINSET(tClient *Client, char *Args); // --- Helpers --- void Debug(tClient *Client, const char *Format, ...); int sendf(int Socket, const char *Format, ...); @@ -109,7 +115,9 @@ const struct sClientCommand { {"USER_INFO", Server_Cmd_USERINFO}, {"USER_ADD", Server_Cmd_USERADD}, {"USER_FLAGS", Server_Cmd_USERFLAGS}, - {"UPDATE_ITEM", Server_Cmd_UPDATEITEM} + {"UPDATE_ITEM", Server_Cmd_UPDATEITEM}, + {"PIN_CHECK", Server_Cmd_PINCHECK}, + {"PIN_SET", Server_Cmd_PINSET} }; #define NUM_COMMANDS ((int)(sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))) @@ -148,7 +156,6 @@ void Server_Start(void) } } - atexit(Server_Cleanup); // Ignore SIGPIPE (stops crashes when the client exits early) signal(SIGPIPE, SIG_IGN); @@ -169,6 +176,7 @@ void Server_Start(void) if( bind(giServer_Socket, (struct sockaddr *) &server_addr, sizeof(server_addr)) < 0 ) { fprintf(stderr, "ERROR: Unable to bind to 0.0.0.0:%i\n", giServer_Port); perror("Binding"); + close(giServer_Socket); return ; } @@ -183,7 +191,7 @@ void Server_Start(void) } if( pid != 0 ) { // Parent, quit - printf("Forked child %i\n", pid); + Debug_Notice("Forked child server as PID %i\n", pid); exit(0); } // In child @@ -200,6 +208,7 @@ void Server_Start(void) fprintf(stderr, "OpenDispense 2 Server Started at %lld\n", (long long)time(NULL)); #endif } + atexit(Server_Cleanup); // Start the helper thread StartPeriodicThread(); @@ -211,11 +220,11 @@ void Server_Start(void) return ; } - printf("Listening on 0.0.0.0:%i\n", giServer_Port); + Debug_Notice("Listening on 0.0.0.0:%i", giServer_Port); // write pidfile { - FILE *fp = fopen("/var/run/dispsrv.pid", "w"); + FILE *fp = fopen(PIDFILE, "w"); if( fp ) { fprintf(fp, "%i", getpid()); fclose(fp); @@ -251,7 +260,7 @@ void Server_Start(void) if(giDebugLevel >= 2) { char ipstr[INET_ADDRSTRLEN]; inet_ntop(AF_INET, &client_addr.sin_addr, ipstr, INET_ADDRSTRLEN); - printf("Client connection from %s:%i\n", + Debug_Debug("Client connection from %s:%i", ipstr, ntohs(client_addr.sin_port)); } @@ -305,9 +314,9 @@ void Server_Start(void) void Server_Cleanup(void) { - printf("\nClose(%i)\n", giServer_Socket); + Debug_Debug("Close(%i)", giServer_Socket); close(giServer_Socket); - unlink("/var/run/dispsrv.pid"); + unlink(PIDFILE); } /** @@ -683,8 +692,7 @@ void Server_Cmd_SETEUSER(tClient *Client, char *Args) sendf(Client->Socket, "404 User not found\n"); return ; } - - // You can't be an internal account + // You can't be an internal account (unless you're an admin) if( !(userFlags & USER_FLAG_ADMIN) ) { eUserFlags = Bank_GetFlags(Client->EffectiveUID); @@ -693,17 +701,13 @@ void Server_Cmd_SETEUSER(tClient *Client, char *Args) sendf(Client->Socket, "404 User not found\n"); return ; } - // Disabled only avaliable to admins - if( eUserFlags & USER_FLAG_DISABLED ) { - Client->EffectiveUID = -1; - sendf(Client->Socket, "403 Account disabled\n"); - return ; - } } // Disabled accounts - if( userFlags & USER_FLAG_DISABLED ) { - Client->UID = -1; + // - If disabled and the actual user is not an admin (and not root) + // return 403 + if( (eUserFlags & USER_FLAG_DISABLED) && (Client->UID == 0 || !(userFlags & USER_FLAG_ADMIN)) ) { + Client->EffectiveUID = -1; sendf(Client->Socket, "403 Account disabled\n"); return ; } @@ -731,7 +735,7 @@ void Server_int_SendItem(tClient *Client, tItem *Item) } } - if( Item->Price == 0 ) + if( !gbNoCostMode && Item->Price == 0 ) status = "error"; // KNOWN HACK: Naming a slot 'dead' disables it if( strcmp(Item->Name, "dead") == 0 ) @@ -811,6 +815,8 @@ tItem *_GetItemFromString(char *String) /** * \brief Fetch information on a specific item + * + * Usage: ITEMINFO */ void Server_Cmd_ITEMINFO(tClient *Client, char *Args) { @@ -831,6 +837,11 @@ void Server_Cmd_ITEMINFO(tClient *Client, char *Args) Server_int_SendItem( Client, item ); } +/** + * \brief Dispense an item + * + * Usage: DISPENSE + */ void Server_Cmd_DISPENSE(tClient *Client, char *Args) { tItem *item; @@ -861,6 +872,9 @@ void Server_Cmd_DISPENSE(tClient *Client, char *Args) uid = Client->UID; } +// if( Bank_GetFlags(Client->UID) & USER_FLAG_DISABLED ) { +// } + switch( ret = DispenseItem( Client->UID, uid, item ) ) { case 0: sendf(Client->Socket, "200 Dispense OK\n"); return ; @@ -872,6 +886,11 @@ void Server_Cmd_DISPENSE(tClient *Client, char *Args) } } +/** + * \brief Refund an item to a user + * + * Usage: REFUND [] + */ void Server_Cmd_REFUND(tClient *Client, char *Args) { tItem *item; @@ -920,6 +939,11 @@ void Server_Cmd_REFUND(tClient *Client, char *Args) } } +/** + * \brief Transfer money to another account + * + * Usage: GIVE + */ void Server_Cmd_GIVE(tClient *Client, char *Args) { char *recipient, *ammount, *reason; @@ -1078,7 +1102,7 @@ void Server_Cmd_ADD(tClient *Client, char *Args) if( !