diff --git a/proto.txt b/proto.txt
index 87076976f2e17003b15ee92bc4125fbc9d953be8..b45d7a6032877029d737b0f273e42c73d4b6549b 100644
--- a/proto.txt
+++ b/proto.txt
@@ -48,7 +48,7 @@ c ADD <user> <ammount> <reason>\n
s 200 Add OK\n or 402 No balance\n or 403 Not Coke\n or 404 Bad User\n
--- Set balance ---
c SET <user> <ammount> <reason>\n
-s 200 Add OK\n or 403 Not Coke\n or 404 Bad User\n
+s 200 Set OK\n or 403 Not Coke\n or 404 Bad User\n
--- Get Item list ---
c ENUM_ITEMS\n
@@ -60,5 +60,5 @@ s 202 Item <item_id> <price> <description>\n
c ENUM_USERS[ <max balance>]\n
s 201 Users <count> <username>:<balance>:<flags> <username>:<balance>:<flags> ...\n
--- Get a User's Balance ---
-c USERINFO\n
+c USER_INFO\n
s 202 User <username> <balance> <flags>\n
diff --git a/src/client/main.c b/src/client/main.c
index bb159059d1011df5ecffe8ff64552ee08762c36f..33f3fe41e5f53f2e9c520982bd24578552b5146b 100644
--- a/src/client/main.c
+++ b/src/client/main.c
@@ -34,6 +34,8 @@ typedef struct sItem {
} tItem;
// === PROTOTYPES ===
+ int main(int argc, char *argv[]);
+void ShowUsage(void);
// --- GUI ---
int ShowNCursesUI(void);
void ShowItemAt(int Row, int Col, int Width, int Index);
@@ -43,7 +45,13 @@ void PrintAlign(int Row, int Col, int Width, const char *Left, char Pad1, const
int Authenticate(int Socket);
void PopulateItemList(int Socket);
int DispenseItem(int Socket, int ItemID);
+ int Dispense_AlterBalance(int Socket, const char *Username, int Ammount, const char *Reason);
+ int Dispense_SetBalance(int Socket, const char *Username, int Ammount, const char *Reason);
+ int Dispense_EnumUsers(int Socket);
+ int Dispense_ShowUser(int Socket, const char *Username);
+void _PrintUserLine(const char *Line);
// --- Helpers ---
+char *ReadLine(int Socket);
int sendf(int Socket, const char *Format, ...);
char *trim(char *string);
int RunRegex(regex_t *regex, const char *string, int nMatches, regmatch_t *matches, const char *errorMessage);
@@ -52,12 +60,15 @@ void CompileRegex(regex_t *regex, const char *pattern, int flags);
// === GLOBALS ===
char *gsDispenseServer = "localhost";
int giDispensePort = 11020;
+
tItem *gaItems;
int giNumItems;
-regex_t gArrayRegex, gItemRegex, gSaltRegex;
+regex_t gArrayRegex, gItemRegex, gSaltRegex, gUserInfoRegex;
+ int gbIsAuthenticated = 0;
char *gsOverrideUser; //!< '-u' argument (dispense as another user)
int gbUseNCurses = 0; //!< '-G' Use the NCurses GUI?
