]> git.r.bdr.sh - rbdr/mobius/blob - hotline/transaction_handlers.go
git.r.bdr.sh / rbdr / mobius / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add support for server banner
[rbdr/mobius] / hotline / transaction_handlers.go
1 package hotline
2
3 import (
4 "bytes"
5 "encoding/binary"
6 "errors"
7 "fmt"
8 "gopkg.in/yaml.v3"
9 "io/ioutil"
10 "math/big"
11 "os"
12 "path"
13 "path/filepath"
14 "sort"
15 "strings"
16 "time"
17 )
18
19 type TransactionType struct {
20 Handler func(*ClientConn, *Transaction) ([]Transaction, error) // function for handling the transaction type
21 Name string // Name of transaction as it will appear in logging
22 RequiredFields []requiredField
23 }
24
25 var TransactionHandlers = map[uint16]TransactionType{
26 // Server initiated
27 tranChatMsg: {
28 Name: "tranChatMsg",
29 },
30 // Server initiated
31 tranNotifyChangeUser: {
32 Name: "tranNotifyChangeUser",
33 },
34 tranError: {
35 Name: "tranError",
36 },
37 tranShowAgreement: {
38 Name: "tranShowAgreement",
39 },
40 tranUserAccess: {
41 Name: "tranUserAccess",
42 },
43 tranNotifyDeleteUser: {
44 Name: "tranNotifyDeleteUser",
45 },
46 tranAgreed: {
47 Name: "tranAgreed",
48 Handler: HandleTranAgreed,
49 },
50 tranChatSend: {
51 Name: "tranChatSend",
52 Handler: HandleChatSend,
53 RequiredFields: []requiredField{
54 {
55 ID: fieldData,
56 minLen: 0,
57 },
58 },
59 },
60 tranDelNewsArt: {
61 Name: "tranDelNewsArt",
62 Handler: HandleDelNewsArt,
63 },
64 tranDelNewsItem: {
65 Name: "tranDelNewsItem",
66 Handler: HandleDelNewsItem,
67 },
68 tranDeleteFile: {
69 Name: "tranDeleteFile",
70 Handler: HandleDeleteFile,
71 },
72 tranDeleteUser: {
73 Name: "tranDeleteUser",
74 Handler: HandleDeleteUser,
75 },
76 tranDisconnectUser: {
77 Name: "tranDisconnectUser",
78 Handler: HandleDisconnectUser,
79 },
80 tranDownloadFile: {
81 Name: "tranDownloadFile",
82 Handler: HandleDownloadFile,
83 },
84 tranDownloadFldr: {
85 Name: "tranDownloadFldr",
86 Handler: HandleDownloadFolder,
87 },
88 tranGetClientInfoText: {
89 Name: "tranGetClientInfoText",
90 Handler: HandleGetClientConnInfoText,
91 },
92 tranGetFileInfo: {
93 Name: "tranGetFileInfo",
94 Handler: HandleGetFileInfo,
95 },
96 tranGetFileNameList: {
97 Name: "tranGetFileNameList",
98 Handler: HandleGetFileNameList,
99 },
100 tranGetMsgs: {
101 Name: "tranGetMsgs",
102 Handler: HandleGetMsgs,
103 },
104 tranGetNewsArtData: {
105 Name: "tranGetNewsArtData",
106 Handler: HandleGetNewsArtData,
107 },
108 tranGetNewsArtNameList: {
109 Name: "tranGetNewsArtNameList",
110 Handler: HandleGetNewsArtNameList,
111 },
112 tranGetNewsCatNameList: {
113 Name: "tranGetNewsCatNameList",
114 Handler: HandleGetNewsCatNameList,
115 },
116 tranGetUser: {
117 Name: "tranGetUser",
118 Handler: HandleGetUser,
119 },
120 tranGetUserNameList: {
121 Name: "tranHandleGetUserNameList",
122 Handler: HandleGetUserNameList,
123 },
124 tranInviteNewChat: {
125 Name: "tranInviteNewChat",
126 Handler: HandleInviteNewChat,
127 },
128 tranInviteToChat: {
129 Name: "tranInviteToChat",
130 Handler: HandleInviteToChat,
131 },
132 tranJoinChat: {
133 Name: "tranJoinChat",
134 Handler: HandleJoinChat,
135 },
136 tranKeepAlive: {
137 Name: "tranKeepAlive",
138 Handler: HandleKeepAlive,
139 },
140 tranLeaveChat: {
141 Name: "tranJoinChat",
142 Handler: HandleLeaveChat,
143 },
144 tranListUsers: {
145 Name: "tranListUsers",
146 Handler: HandleListUsers,
147 },
148 tranMoveFile: {
149 Name: "tranMoveFile",
150 Handler: HandleMoveFile,
151 },
152 tranNewFolder: {
153 Name: "tranNewFolder",
154 Handler: HandleNewFolder,
155 },
156 tranNewNewsCat: {
157 Name: "tranNewNewsCat",
158 Handler: HandleNewNewsCat,
159 },
160 tranNewNewsFldr: {
161 Name: "tranNewNewsFldr",
162 Handler: HandleNewNewsFldr,
163 },
164 tranNewUser: {
165 Name: "tranNewUser",
166 Handler: HandleNewUser,
167 },
168 tranUpdateUser: {
169 Name: "tranUpdateUser",
170 Handler: HandleUpdateUser,
171 },
172 tranOldPostNews: {
173 Name: "tranOldPostNews",
174 Handler: HandleTranOldPostNews,
175 },
176 tranPostNewsArt: {
177 Name: "tranPostNewsArt",
178 Handler: HandlePostNewsArt,
179 },
180 tranRejectChatInvite: {
181 Name: "tranRejectChatInvite",
182 Handler: HandleRejectChatInvite,
183 },
184 tranSendInstantMsg: {
185 Name: "tranSendInstantMsg",
186 Handler: HandleSendInstantMsg,
187 RequiredFields: []requiredField{
188 {
189 ID: fieldData,
190 minLen: 0,
191 },
192 {
193 ID: fieldUserID,
194 },
195 },
196 },
197 tranSetChatSubject: {
198 Name: "tranSetChatSubject",
199 Handler: HandleSetChatSubject,
200 },
201 tranMakeFileAlias: {
202 Name: "tranMakeFileAlias",
203 Handler: HandleMakeAlias,
204 RequiredFields: []requiredField{
205 {ID: fieldFileName, minLen: 1},
206 {ID: fieldFilePath, minLen: 1},
207 {ID: fieldFileNewPath, minLen: 1},
208 },
209 },
210 tranSetClientUserInfo: {
211 Name: "tranSetClientUserInfo",
212 Handler: HandleSetClientUserInfo,
213 },
214 tranSetFileInfo: {
215 Name: "tranSetFileInfo",
216 Handler: HandleSetFileInfo,
217 },
218 tranSetUser: {
219 Name: "tranSetUser",
220 Handler: HandleSetUser,
221 },
222 tranUploadFile: {
223 Name: "tranUploadFile",
224 Handler: HandleUploadFile,
225 },
226 tranUploadFldr: {
227 Name: "tranUploadFldr",
228 Handler: HandleUploadFolder,
229 },
230 tranUserBroadcast: {
231 Name: "tranUserBroadcast",
232 Handler: HandleUserBroadcast,
233 },
234 tranDownloadBanner: {
235 Name: "tranDownloadBanner",
236 Handler: HandleDownloadBanner,
237 },
238 }
239
240 func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
241 if !authorize(cc.Account.Access, accessSendChat) {
242 res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
243 return res, err
244 }
245
246 // Truncate long usernames
247 trunc := fmt.Sprintf("%13s", cc.UserName)
248 formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(fieldData).Data)
249
250 // By holding the option key, Hotline chat allows users to send /me formatted messages like:
251 // *** Halcyon does stuff
252 // This is indicated by the presence of the optional field fieldChatOptions in the transaction payload
253 if t.GetField(fieldChatOptions).Data != nil {
254 formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(fieldData).Data)
255 }
256
257 chatID := t.GetField(fieldChatID).Data
258 // a non-nil chatID indicates the message belongs to a private chat
259 if chatID != nil {
260 chatInt := binary.BigEndian.Uint32(chatID)
261 privChat := cc.Server.PrivateChats[chatInt]
262
263 clients := sortedClients(privChat.ClientConn)
264
265 // send the message to all connected clients of the private chat
266 for _, c := range clients {
267 res = append(res, *NewTransaction(
268 tranChatMsg,
269 c.ID,
270 NewField(fieldChatID, chatID),
271 NewField(fieldData, []byte(formattedMsg)),
272 ))
273 }
274 return res, err
275 }
276
277 for _, c := range sortedClients(cc.Server.Clients) {
278 // Filter out clients that do not have the read chat permission
279 if authorize(c.Account.Access, accessReadChat) {
280 res = append(res, *NewTransaction(tranChatMsg, c.ID, NewField(fieldData, []byte(formattedMsg))))
281 }
282 }
283
284 return res, err
285 }
286
287 // HandleSendInstantMsg sends instant message to the user on the current server.
