]> git.r.bdr.sh - rbdr/mobius/blame - hotline/transaction_handlers.go
git.r.bdr.sh / rbdr / mobius / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Use fixed size array types in Transaction fields
[rbdr/mobius] / hotline / transaction_handlers.go
CommitLineData
6988a057
JH		 1package hotline
2
3import (
95159e55 4 "bufio"
6988a057
JH		 5 "bytes"
6 "encoding/binary"
7 "errors"
8 "fmt"
0197c3f5 9 "gopkg.in/yaml.v3"
b129b7cb 10 "io"
6988a057
JH		 11 "math/big"
12 "os"
00d1ef67 13 "path"
2e08be58 14 "path/filepath"
6988a057
JH		 15 "sort"
16 "strings"
17 "time"
18)
19
d005ef04
JH		 20type HandlerFunc func(*ClientConn, *Transaction) ([]Transaction, error)
21
6988a057 22type TransactionType struct {
d005ef04
JH		 23 Handler HandlerFunc // function for handling the transaction type
24 Name string // Name of transaction as it will appear in logging
6988a057
JH		 25 RequiredFields []requiredField
26}
27
28var TransactionHandlers = map[uint16]TransactionType{
29 // Server initiated
d005ef04
JH		 30 TranChatMsg: {
31 Name: "TranChatMsg",
6988a057
JH		 32 },
33 // Server initiated
d005ef04
JH		 34 TranNotifyChangeUser: {
35 Name: "TranNotifyChangeUser",
6988a057 36 },
d005ef04
JH		 37 TranError: {
38 Name: "TranError",
6988a057 39 },
d005ef04
JH		 40 TranShowAgreement: {
41 Name: "TranShowAgreement",
6988a057 42 },
d005ef04
JH		 43 TranUserAccess: {
44 Name: "TranUserAccess",
6988a057 45 },
d005ef04
JH		 46 TranNotifyDeleteUser: {
47 Name: "TranNotifyDeleteUser",
5454019c 48 },
d005ef04
JH		 49 TranAgreed: {
50 Name: "TranAgreed",
6988a057
JH		 51 Handler: HandleTranAgreed,
52 },
d005ef04
JH		 53 TranChatSend: {
54 Name: "TranChatSend",
d4c152a4 55 Handler: HandleChatSend,
6988a057
JH		 56 RequiredFields: []requiredField{
57 {
d005ef04 58 ID: FieldData,
6988a057
JH		 59 minLen: 0,
60 },
61 },
62 },
d005ef04
JH		 63 TranDelNewsArt: {
64 Name: "TranDelNewsArt",
6988a057
JH		 65 Handler: HandleDelNewsArt,
66 },
d005ef04
JH		 67 TranDelNewsItem: {
68 Name: "TranDelNewsItem",
6988a057
JH		 69 Handler: HandleDelNewsItem,
70 },
d005ef04
JH		 71 TranDeleteFile: {
72 Name: "TranDeleteFile",
6988a057
JH		 73 Handler: HandleDeleteFile,
74 },
d005ef04
JH		 75 TranDeleteUser: {
76 Name: "TranDeleteUser",
6988a057
JH		 77 Handler: HandleDeleteUser,
78 },
d005ef04
JH		 79 TranDisconnectUser: {
80 Name: "TranDisconnectUser",
6988a057
JH		 81 Handler: HandleDisconnectUser,
82 },
d005ef04
JH		 83 TranDownloadFile: {
84 Name: "TranDownloadFile",
6988a057
JH		 85 Handler: HandleDownloadFile,
86 },
d005ef04
JH		 87 TranDownloadFldr: {
88 Name: "TranDownloadFldr",
6988a057
JH		 89 Handler: HandleDownloadFolder,
90 },
d005ef04
JH		 91 TranGetClientInfoText: {
92 Name: "TranGetClientInfoText",
df1ade54 93 Handler: HandleGetClientInfoText,
6988a057 94 },
d005ef04
JH		 95 TranGetFileInfo: {
96 Name: "TranGetFileInfo",
6988a057
JH		 97 Handler: HandleGetFileInfo,
98 },
d005ef04
JH		 99 TranGetFileNameList: {
100 Name: "TranGetFileNameList",
6988a057
JH		 101 Handler: HandleGetFileNameList,
102 },
d005ef04
JH		 103 TranGetMsgs: {
104 Name: "TranGetMsgs",
6988a057
JH		 105 Handler: HandleGetMsgs,
106 },
d005ef04
JH		 107 TranGetNewsArtData: {
108 Name: "TranGetNewsArtData",
6988a057
JH		 109 Handler: HandleGetNewsArtData,
110 },
d005ef04
JH		 111 TranGetNewsArtNameList: {
112 Name: "TranGetNewsArtNameList",
6988a057
JH		 113 Handler: HandleGetNewsArtNameList,
114 },
d005ef04
JH		 115 TranGetNewsCatNameList: {
116 Name: "TranGetNewsCatNameList",
6988a057
JH		 117 Handler: HandleGetNewsCatNameList,
118 },
d005ef04
JH		 119 TranGetUser: {
120 Name: "TranGetUser",
6988a057
JH		 121 Handler: HandleGetUser,
122 },
d005ef04 123 TranGetUserNameList: {
6988a057
JH		 124 Name: "tranHandleGetUserNameList",
125 Handler: HandleGetUserNameList,
126 },
d005ef04
JH		 127 TranInviteNewChat: {
128 Name: "TranInviteNewChat",
6988a057
JH		 129 Handler: HandleInviteNewChat,
130 },
d005ef04
JH		 131 TranInviteToChat: {
132 Name: "TranInviteToChat",
6988a057
JH		 133 Handler: HandleInviteToChat,
134 },
d005ef04
JH		 135 TranJoinChat: {
136 Name: "TranJoinChat",
6988a057
JH		 137 Handler: HandleJoinChat,
138 },
d005ef04
JH		 139 TranKeepAlive: {
140 Name: "TranKeepAlive",
6988a057
JH		 141 Handler: HandleKeepAlive,
142 },
d005ef04
JH		 143 TranLeaveChat: {
144 Name: "TranJoinChat",
6988a057
JH		 145 Handler: HandleLeaveChat,
146 },
d005ef04
JH		 147 TranListUsers: {
148 Name: "TranListUsers",
6988a057
JH		 149 Handler: HandleListUsers,
150 },
d005ef04
JH		 151 TranMoveFile: {
152 Name: "TranMoveFile",
6988a057
JH		 153 Handler: HandleMoveFile,
154 },
d005ef04
JH		 155 TranNewFolder: {
156 Name: "TranNewFolder",
6988a057
JH		 157 Handler: HandleNewFolder,
158 },
d005ef04
JH		 159 TranNewNewsCat: {
160 Name: "TranNewNewsCat",
6988a057
JH		 161 Handler: HandleNewNewsCat,
162 },
d005ef04
JH		 163 TranNewNewsFldr: {
164 Name: "TranNewNewsFldr",
6988a057
JH		 165 Handler: HandleNewNewsFldr,
166 },
d005ef04
JH		 167 TranNewUser: {
168 Name: "TranNewUser",
6988a057
JH		 169 Handler: HandleNewUser,
170 },
d005ef04
JH		 171 TranUpdateUser: {
172 Name: "TranUpdateUser",
d2810ae9
JH		 173 Handler: HandleUpdateUser,
174 },
d005ef04
JH		 175 TranOldPostNews: {
176 Name: "TranOldPostNews",
6988a057
JH		 177 Handler: HandleTranOldPostNews,
178 },
d005ef04
JH		 179 TranPostNewsArt: {
180 Name: "TranPostNewsArt",
6988a057
JH		 181 Handler: HandlePostNewsArt,
182 },
d005ef04
JH		 183 TranRejectChatInvite: {
184 Name: "TranRejectChatInvite",
6988a057
JH		 185 Handler: HandleRejectChatInvite,
186 },
d005ef04
JH		 187 TranSendInstantMsg: {
188 Name: "TranSendInstantMsg",
6988a057
JH		 189 Handler: HandleSendInstantMsg,
190 RequiredFields: []requiredField{
191 {
d005ef04 192 ID: FieldData,
6988a057
JH		 193 minLen: 0,
194 },
195 {
d005ef04 196 ID: FieldUserID,
6988a057
JH		 197 },
198 },
199 },
d005ef04
JH		 200 TranSetChatSubject: {
201 Name: "TranSetChatSubject",
6988a057
JH		 202 Handler: HandleSetChatSubject,
203 },
d005ef04
JH		 204 TranMakeFileAlias: {
205 Name: "TranMakeFileAlias",
decc2fbf
JH		 206 Handler: HandleMakeAlias,
207 RequiredFields: []requiredField{
d005ef04
JH		 208 {ID: FieldFileName, minLen: 1},
209 {ID: FieldFilePath, minLen: 1},
210 {ID: FieldFileNewPath, minLen: 1},
decc2fbf
JH		 211 },
212 },
d005ef04
JH		 213 TranSetClientUserInfo: {
214 Name: "TranSetClientUserInfo",
6988a057
JH		 215 Handler: HandleSetClientUserInfo,
216 },
d005ef04
JH		 217 TranSetFileInfo: {
218 Name: "TranSetFileInfo",
6988a057
JH		 219 Handler: HandleSetFileInfo,
220 },
d005ef04
JH		 221 TranSetUser: {
222 Name: "TranSetUser",
6988a057
JH		 223 Handler: HandleSetUser,
224 },
d005ef04
JH		 225 TranUploadFile: {
226 Name: "TranUploadFile",
6988a057
JH		 227 Handler: HandleUploadFile,
228 },
d005ef04
JH		 229 TranUploadFldr: {
230 Name: "TranUploadFldr",
6988a057
JH		 231 Handler: HandleUploadFolder,
232 },
d005ef04
JH		 233 TranUserBroadcast: {
234 Name: "TranUserBroadcast",
6988a057
JH		 235 Handler: HandleUserBroadcast,
236 },
d005ef04
JH		 237 TranDownloadBanner: {
238 Name: "TranDownloadBanner",
9067f234
JH		 239 Handler: HandleDownloadBanner,
240 },
6988a057
JH		 241}
242
243func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 244 if !cc.Authorize(accessSendChat) {
003a743e
JH		 245 res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
246 return res, err
247 }
248
6988a057 249 // Truncate long usernames
72dd37f1 250 trunc := fmt.Sprintf("%13s", cc.UserName)
d005ef04 251 formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(FieldData).Data)
6988a057
JH		 252
253 // By holding the option key, Hotline chat allows users to send /me formatted messages like:
254 // *** Halcyon does stuff
d005ef04 255 // This is indicated by the presence of the optional field FieldChatOptions set to a value of 1.
