3 // TODO: SO MUCH ERROR CHECKING ITS NOT FUNNY
6 // get out master library for ga4php
7 require_once("../lib/lib.php");
11 // first we want to fork into the background like all good daemons should
12 //$pid = pcntl_fork();
15 // uncomment this bit and comment the fork above to stop it going into the background
21 // i am the parent, i shall leave
22 //echo "i am a parent, i leave\n";
25 // here is where i need to swithc to TCP network protocol stuff
26 // i must bind 127.0.0.1 though.
27 // what i want to happen is this:
28 // 1) server receives connection
29 // 2) server forks off process to process connection
30 // 3) main server continues.
31 // a forked process thingy should be fully self contained and capable of dealing
32 // with "problems", i.e. the parent doesnt want to have to clean up children
34 // Here goes the tcp equivalent
35 global $TCP_PORT_NUMBER;
36 $res = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
37 socket_bind($res, "127.0.0.1", $TCP_PORT_NUMBER);
41 $data_socket = socket_accept($res);
43 $forked = pcntl_fork();
45 // TODO: DEAL WITH THIS PROPERLY
47 echo "Failed to fork\n";
49 // I am the child, i process the request
50 // all the shit down below goes in here
54 $size = socket_recv($data_socket, $recvd_a, 1024, 0);
56 if(preg_match("/.*\:EOD$/", $recvd)) {
57 // we have a full string... break out
65 $xps = explode(":", $recvd);
66 $component = unserialize(base64_decode($xps[1]));
67 $msg_type = $component["type"];
68 $msg = $component["data"];
70 //echo "I now have a message of $msg_type\n";
71 //echo "with data:\n";
74 // the switch should now set a $data_returned value that gets bundled up and sent back to the client
75 // HERES WHERE THE SWITCH GOES
78 case MSG_GET_RADIUS_CLIENTS:
79 $sql = "select * from radclients";
81 $res = $dbo->query($sql);
84 foreach($res as $row) {
85 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
86 $clients[$i]["name"] = $row["rad_name"];
87 $clients[$i]["ip"] = $row["rad_ip"];
88 $clients[$i]["secret"] = $row["rad_secret"];
89 $clients[$i]["desc"] = $row["rad_desc"];
92 $data_returned = $clients;
94 case MSG_REMOVE_RADIUS_CLIENT:
95 // it should send us a client by rad_name - doesnt work yet
96 $client = $msg["clientname"];
97 $sql = "delete from radclients where rad_name='$client'";
99 $res = $dbo->query($sql);
101 $data_returned = true;
103 case MSG_ADD_RADIUS_CLIENT:
104 //echo "in addradclient\n";
105 $client = $msg["clientname"];
106 $clientsecret = $msg["clientsecret"];
107 $clientip = $msg["clientip"];
108 $clientdesc = $msg["clientdescription"];
109 $dbo = getDatabase();
111 // check for existing clients with same name
112 $sql = "select * from radclients where rad_name='$client'";
113 //echo "doing select, $sql\n";
114 $res = $dbo->query($sql);
115 if($res->fetchColumn() > 0) {
116 $data_returned = "name";
119 // check for existing clients with same ip
120 $sql = "select * from radclients where rad_ip='$clientip'";
121 $res = $dbo->query($sql);
122 //echo "doing select, $sql\n";
123 if($res->fetchColumn() > 0) {
124 $data_returned = "ip";
127 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
128 $res = $dbo->query($sql);
130 $data_returned = true;
135 case MSG_DELETE_USER_TOKEN:
136 $username = $msg["username"];
138 $sql = "select users_otk from users where users_username='$username'";
139 $dbo = getDatabase();
140 $res = $dbo->query($sql);
142 foreach($res as $row) {
143 $otkid = $row["users_otk"];
147 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
150 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
151 $dbo = getDatabase();
152 $res = $dbo->query($sql);
154 $data_returned = true;
156 case MSG_AUTH_USER_TOKEN:
157 //echo "Call to auth user token\n";
158 // minimal checking, we leav it up to authenticateUser to do the real
160 if(!isset($msg["username"])) $msg["username"] = "";
161 if(!isset($msg["passcode"])) $msg["passcode"] = "";
162 $username = $msg["username"];
163 $passcode = $msg["passcode"];
165 $authval = $myga->authenticateUser($username, $passcode);
166 $data_returned = $authval;
169 if(!isset($msg["username"])) {
170 msg_send($cl_queue, MSG_GET_OTK_ID, false);
172 $username = $msg["username"];
173 $sql = "select users_otk from users where users_username='$username'";
174 $dbo = getDatabase();
175 $res = $dbo->query($sql);
177 foreach($res as $row) {
178 $otkid = $row["users_otk"];
182 $data_returned = false;
184 $data_returned = $otkid;
188 case MSG_GET_OTK_PNG:
189 if(!isset($msg["otk"])) {
190 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
193 $sql = "select users_username from users where users_otk='$otk'";
194 $dbo = getDatabase();
195 $res = $dbo->query($sql);
197 foreach($res as $row) {
198 $username = $row["users_username"];
201 if($username == "") {
202 $data_returned = false;
204 } else if($username != $msg["username"]) {
205 $data_returned = false;
208 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
209 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
211 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
212 $sql = "update users set users_otk='' where users_username='$username'";
214 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
215 $data_returned = $data;