288 // Fields used in the request:
289 // 103 User ID
290 // 113 Options
291 // One of the following values:
292 // - User message (myOpt_UserMessage = 1)
293 // - Refuse message (myOpt_RefuseMessage = 2)
294 // - Refuse chat (myOpt_RefuseChat = 3)
295 // - Automatic response (myOpt_AutomaticResponse = 4)"
296 // 101 Data Optional
297 // 214 Quoting message Optional
298 //
299 // Fields used in the reply:
300 // None
301 func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
302 msg := t.GetField(fieldData)
303 ID := t.GetField(fieldUserID)
304
305 reply := NewTransaction(
306 tranServerMsg,
307 &ID.Data,
308 NewField(fieldData, msg.Data),
309 NewField(fieldUserName, cc.UserName),
310 NewField(fieldUserID, *cc.ID),
311 NewField(fieldOptions, []byte{0, 1}),
312 )
313
314 // Later versions of Hotline include the original message in the fieldQuotingMsg field so
315 // the receiving client can display both the received message and what it is in reply to
316 if t.GetField(fieldQuotingMsg).Data != nil {
317 reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data))
318 }
319
320 res = append(res, *reply)
321
322 id, _ := byteToInt(ID.Data)
323 otherClient, ok := cc.Server.Clients[uint16(id)]
324 if !ok {
325 return res, errors.New("invalid client ID")
326 }
327
328 // Respond with auto reply if other client has it enabled
329 if len(otherClient.AutoReply) > 0 {
330 res = append(res,
331 *NewTransaction(
332 tranServerMsg,
333 cc.ID,
334 NewField(fieldData, otherClient.AutoReply),
335 NewField(fieldUserName, otherClient.UserName),
336 NewField(fieldUserID, *otherClient.ID),
337 NewField(fieldOptions, []byte{0, 1}),
338 ),
339 )
340 }
341
342 res = append(res, cc.NewReply(t))
343
344 return res, err
345 }
346
347 func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
348 fileName := t.GetField(fieldFileName).Data
349 filePath := t.GetField(fieldFilePath).Data
350
351 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
352 if err != nil {
353 return res, err
354 }
355
356 fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
357 if err != nil {
358 return res, err
359 }
360
361 res = append(res, cc.NewReply(t,
362 NewField(fieldFileName, []byte(fw.name)),
363 NewField(fieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
364 NewField(fieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
365 NewField(fieldFileComment, fw.ffo.FlatFileInformationFork.Comment),
366 NewField(fieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
367 NewField(fieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
368 NewField(fieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
369 NewField(fieldFileSize, fw.totalSize()),
370 ))
371 return res, err
372 }
373
374 // HandleSetFileInfo updates a file or folder name and/or comment from the Get Info window
375 // Fields used in the request:
376 // * 201 File name
377 // * 202 File path Optional
378 // * 211 File new name Optional
379 // * 210 File comment Optional
380 // Fields used in the reply: None
381 func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
382 fileName := t.GetField(fieldFileName).Data
383 filePath := t.GetField(fieldFilePath).Data
384
385 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
386 if err != nil {
387 return res, err
388 }
389
390 fi, err := cc.Server.FS.Stat(fullFilePath)
391 if err != nil {
392 return res, err
393 }
394
395 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
396 if err != nil {
397 return res, err
398 }
399 if t.GetField(fieldFileComment).Data != nil {
400 switch mode := fi.Mode(); {
401 case mode.IsDir():
402 if !authorize(cc.Account.Access, accessSetFolderComment) {
403 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
404 return res, err
405 }
406 case mode.IsRegular():
407 if !authorize(cc.Account.Access, accessSetFileComment) {
408 res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
409 return res, err
410 }
411 }
412
413 if err := hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(fieldFileComment).Data); err != nil {
414 return res, err
415 }
416 w, err := hlFile.infoForkWriter()
417 if err != nil {
418 return res, err
419 }
420 _, err = w.Write(hlFile.ffo.FlatFileInformationFork.MarshalBinary())
421 if err != nil {
422 return res, err
423 }
424 }
425
426 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(fieldFileNewName).Data)
427 if err != nil {
428 return nil, err
429 }
430
431 fileNewName := t.GetField(fieldFileNewName).Data
432
433 if fileNewName != nil {
434 switch mode := fi.Mode(); {
435 case mode.IsDir():
436 if !authorize(cc.Account.Access, accessRenameFolder) {
437 res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
438 return res, err
439 }
440 err = os.Rename(fullFilePath, fullNewFilePath)
441 if os.IsNotExist(err) {
442 res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
443 return res, err
444 }
445 case mode.IsRegular():
446 if !authorize(cc.Account.Access, accessRenameFile) {
447 res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
448 return res, err
449 }
450 fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
451 if err != nil {
452 return nil, err
453 }
454 hlFile.name = string(fileNewName)
455 err = hlFile.move(fileDir)
456 if os.IsNotExist(err) {
457 res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
458 return res, err
459 }
460 if err != nil {
461 panic(err)
462 }
463 }
464 }
465
466 res = append(res, cc.NewReply(t))
467 return res, err
468 }
469
470 // HandleDeleteFile deletes a file or folder
471 // Fields used in the request:
472 // * 201 File name
473 // * 202 File path
474 // Fields used in the reply: none
475 func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
476 fileName := t.GetField(fieldFileName).Data
477 filePath := t.GetField(fieldFilePath).Data
478
479 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
480 if err != nil {
481 return res, err
482 }
483
484 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
485 if err != nil {
486 return res, err
487 }
488
489 fi, err := hlFile.dataFile()
490 if err != nil {
491 res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
492 return res, nil
493 }
494
495 switch mode := fi.Mode(); {
496 case mode.IsDir():
497 if !authorize(cc.Account.Access, accessDeleteFolder) {
498 res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
499 return res, err