(Bank_GetFlags(Client->UID) & USER_FLAG_ADMIN) ) { if( Bank_GetFlags(uid) & USER_FLAG_INTERNAL ) { - sendf(Client->Socket, "404 Invalid user\n"); + sendf(Client->Socket, "403 Admin only\n"); return ; } // TODO: Maybe disallow changes to disabled? @@ -1142,17 +1166,15 @@ void Server_Cmd_SET(tClient *Client, char *Args) return ; } + int origBalance, rv; // Do give - switch( DispenseSet(Client->UID, uid, iAmmount, reason) ) + switch( rv = DispenseSet(Client->UID, uid, iAmmount, reason, &origBalance) ) { case 0: - sendf(Client->Socket, "200 Add OK\n"); - return ; - case 2: - sendf(Client->Socket, "402 Poor Guy\n"); + sendf(Client->Socket, "200 Add OK (%i)\n", origBalance); return ; default: - sendf(Client->Socket, "500 Unknown error\n"); + sendf(Client->Socket, "500 Unknown error (%i)\n", rv); return ; } } @@ -1522,6 +1544,101 @@ void Server_Cmd_UPDATEITEM(tClient *Client, char *Args) } } +void Server_Cmd_PINCHECK(tClient *Client, char *Args) +{ + char *username, *pinstr; + int pin; + + if( Server_int_ParseArgs(0, Args, &username, &pinstr, NULL) ) { + sendf(Client->Socket, "407 PIN_CHECK takes 2 arguments\n"); + return ; + } + + if( !isdigit(pinstr[0]) || !isdigit(pinstr[1]) || !isdigit(pinstr[2]) || !isdigit(pinstr[3]) || pinstr[4] != '\0' ) { + sendf(Client->Socket, "407 PIN should be four digits\n"); + return ; + } + pin = atoi(pinstr); + + // Not authenticated? go away! + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } + + // Get user + int uid = Bank_GetAcctByName(username, 0); + if( uid == -1 ) { + sendf(Client->Socket, "404 User '%s' not found\n", username); + return ; + } + + // Check user permissions + if( uid != Client->UID && !(Bank_GetFlags(Client->UID) & (USER_FLAG_COKE|USER_FLAG_ADMIN)) ) { + sendf(Client->Socket, "403 Not in coke\n"); + return ; + } + + // Get the pin + static time_t last_wrong_pin_time; + static int backoff = 1; + if( time(NULL) - last_wrong_pin_time < backoff ) { + sendf(Client->Socket, "407 Rate limited (%i seconds remaining)\n", + backoff - (time(NULL) - last_wrong_pin_time)); + return ; + } + last_wrong_pin_time = time(NULL); + if( !Bank_IsPinValid(uid, pin) ) + { + sendf(Client->Socket, "201 Pin incorrect\n"); + struct sockaddr_storage addr; + socklen_t len = sizeof(addr); + char ipstr[INET6_ADDRSTRLEN]; + getpeername(Client->Socket, (void*)&addr, &len); + struct sockaddr_in *s = (struct sockaddr_in *)&addr; + inet_ntop(addr.ss_family, &s->sin_addr, ipstr, sizeof(ipstr)); + Debug_Notice("Bad pin from %s for %s by %i", ipstr, username, Client->UID); + if( backoff < 5) + backoff ++; + return ; + } + + last_wrong_pin_time = 0; + backoff = 1; + sendf(Client->Socket, "200 Pin correct\n"); + return ; +} +void Server_Cmd_PINSET(tClient *Client, char *Args) +{ + char *pinstr; + int pin; + + + if( Server_int_ParseArgs(0, Args, &pinstr, NULL) ) { + sendf(Client->Socket, "407 PIN_SET takes 1 argument\n"); + return ; + } + + if( !isdigit(pinstr[0]) || !isdigit(pinstr[1]) || !isdigit(pinstr[2]) || !isdigit(pinstr[3]) || pinstr[4] != '\0' ) { + sendf(Client->Socket, "407 PIN should be four digits\n"); + return ; + } + pin = atoi(pinstr); + + if( !Client->bIsAuthed ) { + sendf(Client->Socket, "401 Not Authenticated\n"); + return ; + } + + int uid = Client->EffectiveUID; + if(uid == -1) + uid = Client->UID; + // Can only pinset yourself (well, the effective user) + Bank_SetPin(uid, pin); + sendf(Client->Socket, "200 Pin updated\n"); + return ; +} + // --- INTERNAL HELPERS --- void Debug(tClient *Client, const char *Format, ...) { @@ -1698,3 +1815,4 @@ int Server_int_ParseFlags(tClient *Client, const char *Str, int *Mask, int *Valu return 0; } +