package hotline
-import (
- "bytes"
- "encoding/binary"
- "errors"
- "fmt"
- "gopkg.in/yaml.v3"
- "io/ioutil"
- "math/big"
- "os"
- "path"
- "path/filepath"
- "sort"
- "strings"
- "time"
-)
+// HandlerFunc is the signature of a func to handle a Hotline transaction.
+type HandlerFunc func(*ClientConn, *Transaction) []Transaction
-type TransactionType struct {
- Handler func(*ClientConn, *Transaction) ([]Transaction, error) // function for handling the transaction type
- Name string // Name of transaction as it will appear in logging
- RequiredFields []requiredField
+func (s *Server) HandleFunc(tranType [2]byte, handler HandlerFunc) {
+ s.handlers[tranType] = handler
}
-var TransactionHandlers = map[uint16]TransactionType{
- // Server initiated
- tranChatMsg: {
- Name: "tranChatMsg",
- },
- // Server initiated
- tranNotifyChangeUser: {
- Name: "tranNotifyChangeUser",
- },
- tranError: {
- Name: "tranError",
- },
- tranShowAgreement: {
- Name: "tranShowAgreement",
- },
- tranUserAccess: {
- Name: "tranUserAccess",
- },
- tranNotifyDeleteUser: {
- Name: "tranNotifyDeleteUser",
- },
- tranAgreed: {
- Name: "tranAgreed",
- Handler: HandleTranAgreed,
- },
- tranChatSend: {
- Name: "tranChatSend",
- Handler: HandleChatSend,
- RequiredFields: []requiredField{
- {
- ID: fieldData,
- minLen: 0,
- },
- },
- },
- tranDelNewsArt: {
- Name: "tranDelNewsArt",
- Handler: HandleDelNewsArt,
- },
- tranDelNewsItem: {
- Name: "tranDelNewsItem",
- Handler: HandleDelNewsItem,
- },
- tranDeleteFile: {
- Name: "tranDeleteFile",
- Handler: HandleDeleteFile,
- },
- tranDeleteUser: {
- Name: "tranDeleteUser",
- Handler: HandleDeleteUser,
- },
- tranDisconnectUser: {
- Name: "tranDisconnectUser",
- Handler: HandleDisconnectUser,
- },
- tranDownloadFile: {
- Name: "tranDownloadFile",
- Handler: HandleDownloadFile,
- },
- tranDownloadFldr: {
- Name: "tranDownloadFldr",
- Handler: HandleDownloadFolder,
- },
- tranGetClientInfoText: {
- Name: "tranGetClientInfoText",
- Handler: HandleGetClientInfoText,
- },
- tranGetFileInfo: {
- Name: "tranGetFileInfo",
- Handler: HandleGetFileInfo,
- },
- tranGetFileNameList: {
- Name: "tranGetFileNameList",
- Handler: HandleGetFileNameList,
- },
- tranGetMsgs: {
- Name: "tranGetMsgs",
- Handler: HandleGetMsgs,
- },
- tranGetNewsArtData: {
- Name: "tranGetNewsArtData",
- Handler: HandleGetNewsArtData,
- },
- tranGetNewsArtNameList: {
- Name: "tranGetNewsArtNameList",
- Handler: HandleGetNewsArtNameList,
- },
- tranGetNewsCatNameList: {
- Name: "tranGetNewsCatNameList",
- Handler: HandleGetNewsCatNameList,
- },
- tranGetUser: {
- Name: "tranGetUser",
- Handler: HandleGetUser,
- },
- tranGetUserNameList: {
- Name: "tranHandleGetUserNameList",
- Handler: HandleGetUserNameList,
- },
- tranInviteNewChat: {
- Name: "tranInviteNewChat",
- Handler: HandleInviteNewChat,
- },
- tranInviteToChat: {
- Name: "tranInviteToChat",
- Handler: HandleInviteToChat,
- },
- tranJoinChat: {
- Name: "tranJoinChat",
- Handler: HandleJoinChat,
- },
- tranKeepAlive: {
- Name: "tranKeepAlive",
- Handler: HandleKeepAlive,
- },
- tranLeaveChat: {
- Name: "tranJoinChat",
- Handler: HandleLeaveChat,
- },
- tranListUsers: {
- Name: "tranListUsers",
- Handler: HandleListUsers,
- },
- tranMoveFile: {
- Name: "tranMoveFile",
- Handler: HandleMoveFile,
- },
- tranNewFolder: {
- Name: "tranNewFolder",
- Handler: HandleNewFolder,
- },
- tranNewNewsCat: {
- Name: "tranNewNewsCat",
- Handler: HandleNewNewsCat,
- },
- tranNewNewsFldr: {
- Name: "tranNewNewsFldr",
- Handler: HandleNewNewsFldr,
- },
- tranNewUser: {
- Name: "tranNewUser",
- Handler: HandleNewUser,
- },
- tranUpdateUser: {
- Name: "tranUpdateUser",
- Handler: HandleUpdateUser,
- },
- tranOldPostNews: {
- Name: "tranOldPostNews",
- Handler: HandleTranOldPostNews,
- },
- tranPostNewsArt: {
- Name: "tranPostNewsArt",
- Handler: HandlePostNewsArt,
- },
- tranRejectChatInvite: {
- Name: "tranRejectChatInvite",
- Handler: HandleRejectChatInvite,
- },
- tranSendInstantMsg: {
- Name: "tranSendInstantMsg",
- Handler: HandleSendInstantMsg,
- RequiredFields: []requiredField{
- {
- ID: fieldData,
- minLen: 0,
- },
- {
- ID: fieldUserID,
- },
- },
- },
- tranSetChatSubject: {
- Name: "tranSetChatSubject",
- Handler: HandleSetChatSubject,
- },
- tranMakeFileAlias: {
- Name: "tranMakeFileAlias",
- Handler: HandleMakeAlias,
- RequiredFields: []requiredField{
- {ID: fieldFileName, minLen: 1},
- {ID: fieldFilePath, minLen: 1},
- {ID: fieldFileNewPath, minLen: 1},
- },
- },
- tranSetClientUserInfo: {
- Name: "tranSetClientUserInfo",
- Handler: HandleSetClientUserInfo,
- },
- tranSetFileInfo: {
- Name: "tranSetFileInfo",
- Handler: HandleSetFileInfo,
- },
- tranSetUser: {
- Name: "tranSetUser",
- Handler: HandleSetUser,
- },
- tranUploadFile: {
- Name: "tranUploadFile",
- Handler: HandleUploadFile,
- },
- tranUploadFldr: {
- Name: "tranUploadFldr",
- Handler: HandleUploadFolder,
- },
- tranUserBroadcast: {
- Name: "tranUserBroadcast",
- Handler: HandleUserBroadcast,
- },
- tranDownloadBanner: {
- Name: "tranDownloadBanner",
- Handler: HandleDownloadBanner,
- },
-}
-
-func HandleChatSend(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessSendChat) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to participate in chat."))