2e43fd4e 256 // Most clients do not send this option for normal chat messages.
d005ef04
JH		 257 if t.GetField(FieldChatOptions).Data != nil && bytes.Equal(t.GetField(FieldChatOptions).Data, []byte{0, 1}) {
258 formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(FieldData).Data)
6988a057
JH		 259 }
260
361928c9
JH		 261 // The ChatID field is used to identify messages as belonging to a private chat.
262 // All clients *except* Frogblast omit this field for public chat, but Frogblast sends a value of 00 00 00 00.
d005ef04 263 chatID := t.GetField(FieldChatID).Data
361928c9 264 if chatID != nil && !bytes.Equal([]byte{0, 0, 0, 0}, chatID) {
6988a057
JH		 265 chatInt := binary.BigEndian.Uint32(chatID)
266 privChat := cc.Server.PrivateChats[chatInt]
267
481631f6
JH		 268 clients := sortedClients(privChat.ClientConn)
269
6988a057 270 // send the message to all connected clients of the private chat
481631f6 271 for _, c := range clients {
6988a057 272 res = append(res, *NewTransaction(
d005ef04 273 TranChatMsg,
6988a057 274 c.ID,
d005ef04
JH		 275 NewField(FieldChatID, chatID),
276 NewField(FieldData, []byte(formattedMsg)),
6988a057
JH		 277 ))
278 }
279 return res, err
280 }
281
282 for _, c := range sortedClients(cc.Server.Clients) {
283 // Filter out clients that do not have the read chat permission
187d6dc5 284 if c.Authorize(accessReadChat) {
d005ef04 285 res = append(res, *NewTransaction(TranChatMsg, c.ID, NewField(FieldData, []byte(formattedMsg))))
6988a057
JH		 286 }
287 }
288
289 return res, err
290}
291
292// HandleSendInstantMsg sends instant message to the user on the current server.
293// Fields used in the request:
33265393 294//
6988a057
JH		 295// 103 User ID
296// 113 Options
297// One of the following values:
298// - User message (myOpt_UserMessage = 1)
299// - Refuse message (myOpt_RefuseMessage = 2)
300// - Refuse chat (myOpt_RefuseChat = 3)
301// - Automatic response (myOpt_AutomaticResponse = 4)"
302// 101 Data Optional
303// 214 Quoting message Optional
304//
aebc4d36 305// Fields used in the reply:
6988a057
JH		 306// None
307func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
69c2fb50
JH		 308 if !cc.Authorize(accessSendPrivMsg) {
309 res = append(res, cc.NewErrReply(t, "You are not allowed to send private messages."))
d0ba21fc 310 return res, errors.New("user is not allowed to send private messages")
69c2fb50
JH		 311 }
312
d005ef04
JH		 313 msg := t.GetField(FieldData)
314 ID := t.GetField(FieldUserID)
6988a057 315
aeec1015 316 reply := NewTransaction(
d005ef04 317 TranServerMsg,
5ae50876 318 &ID.Data,
d005ef04
JH		 319 NewField(FieldData, msg.Data),
320 NewField(FieldUserName, cc.UserName),
321 NewField(FieldUserID, *cc.ID),
322 NewField(FieldOptions, []byte{0, 1}),
6988a057 323 )
6988a057 324
d005ef04 325 // Later versions of Hotline include the original message in the FieldQuotingMsg field so
5ae50876 326 // the receiving client can display both the received message and what it is in reply to
d005ef04
JH		 327 if t.GetField(FieldQuotingMsg).Data != nil {
328 reply.Fields = append(reply.Fields, NewField(FieldQuotingMsg, t.GetField(FieldQuotingMsg).Data))
5ae50876
JH		 329 }
330
d0ba21fc
JH		 331 id, err := byteToInt(ID.Data)
332 if err != nil {
333 return res, errors.New("invalid client ID")
334 }
aeec1015
JH		 335 otherClient, ok := cc.Server.Clients[uint16(id)]
336 if !ok {
337 return res, errors.New("invalid client ID")
6988a057
JH		 338 }
339
38f710ec
JH		 340 // Check if target user has "Refuse private messages" flag
341 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(otherClient.Flags)))
1efbb15f 342 if flagBitmap.Bit(UserFlagRefusePM) == 1 {
38f710ec
JH		 343 res = append(res,
344 *NewTransaction(
d005ef04 345 TranServerMsg,
38f710ec 346 cc.ID,
d005ef04
JH		 347 NewField(FieldData, []byte(string(otherClient.UserName)+" does not accept private messages.")),
348 NewField(FieldUserName, otherClient.UserName),
349 NewField(FieldUserID, *otherClient.ID),
350 NewField(FieldOptions, []byte{0, 2}),
38f710ec
JH		 351 ),
352 )
353 } else {
354 res = append(res, *reply)
355 }
356
6988a057 357 // Respond with auto reply if other client has it enabled
aebc4d36 358 if len(otherClient.AutoReply) > 0 {
6988a057
JH		 359 res = append(res,
360 *NewTransaction(
d005ef04 361 TranServerMsg,
6988a057 362 cc.ID,
d005ef04
JH		 363 NewField(FieldData, otherClient.AutoReply),
364 NewField(FieldUserName, otherClient.UserName),
365 NewField(FieldUserID, *otherClient.ID),
366 NewField(FieldOptions, []byte{0, 1}),
6988a057
JH		 367 ),
368 )
369 }
370
371 res = append(res, cc.NewReply(t))
372
373 return res, err
374}
375
376func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 377 fileName := t.GetField(FieldFileName).Data
378 filePath := t.GetField(FieldFilePath).Data
6988a057 379
7cd900d6
JH		 380 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
381 if err != nil {
382 return res, err
383 }
384
385 fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
6988a057
JH		 386 if err != nil {
387 return res, err
388 }
389
2e1aec0f
JH		 390 encodedName, err := txtEncoder.String(fw.name)
391 if err != nil {
392 return res, fmt.Errorf("invalid filepath encoding: %w", err)
393 }
394
4a88189f 395 fields := []Field{
2e1aec0f 396 NewField(FieldFileName, []byte(encodedName)),
d005ef04
JH		 397 NewField(FieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
398 NewField(FieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
d005ef04
JH		 399 NewField(FieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
400 NewField(FieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
401 NewField(FieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
4a88189f
JH		 402 }
403
404 // Include the optional FileComment field if there is a comment.
405 if len(fw.ffo.FlatFileInformationFork.Comment) != 0 {
406 fields = append(fields, NewField(FieldFileComment, fw.ffo.FlatFileInformationFork.Comment))
407 }
408
409 // Include the FileSize field for files.
410 if !bytes.Equal(fw.ffo.FlatFileInformationFork.TypeSignature, []byte{0x66, 0x6c, 0x64, 0x72}) {
411 fields = append(fields, NewField(FieldFileSize, fw.totalSize()))
412 }
413
414 res = append(res, cc.NewReply(t, fields...))