+ int giSocket = -1;
// === CODE ===
int main(int argc, char *argv[])
@@ -72,14 +83,9 @@ int main(int argc, char *argv[])
// > Code Type Ident Price Desc
CompileRegex(&gItemRegex, "^([0-9]{3})\\s+([A-Za-z]+)\\s+([A-Za-z0-9:]+?)\\s+([0-9]+)\\s+(.+)$", REG_EXTENDED);
// > Code 'SALT' salt
- CompileRegex(&gSaltRegex, "^([0-9]{3})\\s+(.+)\\s+(.+)$", REG_EXTENDED);
-
- // Connect to server
- sock = OpenConnection(gsDispenseServer, giDispensePort);
- if( sock < 0 ) return -1;
-
- // Authenticate
- Authenticate(sock);
+ CompileRegex(&gSaltRegex, "^([0-9]{3})\\s+([A-Za-z]+)\\s+(.+)$", REG_EXTENDED);
+ // > Code 'User' Username Balance Flags
+ CompileRegex(&gUserInfoRegex, "^([0-9]{3})\\s+([A-Za-z]+)\\s+([^ ]+)\\s+(-?[0-9]+)\\s+(.+)$", REG_EXTENDED);
// Parse Arguments
for( i = 1; i < argc; i ++ )
@@ -90,6 +96,11 @@ int main(int argc, char *argv[])
{
switch(arg[1])
{
+ case 'h':
+ case '?':
+ ShowUsage();
+ return 0;
+
case 'u': // Override User
gsOverrideUser = argv[++i];
break;
@@ -102,15 +113,63 @@ int main(int argc, char *argv[])
continue;
}
- if( strcmp(argv[1], "acct") == 0 ) {
- // Alter account
- // List accounts
+ if( strcmp(arg, "acct") == 0 )
+ {
+
+ // Connect to server
+ sock = OpenConnection(gsDispenseServer, giDispensePort);
+ if( sock < 0 ) return -1;
+
+ // List accounts?
+ if( i + 1 == argc ) {
+ Dispense_EnumUsers(sock);
+ return 0;
+ }
+
+ // argv[i+1]: Username
+
+ // Alter account?
+ if( i + 2 < argc ) {
+
+ if( i + 3 >= argc ) {
+ fprintf(stderr, "Error: `dispense acct' needs a reason\n");
+ exit(1);
+ }
+
+ // Authentication required
+ Authenticate(sock);
+
+ // argv[i+1]: Username
+ // argv[i+2]: Ammount
+ // argv[i+3]: Reason
+
+ if( argv[i+2][0] == '=' ) {
+ // Set balance
+ Dispense_SetBalance(sock, argv[i+1], atoi(argv[i+2] + 1), argv[i+3]);
+ }
+ else {
+ // Alter balance
+ Dispense_AlterBalance(sock, argv[i+1], atoi(argv[i+2]), argv[i+3]);
+ }
+ }
+
+ Dispense_ShowUser(sock, argv[i+1]);
+
+ close(sock);
return 0;
}
else {
// Item name / pattern
+ break;
}
}
+
+ // Connect to server
+ sock = OpenConnection(gsDispenseServer, giDispensePort);
+ if( sock < 0 ) return -1;
+
+ // Authenticate
+ Authenticate(sock);
// Get items
PopulateItemList(sock);
@@ -159,6 +218,31 @@ int main(int argc, char *argv[])
return 0;
}
+void ShowUsage(void)
+{
+ printf(
+ "Usage:\n"
+ "\tdispense\n"
+ "\t\tShow interactive list\n"
+ "\tdispense <item>\n"
+ "\t\tDispense named item\n"
+ "\tdispense give <user> <ammount> \"<reason>\"\n"
+ "\t\tGive some of your money away\n"
+ "\tdispense acct [<user>]\n"
+ "\t\tShow user balances\n"
+ "\tdispense acct <user> [+-=]<ammount> \"<reason>\"\n"
+ "\t\tAlter a account value (Coke members only)\n"
+ "\n"
+ "General Options:\n"
+ "\t-u <username>\n"
+ "\t\tSet a different user (Coke members only)\n"
+ "\t-h / -?\n"
+ "\t\tShow help text\n"
+ "\t-G\n"
+ "\t\tUse alternate GUI\n"
+ );
+}
+
// -------------------
// --- NCurses GUI ---
// -------------------
@@ -462,12 +546,14 @@ int OpenConnection(const char *Host, int Port)
int Authenticate(int Socket)
{
struct passwd *pwd;
- char buf[512];
+ char *buf;
int responseCode;
char salt[32];
int i;
regmatch_t matches[4];
+ if( gbIsAuthenticated ) return 0;
+
// Get user name
pwd = getpwuid( getuid() );
@@ -475,43 +561,49 @@ int Authenticate(int Socket)
sendf(Socket, "AUTOAUTH %s\n", pwd->pw_name);
// Check if it worked
- recv(Socket, buf, 511, 0);
- trim(buf);
+ buf = ReadLine(Socket);
responseCode = atoi(buf);
switch( responseCode )
{
+
case 200: // Authenticated, return :)
+ gbIsAuthenticated = 1;
+ free(buf);
return 0;
+
case 401: // Untrusted, attempt password authentication
+ free(buf);
+
sendf(Socket, "USER %s\n", pwd->pw_name);
printf("Using username %s\n", pwd->pw_name);
- recv(Socket, buf, 511, 0);
- trim(buf);
+ buf = ReadLine(Socket);
+
// TODO: Get Salt
// Expected format: 100 SALT <something> ...