- return res, err
- }
-
- // Truncate long usernames
- trunc := fmt.Sprintf("%13s", cc.UserName)
- formattedMsg := fmt.Sprintf("\r%.14s: %s", trunc, t.GetField(fieldData).Data)
-
- // By holding the option key, Hotline chat allows users to send /me formatted messages like:
- // *** Halcyon does stuff
- // This is indicated by the presence of the optional field fieldChatOptions in the transaction payload
- if t.GetField(fieldChatOptions).Data != nil {
- formattedMsg = fmt.Sprintf("\r*** %s %s", cc.UserName, t.GetField(fieldData).Data)
- }
-
- chatID := t.GetField(fieldChatID).Data
- // a non-nil chatID indicates the message belongs to a private chat
- if chatID != nil {
- chatInt := binary.BigEndian.Uint32(chatID)
- privChat := cc.Server.PrivateChats[chatInt]
-
- clients := sortedClients(privChat.ClientConn)
-
- // send the message to all connected clients of the private chat
- for _, c := range clients {
- res = append(res, *NewTransaction(
- tranChatMsg,
- c.ID,
- NewField(fieldChatID, chatID),
- NewField(fieldData, []byte(formattedMsg)),
- ))
- }
- return res, err
- }
-
- for _, c := range sortedClients(cc.Server.Clients) {
- // Filter out clients that do not have the read chat permission
- if authorize(c.Account.Access, accessReadChat) {
- res = append(res, *NewTransaction(tranChatMsg, c.ID, NewField(fieldData, []byte(formattedMsg))))
- }
- }
-
- return res, err
-}
-
-// HandleSendInstantMsg sends instant message to the user on the current server.
-// Fields used in the request:
-// 103 User ID
-// 113 Options
-// One of the following values:
-// - User message (myOpt_UserMessage = 1)
-// - Refuse message (myOpt_RefuseMessage = 2)
-// - Refuse chat (myOpt_RefuseChat = 3)
-// - Automatic response (myOpt_AutomaticResponse = 4)"
-// 101 Data Optional
-// 214 Quoting message Optional
-//
-// Fields used in the reply:
-// None
-func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- msg := t.GetField(fieldData)
- ID := t.GetField(fieldUserID)
-
- reply := NewTransaction(
- tranServerMsg,
- &ID.Data,
- NewField(fieldData, msg.Data),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- NewField(fieldOptions, []byte{0, 1}),
- )
-
- // Later versions of Hotline include the original message in the fieldQuotingMsg field so
- // the receiving client can display both the received message and what it is in reply to
- if t.GetField(fieldQuotingMsg).Data != nil {
- reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data))
- }
-
- res = append(res, *reply)
-
- id, _ := byteToInt(ID.Data)
- otherClient, ok := cc.Server.Clients[uint16(id)]
- if !ok {
- return res, errors.New("invalid client ID")
- }
-
- // Respond with auto reply if other client has it enabled
- if len(otherClient.AutoReply) > 0 {
- res = append(res,
- *NewTransaction(
- tranServerMsg,
- cc.ID,
- NewField(fieldData, otherClient.AutoReply),
- NewField(fieldUserName, otherClient.UserName),
- NewField(fieldUserID, *otherClient.ID),
- NewField(fieldOptions, []byte{0, 1}),
- ),
- )
- }
-
- res = append(res, cc.NewReply(t))
-
- return res, err
-}
-
-func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- fw, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
- if err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t,
- NewField(fieldFileName, []byte(fw.name)),
- NewField(fieldFileTypeString, fw.ffo.FlatFileInformationFork.friendlyType()),
- NewField(fieldFileCreatorString, fw.ffo.FlatFileInformationFork.friendlyCreator()),
- NewField(fieldFileComment, fw.ffo.FlatFileInformationFork.Comment),
- NewField(fieldFileType, fw.ffo.FlatFileInformationFork.TypeSignature),
- NewField(fieldFileCreateDate, fw.ffo.FlatFileInformationFork.CreateDate),
- NewField(fieldFileModifyDate, fw.ffo.FlatFileInformationFork.ModifyDate),
- NewField(fieldFileSize, fw.totalSize()),
- ))
- return res, err
-}
-
-// HandleSetFileInfo updates a file or folder name and/or comment from the Get Info window
-// Fields used in the request:
-// * 201 File name
-// * 202 File path Optional
-// * 211 File new name Optional
-// * 210 File comment Optional
-// Fields used in the reply: None
-func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- fi, err := cc.Server.FS.Stat(fullFilePath)
- if err != nil {
- return res, err
- }
-
- hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
- if err != nil {
- return res, err
- }
- if t.GetField(fieldFileComment).Data != nil {
- switch mode := fi.Mode(); {
- case mode.IsDir():
- if !authorize(cc.Account.Access, accessSetFolderComment) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for folders."))
- return res, err
- }
- case mode.IsRegular():
- if !authorize(cc.Account.Access, accessSetFileComment) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to set comments for files."))
- return res, err
- }
- }
-
- if err := hlFile.ffo.FlatFileInformationFork.setComment(t.GetField(fieldFileComment).Data); err != nil {
- return res, err
- }
- w, err := hlFile.infoForkWriter()
- if err != nil {
- return res, err
- }
- _, err = w.Write(hlFile.ffo.FlatFileInformationFork.MarshalBinary())
- if err != nil {
- return res, err
- }
- }
-
- fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, t.GetField(fieldFileNewName).Data)
- if err != nil {
- return nil, err
- }
-
- fileNewName := t.GetField(fieldFileNewName).Data
-
- if fileNewName != nil {
- switch mode := fi.Mode(); {
- case mode.IsDir():
- if !authorize(cc.Account.Access, accessRenameFolder) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to rename folders."))
- return res, err
- }
- err = os.Rename(fullFilePath, fullNewFilePath)
- if os.IsNotExist(err) {
- res = append(res, cc.NewErrReply(t, "Cannot rename folder "+string(fileName)+" because it does not exist or cannot be found."))
