Back to index

webcit  8.12-dfsg
Functions | Variables
auth.c File Reference
#include "webcit.h"
#include "webserver.h"
#include <ctype.h>

Go to the source code of this file.

Functions

uint32_t hashlittle (const void *key, size_t length, uint32_t initval)
void initialize_axdefs (void)
void display_login (void)
void become_logged_in (const StrBuf *user, const StrBuf *pass, StrBuf *serv_response)
void ajax_login_username_password (void)
void ajax_login_newuser (void)
void openid_manual_create (void)
void do_openid_login (void)
void finalize_openid_login (void)
void do_welcome (void)
void end_webcit_session (void)
void do_logout (void)
void monitor (void)
void validate (void)
void display_reg (int during_login)
void changepw (void)
int ConditionalHaveAccessCreateRoom (StrBuf *Target, WCTemplputParams *TP)
int ConditionalAide (StrBuf *Target, WCTemplputParams *TP)
int ConditionalIsLoggedIn (StrBuf *Target, WCTemplputParams *TP)
void switch_language (void)
void _display_reg (void)
void Header_HandleAuth (StrBuf *Line, ParsedHttpHdrs *hdr)
void CheckAuthBasic (ParsedHttpHdrs *hdr)
void GetAuthBasic (ParsedHttpHdrs *hdr)
void Header_HandleCookie (StrBuf *Line, ParsedHttpHdrs *hdr)
void HttpNewModule_AUTH (ParsedHttpHdrs *httpreq)
void HttpDetachModule_AUTH (ParsedHttpHdrs *httpreq)
void HttpDestroyModule_AUTH (ParsedHttpHdrs *httpreq)
void InitModule_AUTH (void)
void SessionDestroyModule_AUTH (wcsession *sess)

Variables

char * axdefs [7]

Function Documentation

void _display_reg ( void  )

Definition at line 822 of file auth.c.

                        {
       display_reg(0);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void ajax_login_newuser ( void  )

Definition at line 162 of file auth.c.

                              {
       StrBuf *NBuf = NewStrBuf();
       StrBuf *SBuf = NewStrBuf();

       serv_printf("NEWU %s", bstr("name"));
       StrBuf_ServGetln(NBuf);
       if (GetServerStatus(NBuf, NULL) == 2) {
              become_logged_in(sbstr("name"), sbstr("pass"), NBuf);
              serv_printf("SETP %s", bstr("pass"));
              StrBuf_ServGetln(SBuf);
       }

       /* The client is expecting to read back a citadel protocol response */
       wc_printf("%s", ChrPtr(NBuf));
       FreeStrBuf(&NBuf);
       FreeStrBuf(&SBuf);
}

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 139 of file auth.c.

                                        {
       StrBuf *Buf = NewStrBuf();

       serv_printf("USER %s", bstr("name"));
       StrBuf_ServGetln(Buf);
       if (GetServerStatus(Buf, NULL) == 3) {
              serv_printf("PASS %s", bstr("pass"));
              StrBuf_ServGetln(Buf);
              if (GetServerStatus(Buf, NULL) == 2) {
                     become_logged_in(sbstr("name"), sbstr("pass"), Buf);
              }
       }

       /* The client is expecting to read back a citadel protocol response */
       wc_printf("%s", ChrPtr(Buf));
       FreeStrBuf(&Buf);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void become_logged_in ( const StrBuf *  user,
const StrBuf *  pass,
StrBuf *  serv_response 
)

Definition at line 81 of file auth.c.