500 }
501 case mode.IsRegular():
502 if !authorize(cc.Account.Access, accessDeleteFile) {
503 res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
504 return res, err
505 }
506 }
507
508 if err := hlFile.delete(); err != nil {
509 return res, err
510 }
511
512 res = append(res, cc.NewReply(t))
513 return res, err
514 }
515
516 // HandleMoveFile moves files or folders. Note: seemingly not documented
517 func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
518 fileName := string(t.GetField(fieldFileName).Data)
519
520 filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
521 if err != nil {
522 return res, err
523 }
524
525 fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFileNewPath).Data, nil)
526 if err != nil {
527 return res, err
528 }
529
530 cc.logger.Infow("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
531
532 hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
533 if err != nil {
534 return res, err
535 }
536
537 fi, err := hlFile.dataFile()
538 if err != nil {
539 res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
540 return res, err
541 }
542 if err != nil {
543 return res, err
544 }
545 switch mode := fi.Mode(); {
546 case mode.IsDir():
547 if !authorize(cc.Account.Access, accessMoveFolder) {
548 res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
549 return res, err
550 }
551 case mode.IsRegular():
552 if !authorize(cc.Account.Access, accessMoveFile) {
553 res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
554 return res, err
555 }
556 }
557 if err := hlFile.move(fileNewPath); err != nil {
558 return res, err
559 }
560 // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
561
562 res = append(res, cc.NewReply(t))
563 return res, err
564 }
565
566 func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
567 if !authorize(cc.Account.Access, accessCreateFolder) {
568 res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
569 return res, err
570 }
571 folderName := string(t.GetField(fieldFileName).Data)
572
573 folderName = path.Join("/", folderName)
574
575 var subPath string
576
577 // fieldFilePath is only present for nested paths
578 if t.GetField(fieldFilePath).Data != nil {
579 var newFp FilePath
580 err := newFp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
581 if err != nil {
582 return nil, err
583 }
584
585 for _, pathItem := range newFp.Items {
586 subPath = filepath.Join("/", subPath, string(pathItem.Name))
587 }
588 }
589 newFolderPath := path.Join(cc.Server.Config.FileRoot, subPath, folderName)
590
591 // TODO: check path and folder name lengths
592
593 if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
594 msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName)
595 return []Transaction{cc.NewErrReply(t, msg)}, nil
596 }
597
598 // TODO: check for disallowed characters to maintain compatibility for original client
599
600 if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
601 msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
602 return []Transaction{cc.NewErrReply(t, msg)}, nil
603 }
604
605 res = append(res, cc.NewReply(t))
606 return res, err
607 }
608
609 func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
610 if !authorize(cc.Account.Access, accessModifyUser) {
611 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
612 return res, err
613 }
614
615 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
616 userName := string(t.GetField(fieldUserName).Data)
617
618 newAccessLvl := t.GetField(fieldUserAccess).Data
619
620 account := cc.Server.Accounts[login]
621 account.Access = &newAccessLvl
622 account.Name = userName
623
624 // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
625 // not include fieldUserPassword
626 if t.GetField(fieldUserPassword).Data == nil {
627 account.Password = hashAndSalt([]byte(""))
628 }
629 if len(t.GetField(fieldUserPassword).Data) > 1 {
630 account.Password = hashAndSalt(t.GetField(fieldUserPassword).Data)
631 }
632
633 out, err := yaml.Marshal(&account)
634 if err != nil {
635 return res, err
636 }
637 if err := os.WriteFile(cc.Server.ConfigDir+"Users/"+login+".yaml", out, 0666); err != nil {
638 return res, err
639 }
640
641 // Notify connected clients logged in as the user of the new access level
642 for _, c := range cc.Server.Clients {
643 if c.Account.Login == login {
644 // Note: comment out these two lines to test server-side deny messages
645 newT := NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, newAccessLvl))
646 res = append(res, *newT)
647
648 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*c.Flags)))
649 if authorize(c.Account.Access, accessDisconUser) {
650 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 1)
651 } else {
652 flagBitmap.SetBit(flagBitmap, userFlagAdmin, 0)
653 }
654 binary.BigEndian.PutUint16(*c.Flags, uint16(flagBitmap.Int64()))
655
656 c.Account.Access = account.Access
657
658 cc.sendAll(
659 tranNotifyChangeUser,
660 NewField(fieldUserID, *c.ID),
661 NewField(fieldUserFlags, *c.Flags),
662 NewField(fieldUserName, c.UserName),
663 NewField(fieldUserIconID, *c.Icon),
664 )
665 }
666 }
667
668 res = append(res, cc.NewReply(t))
669 return res, err
670 }
671
672 func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
673 if !authorize(cc.Account.Access, accessOpenUser) {
674 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
675 return res, err
676 }
677
678 account := cc.Server.Accounts[string(t.GetField(fieldUserLogin).Data)]
679 if account == nil {
680 res = append(res, cc.NewErrReply(t, "Account does not exist."))
681 return res, err
682 }
683
684 res = append(res, cc.NewReply(t,
685 NewField(fieldUserName, []byte(account.Name)),
686 NewField(fieldUserLogin, negateString(t.GetField(fieldUserLogin).Data)),
687 NewField(fieldUserPassword, []byte(account.Password)),
688 NewField(fieldUserAccess, *account.Access),
689 ))
690 return res, err
691 }
692
693 func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
694 if !authorize(cc.Account.Access, accessOpenUser) {
695 res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
696 return res, err
697 }
698
699 var userFields []Field
700 for _, acc := range cc.Server.Accounts {
701 userField := acc.MarshalBinary()
702 userFields = append(userFields, NewField(fieldData, userField))
703 }
704
705 res = append(res, cc.NewReply(t, userFields...))
