3 // TODO: SO MUCH ERROR CHECKING ITS NOT FUNNY
6 // get out master library for ga4php
7 require_once("../lib/lib.php");
11 // first we want to fork into the background like all good daemons should
12 //$pid = pcntl_fork();
15 // uncomment this bit and comment the fork above to stop it going into the background
21 // i am the parent, i shall leave
22 echo "i am a parent, i leave\n";
25 // here is where i need to swithc to TCP network protocol stuff
26 // i must bind 127.0.0.1 though.
27 // what i want to happen is this:
28 // 1) server receives connection
29 // 2) server forks off process to process connection
30 // 3) main server continues.
31 // a forked process thingy should be fully self contained and capable of dealing
32 // with "problems", i.e. the parent doesnt want to have to clean up children
35 global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
38 $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT');
39 $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT');
42 // Here goes the tcp equivalent
43 global $TCP_PORT_NUMBER;
44 $res = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
45 socket_bind($res, "127.0.0.1", $TCP_PORT_NUMBER);
47 echo "am now listneing\n";
50 $data_socket = socket_accept($res);
52 $forked = pcntl_fork();
54 // TODO: DEAL WITH THIS PROPERLY
56 echo "Failed to fork\n";
58 // I am the child, i process the request
59 // all the shit down below goes in here
63 $size = socket_recv($data_socket, $recvd_a, 1024, 0);
65 if(preg_match("/.*\:EOD$/", $recvd)) {
66 // we have a full string... break out
74 $xps = explode(":", $recvd);
75 $component = unserialize(base64_decode($xps[1]));
76 $msg_type = $component["type"];
77 $msg = $component["data"];
79 echo "I now have a message of $msg_type\n";
83 // the switch should now set a $data_returned value that gets bundled up and sent back to the client
84 // HERES WHERE THE SWITCH GOES
87 case MSG_GET_RADIUS_CLIENTS:
88 $sql = "select * from radclients";
90 $res = $dbo->query($sql);
93 foreach($res as $row) {
94 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
95 $clients[$i]["name"] = $row["rad_name"];
96 $clients[$i]["ip"] = $row["rad_ip"];
97 $clients[$i]["secret"] = $row["rad_secret"];
98 $clients[$i]["desc"] = $row["rad_desc"];
101 $data_returned = $clients;
103 case MSG_REMOVE_RADIUS_CLIENT:
104 // it should send us a client by rad_name - doesnt work yet
105 $client = $msg["clientname"];
106 $sql = "delete from radclients where rad_name='$client'";
107 $dbo = getDatabase();
108 $res = $dbo->query($sql);
110 $data_returned = true;
112 case MSG_ADD_RADIUS_CLIENT:
113 echo "in addradclient\n";
114 $client = $msg["clientname"];
115 $clientsecret = $msg["clientsecret"];
116 $clientip = $msg["clientip"];
117 $clientdesc = $msg["clientdescription"];
118 $dbo = getDatabase();
120 // check for existing clients with same name
121 $sql = "select * from radclients where rad_name='$client'";
122 echo "doing select, $sql\n";
123 $res = $dbo->query($sql);
124 if($res->fetchColumn() > 0) {
125 $data_returned = "name";
128 // check for existing clients with same ip
129 $sql = "select * from radclients where rad_ip='$clientip'";
130 $res = $dbo->query($sql);
131 echo "doing select, $sql\n";
132 if($res->fetchColumn() > 0) {
133 $data_returned = "ip";
136 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
137 $res = $dbo->query($sql);
139 $data_returned = true;
144 case MSG_DELETE_USER_TOKEN:
145 $username = $msg["username"];
147 $sql = "select users_otk from users where users_username='$username'";
148 $dbo = getDatabase();
149 $res = $dbo->query($sql);
151 foreach($res as $row) {
152 $otkid = $row["users_otk"];
156 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
159 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
160 $dbo = getDatabase();
161 $res = $dbo->query($sql);
163 $data_returned = true;
165 case MSG_AUTH_USER_TOKEN:
166 echo "Call to auth user token\n";
167 // minimal checking, we leav it up to authenticateUser to do the real
169 if(!isset($msg["username"])) $msg["username"] = "";