6988a057
JH		 415 return res, err
416}
417
95159e55 418// HandleSetFileInfo updates a file or folder Name and/or comment from the Get Info window
6988a057 419// Fields used in the request:
95159e55 420// * 201 File Name
6988a057 421// * 202 File path Optional
95159e55 422// * 211 File new Name Optional
6988a057
JH		 423// * 210 File comment Optional
424// Fields used in the reply: None
425func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 426 fileName := t.GetField(FieldFileName).Data
427 filePath := t.GetField(FieldFilePath).Data
92a7e455
JH		 428
429 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
430 if err != nil {
431 return res, err
432 }
433
7cd900d6
JH		 434 fi, err := cc.Server.FS.Stat(fullFilePath)
435 if err != nil {
436 return res, err
437 }
438
439 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
440 if err != nil {
441 return res, err
442 }
d005ef04 443 if t.GetField(FieldFileComment).Data != nil {
7cd900d6
JH		 444 switch mode := fi.Mode(); {
445 case mode.IsDir():
187d6dc5 446 if !cc.Authorize(accessSetFolderComment) {
7cd900d6
JH		 447 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
448 return res, err
449 }
450 case mode.IsRegular():
187d6dc5 451 if !cc.Authorize(accessSetFileComment) {
7cd900d6
JH		 452 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
453 return res, err
454 }
455 }
456
d005ef04 457 if err := hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(FieldFileComment).Data); err != nil {
67db911d
JH		 458 return res, err
459 }
7cd900d6
JH		 460 w, err := hlFile.infoForkWriter()
461 if err != nil {
462 return res, err
463 }
9cf66aea 464 _, err = io.Copy(w, &hlFile.ffo.FlatFileInformationFork)
7cd900d6
JH		 465 if err != nil {
466 return res, err
467 }
468 }
469
d005ef04 470 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(FieldFileNewName).Data)
92a7e455
JH		 471 if err != nil {
472 return nil, err
473 }
474
d005ef04 475 fileNewName := t.GetField(FieldFileNewName).Data
6988a057
JH		 476
477 if fileNewName != nil {
6988a057
JH		 478 switch mode := fi.Mode(); {
479 case mode.IsDir():
187d6dc5 480 if !cc.Authorize(accessRenameFolder) {
6988a057
JH		 481 res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
482 return res, err
483 }
7cd900d6
JH		 484 err = os.Rename(fullFilePath, fullNewFilePath)
485 if os.IsNotExist(err) {
486 res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
487 return res, err
488 }
6988a057 489 case mode.IsRegular():
187d6dc5 490 if !cc.Authorize(accessRenameFile) {
6988a057
JH		 491 res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
492 return res, err
493 }
7cd900d6
JH		 494 fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
495 if err != nil {
496 return nil, err
497 }
2e1aec0f
JH		 498 hlFile.name, err = txtDecoder.String(string(fileNewName))
499 if err != nil {
500 return res, fmt.Errorf("invalid filepath encoding: %w", err)
501 }
502
7cd900d6
JH		 503 err = hlFile.move(fileDir)
504 if os.IsNotExist(err) {
505 res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
506 return res, err
507 }
508 if err != nil {
69af8ddb 509 return res, err
7cd900d6 510 }
6988a057
JH		 511 }
512 }
513
514 res = append(res, cc.NewReply(t))
515 return res, err
516}
517
518// HandleDeleteFile deletes a file or folder
519// Fields used in the request:
95159e55 520// * 201 File Name
6988a057
JH		 521// * 202 File path
522// Fields used in the reply: none
523func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 524 fileName := t.GetField(FieldFileName).Data
525 filePath := t.GetField(FieldFilePath).Data
6988a057 526
92a7e455
JH		 527 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
528 if err != nil {
529 return res, err
530 }
6988a057 531
7cd900d6
JH		 532 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
533 if err != nil {
534 return res, err
535 }
6988a057 536
7cd900d6 537 fi, err := hlFile.dataFile()
6988a057 538 if err != nil {
92a7e455 539 res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
6988a057
JH		 540 return res, nil
541 }
7cd900d6 542
6988a057
JH		 543 switch mode := fi.Mode(); {
544 case mode.IsDir():
187d6dc5 545 if !cc.Authorize(accessDeleteFolder) {
6988a057
JH		 546 res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
547 return res, err
548 }
549 case mode.IsRegular():
187d6dc5 550 if !cc.Authorize(accessDeleteFile) {
6988a057
JH		 551 res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
552 return res, err
553 }
554 }
555
7cd900d6 556 if err := hlFile.delete(); err != nil {
6988a057
JH		 557 return res, err
558 }
559
560 res = append(res, cc.NewReply(t))
561 return res, err
562}
563
564// HandleMoveFile moves files or folders. Note: seemingly not documented
565func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 566 fileName := string(t.GetField(FieldFileName).Data)
7cd900d6 567
d005ef04 568 filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFilePath).Data, t.GetField(FieldFileName).Data)
7cd900d6
JH		 569 if err != nil {
570 return res, err
571 }
572
d005ef04 573 fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFileNewPath).Data, nil)
7cd900d6
JH		 574 if err != nil {
575 return res, err
576 }
6988a057 577
a6216dd8 578 cc.logger.Info("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
6988a057 579
7cd900d6 580 hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
67db911d
JH		 581 if err != nil {
582 return res, err
583 }
7cd900d6
JH		 584
585 fi, err := hlFile.dataFile()
586 if err != nil {
587 res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
588 return res, err
589 }
6988a057
JH		 590 switch mode := fi.Mode(); {
591 case mode.IsDir():
187d6dc5 592 if !cc.Authorize(accessMoveFolder) {
6988a057
JH		 593 res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
594 return res, err
595 }
596 case mode.IsRegular():
187d6dc5 597 if !cc.Authorize(accessMoveFile) {
6988a057
JH		 598 res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
599 return res, err
600 }
601 }
7cd900d6 602 if err := hlFile.move(fileNewPath); err != nil {
6988a057
JH		 603 return res, err
604 }
7cd900d6 605 // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
6988a057
JH		 606
607 res = append(res, cc.NewReply(t))
608 return res, err
609}
610
611func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 612 if !cc.Authorize(accessCreateFolder) {
d4c152a4
JH		 613 res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
614 return res, err
615 }
d005ef04 616 folderName := string(t.GetField(FieldFileName).Data)
00d1ef67
JH		 617
618 folderName = path.Join("/", folderName)
6988a057 619
2e08be58
JH		 620 var subPath string
621
d005ef04
JH		 622 // FieldFilePath is only present for nested paths
623 if t.GetField(FieldFilePath).Data != nil {
72dd37f1 624 var newFp FilePath
d005ef04 625 _, err := newFp.Write(t.GetField(FieldFilePath).Data)
00d1ef67
JH		 626 if err != nil {
627 return nil, err
628 }
2e08be58
JH		 629
630 for _, pathItem := range newFp.Items {
631 subPath = filepath.Join("/", subPath, string(pathItem.Name))
632 }
6988a057 633 }
2e08be58 634 newFolderPath := path.Join(cc.Server.Config.FileRoot, subPath, folderName)
2e1aec0f
JH		 635 newFolderPath, err = txtDecoder.String(newFolderPath)
636 if err != nil {
637 return res, fmt.Errorf("invalid filepath encoding: %w", err)
638 }
6988a057 639
95159e55 640 // TODO: check path and folder Name lengths
00d1ef67 641
b196a50a 642 if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
95159e55 643 msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that Name.", folderName)
00d1ef67
JH		 644 return []Transaction{cc.NewErrReply(t, msg)}, nil
645 }
646
b196a50a 647 if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
00d1ef67
JH		 648 msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
649 return []Transaction{cc.NewErrReply(t, msg)}, nil
6988a057
JH		 650 }
651
652 res = append(res, cc.NewReply(t))
653 return res, err
654}
655
656func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 657 if !cc.Authorize(accessModifyUser) {
d4c152a4
JH		 658 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
659 return res, err
660 }
661
6699cff2 662 login := string(encodeString(t.GetField(FieldUserLogin).Data))
d005ef04 663 userName := string(t.GetField(FieldUserName).Data)
6988a057 664
d005ef04 665 newAccessLvl := t.GetField(FieldUserAccess).Data
6988a057
JH		 666
667 account := cc.Server.Accounts[login]
180d6544
JH		 668 if account == nil {
669 return append(res, cc.NewErrReply(t, "Account not found.")), nil
670 }
6988a057 671 account.Name = userName
187d6dc5 672 copy(account.Access[:], newAccessLvl)
6988a057
JH		 673
674 // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
d005ef04
JH		 675 // not include FieldUserPassword
676 if t.GetField(FieldUserPassword).Data == nil {
6988a057
JH		 677 account.Password = hashAndSalt([]byte(""))
678 }
180d6544
JH		 679
680 if !bytes.Equal([]byte{0}, t.GetField(FieldUserPassword).Data) {
d005ef04 681 account.Password = hashAndSalt(t.GetField(FieldUserPassword).Data)
6988a057
JH		 682 }
683
6988a057
JH		 684 out, err := yaml.Marshal(&account)
685 if err != nil {
686 return res, err
687 }
31658ca1 688 if err := os.WriteFile(filepath.Join(cc.Server.ConfigDir, "Users", login+".yaml"), out, 0666); err != nil {
6988a057
JH		 689 return res, err
690 }
691
692 // Notify connected clients logged in as the user of the new access level
693 for _, c := range cc.Server.Clients {
694 if c.Account.Login == login {
695 // Note: comment out these two lines to test server-side deny messages
d005ef04 696 newT := NewTransaction(TranUserAccess, c.ID, NewField(FieldUserAccess, newAccessLvl))
6988a057
JH		 697 res = append(res, *newT)
698
a7216f67 699 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(c.Flags)))
43754e31 700 if c.Authorize(accessDisconUser) {
b1658a46 701 flagBitmap.SetBit(flagBitmap, UserFlagAdmin, 1)
6988a057 702 } else {
b1658a46 703 flagBitmap.SetBit(flagBitmap, UserFlagAdmin, 0)
6988a057 704 }
a7216f67 705 binary.BigEndian.PutUint16(c.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 706
707 c.Account.Access = account.Access
708
709 cc.sendAll(
d005ef04
JH		 710 TranNotifyChangeUser,
711 NewField(FieldUserID, *c.ID),
712 NewField(FieldUserFlags, c.Flags),
713 NewField(FieldUserName, c.UserName),
714 NewField(FieldUserIconID, c.Icon),
6988a057
JH		 715 )
716 }
717 }
718
6988a057
JH		 719 res = append(res, cc.NewReply(t))
720 return res, err
721}
722
723func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 724 if !cc.Authorize(accessOpenUser) {
003a743e
JH		 725 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
726 return res, err
727 }
728
d005ef04 729 account := cc.Server.Accounts[string(t.GetField(FieldUserLogin).Data)]
6988a057 730 if account == nil {
481631f6 731 res = append(res, cc.NewErrReply(t, "Account does not exist."))
6988a057
JH		 732 return res, err
733 }
734
735 res = append(res, cc.NewReply(t,
d005ef04 736 NewField(FieldUserName, []byte(account.Name)),
76d0c1f6 737 NewField(FieldUserLogin, encodeString(t.GetField(FieldUserLogin).Data)),
d005ef04
JH		 738 NewField(FieldUserPassword, []byte(account.Password)),
739 NewField(FieldUserAccess, account.Access[:]),
6988a057
JH		 740 ))
741 return res, err
742}
743
744func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 745 if !cc.Authorize(accessOpenUser) {
481631f6
JH		 746 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
747 return res, err
748 }
749
6988a057 750 var userFields []Field
6988a057 751 for _, acc := range cc.Server.Accounts {
0ed51327
JH		 752 accCopy := *acc
753 b, err := io.ReadAll(&accCopy)
926c7f55
JH		 754 if err != nil {
755 return res, err
756 }
757
b129b7cb 758 userFields = append(userFields, NewField(FieldData, b))
6988a057
JH		 759 }
760
761 res = append(res, cc.NewReply(t, userFields...))