221 if(!isset($msg["username"])) {
222 $data_returned = false;
224 $tokenone = $msg["tokenone"];
225 $tokentwo = $msg["tokentwo"];
227 $data_returned = $myga->resyncCode($msg["username"], $tokenone, $tokentwo);
231 case MSG_GET_TOKEN_TYPE:
232 if(!isset($msg["username"])) {
233 $data_returned = false;
235 $data_returned = $myga->getTokenType($msg["username"]);
238 case MSG_ADD_USER_TOKEN:
239 //echo "Call to add user token\n";
240 if(!isset($msg["username"])) {
241 $data_returned = false;
244 $username = $msg["username"];
246 if(isset($msg["tokentype"])) {
247 $tokentype=$msg["tokentype"];
250 if(isset($msg["hexkey"])) {
251 $hexkey = $msg["hexkey"];
254 $myga->setUser($username, $tokentype, "", $hexkey);
256 $url = $myga->createUrl($username);
257 //echo "Url was: $url\n";
258 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
259 $otk = generateRandomString();
260 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
262 $sql = "update users set users_otk='$otk' where users_username='$username'";
263 $dbo = getDatabase();
264 $res = $dbo->query($sql);
266 $data_returned = true;
269 case MSG_DELETE_USER:
270 //echo "Call to del user\n";
271 if(!isset($msg["username"])) {
272 $data_returned = false;
274 $username = $msg["username"];
277 $sql = "select users_otk from users where users_username='$username'";
278 $dbo = getDatabase();
279 $res = $dbo->query($sql);
281 foreach($res as $row) {
282 $otkid = $row["users_otk"];
285 unlink("otks/$otkid.png");
289 $sql = "delete from users where users_username='$username'";
290 $dbo = getDatabase();
293 $data_returned = true;
296 case MSG_AUTH_USER_PASSWORD:
298 //echo "Call to auth user pass\n";
299 if(!isset($msg["username"])) {
300 $data_returned = false;
303 if(!isset($msg["password"])) {
304 $data_returned = false;
308 $username = $msg["username"];
309 $password = $msg["password"];
310 $sql = "select users_password from users where users_username='$username'";
311 $dbo = getDatabase();
312 $res = $dbo->query($sql);
314 foreach($res as $row) {
315 $pass = $row["users_password"];
319 $ourpass = hash('sha512', $password);
320 //echo "ourpass: $ourpass\nourhash: $pass\n";
321 if($ourpass == $pass) {
322 $data_returned = true;
325 $data_returned = false;
330 case MSG_SET_USER_PASSWORD:
331 //echo "how on earth is that happening Call to set user pass, wtf?\n";
334 if(!isset($msg["username"])) {
335 $data_returned = false;
336 //echo "in break 1\n";
339 if(!isset($msg["password"])) {
340 $data_returned = false;
341 //echo "in break 1\n";
345 $username = $msg["username"];
346 $password = $msg["password"];
348 //echo "would set pass for $username, to $password\n";
349 if($password == "") $pass = "";
350 else $pass = hash('sha512', $password);
352 $dbo = getDatabase();
353 //echo "in set user pass for $username, $pass\n";
354 $sql = "update users set users_password='$pass' where users_username='$username'";
358 $data_returned = true;
361 // these are irrelavent yet
364 case MSG_SET_USER_REALNAME:
365 //echo "Call to set user realname\n";
367 if(!isset($msg["username"])) {
368 $data_returned = false;
371 if(!isset($msg["realname"])) {
372 $data_returned = false;
376 $username = $msg["username"];
377 $realname = $msg["realname"];
378 $sql = "update users set users_realname='$realname' where users_username='$username'";
379 $dbo = getDatabase();
383 $data_returned = true;
385 // TODO now set real name
387 case MSG_SET_USER_TOKEN:
389 //echo "Call to set user token\n";
390 if(!isset($msg["username"])) {
391 $data_returned = false;
394 if(!isset($msg["tokenstring"])) {
395 $data_returned = false;
400 $username = $msg["username"];
401 $token = $msg["tokenstring"];
402 $return = $myga->setUserKey($username, $token);
403 $data_returned = $return;
405 // TODO now set token
407 case MSG_SET_USER_TOKEN_TYPE:
409 //echo "Call to set user token type\n";
410 if(!isset($msg["username"])) {
411 $data_returned = false;
414 if(!isset($msg["tokentype"])) {
415 $data_returned = false;
419 $username = $msg["username"];
420 $tokentype = $msg["tokentype"];
422 $data_returned = $myga->setTokenType($username, $tokentype);
424 // TODO now set token
427 // TODO this needs to be better
428 $sql = "select * from users order by users_username";
430 $dbo = getDatabase();
431 $res = $dbo->query($sql);
435 foreach($res as $row) {
436 $users[$i]["username"] = $row["users_username"];
437 $users[$i]["realname"] = $row["users_realname"];
438 if($row["users_password"]!="") {
439 $users[$i]["haspass"] = true;
441 $users[$i]["haspass"] = false;
443 //echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
444 if($row["users_tokendata"]!="") {
445 $users[$i]["hastoken"] = true;
447 $users[$i]["hastoken"] = false;
450 if($row["users_otk"]!="") {
451 $users[$i]["otk"] = $row["users_otk"];
453 $users[$i]["otk"] = "";
457 $data_returned = $users;
459 // TODO now set token
464 $d_comp["type"] = $msg_type;
465 $d_comp["data"] = $data_returned;
467 $realdata_returning = "AS:".base64_encode(serialize($d_comp)).":EOD";
469 socket_send($data_socket, $realdata_returning, strlen($realdata_returning), 0);
470 socket_close($data_socket);
472 // now our child exits?
475 // otherwise return to the accept loop