]> git.r.bdr.sh - rbdr/mobius/blame - hotline/transaction_handlers.go
git.r.bdr.sh / rbdr / mobius / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Refactor TrackerRegistration Read to io.Reader interface
[rbdr/mobius] / hotline / transaction_handlers.go
CommitLineData
6988a057
JH		 1package hotline
2
3import (
4 "bytes"
5 "encoding/binary"
6 "errors"
7 "fmt"
0197c3f5 8 "gopkg.in/yaml.v3"
6988a057
JH		 9 "math/big"
10 "os"
00d1ef67 11 "path"
2e08be58 12 "path/filepath"
6988a057
JH		 13 "sort"
14 "strings"
15 "time"
16)
17
d005ef04
JH		 18type HandlerFunc func(*ClientConn, *Transaction) ([]Transaction, error)
19
6988a057 20type TransactionType struct {
d005ef04
JH		 21 Handler HandlerFunc // function for handling the transaction type
22 Name string // Name of transaction as it will appear in logging
6988a057
JH		 23 RequiredFields []requiredField
24}
25
26var TransactionHandlers = map[uint16]TransactionType{
27 // Server initiated
d005ef04
JH		 28 TranChatMsg: {
29 Name: "TranChatMsg",
6988a057
JH		 30 },
31 // Server initiated
d005ef04
JH		 32 TranNotifyChangeUser: {
33 Name: "TranNotifyChangeUser",
6988a057 34 },
d005ef04
JH		 35 TranError: {
36 Name: "TranError",
6988a057 37 },
d005ef04
JH		 38 TranShowAgreement: {
39 Name: "TranShowAgreement",
6988a057 40 },
d005ef04
JH		 41 TranUserAccess: {
42 Name: "TranUserAccess",
6988a057 43 },
d005ef04
JH		 44 TranNotifyDeleteUser: {
45 Name: "TranNotifyDeleteUser",
5454019c 46 },
d005ef04
JH		 47 TranAgreed: {
48 Name: "TranAgreed",
6988a057
JH		 49 Handler: HandleTranAgreed,
50 },
d005ef04
JH		 51 TranChatSend: {
52 Name: "TranChatSend",
d4c152a4 53 Handler: HandleChatSend,
6988a057
JH		 54 RequiredFields: []requiredField{
55 {
d005ef04 56 ID: FieldData,
6988a057
JH		 57 minLen: 0,
58 },
59 },
60 },
d005ef04
JH		 61 TranDelNewsArt: {
62 Name: "TranDelNewsArt",
6988a057
JH		 63 Handler: HandleDelNewsArt,
64 },
d005ef04
JH		 65 TranDelNewsItem: {
66 Name: "TranDelNewsItem",
6988a057
JH		 67 Handler: HandleDelNewsItem,
68 },
d005ef04
JH		 69 TranDeleteFile: {
70 Name: "TranDeleteFile",
6988a057
JH		 71 Handler: HandleDeleteFile,
72 },
d005ef04
JH		 73 TranDeleteUser: {
74 Name: "TranDeleteUser",
6988a057
JH		 75 Handler: HandleDeleteUser,
76 },
d005ef04
JH		 77 TranDisconnectUser: {
78 Name: "TranDisconnectUser",
6988a057
JH		 79 Handler: HandleDisconnectUser,
80 },
d005ef04
JH		 81 TranDownloadFile: {
82 Name: "TranDownloadFile",
6988a057
JH		 83 Handler: HandleDownloadFile,
84 },
d005ef04
JH		 85 TranDownloadFldr: {
86 Name: "TranDownloadFldr",
6988a057
JH		 87 Handler: HandleDownloadFolder,
88 },
d005ef04
JH		 89 TranGetClientInfoText: {
90 Name: "TranGetClientInfoText",
df1ade54 91 Handler: HandleGetClientInfoText,
6988a057 92 },
d005ef04
JH		 93 TranGetFileInfo: {
94 Name: "TranGetFileInfo",
6988a057
JH		 95 Handler: HandleGetFileInfo,
96 },
d005ef04
JH		 97 TranGetFileNameList: {
98 Name: "TranGetFileNameList",
6988a057
JH		 99 Handler: HandleGetFileNameList,
100 },
d005ef04
JH		 101 TranGetMsgs: {
102 Name: "TranGetMsgs",
6988a057
JH		 103 Handler: HandleGetMsgs,
104 },
d005ef04
JH		 105 TranGetNewsArtData: {
106 Name: "TranGetNewsArtData",
6988a057
JH		 107 Handler: HandleGetNewsArtData,
108 },
d005ef04
JH		 109 TranGetNewsArtNameList: {
110 Name: "TranGetNewsArtNameList",
6988a057
JH		 111 Handler: HandleGetNewsArtNameList,
112 },
d005ef04
JH		 113 TranGetNewsCatNameList: {
114 Name: "TranGetNewsCatNameList",
6988a057
JH		 115 Handler: HandleGetNewsCatNameList,
116 },
d005ef04
JH		 117 TranGetUser: {
118 Name: "TranGetUser",
6988a057
JH		 119 Handler: HandleGetUser,
120 },
d005ef04 121 TranGetUserNameList: {
6988a057
JH		 122 Name: "tranHandleGetUserNameList",
123 Handler: HandleGetUserNameList,
124 },
d005ef04
JH		 125 TranInviteNewChat: {
126 Name: "TranInviteNewChat",
6988a057
JH		 127 Handler: HandleInviteNewChat,
128 },
d005ef04
JH		 129 TranInviteToChat: {
130 Name: "TranInviteToChat",
6988a057
JH		 131 Handler: HandleInviteToChat,
132 },
d005ef04
JH		 133 TranJoinChat: {
134 Name: "TranJoinChat",
6988a057
JH		 135 Handler: HandleJoinChat,
136 },
d005ef04
JH		 137 TranKeepAlive: {
138 Name: "TranKeepAlive",
6988a057
JH		 139 Handler: HandleKeepAlive,
140 },
d005ef04
JH		 141 TranLeaveChat: {
142 Name: "TranJoinChat",
6988a057
JH		 143 Handler: HandleLeaveChat,
144 },
d005ef04
JH		 145 TranListUsers: {
146 Name: "TranListUsers",
6988a057
JH		 147 Handler: HandleListUsers,
148 },
d005ef04
JH		 149 TranMoveFile: {
150 Name: "TranMoveFile",
6988a057
JH		 151 Handler: HandleMoveFile,
152 },
d005ef04
JH		 153 TranNewFolder: {
154 Name: "TranNewFolder",
6988a057
JH		 155 Handler: HandleNewFolder,
156 },
d005ef04
JH		 157 TranNewNewsCat: {
158 Name: "TranNewNewsCat",
6988a057
JH		 159 Handler: HandleNewNewsCat,
160 },
d005ef04
JH		 161 TranNewNewsFldr: {
162 Name: "TranNewNewsFldr",
6988a057
JH		 163 Handler: HandleNewNewsFldr,
164 },
d005ef04
JH		 165 TranNewUser: {
166 Name: "TranNewUser",
6988a057
JH		 167 Handler: HandleNewUser,
168 },
d005ef04
JH		 169 TranUpdateUser: {
170 Name: "TranUpdateUser",
d2810ae9
JH		 171 Handler: HandleUpdateUser,
172 },
d005ef04
JH		 173 TranOldPostNews: {
174 Name: "TranOldPostNews",
6988a057
JH		 175 Handler: HandleTranOldPostNews,
176 },
d005ef04
JH		 177 TranPostNewsArt: {
178 Name: "TranPostNewsArt",
6988a057
JH		 179 Handler: HandlePostNewsArt,
180 },
d005ef04
JH		 181 TranRejectChatInvite: {
182 Name: "TranRejectChatInvite",
6988a057
JH		 183 Handler: HandleRejectChatInvite,
184 },
d005ef04
JH		 185 TranSendInstantMsg: {
186 Name: "TranSendInstantMsg",
6988a057
JH		 187 Handler: HandleSendInstantMsg,
188 RequiredFields: []requiredField{
189 {
d005ef04 190 ID: FieldData,
6988a057
JH		 191 minLen: 0,
192 },
193 {
d005ef04 194 ID: FieldUserID,
6988a057
JH		 195 },
196 },
197 },
d005ef04
JH		 198 TranSetChatSubject: {
199 Name: "TranSetChatSubject",
6988a057
JH		 200 Handler: HandleSetChatSubject,
201 },
d005ef04
JH		 202 TranMakeFileAlias: {
203 Name: "TranMakeFileAlias",
decc2fbf
JH		 204 Handler: HandleMakeAlias,
205 RequiredFields: []requiredField{
d005ef04
JH		 206 {ID: FieldFileName, minLen: 1},
207 {ID: FieldFilePath, minLen: 1},
208 {ID: FieldFileNewPath, minLen: 1},
decc2fbf
JH		 209 },
210 },
d005ef04
JH		 211 TranSetClientUserInfo: {
212 Name: "TranSetClientUserInfo",
6988a057
JH		 213 Handler: HandleSetClientUserInfo,
214 },
d005ef04
JH		 215 TranSetFileInfo: {
216 Name: "TranSetFileInfo",
6988a057
JH		 217 Handler: HandleSetFileInfo,
218 },
d005ef04
JH		 219 TranSetUser: {
220 Name: "TranSetUser",
6988a057
JH		 221 Handler: HandleSetUser,
222 },
d005ef04
JH		 223 TranUploadFile: {
224 Name: "TranUploadFile",
6988a057
JH		 225 Handler: HandleUploadFile,
226 },
d005ef04
JH		 227 TranUploadFldr: {
228 Name: "TranUploadFldr",
6988a057
JH		 229 Handler: HandleUploadFolder,
230 },
d005ef04
JH		 231 TranUserBroadcast: {
232 Name: "TranUserBroadcast",
6988a057
JH		 233 Handler: HandleUserBroadcast,
234 },
d005ef04
JH		 235 TranDownloadBanner: {
236 Name: "TranDownloadBanner",
9067f234
JH		 237 Handler: HandleDownloadBanner,
238 },
6988a057
JH		 239}
240
241func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 242 if !cc.Authorize(accessSendChat) {
003a743e
JH		 243 res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
244 return res, err
245 }
246
6988a057 247 // Truncate long usernames
72dd37f1 248 trunc := fmt.Sprintf("%13s", cc.UserName)
d005ef04 249 formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(FieldData).Data)
6988a057
JH		 250
251 // By holding the option key, Hotline chat allows users to send /me formatted messages like:
252 // *** Halcyon does stuff
d005ef04 253 // This is indicated by the presence of the optional field FieldChatOptions set to a value of 1.