{
       wcsession *WCC = WC;
       StrBuf *Buf;
       StrBuf *FloorDiv;

       WCC->logged_in = 1;

       if (WCC->wc_fullname == NULL)
              WCC->wc_fullname = NewStrBufPlain(NULL, StrLength(serv_response));
       StrBufExtract_token(WCC->wc_fullname, serv_response, 0, '|');
       StrBufCutLeft(WCC->wc_fullname, 4 );
       
       if (WCC->wc_username == NULL)
              WCC->wc_username = NewStrBufDup(user);
       else {
              FlushStrBuf(WCC->wc_username);
              StrBufAppendBuf(WCC->wc_username, user, 0);
       }

       if (WCC->wc_password == NULL)
              WCC->wc_password = NewStrBufDup(pass);
       else {
              FlushStrBuf(WCC->wc_password);
              StrBufAppendBuf(WCC->wc_password, pass, 0);
       }

       WCC->axlevel = StrBufExtract_int(serv_response, 1, '|');
       if (WCC->axlevel >= 6) {
              WCC->is_aide = 1;
       }

       load_preferences();

       Buf = NewStrBuf();
       serv_puts("CHEK");
       StrBuf_ServGetln(Buf);
       if (GetServerStatus(Buf, NULL) == 2) {
              const char *pch;

              pch = ChrPtr(Buf) + 4;
              /*WCC->new_mail  =*/ StrBufExtractNext_long(Buf, &pch, '|');
              WCC->need_regi = StrBufExtractNext_long(Buf, &pch, '|');
              WCC->need_vali = StrBufExtractNext_long(Buf, &pch, '|');
              if (WCC->cs_inet_email == NULL)
                     WCC->cs_inet_email  = NewStrBuf();
              StrBufExtract_NextToken(WCC->cs_inet_email, Buf, &pch, '|');
       }
       get_preference("floordiv_expanded", &FloorDiv);
       WCC->floordiv_expanded = FloorDiv;
       FreeStrBuf(&Buf);
       FlushRoomlist();
}

Here is the call graph for this function:

Here is the caller graph for this function:

void changepw ( void  )

Definition at line 730 of file auth.c.

{
       StrBuf *Line;
       char newpass1[32], newpass2[32];

       if (!havebstr("change_action")) {
              AppendImportantMessage(_("Cancelled.  Password was not changed."), -1);
              display_main_menu();
              return;
       }

       safestrncpy(newpass1, bstr("newpass1"), sizeof newpass1);
       safestrncpy(newpass2, bstr("newpass2"), sizeof newpass2);

       if (strcasecmp(newpass1, newpass2)) {
              AppendImportantMessage(_("They don't match.  Password was not changed."), -1);
              do_template("menu_change_pw");
              return;
       }

       if (IsEmptyStr(newpass1)) {
              AppendImportantMessage(_("Blank passwords are not allowed."), -1);
              do_template("menu_change_pw");
              return;
       }

       Line = NewStrBuf();
       serv_printf("SETP %s", newpass1);
       StrBuf_ServGetln(Line);
       if (GetServerStatusMsg(Line, NULL, 1, 0) == 2) {
              if (WC->wc_password == NULL)
                     WC->wc_password = NewStrBufPlain(
                            ChrPtr(Line) + 4, 
                            StrLength(Line) - 4);
              else {
                     FlushStrBuf(WC->wc_password);
                     StrBufAppendBufPlain(WC->wc_password,  
                                        ChrPtr(Line) + 4, 
                                        StrLength(Line) - 4, 0);
              }
              display_main_menu();
       }
       else {
              do_template("menu_change_pw");
       }
       FreeStrBuf(&Line);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void CheckAuthBasic ( ParsedHttpHdrs hdr)

Definition at line 843 of file auth.c.

{
/*
  todo: enable this if we can have other sessions than authenticated ones.
       if (hdr->DontNeedAuth)
              return;
*/
       StrBufAppendBufPlain(hdr->HR.plainauth, HKEY(":"), 0);
       StrBufAppendBuf(hdr->HR.plainauth, hdr->HR.user_agent, 0);
}

Here is the caller graph for this function:

int ConditionalAide ( StrBuf *  Target,
WCTemplputParams TP 
)

Definition at line 798 of file auth.c.

{
       wcsession *WCC = WC;
       return (WCC != NULL) ? ((WCC->logged_in == 0)||(WC->is_aide == 0)) : 0;
}

Here is the caller graph for this function:

int ConditionalHaveAccessCreateRoom ( StrBuf *  Target,
WCTemplputParams TP 
)

Definition at line 779 of file auth.c.