- return res, err
- }
- case mode.IsRegular():
- if !authorize(cc.Account.Access, accessRenameFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to rename files."))
- return res, err
- }
- fileDir, err := readPath(cc.Server.Config.FileRoot, filePath, []byte{})
- if err != nil {
- return nil, err
- }
- hlFile.name = string(fileNewName)
- err = hlFile.move(fileDir)
- if os.IsNotExist(err) {
- res = append(res, cc.NewErrReply(t, "Cannot rename file "+string(fileName)+" because it does not exist or cannot be found."))
- return res, err
- }
- if err != nil {
- panic(err)
- }
- }
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleDeleteFile deletes a file or folder
-// Fields used in the request:
-// * 201 File name
-// * 202 File path
-// Fields used in the reply: none
-func HandleDeleteFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, 0)
- if err != nil {
- return res, err
- }
-
- fi, err := hlFile.dataFile()
- if err != nil {
- res = append(res, cc.NewErrReply(t, "Cannot delete file "+string(fileName)+" because it does not exist or cannot be found."))
- return res, nil
- }
-
- switch mode := fi.Mode(); {
- case mode.IsDir():
- if !authorize(cc.Account.Access, accessDeleteFolder) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to delete folders."))
- return res, err
- }
- case mode.IsRegular():
- if !authorize(cc.Account.Access, accessDeleteFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to delete files."))
- return res, err
- }
- }
-
- if err := hlFile.delete(); err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleMoveFile moves files or folders. Note: seemingly not documented
-func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fileName := string(t.GetField(fieldFileName).Data)
-
- filePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
- if err != nil {
- return res, err
- }
-
- fileNewPath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFileNewPath).Data, nil)
- if err != nil {
- return res, err
- }
-
- cc.logger.Infow("Move file", "src", filePath+"/"+fileName, "dst", fileNewPath+"/"+fileName)
-
- hlFile, err := newFileWrapper(cc.Server.FS, filePath, 0)
- if err != nil {
- return res, err
- }
-
- fi, err := hlFile.dataFile()
- if err != nil {
- res = append(res, cc.NewErrReply(t, "Cannot delete file "+fileName+" because it does not exist or cannot be found."))
- return res, err
- }
- if err != nil {
- return res, err
- }
- switch mode := fi.Mode(); {
- case mode.IsDir():
- if !authorize(cc.Account.Access, accessMoveFolder) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to move folders."))
- return res, err
- }
- case mode.IsRegular():
- if !authorize(cc.Account.Access, accessMoveFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to move files."))
- return res, err
- }
- }
- if err := hlFile.move(fileNewPath); err != nil {
- return res, err
- }
- // TODO: handle other possible errors; e.g. fileWrapper delete fails due to fileWrapper permission issue
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessCreateFolder) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to create folders."))
- return res, err
- }
- folderName := string(t.GetField(fieldFileName).Data)
-
- folderName = path.Join("/", folderName)
-
- var subPath string
-
- // fieldFilePath is only present for nested paths
- if t.GetField(fieldFilePath).Data != nil {
- var newFp FilePath
- err := newFp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
- if err != nil {
- return nil, err
- }
-
- for _, pathItem := range newFp.Items {
- subPath = filepath.Join("/", subPath, string(pathItem.Name))
- }
- }
- newFolderPath := path.Join(cc.Server.Config.FileRoot, subPath, folderName)
-
- // TODO: check path and folder name lengths
-
- if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) {
- msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName)
- return []Transaction{cc.NewErrReply(t, msg)}, nil
- }
-
- // TODO: check for disallowed characters to maintain compatibility for original client
-
- if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil {
- msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName)
- return []Transaction{cc.NewErrReply(t, msg)}, nil
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessModifyUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
- return res, err
- }
-
- login := DecodeUserString(t.GetField(fieldUserLogin).Data)
- userName := string(t.GetField(fieldUserName).Data)
-
- newAccessLvl := t.GetField(fieldUserAccess).Data
-
- account := cc.Server.Accounts[login]
- account.Access = &newAccessLvl
- account.Name = userName
-
- // If the password field is cleared in the Hotline edit user UI, the SetUser transaction does
- // not include fieldUserPassword
- if t.GetField(fieldUserPassword).Data == nil {
- account.Password = hashAndSalt([]byte(""))
- }
- if len(t.GetField(fieldUserPassword).Data) > 1 {
- account.Password = hashAndSalt(t.GetField(fieldUserPassword).Data)
- }
-
- out, err := yaml.Marshal(&account)
- if err != nil {
- return res, err
- }
- if err := os.WriteFile(cc.Server.ConfigDir+"Users/"+login+".yaml", out, 0666); err != nil {
- return res, err
- }
-
- // Notify connected clients logged in as the user of the new access level
- for _, c := range cc.Server.Clients {
- if c.Account.Login == login {
- // Note: comment out these two lines to test server-side deny messages
- newT := NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, newAccessLvl))
- res = append(res, *newT)
-
- flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*c.Flags)))
- if authorize(c.Account.Access, accessDisconUser) {
- flagBitmap.SetBit(flagBitmap, userFlagAdmin, 1)
- } else {
- flagBitmap.SetBit(flagBitmap, userFlagAdmin, 0)
- }
- binary.BigEndian.PutUint16(*c.Flags, uint16(flagBitmap.Int64()))
-
- c.Account.Access = account.Access
-
- cc.sendAll(
- tranNotifyChangeUser,
- NewField(fieldUserID, *c.ID),
- NewField(fieldUserFlags, *c.Flags),
- NewField(fieldUserName, c.UserName),
- NewField(fieldUserIconID, *c.Icon),
- )
- }
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleGetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
- return res, err
- }
-
- account := cc.Server.Accounts[string(t.GetField(fieldUserLogin).Data)]
- if account == nil {
- res = append(res, cc.NewErrReply(t, "Account does not exist."))
- return res, err
- }
-
- res = append(res, cc.NewReply(t,
- NewField(fieldUserName, []byte(account.Name)),
- NewField(fieldUserLogin, negateString(t.GetField(fieldUserLogin).Data)),
- NewField(fieldUserPassword, []byte(account.Password)),
- NewField(fieldUserAccess, *account.Access),
- ))
- return res, err
-}
-
-func HandleListUsers(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to view accounts."))