2e43fd4e 254 // Most clients do not send this option for normal chat messages.
d005ef04
JH		 255 if t.GetField(FieldChatOptions).Data != nil && bytes.Equal(t.GetField(FieldChatOptions).Data, []byte{0, 1}) {
256 formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(FieldData).Data)
6988a057
JH		 257 }
258
361928c9
JH		 259 // The ChatID field is used to identify messages as belonging to a private chat.
260 // All clients *except* Frogblast omit this field for public chat, but Frogblast sends a value of 00 00 00 00.
d005ef04 261 chatID := t.GetField(FieldChatID).Data
361928c9 262 if chatID != nil && !bytes.Equal([]byte{0, 0, 0, 0}, chatID) {
6988a057
JH		 263 chatInt := binary.BigEndian.Uint32(chatID)
264 privChat := cc.Server.PrivateChats[chatInt]
265
481631f6
JH		 266 clients := sortedClients(privChat.ClientConn)
267
6988a057 268 // send the message to all connected clients of the private chat
481631f6 269 for _, c := range clients {
6988a057 270 res = append(res, *NewTransaction(
d005ef04 271 TranChatMsg,
6988a057 272 c.ID,
d005ef04
JH		 273 NewField(FieldChatID, chatID),
274 NewField(FieldData, []byte(formattedMsg)),
6988a057
JH		 275 ))
276 }
277 return res, err
278 }
279
280 for _, c := range sortedClients(cc.Server.Clients) {
281 // Filter out clients that do not have the read chat permission
187d6dc5 282 if c.Authorize(accessReadChat) {
d005ef04 283 res = append(res, *NewTransaction(TranChatMsg, c.ID, NewField(FieldData, []byte(formattedMsg))))
6988a057
JH		 284 }
285 }
286
287 return res, err
288}
289
290// HandleSendInstantMsg sends instant message to the user on the current server.
291// Fields used in the request:
33265393 292//
6988a057
JH		 293// 103 User ID
294// 113 Options
295// One of the following values:
296// - User message (myOpt_UserMessage = 1)
297// - Refuse message (myOpt_RefuseMessage = 2)
298// - Refuse chat (myOpt_RefuseChat = 3)
299// - Automatic response (myOpt_AutomaticResponse = 4)"
300// 101 Data Optional
301// 214 Quoting message Optional
302//
aebc4d36 303// Fields used in the reply:
6988a057
JH		 304// None
305func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
69c2fb50
JH		 306 if !cc.Authorize(accessSendPrivMsg) {
307 res = append(res, cc.NewErrReply(t, "You are not allowed to send private messages."))
d0ba21fc 308 return res, errors.New("user is not allowed to send private messages")
69c2fb50
JH		 309 }
310
d005ef04
JH		 311 msg := t.GetField(FieldData)
312 ID := t.GetField(FieldUserID)
6988a057 313
aeec1015 314 reply := NewTransaction(
d005ef04 315 TranServerMsg,
5ae50876 316 &ID.Data,
d005ef04
JH		 317 NewField(FieldData, msg.Data),
318 NewField(FieldUserName, cc.UserName),
319 NewField(FieldUserID, *cc.ID),
320 NewField(FieldOptions, []byte{0, 1}),
6988a057 321 )
6988a057 322
d005ef04 323 // Later versions of Hotline include the original message in the FieldQuotingMsg field so
5ae50876 324 // the receiving client can display both the received message and what it is in reply to
d005ef04
JH		 325 if t.GetField(FieldQuotingMsg).Data != nil {
326 reply.Fields = append(reply.Fields, NewField(FieldQuotingMsg, t.GetField(FieldQuotingMsg).Data))
5ae50876
JH		 327 }
328
d0ba21fc
JH		 329 id, err := byteToInt(ID.Data)
330 if err != nil {
331 return res, errors.New("invalid client ID")
332 }
aeec1015
JH		 333 otherClient, ok := cc.Server.Clients[uint16(id)]
334 if !ok {
335 return res, errors.New("invalid client ID")
6988a057
JH		 336 }
337
38f710ec
JH		 338 // Check if target user has "Refuse private messages" flag
339 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(otherClient.Flags)))
1efbb15f 340 if flagBitmap.Bit(UserFlagRefusePM) == 1 {
38f710ec
JH		 341 res = append(res,
342 *NewTransaction(
d005ef04 343 TranServerMsg,
38f710ec 344 cc.ID,
d005ef04
JH		 345 NewField(FieldData, []byte(string(otherClient.UserName)+" does not accept private messages.")),
346 NewField(FieldUserName, otherClient.UserName),
347 NewField(FieldUserID, *otherClient.ID),
348 NewField(FieldOptions, []byte{0, 2}),
38f710ec
JH		 349 ),
350 )
351 } else {
352 res = append(res, *reply)
353 }
354
6988a057 355 // Respond with auto reply if other client has it enabled
aebc4d36 356 if len(otherClient.AutoReply) > 0 {
6988a057
JH		 357 res = append(res,
358 *NewTransaction(
d005ef04 359 TranServerMsg,
6988a057 360 cc.ID,
d005ef04
JH		 361 NewField(FieldData, otherClient.AutoReply),
362 NewField(FieldUserName, otherClient.UserName),
363 NewField(FieldUserID, *otherClient.ID),
364 NewField(FieldOptions, []byte{0, 1}),
6988a057
JH		 365 ),
366 )
367 }
368
369 res = append(res, cc.NewReply(t))
370
371 return res, err
372}
373
374func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 375 fileName := t.GetField(FieldFileName).Data
376 filePath := t.GetField(FieldFilePath).Data
6988a057 377
7cd900d6
JH		 378 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
379 if err != nil {
380 return res, err
381 }
382
383 fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
6988a057
JH		 384 if err != nil {
385 return res, err
386 }
387
2e1aec0f
JH		 388 encodedName, err := txtEncoder.String(fw.name)
389 if err != nil {
390 return res, fmt.Errorf("invalid filepath encoding: %w", err)
391 }
392
4a88189f 393 fields := []Field{
2e1aec0f 394 NewField(FieldFileName, []byte(encodedName)),
d005ef04
JH		 395 NewField(FieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
396 NewField(FieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
d005ef04
JH		 397 NewField(FieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
398 NewField(FieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
399 NewField(FieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
4a88189f
JH		 400 }
401
402 // Include the optional FileComment field if there is a comment.
403 if len(fw.ffo.FlatFileInformationFork.Comment) != 0 {
404 fields = append(fields, NewField(FieldFileComment, fw.ffo.FlatFileInformationFork.Comment))
405 }
406
407 // Include the FileSize field for files.
408 if !bytes.Equal(fw.ffo.FlatFileInformationFork.TypeSignature, []byte{0x66, 0x6c, 0x64, 0x72}) {
409 fields = append(fields, NewField(FieldFileSize, fw.totalSize()))
410 }
411
412 res = append(res, cc.NewReply(t, fields...))