{
       StrBuf *Buf;  

       Buf = NewStrBuf();
       serv_puts("CRE8 0");
       StrBuf_ServGetln(Buf);

       if (GetServerStatus(Buf, NULL) == 2) {
              StrBufCutLeft(Buf, 4);
              AppendImportantMessage(SKEY(Buf));
              FreeStrBuf(&Buf);
              return 0;
       }
       FreeStrBuf(&Buf);
       return 1;
}

Here is the call graph for this function:

Here is the caller graph for this function:

int ConditionalIsLoggedIn ( StrBuf *  Target,
WCTemplputParams TP 
)

Definition at line 805 of file auth.c.

{
       wcsession *WCC = WC;
       return (WCC != NULL) ? (WCC->logged_in == 0) : 0;

}

Here is the caller graph for this function:

void display_login ( void  )

Definition at line 57 of file auth.c.

{
       begin_burst();
       output_headers(1, 0, 0, 0, 1, 0);
       do_template("login");
       end_burst();
}

Here is the call graph for this function:

Here is the caller graph for this function:

void display_reg ( int  during_login)

Definition at line 676 of file auth.c.

{
       folder Room;
       StrBuf *Buf;
       message_summary *VCMsg = NULL;
       wc_mime_attachment *VCAtt = NULL;
       long vcard_msgnum;

       Buf = NewStrBuf();
       memset(&Room, 0, sizeof(folder));
       if (goto_config_room(Buf, &Room) != 0) {
              syslog(9, "display_reg() exiting because goto_config_room() failed\n");
              if (during_login) {
                     pop_destination();
              }
              else {
                     display_main_menu();
              }
              FreeStrBuf(&Buf);
              FlushFolder(&Room);         
              return;
       }
       FlushFolder(&Room);

       FreeStrBuf(&Buf);
       vcard_msgnum = locate_user_vcard_in_this_room(&VCMsg, &VCAtt);
       if (vcard_msgnum < 0L) {
              syslog(9, "display_reg() exiting because locate_user_vcard_in_this_room() failed\n");
              if (during_login) {
                     pop_destination();
              }
              else {
                     display_main_menu();
              }
              return;
       }

       if (during_login) {
              do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, "pop", USERCONFIGROOM);
       }
       else {
              StrBuf *ReturnTo;
              ReturnTo = NewStrBufPlain(HKEY("display_main_menu?go="));
              StrBufAppendBuf(ReturnTo, WC->CurRoom.name, 0);
              do_edit_vcard(vcard_msgnum, "1", VCMsg, VCAtt, ChrPtr(ReturnTo), USERCONFIGROOM);
              FreeStrBuf(&ReturnTo);
       }

}

Here is the call graph for this function:

Here is the caller graph for this function:

void do_logout ( void  )

Definition at line 483 of file auth.c.

{
       wcsession *WCC = WC;
       char buf[SIZ];

       FlushStrBuf(WCC->wc_username);
       FlushStrBuf(WCC->wc_password);
       FlushStrBuf(WCC->wc_fullname);
       FlushRoomlist();

       serv_puts("LOUT");
       serv_getln(buf, sizeof buf);
       WCC->logged_in = 0;

       FlushStrBuf(WCC->CurRoom.name);

       /* Calling output_headers() this way causes the cookies to be un-set */
       output_headers(1, 1, 0, 1, 0, 0);
       do_template("logout");
       if (WC->serv_info->serv_supports_guest) {
              display_default_landing_page();
              return;
       }

       wDumpContent(2);
       end_webcit_session();
}

Here is the call graph for this function:

Here is the caller graph for this function:

void do_openid_login ( void  )

Definition at line 246 of file auth.c.

{
       char buf[4096];

       snprintf(buf, sizeof buf,
              "OIDS %s|%s/finalize_openid_login|%s",
              bstr("openid_url"),
              ChrPtr(site_prefix),
              ChrPtr(site_prefix)
       );

       serv_puts(buf);
       serv_getln(buf, sizeof buf);
       if (buf[0] == '2') {
              syslog(LOG_DEBUG, "OpenID server contacted; redirecting to %s\n", &buf[4]);
              http_redirect(&buf[4]);
              return;
       }

       begin_burst();
       output_headers(1, 0, 0, 0, 1, 0);
       wc_printf("<html><body>");
       escputs(&buf[4]);
       wc_printf("</body></html>");
       end_burst();
}

Here is the call graph for this function:

Here is the caller graph for this function:

void do_welcome ( void  )

Definition at line 416 of file auth.c.