// OR : 100 User Set
RunRegex(&gSaltRegex, buf, 4, matches, "Malformed server response");
responseCode = atoi(buf);
if( responseCode != 100 ) {
- fprintf(stderr, "Unknown repsonse code %i from server\n", responseCode);
+ fprintf(stderr, "Unknown repsonse code %i from server\n%s\n", responseCode, buf);
+ free(buf);
return -1; // ERROR
}
// Check for salt
if( memcmp( buf+matches[2].rm_so, "SALT", matches[2].rm_eo - matches[2].rm_so) == 0) {
+ // Store it for later
memcpy( salt, buf + matches[3].rm_so, matches[3].rm_eo - matches[3].rm_so );
salt[ matches[3].rm_eo - matches[3].rm_so ] = 0;
}
-
- // Get password
- fflush(stdout);
+ free(buf);
// Give three attempts
for( i = 0; i < 3; i ++ )
{
int ofs = strlen(pwd->pw_name)+strlen(salt);
+ char tmpBuf[42];
char tmp[ofs+20];
char *pass = getpass("Password: ");
uint8_t h[20];
@@ -525,15 +617,14 @@ int Authenticate(int Socket)
// Hash all that
SHA1( (unsigned char*)tmp, ofs+20, h );
- sprintf(buf, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ sprintf(tmpBuf, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
h[ 0], h[ 1], h[ 2], h[ 3], h[ 4], h[ 5], h[ 6], h[ 7], h[ 8], h[ 9],
h[10], h[11], h[12], h[13], h[14], h[15], h[16], h[17], h[18], h[19]
);
- fflush(stdout); // Debug
// Send password
- sendf(Socket, "PASS %s\n", buf);
- recv(Socket, buf, 511, 0);
+ sendf(Socket, "PASS %s\n", tmpBuf);
+ buf = ReadLine(Socket);
responseCode = atoi(buf);
// Auth OK?
@@ -541,25 +632,36 @@ int Authenticate(int Socket)
// Bad username/password
if( responseCode == 401 ) continue;
- fprintf(stderr, "Unknown repsonse code %i from server\n", responseCode);
+ fprintf(stderr, "Unknown repsonse code %i from server\n%s\n", responseCode, buf);
+ free(buf);
return -1;
}
- return 2; // 2 = Bad Password
+ free(buf);
+ if( i < 3 ) {
+ gbIsAuthenticated = 1;
+ return 0;
+ }
+ else
+ return 2; // 2 = Bad Password
case 404: // Bad Username
fprintf(stderr, "Bad Username '%s'\n", pwd->pw_name);
+ free(buf);
return 1;
default:
fprintf(stderr, "Unkown response code %i from server\n", responseCode);
printf("%s\n", buf);
+ free(buf);
return -1;
}
-
- printf("%s\n", buf);
- return 0; // Seems OK
}
+
+/**
+ * \brief Fill the item information structure
+ * \return Boolean Failure
+ */
void PopulateItemList(int Socket)
{
char buffer[BUFSIZ];
@@ -639,49 +741,230 @@ void PopulateItemList(int Socket)
}
}
+/**
+ * \brief Dispense an item
+ * \return Boolean Failure
+ */
int DispenseItem(int Socket, int ItemID)
{
- int len, responseCode;
- char buffer[BUFSIZ];
+ int ret, responseCode;
+ char *buf;
if( ItemID < 0 || ItemID > giNumItems ) return -1;
// Dispense!