6988a057
JH		 413 return res, err
414}
415
416// HandleSetFileInfo updates a file or folder name and/or comment from the Get Info window
6988a057
JH		 417// Fields used in the request:
418// * 201 File name
419// * 202 File path Optional
420// * 211 File new name Optional
421// * 210 File comment Optional
422// Fields used in the reply: None
423func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 424 fileName := t.GetField(FieldFileName).Data
425 filePath := t.GetField(FieldFilePath).Data
92a7e455
JH		 426
427 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
428 if err != nil {
429 return res, err
430 }
431
7cd900d6
JH		 432 fi, err := cc.Server.FS.Stat(fullFilePath)
433 if err != nil {
434 return res, err
435 }
436
437 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
438 if err != nil {
439 return res, err
440 }
d005ef04 441 if t.GetField(FieldFileComment).Data != nil {
7cd900d6
JH		 442 switch mode := fi.Mode(); {
443 case mode.IsDir():
187d6dc5 444 if !cc.Authorize(accessSetFolderComment) {
7cd900d6
JH		 445 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
446 return res, err
447 }
448 case mode.IsRegular():
187d6dc5 449 if !cc.Authorize(accessSetFileComment) {
7cd900d6
JH		 450 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
451 return res, err
452 }
453 }
454
d005ef04 455 if err := hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(FieldFileComment).Data); err != nil {
67db911d
JH		 456 return res, err
457 }
7cd900d6
JH		 458 w, err := hlFile.infoForkWriter()
459 if err != nil {
460 return res, err
461 }
462 _, err = w.Write(hlFile.ffo.FlatFileInformationFork.MarshalBinary())
463 if err != nil {
464 return res, err
465 }
466 }
467
d005ef04 468 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(FieldFileNewName).Data)
92a7e455
JH		 469 if err != nil {
470 return nil, err
471 }
472
d005ef04 473 fileNewName := t.GetField(FieldFileNewName).Data
6988a057
JH		 474
475 if fileNewName != nil {
6988a057
JH		 476 switch mode := fi.Mode(); {
477 case mode.IsDir():
187d6dc5 478 if !cc.Authorize(accessRenameFolder) {
6988a057
JH		 479 res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
480 return res, err
481 }
7cd900d6
JH		 482 err = os.Rename(fullFilePath, fullNewFilePath)
483 if os.IsNotExist(err) {
484 res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
485 return res, err
486 }
6988a057 487 case mode.IsRegular():
187d6dc5 488 if !cc.Authorize(accessRenameFile) {
6988a057
JH		 489 res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
490 return res, err
491 }
7cd900d6
JH		 492 fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
493 if err != nil {
494 return nil, err
495 }
2e1aec0f
JH		 496 hlFile.name, err = txtDecoder.String(string(fileNewName))
497 if err != nil {
498 return res, fmt.Errorf("invalid filepath encoding: %w", err)
499 }
500
7cd900d6
JH		 501 err = hlFile.move(fileDir)
502 if os.IsNotExist(err) {
503 res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
504 return res, err
505 }
506 if err != nil {
69af8ddb 507 return res, err
7cd900d6 508 }
6988a057
JH		 509 }
510 }
511
512 res = append(res, cc.NewReply(t))
513 return res, err
514}
515
516// HandleDeleteFile deletes a file or folder
517// Fields used in the request:
518// * 201 File name
519// * 202 File path
520// Fields used in the reply: none
521func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 522 fileName := t.GetField(FieldFileName).Data
523 filePath := t.GetField(FieldFilePath).Data
6988a057 524
92a7e455
JH		 525 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
526 if err != nil {
527 return res, err
528 }
6988a057 529
7cd900d6
JH		 530 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
531 if err != nil {
532 return res, err
533 }
6988a057 534
7cd900d6 535 fi, err := hlFile.dataFile()
6988a057 536 if err != nil {
92a7e455 537 res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
6988a057
JH		 538 return res, nil
539 }
7cd900d6 540
6988a057
JH		 541 switch mode := fi.Mode(); {
542 case mode.IsDir():
187d6dc5 543 if !cc.Authorize(accessDeleteFolder) {
6988a057
JH		 544 res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
545 return res, err
546 }
547 case mode.IsRegular():
187d6dc5 548 if !cc.Authorize(accessDeleteFile) {
6988a057
JH		 549 res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
550 return res, err
551 }
552 }
553
7cd900d6 554 if err := hlFile.delete(); err != nil {
6988a057
JH		 555 return res, err
556 }
557
558 res = append(res, cc.NewReply(t))
559 return res, err
560}
561
562// HandleMoveFile moves files or folders. Note: seemingly not documented
563func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 564 fileName := string(t.GetField(FieldFileName).Data)
7cd900d6 565
d005ef04 566 filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFilePath).Data, t.GetField(FieldFileName).Data)
7cd900d6
JH		 567 if err != nil {
568 return res, err
569 }
570
d005ef04 571 fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFileNewPath).Data, nil)
7cd900d6
JH		 572 if err != nil {
573 return res, err
574 }
6988a057 575
67db911d 576 cc.logger.Infow("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
6988a057 577
7cd900d6 578 hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
67db911d
JH		 579 if err != nil {
580 return res, err
581 }
7cd900d6
JH		 582
583 fi, err := hlFile.dataFile()
584 if err != nil {
585 res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
586 return res, err
587 }
6988a057
JH		 588 switch mode := fi.Mode(); {
589 case mode.IsDir():
187d6dc5 590 if !cc.Authorize(accessMoveFolder) {
6988a057
JH		 591 res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
592 return res, err
593 }
594 case mode.IsRegular():
187d6dc5 595 if !cc.Authorize(accessMoveFile) {
6988a057
JH		 596 res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
597 return res, err
598 }
599 }
7cd900d6 600 if err := hlFile.move(fileNewPath); err != nil {
6988a057
JH		 601 return res, err
602 }
7cd900d6 603 // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
6988a057
JH		 604
605 res = append(res, cc.NewReply(t))
606 return res, err
607}
608
609func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 610 if !cc.Authorize(accessCreateFolder) {
d4c152a4
JH		 611 res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
612 return res, err
613 }
d005ef04 614 folderName := string(t.GetField(FieldFileName).Data)
00d1ef67
JH		 615
616 folderName = path.Join("/", folderName)
6988a057 617
2e08be58
JH		 618 var subPath string
619
d005ef04
JH		 620 // FieldFilePath is only present for nested paths
621 if t.GetField(FieldFilePath).Data != nil {
72dd37f1 622 var newFp FilePath
d005ef04 623 _, err := newFp.Write(t.GetField(FieldFilePath).Data)
00d1ef67
JH		 624 if err != nil {
625 return nil, err
626 }
2e08be58
JH		 627
628 for _, pathItem := range newFp.Items {
629 subPath = filepath.Join("/", subPath, string(pathItem.Name))
630 }
6988a057 631 }
2e08be58 632 newFolderPath := path.Join(cc.Server.Config.FileRoot, subPath, folderName)
2e1aec0f
JH		 633 newFolderPath, err = txtDecoder.String(newFolderPath)
634 if err != nil {
635 return res, fmt.Errorf("invalid filepath encoding: %w", err)
636 }
6988a057 637
00d1ef67
JH		 638 // TODO: check path and folder name lengths
639
b196a50a 640 if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
00d1ef67
JH		 641 msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName)
642 return []Transaction{cc.NewErrReply(t, msg)}, nil
643 }
644
b196a50a 645 if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
00d1ef67
JH		 646 msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
647 return []Transaction{cc.NewErrReply(t, msg)}, nil
6988a057
JH		 648 }
649
650 res = append(res, cc.NewReply(t))
651 return res, err
652}
653
654func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 655 if !cc.Authorize(accessModifyUser) {
d4c152a4
JH		 656 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
657 return res, err
658 }
659
76d0c1f6 660 login := decodeString(t.GetField(FieldUserLogin).Data)
d005ef04 661 userName := string(t.GetField(FieldUserName).Data)
6988a057 662
d005ef04 663 newAccessLvl := t.GetField(FieldUserAccess).Data
6988a057
JH		 664
665 account := cc.Server.Accounts[login]
180d6544
JH		 666 if account == nil {
667 return append(res, cc.NewErrReply(t, "Account not found.")), nil
668 }
6988a057 669 account.Name = userName
187d6dc5 670 copy(account.Access[:], newAccessLvl)
6988a057
JH		 671
672 // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
d005ef04
JH		 673 // not include FieldUserPassword
674 if t.GetField(FieldUserPassword).Data == nil {
6988a057
JH		 675 account.Password = hashAndSalt([]byte(""))
676 }
180d6544
JH		 677
678 if !bytes.Equal([]byte{0}, t.GetField(FieldUserPassword).Data) {
d005ef04 679 account.Password = hashAndSalt(t.GetField(FieldUserPassword).Data)
6988a057
JH		 680 }
681
6988a057
JH		 682 out, err := yaml.Marshal(&account)
683 if err != nil {
684 return res, err
685 }
31658ca1 686 if err := os.WriteFile(filepath.Join(cc.Server.ConfigDir, "Users", login+".yaml"), out, 0666); err != nil {
6988a057
JH		 687 return res, err
688 }
689
690 // Notify connected clients logged in as the user of the new access level
691 for _, c := range cc.Server.Clients {
692 if c.Account.Login == login {
693 // Note: comment out these two lines to test server-side deny messages
d005ef04 694 newT := NewTransaction(TranUserAccess, c.ID, NewField(FieldUserAccess, newAccessLvl))
6988a057
JH		 695 res = append(res, *newT)
696
a7216f67 697 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(c.Flags)))
43754e31 698 if c.Authorize(accessDisconUser) {
b1658a46 699 flagBitmap.SetBit(flagBitmap, UserFlagAdmin, 1)
6988a057 700 } else {
b1658a46 701 flagBitmap.SetBit(flagBitmap, UserFlagAdmin, 0)
6988a057 702 }
a7216f67 703 binary.BigEndian.PutUint16(c.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 704
705 c.Account.Access = account.Access
706
707 cc.sendAll(
d005ef04
JH		 708 TranNotifyChangeUser,
709 NewField(FieldUserID, *c.ID),
710 NewField(FieldUserFlags, c.Flags),
711 NewField(FieldUserName, c.UserName),
712 NewField(FieldUserIconID, c.Icon),
6988a057
JH		 713 )
714 }
715 }
716
6988a057
JH		 717 res = append(res, cc.NewReply(t))
718 return res, err
719}
720
721func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 722 if !cc.Authorize(accessOpenUser) {
003a743e
JH		 723 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
724 return res, err
725 }
726
d005ef04 727 account := cc.Server.Accounts[string(t.GetField(FieldUserLogin).Data)]
6988a057 728 if account == nil {
481631f6 729 res = append(res, cc.NewErrReply(t, "Account does not exist."))
6988a057
JH		 730 return res, err
731 }
732
733 res = append(res, cc.NewReply(t,
d005ef04 734 NewField(FieldUserName, []byte(account.Name)),
76d0c1f6 735 NewField(FieldUserLogin, encodeString(t.GetField(FieldUserLogin).Data)),
d005ef04
JH		 736 NewField(FieldUserPassword, []byte(account.Password)),
737 NewField(FieldUserAccess, account.Access[:]),
6988a057
JH		 738 ))
739 return res, err
740}
741
742func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 743 if !cc.Authorize(accessOpenUser) {
481631f6
JH		 744 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
745 return res, err
746 }
747
6988a057 748 var userFields []Field
6988a057 749 for _, acc := range cc.Server.Accounts {
926c7f55
JH		 750 b := make([]byte, 0, 100)
751 n, err := acc.Read(b)
752 if err != nil {
753 return res, err
754 }
755
d005ef04 756 userFields = append(userFields, NewField(FieldData, b[:n]))
6988a057
JH		 757 }
758
759 res = append(res, cc.NewReply(t, userFields...))