{
       StrBuf *Buf;
#ifdef XXX_NOT_FINISHED_YET_XXX
       FILE *fp;
       int i;

       if (WC->is_aide) {
              if (!setup_wizard) {
                     int len;
                     sprintf(wizard_filename, "setupwiz.%s.%s",
                            abs(HashLittle(ctdlhost, strlen(ctdlhost))),
                            abs(HashLittle(ctdlport, strlen(ctdlport)))
                     );

                     fp = fopen(wizard_filename, "r");
                     if (fp != NULL) {
                            fgets(buf, sizeof buf, fp);
                            buf[strlen(buf)-1] = 0;
                            fclose(fp);
                            if (atoi(buf) == serv_info.serv_rev_level) {
                                   setup_wizard = 1;    /* already run */
                            }
                     }
              }

              if (!setup_wizard) {
                     http_redirect("setup_wizard");
              }
       }
#endif

       /*
        * Go to the user's preferred start page
        */
       if (!get_preference("startpage", &Buf)) {
              Buf = NewStrBuf ();
              StrBufPrintf(Buf, "dotskip?room=_BASEROOM_");
              set_preference("startpage", Buf, 1);
       }
       if (ChrPtr(Buf)[0] == '/') {
              StrBufCutLeft(Buf, 1);
       }
       if (StrLength(Buf) == 0) {
              StrBufAppendBufPlain(Buf, "dotgoto?room=_BASEROOM_", -1, 0);
       }
       syslog(9, "Redirecting to user's start page: %s\n", ChrPtr(Buf));
       http_redirect(ChrPtr(Buf));
}

Here is the call graph for this function:

Here is the caller graph for this function:

void end_webcit_session ( void  )

Definition at line 473 of file auth.c.

                              {
       serv_puts("QUIT");
       WC->killthis = 1;
       /* close() of citadel socket will be done by do_housekeeping() */
}

Here is the call graph for this function:

Here is the caller graph for this function:

void finalize_openid_login ( void  )

Definition at line 278 of file auth.c.

{
       StrBuf *Buf;
       wcsession *WCC = WC;
       int linecount = 0;
       StrBuf *result = NULL;
       StrBuf *username = NULL;
       StrBuf *password = NULL;
       StrBuf *logged_in_response = NULL;
       StrBuf *claimed_id = NULL;

       if (havebstr("openid.mode")) {
              if (!strcasecmp(bstr("openid.mode"), "id_res")) {
                     Buf = NewStrBuf();
                     serv_puts("OIDF");
                     StrBuf_ServGetln(Buf);
                     if (GetServerStatus(Buf, NULL) == 8) {
                            urlcontent *u;
                            void *U;
                            long HKLen;
                            const char *HKey;
                            HashPos *Cursor;
                            int len;
                            
                            Cursor = GetNewHashPos (WCC->Hdr->urlstrings, 0);
                            while (GetNextHashPos(WCC->Hdr->urlstrings, Cursor, &HKLen, &HKey, &U)) {
                                   u = (urlcontent*) U;
                                   if (!strncasecmp(u->url_key, "openid.", 7)) {
                                          serv_printf("%s|%s", &u->url_key[7], ChrPtr(u->url_data));
                                   }
                            }

                            serv_puts("000");