170 if(!isset($msg["passcode"])) $msg["passcode"] = "";
171 $username = $msg["username"];
172 $passcode = $msg["passcode"];
174 $authval = $myga->authenticateUser($username, $passcode);
175 $data_returned = $authval;
178 if(!isset($msg["username"])) {
179 msg_send($cl_queue, MSG_GET_OTK_ID, false);
181 $username = $msg["username"];
182 $sql = "select users_otk from users where users_username='$username'";
183 $dbo = getDatabase();
184 $res = $dbo->query($sql);
186 foreach($res as $row) {
187 $otkid = $row["users_otk"];
191 $data_returned = false;
193 $data_returned = $otkid;
197 case MSG_GET_OTK_PNG:
198 if(!isset($msg["otk"])) {
199 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
202 $sql = "select users_username from users where users_otk='$otk'";
203 $dbo = getDatabase();
204 $res = $dbo->query($sql);
206 foreach($res as $row) {
207 $username = $row["users_username"];
210 if($username == "") {
211 $data_returned = false;
213 } else if($username != $msg["username"]) {
214 $data_returned = false;
217 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
218 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
220 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
221 $sql = "update users set users_otk='' where users_username='$username'";
223 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
224 $data_returned = $data;
230 if(!isset($msg["username"])) {
231 $data_returned = false;
233 $tokenone = $msg["tokenone"];
234 $tokentwo = $msg["tokentwo"];
236 $data_returned = $myga->resyncCode($msg["username"], $tokenone, $tokentwo);
240 case MSG_GET_TOKEN_TYPE:
241 if(!isset($msg["username"])) {
242 $data_returned = false;
244 $data_returned = $myga->getTokenType($msg["username"]);
247 case MSG_ADD_USER_TOKEN:
248 echo "Call to add user token\n";
249 if(!isset($msg["username"])) {
250 $data_returned = false;
253 $username = $msg["username"];
255 if(isset($msg["tokentype"])) {
256 $tokentype=$msg["tokentype"];
259 if(isset($msg["hexkey"])) {
260 $hexkey = $msg["hexkey"];
263 $myga->setUser($username, $tokentype, "", $hexkey);
265 $url = $myga->createUrl($username);
266 echo "Url was: $url\n";
267 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
268 $otk = generateRandomString();
269 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
271 $sql = "update users set users_otk='$otk' where users_username='$username'";
272 $dbo = getDatabase();
273 $res = $dbo->query($sql);
275 $data_returned = true;
278 case MSG_DELETE_USER:
279 echo "Call to del user\n";
280 if(!isset($msg["username"])) {
281 $data_returned = false;
283 $username = $msg["username"];
286 $sql = "select users_otk from users where users_username='$username'";
287 $dbo = getDatabase();
288 $res = $dbo->query($sql);
290 foreach($res as $row) {
291 $otkid = $row["users_otk"];
294 unlink("otks/$otkid.png");
298 $sql = "delete from users where users_username='$username'";
299 $dbo = getDatabase();
302 $data_returned = true;
305 case MSG_AUTH_USER_PASSWORD:
307 echo "Call to auth user pass\n";
308 if(!isset($msg["username"])) {
309 $data_returned = false;
312 if(!isset($msg["password"])) {
313 $data_returned = false;
317 $username = $msg["username"];
318 $password = $msg["password"];
319 $sql = "select users_password from users where users_username='$username'";
320 $dbo = getDatabase();
321 $res = $dbo->query($sql);
323 foreach($res as $row) {
324 $pass = $row["users_password"];
328 $ourpass = hash('sha512', $password);
329 echo "ourpass: $ourpass\nourhash: $pass\n";
330 if($ourpass == $pass) {
331 $data_returned = true;
334 $data_returned = false;
339 case MSG_SET_USER_PASSWORD:
340 echo "how on earth is that happening Call to set user pass, wtf?\n";
343 if(!isset($msg["username"])) {
344 $data_returned = false;
348 if(!isset($msg["password"])) {
349 $data_returned = false;
354 $username = $msg["username"];
355 $password = $msg["password"];
357 echo "would set pass for $username, to $password\n";
358 if($password == "") $pass = "";
359 else $pass = hash('sha512', $password);
361 $dbo = getDatabase();
362 echo "in set user pass for $username, $pass\n";