762 return res, err
763}
764
d2810ae9
JH		 765// HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
766// An update can be a mix of these actions:
767// * Create user
768// * Delete user
769// * Modify user (including renaming the account login)
770//
771// The Transaction sent by the client includes one data field per user that was modified. This data field in turn
772// contains another data field encoded in its payload with a varying number of sub fields depending on which action is
773// performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
774func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
775 for _, field := range t.Fields {
95159e55
JH		 776
777 var subFields []Field
778
779 // Create a new scanner for parsing incoming bytes into transaction tokens
780 scanner := bufio.NewScanner(bytes.NewReader(field.Data[2:]))
781 scanner.Split(fieldScanner)
782
783 for i := 0; i < int(binary.BigEndian.Uint16(field.Data[0:2])); i++ {
784 scanner.Scan()
785
786 var field Field
787 if _, err := field.Write(scanner.Bytes()); err != nil {
788 return res, fmt.Errorf("error reading field: %w", err)
789 }
790 subFields = append(subFields, field)
d2810ae9
JH		 791 }
792
b8b0a6c9 793 // If there's only one subfield, that indicates this is a delete operation for the login in FieldData
d2810ae9 794 if len(subFields) == 1 {
187d6dc5 795 if !cc.Authorize(accessDeleteUser) {
d2810ae9
JH		 796 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
797 return res, err
798 }
799
6699cff2 800 login := string(encodeString(getField(FieldData, &subFields).Data))
a6216dd8 801 cc.logger.Info("DeleteUser", "login", login)
b8b0a6c9 802
d2810ae9
JH		 803 if err := cc.Server.DeleteUser(login); err != nil {
804 return res, err
805 }
806 continue
807 }
808
b8b0a6c9
JH		 809 // login of the account to update
810 var accountToUpdate, loginToRename string
811
812 // If FieldData is included, this is a rename operation where FieldData contains the login of the existing
813 // account and FieldUserLogin contains the new login.
814 if getField(FieldData, &subFields) != nil {
6699cff2 815 loginToRename = string(encodeString(getField(FieldData, &subFields).Data))
b8b0a6c9 816 }
6699cff2 817 userLogin := string(encodeString(getField(FieldUserLogin, &subFields).Data))
b8b0a6c9
JH		 818 if loginToRename != "" {
819 accountToUpdate = loginToRename
820 } else {
821 accountToUpdate = userLogin
822 }
d2810ae9 823
b8b0a6c9
JH		 824 // Check if accountToUpdate has an existing account. If so, we know we are updating an existing user.
825 if acc, ok := cc.Server.Accounts[accountToUpdate]; ok {
826 if loginToRename != "" {
a6216dd8 827 cc.logger.Info("RenameUser", "prevLogin", accountToUpdate, "newLogin", userLogin)
b8b0a6c9 828 } else {
a6216dd8 829 cc.logger.Info("UpdateUser", "login", accountToUpdate)
b8b0a6c9 830 }
d2810ae9 831
b33477b0 832 // account exists, so this is an update action
187d6dc5 833 if !cc.Authorize(accessModifyUser) {
d2810ae9 834 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
180d6544 835 return res, nil
d2810ae9
JH		 836 }
837
b33477b0
JH		 838 // This part is a bit tricky. There are three possibilities:
839 // 1) The transaction is intended to update the password.
840 // In this case, FieldUserPassword is sent with the new password.
841 // 2) The transaction is intended to remove the password.
842 // In this case, FieldUserPassword is not sent.
843 // 3) The transaction updates the users access bits, but not the password.
180d6544 844 // In this case, FieldUserPassword is sent with zero as the only byte.
d005ef04
JH		 845 if getField(FieldUserPassword, &subFields) != nil {
846 newPass := getField(FieldUserPassword, &subFields).Data
b33477b0
JH		 847 if !bytes.Equal([]byte{0}, newPass) {
848 acc.Password = hashAndSalt(newPass)
849 }
d2810ae9
JH		 850 } else {
851 acc.Password = hashAndSalt([]byte(""))
852 }
853
d005ef04
JH		 854 if getField(FieldUserAccess, &subFields) != nil {
855 copy(acc.Access[:], getField(FieldUserAccess, &subFields).Data)
d2810ae9
JH		 856 }
857
858 err = cc.Server.UpdateUser(
6699cff2
JH		 859 string(encodeString(getField(FieldData, &subFields).Data)),
860 string(encodeString(getField(FieldUserLogin, &subFields).Data)),
d005ef04 861 string(getField(FieldUserName, &subFields).Data),
d2810ae9 862 acc.Password,
187d6dc5 863 acc.Access,
d2810ae9
JH		 864 )
865 if err != nil {
866 return res, err
867 }
868 } else {
187d6dc5 869 if !cc.Authorize(accessCreateUser) {
d2810ae9 870 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
180d6544 871 return res, nil
d2810ae9
JH		 872 }
873
a6216dd8 874 cc.logger.Info("CreateUser", "login", userLogin)
b8b0a6c9 875
187d6dc5 876 newAccess := accessBitmap{}
aeb97482 877 copy(newAccess[:], getField(FieldUserAccess, &subFields).Data)
187d6dc5 878
ecb1fcd9
JH		 879 // Prevent account from creating new account with greater permission
880 for i := 0; i < 64; i++ {
881 if newAccess.IsSet(i) {
882 if !cc.Authorize(i) {
180d6544 883 return append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself.")), nil
ecb1fcd9
JH		 884 }
885 }
886 }
887
b8b0a6c9 888 err = cc.Server.NewUser(userLogin, string(getField(FieldUserName, &subFields).Data), string(getField(FieldUserPassword, &subFields).Data), newAccess)
d2810ae9 889 if err != nil {
180d6544 890 return append(res, cc.NewErrReply(t, "Cannot create account because there is already an account with that login.")), nil
d2810ae9
JH		 891 }
892 }
893 }
894
895 res = append(res, cc.NewReply(t))
896 return res, err
897}
898
6988a057
JH		 899// HandleNewUser creates a new user account
900func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 901 if !cc.Authorize(accessCreateUser) {
481631f6
JH		 902 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
903 return res, err
904 }
905
6699cff2 906 login := string(encodeString(t.GetField(FieldUserLogin).Data))
6988a057 907
7cd900d6 908 // If the account already dataFile, reply with an error
6988a057
JH		 909 if _, ok := cc.Server.Accounts[login]; ok {
910 res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
911 return res, err
912 }
913
187d6dc5 914 newAccess := accessBitmap{}
aeb97482 915 copy(newAccess[:], t.GetField(FieldUserAccess).Data)
187d6dc5 916
ecb1fcd9
JH		 917 // Prevent account from creating new account with greater permission
918 for i := 0; i < 64; i++ {
919 if newAccess.IsSet(i) {
920 if !cc.Authorize(i) {
921 res = append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself."))
922 return res, err
923 }
924 }
925 }
926
d005ef04 927 if err := cc.Server.NewUser(login, string(t.GetField(FieldUserName).Data), string(t.GetField(FieldUserPassword).Data), newAccess); err != nil {
180d6544
JH		 928 res = append(res, cc.NewErrReply(t, "Cannot create account because there is already an account with that login."))
929 return res, err
6988a057
JH		 930 }
931
932 res = append(res, cc.NewReply(t))
933 return res, err
934}
935
936func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 937 if !cc.Authorize(accessDeleteUser) {
003a743e 938 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
180d6544 939 return res, nil
003a743e
JH		 940 }
941
6699cff2 942 login := string(encodeString(t.GetField(FieldUserLogin).Data))
6988a057
JH		 943
944 if err := cc.Server.DeleteUser(login); err != nil {
945 return res, err
946 }
947
948 res = append(res, cc.NewReply(t))
949 return res, err
950}
951
952// HandleUserBroadcast sends an Administrator Message to all connected clients of the server
953func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 954 if !cc.Authorize(accessBroadcast) {
d4c152a4
JH		 955 res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
956 return res, err
957 }
958
6988a057 959 cc.sendAll(
d005ef04
JH		 960 TranServerMsg,
961 NewField(FieldData, t.GetField(TranGetMsgs).Data),
962 NewField(FieldChatOptions, []byte{0}),
6988a057
JH		 963 )
964
965 res = append(res, cc.NewReply(t))
966 return res, err
967}
968
df1ade54
JH		 969// HandleGetClientInfoText returns user information for the specific user.
970//
971// Fields used in the request:
972// 103 User ID
973//
974// Fields used in the reply:
95159e55 975// 102 User Name
df1ade54
JH		 976// 101 Data User info text string
977func HandleGetClientInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 978 if !cc.Authorize(accessGetClientInfo) {
df1ade54 979 res = append(res, cc.NewErrReply(t, "You are not allowed to get client info."))
d4c152a4
JH		 980 return res, err
981 }
982
d005ef04 983 clientID, _ := byteToInt(t.GetField(FieldUserID).Data)
6988a057
JH		 984
985 clientConn := cc.Server.Clients[uint16(clientID)]
986 if clientConn == nil {
df1ade54 987 return append(res, cc.NewErrReply(t, "User not found.")), err
6988a057
JH		 988 }
989
6988a057 990 res = append(res, cc.NewReply(t,
d005ef04
JH		 991 NewField(FieldData, []byte(clientConn.String())),
992 NewField(FieldUserName, clientConn.UserName),
6988a057
JH		 993 ))
994 return res, err
995}
996
997func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
153e2eac 998 return []Transaction{cc.NewReply(t, cc.Server.connectedUsers()...)}, nil
6988a057
JH		 999}
1000
6988a057 1001func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1002 if t.GetField(FieldUserName).Data != nil {
ea5d8c51 1003 if cc.Authorize(accessAnyName) {
d005ef04 1004 cc.UserName = t.GetField(FieldUserName).Data
ea5d8c51
JH		 1005 } else {
1006 cc.UserName = []byte(cc.Account.Name)
1007 }
1008 }
1009
d005ef04 1010 cc.Icon = t.GetField(FieldUserIconID).Data
6988a057 1011
95159e55 1012 cc.logger = cc.logger.With("Name", string(cc.UserName))
a6216dd8 1013 cc.logger.Info("Login successful", "clientVersion", fmt.Sprintf("%v", func() int { i, _ := byteToInt(cc.Version); return i }()))
67db911d 1014
d005ef04 1015 options := t.GetField(FieldOptions).Data
6988a057
JH		 1016 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
1017
a7216f67 1018 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(cc.Flags)))
6988a057
JH		 1019
1020 // Check refuse private PM option
95159e55 1021 if optBitmap.Bit(UserOptRefusePM) == 1 {
b1658a46 1022 flagBitmap.SetBit(flagBitmap, UserFlagRefusePM, 1)
a7216f67 1023 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1024 }
1025
1026 // Check refuse private chat option
95159e55 1027 if optBitmap.Bit(UserOptRefuseChat) == 1 {
b1658a46 1028 flagBitmap.SetBit(flagBitmap, UserFlagRefusePChat, 1)
a7216f67 1029 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1030 }
1031
1032 // Check auto response
95159e55 1033 if optBitmap.Bit(UserOptAutoResponse) == 1 {
d005ef04 1034 cc.AutoReply = t.GetField(FieldAutomaticResponse).Data
6988a057 1035 } else {
aebc4d36 1036 cc.AutoReply = []byte{}
6988a057
JH		 1037 }
1038
ea5d8c51 1039 trans := cc.notifyOthers(
003a743e 1040 *NewTransaction(
d005ef04
JH		 1041 TranNotifyChangeUser, nil,
1042 NewField(FieldUserName, cc.UserName),
1043 NewField(FieldUserID, *cc.ID),
1044 NewField(FieldUserIconID, cc.Icon),
1045 NewField(FieldUserFlags, cc.Flags),
003a743e 1046 ),
ea5d8c51
JH		 1047 )
1048 res = append(res, trans...)