                            linecount = 0;
                            while (len = StrBuf_ServGetln(Buf), 
                                   ((len >= 0) &&
                                   ((len != 3) || strcmp(ChrPtr(Buf), "000") )))
                            {
                                   if (linecount == 0) result = NewStrBufDup(Buf);
                                   if (!strcasecmp(ChrPtr(result), "authenticate")) {
                                          if (linecount == 1) {
                                                 username = NewStrBufDup(Buf);
                                          }
                                          else if (linecount == 2) {
                                                 password = NewStrBufDup(Buf);
                                          }
                                          else if (linecount == 3) {
                                                 logged_in_response = NewStrBufDup(Buf);
                                          }
                                   }
                                   else if (!strcasecmp(ChrPtr(result), "verify_only")) {
                                          if (linecount == 1) {
                                                 claimed_id = NewStrBufDup(Buf);
                                          }
                                          if (linecount == 2) {
                                                 username = NewStrBufDup(Buf);
                                          }
                                   }
                                   ++linecount;
                            }
                     }
                     FreeStrBuf(&Buf);
              }
       }

       /*
        * Is this an attempt to associate a new OpenID with an account that is already logged in?
        */
       if ( (WCC->logged_in) && (havebstr("attach_existing")) ) {
              display_openids();
       }

       /* If this operation logged us in, either by connecting with an existing account or by
        * auto-creating one using Simple Registration Extension, we're already on our way.
        */
       else if (!strcasecmp(ChrPtr(result), "authenticate")) {
              become_logged_in(username, password, logged_in_response);

              /* Did we manage to log in?  If so, continue with the normal flow... */
              if (WC->logged_in) {
                     begin_burst();
                     output_headers(1, 0, 0, 0, 1, 0);
                     do_template("authpopup_finished");
                     end_burst();
              } else {
                     begin_burst();
                     output_headers(1, 0, 0, 0, 1, 0);
                     wc_printf("<html><body>");
                     wc_printf(_("An error has occurred."));
                     wc_printf("</body></html>");
                     end_burst();
              }
       }

       /* The specified OpenID was verified but the desired user name was either not specified via SRE
        * or conflicts with an existing user.  Either way the user will need to specify a new name.
        */
       else if (!strcasecmp(ChrPtr(result), "verify_only")) {
              putbstr("__claimed_id", claimed_id);
              claimed_id = NULL;
              if (StrLength(username) > 0) {
                     putbstr("__username", username);
                     username = NULL;
              }
              begin_burst();
              output_headers(1, 0, 0, 0, 1, 0);
              wc_printf("<html><body>");
              do_template("openid_manual_create");
              wc_printf("</body></html>");
              end_burst();
       }

       /* Something went VERY wrong if we get to this point */
       else {
              syslog(1, "finalize_openid_login() failed to do anything.  This is a code problem.\n");
              begin_burst();
              output_headers(1, 0, 0, 0, 1, 0);
              wc_printf("<html><body>");
              wc_printf(_("An error has occurred."));
              wc_printf("</body></html>");
              end_burst();
       }

       FreeStrBuf(&result);
       FreeStrBuf(&username);
       FreeStrBuf(&password);
       FreeStrBuf(&claimed_id);
       FreeStrBuf(&logged_in_response);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void GetAuthBasic ( ParsedHttpHdrs hdr)

Definition at line 855 of file auth.c.

{
       const char *Pos = NULL;
       if (hdr->c_username == NULL)
              hdr->c_username = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER));
       if (hdr->c_password == NULL)
              hdr->c_password = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS));
       StrBufExtract_NextToken(hdr->c_username, hdr->HR.plainauth, &Pos, ':');
       StrBufExtract_NextToken(hdr->c_password, hdr->HR.plainauth, &Pos, ':');
}

Here is the caller graph for this function:

uint32_t hashlittle ( const void *  key,
size_t  length,
uint32_t  initval 
)
void Header_HandleAuth ( StrBuf *  Line,
ParsedHttpHdrs hdr 
)

Definition at line 827 of file auth.c.

{
       if (hdr->HR.got_auth == NO_AUTH) /* don't override cookie auth... */
       {
              if (strncasecmp(ChrPtr(Line), "Basic", 5) == 0) {
                     StrBufCutLeft(Line, 6);
                     StrBufDecodeBase64(Line);
                     hdr->HR.plainauth = Line;
                     hdr->HR.got_auth = AUTH_BASIC;
              }
              else 
                     syslog(1, "Authentication scheme not supported! [%s]\n", ChrPtr(Line));
       }
}

Here is the caller graph for this function:

void Header_HandleCookie ( StrBuf *  Line,
ParsedHttpHdrs hdr 
)

Definition at line 867 of file auth.c.