706 return res, err
707 }
708
709 // HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
710 // An update can be a mix of these actions:
711 // * Create user
712 // * Delete user
713 // * Modify user (including renaming the account login)
714 //
715 // The Transaction sent by the client includes one data field per user that was modified. This data field in turn
716 // contains another data field encoded in its payload with a varying number of sub fields depending on which action is
717 // performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
718 func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
719 for _, field := range t.Fields {
720 subFields, err := ReadFields(field.Data[0:2], field.Data[2:])
721 if err != nil {
722 return res, err
723 }
724
725 if len(subFields) == 1 {
726 login := DecodeUserString(getField(fieldData, &subFields).Data)
727 cc.logger.Infow("DeleteUser", "login", login)
728
729 if !authorize(cc.Account.Access, accessDeleteUser) {
730 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
731 return res, err
732 }
733
734 if err := cc.Server.DeleteUser(login); err != nil {
735 return res, err
736 }
737 continue
738 }
739
740 login := DecodeUserString(getField(fieldUserLogin, &subFields).Data)
741
742 // check if the login dataFile; if so, we know we are updating an existing user
743 if acc, ok := cc.Server.Accounts[login]; ok {
744 cc.logger.Infow("UpdateUser", "login", login)
745
746 // account dataFile, so this is an update action
747 if !authorize(cc.Account.Access, accessModifyUser) {
748 res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
749 return res, err
750 }
751
752 if getField(fieldUserPassword, &subFields) != nil {
753 newPass := getField(fieldUserPassword, &subFields).Data
754 acc.Password = hashAndSalt(newPass)
755 } else {
756 acc.Password = hashAndSalt([]byte(""))
757 }
758
759 if getField(fieldUserAccess, &subFields) != nil {
760 acc.Access = &getField(fieldUserAccess, &subFields).Data
761 }
762
763 err = cc.Server.UpdateUser(
764 DecodeUserString(getField(fieldData, &subFields).Data),
765 DecodeUserString(getField(fieldUserLogin, &subFields).Data),
766 string(getField(fieldUserName, &subFields).Data),
767 acc.Password,
768 *acc.Access,
769 )
770 if err != nil {
771 return res, err
772 }
773 } else {
774 cc.logger.Infow("CreateUser", "login", login)
775
776 if !authorize(cc.Account.Access, accessCreateUser) {
777 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
778 return res, err
779 }
780
781 err := cc.Server.NewUser(
782 login,
783 string(getField(fieldUserName, &subFields).Data),
784 string(getField(fieldUserPassword, &subFields).Data),
785 getField(fieldUserAccess, &subFields).Data,
786 )
787 if err != nil {
788 return []Transaction{}, err
789 }
790 }
791 }
792
793 res = append(res, cc.NewReply(t))
794 return res, err
795 }
796
797 // HandleNewUser creates a new user account
798 func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
799 if !authorize(cc.Account.Access, accessCreateUser) {
800 res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
801 return res, err
802 }
803
804 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
805
806 // If the account already dataFile, reply with an error
807 if _, ok := cc.Server.Accounts[login]; ok {
808 res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
809 return res, err
810 }
811
812 if err := cc.Server.NewUser(
813 login,
814 string(t.GetField(fieldUserName).Data),
815 string(t.GetField(fieldUserPassword).Data),
816 t.GetField(fieldUserAccess).Data,
817 ); err != nil {
818 return []Transaction{}, err
819 }
820
821 res = append(res, cc.NewReply(t))
822 return res, err
823 }
824
825 func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
826 if !authorize(cc.Account.Access, accessDeleteUser) {
827 res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
828 return res, err
829 }
830
831 // TODO: Handle case where account doesn't exist; e.g. delete race condition
832 login := DecodeUserString(t.GetField(fieldUserLogin).Data)
833
834 if err := cc.Server.DeleteUser(login); err != nil {
835 return res, err
836 }
837
838 res = append(res, cc.NewReply(t))
839 return res, err
840 }
841
842 // HandleUserBroadcast sends an Administrator Message to all connected clients of the server
843 func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
844 if !authorize(cc.Account.Access, accessBroadcast) {
845 res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
846 return res, err
847 }
848
849 cc.sendAll(
850 tranServerMsg,
851 NewField(fieldData, t.GetField(tranGetMsgs).Data),
852 NewField(fieldChatOptions, []byte{0}),
853 )
854
855 res = append(res, cc.NewReply(t))
856 return res, err
857 }
858
859 func byteToInt(bytes []byte) (int, error) {
860 switch len(bytes) {
861 case 2:
862 return int(binary.BigEndian.Uint16(bytes)), nil
863 case 4:
864 return int(binary.BigEndian.Uint32(bytes)), nil
865 }
866
867 return 0, errors.New("unknown byte length")
868 }
869
870 func HandleGetClientConnInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
871 if !authorize(cc.Account.Access, accessGetClientInfo) {
872 res = append(res, cc.NewErrReply(t, "You are not allowed to get client info"))
873 return res, err
874 }
875
876 clientID, _ := byteToInt(t.GetField(fieldUserID).Data)
877
878 clientConn := cc.Server.Clients[uint16(clientID)]
879 if clientConn == nil {
880 return res, errors.New("invalid client")
881 }
882
883 // TODO: Implement non-hardcoded values
884 template := `Nickname: %s
885 Name: %s
886 Account: %s
887 Address: %s
888
889 -------- File Downloads ---------
890
891 %s
892
893 ------- Folder Downloads --------
894
895 None.
896
897 --------- File Uploads ----------
898
899 None.
900
901 -------- Folder Uploads ---------
902
903 None.
904
905 ------- Waiting Downloads -------
906
907 None.
908
909 `
910
911 activeDownloads := clientConn.Transfers[FileDownload]
912 activeDownloadList := "None."
913 for _, dl := range activeDownloads {
914 activeDownloadList += dl.String() + "\n"
915 }
916
917 template = fmt.Sprintf(
918 template,
919 clientConn.UserName,
920 clientConn.Account.Name,
921 clientConn.Account.Login,
922 clientConn.RemoteAddr,
923 activeDownloadList,
924 )
925 template = strings.Replace(template, "\n", "\r", -1)
926
927 res = append(res, cc.NewReply(t,
928 NewField(fieldData, []byte(template)),
929 NewField(fieldUserName, clientConn.UserName),
930 ))
931 return res, err
932 }
933
934 func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
935 res = append(res, cc.NewReply(t, cc.Server.connectedUsers()...))
936
937 return res, err
938 }
939
940 func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
941 cc.Agreed = true
942 cc.UserName = t.GetField(fieldUserName).Data
943 *cc.Icon = t.GetField(fieldUserIconID).Data
944
945 cc.logger = cc.logger.With("name", string(cc.UserName))
946
947 options := t.GetField(fieldOptions).Data
948 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
949
950 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
951
952 // Check refuse private PM option
953 if optBitmap.Bit(refusePM) == 1 {
954 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, 1)
955 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
956 }
957
958 // Check refuse private chat option
959 if optBitmap.Bit(refuseChat) == 1 {
960 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, 1)
961 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
962 }
963
964 // Check auto response
965 if optBitmap.Bit(autoResponse) == 1 {
966 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
967 } else {
968 cc.AutoReply = []byte{}
969 }
970
971 for _, t := range cc.notifyOthers(
972 *NewTransaction(
973 tranNotifyChangeUser, nil,
974 NewField(fieldUserName, cc.UserName),
975 NewField(fieldUserID, *cc.ID),
976 NewField(fieldUserIconID, *cc.Icon),
977 NewField(fieldUserFlags, *cc.Flags),
978 ),
979 ) {
980 cc.Server.outbox <- t
981 }
982
983 if cc.Server.Config.BannerFile != "" {
984 cc.Server.outbox <- *NewTransaction(tranServerBanner, cc.ID, NewField(fieldBannerType, []byte("JPEG")))
985 }
986
987 res = append(res, cc.NewReply(t))
988
989 return res, err
990 }
991
992 const defaultNewsDateFormat = "Jan02 15:04" // Jun23 20:49
993 // "Mon, 02 Jan 2006 15:04:05 MST"
994
995 const defaultNewsTemplate = `From %s (%s):
996
997 %s
998
999 __________________________________________________________`
1000
1001 // HandleTranOldPostNews updates the flat news
1002 // Fields used in this request:
1003 // 101 Data
1004 func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1005 if !authorize(cc.Account.Access, accessNewsPostArt) {
1006 res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
1007 return res, err
1008 }
1009
1010 cc.Server.flatNewsMux.Lock()
1011 defer cc.Server.flatNewsMux.Unlock()
1012
1013 newsDateTemplate := defaultNewsDateFormat
1014 if cc.Server.Config.NewsDateFormat != "" {
1015 newsDateTemplate = cc.Server.Config.NewsDateFormat
1016 }
1017
1018 newsTemplate := defaultNewsTemplate
1019 if cc.Server.Config.NewsDelimiter != "" {
1020 newsTemplate = cc.Server.Config.NewsDelimiter
1021 }
1022
1023 newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
1024 newsPost = strings.Replace(newsPost, "\n", "\r", -1)
1025
1026 // update news in memory
1027 cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
1028
1029 // update news on disk
1030 if err := ioutil.WriteFile(cc.Server.ConfigDir+"MessageBoard.txt", cc.Server.FlatNews, 0644); err != nil {
1031 return res, err
1032 }
1033
1034 // Notify all clients of updated news
1035 cc.sendAll(
1036 tranNewMsg,
1037 NewField(fieldData, []byte(newsPost)),
1038 )
1039
1040 res = append(res, cc.NewReply(t))
1041 return res, err
1042 }
1043
1044 func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1045 if !authorize(cc.Account.Access, accessDisconUser) {
1046 res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
1047 return res, err
1048 }
1049
1050 clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)]
1051
1052 if authorize(clientConn.Account.Access, accessCannotBeDiscon) {
1053 res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
1054 return res, err
1055 }
1056
1057 if err := clientConn.Connection.Close(); err != nil {
1058 return res, err
1059 }
1060
1061 res = append(res, cc.NewReply(t))
1062 return res, err
1063 }
1064
1065 // HandleGetNewsCatNameList returns a list of news categories for a path
1066 // Fields used in the request:
1067 // 325 News path (Optional)
1068 func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1069 if !authorize(cc.Account.Access, accessNewsReadArt) {
1070 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1071 return res, err
1072 }
1073
1074 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1075 cats := cc.Server.GetNewsCatByPath(pathStrs)
1076
1077 // To store the keys in slice in sorted order
1078 keys := make([]string, len(cats))
1079 i := 0
1080 for k := range cats {
1081 keys[i] = k
1082 i++
1083 }
1084 sort.Strings(keys)
1085
1086 var fieldData []Field
1087 for _, k := range keys {
1088 cat := cats[k]
1089 b, _ := cat.MarshalBinary()
1090 fieldData = append(fieldData, NewField(
1091 fieldNewsCatListData15,
1092 b,
1093 ))
1094 }
1095
1096 res = append(res, cc.NewReply(t, fieldData...))