760 return res, err
761}
762
d2810ae9
JH		 763// HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
764// An update can be a mix of these actions:
765// * Create user
766// * Delete user
767// * Modify user (including renaming the account login)
768//
769// The Transaction sent by the client includes one data field per user that was modified. This data field in turn
770// contains another data field encoded in its payload with a varying number of sub fields depending on which action is
771// performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
772func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
773 for _, field := range t.Fields {
774 subFields, err := ReadFields(field.Data[0:2], field.Data[2:])
775 if err != nil {
776 return res, err
777 }
778
b8b0a6c9 779 // If there's only one subfield, that indicates this is a delete operation for the login in FieldData
d2810ae9 780 if len(subFields) == 1 {
187d6dc5 781 if !cc.Authorize(accessDeleteUser) {
d2810ae9
JH		 782 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
783 return res, err
784 }
785
b8b0a6c9
JH		 786 login := decodeString(getField(FieldData, &subFields).Data)
787 cc.logger.Infow("DeleteUser", "login", login)
788
d2810ae9
JH		 789 if err := cc.Server.DeleteUser(login); err != nil {
790 return res, err
791 }
792 continue
793 }
794
b8b0a6c9
JH		 795 // login of the account to update
796 var accountToUpdate, loginToRename string
797
798 // If FieldData is included, this is a rename operation where FieldData contains the login of the existing
799 // account and FieldUserLogin contains the new login.
800 if getField(FieldData, &subFields) != nil {
801 loginToRename = decodeString(getField(FieldData, &subFields).Data)
802 }
803 userLogin := decodeString(getField(FieldUserLogin, &subFields).Data)
804 if loginToRename != "" {
805 accountToUpdate = loginToRename
806 } else {
807 accountToUpdate = userLogin
808 }
d2810ae9 809
b8b0a6c9
JH		 810 // Check if accountToUpdate has an existing account. If so, we know we are updating an existing user.
811 if acc, ok := cc.Server.Accounts[accountToUpdate]; ok {
812 if loginToRename != "" {
813 cc.logger.Infow("RenameUser", "prevLogin", accountToUpdate, "newLogin", userLogin)
814 } else {
815 cc.logger.Infow("UpdateUser", "login", accountToUpdate)
816 }
d2810ae9 817
b33477b0 818 // account exists, so this is an update action
187d6dc5 819 if !cc.Authorize(accessModifyUser) {
d2810ae9 820 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
180d6544 821 return res, nil
d2810ae9
JH		 822 }
823
b33477b0
JH		 824 // This part is a bit tricky. There are three possibilities:
825 // 1) The transaction is intended to update the password.
826 // In this case, FieldUserPassword is sent with the new password.
827 // 2) The transaction is intended to remove the password.
828 // In this case, FieldUserPassword is not sent.
829 // 3) The transaction updates the users access bits, but not the password.
180d6544 830 // In this case, FieldUserPassword is sent with zero as the only byte.
d005ef04
JH		 831 if getField(FieldUserPassword, &subFields) != nil {
832 newPass := getField(FieldUserPassword, &subFields).Data
b33477b0
JH		 833 if !bytes.Equal([]byte{0}, newPass) {
834 acc.Password = hashAndSalt(newPass)
835 }
d2810ae9
JH		 836 } else {
837 acc.Password = hashAndSalt([]byte(""))
838 }
839
d005ef04
JH		 840 if getField(FieldUserAccess, &subFields) != nil {
841 copy(acc.Access[:], getField(FieldUserAccess, &subFields).Data)
d2810ae9
JH		 842 }
843
844 err = cc.Server.UpdateUser(
76d0c1f6
JH		 845 decodeString(getField(FieldData, &subFields).Data),
846 decodeString(getField(FieldUserLogin, &subFields).Data),
d005ef04 847 string(getField(FieldUserName, &subFields).Data),
d2810ae9 848 acc.Password,
187d6dc5 849 acc.Access,
d2810ae9
JH		 850 )
851 if err != nil {
852 return res, err
853 }
854 } else {
187d6dc5 855 if !cc.Authorize(accessCreateUser) {
d2810ae9 856 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
180d6544 857 return res, nil
d2810ae9
JH		 858 }
859
b8b0a6c9
JH		 860 cc.logger.Infow("CreateUser", "login", userLogin)
861
187d6dc5 862 newAccess := accessBitmap{}
aeb97482 863 copy(newAccess[:], getField(FieldUserAccess, &subFields).Data)
187d6dc5 864
ecb1fcd9
JH		 865 // Prevent account from creating new account with greater permission
866 for i := 0; i < 64; i++ {
867 if newAccess.IsSet(i) {
868 if !cc.Authorize(i) {
180d6544 869 return append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself.")), nil
ecb1fcd9
JH		 870 }
871 }
872 }
873
b8b0a6c9 874 err = cc.Server.NewUser(userLogin, string(getField(FieldUserName, &subFields).Data), string(getField(FieldUserPassword, &subFields).Data), newAccess)
d2810ae9 875 if err != nil {
180d6544 876 return append(res, cc.NewErrReply(t, "Cannot create account because there is already an account with that login.")), nil
d2810ae9
JH		 877 }
878 }
879 }
880
881 res = append(res, cc.NewReply(t))
882 return res, err
883}
884
6988a057
JH		 885// HandleNewUser creates a new user account
886func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 887 if !cc.Authorize(accessCreateUser) {
481631f6
JH		 888 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
889 return res, err
890 }
891
76d0c1f6 892 login := decodeString(t.GetField(FieldUserLogin).Data)
6988a057 893
7cd900d6 894 // If the account already dataFile, reply with an error
6988a057
JH		 895 if _, ok := cc.Server.Accounts[login]; ok {
896 res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
897 return res, err
898 }
899
187d6dc5 900 newAccess := accessBitmap{}
aeb97482 901 copy(newAccess[:], t.GetField(FieldUserAccess).Data)
187d6dc5 902
ecb1fcd9
JH		 903 // Prevent account from creating new account with greater permission
904 for i := 0; i < 64; i++ {
905 if newAccess.IsSet(i) {
906 if !cc.Authorize(i) {
907 res = append(res, cc.NewErrReply(t, "Cannot create account with more access than yourself."))
908 return res, err
909 }
910 }
911 }
912
d005ef04 913 if err := cc.Server.NewUser(login, string(t.GetField(FieldUserName).Data), string(t.GetField(FieldUserPassword).Data), newAccess); err != nil {
180d6544
JH		 914 res = append(res, cc.NewErrReply(t, "Cannot create account because there is already an account with that login."))
915 return res, err
6988a057
JH		 916 }
917
918 res = append(res, cc.NewReply(t))
919 return res, err
920}
921
922func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 923 if !cc.Authorize(accessDeleteUser) {
003a743e 924 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
180d6544 925 return res, nil
003a743e
JH		 926 }
927
76d0c1f6 928 login := decodeString(t.GetField(FieldUserLogin).Data)
6988a057
JH		 929
930 if err := cc.Server.DeleteUser(login); err != nil {
931 return res, err
932 }
933
934 res = append(res, cc.NewReply(t))
935 return res, err
936}
937
938// HandleUserBroadcast sends an Administrator Message to all connected clients of the server
939func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 940 if !cc.Authorize(accessBroadcast) {
d4c152a4
JH		 941 res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
942 return res, err
943 }
944
6988a057 945 cc.sendAll(
d005ef04
JH		 946 TranServerMsg,
947 NewField(FieldData, t.GetField(TranGetMsgs).Data),
948 NewField(FieldChatOptions, []byte{0}),
6988a057
JH		 949 )
950
951 res = append(res, cc.NewReply(t))
952 return res, err
953}
954
df1ade54
JH		 955// HandleGetClientInfoText returns user information for the specific user.
956//
957// Fields used in the request:
958// 103 User ID
959//
960// Fields used in the reply:
961// 102 User name
962// 101 Data User info text string
963func HandleGetClientInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 964 if !cc.Authorize(accessGetClientInfo) {
df1ade54 965 res = append(res, cc.NewErrReply(t, "You are not allowed to get client info."))
d4c152a4
JH		 966 return res, err
967 }
968
d005ef04 969 clientID, _ := byteToInt(t.GetField(FieldUserID).Data)
6988a057
JH		 970
971 clientConn := cc.Server.Clients[uint16(clientID)]
972 if clientConn == nil {
df1ade54 973 return append(res, cc.NewErrReply(t, "User not found.")), err
6988a057
JH		 974 }
975
6988a057 976 res = append(res, cc.NewReply(t,
d005ef04
JH		 977 NewField(FieldData, []byte(clientConn.String())),
978 NewField(FieldUserName, clientConn.UserName),
6988a057
JH		 979 ))
980 return res, err
981}
982
983func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
984 res = append(res, cc.NewReply(t, cc.Server.connectedUsers()...))
985
986 return res, err
987}
988
6988a057 989func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 990 if t.GetField(FieldUserName).Data != nil {
ea5d8c51 991 if cc.Authorize(accessAnyName) {
d005ef04 992 cc.UserName = t.GetField(FieldUserName).Data
ea5d8c51
JH		 993 } else {
994 cc.UserName = []byte(cc.Account.Name)
995 }
996 }
997
d005ef04 998 cc.Icon = t.GetField(FieldUserIconID).Data
6988a057 999
67db911d 1000 cc.logger = cc.logger.With("name", string(cc.UserName))
0db54aa7 1001 cc.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%v", func() int { i, _ := byteToInt(cc.Version); return i }()))
67db911d 1002
d005ef04 1003 options := t.GetField(FieldOptions).Data
6988a057
JH		 1004 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
1005
a7216f67 1006 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(cc.Flags)))
6988a057
JH		 1007
1008 // Check refuse private PM option
1009 if optBitmap.Bit(refusePM) == 1 {
b1658a46 1010 flagBitmap.SetBit(flagBitmap, UserFlagRefusePM, 1)
a7216f67 1011 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1012 }
1013
1014 // Check refuse private chat option
1015 if optBitmap.Bit(refuseChat) == 1 {
b1658a46 1016 flagBitmap.SetBit(flagBitmap, UserFlagRefusePChat, 1)
a7216f67 1017 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1018 }
1019
1020 // Check auto response
1021 if optBitmap.Bit(autoResponse) == 1 {
d005ef04 1022 cc.AutoReply = t.GetField(FieldAutomaticResponse).Data
6988a057 1023 } else {
aebc4d36 1024 cc.AutoReply = []byte{}
6988a057
JH		 1025 }
1026
ea5d8c51 1027 trans := cc.notifyOthers(
003a743e 1028 *NewTransaction(
d005ef04
JH		 1029 TranNotifyChangeUser, nil,
1030 NewField(FieldUserName, cc.UserName),
1031 NewField(FieldUserID, *cc.ID),
1032 NewField(FieldUserIconID, cc.Icon),
1033 NewField(FieldUserFlags, cc.Flags),
003a743e 1034 ),
ea5d8c51
JH		 1035 )
1036 res = append(res, trans...)