6988a057 1049
9067f234 1050 if cc.Server.Config.BannerFile != "" {
d005ef04 1051 res = append(res, *NewTransaction(TranServerBanner, cc.ID, NewField(FieldBannerType, []byte("JPEG"))))
9067f234
JH		 1052 }
1053
6988a057
JH		 1054 res = append(res, cc.NewReply(t))
1055
1056 return res, err
1057}
1058
6988a057
JH		 1059// HandleTranOldPostNews updates the flat news
1060// Fields used in this request:
1061// 101 Data
1062func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1063 if !cc.Authorize(accessNewsPostArt) {
d4c152a4
JH		 1064 res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
1065 return res, err
1066 }
1067
6988a057
JH		 1068 cc.Server.flatNewsMux.Lock()
1069 defer cc.Server.flatNewsMux.Unlock()
1070
1071 newsDateTemplate := defaultNewsDateFormat
1072 if cc.Server.Config.NewsDateFormat != "" {
1073 newsDateTemplate = cc.Server.Config.NewsDateFormat
1074 }
1075
1076 newsTemplate := defaultNewsTemplate
1077 if cc.Server.Config.NewsDelimiter != "" {
1078 newsTemplate = cc.Server.Config.NewsDelimiter
1079 }
1080
d005ef04 1081 newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(FieldData).Data)
c8bfd606 1082 newsPost = strings.ReplaceAll(newsPost, "\n", "\r")
6988a057 1083
4d64a5b9
JH		 1084 // update news in memory
1085 cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
1086
6988a057 1087 // update news on disk
8a1512f9 1088 if err := cc.Server.FS.WriteFile(filepath.Join(cc.Server.ConfigDir, "MessageBoard.txt"), cc.Server.FlatNews, 0644); err != nil {
6988a057
JH		 1089 return res, err
1090 }
1091
1092 // Notify all clients of updated news
1093 cc.sendAll(
d005ef04
JH		 1094 TranNewMsg,
1095 NewField(FieldData, []byte(newsPost)),
6988a057
JH		 1096 )
1097
1098 res = append(res, cc.NewReply(t))
1099 return res, err
1100}
1101
1102func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1103 if !cc.Authorize(accessDisconUser) {
d4c152a4
JH		 1104 res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
1105 return res, err
1106 }
1107
d005ef04 1108 clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(FieldUserID).Data)]
6988a057 1109
187d6dc5 1110 if clientConn.Authorize(accessCannotBeDiscon) {
6988a057
JH		 1111 res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
1112 return res, err
1113 }
1114
d005ef04 1115 // If FieldOptions is set, then the client IP is banned in addition to disconnected.
46862572
JH		 1116 // 00 01 = temporary ban
1117 // 00 02 = permanent ban
d005ef04
JH		 1118 if t.GetField(FieldOptions).Data != nil {
1119 switch t.GetField(FieldOptions).Data[1] {
46862572
JH		 1120 case 1:
1121 // send message: "You are temporarily banned on this server"
a6216dd8 1122 cc.logger.Info("Disconnect & temporarily ban " + string(clientConn.UserName))
46862572
JH		 1123
1124 res = append(res, *NewTransaction(
d005ef04 1125 TranServerMsg,
46862572 1126 clientConn.ID,
d005ef04
JH		 1127 NewField(FieldData, []byte("You are temporarily banned on this server")),
1128 NewField(FieldChatOptions, []byte{0, 0}),
46862572
JH		 1129 ))
1130
1131 banUntil := time.Now().Add(tempBanDuration)
1132 cc.Server.banList[strings.Split(clientConn.RemoteAddr, ":")[0]] = &banUntil
46862572
JH		 1133 case 2:
1134 // send message: "You are permanently banned on this server"
a6216dd8 1135 cc.logger.Info("Disconnect & ban " + string(clientConn.UserName))
46862572
JH		 1136
1137 res = append(res, *NewTransaction(
d005ef04 1138 TranServerMsg,
46862572 1139 clientConn.ID,
d005ef04
JH		 1140 NewField(FieldData, []byte("You are permanently banned on this server")),
1141 NewField(FieldChatOptions, []byte{0, 0}),
46862572
JH		 1142 ))
1143
1144 cc.Server.banList[strings.Split(clientConn.RemoteAddr, ":")[0]] = nil
b1658a46
JH		 1145 }
1146
1147 err := cc.Server.writeBanList()
1148 if err != nil {
1149 return res, err
46862572 1150 }
6988a057
JH		 1151 }
1152
46862572
JH		 1153 // TODO: remove this awful hack
1154 go func() {
1155 time.Sleep(1 * time.Second)
1156 clientConn.Disconnect()
1157 }()
1158
1159 return append(res, cc.NewReply(t)), err
6988a057
JH		 1160}
1161
d4c152a4
JH		 1162// HandleGetNewsCatNameList returns a list of news categories for a path
1163// Fields used in the request:
1164// 325 News path (Optional)
6988a057 1165func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1166 if !cc.Authorize(accessNewsReadArt) {
d4c152a4
JH		 1167 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1168 return res, err
1169 }
6988a057 1170
d005ef04 1171 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1172 cats := cc.Server.GetNewsCatByPath(pathStrs)
1173
1174 // To store the keys in slice in sorted order
1175 keys := make([]string, len(cats))
1176 i := 0
1177 for k := range cats {
1178 keys[i] = k
1179 i++
1180 }
1181 sort.Strings(keys)
1182
1183 var fieldData []Field
1184 for _, k := range keys {
1185 cat := cats[k]
72dd37f1 1186 b, _ := cat.MarshalBinary()
6988a057 1187 fieldData = append(fieldData, NewField(
d005ef04 1188 FieldNewsCatListData15,
72dd37f1 1189 b,
6988a057
JH		 1190 ))
1191 }
1192
1193 res = append(res, cc.NewReply(t, fieldData...))
1194 return res, err
1195}
1196
1197func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1198 if !cc.Authorize(accessNewsCreateCat) {
d4c152a4
JH		 1199 res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
1200 return res, err
1201 }
1202
d005ef04
JH		 1203 name := string(t.GetField(FieldNewsCatName).Data)
1204 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1205
1206 cats := cc.Server.GetNewsCatByPath(pathStrs)
1207 cats[name] = NewsCategoryListData15{
1208 Name: name,
9cf66aea 1209 Type: [2]byte{0, 3},
6988a057
JH		 1210 Articles: map[uint32]*NewsArtData{},
1211 SubCats: make(map[string]NewsCategoryListData15),
1212 }
1213
1214 if err := cc.Server.writeThreadedNews(); err != nil {
1215 return res, err
1216 }
1217 res = append(res, cc.NewReply(t))
1218 return res, err
1219}
1220
d4c152a4 1221// Fields used in the request:
95159e55 1222// 322 News category Name
d4c152a4 1223// 325 News path
6988a057 1224func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1225 if !cc.Authorize(accessNewsCreateFldr) {
d4c152a4
JH		 1226 res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
1227 return res, err
1228 }
1229
d005ef04
JH		 1230 name := string(t.GetField(FieldFileName).Data)
1231 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057 1232
6988a057
JH		 1233 cats := cc.Server.GetNewsCatByPath(pathStrs)
1234 cats[name] = NewsCategoryListData15{
1235 Name: name,
9cf66aea 1236 Type: [2]byte{0, 2},
6988a057
JH		 1237 Articles: map[uint32]*NewsArtData{},
1238 SubCats: make(map[string]NewsCategoryListData15),
1239 }
1240 if err := cc.Server.writeThreadedNews(); err != nil {
1241 return res, err
1242 }
1243 res = append(res, cc.NewReply(t))
1244 return res, err
1245}
1246
33265393
JH		 1247// HandleGetNewsArtData gets the list of article names at the specified news path.
1248
6988a057
JH		 1249// Fields used in the request:
1250// 325 News path Optional
33265393
JH		 1251
1252// Fields used in the reply:
6988a057
JH		 1253// 321 News article list data Optional
1254func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1255 if !cc.Authorize(accessNewsReadArt) {
d4c152a4 1256 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
f8e4cd54 1257 return res, nil
d4c152a4 1258 }
f8e4cd54 1259
d005ef04 1260 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1261
1262 var cat NewsCategoryListData15
1263 cats := cc.Server.ThreadedNews.Categories
1264
003a743e
JH		 1265 for _, fp := range pathStrs {
1266 cat = cats[fp]
1267 cats = cats[fp].SubCats
6988a057
JH		 1268 }
1269
1270 nald := cat.GetNewsArtListData()
1271
9cf66aea
JH		 1272 b, err := io.ReadAll(&nald)
1273 if err != nil {
f8e4cd54 1274 return res, fmt.Errorf("error loading news articles: %w", err)
9cf66aea
JH		 1275 }
1276
1277 res = append(res, cc.NewReply(t, NewField(FieldNewsArtListData, b)))
f8e4cd54 1278 return res, nil
6988a057
JH		 1279}
1280
33265393
JH		 1281// HandleGetNewsArtData requests information about the specific news article.