1097 return res, err
1098 }
1099
1100 func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1101 if !authorize(cc.Account.Access, accessNewsCreateCat) {
1102 res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
1103 return res, err
1104 }
1105
1106 name := string(t.GetField(fieldNewsCatName).Data)
1107 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1108
1109 cats := cc.Server.GetNewsCatByPath(pathStrs)
1110 cats[name] = NewsCategoryListData15{
1111 Name: name,
1112 Type: []byte{0, 3},
1113 Articles: map[uint32]*NewsArtData{},
1114 SubCats: make(map[string]NewsCategoryListData15),
1115 }
1116
1117 if err := cc.Server.writeThreadedNews(); err != nil {
1118 return res, err
1119 }
1120 res = append(res, cc.NewReply(t))
1121 return res, err
1122 }
1123
1124 // Fields used in the request:
1125 // 322 News category name
1126 // 325 News path
1127 func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1128 if !authorize(cc.Account.Access, accessNewsCreateFldr) {
1129 res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
1130 return res, err
1131 }
1132
1133 name := string(t.GetField(fieldFileName).Data)
1134 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1135
1136 cc.logger.Infof("Creating new news folder %s", name)
1137
1138 cats := cc.Server.GetNewsCatByPath(pathStrs)
1139 cats[name] = NewsCategoryListData15{
1140 Name: name,
1141 Type: []byte{0, 2},
1142 Articles: map[uint32]*NewsArtData{},
1143 SubCats: make(map[string]NewsCategoryListData15),
1144 }
1145 if err := cc.Server.writeThreadedNews(); err != nil {
1146 return res, err
1147 }
1148 res = append(res, cc.NewReply(t))
1149 return res, err
1150 }
1151
1152 // Fields used in the request:
1153 // 325 News path Optional
1154 //
1155 // Reply fields:
1156 // 321 News article list data Optional
1157 func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1158 if !authorize(cc.Account.Access, accessNewsReadArt) {
1159 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1160 return res, err
1161 }
1162 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1163
1164 var cat NewsCategoryListData15
1165 cats := cc.Server.ThreadedNews.Categories
1166
1167 for _, fp := range pathStrs {
1168 cat = cats[fp]
1169 cats = cats[fp].SubCats
1170 }
1171
1172 nald := cat.GetNewsArtListData()
1173
1174 res = append(res, cc.NewReply(t, NewField(fieldNewsArtListData, nald.Payload())))
1175 return res, err
1176 }
1177
1178 func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1179 if !authorize(cc.Account.Access, accessNewsReadArt) {
1180 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1181 return res, err
1182 }
1183
1184 // Request fields
1185 // 325 News fp
1186 // 326 News article ID
1187 // 327 News article data flavor
1188
1189 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1190
1191 var cat NewsCategoryListData15
1192 cats := cc.Server.ThreadedNews.Categories
1193
1194 for _, fp := range pathStrs {
1195 cat = cats[fp]
1196 cats = cats[fp].SubCats
1197 }
1198 newsArtID := t.GetField(fieldNewsArtID).Data
1199
1200 convertedArtID := binary.BigEndian.Uint16(newsArtID)
1201
1202 art := cat.Articles[uint32(convertedArtID)]
1203 if art == nil {
1204 res = append(res, cc.NewReply(t))
1205 return res, err
1206 }
1207
1208 // Reply fields
1209 // 328 News article title
1210 // 329 News article poster
1211 // 330 News article date
1212 // 331 Previous article ID
1213 // 332 Next article ID
1214 // 335 Parent article ID
1215 // 336 First child article ID
1216 // 327 News article data flavor "Should be “text/plain”
1217 // 333 News article data Optional (if data flavor is “text/plain”)
1218
1219 res = append(res, cc.NewReply(t,
1220 NewField(fieldNewsArtTitle, []byte(art.Title)),
1221 NewField(fieldNewsArtPoster, []byte(art.Poster)),
1222 NewField(fieldNewsArtDate, art.Date),
1223 NewField(fieldNewsArtPrevArt, art.PrevArt),
1224 NewField(fieldNewsArtNextArt, art.NextArt),
1225 NewField(fieldNewsArtParentArt, art.ParentArt),
1226 NewField(fieldNewsArt1stChildArt, art.FirstChildArt),
1227 NewField(fieldNewsArtDataFlav, []byte("text/plain")),
1228 NewField(fieldNewsArtData, []byte(art.Data)),
1229 ))
1230 return res, err
1231 }
1232
1233 func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1234 // Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
1235 // TODO: Implement
1236
1237 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1238
1239 // TODO: determine if path is a Folder (Bundle) or Category and check for permission
1240
1241 cc.logger.Infof("DelNewsItem %v", pathStrs)
1242
1243 cats := cc.Server.ThreadedNews.Categories
1244
1245 delName := pathStrs[len(pathStrs)-1]
1246 if len(pathStrs) > 1 {
1247 for _, fp := range pathStrs[0 : len(pathStrs)-1] {
1248 cats = cats[fp].SubCats
1249 }
1250 }
1251
1252 delete(cats, delName)
1253
1254 err = cc.Server.writeThreadedNews()
1255 if err != nil {
1256 return res, err
1257 }
1258
1259 // Reply params: none
1260 res = append(res, cc.NewReply(t))
1261
1262 return res, err
1263 }
1264
1265 func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1266 if !authorize(cc.Account.Access, accessNewsDeleteArt) {
1267 res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
1268 return res, err
1269 }
1270
1271 // Request Fields
1272 // 325 News path
1273 // 326 News article ID
1274 // 337 News article – recursive delete Delete child articles (1) or not (0)
1275 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1276 ID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1277
1278 // TODO: Delete recursive
1279 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1280
1281 catName := pathStrs[len(pathStrs)-1]
1282 cat := cats[catName]
1283
1284 delete(cat.Articles, uint32(ID))
1285
1286 cats[catName] = cat
1287 if err := cc.Server.writeThreadedNews(); err != nil {
1288 return res, err
1289 }
1290
1291 res = append(res, cc.NewReply(t))
1292 return res, err
1293 }
1294
1295 // Request fields
1296 // 325 News path
1297 // 326 News article ID ID of the parent article?
