summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpiaip <piaip@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>2009-06-06 22:24:50 +0800
committerpiaip <piaip@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>2009-06-06 22:24:50 +0800
commit2cf681116231eb085a985917ae19188f06dc041e (patch)
tree43a55cb156587c9451d27ea3aaaa1a0ad9e51a5c
parent9c4e5e52c6b9de0ff0873fd76a3d187a19fb45da (diff)
downloadpttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar.gz
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar.bz2
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar.lz
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar.xz
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.tar.zst
pttbbs-2cf681116231eb085a985917ae19188f06dc041e.zip
- refine and prepare for login daemon:
* change str_guest and str_new to macro definition names * make passwd utilites (check, verify, ...) available in util_passwd * make logattemtp() use assigned time and host. git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@4498 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
-rw-r--r--include/common.h5
-rw-r--r--include/proto.h5
-rw-r--r--mbbsd/mbbsd.c51
-rw-r--r--mbbsd/passwd.c70
-rw-r--r--mbbsd/register.c56
-rw-r--r--mbbsd/var.c1
6 files changed, 98 insertions, 90 deletions
diff --git a/include/common.h b/include/common.h
index 7ada007b..8cb003ed 100644
--- a/include/common.h
+++ b/include/common.h
@@ -2,7 +2,9 @@
#ifndef INCLUDE_COMMON_H
#define INCLUDE_COMMON_H
-#define STR_GUEST "guest"
+#define STR_GUEST "guest" // guest account
+#define STR_REGNEW "new" // 用來建新帳號的名稱
+
#define DEFAULT_BOARD str_sysop
#define FN_PASSWD BBSHOME "/.PASSWDS" /* User records */
@@ -35,6 +37,7 @@
#define FN_BOARDHELP "etc/board.help"
#define FN_RESERVED_ID "etc/reserved.id" // 保留系統用無法註冊的 ID
#define FN_USERMEMO "memo.txt" // 使用者個人記事本
+#define FN_BADLOGIN "logins.bad" // in BBSHOME & user directory
// 自訂刪除文章時出現的標題與檔案
diff --git a/include/proto.h b/include/proto.h
index 414e8b6c..b17086c9 100644
--- a/include/proto.h
+++ b/include/proto.h
@@ -494,7 +494,6 @@ int getindex(const char *fpath, fileheader_t *fh, int start);
int u_register(void);
int bad_user_id(const char *userid);
int getnewuserid(void);
-int checkpasswd(const char *passwd, char *test);
int setupnewuser(const userec_t *user);
int regform_estimate_queuesize();
void new_register(void);
@@ -502,7 +501,6 @@ void check_register(void);
void check_birthday(void);
int check_regmail(char *email); // check and prompt for invalid reason; will str_lower() mail domain.
void delregcodefile(void);
-char *genpasswd(char *pw);
/* reversi */
void reversi(int s, ChessGameMode mode);
@@ -740,6 +738,9 @@ void passwd_force_update(int flag);
int initcuser(const char *userid);
int freecuser(void);
int passwd_add_my_numpost(int diff); // temporary hack before new account system ready.