6988a057 1037
9067f234 1038 if cc.Server.Config.BannerFile != "" {
d005ef04 1039 res = append(res, *NewTransaction(TranServerBanner, cc.ID, NewField(FieldBannerType, []byte("JPEG"))))
9067f234
JH		 1040 }
1041
6988a057
JH		 1042 res = append(res, cc.NewReply(t))
1043
1044 return res, err
1045}
1046
6988a057
JH		 1047// HandleTranOldPostNews updates the flat news
1048// Fields used in this request:
1049// 101 Data
1050func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1051 if !cc.Authorize(accessNewsPostArt) {
d4c152a4
JH		 1052 res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
1053 return res, err
1054 }
1055
6988a057
JH		 1056 cc.Server.flatNewsMux.Lock()
1057 defer cc.Server.flatNewsMux.Unlock()
1058
1059 newsDateTemplate := defaultNewsDateFormat
1060 if cc.Server.Config.NewsDateFormat != "" {
1061 newsDateTemplate = cc.Server.Config.NewsDateFormat
1062 }
1063
1064 newsTemplate := defaultNewsTemplate
1065 if cc.Server.Config.NewsDelimiter != "" {
1066 newsTemplate = cc.Server.Config.NewsDelimiter
1067 }
1068
d005ef04 1069 newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(FieldData).Data)
c8bfd606 1070 newsPost = strings.ReplaceAll(newsPost, "\n", "\r")
6988a057 1071
4d64a5b9
JH		 1072 // update news in memory
1073 cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
1074
6988a057 1075 // update news on disk
8a1512f9 1076 if err := cc.Server.FS.WriteFile(filepath.Join(cc.Server.ConfigDir, "MessageBoard.txt"), cc.Server.FlatNews, 0644); err != nil {
6988a057
JH		 1077 return res, err
1078 }
1079
1080 // Notify all clients of updated news
1081 cc.sendAll(
d005ef04
JH		 1082 TranNewMsg,
1083 NewField(FieldData, []byte(newsPost)),
6988a057
JH		 1084 )
1085
1086 res = append(res, cc.NewReply(t))
1087 return res, err
1088}
1089
1090func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1091 if !cc.Authorize(accessDisconUser) {
d4c152a4
JH		 1092 res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
1093 return res, err
1094 }
1095
d005ef04 1096 clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(FieldUserID).Data)]
6988a057 1097
187d6dc5 1098 if clientConn.Authorize(accessCannotBeDiscon) {
6988a057
JH		 1099 res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
1100 return res, err
1101 }
1102
d005ef04 1103 // If FieldOptions is set, then the client IP is banned in addition to disconnected.
46862572
JH		 1104 // 00 01 = temporary ban
1105 // 00 02 = permanent ban
d005ef04
JH		 1106 if t.GetField(FieldOptions).Data != nil {
1107 switch t.GetField(FieldOptions).Data[1] {
46862572
JH		 1108 case 1:
1109 // send message: "You are temporarily banned on this server"
1110 cc.logger.Infow("Disconnect & temporarily ban " + string(clientConn.UserName))
1111
1112 res = append(res, *NewTransaction(
d005ef04 1113 TranServerMsg,
46862572 1114 clientConn.ID,
d005ef04
JH		 1115 NewField(FieldData, []byte("You are temporarily banned on this server")),
1116 NewField(FieldChatOptions, []byte{0, 0}),
46862572
JH		 1117 ))
1118
1119 banUntil := time.Now().Add(tempBanDuration)
1120 cc.Server.banList[strings.Split(clientConn.RemoteAddr, ":")[0]] = &banUntil
46862572
JH		 1121 case 2:
1122 // send message: "You are permanently banned on this server"
1123 cc.logger.Infow("Disconnect & ban " + string(clientConn.UserName))
1124
1125 res = append(res, *NewTransaction(
d005ef04 1126 TranServerMsg,
46862572 1127 clientConn.ID,
d005ef04
JH		 1128 NewField(FieldData, []byte("You are permanently banned on this server")),
1129 NewField(FieldChatOptions, []byte{0, 0}),
46862572
JH		 1130 ))
1131
1132 cc.Server.banList[strings.Split(clientConn.RemoteAddr, ":")[0]] = nil
b1658a46
JH		 1133 }
1134
1135 err := cc.Server.writeBanList()
1136 if err != nil {
1137 return res, err
46862572 1138 }
6988a057
JH		 1139 }
1140
46862572
JH		 1141 // TODO: remove this awful hack
1142 go func() {
1143 time.Sleep(1 * time.Second)
1144 clientConn.Disconnect()
1145 }()
1146
1147 return append(res, cc.NewReply(t)), err
6988a057
JH		 1148}
1149
d4c152a4
JH		 1150// HandleGetNewsCatNameList returns a list of news categories for a path
1151// Fields used in the request:
1152// 325 News path (Optional)
6988a057 1153func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1154 if !cc.Authorize(accessNewsReadArt) {
d4c152a4
JH		 1155 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1156 return res, err
1157 }
6988a057 1158
d005ef04 1159 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1160 cats := cc.Server.GetNewsCatByPath(pathStrs)
1161
1162 // To store the keys in slice in sorted order
1163 keys := make([]string, len(cats))
1164 i := 0
1165 for k := range cats {
1166 keys[i] = k
1167 i++
1168 }
1169 sort.Strings(keys)
1170
1171 var fieldData []Field
1172 for _, k := range keys {
1173 cat := cats[k]
72dd37f1 1174 b, _ := cat.MarshalBinary()
6988a057 1175 fieldData = append(fieldData, NewField(
d005ef04 1176 FieldNewsCatListData15,
72dd37f1 1177 b,
6988a057
JH		 1178 ))
1179 }
1180
1181 res = append(res, cc.NewReply(t, fieldData...))
1182 return res, err
1183}
1184
1185func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1186 if !cc.Authorize(accessNewsCreateCat) {
d4c152a4
JH		 1187 res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
1188 return res, err
1189 }
1190
d005ef04
JH		 1191 name := string(t.GetField(FieldNewsCatName).Data)
1192 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1193
1194 cats := cc.Server.GetNewsCatByPath(pathStrs)
1195 cats[name] = NewsCategoryListData15{
1196 Name: name,
1197 Type: []byte{0, 3},
1198 Articles: map[uint32]*NewsArtData{},
1199 SubCats: make(map[string]NewsCategoryListData15),
1200 }
1201
1202 if err := cc.Server.writeThreadedNews(); err != nil {
1203 return res, err
1204 }
1205 res = append(res, cc.NewReply(t))
1206 return res, err
1207}
1208
d4c152a4
JH		 1209// Fields used in the request:
1210// 322 News category name
1211// 325 News path
6988a057 1212func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1213 if !cc.Authorize(accessNewsCreateFldr) {
d4c152a4
JH		 1214 res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
1215 return res, err
1216 }
1217
d005ef04
JH		 1218 name := string(t.GetField(FieldFileName).Data)
1219 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057 1220
67db911d 1221 cc.logger.Infof("Creating new news folder %s", name)
6988a057
JH		 1222
1223 cats := cc.Server.GetNewsCatByPath(pathStrs)
1224 cats[name] = NewsCategoryListData15{
1225 Name: name,
1226 Type: []byte{0, 2},
1227 Articles: map[uint32]*NewsArtData{},
1228 SubCats: make(map[string]NewsCategoryListData15),
1229 }
1230 if err := cc.Server.writeThreadedNews(); err != nil {
1231 return res, err
1232 }
1233 res = append(res, cc.NewReply(t))
1234 return res, err
1235}
1236
33265393
JH		 1237// HandleGetNewsArtData gets the list of article names at the specified news path.
1238
6988a057
JH		 1239// Fields used in the request:
1240// 325 News path Optional
33265393
JH		 1241
1242// Fields used in the reply:
6988a057
JH		 1243// 321 News article list data Optional
1244func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1245 if !cc.Authorize(accessNewsReadArt) {
d4c152a4
JH		 1246 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1247 return res, err
1248 }
d005ef04 1249 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1250
1251 var cat NewsCategoryListData15
1252 cats := cc.Server.ThreadedNews.Categories
1253
003a743e
JH		 1254 for _, fp := range pathStrs {
1255 cat = cats[fp]
1256 cats = cats[fp].SubCats
6988a057
JH		 1257 }
1258
1259 nald := cat.GetNewsArtListData()
1260
d005ef04 1261 res = append(res, cc.NewReply(t, NewField(FieldNewsArtListData, nald.Payload())))
6988a057
JH		 1262 return res, err
1263}
1264
33265393
JH		 1265// HandleGetNewsArtData requests information about the specific news article.