1298 // 328 News article title
1299 // 334 News article flags
1300 // 327 News article data flavor Currently “text/plain”
1301 // 333 News article data
1302 func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1303 if !authorize(cc.Account.Access, accessNewsPostArt) {
1304 res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
1305 return res, err
1306 }
1307
1308 pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
1309 cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
1310
1311 catName := pathStrs[len(pathStrs)-1]
1312 cat := cats[catName]
1313
1314 newArt := NewsArtData{
1315 Title: string(t.GetField(fieldNewsArtTitle).Data),
1316 Poster: string(cc.UserName),
1317 Date: toHotlineTime(time.Now()),
1318 PrevArt: []byte{0, 0, 0, 0},
1319 NextArt: []byte{0, 0, 0, 0},
1320 ParentArt: append([]byte{0, 0}, t.GetField(fieldNewsArtID).Data...),
1321 FirstChildArt: []byte{0, 0, 0, 0},
1322 DataFlav: []byte("text/plain"),
1323 Data: string(t.GetField(fieldNewsArtData).Data),
1324 }
1325
1326 var keys []int
1327 for k := range cat.Articles {
1328 keys = append(keys, int(k))
1329 }
1330
1331 nextID := uint32(1)
1332 if len(keys) > 0 {
1333 sort.Ints(keys)
1334 prevID := uint32(keys[len(keys)-1])
1335 nextID = prevID + 1
1336
1337 binary.BigEndian.PutUint32(newArt.PrevArt, prevID)
1338
1339 // Set next article ID
1340 binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt, nextID)
1341 }
1342
1343 // Update parent article with first child reply
1344 parentID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
1345 if parentID != 0 {
1346 parentArt := cat.Articles[uint32(parentID)]
1347
1348 if bytes.Equal(parentArt.FirstChildArt, []byte{0, 0, 0, 0}) {
1349 binary.BigEndian.PutUint32(parentArt.FirstChildArt, nextID)
1350 }
1351 }
1352
1353 cat.Articles[nextID] = &newArt
1354
1355 cats[catName] = cat
1356 if err := cc.Server.writeThreadedNews(); err != nil {
1357 return res, err
1358 }
1359
1360 res = append(res, cc.NewReply(t))
1361 return res, err
1362 }
1363
1364 // HandleGetMsgs returns the flat news data
1365 func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1366 if !authorize(cc.Account.Access, accessNewsReadArt) {
1367 res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
1368 return res, err
1369 }
1370
1371 res = append(res, cc.NewReply(t, NewField(fieldData, cc.Server.FlatNews)))
1372
1373 return res, err
1374 }
1375
1376 func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1377 if !authorize(cc.Account.Access, accessDownloadFile) {
1378 res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
1379 return res, err
1380 }
1381
1382 fileName := t.GetField(fieldFileName).Data
1383 filePath := t.GetField(fieldFilePath).Data
1384 resumeData := t.GetField(fieldFileResumeData).Data
1385
1386 var dataOffset int64
1387 var frd FileResumeData
1388 if resumeData != nil {
1389 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1390 return res, err
1391 }
1392 // TODO: handle rsrc fork offset
1393 dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
1394 }
1395
1396 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1397 if err != nil {
1398 return res, err
1399 }
1400
1401 hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
1402 if err != nil {
1403 return res, err
1404 }
1405
1406 transactionRef := cc.Server.NewTransactionRef()
1407 data := binary.BigEndian.Uint32(transactionRef)
1408
1409 ft := &FileTransfer{
1410 FileName: fileName,
1411 FilePath: filePath,
1412 ReferenceNumber: transactionRef,
1413 Type: FileDownload,
1414 }
1415
1416 // TODO: refactor to remove this
1417 if resumeData != nil {
1418 var frd FileResumeData
1419 if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
1420 return res, err
1421 }
1422 ft.fileResumeData = &frd
1423 }
1424
1425 xferSize := hlFile.ffo.TransferSize(0)
1426
1427 // Optional field for when a HL v1.5+ client requests file preview
1428 // Used only for TEXT, JPEG, GIFF, BMP or PICT files
1429 // The value will always be 2
1430 if t.GetField(fieldFileTransferOptions).Data != nil {
1431 ft.options = t.GetField(fieldFileTransferOptions).Data
1432 xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
1433 }
1434
1435 cc.Server.mux.Lock()
1436 defer cc.Server.mux.Unlock()
1437 cc.Server.FileTransfers[data] = ft
1438
1439 cc.Transfers[FileDownload] = append(cc.Transfers[FileDownload], ft)
1440
1441 res = append(res, cc.NewReply(t,
1442 NewField(fieldRefNum, transactionRef),
1443 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1444 NewField(fieldTransferSize, xferSize),
1445 NewField(fieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
1446 ))
1447
1448 return res, err
1449 }
1450
1451 // Download all files from the specified folder and sub-folders
1452 func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1453 if !authorize(cc.Account.Access, accessDownloadFile) {
1454 res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
1455 return res, err
1456 }
1457
1458 transactionRef := cc.Server.NewTransactionRef()
1459 data := binary.BigEndian.Uint32(transactionRef)
1460
1461 fileTransfer := &FileTransfer{
1462 FileName: t.GetField(fieldFileName).Data,
1463 FilePath: t.GetField(fieldFilePath).Data,
1464 ReferenceNumber: transactionRef,
1465 Type: FolderDownload,
1466 }
1467 cc.Server.mux.Lock()
1468 cc.Server.FileTransfers[data] = fileTransfer
1469 cc.Server.mux.Unlock()
1470 cc.Transfers[FolderDownload] = append(cc.Transfers[FolderDownload], fileTransfer)
1471
1472 var fp FilePath
1473 err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
1474 if err != nil {
1475 return res, err
1476 }
1477
1478 fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
1479 if err != nil {
1480 return res, err
1481 }
1482
1483 transferSize, err := CalcTotalSize(fullFilePath)
1484 if err != nil {
1485 return res, err
1486 }
1487 itemCount, err := CalcItemCount(fullFilePath)
1488 if err != nil {
1489 return res, err
1490 }
1491 res = append(res, cc.NewReply(t,
1492 NewField(fieldRefNum, transactionRef),
1493 NewField(fieldTransferSize, transferSize),
1494 NewField(fieldFolderItemCount, itemCount),
1495 NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
1496 ))
1497 return res, err
1498 }
1499
1500 // Upload all files from the local folder and its subfolders to the specified path on the server
1501 // Fields used in the request
1502 // 201 File name
1503 // 202 File path
1504 // 108 transfer size Total size of all items in the folder
1505 // 220 Folder item count
1506 // 204 File transfer options "Optional Currently set to 1" (TODO: ??)