{
       const char *pch;
/*
  todo: enable this if we can have other sessions than authenticated ones.
       if (hdr->DontNeedAuth)
              return;
*/
       pch = strstr(ChrPtr(Line), "webcit=");
       if (pch == NULL) {
              return;
       }

       hdr->HR.RawCookie = Line;
       StrBufCutLeft(hdr->HR.RawCookie, (pch - ChrPtr(hdr->HR.RawCookie)) + 7);
       StrBufDecodeHex(hdr->HR.RawCookie);

       cookie_to_stuff(Line, &hdr->HR.desired_session,
                     hdr->c_username,
                     hdr->c_password,
                     hdr->c_roomname,
                     hdr->c_language
       );
       hdr->HR.got_auth = AUTH_COOKIE;
}

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 918 of file auth.c.

{
       FreeStrBuf(&httpreq->c_username);
       FreeStrBuf(&httpreq->c_password);
       FreeStrBuf(&httpreq->c_roomname);
       FreeStrBuf(&httpreq->c_language);
}

Here is the caller graph for this function:

Definition at line 907 of file auth.c.

{
       FLUSHStrBuf(httpreq->c_username);
       FLUSHStrBuf(httpreq->c_password);
       FLUSHStrBuf(httpreq->c_roomname);
       FLUSHStrBuf(httpreq->c_language);
}

Here is the caller graph for this function:

void HttpNewModule_AUTH ( ParsedHttpHdrs httpreq)

Definition at line 896 of file auth.c.

{
       httpreq->c_username = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_USER));
       httpreq->c_password = NewStrBufPlain(HKEY(DEFAULT_HTTPAUTH_PASS));
       httpreq->c_roomname = NewStrBuf();
       httpreq->c_language = NewStrBuf();
}

Here is the caller graph for this function:

void initialize_axdefs ( void  )

Definition at line 27 of file auth.c.

                             {

       /* an erased user */
       axdefs[0] = _("Deleted");       

       /* a new user */
       axdefs[1] = _("New User");      

       /* a trouble maker */
       axdefs[2] = _("Problem User");  

       /* user with normal privileges */
       axdefs[3] = _("Local User");    

       /* a user that may access network resources */
       axdefs[4] = _("Network User");  

       /* a moderator */
       axdefs[5] = _("Preferred User");

       /* chief */
       axdefs[6] = _("Aide");          
}

Here is the caller graph for this function:

void InitModule_AUTH ( void  )

Definition at line 929 of file auth.c.

{
       initialize_axdefs();
       RegisterHeaderHandler(HKEY("COOKIE"), Header_HandleCookie);
       RegisterHeaderHandler(HKEY("AUTHORIZATION"), Header_HandleAuth);

       /* no url pattern at all? Show login. */
       WebcitAddUrlHandler(HKEY(""), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);

       WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, ANONYMOUS|COOKIEUNNEEDED);
       WebcitAddUrlHandler(HKEY("openid_login"), "", 0, do_openid_login, ANONYMOUS);
       WebcitAddUrlHandler(HKEY("finalize_openid_login"), "", 0, finalize_openid_login, ANONYMOUS);
       WebcitAddUrlHandler(HKEY("openid_manual_create"), "", 0, openid_manual_create, ANONYMOUS);
       WebcitAddUrlHandler(HKEY("validate"), "", 0, validate, 0);
       WebcitAddUrlHandler(HKEY("do_welcome"), "", 0, do_welcome, 0);
       WebcitAddUrlHandler(HKEY("display_reg"), "", 0, _display_reg, 0);
       WebcitAddUrlHandler(HKEY("changepw"), "", 0, changepw, 0);
       WebcitAddUrlHandler(HKEY("termquit"), "", 0, do_logout, 0);
       WebcitAddUrlHandler(HKEY("do_logout"), "", 0, do_logout, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
       WebcitAddUrlHandler(HKEY("monitor"), "", 0, monitor, ANONYMOUS|COOKIEUNNEEDED|FORCE_SESSIONCLOSE);
       WebcitAddUrlHandler(HKEY("ajax_login_username_password"), "", 0, ajax_login_username_password, AJAX|ANONYMOUS);
       WebcitAddUrlHandler(HKEY("ajax_login_newuser"), "", 0, ajax_login_newuser, AJAX|ANONYMOUS);
       WebcitAddUrlHandler(HKEY("switch_language"), "", 0, switch_language, ANONYMOUS);
       RegisterConditional(HKEY("COND:AIDE"), 2, ConditionalAide, CTX_NONE);
       RegisterConditional(HKEY("COND:LOGGEDIN"), 2, ConditionalIsLoggedIn, CTX_NONE);
       RegisterConditional(HKEY("COND:MAY_CREATE_ROOM"), 2,  ConditionalHaveAccessCreateRoom, CTX_NONE);
       return;
}