363 $sql = "update users set users_password='$pass' where users_username='$username'";
367 $data_returned = true;
370 // these are irrelavent yet
373 case MSG_SET_USER_REALNAME:
374 echo "Call to set user realname\n";
376 if(!isset($msg["username"])) {
377 $data_returned = false;
380 if(!isset($msg["realname"])) {
381 $data_returned = false;
385 $username = $msg["username"];
386 $realname = $msg["realname"];
387 $sql = "update users set users_realname='$realname' where users_username='$username'";
388 $dbo = getDatabase();
392 $data_returned = true;
394 // TODO now set real name
396 case MSG_SET_USER_TOKEN:
398 echo "Call to set user token\n";
399 if(!isset($msg["username"])) {
400 $data_returned = false;
403 if(!isset($msg["tokenstring"])) {
404 $data_returned = false;
409 $username = $msg["username"];
410 $token = $msg["tokenstring"];
411 $return = $myga->setUserKey($username, $token);
412 $data_returned = $return;
414 // TODO now set token
416 case MSG_SET_USER_TOKEN_TYPE:
418 echo "Call to set user token type\n";
419 if(!isset($msg["username"])) {
420 $data_returned = false;
423 if(!isset($msg["tokentype"])) {
424 $data_returned = false;
428 $username = $msg["username"];
429 $tokentype = $msg["tokentype"];
431 $data_returned = $myga->setTokenType($username, $tokentype);
433 // TODO now set token
436 // TODO this needs to be better
437 $sql = "select * from users order by users_username";
439 $dbo = getDatabase();
440 $res = $dbo->query($sql);
444 foreach($res as $row) {
445 $users[$i]["username"] = $row["users_username"];
446 $users[$i]["realname"] = $row["users_realname"];
447 if($row["users_password"]!="") {
448 $users[$i]["haspass"] = true;
450 $users[$i]["haspass"] = false;
452 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
453 if($row["users_tokendata"]!="") {
454 $users[$i]["hastoken"] = true;
456 $users[$i]["hastoken"] = false;
459 if($row["users_otk"]!="") {
460 $users[$i]["otk"] = $row["users_otk"];
462 $users[$i]["otk"] = "";
466 $data_returned = $users;
468 // TODO now set token
473 $d_comp["type"] = $msg_type;
474 $d_comp["data"] = $data_returned;
476 $realdata_returning = "AS:".base64_encode(serialize($d_comp)).":EOD";
478 socket_send($data_socket, $realdata_returning, strlen($realdata_returning), 0);
479 socket_close($data_socket);
481 // now our child exits?
484 // otherwise return to the accept loop
489 $myga = new gaasGA();
494 msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
495 echo "got message of type $msg_type\n";
497 case MSG_GET_RADIUS_CLIENTS:
498 $sql = "select * from radclients";
499 $dbo = getDatabase();
500 $res = $dbo->query($sql);
503 foreach($res as $row) {
504 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
505 $clients[$i]["name"] = $row["rad_name"];
506 $clients[$i]["ip"] = $row["rad_ip"];
507 $clients[$i]["secret"] = $row["rad_secret"];
508 $clients[$i]["desc"] = $row["rad_desc"];
511 msg_send($cl_queue, MSG_GET_RADIUS_CLIENTS, $clients);
513 case MSG_REMOVE_RADIUS_CLIENT:
514 // it should send us a client by rad_name - doesnt work yet
515 $client = $msg["clientname"];
516 $sql = "delete from radclients where rad_name='$client'";
517 $dbo = getDatabase();
518 $res = $dbo->query($sql);
520 msg_send($cl_queue, MSG_REMOVE_RADIUS_CLIENT, true);
522 case MSG_ADD_RADIUS_CLIENT:
523 echo "in addradclient\n";
524 $client = $msg["clientname"];
525 $clientsecret = $msg["clientsecret"];
526 $clientip = $msg["clientip"];
527 $clientdesc = $msg["clientdescription"];
528 $dbo = getDatabase();
530 // check for existing clients with same name
531 $sql = "select * from radclients where rad_name='$client'";
532 echo "doing select, $sql\n";
533 $res = $dbo->query($sql);
534 if($res->fetchColumn() > 0) {
535 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "name");
538 // check for existing clients with same ip
539 $sql = "select * from radclients where rad_ip='$clientip'";
540 $res = $dbo->query($sql);
541 echo "doing select, $sql\n";
542 if($res->fetchColumn() > 0) {
543 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "ip");