sendf(Socket, "DISPENSE %s\n", gaItems[ItemID].Ident);
- len = recv(Socket, buffer, BUFSIZ-1, 0);
- buffer[len] = '\0';
- trim(buffer);
+ buf = ReadLine(Socket);
- responseCode = atoi(buffer);
+ responseCode = atoi(buf);
switch( responseCode )
{
case 200:
printf("Dispense OK\n");
- return 0;
+ ret = 0;
+ break;
case 401:
printf("Not authenticated\n");
- return 1;
+ ret = 1;
+ break;
case 402:
printf("Insufficient balance\n");
- return 1;
+ ret = 1;
+ break;
case 406:
printf("Bad item name, bug report\n");
- return 1;
+ ret = 1;
+ break;
case 500:
printf("Item failed to dispense, is the slot empty?\n");
- return 1;
+ ret = 1;
+ break;
case 501:
printf("Dispense not possible (slot empty/permissions)\n");
+ ret = 1;
+ break;
+ default:
+ printf("Unknown response code %i ('%s')\n", responseCode, buf);
+ ret = -2;
+ break;
+ }
+
+ free(buf);
+ return ret;
+}
+
+/**
+ * \brief Alter a user's balance
+ */
+int Dispense_AlterBalance(int Socket, const char *Username, int Ammount, const char *Reason)
+{
+ char *buf;
+ int responseCode;
+
+ sendf(Socket, "ADD %s %i %s\n", Username, Ammount, Reason);
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+ free(buf);
+
+ switch(responseCode)
+ {
+ case 200: return 0; // OK
+ case 403: // Not in coke
+ fprintf(stderr, "You are not in coke (sucker)\n");
+ return 1;
+ case 404: // Unknown user
+ fprintf(stderr, "Unknown user '%s'\n", Username);
+ return 2;
+ default:
+ fprintf(stderr, "Unknown response code %i\n", responseCode);
+ return -1;
+ }
+
+ return -1;
+}
+
+/**
+ * \brief Alter a user's balance
+ */
+int Dispense_SetBalance(int Socket, const char *Username, int Ammount, const char *Reason)
+{
+ char *buf;
+ int responseCode;
+
+ sendf(Socket, "SET %s %i %s\n", Username, Ammount, Reason);
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+ free(buf);
+
+ switch(responseCode)
+ {
+ case 200: return 0; // OK
+ case 403: // Not in coke
+ fprintf(stderr, "You are not in coke (sucker)\n");
return 1;
+ case 404: // Unknown user
+ fprintf(stderr, "Unknown user '%s'\n", Username);
+ return 2;
+ default:
+ fprintf(stderr, "Unknown response code %i\n", responseCode);
+ return -1;
+ }
+
+ return -1;
+}
+
+int Dispense_EnumUsers(int Socket)
+{
+ printf("TODO: Dispense_EnumUsers\n");
+ return -1;
+}
+
+int Dispense_ShowUser(int Socket, const char *Username)
+{
+ char *buf;
+ int responseCode, ret;
+
+ sendf(Socket, "USER_INFO %s\n", Username);
+ buf = ReadLine(Socket);
+
+ responseCode = atoi(buf);
+
+ switch(responseCode)
+ {
+ case 202:
+ _PrintUserLine(buf);
+ ret = 0;
+ break;
+
+ case 404:
+ printf("Unknown user '%s'\n", Username);
+ ret = 1;
+ break;
+
default:
- printf("Unknown response code %i ('%s')\n", responseCode, buffer);
- return -2;
+ fprintf(stderr, "Unknown response code %i '%s'\n", responseCode, buf);
+ ret = -1;
+ break;
+ }
+
+ free(buf);
+
+ return ret;
+}
+
+void _PrintUserLine(const char *Line)
+{
+ regmatch_t matches[6];
+ int bal;
+