1507 func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1508 transactionRef := cc.Server.NewTransactionRef()
1509 data := binary.BigEndian.Uint32(transactionRef)
1510
1511 var fp FilePath
1512 if t.GetField(fieldFilePath).Data != nil {
1513 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1514 return res, err
1515 }
1516 }
1517
1518 // Handle special cases for Upload and Drop Box folders
1519 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1520 if !fp.IsUploadDir() && !fp.IsDropbox() {
1521 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
1522 return res, err
1523 }
1524 }
1525
1526 fileTransfer := &FileTransfer{
1527 FileName: t.GetField(fieldFileName).Data,
1528 FilePath: t.GetField(fieldFilePath).Data,
1529 ReferenceNumber: transactionRef,
1530 Type: FolderUpload,
1531 FolderItemCount: t.GetField(fieldFolderItemCount).Data,
1532 TransferSize: t.GetField(fieldTransferSize).Data,
1533 }
1534 cc.Server.FileTransfers[data] = fileTransfer
1535
1536 res = append(res, cc.NewReply(t, NewField(fieldRefNum, transactionRef)))
1537 return res, err
1538 }
1539
1540 // HandleUploadFile
1541 // Fields used in the request:
1542 // 201 File name
1543 // 202 File path
1544 // 204 File transfer options "Optional
1545 // Used only to resume download, currently has value 2"
1546 // 108 File transfer size "Optional used if download is not resumed"
1547 func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1548 if !authorize(cc.Account.Access, accessUploadFile) {
1549 res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
1550 return res, err
1551 }
1552
1553 fileName := t.GetField(fieldFileName).Data
1554 filePath := t.GetField(fieldFilePath).Data
1555
1556 transferOptions := t.GetField(fieldFileTransferOptions).Data
1557
1558 // TODO: is this field useful for anything?
1559 // transferSize := t.GetField(fieldTransferSize).Data
1560
1561 var fp FilePath
1562 if filePath != nil {
1563 if err = fp.UnmarshalBinary(filePath); err != nil {
1564 return res, err
1565 }
1566 }
1567
1568 // Handle special cases for Upload and Drop Box folders
1569 if !authorize(cc.Account.Access, accessUploadAnywhere) {
1570 if !fp.IsUploadDir() && !fp.IsDropbox() {
1571 res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
1572 return res, err
1573 }
1574 }
1575
1576 transactionRef := cc.Server.NewTransactionRef()
1577 data := binary.BigEndian.Uint32(transactionRef)
1578
1579 cc.Server.mux.Lock()
1580 cc.Server.FileTransfers[data] = &FileTransfer{
1581 FileName: fileName,
1582 FilePath: filePath,
1583 ReferenceNumber: transactionRef,
1584 Type: FileUpload,
1585 }
1586 cc.Server.mux.Unlock()
1587
1588 replyT := cc.NewReply(t, NewField(fieldRefNum, transactionRef))
1589
1590 // client has requested to resume a partially transferred file
1591 if transferOptions != nil {
1592 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1593 if err != nil {
1594 return res, err
1595 }
1596
1597 fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
1598 if err != nil {
1599 return res, err
1600 }
1601
1602 offset := make([]byte, 4)
1603 binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
1604
1605 fileResumeData := NewFileResumeData([]ForkInfoList{
1606 *NewForkInfoList(offset),
1607 })
1608
1609 b, _ := fileResumeData.BinaryMarshal()
1610
1611 replyT.Fields = append(replyT.Fields, NewField(fieldFileResumeData, b))
1612 }
1613
1614 res = append(res, replyT)
1615 return res, err
1616 }
1617
1618 func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1619 var icon []byte
1620 if len(t.GetField(fieldUserIconID).Data) == 4 {
1621 icon = t.GetField(fieldUserIconID).Data[2:]
1622 } else {
1623 icon = t.GetField(fieldUserIconID).Data
1624 }
1625 *cc.Icon = icon
1626 cc.UserName = t.GetField(fieldUserName).Data
1627
1628 // the options field is only passed by the client versions > 1.2.3.
1629 options := t.GetField(fieldOptions).Data
1630
1631 if options != nil {
1632 optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
1633 flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
1634
1635 flagBitmap.SetBit(flagBitmap, userFlagRefusePM, optBitmap.Bit(refusePM))
1636 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1637
1638 flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, optBitmap.Bit(refuseChat))
1639 binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
1640
1641 // Check auto response
1642 if optBitmap.Bit(autoResponse) == 1 {
1643 cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
1644 } else {
1645 cc.AutoReply = []byte{}
1646 }
1647 }
1648
1649 // Notify all clients of updated user info
1650 cc.sendAll(
1651 tranNotifyChangeUser,
1652 NewField(fieldUserID, *cc.ID),
1653 NewField(fieldUserIconID, *cc.Icon),
1654 NewField(fieldUserFlags, *cc.Flags),
1655 NewField(fieldUserName, cc.UserName),
1656 )
1657
1658 return res, err
1659 }
1660
1661 // HandleKeepAlive responds to keepalive transactions with an empty reply
1662 // * HL 1.9.2 Client sends keepalive msg every 3 minutes
1663 // * HL 1.2.3 Client doesn't send keepalives
1664 func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1665 res = append(res, cc.NewReply(t))
1666
1667 return res, err
1668 }
1669
1670 func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1671 fullPath, err := readPath(
1672 cc.Server.Config.FileRoot,
1673 t.GetField(fieldFilePath).Data,
1674 nil,
1675 )
1676 if err != nil {
1677 return res, err
1678 }
1679
1680 var fp FilePath
1681 if t.GetField(fieldFilePath).Data != nil {
1682 if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
1683 return res, err
1684 }
1685 }
1686
1687 // Handle special case for drop box folders
1688 if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
1689 res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
1690 return res, err
1691 }
1692
1693 fileNames, err := getFileNameList(fullPath)
1694 if err != nil {
1695 return res, err
1696 }
1697
1698 res = append(res, cc.NewReply(t, fileNames...))
1699
1700 return res, err
1701 }
1702
1703 // =================================
1704 // Hotline private chat flow
1705 // =================================
1706 // 1. ClientA sends tranInviteNewChat to server with user ID to invite
1707 // 2. Server creates new ChatID
1708 // 3. Server sends tranInviteToChat to invitee
1709 // 4. Server replies to ClientA with new Chat ID
1710 //
1711 // A dialog box pops up in the invitee client with options to accept or decline the invitation.
