From ee47c73a01221b088378af07ebc351981e642cd9 Mon Sep 17 00:00:00 2001 From: zacheiss Date: Mon, 25 Feb 2002 16:41:17 +0000 Subject: [PATCH] If a user has the secure bit set and a PIN defined in the database, ask them for that, not their six words. Functionality requested by Sloan. --- reg_svr/errors | 5 +++++ reg_svr/protocol.c | 1 + reg_svr/reg_svr.h | 3 ++- reg_svr/reg_svr.pc | 42 ++++++++++++++++++++++++++++++++++++++---- 4 files changed, 46 insertions(+), 5 deletions(-) diff --git a/reg_svr/errors b/reg_svr/errors index b2869371..eb60d904 100644 --- a/reg_svr/errors +++ b/reg_svr/errors @@ -93,3 +93,8 @@ You should be able to log in by tomorrow morning using your Athena username (%s) and the password you chose. Welcome to Athena! +#21 BAD_PIN +The PIN you typed was incorrect. Please make sure you typed it correctly. + +If you do not remember your PIN, you will need to contact the Athena +User Accounts Office in N42-105A, x3-1325. diff --git a/reg_svr/protocol.c b/reg_svr/protocol.c index da8a9dab..aa82a83f 100644 --- a/reg_svr/protocol.c +++ b/reg_svr/protocol.c @@ -43,6 +43,7 @@ struct _handler { { "LOGN", LOGN }, { "PSWD", PSWD }, { "QUIT", QUIT }, + { "SPIN", SPIN }, { NULL, NULL } }; diff --git a/reg_svr/reg_svr.h b/reg_svr/reg_svr.h index 4005ed96..42d74727 100644 --- a/reg_svr/reg_svr.h +++ b/reg_svr/reg_svr.h @@ -21,6 +21,7 @@ typedef struct reg_client { void RIFO(reg_client *rc, int argc, char **argv); void SWRD(reg_client *rc, int argc, char **argv); +void SPIN(reg_client *rc, int argc, char **argv); void LOGN(reg_client *rc, int argc, char **argv); void PSWD(reg_client *rc, int argc, char **argv); void QUIT(reg_client *rc, int argc, char **argv); @@ -37,7 +38,7 @@ enum { NO_MESSAGE, INTERNAL_ERROR, PROTOCOL_ERROR, DATABASE_CLOSED, ACCOUNT_DELETED, NOT_ELIGIBLE, FOUND, FORCED_USERNAME, BAD_SIX_WORDS, BAD_USERNAME, USERNAME_UNAVAILABLE, RESERVED_USERNAME_UNAVAILABLE, USERNAME_OK, PASSWORD_SHORT, - PASSWORD_SIMPLE, PASSWORD_SAMPLE, KADM_ERROR, DONE, + PASSWORD_SIMPLE, PASSWORD_SAMPLE, KADM_ERROR, DONE, BAD_PIN, NUM_REG_ERRORS }; #define TIMEOUT 300 /* 5 minutes */ diff --git a/reg_svr/reg_svr.pc b/reg_svr/reg_svr.pc index fb2c0838..60079c4e 100644 --- a/reg_svr/reg_svr.pc +++ b/reg_svr/reg_svr.pc @@ -300,7 +300,7 @@ void RIFO(reg_client *rc, int argc, char **argv) char login[USERS_LOGIN_SIZE], first[USERS_FIRST_SIZE]; char middle[USERS_MIDDLE_SIZE], last[USERS_LAST_SIZE]; char fullname[USERS_FIRST_SIZE + USERS_MIDDLE_SIZE + USERS_LAST_SIZE]; - char class[USERS_TYPE_SIZE]; + char class[USERS_TYPE_SIZE], pin[USERS_PIN_SIZE]; int uid, status, secure, sqlstatus, string_id; EXEC SQL END DECLARE SECTION; @@ -318,13 +318,13 @@ void RIFO(reg_client *rc, int argc, char **argv) /* "ORDER BY status" so that if there's both a matching state 0 entry and a matching state 3 entry, we'll get the former. */ EXEC SQL DECLARE csr_id CURSOR FOR - SELECT login, unix_uid, status, secure, first, middle, last, type + SELECT login, unix_uid, status, secure, pin, first, middle, last, type FROM users WHERE clearid = :id ORDER BY status; EXEC SQL OPEN csr_id; while (1) { EXEC SQL FETCH csr_id INTO :login, :uid, :status, - :secure, :first, :middle, :last, :class; + :secure, :pin, :first, :middle, :last, :class; if (sqlca.sqlcode) break; strtrim(login); @@ -332,6 +332,7 @@ void RIFO(reg_client *rc, int argc, char **argv) strtrim(middle); strtrim(last); strtrim(class); + strtrim(pin); /* Check names, allowing for the possibility that Moira and the user might have them split up differently. eg, Mary/Ann/Singleton @@ -416,7 +417,12 @@ void RIFO(reg_client *rc, int argc, char **argv) } if (rc->id) - reply(rc, FOUND, "GETW", "c", NULL, fullname, class); + { + if (*pin != '\0') + reply(rc, FOUND, "GETI", "c", NULL, fullname, class); + else + reply(rc, FOUND, "GETW", "c", NULL, fullname, class); + } else if (!rc->username) reply(rc, FOUND, "GETL", "c", rc->suggestions, fullname, class); else @@ -487,6 +493,34 @@ void SWRD(reg_client *rc, int argc, char **argv) reply(rc, FORCED_USERNAME, "GETP", "c", NULL, rc->username); } +void SPIN(reg_client *rc, int argc, char **argv) +{ + EXEC SQL BEGIN DECLARE SECTION; + char pin[USERS_PIN_SIZE]; + EXEC SQL END DECLARE SECTION; + + if (!rc->id || argc != 1) + { + reply(rc, PROTOCOL_ERROR, "INIT", "c", NULL); + return; + } + + EXEC SQL SELECT pin INTO :pin FROM users WHERE clearid = :rc->id; + strtrim(pin); + if (strcmp(argv[0], pin) != 0) + { + reply(rc, BAD_PIN, "GETI", "d", NULL); + return; + } + + free(rc->id); + rc->id = NULL; + if (!rc->username) + reply(rc, NO_MESSAGE, "GETL", "c", rc->suggestions); + else + reply(rc, FORCED_USERNAME, "GETP", "c", NULL, rc->username); +} + void LOGN(reg_client *rc, int argc, char **argv) { int i; -- 2.45.1