X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/blobdiff_plain/d2810ae9038b057e8f18e8b495a57d8f96ae5be6..424ef66f0fe1ea21b4bae765dc40c97c98ed363e:/hotline/transaction_handlers.go diff --git a/hotline/transaction_handlers.go b/hotline/transaction_handlers.go index 90ca6de..1b69114 100644 --- a/hotline/transaction_handlers.go +++ b/hotline/transaction_handlers.go @@ -16,8 +16,6 @@ import ( ) type TransactionType struct { - Access int // Specifies access privilege required to perform the transaction - DenyMsg string // The error reply message when user does not have access Handler func(*ClientConn, *Transaction) ([]Transaction, error) // function for handling the transaction type Name string // Name of transaction as it will appear in logging RequiredFields []requiredField @@ -45,14 +43,12 @@ var TransactionHandlers = map[uint16]TransactionType{ Name: "tranNotifyDeleteUser", }, tranAgreed: { - Access: accessAlwaysAllow, Name: "tranAgreed", Handler: HandleTranAgreed, }, tranChatSend: { - Access: accessAlwaysAllow, - Handler: HandleChatSend, Name: "tranChatSend", + Handler: HandleChatSend, RequiredFields: []requiredField{ { ID: fieldData, @@ -61,181 +57,130 @@ var TransactionHandlers = map[uint16]TransactionType{ }, }, tranDelNewsArt: { - Access: accessNewsDeleteArt, - DenyMsg: "You are not allowed to delete news articles.", Name: "tranDelNewsArt", Handler: HandleDelNewsArt, }, tranDelNewsItem: { - Access: accessAlwaysAllow, // Granular access enforced inside the handler - // Has multiple access flags: News Delete Folder (37) or News Delete Category (35) - // TODO: Implement inside the handler Name: "tranDelNewsItem", Handler: HandleDelNewsItem, }, tranDeleteFile: { - Access: accessAlwaysAllow, // Granular access enforced inside the handler Name: "tranDeleteFile", Handler: HandleDeleteFile, }, tranDeleteUser: { - Access: accessAlwaysAllow, Name: "tranDeleteUser", Handler: HandleDeleteUser, }, tranDisconnectUser: { - Access: accessDisconUser, - DenyMsg: "You are not allowed to disconnect users.", Name: "tranDisconnectUser", Handler: HandleDisconnectUser, }, tranDownloadFile: { - Access: accessAlwaysAllow, Name: "tranDownloadFile", Handler: HandleDownloadFile, }, tranDownloadFldr: { - Access: accessDownloadFile, // There is no specific access flag for folder vs file download - DenyMsg: "You are not allowed to download files.", Name: "tranDownloadFldr", Handler: HandleDownloadFolder, }, tranGetClientInfoText: { - Access: accessGetClientInfo, - DenyMsg: "You are not allowed to get client info", Name: "tranGetClientInfoText", Handler: HandleGetClientConnInfoText, }, tranGetFileInfo: { - Access: accessAlwaysAllow, Name: "tranGetFileInfo", Handler: HandleGetFileInfo, }, tranGetFileNameList: { - Access: accessAlwaysAllow, Name: "tranGetFileNameList", Handler: HandleGetFileNameList, }, tranGetMsgs: { - Access: accessAlwaysAllow, Name: "tranGetMsgs", Handler: HandleGetMsgs, }, tranGetNewsArtData: { - Access: accessNewsReadArt, - DenyMsg: "You are not allowed to read news.", Name: "tranGetNewsArtData", Handler: HandleGetNewsArtData, }, tranGetNewsArtNameList: { - Access: accessNewsReadArt, - DenyMsg: "You are not allowed to read news.", Name: "tranGetNewsArtNameList", Handler: HandleGetNewsArtNameList, }, tranGetNewsCatNameList: { - Access: accessNewsReadArt, - DenyMsg: "You are not allowed to read news.", Name: "tranGetNewsCatNameList", Handler: HandleGetNewsCatNameList, }, tranGetUser: { - Access: accessAlwaysAllow, Name: "tranGetUser", Handler: HandleGetUser, }, tranGetUserNameList: { - Access: accessAlwaysAllow, Name: "tranHandleGetUserNameList", Handler: HandleGetUserNameList, }, tranInviteNewChat: { - Access: accessOpenChat, - DenyMsg: "You are not allowed to request private chat.", Name: "tranInviteNewChat", Handler: HandleInviteNewChat, }, tranInviteToChat: { - Access: accessOpenChat, - DenyMsg: "You are not allowed to request private chat.", Name: "tranInviteToChat", Handler: HandleInviteToChat, }, tranJoinChat: { - Access: accessAlwaysAllow, Name: "tranJoinChat", Handler: HandleJoinChat, }, tranKeepAlive: { - Access: accessAlwaysAllow, Name: "tranKeepAlive", Handler: HandleKeepAlive, }, tranLeaveChat: { - Access: accessAlwaysAllow, Name: "tranJoinChat", Handler: HandleLeaveChat, }, tranListUsers: { - Access: accessAlwaysAllow, Name: "tranListUsers", Handler: HandleListUsers, }, tranMoveFile: { - Access: accessMoveFile, - DenyMsg: "You are not allowed to move files.", Name: "tranMoveFile", Handler: HandleMoveFile, }, tranNewFolder: { - Access: accessCreateFolder, - DenyMsg: "You are not allow to create folders.", Name: "tranNewFolder", Handler: HandleNewFolder, }, tranNewNewsCat: { - Access: accessNewsCreateCat, - DenyMsg: "You are not allowed to create news categories.", Name: "tranNewNewsCat", Handler: HandleNewNewsCat, }, tranNewNewsFldr: { - Access: accessNewsCreateFldr, - DenyMsg: "You are not allowed to create news folders.", Name: "tranNewNewsFldr", Handler: HandleNewNewsFldr, }, tranNewUser: { - Access: accessAlwaysAllow, Name: "tranNewUser", Handler: HandleNewUser, }, tranUpdateUser: { - Access: accessAlwaysAllow, Name: "tranUpdateUser", Handler: HandleUpdateUser, }, tranOldPostNews: { - Access: accessNewsPostArt, - DenyMsg: "You are not allowed to post news.", Name: "tranOldPostNews", Handler: HandleTranOldPostNews, }, tranPostNewsArt: { - Access: accessNewsPostArt, - DenyMsg: "You are not allowed to post news articles.", Name: "tranPostNewsArt", Handler: HandlePostNewsArt, }, tranRejectChatInvite: { - Access: accessAlwaysAllow, Name: "tranRejectChatInvite", Handler: HandleRejectChatInvite, }, tranSendInstantMsg: { - Access: accessAlwaysAllow, - // Access: accessSendPrivMsg, - // DenyMsg: "You are not allowed to send private messages", Name: "tranSendInstantMsg", Handler: HandleSendInstantMsg, RequiredFields: []requiredField{ @@ -249,12 +194,10 @@ var TransactionHandlers = map[uint16]TransactionType{ }, }, tranSetChatSubject: { - Access: accessAlwaysAllow, Name: "tranSetChatSubject", Handler: HandleSetChatSubject, }, tranMakeFileAlias: { - Access: accessAlwaysAllow, Name: "tranMakeFileAlias", Handler: HandleMakeAlias, RequiredFields: []requiredField{ @@ -264,34 +207,26 @@ var TransactionHandlers = map[uint16]TransactionType{ }, }, tranSetClientUserInfo: { - Access: accessAlwaysAllow, Name: "tranSetClientUserInfo", Handler: HandleSetClientUserInfo, }, tranSetFileInfo: { - Access: accessAlwaysAllow, Name: "tranSetFileInfo", Handler: HandleSetFileInfo, }, tranSetUser: { - Access: accessModifyUser, - DenyMsg: "You are not allowed to modify accounts.", Name: "tranSetUser", Handler: HandleSetUser, }, tranUploadFile: { - Access: accessAlwaysAllow, Name: "tranUploadFile", Handler: HandleUploadFile, }, tranUploadFldr: { - Access: accessAlwaysAllow, Name: "tranUploadFldr", Handler: HandleUploadFolder, }, tranUserBroadcast: { - Access: accessBroadcast, - DenyMsg: "You are not allowed to send broadcast messages.", Name: "tranUserBroadcast", Handler: HandleUserBroadcast, }, @@ -366,7 +301,7 @@ func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, er msg := t.GetField(fieldData) ID := t.GetField(fieldUserID) - reply := *NewTransaction( + reply := NewTransaction( tranServerMsg, &ID.Data, NewField(fieldData, msg.Data), @@ -381,12 +316,12 @@ func HandleSendInstantMsg(cc *ClientConn, t *Transaction) (res []Transaction, er reply.Fields = append(reply.Fields, NewField(fieldQuotingMsg, t.GetField(fieldQuotingMsg).Data)) } - res = append(res, reply) + res = append(res, *reply) id, _ := byteToInt(ID.Data) - otherClient := cc.Server.Clients[uint16(id)] - if otherClient == nil { - return res, errors.New("ohno") + otherClient, ok := cc.Server.Clients[uint16(id)] + if !ok { + return res, errors.New("invalid client ID") } // Respond with auto reply if other client has it enabled @@ -419,7 +354,7 @@ func HandleGetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err e res = append(res, cc.NewReply(t, NewField(fieldFileName, fileName), - NewField(fieldFileTypeString, ffo.FlatFileInformationFork.TypeSignature), + NewField(fieldFileTypeString, ffo.FlatFileInformationFork.friendlyType()), NewField(fieldFileCreatorString, ffo.FlatFileInformationFork.CreatorSignature), NewField(fieldFileComment, ffo.FlatFileInformationFork.Comment), NewField(fieldFileType, ffo.FlatFileInformationFork.TypeSignature), @@ -456,7 +391,7 @@ func HandleSetFileInfo(cc *ClientConn, t *Transaction) (res []Transaction, err e fileNewName := t.GetField(fieldFileNewName).Data if fileNewName != nil { - fi, err := FS.Stat(fullFilePath) + fi, err := cc.Server.FS.Stat(fullFilePath) if err != nil { return res, err } @@ -567,6 +502,10 @@ func HandleMoveFile(cc *ClientConn, t *Transaction) (res []Transaction, err erro } func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessCreateFolder) { + res = append(res, cc.NewErrReply(t, "You are not allowed to create folders.")) + return res, err + } newFolderPath := cc.Server.Config.FileRoot folderName := string(t.GetField(fieldFileName).Data) @@ -585,14 +524,14 @@ func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err err // TODO: check path and folder name lengths - if _, err := FS.Stat(newFolderPath); !os.IsNotExist(err) { + if _, err := cc.Server.FS.Stat(newFolderPath); !os.IsNotExist(err) { msg := fmt.Sprintf("Cannot create folder \"%s\" because there is already a file or folder with that name.", folderName) return []Transaction{cc.NewErrReply(t, msg)}, nil } // TODO: check for disallowed characters to maintain compatibility for original client - if err := FS.Mkdir(newFolderPath, 0777); err != nil { + if err := cc.Server.FS.Mkdir(newFolderPath, 0777); err != nil { msg := fmt.Sprintf("Cannot create folder \"%s\" because an error occurred.", folderName) return []Transaction{cc.NewErrReply(t, msg)}, nil } @@ -602,6 +541,11 @@ func HandleNewFolder(cc *ClientConn, t *Transaction) (res []Transaction, err err } func HandleSetUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessModifyUser) { + res = append(res, cc.NewErrReply(t, "You are not allowed to modify accounts.")) + return res, err + } + login := DecodeUserString(t.GetField(fieldUserLogin).Data) userName := string(t.GetField(fieldUserName).Data) @@ -831,6 +775,11 @@ func HandleDeleteUser(cc *ClientConn, t *Transaction) (res []Transaction, err er // HandleUserBroadcast sends an Administrator Message to all connected clients of the server func HandleUserBroadcast(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessBroadcast) { + res = append(res, cc.NewErrReply(t, "You are not allowed to send broadcast messages.")) + return res, err + } + cc.sendAll( tranServerMsg, NewField(fieldData, t.GetField(tranGetMsgs).Data), @@ -853,6 +802,11 @@ func byteToInt(bytes []byte) (int, error) { } func HandleGetClientConnInfoText(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessGetClientInfo) { + res = append(res, cc.NewErrReply(t, "You are not allowed to get client info")) + return res, err + } + clientID, _ := byteToInt(t.GetField(fieldUserID).Data) clientConn := cc.Server.Clients[uint16(clientID)] @@ -899,7 +853,7 @@ None. clientConn.UserName, clientConn.Account.Name, clientConn.Account.Login, - clientConn.Connection.RemoteAddr().String(), + clientConn.RemoteAddr, activeDownloadList, ) template = strings.Replace(template, "\n", "\r", -1) @@ -974,6 +928,11 @@ __________________________________________________________` // Fields used in this request: // 101 Data func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessNewsPostArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to post news.")) + return res, err + } + cc.Server.flatNewsMux.Lock() defer cc.Server.flatNewsMux.Unlock() @@ -1009,6 +968,11 @@ func HandleTranOldPostNews(cc *ClientConn, t *Transaction) (res []Transaction, e } func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessDisconUser) { + res = append(res, cc.NewErrReply(t, "You are not allowed to disconnect users.")) + return res, err + } + clientConn := cc.Server.Clients[binary.BigEndian.Uint16(t.GetField(fieldUserID).Data)] if authorize(clientConn.Account.Access, accessCannotBeDiscon) { @@ -1024,9 +988,14 @@ func HandleDisconnectUser(cc *ClientConn, t *Transaction) (res []Transaction, er return res, err } +// HandleGetNewsCatNameList returns a list of news categories for a path +// Fields used in the request: +// 325 News path (Optional) func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) { - // Fields used in the request: - // 325 News