1712 // If Accepted is clicked:
1713 // 1. ClientB sends tranJoinChat with fieldChatID
1714
1715 // HandleInviteNewChat invites users to new private chat
1716 func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1717 if !authorize(cc.Account.Access, accessOpenChat) {
1718 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1719 return res, err
1720 }
1721
1722 // Client to Invite
1723 targetID := t.GetField(fieldUserID).Data
1724 newChatID := cc.Server.NewPrivateChat(cc)
1725
1726 res = append(res,
1727 *NewTransaction(
1728 tranInviteToChat,
1729 &targetID,
1730 NewField(fieldChatID, newChatID),
1731 NewField(fieldUserName, cc.UserName),
1732 NewField(fieldUserID, *cc.ID),
1733 ),
1734 )
1735
1736 res = append(res,
1737 cc.NewReply(t,
1738 NewField(fieldChatID, newChatID),
1739 NewField(fieldUserName, cc.UserName),
1740 NewField(fieldUserID, *cc.ID),
1741 NewField(fieldUserIconID, *cc.Icon),
1742 NewField(fieldUserFlags, *cc.Flags),
1743 ),
1744 )
1745
1746 return res, err
1747 }
1748
1749 func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1750 if !authorize(cc.Account.Access, accessOpenChat) {
1751 res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
1752 return res, err
1753 }
1754
1755 // Client to Invite
1756 targetID := t.GetField(fieldUserID).Data
1757 chatID := t.GetField(fieldChatID).Data
1758
1759 res = append(res,
1760 *NewTransaction(
1761 tranInviteToChat,
1762 &targetID,
1763 NewField(fieldChatID, chatID),
1764 NewField(fieldUserName, cc.UserName),
1765 NewField(fieldUserID, *cc.ID),
1766 ),
1767 )
1768 res = append(res,
1769 cc.NewReply(
1770 t,
1771 NewField(fieldChatID, chatID),
1772 NewField(fieldUserName, cc.UserName),
1773 NewField(fieldUserID, *cc.ID),
1774 NewField(fieldUserIconID, *cc.Icon),
1775 NewField(fieldUserFlags, *cc.Flags),
1776 ),
1777 )
1778
1779 return res, err
1780 }
1781
1782 func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1783 chatID := t.GetField(fieldChatID).Data
1784 chatInt := binary.BigEndian.Uint32(chatID)
1785
1786 privChat := cc.Server.PrivateChats[chatInt]
1787
1788 resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
1789
1790 for _, c := range sortedClients(privChat.ClientConn) {
1791 res = append(res,
1792 *NewTransaction(
1793 tranChatMsg,
1794 c.ID,
1795 NewField(fieldChatID, chatID),
1796 NewField(fieldData, resMsg),
1797 ),
1798 )
1799 }
1800
1801 return res, err
1802 }
1803
1804 // HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
1805 // Fields used in the reply:
1806 // * 115 Chat subject
1807 // * 300 User name with info (Optional)
1808 // * 300 (more user names with info)
1809 func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1810 chatID := t.GetField(fieldChatID).Data
1811 chatInt := binary.BigEndian.Uint32(chatID)
1812
1813 privChat := cc.Server.PrivateChats[chatInt]
1814
1815 // Send tranNotifyChatChangeUser to current members of the chat to inform of new user
1816 for _, c := range sortedClients(privChat.ClientConn) {
1817 res = append(res,
1818 *NewTransaction(
1819 tranNotifyChatChangeUser,
1820 c.ID,
1821 NewField(fieldChatID, chatID),
1822 NewField(fieldUserName, cc.UserName),
1823 NewField(fieldUserID, *cc.ID),
1824 NewField(fieldUserIconID, *cc.Icon),
1825 NewField(fieldUserFlags, *cc.Flags),
1826 ),
1827 )
1828 }
1829
1830 privChat.ClientConn[cc.uint16ID()] = cc
1831
1832 replyFields := []Field{NewField(fieldChatSubject, []byte(privChat.Subject))}
1833 for _, c := range sortedClients(privChat.ClientConn) {
1834 user := User{
1835 ID: *c.ID,
1836 Icon: *c.Icon,
1837 Flags: *c.Flags,
1838 Name: string(c.UserName),
1839 }
1840
1841 replyFields = append(replyFields, NewField(fieldUsernameWithInfo, user.Payload()))
1842 }
1843
1844 res = append(res, cc.NewReply(t, replyFields...))
1845 return res, err
1846 }
1847
1848 // HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
1849 // Fields used in the request:
1850 // * 114 fieldChatID
1851 // Reply is not expected.
1852 func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1853 chatID := t.GetField(fieldChatID).Data
1854 chatInt := binary.BigEndian.Uint32(chatID)
1855
1856 privChat := cc.Server.PrivateChats[chatInt]
1857
1858 delete(privChat.ClientConn, cc.uint16ID())
1859
1860 // Notify members of the private chat that the user has left
1861 for _, c := range sortedClients(privChat.ClientConn) {
1862 res = append(res,
1863 *NewTransaction(
1864 tranNotifyChatDeleteUser,
1865 c.ID,
1866 NewField(fieldChatID, chatID),
1867 NewField(fieldUserID, *cc.ID),
1868 ),
1869 )
1870 }
1871
1872 return res, err
1873 }
1874
1875 // HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
1876 // Fields used in the request:
1877 // * 114 Chat ID
1878 // * 115 Chat subject Chat subject string
1879 // Reply is not expected.
1880 func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1881 chatID := t.GetField(fieldChatID).Data
1882 chatInt := binary.BigEndian.Uint32(chatID)
1883
1884 privChat := cc.Server.PrivateChats[chatInt]
1885 privChat.Subject = string(t.GetField(fieldChatSubject).Data)
1886
1887 for _, c := range sortedClients(privChat.ClientConn) {
1888 res = append(res,
1889 *NewTransaction(
1890 tranNotifyChatSubject,
1891 c.ID,
1892 NewField(fieldChatID, chatID),
1893 NewField(fieldChatSubject, t.GetField(fieldChatSubject).Data),
1894 ),
1895 )
1896 }
1897
1898 return res, err
1899 }
1900
1901 // HandleMakeAlias makes a filer alias using the specified path.
1902 // Fields used in the request:
1903 // 201 File name
1904 // 202 File path
1905 // 212 File new path Destination path
1906 //
1907 // Fields used in the reply:
1908 // None
1909 func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1910 if !authorize(cc.Account.Access, accessMakeAlias) {
1911 res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
1912 return res, err
1913 }
1914 fileName := t.GetField(fieldFileName).Data
1915 filePath := t.GetField(fieldFilePath).Data
1916 fileNewPath := t.GetField(fieldFileNewPath).Data
1917
1918 fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
1919 if err != nil {
1920 return res, err
1921 }
1922
1923 fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
1924 if err != nil {
1925 return res, err
1926 }
1927
1928 cc.logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
1929
1930 if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
1931 res = append(res, cc.NewErrReply(t, "Error creating alias"))
1932 return res, nil
1933 }
1934
1935 res = append(res, cc.NewReply(t))
1936 return res, err
1937 }
1938
1939 func HandleDownloadBanner(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
1940 transactionRef := cc.Server.NewTransactionRef()
1941 data := binary.BigEndian.Uint32(transactionRef)
1942
1943 ft := &FileTransfer{
1944 ReferenceNumber: transactionRef,
1945 Type: bannerDownload,
1946 }
1947
1948 fi, err := cc.Server.FS.Stat(filepath.Join(cc.Server.ConfigDir, cc.Server.Config.BannerFile))
1949 if err != nil {
1950 return res, err
1951 }
1952
1953 size := make([]byte, 4)
1954 binary.BigEndian.PutUint32(size, uint32(fi.Size()))
1955
1956 cc.Server.mux.Lock()
1957 defer cc.Server.mux.Unlock()
1958 cc.Server.FileTransfers[data] = ft
1959
1960 res = append(res, cc.NewReply(t,
1961 NewField(fieldRefNum, transactionRef),
1962 NewField(fieldTransferSize, size),
1963 ))
1964
1965 res = append(res, cc.NewReply(t))
1966 return res, err
1967 }
Friendship Quest remix of mobius, a hotline server in go #cli