- return res, err
- }
-
- var userFields []Field
- for _, acc := range cc.Server.Accounts {
- b := make([]byte, 0, 100)
- n, err := acc.Read(b)
- if err != nil {
- return res, err
- }
-
- userFields = append(userFields, NewField(fieldData, b[:n]))
- }
-
- res = append(res, cc.NewReply(t, userFields...))
- return res, err
-}
-
-// HandleUpdateUser is used by the v1.5+ multi-user editor to perform account editing for multiple users at a time.
-// An update can be a mix of these actions:
-// * Create user
-// * Delete user
-// * Modify user (including renaming the account login)
-//
-// The Transaction sent by the client includes one data field per user that was modified. This data field in turn
-// contains another data field encoded in its payload with a varying number of sub fields depending on which action is
-// performed. This seems to be the only place in the Hotline protocol where a data field contains another data field.
-func HandleUpdateUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- for _, field := range t.Fields {
- subFields, err := ReadFields(field.Data[0:2], field.Data[2:])
- if err != nil {
- return res, err
- }
-
- if len(subFields) == 1 {
- login := DecodeUserString(getField(fieldData, &subFields).Data)
- cc.logger.Infow("DeleteUser", "login", login)
-
- if !authorize(cc.Account.Access, accessDeleteUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
- return res, err
- }
-
- if err := cc.Server.DeleteUser(login); err != nil {
- return res, err
- }
- continue
- }
-
- login := DecodeUserString(getField(fieldUserLogin, &subFields).Data)
-
- // check if the login dataFile; if so, we know we are updating an existing user
- if acc, ok := cc.Server.Accounts[login]; ok {
- cc.logger.Infow("UpdateUser", "login", login)
-
- // account dataFile, so this is an update action
- if !authorize(cc.Account.Access, accessModifyUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts."))
- return res, err
- }
-
- if getField(fieldUserPassword, &subFields) != nil {
- newPass := getField(fieldUserPassword, &subFields).Data
- acc.Password = hashAndSalt(newPass)
- } else {
- acc.Password = hashAndSalt([]byte(""))
- }
-
- if getField(fieldUserAccess, &subFields) != nil {
- acc.Access = &getField(fieldUserAccess, &subFields).Data
- }
-
- err = cc.Server.UpdateUser(
- DecodeUserString(getField(fieldData, &subFields).Data),
- DecodeUserString(getField(fieldUserLogin, &subFields).Data),
- string(getField(fieldUserName, &subFields).Data),
- acc.Password,
- *acc.Access,
- )
- if err != nil {
- return res, err
- }
- } else {
- cc.logger.Infow("CreateUser", "login", login)
-
- if !authorize(cc.Account.Access, accessCreateUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
- return res, err
- }
-
- err := cc.Server.NewUser(
- login,
- string(getField(fieldUserName, &subFields).Data),
- string(getField(fieldUserPassword, &subFields).Data),
- getField(fieldUserAccess, &subFields).Data,
- )
- if err != nil {
- return []Transaction{}, err
- }
- }
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleNewUser creates a new user account
-func HandleNewUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessCreateUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to create new accounts."))
- return res, err
- }
-
- login := DecodeUserString(t.GetField(fieldUserLogin).Data)
-
- // If the account already dataFile, reply with an error
- if _, ok := cc.Server.Accounts[login]; ok {
- res = append(res, cc.NewErrReply(t, "Cannot create account "+login+" because there is already an account with that login."))
- return res, err
- }
-
- if err := cc.Server.NewUser(
- login,
- string(t.GetField(fieldUserName).Data),
- string(t.GetField(fieldUserPassword).Data),
- t.GetField(fieldUserAccess).Data,
- ); err != nil {
- return []Transaction{}, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDeleteUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to delete accounts."))
- return res, err
- }
-
- // TODO: Handle case where account doesn't exist; e.g. delete race condition
- login := DecodeUserString(t.GetField(fieldUserLogin).Data)
-
- if err := cc.Server.DeleteUser(login); err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleUserBroadcast sends an Administrator Message to all connected clients of the server
-func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessBroadcast) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages."))
- return res, err
- }
-
- cc.sendAll(
- tranServerMsg,
- NewField(fieldData, t.GetField(tranGetMsgs).Data),
- NewField(fieldChatOptions, []byte{0}),
- )
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func byteToInt(bytes []byte) (int, error) {
- switch len(bytes) {
- case 2:
- return int(binary.BigEndian.Uint16(bytes)), nil
- case 4:
- return int(binary.BigEndian.Uint32(bytes)), nil
- }
-
- return 0, errors.New("unknown byte length")
-}
-
-// HandleGetClientInfoText returns user information for the specific user.
-//
-// Fields used in the request:
-// 103 User ID
-//
-// Fields used in the reply:
-// 102 User name
-// 101 Data User info text string
-func HandleGetClientInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessGetClientInfo) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to get client info."))
- return res, err
- }
-
- clientID, _ := byteToInt(t.GetField(fieldUserID).Data)
-
- clientConn := cc.Server.Clients[uint16(clientID)]
- if clientConn == nil {
- return append(res, cc.NewErrReply(t, "User not found.")), err
- }
-
- res = append(res, cc.NewReply(t,
- NewField(fieldData, []byte(clientConn.String())),
- NewField(fieldUserName, clientConn.UserName),
- ))
- return res, err
-}
-
-func HandleGetUserNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- res = append(res, cc.NewReply(t, cc.Server.connectedUsers()...))
-
- return res, err
-}
-
-func HandleTranAgreed(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- cc.Agreed = true
- cc.UserName = t.GetField(fieldUserName).Data
- *cc.Icon = t.GetField(fieldUserIconID).Data
-
- cc.logger = cc.logger.With("name", string(cc.UserName))
- cc.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%x", *cc.Version))
-
- options := t.GetField(fieldOptions).Data
- optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
-
- flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
-
- // Check refuse private PM option
- if optBitmap.Bit(refusePM) == 1 {
- flagBitmap.SetBit(flagBitmap, userFlagRefusePM, 1)
- binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
- }
-
- // Check refuse private chat option
- if optBitmap.Bit(refuseChat) == 1 {
- flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, 1)
- binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
- }
-
- // Check auto response
- if optBitmap.Bit(autoResponse) == 1 {
- cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
- } else {
- cc.AutoReply = []byte{}
- }
-
- for _, t := range cc.notifyOthers(
- *NewTransaction(
- tranNotifyChangeUser, nil,
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- NewField(fieldUserIconID, *cc.Icon),
- NewField(fieldUserFlags, *cc.Flags),
- ),
- ) {
- cc.Server.outbox <- t
- }
-
- if cc.Server.Config.BannerFile != "" {
- cc.Server.outbox <- *NewTransaction(tranServerBanner, cc.ID, NewField(fieldBannerType, []byte("JPEG")))
- }
-
- res = append(res, cc.NewReply(t))
-
- return res, err
-}
-
-const defaultNewsDateFormat = "Jan02 15:04" // Jun23 20:49
-// "Mon, 02 Jan 2006 15:04:05 MST"
-
-const defaultNewsTemplate = `From %s (%s):
-
-%s
-
-__________________________________________________________`
-
-// HandleTranOldPostNews updates the flat news
-// Fields used in this request:
-// 101 Data
-func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsPostArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to post news."))
