This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
deb-mbse/mbnntp/auth.c
2015-11-05 18:49:27 -05:00

173 lines
4.4 KiB
C

/*****************************************************************************
*
* $Id: auth.c,v 1.5 2005/09/07 20:44:37 mbse Exp $
*
*****************************************************************************
* Copyright (C) 1997-2005
*
* Michiel Broek FIDO: 2:280/2802
* Beekmansbos 10
* 1971 BV IJmuiden
* the Netherlands
*
* This file is part of MBSE BBS.
*
* This BBS is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2, or (at your option) any
* later version.
*
* MBSE BBS is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with MBSE BBS; see the file COPYING. If not, write to the Free
* Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA.
*****************************************************************************/
#include "../config.h"
#include "../lib/mbselib.h"
#include "../lib/users.h"
#include "mbnntp.h"
#include "auth.h"
#ifndef USE_NEWSGATE
int authorized = FALSE; /* Authentication status */
int got_username = FALSE; /* Did we get a username? */
int grecno = 0; /* User record number */
char username[9]; /* Cached username */
extern pid_t mypid;
int check_auth(char *cmd)
{
if (authorized)
return TRUE;
send_nntp("480 Authentication required");
return FALSE;
}
void auth_user(char *cmd)
{
char *p;
p = strtok(cmd, " \0");
p = strtok(NULL, " \0");
p = strtok(NULL, " \0");
if (strlen(p) > 8) {
/*
* Username too long
*/
WriteError("Got a username of %d characters", sizeof(p));
send_nntp("482 Authentication rejected");
return;
}
memset(&username, 0, sizeof(username));
strncpy(username, p, 8);
send_nntp("381 More authentication information required");
got_username = TRUE;
}
void auth_pass(char *cmd)
{
char *p, *temp;
FILE *fp;
int FoundName = FALSE;
if (! got_username) {
WriteError("Got AUTHINFO PASS before AUTHINFO USER");
send_nntp("482 Authentication rejected");
return;
}
p = strtok(cmd, " \0");
p = strtok(NULL, " \0");
p = strtok(NULL, " \0");
temp = calloc(PATH_MAX, sizeof(char));
snprintf(temp, PATH_MAX, "%s/etc/users.data", getenv("MBSE_ROOT"));
if ((fp = fopen(temp,"r+")) == NULL) {
/*
* This should not happen
*/
WriteError("$Can't open %s", temp);
send_nntp("482 Authentication rejected");
free(temp);
got_username = FALSE;
return;
}
free(temp);
grecno = 0;
fread(&usrconfighdr, sizeof(usrconfighdr), 1, fp);
while (fread(&usrconfig, usrconfighdr.recsize, 1, fp) == 1) {
if (strcmp(usrconfig.Name, username) == 0) {
FoundName = TRUE;
usercharset=usrconfig.Charset;
break;
}
grecno++;
}
if (!FoundName) {
fclose(fp);
Syslog('+', "Unknown user \"%s\", reject", username);
send_nntp("482 Authentication rejected");
got_username = FALSE;
memset(&usrconfig, 0, sizeof(usrconfig));
return;
}
if (strcasecmp(usrconfig.Password, p)) {
Syslog('+', "Password error, reject user \"%s\"", username);
send_nntp("482 Authentication rejected");
fclose(fp);
got_username = FALSE;
memset(&usrconfig, 0, sizeof(usrconfig));
return;
}
/*
* Update user record
*/
usrconfig.tLastLoginDate = time(NULL); /* Login date is current date */
usrconfig.iTotalCalls++; /* Increase calls */
/*
* Update user record.
*/
if (fseek(fp, usrconfighdr.hdrsize + (grecno * usrconfighdr.recsize), 0) != 0) {
WriteError("Can't seek in %s/etc/users.data", getenv("MBSE_ROOT"));
} else {
fwrite(&usrconfig, sizeof(usrconfig), 1, fp);
}
fclose(fp);
/*
* User logged in, tell it to the server. Check if a location is
* set, if Ask User location for new users is off, this field is
* empty but we have to send something to the server.
*/
if (strlen(usrconfig.sLocation))
UserCity(mypid, usrconfig.Name, usrconfig.sLocation);
else
UserCity(mypid, usrconfig.Name, (char *)"N/A");
IsDoing("Logged in");
Syslog('+', "User %s logged in", username);
authorized = TRUE;
got_username = FALSE;
send_nntp("281 Authentication accepted");
}
#endif