1266// Fields used in the request:
1267//
1268// Request fields
1269// 325 News path
1270// 326 News article ID
1271// 327 News article data flavor
1272//
1273// Fields used in the reply:
1274// 328 News article title
1275// 329 News article poster
1276// 330 News article date
1277// 331 Previous article ID
1278// 332 Next article ID
1279// 335 Parent article ID
1280// 336 First child article ID
1281// 327 News article data flavor "Should be “text/plain”
1282// 333 News article data Optional (if data flavor is “text/plain”)
6988a057 1283func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1284 if !cc.Authorize(accessNewsReadArt) {
d4c152a4
JH		 1285 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1286 return res, err
1287 }
1288
6988a057
JH		 1289 var cat NewsCategoryListData15
1290 cats := cc.Server.ThreadedNews.Categories
1291
d005ef04 1292 for _, fp := range ReadNewsPath(t.GetField(FieldNewsPath).Data) {
003a743e
JH		 1293 cat = cats[fp]
1294 cats = cats[fp].SubCats
6988a057 1295 }
6988a057 1296
33265393
JH		 1297 // The official Hotline clients will send the article ID as 2 bytes if possible, but
1298 // some third party clients such as Frogblast and Heildrun will always send 4 bytes
d005ef04 1299 convertedID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
33265393
JH		 1300 if err != nil {
1301 return res, err
1302 }
6988a057 1303
33265393 1304 art := cat.Articles[uint32(convertedID)]
6988a057
JH		 1305 if art == nil {
1306 res = append(res, cc.NewReply(t))
1307 return res, err
1308 }
1309
6988a057 1310 res = append(res, cc.NewReply(t,
d005ef04
JH		 1311 NewField(FieldNewsArtTitle, []byte(art.Title)),
1312 NewField(FieldNewsArtPoster, []byte(art.Poster)),
1313 NewField(FieldNewsArtDate, art.Date),
1314 NewField(FieldNewsArtPrevArt, art.PrevArt),
1315 NewField(FieldNewsArtNextArt, art.NextArt),
1316 NewField(FieldNewsArtParentArt, art.ParentArt),
1317 NewField(FieldNewsArt1stChildArt, art.FirstChildArt),
1318 NewField(FieldNewsArtDataFlav, []byte("text/plain")),
1319 NewField(FieldNewsArtData, []byte(art.Data)),
6988a057
JH		 1320 ))
1321 return res, err
1322}
1323
8eb43f95
JH		 1324// HandleDelNewsItem deletes an existing threaded news folder or category from the server.
1325// Fields used in the request:
1326// 325 News path
1327// Fields used in the reply:
1328// None
6988a057 1329func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1330 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057 1331
6988a057 1332 cats := cc.Server.ThreadedNews.Categories
6988a057
JH		 1333 delName := pathStrs[len(pathStrs)-1]
1334 if len(pathStrs) > 1 {
7e2e07da
JH		 1335 for _, fp := range pathStrs[0 : len(pathStrs)-1] {
1336 cats = cats[fp].SubCats
6988a057
JH		 1337 }
1338 }
1339
043c00da 1340 if bytes.Equal(cats[delName].Type, []byte{0, 3}) {
8eb43f95
JH		 1341 if !cc.Authorize(accessNewsDeleteCat) {
1342 return append(res, cc.NewErrReply(t, "You are not allowed to delete news categories.")), nil
1343 }
1344 } else {
1345 if !cc.Authorize(accessNewsDeleteFldr) {
1346 return append(res, cc.NewErrReply(t, "You are not allowed to delete news folders.")), nil
1347 }
1348 }
1349
6988a057
JH		 1350 delete(cats, delName)
1351
8eb43f95 1352 if err := cc.Server.writeThreadedNews(); err != nil {
6988a057
JH		 1353 return res, err
1354 }
1355
8eb43f95 1356 return append(res, cc.NewReply(t)), nil
6988a057
JH		 1357}
1358
1359func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1360 if !cc.Authorize(accessNewsDeleteArt) {
d4c152a4
JH		 1361 res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
1362 return res, err
1363 }
1364
6988a057
JH		 1365 // Request Fields
1366 // 325 News path
1367 // 326 News article ID
1368 // 337 News article – recursive delete Delete child articles (1) or not (0)
d005ef04
JH		 1369 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
1370 ID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
5890e1d2
JH		 1371 if err != nil {
1372 return res, err
1373 }
6988a057
JH		 1374
1375 // TODO: Delete recursive
1376 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1377
1378 catName := pathStrs[len(pathStrs)-1]
1379 cat := cats[catName]
1380
1381 delete(cat.Articles, uint32(ID))
1382
1383 cats[catName] = cat
1384 if err := cc.Server.writeThreadedNews(); err != nil {
1385 return res, err
1386 }
1387
1388 res = append(res, cc.NewReply(t))
1389 return res, err
1390}
1391
d4c152a4
JH		 1392// Request fields
1393// 325 News path
1394// 326 News article ID ID of the parent article?
1395// 328 News article title
1396// 334 News article flags
1397// 327 News article data flavor Currently “text/plain”
1398// 333 News article data
6988a057 1399func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1400 if !cc.Authorize(accessNewsPostArt) {
d4c152a4
JH		 1401 res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
1402 return res, err
1403 }
6988a057 1404
d005ef04 1405 pathStrs := ReadNewsPath(t.GetField(FieldNewsPath).Data)
6988a057
JH		 1406 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1407
1408 catName := pathStrs[len(pathStrs)-1]
1409 cat := cats[catName]
1410
d005ef04 1411 artID, err := byteToInt(t.GetField(FieldNewsArtID).Data)
5890e1d2
JH		 1412 if err != nil {
1413 return res, err
1414 }
1415 convertedArtID := uint32(artID)
1416 bs := make([]byte, 4)
f808efcd 1417 binary.BigEndian.PutUint32(bs, convertedArtID)
5890e1d2 1418
6988a057 1419 newArt := NewsArtData{
d005ef04 1420 Title: string(t.GetField(FieldNewsArtTitle).Data),
72dd37f1 1421 Poster: string(cc.UserName),
3c9b1dcd 1422 Date: toHotlineTime(time.Now()),
6988a057
JH		 1423 PrevArt: []byte{0, 0, 0, 0},
1424 NextArt: []byte{0, 0, 0, 0},
5890e1d2 1425 ParentArt: bs,
6988a057
JH		 1426 FirstChildArt: []byte{0, 0, 0, 0},
1427 DataFlav: []byte("text/plain"),
d005ef04 1428 Data: string(t.GetField(FieldNewsArtData).Data),
6988a057
JH		 1429 }
1430
1431 var keys []int
1432 for k := range cat.Articles {
1433 keys = append(keys, int(k))
1434 }
1435
1436 nextID := uint32(1)
1437 if len(keys) > 0 {
1438 sort.Ints(keys)
1439 prevID := uint32(keys[len(keys)-1])
1440 nextID = prevID + 1
1441
1442 binary.BigEndian.PutUint32(newArt.PrevArt, prevID)
1443
1444 // Set next article ID
1445 binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt, nextID)
1446 }
1447
1448 // Update parent article with first child reply
5890e1d2 1449 parentID := convertedArtID
6988a057 1450 if parentID != 0 {
5890e1d2 1451 parentArt := cat.Articles[parentID]
6988a057
JH		 1452
1453 if bytes.Equal(parentArt.FirstChildArt, []byte{0, 0, 0, 0}) {
1454 binary.BigEndian.PutUint32(parentArt.FirstChildArt, nextID)
1455 }
1456 }
1457
1458 cat.Articles[nextID] = &newArt
1459
1460 cats[catName] = cat
1461 if err := cc.Server.writeThreadedNews(); err != nil {
1462 return res, err
1463 }
1464
1465 res = append(res, cc.NewReply(t))
1466 return res, err
1467}
1468
1469// HandleGetMsgs returns the flat news data
1470func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1471 if !cc.Authorize(accessNewsReadArt) {
481631f6
JH		 1472 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1473 return res, err
1474 }
1475
d005ef04 1476 res = append(res, cc.NewReply(t, NewField(FieldData, cc.Server.FlatNews)))
6988a057
JH		 1477
1478 return res, err
1479}
1480
1481func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1482 if !cc.Authorize(accessDownloadFile) {
481631f6
JH		 1483 res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
1484 return res, err
1485 }
1486
d005ef04
JH		 1487 fileName := t.GetField(FieldFileName).Data
1488 filePath := t.GetField(FieldFilePath).Data
1489 resumeData := t.GetField(FieldFileResumeData).Data
16a4ad70
JH		 1490
1491 var dataOffset int64
1492 var frd FileResumeData
1493 if resumeData != nil {
d005ef04 1494 if err := frd.UnmarshalBinary(t.GetField(FieldFileResumeData).Data); err != nil {
16a4ad70
JH		 1495 return res, err
1496 }
7cd900d6 1497 // TODO: handle rsrc fork offset
16a4ad70
JH		 1498 dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
1499 }
1500
7cd900d6 1501 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
92a7e455
JH		 1502 if err != nil {
1503 return res, err
1504 }
1505
7cd900d6 1506 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
6988a057
JH		 1507 if err != nil {
1508 return res, err
1509 }
1510
df1ade54 1511 xferSize := hlFile.ffo.TransferSize(0)
6988a057 1512
df1ade54 1513 ft := cc.newFileTransfer(FileDownload, fileName, filePath, xferSize)
6988a057 1514
7cd900d6 1515 // TODO: refactor to remove this
16a4ad70
JH		 1516 if resumeData != nil {
1517 var frd FileResumeData
d005ef04 1518 if err := frd.UnmarshalBinary(t.GetField(FieldFileResumeData).Data); err != nil {
d4c152a4
JH		 1519 return res, err
1520 }
16a4ad70
JH		 1521 ft.fileResumeData = &frd
1522 }
1523
d1cd6664
JH		 1524 // Optional field for when a HL v1.5+ client requests file preview
1525 // Used only for TEXT, JPEG, GIFF, BMP or PICT files
1526 // The value will always be 2
d005ef04
JH		 1527 if t.GetField(FieldFileTransferOptions).Data != nil {
1528 ft.options = t.GetField(FieldFileTransferOptions).Data
7cd900d6 1529 xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
d1cd6664
JH		 1530 }
1531
6988a057 1532 res = append(res, cc.NewReply(t,
d005ef04
JH		 1533 NewField(FieldRefNum, ft.refNum[:]),
1534 NewField(FieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1535 NewField(FieldTransferSize, xferSize),
1536 NewField(FieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
6988a057
JH		 1537 ))
1538
1539 return res, err
1540}
1541
1542// Download all files from the specified folder and sub-folders
6988a057 1543func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1544 if !cc.Authorize(accessDownloadFile) {
d4c152a4
JH		 1545 res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
1546 return res, err
1547 }
1548
d005ef04 1549 fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(FieldFilePath).Data, t.GetField(FieldFileName).Data)
aebc4d36
JH		 1550 if err != nil {
1551 return res, err
1552 }
92a7e455 1553
6988a057
JH		 1554 transferSize, err := CalcTotalSize(fullFilePath)
1555 if err != nil {
1556 return res, err
1557 }
1558 itemCount, err := CalcItemCount(fullFilePath)
1559 if err != nil {
1560 return res, err
1561 }
df1ade54 1562
d005ef04 1563 fileTransfer := cc.newFileTransfer(FolderDownload, t.GetField(FieldFileName).Data, t.GetField(FieldFilePath).Data, transferSize)
df1ade54
JH		 1564
1565 var fp FilePath
d005ef04 1566 _, err = fp.Write(t.GetField(FieldFilePath).Data)
df1ade54
JH		 1567 if err != nil {
1568 return res, err
1569 }
1570
6988a057 1571 res = append(res, cc.NewReply(t,
d005ef04
JH		 1572 NewField(FieldRefNum, fileTransfer.ReferenceNumber),
1573 NewField(FieldTransferSize, transferSize),
1574 NewField(FieldFolderItemCount, itemCount),
1575 NewField(FieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
6988a057
JH		 1576 ))
1577 return res, err
1578}
1579
1580// Upload all files from the local folder and its subfolders to the specified path on the server
1581// Fields used in the request
1582// 201 File name
1583// 202 File path
df2735b2 1584// 108 transfer size Total size of all items in the folder
6988a057
JH		 1585// 220 Folder item count
1586// 204 File transfer options "Optional Currently set to 1" (TODO: ??)