Here is the call graph for this function:

Here is the caller graph for this function:

void monitor ( void  )

Definition at line 515 of file auth.c.

{
       output_headers(0, 0, 0, 0, 0, 0);

       hprintf("Content-type: text/plain\r\n"
              "Server: " PACKAGE_STRING "\r\n"
              "Connection: close\r\n"
       );
       begin_burst();

       wc_printf("Connection to Citadel server at %s:%s : %s\r\n",
              ctdlhost, ctdlport,
              (WC->connected ? "SUCCESS" : "FAIL")
       );

       wDumpContent(0);
}

Here is the call graph for this function:

Here is the caller graph for this function:

void openid_manual_create ( void  )

Definition at line 185 of file auth.c.

{
       StrBuf *Buf;

       /* Did the user change his mind?  Pack up and go home. */
       if (havebstr("exit_action")) {
              begin_burst();
              output_headers(1, 0, 0, 0, 1, 0);
              do_template("authpopup_finished");
              end_burst();
              return;
       }


       /* Ok, let's give this a try.  Can we create the new user? */

       Buf = NewStrBuf();
       serv_printf("OIDC %s", bstr("name"));
       StrBuf_ServGetln(Buf);
       if (GetServerStatus(Buf, NULL) == 2) {
              StrBuf *gpass;

              gpass = NewStrBuf();
              serv_puts("SETP GENERATE_RANDOM_PASSWORD");
              StrBuf_ServGetln(gpass);
              StrBufCutLeft(gpass, 4);
              become_logged_in(sbstr("name"), gpass, Buf);
              FreeStrBuf(&gpass);
       }
       FreeStrBuf(&Buf);

       /* Did we manage to log in?  If so, continue with the normal flow... */
       if (WC->logged_in) {
              if (WC->logged_in) {
                     begin_burst();
                     output_headers(1, 0, 0, 0, 1, 0);
                     do_template("authpopup_finished");
                     end_burst();
              }
       } else {
              /* Still no good!  Go back to teh dialog to select a username */
              const StrBuf *Buf;
              putbstr("__claimed_id", NewStrBufDup(sbstr("openid_url")));
              Buf = sbstr("name");
              if (StrLength(Buf) > 0)
                     putbstr("__username", NewStrBufDup(Buf));
              begin_burst();
              output_headers(1, 0, 0, 0, 1, 0);
              wc_printf("<html><body>");
              do_template("openid_manual_create");
              wc_printf("</body></html>");
              end_burst();
       }

}

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 961 of file auth.c.

{
       FreeStrBuf(&sess->wc_username);
       FreeStrBuf(&sess->wc_fullname);
       FreeStrBuf(&sess->wc_password);
       FreeStrBuf(&sess->httpauth_pass);
       FreeStrBuf(&sess->cs_inet_email);
}

Here is the caller graph for this function:

void switch_language ( void  )

Definition at line 816 of file auth.c.

Here is the call graph for this function:

Here is the caller graph for this function:

void validate ( void  )

Definition at line 537 of file auth.c.