- return res, err
- }
-
- cc.Server.flatNewsMux.Lock()
- defer cc.Server.flatNewsMux.Unlock()
-
- newsDateTemplate := defaultNewsDateFormat
- if cc.Server.Config.NewsDateFormat != "" {
- newsDateTemplate = cc.Server.Config.NewsDateFormat
- }
-
- newsTemplate := defaultNewsTemplate
- if cc.Server.Config.NewsDelimiter != "" {
- newsTemplate = cc.Server.Config.NewsDelimiter
- }
-
- newsPost := fmt.Sprintf(newsTemplate+"\r", cc.UserName, time.Now().Format(newsDateTemplate), t.GetField(fieldData).Data)
- newsPost = strings.Replace(newsPost, "\n", "\r", -1)
-
- // update news in memory
- cc.Server.FlatNews = append([]byte(newsPost), cc.Server.FlatNews...)
-
- // update news on disk
- if err := ioutil.WriteFile(cc.Server.ConfigDir+"MessageBoard.txt", cc.Server.FlatNews, 0644); err != nil {
- return res, err
- }
-
- // Notify all clients of updated news
- cc.sendAll(
- tranNewMsg,
- NewField(fieldData, []byte(newsPost)),
- )
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDisconUser) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users."))
- return res, err
- }
-
- clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)]
-
- if authorize(clientConn.Account.Access, accessCannotBeDiscon) {
- res = append(res, cc.NewErrReply(t, clientConn.Account.Login+" is not allowed to be disconnected."))
- return res, err
- }
-
- if err := clientConn.Connection.Close(); err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleGetNewsCatNameList returns a list of news categories for a path
-// Fields used in the request:
-// 325 News path (Optional)
-func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
- return res, err
- }
-
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
- cats := cc.Server.GetNewsCatByPath(pathStrs)
-
- // To store the keys in slice in sorted order
- keys := make([]string, len(cats))
- i := 0
- for k := range cats {
- keys[i] = k
- i++
- }
- sort.Strings(keys)
-
- var fieldData []Field
- for _, k := range keys {
- cat := cats[k]
- b, _ := cat.MarshalBinary()
- fieldData = append(fieldData, NewField(
- fieldNewsCatListData15,
- b,
- ))
- }
-
- res = append(res, cc.NewReply(t, fieldData...))
- return res, err
-}
-
-func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsCreateCat) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories."))
- return res, err
- }
-
- name := string(t.GetField(fieldNewsCatName).Data)
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
-
- cats := cc.Server.GetNewsCatByPath(pathStrs)
- cats[name] = NewsCategoryListData15{
- Name: name,
- Type: []byte{0, 3},
- Articles: map[uint32]*NewsArtData{},
- SubCats: make(map[string]NewsCategoryListData15),
- }
-
- if err := cc.Server.writeThreadedNews(); err != nil {
- return res, err
- }
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// Fields used in the request:
-// 322 News category name
-// 325 News path
-func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsCreateFldr) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders."))
- return res, err
- }
-
- name := string(t.GetField(fieldFileName).Data)
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
-
- cc.logger.Infof("Creating new news folder %s", name)
-
- cats := cc.Server.GetNewsCatByPath(pathStrs)
- cats[name] = NewsCategoryListData15{
- Name: name,
- Type: []byte{0, 2},
- Articles: map[uint32]*NewsArtData{},
- SubCats: make(map[string]NewsCategoryListData15),
- }
- if err := cc.Server.writeThreadedNews(); err != nil {
- return res, err
- }
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// Fields used in the request:
-// 325 News path Optional
-//
-// Reply fields:
-// 321 News article list data Optional
-func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
- return res, err
- }
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
-
- var cat NewsCategoryListData15
- cats := cc.Server.ThreadedNews.Categories
-
- for _, fp := range pathStrs {
- cat = cats[fp]
- cats = cats[fp].SubCats
- }
-
- nald := cat.GetNewsArtListData()
-
- res = append(res, cc.NewReply(t, NewField(fieldNewsArtListData, nald.Payload())))
- return res, err
-}
-
-func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
- return res, err
- }
-
- // Request fields
- // 325 News fp
- // 326 News article ID
- // 327 News article data flavor
-
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
-
- var cat NewsCategoryListData15
- cats := cc.Server.ThreadedNews.Categories
-
- for _, fp := range pathStrs {
- cat = cats[fp]
- cats = cats[fp].SubCats
- }
- newsArtID := t.GetField(fieldNewsArtID).Data
-
- convertedArtID := binary.BigEndian.Uint16(newsArtID)
-
- art := cat.Articles[uint32(convertedArtID)]
- if art == nil {
- res = append(res, cc.NewReply(t))
- return res, err
- }
-
- // Reply fields
- // 328 News article title
- // 329 News article poster
- // 330 News article date
- // 331 Previous article ID
- // 332 Next article ID
- // 335 Parent article ID
- // 336 First child article ID
- // 327 News article data flavor "Should be “text/plain”
- // 333 News article data Optional (if data flavor is “text/plain”)
-
- res = append(res, cc.NewReply(t,
- NewField(fieldNewsArtTitle, []byte(art.Title)),
- NewField(fieldNewsArtPoster, []byte(art.Poster)),
- NewField(fieldNewsArtDate, art.Date),
- NewField(fieldNewsArtPrevArt, art.PrevArt),
- NewField(fieldNewsArtNextArt, art.NextArt),
- NewField(fieldNewsArtParentArt, art.ParentArt),
- NewField(fieldNewsArt1stChildArt, art.FirstChildArt),
- NewField(fieldNewsArtDataFlav, []byte("text/plain")),
- NewField(fieldNewsArtData, []byte(art.Data)),
- ))
- return res, err
-}
-
-func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- // Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
- // TODO: Implement
-
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
-
- // TODO: determine if path is a Folder (Bundle) or Category and check for permission
-
- cc.logger.Infof("DelNewsItem %v", pathStrs)
-
- cats := cc.Server.ThreadedNews.Categories
-
- delName := pathStrs[len(pathStrs)-1]
- if len(pathStrs) > 1 {
- for _, fp := range pathStrs[0 : len(pathStrs)-1] {
- cats = cats[fp].SubCats
- }
- }
-
- delete(cats, delName)
-
- err = cc.Server.writeThreadedNews()
- if err != nil {
- return res, err
- }
-
- // Reply params: none
- res = append(res, cc.NewReply(t))
-
- return res, err
-}
-
-func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsDeleteArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles."))