1282// Fields used in the request:
1283//
1284// Request fields
1285// 325 News path
1286// 326 News article ID
1287// 327 News article data flavor
1288//
1289// Fields used in the reply:
1290// 328 News article title
1291// 329 News article poster
1292// 330 News article date
1293// 331 Previous article ID
1294// 332 Next article ID
1295// 335 Parent article ID
1296// 336 First child article ID
1297// 327 News article data flavor "Should be “text/plain”
1298// 333 News article data Optional (if data flavor is “text/plain”)
6988a057 1299func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1300 if !cc.Authorize(accessNewsReadArt) {
d4c152a4
JH		 1301 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1302 return res, err
1303 }
1304
6988a057
JH		 1305 var cat NewsCategoryListData15
1306 cats := cc.Server.ThreadedNews.Categories
1307
d005ef04 1308 for _, fp := range ReadNewsPath(t.GetField(FieldNewsPath).Data) {
003a743e
JH		 1309 cat = cats[fp]
1310 cats = cats[fp].SubCats
6988a057 1311 }
6988a057 1312
33265393
JH		 1313 // The official Hotline clients will send the article ID as 2 bytes if possible, but
1314 // some third party clients such as Frogblast and Heildrun will always send 4 bytes
d005ef04 1315 convertedID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
33265393
JH		 1316 if err != nil {
1317 return res, err
1318 }
6988a057 1319
33265393 1320 art := cat.Articles[uint32(convertedID)]
6988a057
JH		 1321 if art == nil {
1322 res = append(res, cc.NewReply(t))
1323 return res, err
1324 }
1325
6988a057 1326 res = append(res, cc.NewReply(t,
d005ef04
JH		 1327 NewField(FieldNewsArtTitle, []byte(art.Title)),
1328 NewField(FieldNewsArtPoster, []byte(art.Poster)),
95159e55
JH		 1329 NewField(FieldNewsArtDate, art.Date[:]),
1330 NewField(FieldNewsArtPrevArt, art.PrevArt[:]),
1331 NewField(FieldNewsArtNextArt, art.NextArt[:]),
1332 NewField(FieldNewsArtParentArt, art.ParentArt[:]),
1333 NewField(FieldNewsArt1stChildArt, art.FirstChildArt[:]),
d005ef04
JH		 1334 NewField(FieldNewsArtDataFlav, []byte("text/plain")),
1335 NewField(FieldNewsArtData, []byte(art.Data)),
6988a057
JH		 1336 ))
1337 return res, err
1338}
1339
8eb43f95
JH		 1340// HandleDelNewsItem deletes an existing threaded news folder or category from the server.
1341// Fields used in the request:
1342// 325 News path
1343// Fields used in the reply:
1344// None
6988a057 1345func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1346 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057 1347
6988a057 1348 cats := cc.Server.ThreadedNews.Categories
6988a057
JH		 1349 delName := pathStrs[len(pathStrs)-1]
1350 if len(pathStrs) > 1 {
7e2e07da
JH		 1351 for _, fp := range pathStrs[0 : len(pathStrs)-1] {
1352 cats = cats[fp].SubCats
6988a057
JH		 1353 }
1354 }
1355
9cf66aea 1356 if cats[delName].Type == [2]byte{0, 3} {
8eb43f95
JH		 1357 if !cc.Authorize(accessNewsDeleteCat) {
1358 return append(res, cc.NewErrReply(t, "You are not allowed to delete news categories.")), nil
1359 }
1360 } else {
1361 if !cc.Authorize(accessNewsDeleteFldr) {
1362 return append(res, cc.NewErrReply(t, "You are not allowed to delete news folders.")), nil
1363 }
1364 }
1365
6988a057
JH		 1366 delete(cats, delName)
1367
8eb43f95 1368 if err := cc.Server.writeThreadedNews(); err != nil {
6988a057
JH		 1369 return res, err
1370 }
1371
8eb43f95 1372 return append(res, cc.NewReply(t)), nil
6988a057
JH		 1373}
1374
1375func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1376 if !cc.Authorize(accessNewsDeleteArt) {
d4c152a4
JH		 1377 res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
1378 return res, err
1379 }
1380
6988a057
JH		 1381 // Request Fields
1382 // 325 News path
1383 // 326 News article ID
1384 // 337 News article – recursive delete Delete child articles (1) or not (0)
d005ef04
JH		 1385 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
1386 ID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
5890e1d2
JH		 1387 if err != nil {
1388 return res, err
1389 }
6988a057
JH		 1390
1391 // TODO: Delete recursive
1392 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1393
1394 catName := pathStrs[len(pathStrs)-1]
1395 cat := cats[catName]
1396
1397 delete(cat.Articles, uint32(ID))
1398
1399 cats[catName] = cat
1400 if err := cc.Server.writeThreadedNews(); err != nil {
1401 return res, err
1402 }
1403
1404 res = append(res, cc.NewReply(t))
1405 return res, err
1406}
1407
d4c152a4
JH		 1408// Request fields
1409// 325 News path
1410// 326 News article ID ID of the parent article?
1411// 328 News article title
1412// 334 News article flags
1413// 327 News article data flavor Currently “text/plain”
1414// 333 News article data
6988a057 1415func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1416 if !cc.Authorize(accessNewsPostArt) {
d4c152a4
JH		 1417 res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
1418 return res, err
1419 }
6988a057 1420
d005ef04 1421 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1422 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1423
1424 catName := pathStrs[len(pathStrs)-1]
1425 cat := cats[catName]
1426
d005ef04 1427 artID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
5890e1d2
JH		 1428 if err != nil {
1429 return res, err
1430 }
1431 convertedArtID := uint32(artID)
1432 bs := make([]byte, 4)
f808efcd 1433 binary.BigEndian.PutUint32(bs, convertedArtID)
5890e1d2 1434
0ed51327
JH		 1435 cc.Server.mux.Lock()
1436 defer cc.Server.mux.Unlock()
1437
6988a057 1438 newArt := NewsArtData{
d005ef04 1439 Title: string(t.GetField(FieldNewsArtTitle).Data),
72dd37f1 1440 Poster: string(cc.UserName),
3c9b1dcd 1441 Date: toHotlineTime(time.Now()),
95159e55
JH		 1442 PrevArt: [4]byte{},
1443 NextArt: [4]byte{},
1444 ParentArt: [4]byte(bs),
1445 FirstChildArt: [4]byte{},
6988a057 1446 DataFlav: []byte("text/plain"),
d005ef04 1447 Data: string(t.GetField(FieldNewsArtData).Data),
6988a057
JH		 1448 }
1449
1450 var keys []int
1451 for k := range cat.Articles {
1452 keys = append(keys, int(k))
1453 }
1454
1455 nextID := uint32(1)
1456 if len(keys) > 0 {
1457 sort.Ints(keys)
1458 prevID := uint32(keys[len(keys)-1])
1459 nextID = prevID + 1
1460
95159e55 1461 binary.BigEndian.PutUint32(newArt.PrevArt[:], prevID)
6988a057
JH		 1462
1463 // Set next article ID
95159e55 1464 binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt[:], nextID)
6988a057
JH		 1465 }
1466
1467 // Update parent article with first child reply
5890e1d2 1468 parentID := convertedArtID
6988a057 1469 if parentID != 0 {
5890e1d2 1470 parentArt := cat.Articles[parentID]
6988a057 1471
95159e55
JH		 1472 if parentArt.FirstChildArt == [4]byte{0, 0, 0, 0} {
1473 binary.BigEndian.PutUint32(parentArt.FirstChildArt[:], nextID)
6988a057
JH		 1474 }
1475 }
1476
1477 cat.Articles[nextID] = &newArt
1478
1479 cats[catName] = cat
1480 if err := cc.Server.writeThreadedNews(); err != nil {
1481 return res, err
1482 }
1483
1484 res = append(res, cc.NewReply(t))
1485 return res, err
1486}
1487
1488// HandleGetMsgs returns the flat news data
1489func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1490 if !cc.Authorize(accessNewsReadArt) {
481631f6
JH		 1491 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1492 return res, err
1493 }
1494
d005ef04 1495 res = append(res, cc.NewReply(t, NewField(FieldData, cc.Server.FlatNews)))
6988a057
JH		 1496
1497 return res, err
1498}
1499
1500func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1501 if !cc.Authorize(accessDownloadFile) {
481631f6
JH		 1502 res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
1503 return res, err
1504 }
1505
d005ef04
JH		 1506 fileName := t.GetField(FieldFileName).Data
1507 filePath := t.GetField(FieldFilePath).Data
1508 resumeData := t.GetField(FieldFileResumeData).Data
16a4ad70
JH		 1509
1510 var dataOffset int64
1511 var frd FileResumeData
1512 if resumeData != nil {
d005ef04 1513 if err := frd.UnmarshalBinary(t.GetField(FieldFileResumeData).Data); err != nil {
16a4ad70
JH		 1514 return res, err
1515 }
7cd900d6 1516 // TODO: handle rsrc fork offset
16a4ad70
JH		 1517 dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
1518 }
1519
7cd900d6 1520 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
92a7e455
JH		 1521 if err != nil {
1522 return res, err
1523 }
1524
7cd900d6 1525 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
6988a057
JH		 1526 if err != nil {
1527 return res, err
1528 }
1529
df1ade54 1530 xferSize := hlFile.ffo.TransferSize(0)
6988a057 1531
df1ade54 1532 ft := cc.newFileTransfer(FileDownload, fileName, filePath, xferSize)
6988a057 1533
7cd900d6 1534 // TODO: refactor to remove this
16a4ad70
JH		 1535 if resumeData != nil {
1536 var frd FileResumeData
d005ef04 1537 if err := frd.UnmarshalBinary(t.GetField(FieldFileResumeData).Data); err != nil {
d4c152a4
JH		 1538 return res, err
1539 }
16a4ad70
JH		 1540 ft.fileResumeData = &frd
1541 }
1542
d1cd6664
JH		 1543 // Optional field for when a HL v1.5+ client requests file preview
1544 // Used only for TEXT, JPEG, GIFF, BMP or PICT files
1545 // The value will always be 2
d005ef04
JH		 1546 if t.GetField(FieldFileTransferOptions).Data != nil {
1547 ft.options = t.GetField(FieldFileTransferOptions).Data
7cd900d6 1548 xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
d1cd6664
JH		 1549 }
1550
6988a057 1551 res = append(res, cc.NewReply(t,
d005ef04
JH		 1552 NewField(FieldRefNum, ft.refNum[:]),
1553 NewField(FieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1554 NewField(FieldTransferSize, xferSize),
1555 NewField(FieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
6988a057
JH		 1556 ))
1557
1558 return res, err
1559}
1560
1561// Download all files from the specified folder and sub-folders
6988a057 1562func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1563 if !cc.Authorize(accessDownloadFile) {
d4c152a4
JH		 1564 res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
1565 return res, err
1566 }
1567
d005ef04 1568 fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFilePath).Data, t.GetField(FieldFileName).Data)
aebc4d36
JH		 1569 if err != nil {
1570 return res, err
1571 }
92a7e455 1572
6988a057
JH		 1573 transferSize, err := CalcTotalSize(fullFilePath)
1574 if err != nil {
1575 return res, err
1576 }
1577 itemCount, err := CalcItemCount(fullFilePath)
1578 if err != nil {
1579 return res, err
1580 }
df1ade54 1581
d005ef04 1582 fileTransfer := cc.newFileTransfer(FolderDownload, t.GetField(FieldFileName).Data, t.GetField(FieldFilePath).Data, transferSize)
df1ade54
JH		 1583
1584 var fp FilePath
d005ef04 1585 _, err = fp.Write(t.GetField(FieldFilePath).Data)
df1ade54
JH		 1586 if err != nil {
1587 return res, err
1588 }
1589
6988a057 1590 res = append(res, cc.NewReply(t,
d005ef04
JH		 1591 NewField(FieldRefNum, fileTransfer.ReferenceNumber),
1592 NewField(FieldTransferSize, transferSize),
1593 NewField(FieldFolderItemCount, itemCount),
1594 NewField(FieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
6988a057
JH		 1595 ))
1596 return res, err
1597}
1598
1599// Upload all files from the local folder and its subfolders to the specified path on the server
1600// Fields used in the request
95159e55 1601// 201 File Name
6988a057 1602// 202 File path
df2735b2 1603// 108 transfer size Total size of all items in the folder
6988a057
JH		 1604// 220 Folder item count
1605// 204 File transfer options "Optional Currently set to 1" (TODO: ??)