1587func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
7e2e07da 1588 var fp FilePath
d005ef04
JH		 1589 if t.GetField(FieldFilePath).Data != nil {
1590 if _, err = fp.Write(t.GetField(FieldFilePath).Data); err != nil {
7e2e07da
JH		 1591 return res, err
1592 }
1593 }
1594
1595 // Handle special cases for Upload and Drop Box folders
187d6dc5 1596 if !cc.Authorize(accessUploadAnywhere) {
7e2e07da 1597 if !fp.IsUploadDir() && !fp.IsDropbox() {
d005ef04 1598 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(FieldFileName).Data))))
7e2e07da
JH		 1599 return res, err
1600 }
1601 }
1602
df1ade54 1603 fileTransfer := cc.newFileTransfer(FolderUpload,
d005ef04
JH		 1604 t.GetField(FieldFileName).Data,
1605 t.GetField(FieldFilePath).Data,
1606 t.GetField(FieldTransferSize).Data,
df1ade54
JH		 1607 )
1608
d005ef04 1609 fileTransfer.FolderItemCount = t.GetField(FieldFolderItemCount).Data
6988a057 1610
d005ef04 1611 res = append(res, cc.NewReply(t, NewField(FieldRefNum, fileTransfer.ReferenceNumber)))
6988a057
JH		 1612 return res, err
1613}
1614
7e2e07da 1615// HandleUploadFile
16a4ad70
JH		 1616// Fields used in the request:
1617// 201 File name
1618// 202 File path
1619// 204 File transfer options "Optional
1620// Used only to resume download, currently has value 2"
1621// 108 File transfer size "Optional used if download is not resumed"
6988a057 1622func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1623 if !cc.Authorize(accessUploadFile) {
a0241c25
JH		 1624 res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
1625 return res, err
1626 }
1627
d005ef04
JH		 1628 fileName := t.GetField(FieldFileName).Data
1629 filePath := t.GetField(FieldFilePath).Data
1630 transferOptions := t.GetField(FieldFileTransferOptions).Data
1631 transferSize := t.GetField(FieldTransferSize).Data // not sent for resume
16a4ad70 1632
7e2e07da
JH		 1633 var fp FilePath
1634 if filePath != nil {
8fc43f8e 1635 if _, err = fp.Write(filePath); err != nil {
7e2e07da
JH		 1636 return res, err
1637 }
1638 }
1639
1640 // Handle special cases for Upload and Drop Box folders
187d6dc5 1641 if !cc.Authorize(accessUploadAnywhere) {
7e2e07da
JH		 1642 if !fp.IsUploadDir() && !fp.IsDropbox() {
1643 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
1644 return res, err
1645 }
1646 }
df1ade54
JH		 1647 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1648 if err != nil {
1649 return res, err
1650 }
7e2e07da 1651
df1ade54
JH		 1652 if _, err := cc.Server.FS.Stat(fullFilePath); err == nil {
1653 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload because there is already a file named \"%v\". Try choosing a different name.", string(fileName))))
1654 return res, err
6988a057
JH		 1655 }
1656
df1ade54
JH		 1657 ft := cc.newFileTransfer(FileUpload, fileName, filePath, transferSize)
1658
d005ef04 1659 replyT := cc.NewReply(t, NewField(FieldRefNum, ft.ReferenceNumber))
16a4ad70 1660
7cd900d6 1661 // client has requested to resume a partially transferred file
16a4ad70 1662 if transferOptions != nil {
b196a50a 1663 fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
16a4ad70
JH		 1664 if err != nil {
1665 return res, err
1666 }
1667
1668 offset := make([]byte, 4)
1669 binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
1670
1671 fileResumeData := NewFileResumeData([]ForkInfoList{
1672 *NewForkInfoList(offset),
1673 })
1674
1675 b, _ := fileResumeData.BinaryMarshal()
1676
df1ade54
JH		 1677 ft.TransferSize = offset
1678
d005ef04 1679 replyT.Fields = append(replyT.Fields, NewField(FieldFileResumeData, b))
16a4ad70
JH		 1680 }
1681
1682 res = append(res, replyT)
6988a057
JH		 1683 return res, err
1684}
1685
6988a057 1686func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04
JH		 1687 if len(t.GetField(FieldUserIconID).Data) == 4 {
1688 cc.Icon = t.GetField(FieldUserIconID).Data[2:]
6988a057 1689 } else {
d005ef04 1690 cc.Icon = t.GetField(FieldUserIconID).Data
264b7c27
JH		 1691 }
1692 if cc.Authorize(accessAnyName) {
d005ef04 1693 cc.UserName = t.GetField(FieldUserName).Data
6988a057 1694 }
6988a057
JH		 1695
1696 // the options field is only passed by the client versions > 1.2.3.
d005ef04 1697 options := t.GetField(FieldOptions).Data
6988a057
JH		 1698 if options != nil {
1699 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
a7216f67 1700 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(cc.Flags)))
6988a057 1701
b1658a46 1702 flagBitmap.SetBit(flagBitmap, UserFlagRefusePM, optBitmap.Bit(refusePM))
a7216f67 1703 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057 1704
b1658a46 1705 flagBitmap.SetBit(flagBitmap, UserFlagRefusePChat, optBitmap.Bit(refuseChat))
a7216f67 1706 binary.BigEndian.PutUint16(cc.Flags, uint16(flagBitmap.Int64()))
6988a057
JH		 1707
1708 // Check auto response
1709 if optBitmap.Bit(autoResponse) == 1 {
d005ef04 1710 cc.AutoReply = t.GetField(FieldAutomaticResponse).Data
6988a057 1711 } else {
aebc4d36 1712 cc.AutoReply = []byte{}
6988a057
JH		 1713 }
1714 }
1715
264b7c27
JH		 1716 for _, c := range sortedClients(cc.Server.Clients) {
1717 res = append(res, *NewTransaction(
d005ef04 1718 TranNotifyChangeUser,
264b7c27 1719 c.ID,
d005ef04
JH		 1720 NewField(FieldUserID, *cc.ID),
1721 NewField(FieldUserIconID, cc.Icon),
1722 NewField(FieldUserFlags, cc.Flags),
1723 NewField(FieldUserName, cc.UserName),
264b7c27
JH		 1724 ))
1725 }
6988a057
JH		 1726
1727 return res, err
1728}
1729
61c272e1
JH		 1730// HandleKeepAlive responds to keepalive transactions with an empty reply
1731// * HL 1.9.2 Client sends keepalive msg every 3 minutes
1732// * HL 1.2.3 Client doesn't send keepalives
6988a057
JH		 1733func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1734 res = append(res, cc.NewReply(t))
1735
1736 return res, err
1737}
1738
1739func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
92a7e455
JH		 1740 fullPath, err := readPath(
1741 cc.Server.Config.FileRoot,
d005ef04 1742 t.GetField(FieldFilePath).Data,
92a7e455
JH		 1743 nil,
1744 )
1745 if err != nil {
1746 return res, err
6988a057
JH		 1747 }
1748
7e2e07da 1749 var fp FilePath
d005ef04
JH		 1750 if t.GetField(FieldFilePath).Data != nil {
1751 if _, err = fp.Write(t.GetField(FieldFilePath).Data); err != nil {
7e2e07da
JH		 1752 return res, err
1753 }
1754 }
1755
1756 // Handle special case for drop box folders
187d6dc5 1757 if fp.IsDropbox() && !cc.Authorize(accessViewDropBoxes) {
2e08be58 1758 res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
7e2e07da
JH		 1759 return res, err
1760 }
1761
b8c0a83a 1762 fileNames, err := getFileNameList(fullPath, cc.Server.Config.IgnoreFiles)
6988a057
JH		 1763 if err != nil {
1764 return res, err
1765 }
1766
1767 res = append(res, cc.NewReply(t, fileNames...))
1768
1769 return res, err
1770}
1771
1772// =================================
1773// Hotline private chat flow
1774// =================================
d005ef04 1775// 1. ClientA sends TranInviteNewChat to server with user ID to invite
6988a057 1776// 2. Server creates new ChatID
d005ef04 1777// 3. Server sends TranInviteToChat to invitee
6988a057
JH		 1778// 4. Server replies to ClientA with new Chat ID
1779//
1780// A dialog box pops up in the invitee client with options to accept or decline the invitation.