{
       char cmd[SIZ];
       char user[SIZ];
       char buf[SIZ];
       int a;

       output_headers(1, 1, 1, 0, 0, 0);

        do_template("box_begin_1");
        StrBufAppendBufPlain(WC->WBuf, _("Validate new users"), -1, 0);
        do_template("box_begin_2");

       /* If the user just submitted a validation, process it... */
       safestrncpy(buf, bstr("user"), sizeof buf);
       if (!IsEmptyStr(buf)) {
              if (havebstr("axlevel")) {
                     serv_printf("VALI %s|%s", buf, bstr("axlevel"));
                     serv_getln(buf, sizeof buf);
                     if (buf[0] != '2') {
                            wc_printf("<b>%s</b><br>\n", &buf[4]);
                     }
              }
       }

       /* Now see if any more users require validation. */
       serv_puts("GNUR");
       serv_getln(buf, sizeof buf);
       if (buf[0] == '2') {
              wc_printf("<b>");
              wc_printf(_("No users require validation at this time."));
              wc_printf("</b><br>\n");
              wDumpContent(1);
              return;
       }
       if (buf[0] != '3') {
              wc_printf("<b>%s</b><br>\n", &buf[4]);
              wDumpContent(1);
              return;
       }

       wc_printf("<table class=\"auth_validate\"><tr><td>\n");
       wc_printf("<div id=\"validate\">");

       safestrncpy(user, &buf[4], sizeof user);
       serv_printf("GREG %s", user);
       serv_getln(cmd, sizeof cmd);
       if (cmd[0] == '1') {
              a = 0;
              do {
                     serv_getln(buf, sizeof buf);
                     ++a;
                     if (a == 1)
                            wc_printf("#%s<br><H1>%s</H1>",
                                   buf, &cmd[4]);
                     if (a == 2) {
                            char *pch;
                            int haveChar = 0;
                            int haveNum = 0;
                            int haveOther = 0;
                            int haveLong = 0;
                            pch = buf;
                            while (!IsEmptyStr(pch))
                            {
                                   if (isdigit(*pch))
                                          haveNum = 1;
                                   else if (isalpha(*pch))
                                          haveChar = 1;
                                   else
                                          haveOther = 1;
                                   pch ++;
                            }
                            if (pch - buf > 7)
                                   haveLong = 1;
                            switch (haveLong + 
                                   haveChar + 
                                   haveNum + 
                                   haveOther)
                            {
                            case 0:
                                   pch = _("very weak");
                                   break;
                            case 1:
                                   pch = _("weak");
                                   break;
                            case 2:
                                   pch = _("ok");
                                   break;
                            case 3:
                            default:
                                   pch = _("strong");
                            }

                            wc_printf("PW: %s<br>\n", pch);
                     }
                     if (a == 3)
                            wc_printf("%s<br>\n", buf);
                     if (a == 4)
                            wc_printf("%s<br>\n", buf);
                     if (a == 5)
                            wc_printf("%s, ", buf);
                     if (a == 6)
                            wc_printf("%s ", buf);
                     if (a == 7)
                            wc_printf("%s<br>\n", buf);
                     if (a == 8)
                            wc_printf("%s<br>\n", buf);
                     if (a == 9)
                            wc_printf(_("Current access level: %d (%s)\n"),
                                   atoi(buf), axdefs[atoi(buf)]);
              } while (strcmp(buf, "000"));
       } else {
              wc_printf("<H1>%s</H1>%s<br>\n", user, &cmd[4]);
       }

       wc_printf("<hr />");
       wc_printf(_("Select access level for this user:"));
       wc_printf("<br>\n");
       for (a = 0; a <= 6; ++a) {
              wc_printf("<a href=\"validate?nonce=%d?user=", WC->nonce);
              urlescputs(user);
              wc_printf("&axlevel=%d\">%s</A>&nbsp;&nbsp;&nbsp;\n",
                     a, axdefs[a]);
       }
       wc_printf("<br>\n");

       wc_printf("</div>\n");
       wc_printf("</td></tr></table>\n");
       do_template("box_end");
       wDumpContent(1);
}

Here is the call graph for this function:

Here is the caller graph for this function:


Variable Documentation

char* axdefs[7]

Definition at line 25 of file auth.c.