1606func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
7e2e07da 1607 var fp FilePath
d005ef04
JH		 1608 if t.GetField(FieldFilePath).Data != nil {
1609 if _, err = fp.Write(t.GetField(FieldFilePath).Data); err != nil {
7e2e07da
JH		 1610 return res, err
1611 }
1612 }
1613
1614 // Handle special cases for Upload and Drop Box folders
187d6dc5 1615 if !cc.Authorize(accessUploadAnywhere) {
7e2e07da 1616 if !fp.IsUploadDir() && !fp.IsDropbox() {
d005ef04 1617 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(FieldFileName).Data))))
7e2e07da
JH		 1618 return res, err
1619 }
1620 }
1621
df1ade54 1622 fileTransfer := cc.newFileTransfer(FolderUpload,
d005ef04
JH		 1623 t.GetField(FieldFileName).Data,
1624 t.GetField(FieldFilePath).Data,
1625 t.GetField(FieldTransferSize).Data,
df1ade54
JH		 1626 )
1627
d005ef04 1628 fileTransfer.FolderItemCount = t.GetField(FieldFolderItemCount).Data
6988a057 1629
d005ef04 1630 res = append(res, cc.NewReply(t, NewField(FieldRefNum, fileTransfer.ReferenceNumber)))
6988a057
JH		 1631 return res, err
1632}
1633
7e2e07da 1634// HandleUploadFile
16a4ad70 1635// Fields used in the request:
95159e55 1636// 201 File Name
16a4ad70
JH		 1637// 202 File path
1638// 204 File transfer options "Optional
1639// Used only to resume download, currently has value 2"
1640// 108 File transfer size "Optional used if download is not resumed"
6988a057 1641func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1642 if !cc.Authorize(accessUploadFile) {
a0241c25
JH		 1643 res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
1644 return res, err
1645 }
1646
d005ef04
JH		 1647 fileName := t.GetField(FieldFileName).Data
1648 filePath := t.GetField(FieldFilePath).Data
1649 transferOptions := t.GetField(FieldFileTransferOptions).Data
1650 transferSize := t.GetField(FieldTransferSize).Data // not sent for resume
16a4ad70 1651
7e2e07da
JH		 1652 var fp FilePath
1653 if filePath != nil {
8fc43f8e 1654 if _, err = fp.Write(filePath); err != nil {
7e2e07da
JH		 1655 return res, err
1656 }
1657 }
1658
1659 // Handle special cases for Upload and Drop Box folders
187d6dc5 1660 if !cc.Authorize(accessUploadAnywhere) {
7e2e07da
JH		 1661 if !fp.IsUploadDir() && !fp.IsDropbox() {
1662 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
1663 return res, err
1664 }
1665 }
df1ade54
JH		 1666 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1667 if err != nil {
1668 return res, err
1669 }
7e2e07da 1670
df1ade54 1671 if _, err := cc.Server.FS.Stat(fullFilePath); err == nil {
95159e55 1672 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload because there is already a file named \"%v\". Try choosing a different Name.", string(fileName))))
df1ade54 1673 return res, err
6988a057
JH		 1674 }
1675
df1ade54
JH		 1676 ft := cc.newFileTransfer(FileUpload, fileName, filePath, transferSize)
1677
d005ef04 1678 replyT := cc.NewReply(t, NewField(FieldRefNum, ft.ReferenceNumber))
16a4ad70 1679
7cd900d6 1680 // client has requested to resume a partially transferred file
16a4ad70 1681 if transferOptions != nil {
b196a50a 1682 fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
16a4ad70
JH		 1683 if err != nil {
1684 return res, err
1685 }
1686
1687 offset := make([]byte, 4)
1688 binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
1689
1690 fileResumeData := NewFileResumeData([]ForkInfoList{
1691 *NewForkInfoList(offset),
1692 })
1693
1694 b, _ := fileResumeData.BinaryMarshal()
1695
df1ade54
JH		 1696 ft.TransferSize = offset
1697
d005ef04 1698 replyT.Fields = append(replyT.Fields, NewField(FieldFileResumeData, b))
16a4ad70
JH		 1699 }
1700
1701 res = append(res, replyT)
6988a057
JH		 1702 return res, err
1703}
1704
6988a057 1705func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 1706 if len(t.GetField(FieldUserIconID).Data) == 4 {
1707 cc.Icon = t.GetField(FieldUserIconID).Data[2:]
6988a057 1708 } else {
d005ef04 1709 cc.Icon = t.GetField(FieldUserIconID).Data
264b7c27
JH		 1710 }
1711 if cc.Authorize(accessAnyName) {
d005ef04 1712 cc.UserName = t.GetField(FieldUserName).Data
6988a057 1713 }
6988a057
JH		 1714
1715 // the options field is only passed by the client versions > 1.2.3.
d005ef04 1716 options := t.GetField(FieldOptions).Data
6988a057
JH		 1717 if options != nil {
1718 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
a7216f67 1719 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(cc.Flags)))
6988a057 1720
95159e55 1721 flagBitmap.SetBit(flagBitmap, UserFlagRefusePM, optBitmap.Bit(UserOptRefusePM))
a7216f67 1722 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057 1723
95159e55 1724 flagBitmap.SetBit(flagBitmap, UserFlagRefusePChat, optBitmap.Bit(UserOptRefuseChat))
a7216f67 1725 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1726
1727 // Check auto response
95159e55 1728 if optBitmap.Bit(UserOptAutoResponse) == 1 {
d005ef04 1729 cc.AutoReply = t.GetField(FieldAutomaticResponse).Data
6988a057 1730 } else {
aebc4d36 1731 cc.AutoReply = []byte{}
6988a057
JH		 1732 }
1733 }
1734
264b7c27
JH		 1735 for _, c := range sortedClients(cc.Server.Clients) {
1736 res = append(res, *NewTransaction(
d005ef04 1737 TranNotifyChangeUser,
264b7c27 1738 c.ID,
d005ef04
JH		 1739 NewField(FieldUserID, *cc.ID),
1740 NewField(FieldUserIconID, cc.Icon),
1741 NewField(FieldUserFlags, cc.Flags),
1742 NewField(FieldUserName, cc.UserName),
264b7c27
JH		 1743 ))
1744 }
6988a057
JH		 1745
1746 return res, err
1747}
1748
61c272e1
JH		 1749// HandleKeepAlive responds to keepalive transactions with an empty reply
1750// * HL 1.9.2 Client sends keepalive msg every 3 minutes
1751// * HL 1.2.3 Client doesn't send keepalives
6988a057
JH		 1752func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1753 res = append(res, cc.NewReply(t))
1754
1755 return res, err
1756}
1757
1758func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
92a7e455
JH		 1759 fullPath, err := readPath(
1760 cc.Server.Config.FileRoot,
d005ef04 1761 t.GetField(FieldFilePath).Data,
92a7e455
JH		 1762 nil,
1763 )
1764 if err != nil {
45ca5d60 1765 return res, fmt.Errorf("error reading file path: %w", err)
6988a057
JH		 1766 }
1767
7e2e07da 1768 var fp FilePath
d005ef04
JH		 1769 if t.GetField(FieldFilePath).Data != nil {
1770 if _, err = fp.Write(t.GetField(FieldFilePath).Data); err != nil {
45ca5d60 1771 return res, fmt.Errorf("error writing file path: %w", err)
7e2e07da
JH		 1772 }
1773 }
1774
1775 // Handle special case for drop box folders
187d6dc5 1776 if fp.IsDropbox() && !cc.Authorize(accessViewDropBoxes) {
2e08be58 1777 res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
7e2e07da
JH		 1778 return res, err
1779 }
1780
b8c0a83a 1781 fileNames, err := getFileNameList(fullPath, cc.Server.Config.IgnoreFiles)
6988a057 1782 if err != nil {
45ca5d60 1783 return res, fmt.Errorf("getFileNameList: %w", err)
6988a057
JH		 1784 }
1785
1786 res = append(res, cc.NewReply(t, fileNames...))