path (Optional) + if !authorize(cc.Account.Access, accessNewsReadArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to read news.")) + return res, err + } newsPath := t.GetField(fieldNewsPath).Data cc.Server.Logger.Infow("NewsPath: ", "np", string(newsPath)) @@ -1058,6 +1027,11 @@ func HandleGetNewsCatNameList(cc *ClientConn, t *Transaction) (res []Transaction } func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessNewsCreateCat) { + res = append(res, cc.NewErrReply(t, "You are not allowed to create news categories.")) + return res, err + } + name := string(t.GetField(fieldNewsCatName).Data) pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data) @@ -1076,10 +1050,15 @@ func HandleNewNewsCat(cc *ClientConn, t *Transaction) (res []Transaction, err er return res, err } +// Fields used in the request: +// 322 News category name +// 325 News path func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err error) { - // Fields used in the request: - // 322 News category name - // 325 News path + if !authorize(cc.Account.Access, accessNewsCreateFldr) { + res = append(res, cc.NewErrReply(t, "You are not allowed to create news folders.")) + return res, err + } + name := string(t.GetField(fieldFileName).Data) pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data) @@ -1105,6 +1084,10 @@ func HandleNewNewsFldr(cc *ClientConn, t *Transaction) (res []Transaction, err e // Reply fields: // 321 News article list data Optional func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessNewsReadArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to read news.")) + return res, err + } pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data) var cat NewsCategoryListData15 @@ -1122,6 +1105,11 @@ func HandleGetNewsArtNameList(cc *ClientConn, t *Transaction) (res []Transaction } func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessNewsReadArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to read news.")) + return res, err + } + // Request fields // 325 News fp // 326 News article ID @@ -1172,7 +1160,8 @@ func HandleGetNewsArtData(cc *ClientConn, t *Transaction) (res []Transaction, er } func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err error) { - // Access: News Delete Folder (37) or News Delete Category (35) + // Has multiple access flags: News Delete Folder (37) or News Delete Category (35) + // TODO: Implement pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data) @@ -1203,6 +1192,11 @@ func HandleDelNewsItem(cc *ClientConn, t *Transaction) (res []Transaction, err e } func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessNewsDeleteArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to delete news articles.")) + return res, err + } + // Request Fields // 325 News path // 326 News article ID @@ -1227,14 +1221,18 @@ func HandleDelNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err er return res, err } +// Request fields +// 325 News path +// 326 News article ID ID of the parent article? +// 328 News article title +// 334 News article flags +// 327 News article data flavor Currently “text/plain” +// 333 News article data func HandlePostNewsArt(cc *ClientConn, t *Transaction) (res []Transaction, err error) { - // Request fields - // 325 News path - // 326 News article ID ID of the parent article? - // 328 News article title - // 334 News article flags - // 327 News article data flavor Currently “text/plain” - // 333 News article data + if !authorize(cc.Account.Access, accessNewsPostArt) { + res = append(res, cc.NewErrReply(t, "You are not allowed to post news articles.")) + return res, err + } pathStrs := ReadNewsPath(t.GetField(fieldNewsPath).Data) cats := cc.Server.GetNewsCatByPath(pathStrs[:len(pathStrs)-1]) @@ -1313,8 +1311,6 @@ func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err fileName := t.GetField(fieldFileName).Data filePath := t.GetField(fieldFilePath).Data - // 2 bytes - // transferOptions := t.GetField(fieldFileTransferOptions).Data resumeData := t.GetField(fieldFileResumeData).Data var dataOffset int64 @@ -1349,17 +1345,32 @@ func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err if resumeData != nil { var