+ RunRegex(&gUserInfoRegex, Line, 6, matches, "Malformed server response");
+ // 3: Username
+ // 4: Balance
+ // 5: Flags
+ {
+ int usernameLen = matches[3].rm_eo - matches[3].rm_so;
+ char username[usernameLen + 1];
+ int flagsLen = matches[5].rm_eo - matches[5].rm_so;
+ char flags[flagsLen + 1];
+
+ memcpy(username, Line + matches[3].rm_so, usernameLen);
+ username[usernameLen] = '\0';
+ memcpy(flags, Line + matches[5].rm_so, flagsLen);
+ flags[flagsLen] = '\0';
+
+ bal = atoi(Line + matches[4].rm_so);
+ printf("%-15s: $%i.%02i (%s)\n", username, bal/100, bal%100, flags);
}
}
// ---------------
// --- Helpers ---
// ---------------
+char *ReadLine(int Socket)
+{
+ static char buf[BUFSIZ];
+ static int bufPos = 0;
+ int len;
+ char *newline = NULL;
+ int retLen = 0;
+ char *ret = malloc(10);
+
+ #if DBG_TRACE_SERVER
+ printf("ReadLine: ");
+ #endif
+ fflush(stdout);
+
+ ret[0] = '\0';
+
+ while( !newline )
+ {
+ len = recv(Socket, buf+bufPos, BUFSIZ-1-bufPos, 0);
+ buf[bufPos+len] = '\0';
+
+ newline = strchr( buf+bufPos, '\n' );
+ if( newline ) {
+ *newline = '\0';
+ }
+
+ retLen += strlen(buf+bufPos);
+ ret = realloc(ret, retLen + 1);
+ strcat( ret, buf+bufPos );
+
+ if( newline ) {
+ bufPos += newline - (buf+bufPos) + 1;
+ }
+ if( len + bufPos == BUFSIZ - 1 ) bufPos = 0;
+ }
+
+ #if DBG_TRACE_SERVER
+ printf("%i '%s'\n", retLen, ret);
+ #endif
+
+ return ret;
+}
+
int sendf(int Socket, const char *Format, ...)
{
va_list args;
@@ -697,6 +980,10 @@ int sendf(int Socket, const char *Format, ...)
vsnprintf(buf, len+1, Format, args);
va_end(args);
+ #if DBG_TRACE_SERVER
+ printf("sendf: %s", buf);
+ #endif
+
return send(Socket, buf, len, 0);
}
}
diff --git a/src/cokebank_basic/bank.c b/src/cokebank_basic/bank.c
index dce089f0c085e89dcea1eca49cd33f6a429d1e44..0f07a17e7e89a4c24515b6ad770d8ebd476ec3b1 100644
--- a/src/cokebank_basic/bank.c
+++ b/src/cokebank_basic/bank.c
@@ -91,7 +91,7 @@ int Bank_SetUserBalance(int ID, int Value)
int Bank_GetMinAllowedBalance(int ID)
{
if( ID < 0 || ID >= giBank_NumUsers )
- return -1;
+ return 0;
switch( gaBank_Users[ID].Flags & FLAG_TYPEMASK )
{
@@ -121,6 +121,10 @@ int Bank_AddUser(const char *Username)
gaBank_Users[giBank_NumUsers].Balance = 0;
gaBank_Users[giBank_NumUsers].Flags = 0;
+ if( strcmp(Username, ">liability") == 0 ) {
+ gaBank_Users[giBank_NumUsers].Flags = USER_TYPE_GOD; // No minium
+ }
+
// Commit to file
fseek(gBank_File, giBank_NumUsers*sizeof(gaBank_Users[0]), SEEK_SET);
fwrite(&gaBank_Users[giBank_NumUsers], sizeof(gaBank_Users[0]), 1, gBank_File);
diff --git a/src/cokebank_basic/main.c b/src/cokebank_basic/main.c
index 6bbc3f29a2fa748366b3e3a754fc2eab9cf36da6..83c92be7e1b58e15632fe04e69dc02b4abd2bb6e 100644
--- a/src/cokebank_basic/main.c
+++ b/src/cokebank_basic/main.c
@@ -60,6 +60,7 @@ int Transfer(int SourceUser, int DestUser, int Ammount, const char *Reason)
{
int srcBal = Bank_GetUserBalance(SourceUser);
int dstBal = Bank_GetUserBalance(DestUser);
+
if( srcBal - Ammount < Bank_GetMinAllowedBalance(SourceUser) )