1787
1788 return res, err
1789}
1790
1791// =================================
1792// Hotline private chat flow
1793// =================================
d005ef04 1794// 1. ClientA sends TranInviteNewChat to server with user ID to invite
6988a057 1795// 2. Server creates new ChatID
d005ef04 1796// 3. Server sends TranInviteToChat to invitee
6988a057
JH		 1797// 4. Server replies to ClientA with new Chat ID
1798//
1799// A dialog box pops up in the invitee client with options to accept or decline the invitation.
1800// If Accepted is clicked:
d005ef04 1801// 1. ClientB sends TranJoinChat with FieldChatID
6988a057
JH		 1802
1803// HandleInviteNewChat invites users to new private chat
1804func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1805 if !cc.Authorize(accessOpenChat) {
d4c152a4
JH		 1806 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1807 return res, err
1808 }
1809
6988a057 1810 // Client to Invite
d005ef04 1811 targetID := t.GetField(FieldUserID).Data
6988a057
JH		 1812 newChatID := cc.Server.NewPrivateChat(cc)
1813
c1c44744
JH		 1814 // Check if target user has "Refuse private chat" flag
1815 binary.BigEndian.Uint16(targetID)
1816 targetClient := cc.Server.Clients[binary.BigEndian.Uint16(targetID)]
1817
1818 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(targetClient.Flags)))
b1658a46 1819 if flagBitmap.Bit(UserFlagRefusePChat) == 1 {
c1c44744
JH		 1820 res = append(res,
1821 *NewTransaction(
d005ef04 1822 TranServerMsg,
c1c44744 1823 cc.ID,
d005ef04
JH		 1824 NewField(FieldData, []byte(string(targetClient.UserName)+" does not accept private chats.")),
1825 NewField(FieldUserName, targetClient.UserName),
1826 NewField(FieldUserID, *targetClient.ID),
1827 NewField(FieldOptions, []byte{0, 2}),
c1c44744
JH		 1828 ),
1829 )
1830 } else {
1831 res = append(res,
1832 *NewTransaction(
d005ef04 1833 TranInviteToChat,
c1c44744 1834 &targetID,
d005ef04
JH		 1835 NewField(FieldChatID, newChatID),
1836 NewField(FieldUserName, cc.UserName),
1837 NewField(FieldUserID, *cc.ID),
c1c44744
JH		 1838 ),
1839 )
1840 }
6988a057
JH		 1841
1842 res = append(res,
1843 cc.NewReply(t,
d005ef04
JH		 1844 NewField(FieldChatID, newChatID),
1845 NewField(FieldUserName, cc.UserName),
1846 NewField(FieldUserID, *cc.ID),
1847 NewField(FieldUserIconID, cc.Icon),
1848 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1849 ),
1850 )
1851
1852 return res, err
1853}
1854
1855func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1856 if !cc.Authorize(accessOpenChat) {
d4c152a4
JH		 1857 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1858 return res, err
1859 }
1860
6988a057 1861 // Client to Invite
d005ef04
JH		 1862 targetID := t.GetField(FieldUserID).Data
1863 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1864
1865 res = append(res,
1866 *NewTransaction(
d005ef04 1867 TranInviteToChat,
6988a057 1868 &targetID,
d005ef04
JH		 1869 NewField(FieldChatID, chatID),
1870 NewField(FieldUserName, cc.UserName),
1871 NewField(FieldUserID, *cc.ID),
6988a057
JH		 1872 ),
1873 )
1874 res = append(res,
1875 cc.NewReply(
1876 t,
d005ef04
JH		 1877 NewField(FieldChatID, chatID),
1878 NewField(FieldUserName, cc.UserName),
1879 NewField(FieldUserID, *cc.ID),
1880 NewField(FieldUserIconID, cc.Icon),
1881 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1882 ),
1883 )
1884
1885 return res, err
1886}
1887
1888func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1889 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1890 chatInt := binary.BigEndian.Uint32(chatID)
1891
1892 privChat := cc.Server.PrivateChats[chatInt]
1893
72dd37f1 1894 resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
6988a057
JH		 1895
1896 for _, c := range sortedClients(privChat.ClientConn) {
1897 res = append(res,
1898 *NewTransaction(
d005ef04 1899 TranChatMsg,
6988a057 1900 c.ID,
d005ef04
JH		 1901 NewField(FieldChatID, chatID),
1902 NewField(FieldData, resMsg),
6988a057
JH		 1903 ),
1904 )
1905 }
1906
1907 return res, err
1908}
1909
1910// HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
1911// Fields used in the reply:
1912// * 115 Chat subject
95159e55 1913// * 300 User Name with info (Optional)
6988a057
JH		 1914// * 300 (more user names with info)
1915func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1916 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1917 chatInt := binary.BigEndian.Uint32(chatID)
1918
1919 privChat := cc.Server.PrivateChats[chatInt]
1920
d005ef04 1921 // Send TranNotifyChatChangeUser to current members of the chat to inform of new user
6988a057
JH		 1922 for _, c := range sortedClients(privChat.ClientConn) {
1923 res = append(res,
1924 *NewTransaction(
d005ef04 1925 TranNotifyChatChangeUser,
6988a057 1926 c.ID,
d005ef04
JH		 1927 NewField(FieldChatID, chatID),
1928 NewField(FieldUserName, cc.UserName),
1929 NewField(FieldUserID, *cc.ID),
1930 NewField(FieldUserIconID, cc.Icon),
1931 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1932 ),
1933 )
1934 }
1935
1936 privChat.ClientConn[cc.uint16ID()] = cc
1937
d005ef04 1938 replyFields := []Field{NewField(FieldChatSubject, []byte(privChat.Subject))}
6988a057 1939 for _, c := range sortedClients(privChat.ClientConn) {
9cf66aea
JH		 1940
1941 b, err := io.ReadAll(&User{
6988a057 1942 ID: *c.ID,
a7216f67
JH		 1943 Icon: c.Icon,
1944 Flags: c.Flags,
72dd37f1 1945 Name: string(c.UserName),
9cf66aea
JH		 1946 })
1947 if err != nil {
1948 return res, nil
6988a057 1949 }
9cf66aea 1950 replyFields = append(replyFields, NewField(FieldUsernameWithInfo, b))
6988a057
JH		 1951 }
1952
1953 res = append(res, cc.NewReply(t, replyFields...))
1954 return res, err
1955}
1956
1957// HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
1958// Fields used in the request:
d005ef04 1959// - 114 FieldChatID
33265393 1960//
6988a057
JH		 1961// Reply is not expected.
1962func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1963 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1964 chatInt := binary.BigEndian.Uint32(chatID)
1965
c74c1f28
JH		 1966 privChat, ok := cc.Server.PrivateChats[chatInt]
1967 if !ok {
1968 return res, nil
1969 }
6988a057
JH		 1970
1971 delete(privChat.ClientConn, cc.uint16ID())
1972
1973 // Notify members of the private chat that the user has left
1974 for _, c := range sortedClients(privChat.ClientConn) {
1975 res = append(res,
1976 *NewTransaction(
d005ef04 1977 TranNotifyChatDeleteUser,
6988a057 1978 c.ID,
d005ef04
JH		 1979 NewField(FieldChatID, chatID),
1980 NewField(FieldUserID, *cc.ID),
6988a057
JH		 1981 ),
1982 )
1983 }
1984
1985 return res, err
1986}
1987
1988// HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
1989// Fields used in the request:
1990// * 114 Chat ID
2d92d26e 1991// * 115 Chat subject
6988a057
JH		 1992// Reply is not expected.
1993func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1994 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1995 chatInt := binary.BigEndian.Uint32(chatID)
1996
1997 privChat := cc.Server.PrivateChats[chatInt]
d005ef04 1998 privChat.Subject = string(t.GetField(FieldChatSubject).Data)
6988a057
JH		 1999
2000 for _, c := range sortedClients(privChat.ClientConn) {
2001 res = append(res,
2002 *NewTransaction(
d005ef04 2003 TranNotifyChatSubject,
6988a057 2004 c.ID,
d005ef04
JH		 2005 NewField(FieldChatID, chatID),
2006 NewField(FieldChatSubject, t.GetField(FieldChatSubject).Data),
6988a057
JH		 2007 ),
2008 )
2009 }
2010
2011 return res, err
2012}
decc2fbf 2013
2d92d26e 2014// HandleMakeAlias makes a file alias using the specified path.
decc2fbf 2015// Fields used in the request:
95159e55 2016// 201 File Name
decc2fbf
JH		 2017// 202 File path
2018// 212 File new path Destination path
2019//
2020// Fields used in the reply:
2021// None
2022func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 2023 if !cc.Authorize(accessMakeAlias) {
decc2fbf
JH		 2024 res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
2025 return res, err
2026 }
d005ef04
JH		 2027 fileName := t.GetField(FieldFileName).Data
2028 filePath := t.GetField(FieldFilePath).Data
2029 fileNewPath := t.GetField(FieldFileNewPath).Data
decc2fbf
JH		 2030
2031 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
2032 if err != nil {
2033 return res, err
2034 }
2035
2036 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
2037 if err != nil {
2038 return res, err
2039 }
2040
a6216dd8 2041 cc.logger.Debug("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
decc2fbf 2042
b196a50a 2043 if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
decc2fbf
JH		 2044 res = append(res, cc.NewErrReply(t, "Error creating alias"))
2045 return res, nil
2046 }
2047
2048 res = append(res, cc.NewReply(t))
2049 return res, err
2050}
9067f234 2051
969e6481
JH		 2052// HandleDownloadBanner handles requests for a new banner from the server
2053// Fields used in the request:
2054// None
2055// Fields used in the reply:
d005ef04
JH		 2056// 107 FieldRefNum Used later for transfer
2057// 108 FieldTransferSize Size of data to be downloaded
9067f234 2058func HandleDownloadBanner(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
df1ade54 2059 ft := cc.newFileTransfer(bannerDownload, []byte{}, []byte{}, make([]byte, 4))
0ed51327 2060 binary.BigEndian.PutUint32(ft.TransferSize, uint32(len(cc.Server.banner)))
9067f234 2061
0ed51327 2062 return append(res, cc.NewReply(t,
d005ef04
JH		 2063 NewField(FieldRefNum, ft.refNum[:]),
2064 NewField(FieldTransferSize, ft.TransferSize),
0ed51327 2065 )), err
9067f234 2066}
Friendship Quest remix of mobius, a hotline server in go #cli