1781// If Accepted is clicked:
d005ef04 1782// 1. ClientB sends TranJoinChat with FieldChatID
6988a057
JH		 1783
1784// HandleInviteNewChat invites users to new private chat
1785func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1786 if !cc.Authorize(accessOpenChat) {
d4c152a4
JH		 1787 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1788 return res, err
1789 }
1790
6988a057 1791 // Client to Invite
d005ef04 1792 targetID := t.GetField(FieldUserID).Data
6988a057
JH		 1793 newChatID := cc.Server.NewPrivateChat(cc)
1794
c1c44744
JH		 1795 // Check if target user has "Refuse private chat" flag
1796 binary.BigEndian.Uint16(targetID)
1797 targetClient := cc.Server.Clients[binary.BigEndian.Uint16(targetID)]
1798
1799 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(targetClient.Flags)))
b1658a46 1800 if flagBitmap.Bit(UserFlagRefusePChat) == 1 {
c1c44744
JH		 1801 res = append(res,
1802 *NewTransaction(
d005ef04 1803 TranServerMsg,
c1c44744 1804 cc.ID,
d005ef04
JH		 1805 NewField(FieldData, []byte(string(targetClient.UserName)+" does not accept private chats.")),
1806 NewField(FieldUserName, targetClient.UserName),
1807 NewField(FieldUserID, *targetClient.ID),
1808 NewField(FieldOptions, []byte{0, 2}),
c1c44744
JH		 1809 ),
1810 )
1811 } else {
1812 res = append(res,
1813 *NewTransaction(
d005ef04 1814 TranInviteToChat,
c1c44744 1815 &targetID,
d005ef04
JH		 1816 NewField(FieldChatID, newChatID),
1817 NewField(FieldUserName, cc.UserName),
1818 NewField(FieldUserID, *cc.ID),
c1c44744
JH		 1819 ),
1820 )
1821 }
6988a057
JH		 1822
1823 res = append(res,
1824 cc.NewReply(t,
d005ef04
JH		 1825 NewField(FieldChatID, newChatID),
1826 NewField(FieldUserName, cc.UserName),
1827 NewField(FieldUserID, *cc.ID),
1828 NewField(FieldUserIconID, cc.Icon),
1829 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1830 ),
1831 )
1832
1833 return res, err
1834}
1835
1836func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 1837 if !cc.Authorize(accessOpenChat) {
d4c152a4
JH		 1838 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1839 return res, err
1840 }
1841
6988a057 1842 // Client to Invite
d005ef04
JH		 1843 targetID := t.GetField(FieldUserID).Data
1844 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1845
1846 res = append(res,
1847 *NewTransaction(
d005ef04 1848 TranInviteToChat,
6988a057 1849 &targetID,
d005ef04
JH		 1850 NewField(FieldChatID, chatID),
1851 NewField(FieldUserName, cc.UserName),
1852 NewField(FieldUserID, *cc.ID),
6988a057
JH		 1853 ),
1854 )
1855 res = append(res,
1856 cc.NewReply(
1857 t,
d005ef04
JH		 1858 NewField(FieldChatID, chatID),
1859 NewField(FieldUserName, cc.UserName),
1860 NewField(FieldUserID, *cc.ID),
1861 NewField(FieldUserIconID, cc.Icon),
1862 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1863 ),
1864 )
1865
1866 return res, err
1867}
1868
1869func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1870 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1871 chatInt := binary.BigEndian.Uint32(chatID)
1872
1873 privChat := cc.Server.PrivateChats[chatInt]
1874
72dd37f1 1875 resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
6988a057
JH		 1876
1877 for _, c := range sortedClients(privChat.ClientConn) {
1878 res = append(res,
1879 *NewTransaction(
d005ef04 1880 TranChatMsg,
6988a057 1881 c.ID,
d005ef04
JH		 1882 NewField(FieldChatID, chatID),
1883 NewField(FieldData, resMsg),
6988a057
JH		 1884 ),
1885 )
1886 }
1887
1888 return res, err
1889}
1890
1891// HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
1892// Fields used in the reply:
1893// * 115 Chat subject
1894// * 300 User name with info (Optional)
1895// * 300 (more user names with info)
1896func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1897 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1898 chatInt := binary.BigEndian.Uint32(chatID)
1899
1900 privChat := cc.Server.PrivateChats[chatInt]
1901
d005ef04 1902 // Send TranNotifyChatChangeUser to current members of the chat to inform of new user
6988a057
JH		 1903 for _, c := range sortedClients(privChat.ClientConn) {
1904 res = append(res,
1905 *NewTransaction(
d005ef04 1906 TranNotifyChatChangeUser,
6988a057 1907 c.ID,
d005ef04
JH		 1908 NewField(FieldChatID, chatID),
1909 NewField(FieldUserName, cc.UserName),
1910 NewField(FieldUserID, *cc.ID),
1911 NewField(FieldUserIconID, cc.Icon),
1912 NewField(FieldUserFlags, cc.Flags),
6988a057
JH		 1913 ),
1914 )
1915 }
1916
1917 privChat.ClientConn[cc.uint16ID()] = cc
1918
d005ef04 1919 replyFields := []Field{NewField(FieldChatSubject, []byte(privChat.Subject))}
6988a057
JH		 1920 for _, c := range sortedClients(privChat.ClientConn) {
1921 user := User{
1922 ID: *c.ID,
a7216f67
JH		 1923 Icon: c.Icon,
1924 Flags: c.Flags,
72dd37f1 1925 Name: string(c.UserName),
6988a057
JH		 1926 }
1927
d005ef04 1928 replyFields = append(replyFields, NewField(FieldUsernameWithInfo, user.Payload()))
6988a057
JH		 1929 }
1930
1931 res = append(res, cc.NewReply(t, replyFields...))
1932 return res, err
1933}
1934
1935// HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
1936// Fields used in the request:
d005ef04 1937// - 114 FieldChatID
33265393 1938//
6988a057
JH		 1939// Reply is not expected.
1940func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1941 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1942 chatInt := binary.BigEndian.Uint32(chatID)
1943
c74c1f28
JH		 1944 privChat, ok := cc.Server.PrivateChats[chatInt]
1945 if !ok {
1946 return res, nil
1947 }
6988a057
JH		 1948
1949 delete(privChat.ClientConn, cc.uint16ID())
1950
1951 // Notify members of the private chat that the user has left
1952 for _, c := range sortedClients(privChat.ClientConn) {
1953 res = append(res,
1954 *NewTransaction(
d005ef04 1955 TranNotifyChatDeleteUser,
6988a057 1956 c.ID,
d005ef04
JH		 1957 NewField(FieldChatID, chatID),
1958 NewField(FieldUserID, *cc.ID),
6988a057
JH		 1959 ),
1960 )
1961 }
1962
1963 return res, err
1964}
1965
1966// HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
1967// Fields used in the request:
1968// * 114 Chat ID
2d92d26e 1969// * 115 Chat subject
6988a057
JH		 1970// Reply is not expected.
1971func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
d005ef04 1972 chatID := t.GetField(FieldChatID).Data
6988a057
JH		 1973 chatInt := binary.BigEndian.Uint32(chatID)
1974
1975 privChat := cc.Server.PrivateChats[chatInt]
d005ef04 1976 privChat.Subject = string(t.GetField(FieldChatSubject).Data)
6988a057
JH		 1977
1978 for _, c := range sortedClients(privChat.ClientConn) {
1979 res = append(res,
1980 *NewTransaction(
d005ef04 1981 TranNotifyChatSubject,
6988a057 1982 c.ID,
d005ef04
JH		 1983 NewField(FieldChatID, chatID),
1984 NewField(FieldChatSubject, t.GetField(FieldChatSubject).Data),
6988a057
JH		 1985 ),
1986 )
1987 }
1988
1989 return res, err
1990}
decc2fbf 1991
2d92d26e 1992// HandleMakeAlias makes a file alias using the specified path.
decc2fbf
JH		 1993// Fields used in the request:
1994// 201 File name
1995// 202 File path
1996// 212 File new path Destination path
1997//
1998// Fields used in the reply:
1999// None
2000func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
187d6dc5 2001 if !cc.Authorize(accessMakeAlias) {
decc2fbf
JH		 2002 res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
2003 return res, err
2004 }
d005ef04
JH		 2005 fileName := t.GetField(FieldFileName).Data
2006 filePath := t.GetField(FieldFilePath).Data
2007 fileNewPath := t.GetField(FieldFileNewPath).Data
decc2fbf
JH		 2008
2009 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
2010 if err != nil {
2011 return res, err
2012 }
2013
2014 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
2015 if err != nil {
2016 return res, err
2017 }
2018
67db911d 2019 cc.logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
decc2fbf 2020
b196a50a 2021 if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
decc2fbf
JH		 2022 res = append(res, cc.NewErrReply(t, "Error creating alias"))
2023 return res, nil
2024 }
2025
2026 res = append(res, cc.NewReply(t))
2027 return res, err
2028}
9067f234 2029
969e6481
JH		 2030// HandleDownloadBanner handles requests for a new banner from the server
2031// Fields used in the request:
2032// None
2033// Fields used in the reply:
d005ef04
JH		 2034// 107 FieldRefNum Used later for transfer
2035// 108 FieldTransferSize Size of data to be downloaded
9067f234 2036func HandleDownloadBanner(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
9067f234
JH		 2037 fi, err := cc.Server.FS.Stat(filepath.Join(cc.Server.ConfigDir, cc.Server.Config.BannerFile))
2038 if err != nil {
2039 return res, err
2040 }
2041
df1ade54 2042 ft := cc.newFileTransfer(bannerDownload, []byte{}, []byte{}, make([]byte, 4))
9067f234 2043
df1ade54 2044 binary.BigEndian.PutUint32(ft.TransferSize, uint32(fi.Size()))
9067f234
JH		 2045
2046 res = append(res, cc.NewReply(t,
d005ef04
JH		 2047 NewField(FieldRefNum, ft.refNum[:]),
2048 NewField(FieldTransferSize, ft.TransferSize),
9067f234
JH		 2049 ))
2050
9067f234
JH		 2051 return res, err
2052}
Friendship Quest remix of mobius, a hotline server in go #cli