- return res, err
- }
-
- // Request Fields
- // 325 News path
- // 326 News article ID
- // 337 News article – recursive delete Delete child articles (1) or not (0)
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
- ID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
-
- // TODO: Delete recursive
- cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
-
- catName := pathStrs[len(pathStrs)-1]
- cat := cats[catName]
-
- delete(cat.Articles, uint32(ID))
-
- cats[catName] = cat
- if err := cc.Server.writeThreadedNews(); err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// Request fields
-// 325 News path
-// 326 News article ID ID of the parent article?
-// 328 News article title
-// 334 News article flags
-// 327 News article data flavor Currently “text/plain”
-// 333 News article data
-func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsPostArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles."))
- return res, err
- }
-
- pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data)
- cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1])
-
- catName := pathStrs[len(pathStrs)-1]
- cat := cats[catName]
-
- newArt := NewsArtData{
- Title: string(t.GetField(fieldNewsArtTitle).Data),
- Poster: string(cc.UserName),
- Date: toHotlineTime(time.Now()),
- PrevArt: []byte{0, 0, 0, 0},
- NextArt: []byte{0, 0, 0, 0},
- ParentArt: append([]byte{0, 0}, t.GetField(fieldNewsArtID).Data...),
- FirstChildArt: []byte{0, 0, 0, 0},
- DataFlav: []byte("text/plain"),
- Data: string(t.GetField(fieldNewsArtData).Data),
- }
-
- var keys []int
- for k := range cat.Articles {
- keys = append(keys, int(k))
- }
-
- nextID := uint32(1)
- if len(keys) > 0 {
- sort.Ints(keys)
- prevID := uint32(keys[len(keys)-1])
- nextID = prevID + 1
-
- binary.BigEndian.PutUint32(newArt.PrevArt, prevID)
-
- // Set next article ID
- binary.BigEndian.PutUint32(cat.Articles[prevID].NextArt, nextID)
- }
-
- // Update parent article with first child reply
- parentID := binary.BigEndian.Uint16(t.GetField(fieldNewsArtID).Data)
- if parentID != 0 {
- parentArt := cat.Articles[uint32(parentID)]
-
- if bytes.Equal(parentArt.FirstChildArt, []byte{0, 0, 0, 0}) {
- binary.BigEndian.PutUint32(parentArt.FirstChildArt, nextID)
- }
- }
-
- cat.Articles[nextID] = &newArt
-
- cats[catName] = cat
- if err := cc.Server.writeThreadedNews(); err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-// HandleGetMsgs returns the flat news data
-func HandleGetMsgs(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessNewsReadArt) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to read news."))
- return res, err
- }
-
- res = append(res, cc.NewReply(t, NewField(fieldData, cc.Server.FlatNews)))
-
- return res, err
-}
-
-func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDownloadFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to download files."))
- return res, err
- }
-
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
- resumeData := t.GetField(fieldFileResumeData).Data
-
- var dataOffset int64
- var frd FileResumeData
- if resumeData != nil {
- if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
- return res, err
- }
- // TODO: handle rsrc fork offset
- dataOffset = int64(binary.BigEndian.Uint32(frd.ForkInfoList[0].DataSize[:]))
- }
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- hlFile, err := newFileWrapper(cc.Server.FS, fullFilePath, dataOffset)
- if err != nil {
- return res, err
- }
-
- xferSize := hlFile.ffo.TransferSize(0)
-
- ft := cc.newFileTransfer(FileDownload, fileName, filePath, xferSize)
-
- // TODO: refactor to remove this
- if resumeData != nil {
- var frd FileResumeData
- if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil {
- return res, err
- }
- ft.fileResumeData = &frd
- }
-
- // Optional field for when a HL v1.5+ client requests file preview
- // Used only for TEXT, JPEG, GIFF, BMP or PICT files
- // The value will always be 2
- if t.GetField(fieldFileTransferOptions).Data != nil {
- ft.options = t.GetField(fieldFileTransferOptions).Data
- xferSize = hlFile.ffo.FlatFileDataForkHeader.DataSize[:]
- }
-
- res = append(res, cc.NewReply(t,
- NewField(fieldRefNum, ft.refNum[:]),
- NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
- NewField(fieldTransferSize, xferSize),
- NewField(fieldFileSize, hlFile.ffo.FlatFileDataForkHeader.DataSize[:]),
- ))
-
- return res, err
-}
-
-// Download all files from the specified folder and sub-folders
-func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessDownloadFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to download folders."))
- return res, err
- }
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, t.GetField(fieldFilePath).Data, t.GetField(fieldFileName).Data)
- if err != nil {
- return res, err
- }
-
- transferSize, err := CalcTotalSize(fullFilePath)
- if err != nil {
- return res, err
- }
- itemCount, err := CalcItemCount(fullFilePath)
- if err != nil {
- return res, err
- }
-
- fileTransfer := cc.newFileTransfer(FolderDownload, t.GetField(fieldFileName).Data, t.GetField(fieldFilePath).Data, transferSize)
-
- var fp FilePath
- err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data)
- if err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t,
- NewField(fieldRefNum, fileTransfer.ReferenceNumber),
- NewField(fieldTransferSize, transferSize),
- NewField(fieldFolderItemCount, itemCount),
- NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
- ))
- return res, err
-}
-
-// Upload all files from the local folder and its subfolders to the specified path on the server
-// Fields used in the request
-// 201 File name
-// 202 File path
-// 108 transfer size Total size of all items in the folder
-// 220 Folder item count
-// 204 File transfer options "Optional Currently set to 1" (TODO: ??)