frd FileResumeData - frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data) + if err := frd.UnmarshalBinary(t.GetField(fieldFileResumeData).Data); err != nil { + return res, err + } ft.fileResumeData = &frd } + xferSize := ffo.TransferSize() + + // Optional field for when a HL v1.5+ client requests file preview + // Used only for TEXT, JPEG, GIFF, BMP or PICT files + // The value will always be 2 + if t.GetField(fieldFileTransferOptions).Data != nil { + ft.options = t.GetField(fieldFileTransferOptions).Data + xferSize = ffo.FlatFileDataForkHeader.DataSize[:] + } + + cc.Server.mux.Lock() + defer cc.Server.mux.Unlock() cc.Server.FileTransfers[data] = ft + cc.Transfers[FileDownload] = append(cc.Transfers[FileDownload], ft) res = append(res, cc.NewReply(t, NewField(fieldRefNum, transactionRef), NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count - NewField(fieldTransferSize, ffo.TransferSize()), + NewField(fieldTransferSize, xferSize), NewField(fieldFileSize, ffo.FlatFileDataForkHeader.DataSize[:]), )) @@ -1367,30 +1378,12 @@ func HandleDownloadFile(cc *ClientConn, t *Transaction) (res []Transaction, err } // Download all files from the specified folder and sub-folders -// response example -// -// 00 -// 01 -// 00 00 -// 00 00 00 11 -// 00 00 00 00 -// 00 00 00 18 -// 00 00 00 18 -// -// 00 03 -// -// 00 6c // transfer size -// 00 04 // len -// 00 0f d5 ae -// -// 00 dc // field Folder item count -// 00 02 // len -// 00 02 -// -// 00 6b // ref number -// 00 04 // len -// 00 03 64 b1 func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessDownloadFile) { + res = append(res, cc.NewErrReply(t, "You are not allowed to download folders.")) + return res, err + } + transactionRef := cc.Server.NewTransactionRef() data := binary.BigEndian.Uint32(transactionRef) @@ -1400,7 +1393,9 @@ func HandleDownloadFolder(cc *ClientConn, t *Transaction) (res []Transaction, er ReferenceNumber: transactionRef, Type: FolderDownload, } + cc.Server.mux.Lock() cc.Server.FileTransfers[data] = fileTransfer + cc.Server.mux.Unlock() cc.Transfers[FolderDownload] = append(cc.Transfers[FolderDownload], fileTransfer) var fp FilePath @@ -1510,12 +1505,14 @@ func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err er transactionRef := cc.Server.NewTransactionRef() data := binary.BigEndian.Uint32(transactionRef) + cc.Server.mux.Lock() cc.Server.FileTransfers[data] = &FileTransfer{ FileName: fileName, FilePath: filePath, ReferenceNumber: transactionRef, Type: FileUpload, } + cc.Server.mux.Unlock() replyT := cc.NewReply(t, NewField(fieldRefNum, transactionRef)) @@ -1526,7 +1523,7 @@ func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err er return res, err } - fileInfo, err := FS.Stat(fullFilePath + incompleteFileSuffix) + fileInfo, err := cc.Server.FS.Stat(fullFilePath + incompleteFileSuffix) if err != nil { return res, err } @@ -1646,6 +1643,11 @@ func HandleGetFileNameList(cc *ClientConn, t *Transaction) (res []Transaction, e // HandleInviteNewChat invites users to new private chat func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessOpenChat) { + res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat.")) + return res, err + } + // Client to Invite targetID := t.GetField(fieldUserID).Data newChatID := cc.Server.NewPrivateChat(cc) @@ -1674,6 +1676,11 @@ func HandleInviteNewChat(cc *ClientConn, t *Transaction) (res []Transaction, err } func HandleInviteToChat(cc *ClientConn, t *Transaction) (res []Transaction, err error) { + if !authorize(cc.Account.Access, accessOpenChat) { + res = append(res, cc.NewErrReply(t, "You are not allowed to request private chat.")) + return res, err + } + // Client to Invite targetID := t.GetField(fieldUserID).Data chatID := t.GetField(fieldChatID).Data @@ -1849,7 +1856,7 @@ func HandleMakeAlias(cc *ClientConn, t *Transaction) (res []Transaction, err err cc.Server.Logger.Debugw("Make alias", "src", fullFilePath, "dst", fullNewFilePath) - if err := FS.Symlink(fullFilePath, fullNewFilePath); err != nil { + if err := cc.Server.FS.Symlink(fullFilePath, fullNewFilePath); err != nil { res = append(res, cc.NewErrReply(t, "Error creating alias")) return res, nil }