+char* genpasswd (char *pw);
+int checkpasswd(const char *passwd, char *test); // test will be destroyed
+void logattempt (const char *uid, char type, time4_t now, const char *fromhost);
// current user help utilities
int pwcuSetSignature (unsigned char newsig);
diff --git a/mbbsd/mbbsd.c b/mbbsd/mbbsd.c
index d3dfe234..c5bc0e83 100644
--- a/mbbsd/mbbsd.c
+++ b/mbbsd/mbbsd.c
@@ -657,35 +657,6 @@ multi_user_check(void)
}
}
-/* bad login */
-static char * const str_badlogin = "logins.bad";
-
-static void
-logattempt(const char *uid, char type)
-{
- char fname[40];
- int fd, len;
- char genbuf[200];
-
- snprintf(genbuf, sizeof(genbuf), "%c%-12s[%s] ?@%s\n", type, uid,
- Cdate(&login_start_time), fromhost);
- len = strlen(genbuf);
- if ((fd = open(str_badlogin, O_WRONLY | O_CREAT | O_APPEND, 0644)) > 0) {
- write(fd, genbuf, len);
- close(fd);
- }
- if (type == '-') {
- snprintf(genbuf, sizeof(genbuf),
- "[%s] %s\n", Cdate(&login_start_time), fromhost);
- len = strlen(genbuf);
- sethomefile(fname, uid, str_badlogin);
- if ((fd = open(fname, O_WRONLY | O_CREAT | O_APPEND, 0644)) > 0) {
- write(fd, genbuf, len);
- close(fd);
- }
- }
-}
-
void mkuserdir(const char *userid)
{
char genbuf[PATHLEN];
@@ -759,17 +730,21 @@ login_query(void)
uid[IDLEN] = 0;
#endif
- if (strcasecmp(uid, str_new) == 0) {
-#ifdef LOGINASNEW
+#ifdef STR_REGNEW
+ if (strcasecmp(uid, STR_REGNEW) == 0) {
+# ifdef LOGINASNEW
new_register();
mkuserdir(cuser.userid);
reginit_fav();
break;
-#else
- outs("本系統目前無法以 new 註冊, 請用 guest 進入\n");
+# else // !LOGINASNEW
+ outs("本系統目前無法以 " STR_REGNEW " 註冊, 請用 guest 進入\n");
continue;
-#endif
- } else if (!is_validuserid(uid)) {
+# endif // !LOGINASNEW
+ } else
+#endif // STR_REGNEW
+
+ if (!is_validuserid(uid)) {
outs(err_uid);
@@ -804,13 +779,13 @@ login_query(void)
!checkpasswd(cuser.passwd, passbuf) ){
if(is_validuserid(cuser.userid))
- logattempt(cuser.userid , '-');
+ logattempt(cuser.userid , '-', login_start_time, fromhost);
sleep(1);
outs(ERR_PASSWD);
} else {
- logattempt(cuser.userid, ' ');
+ logattempt(cuser.userid, ' ', login_start_time, fromhost);
outs("密碼正確! 開始登入系統...");
move(22, 0); refresh();
clrtoeol();
@@ -1079,7 +1054,7 @@ inline static void welcome_msg(void)
inline static void check_bad_login(void)
{
char genbuf[200];
- setuserfile(genbuf, str_badlogin);
+ setuserfile(genbuf, FN_BADLOGIN);
if (more(genbuf, NA) != -1) {
move(b_lines - 3, 0);
outs("通常並沒有辦法知道該ip是誰所有, "
diff --git a/mbbsd/passwd.c b/mbbsd/passwd.c
index ac349654..86a347ba 100644
--- a/mbbsd/passwd.c
+++ b/mbbsd/passwd.c
@@ -188,3 +188,73 @@ passwd_unlock(void)
exit(1);
}
}
+
+// XXX NOTE: string in plain will be destroyed.