-func HandleUploadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- var fp FilePath
- if t.GetField(fieldFilePath).Data != nil {
- if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
- return res, err
- }
- }
-
- // Handle special cases for Upload and Drop Box folders
- if !authorize(cc.Account.Access, accessUploadAnywhere) {
- if !fp.IsUploadDir() && !fp.IsDropbox() {
- res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
- return res, err
- }
- }
-
- fileTransfer := cc.newFileTransfer(FolderUpload,
- t.GetField(fieldFileName).Data,
- t.GetField(fieldFilePath).Data,
- t.GetField(fieldTransferSize).Data,
- )
-
- fileTransfer.FolderItemCount = t.GetField(fieldFolderItemCount).Data
-
- res = append(res, cc.NewReply(t, NewField(fieldRefNum, fileTransfer.ReferenceNumber)))
- return res, err
-}
-
-// HandleUploadFile
-// Fields used in the request:
-// 201 File name
-// 202 File path
-// 204 File transfer options "Optional
-// Used only to resume download, currently has value 2"
-// 108 File transfer size "Optional used if download is not resumed"
-func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessUploadFile) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
- return res, err
- }
-
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
- transferOptions := t.GetField(fieldFileTransferOptions).Data
- transferSize := t.GetField(fieldTransferSize).Data // not sent for resume
-
- var fp FilePath
- if filePath != nil {
- if err = fp.UnmarshalBinary(filePath); err != nil {
- return res, err
- }
- }
-
- // Handle special cases for Upload and Drop Box folders
- if !authorize(cc.Account.Access, accessUploadAnywhere) {
- if !fp.IsUploadDir() && !fp.IsDropbox() {
- res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
- return res, err
- }
- }
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- if _, err := cc.Server.FS.Stat(fullFilePath); err == nil {
- res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload because there is already a file named \"%v\". Try choosing a different name.", string(fileName))))
- return res, err
- }
-
- ft := cc.newFileTransfer(FileUpload, fileName, filePath, transferSize)
-
- replyT := cc.NewReply(t, NewField(fieldRefNum, ft.ReferenceNumber))
-
- // client has requested to resume a partially transferred file
- if transferOptions != nil {
-
- fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix)
- if err != nil {
- return res, err
- }
-
- offset := make([]byte, 4)
- binary.BigEndian.PutUint32(offset, uint32(fileInfo.Size()))
-
- fileResumeData := NewFileResumeData([]ForkInfoList{
- *NewForkInfoList(offset),
- })
-
- b, _ := fileResumeData.BinaryMarshal()
-
- ft.TransferSize = offset
-
- replyT.Fields = append(replyT.Fields, NewField(fieldFileResumeData, b))
- }
-
- res = append(res, replyT)
- return res, err
-}
-
-func HandleSetClientUserInfo(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- var icon []byte
- if len(t.GetField(fieldUserIconID).Data) == 4 {
- icon = t.GetField(fieldUserIconID).Data[2:]
- } else {
- icon = t.GetField(fieldUserIconID).Data
- }
- *cc.Icon = icon
- cc.UserName = t.GetField(fieldUserName).Data
-
- // the options field is only passed by the client versions > 1.2.3.
- options := t.GetField(fieldOptions).Data
-
- if options != nil {
- optBitmap := big.NewInt(int64(binary.BigEndian.Uint16(options)))
- flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*cc.Flags)))
-
- flagBitmap.SetBit(flagBitmap, userFlagRefusePM, optBitmap.Bit(refusePM))
- binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
-
- flagBitmap.SetBit(flagBitmap, userFLagRefusePChat, optBitmap.Bit(refuseChat))
- binary.BigEndian.PutUint16(*cc.Flags, uint16(flagBitmap.Int64()))
-
- // Check auto response
- if optBitmap.Bit(autoResponse) == 1 {
- cc.AutoReply = t.GetField(fieldAutomaticResponse).Data
- } else {
- cc.AutoReply = []byte{}
- }
- }
-
- // Notify all clients of updated user info
- cc.sendAll(
- tranNotifyChangeUser,
- NewField(fieldUserID, *cc.ID),
- NewField(fieldUserIconID, *cc.Icon),
- NewField(fieldUserFlags, *cc.Flags),
- NewField(fieldUserName, cc.UserName),
- )
-
- return res, err
-}
-
-// HandleKeepAlive responds to keepalive transactions with an empty reply
-// * HL 1.9.2 Client sends keepalive msg every 3 minutes
-// * HL 1.2.3 Client doesn't send keepalives
-func HandleKeepAlive(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- res = append(res, cc.NewReply(t))
-
- return res, err
-}
-
-func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fullPath, err := readPath(
- cc.Server.Config.FileRoot,
- t.GetField(fieldFilePath).Data,
- nil,
- )
- if err != nil {
- return res, err
- }
-
- var fp FilePath
- if t.GetField(fieldFilePath).Data != nil {
- if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
- return res, err
- }
- }
-
- // Handle special case for drop box folders
- if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to view drop boxes."))
- return res, err
- }
-
- fileNames, err := getFileNameList(fullPath)
- if err != nil {
- return res, err
- }
-
- res = append(res, cc.NewReply(t, fileNames...))
-
- return res, err
-}
-
-// =================================
-// Hotline private chat flow
-// =================================
-// 1. ClientA sends tranInviteNewChat to server with user ID to invite
-// 2. Server creates new ChatID
-// 3. Server sends tranInviteToChat to invitee
-// 4. Server replies to ClientA with new Chat ID
-//
-// A dialog box pops up in the invitee client with options to accept or decline the invitation.
-// If Accepted is clicked:
-// 1. ClientB sends tranJoinChat with fieldChatID
-
-// HandleInviteNewChat invites users to new private chat
-func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenChat) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
- return res, err
- }
-
- // Client to Invite
- targetID := t.GetField(fieldUserID).Data
- newChatID := cc.Server.NewPrivateChat(cc)
-
- res = append(res,
- *NewTransaction(
- tranInviteToChat,
- &targetID,
- NewField(fieldChatID, newChatID),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- ),
- )
-
- res = append(res,
- cc.NewReply(t,
- NewField(fieldChatID, newChatID),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- NewField(fieldUserIconID, *cc.Icon),
- NewField(fieldUserFlags, *cc.Flags),
- ),
- )
-
- return res, err
-}
-
-func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessOpenChat) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat."))