return 1;
if( dstBal + Ammount < Bank_GetMinAllowedBalance(DestUser) )
diff --git a/src/server/common.h b/src/server/common.h
index ded278bce2e297606dee99ced06e4b33d3e6cf19..7020dc89ff63e8ac26e039f04e66754a70e3b3a1 100644
--- a/src/server/common.h
+++ b/src/server/common.h
@@ -85,6 +85,7 @@ extern void Log_Info(const char *Format, ...);
// --- Cokebank Functions ---
extern int Transfer(int SourceUser, int DestUser, int Ammount, const char *Reason);
+extern int GetFlags(int User);
extern int GetBalance(int User);
extern char *GetUserName(int User);
extern int GetUserID(const char *Username);
diff --git a/src/server/server.c b/src/server/server.c
index be15a4095abcb5623db19b78ef9f00211e71cf5b..af9dc3428ebd3ed618c488434e41b1f7415939dd 100644
--- a/src/server/server.c
+++ b/src/server/server.c
@@ -57,6 +57,7 @@ char *Server_Cmd_ITEMINFO(tClient *Client, char *Args);
char *Server_Cmd_DISPENSE(tClient *Client, char *Args);
char *Server_Cmd_GIVE(tClient *Client, char *Args);
char *Server_Cmd_ADD(tClient *Client, char *Args);
+char *Server_Cmd_USERINFO(tClient *Client, char *Args);
// --- Helpers ---
int GetUserAuth(const char *Salt, const char *Username, const uint8_t *Hash);
void HexBin(uint8_t *Dest, char *Src, int BufSize);
@@ -76,7 +77,8 @@ struct sClientCommand {
{"ITEM_INFO", Server_Cmd_ITEMINFO},
{"DISPENSE", Server_Cmd_DISPENSE},
{"GIVE", Server_Cmd_GIVE},
- {"ADD", Server_Cmd_ADD}
+ {"ADD", Server_Cmd_ADD},
+ {"USER_INFO", Server_Cmd_USERINFO}
};
#define NUM_COMMANDS (sizeof(gaServer_Commands)/sizeof(gaServer_Commands[0]))
int giServer_Socket;
@@ -206,6 +208,7 @@ void Server_HandleClient(int Socket, int bTrusted)
char *ret;
*eol = '\0';
ret = Server_ParseClientCommand(&clientInfo, start);
+ printf("ret = %s", ret);
// `ret` is a string on the heap
send(Socket, ret, strlen(ret), 0);
free(ret);
@@ -306,9 +309,7 @@ char *Server_Cmd_USER(tClient *Client, char *Args)
Client->Salt[7] = 0x21 + (rand()&0x3F);
// TODO: Also send hash type to use, (SHA1 or crypt according to [DAA])
- // "100 Salt xxxxXXXX\n"
- ret = strdup("100 SALT xxxxXXXX\n");
- sprintf(ret, "100 SALT %s\n", Client->Salt);
+ ret = mkstr("100 SALT %s\n", Client->Salt);
#else
ret = strdup("100 User Set\n");
#endif
@@ -546,6 +547,8 @@ char *Server_Cmd_ADD(tClient *Client, char *Args)
*reason = '\0';
reason ++;
+ // TODO: Check if the current user is in coke/higher
+
// Get recipient
uid = GetUserID(user);
if( uid == -1 ) return strdup("404 Invalid user");
@@ -566,6 +569,22 @@ char *Server_Cmd_ADD(tClient *Client, char *Args)
}
}
+char *Server_Cmd_USERINFO(tClient *Client, char *Args)
+{
+ int uid;
+ char *user = Args;
+ char *space;
+
+ space = strchr(user, ' ');
+ if(space) *space = '\0';
+
+ // Get recipient
+ uid = GetUserID(user);
+ if( uid == -1 ) return strdup("404 Invalid user");
+
+ return mkstr("202 User %s %i user\n", user, GetBalance(uid));
+}
+
/**
* \brief Authenticate a user
* \return User ID, or -1 if authentication failed