+int
+checkpasswd(const char *passwd, char *plain)
+{
+ int ok;
+ char *pw;
+
+ ok = 0;
+ pw = fcrypt(plain, passwd);
+ if(pw && strcmp(pw, passwd)==0)
+ ok = 1;
+ memset(plain, 0, strlen(plain));
+
+ return ok;
+}
+
+char *
+genpasswd(char *pw)
+{
+ if (pw[0]) {
+ char saltc[2], c;
+ int i;
+
+ i = 9 * getpid();
+ saltc[0] = i & 077;
+ saltc[1] = (i >> 6) & 077;
+
+ for (i = 0; i < 2; i++) {
+ c = saltc[i] + '.';
+ if (c > '9')
+ c += 7;
+ if (c > 'Z')
+ c += 6;
+ saltc[i] = c;
+ }
+ return fcrypt(pw, saltc);
+ }
+ return "";
+}
+
+
+void
+logattempt(const char *uid, char type, time4_t now, const char *loghost)
+{
+ char fname[PATHLEN];
+ int fd, len;
+ char genbuf[200];
+
+ snprintf(genbuf, sizeof(genbuf), "%c%-12s[%s] ?@%s\n", type, uid,
+ Cdate(&now), loghost);
+ len = strlen(genbuf);
+ // log to public (BBSHOME)
+ if ((fd = open(FN_BADLOGIN, O_WRONLY | O_CREAT | O_APPEND, 0644)) > 0) {
+ write(fd, genbuf, len);
+ close(fd);
+ }
+ // log to user private log
+ if (type == '-') {
+ snprintf(genbuf, sizeof(genbuf),
+ "[%s] %s\n", Cdate(&now), loghost);
+ len = strlen(genbuf);
+ sethomefile(fname, uid, FN_BADLOGIN);
+ if ((fd = open(fname, O_WRONLY | O_CREAT | O_APPEND, 0644)) > 0) {
+ write(fd, genbuf, len);
+ close(fd);
+ }
+ }
+}
+
diff --git a/mbbsd/register.c b/mbbsd/register.c
index 2f9d7672..f580058e 100644
--- a/mbbsd/register.c
+++ b/mbbsd/register.c
@@ -26,50 +26,6 @@
#define DATE_SAMPLE "1911/2/29"
////////////////////////////////////////////////////////////////////////////
-// Password Hash
-////////////////////////////////////////////////////////////////////////////
-
-char *
-genpasswd(char *pw)
-{
- if (pw[0]) {
- char saltc[2], c;
- int i;
-
- i = 9 * getpid();
- saltc[0] = i & 077;
- saltc[1] = (i >> 6) & 077;
-
- for (i = 0; i < 2; i++) {
- c = saltc[i] + '.';
- if (c > '9')
- c += 7;
- if (c > 'Z')
- c += 6;
- saltc[i] = c;
- }
- return fcrypt(pw, saltc);
- }
- return "";
-}
-
-// NOTE it will clean string in "plain"
-int
-checkpasswd(const char *passwd, char *plain)
-{
- int ok;
- char *pw;
-
- ok = 0;
- pw = fcrypt(plain, passwd);
- if(pw && strcmp(pw, passwd)==0)
- ok = 1;
- memset(plain, 0, strlen(plain));
-
- return ok;
-}
-
-////////////////////////////////////////////////////////////////////////////
// Value Validation
////////////////////////////////////////////////////////////////////////////
static int
@@ -124,10 +80,12 @@ bad_user_id(const char *userid)
if(!is_validuserid(userid))
return 1;
- if (strcasecmp(userid, str_new) == 0)
+#if defined(STR_REGNEW)
+ if (strcasecmp(userid, STR_REGNEW) == 0)
return 1;
+#endif
-#ifdef NO_GUEST_ACCOUNT_REG
+#if defined(STR_GUEST) && !defined(NO_GUEST_ACCOUNT_REG)
if (strcasecmp(userid, STR_GUEST) == 0)
return 1;
#endif
@@ -279,10 +237,12 @@ compute_user_value(const userec_t * urec, time4_t clock)
return 999999;
value = (clock - urec->lastlogin) / 60; /* minutes */
+#ifdef STR_REGNEW
/* new user should register in 30 mins */
- // XXX 目前 new acccount 並不會在 utmp 裡放 str_new...
- if (strcmp(urec->userid, str_new) == 0)
+ // XXX 目前 new acccount 並不會在 utmp 裡放 STR_REGNEW...
+ if (strcmp(urec->userid, STR_REGNEW) == 0)
return 30 - value;
+#endif
#if 0
if (!urec->numlogins) /* 未 login 成功者,不保留 */
diff --git a/mbbsd/var.c b/mbbsd/var.c
index 46e58bd3..7bfc785a 100644
--- a/mbbsd/var.c
+++ b/mbbsd/var.c
@@ -169,7 +169,6 @@ char * const err_uid = ERR_UID;
char * const err_filename = ERR_FILENAME;
char * const str_mail_address = "." BBSUSER "@" MYHOSTNAME;
-char * const str_new = "new";
char * const str_reply = "Re: ";
char * const str_space = " \t\n\r";
char * const str_sysop = "SYSOP";