- return res, err
- }
-
- // Client to Invite
- targetID := t.GetField(fieldUserID).Data
- chatID := t.GetField(fieldChatID).Data
-
- res = append(res,
- *NewTransaction(
- tranInviteToChat,
- &targetID,
- NewField(fieldChatID, chatID),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- ),
- )
- res = append(res,
- cc.NewReply(
- t,
- NewField(fieldChatID, chatID),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- NewField(fieldUserIconID, *cc.Icon),
- NewField(fieldUserFlags, *cc.Flags),
- ),
- )
-
- return res, err
-}
-
-func HandleRejectChatInvite(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- chatID := t.GetField(fieldChatID).Data
- chatInt := binary.BigEndian.Uint32(chatID)
-
- privChat := cc.Server.PrivateChats[chatInt]
-
- resMsg := append(cc.UserName, []byte(" declined invitation to chat")...)
-
- for _, c := range sortedClients(privChat.ClientConn) {
- res = append(res,
- *NewTransaction(
- tranChatMsg,
- c.ID,
- NewField(fieldChatID, chatID),
- NewField(fieldData, resMsg),
- ),
- )
- }
-
- return res, err
-}
-
-// HandleJoinChat is sent from a v1.8+ Hotline client when the joins a private chat
-// Fields used in the reply:
-// * 115 Chat subject
-// * 300 User name with info (Optional)
-// * 300 (more user names with info)
-func HandleJoinChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- chatID := t.GetField(fieldChatID).Data
- chatInt := binary.BigEndian.Uint32(chatID)
-
- privChat := cc.Server.PrivateChats[chatInt]
-
- // Send tranNotifyChatChangeUser to current members of the chat to inform of new user
- for _, c := range sortedClients(privChat.ClientConn) {
- res = append(res,
- *NewTransaction(
- tranNotifyChatChangeUser,
- c.ID,
- NewField(fieldChatID, chatID),
- NewField(fieldUserName, cc.UserName),
- NewField(fieldUserID, *cc.ID),
- NewField(fieldUserIconID, *cc.Icon),
- NewField(fieldUserFlags, *cc.Flags),
- ),
- )
- }
-
- privChat.ClientConn[cc.uint16ID()] = cc
-
- replyFields := []Field{NewField(fieldChatSubject, []byte(privChat.Subject))}
- for _, c := range sortedClients(privChat.ClientConn) {
- user := User{
- ID: *c.ID,
- Icon: *c.Icon,
- Flags: *c.Flags,
- Name: string(c.UserName),
- }
-
- replyFields = append(replyFields, NewField(fieldUsernameWithInfo, user.Payload()))
- }
-
- res = append(res, cc.NewReply(t, replyFields...))
- return res, err
-}
-
-// HandleLeaveChat is sent from a v1.8+ Hotline client when the user exits a private chat
-// Fields used in the request:
-// * 114 fieldChatID
-// Reply is not expected.
-func HandleLeaveChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- chatID := t.GetField(fieldChatID).Data
- chatInt := binary.BigEndian.Uint32(chatID)
-
- privChat, ok := cc.Server.PrivateChats[chatInt]
- if !ok {
- return res, nil
- }
-
- delete(privChat.ClientConn, cc.uint16ID())
-
- // Notify members of the private chat that the user has left
- for _, c := range sortedClients(privChat.ClientConn) {
- res = append(res,
- *NewTransaction(
- tranNotifyChatDeleteUser,
- c.ID,
- NewField(fieldChatID, chatID),
- NewField(fieldUserID, *cc.ID),
- ),
- )
- }
-
- return res, err
-}
-
-// HandleSetChatSubject is sent from a v1.8+ Hotline client when the user sets a private chat subject
-// Fields used in the request:
-// * 114 Chat ID
-// * 115 Chat subject Chat subject string
-// Reply is not expected.
-func HandleSetChatSubject(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- chatID := t.GetField(fieldChatID).Data
- chatInt := binary.BigEndian.Uint32(chatID)
-
- privChat := cc.Server.PrivateChats[chatInt]
- privChat.Subject = string(t.GetField(fieldChatSubject).Data)
-
- for _, c := range sortedClients(privChat.ClientConn) {
- res = append(res,
- *NewTransaction(
- tranNotifyChatSubject,
- c.ID,
- NewField(fieldChatID, chatID),
- NewField(fieldChatSubject, t.GetField(fieldChatSubject).Data),
- ),
- )
- }
-
- return res, err
-}
-
-// HandleMakeAlias makes a filer alias using the specified path.
-// Fields used in the request:
-// 201 File name
-// 202 File path
-// 212 File new path Destination path
-//
-// Fields used in the reply:
-// None
-func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- if !authorize(cc.Account.Access, accessMakeAlias) {
- res = append(res, cc.NewErrReply(t, "You are not allowed to make aliases."))
- return res, err
- }
- fileName := t.GetField(fieldFileName).Data
- filePath := t.GetField(fieldFilePath).Data
- fileNewPath := t.GetField(fieldFileNewPath).Data
-
- fullFilePath, err := readPath(cc.Server.Config.FileRoot, filePath, fileName)
- if err != nil {
- return res, err
- }
-
- fullNewFilePath, err := readPath(cc.Server.Config.FileRoot, fileNewPath, fileName)
- if err != nil {
- return res, err
- }
-
- cc.logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath)
-
- if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil {
- res = append(res, cc.NewErrReply(t, "Error creating alias"))
- return res, nil
- }
-
- res = append(res, cc.NewReply(t))
- return res, err
-}
-
-func HandleDownloadBanner(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- fi, err := cc.Server.FS.Stat(filepath.Join(cc.Server.ConfigDir, cc.Server.Config.BannerFile))
- if err != nil {
- return res, err
- }
-
- ft := cc.newFileTransfer(bannerDownload, []byte{}, []byte{}, make([]byte, 4))
-
- binary.BigEndian.PutUint32(ft.TransferSize, uint32(fi.Size()))
-
- res = append(res, cc.NewReply(t,
- NewField(fieldRefNum, ft.refNum[:]),
- NewField(fieldTransferSize, ft.TransferSize),
- ))
-
- return res, err
-}
+// The total size of a chat message data field is 8192 bytes.
+const LimitChatMsg = 8192
git.r.bdr.sh / rbdr / mobius / blobdiff