546 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
547 $res = $dbo->query($sql);
549 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, true);
554 case MSG_DELETE_USER_TOKEN:
555 $username = $msg["username"];
557 $sql = "select users_otk from users where users_username='$username'";
558 $dbo = getDatabase();
559 $res = $dbo->query($sql);
561 foreach($res as $row) {
562 $otkid = $row["users_otk"];
566 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
569 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
570 $dbo = getDatabase();
571 $res = $dbo->query($sql);
573 msg_send($cl_queue, MSG_DELETE_USER_TOKEN, true);
575 case MSG_AUTH_USER_TOKEN:
576 echo "Call to auth user token\n";
577 // minimal checking, we leav it up to authenticateUser to do the real
579 if(!isset($msg["username"])) $msg["username"] = "";
580 if(!isset($msg["passcode"])) $msg["passcode"] = "";
581 $username = $msg["username"];
582 $passcode = $msg["passcode"];
584 $authval = $myga->authenticateUser($username, $passcode);
585 msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
588 if(!isset($msg["username"])) {
589 msg_send($cl_queue, MSG_GET_OTK_ID, false);
591 $username = $msg["username"];
592 $sql = "select users_otk from users where users_username='$username'";
593 $dbo = getDatabase();
594 $res = $dbo->query($sql);
596 foreach($res as $row) {
597 $otkid = $row["users_otk"];
601 msg_send($cl_queue, MSG_GET_OTK_ID, false);
603 msg_send($cl_queue, MSG_GET_OTK_ID, $otkid);
607 case MSG_GET_OTK_PNG:
608 if(!isset($msg["otk"])) {
609 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
612 $sql = "select users_username from users where users_otk='$otk'";
613 $dbo = getDatabase();
614 $res = $dbo->query($sql);
616 foreach($res as $row) {
617 $username = $row["users_username"];
620 if($username == "") {
621 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
622 } else if($username != $msg["username"]) {
623 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
626 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
627 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
629 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
630 $sql = "update users set users_otk='' where users_username='$username'";
632 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
633 msg_send($cl_queue, MSG_GET_OTK_PNG, $data);
639 if(!isset($msg["username"])) {
640 msg_send($cl_queue, MSG_SYNC_TOKEN, false);
642 $tokenone = $msg["tokenone"];
643 $tokentwo = $msg["tokentwo"];
645 msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo));
649 case MSG_GET_TOKEN_TYPE:
650 if(!isset($msg["username"])) {
651 msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false);
653 msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"]));
656 case MSG_ADD_USER_TOKEN:
657 echo "Call to add user token\n";
658 if(!isset($msg["username"])) {
659 msg_send($cl_queue, MSG_ADD_USER_TOKEN, false);
662 $username = $msg["username"];
664 if(isset($msg["tokentype"])) {
665 $tokentype=$msg["tokentype"];
668 if(isset($msg["hexkey"])) {
669 $hexkey = $msg["hexkey"];
672 $myga->setUser($username, $tokentype, "", $hexkey);
674 $url = $myga->createUrl($username);
675 echo "Url was: $url\n";
676 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
677 $otk = generateRandomString();
678 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
680 $sql = "update users set users_otk='$otk' where users_username='$username'";
681 $dbo = getDatabase();
682 $res = $dbo->query($sql);
684 msg_send($cl_queue, MSG_ADD_USER_TOKEN, true);
687 case MSG_DELETE_USER:
688 echo "Call to del user\n";
689 if(!isset($msg["username"])) {
690 msg_send($cl_queue, MSG_DELETE_USER, false);
692 $username = $msg["username"];
695 $sql = "select users_otk from users where users_username='$username'";
696 $dbo = getDatabase();
697 $res = $dbo->query($sql);
699 foreach($res as $row) {
700 $otkid = $row["users_otk"];
703 unlink("otks/$otkid.png");
707 $sql = "delete from users where users_username='$username'";
708 $dbo = getDatabase();
711 msg_send($cl_queue, MSG_DELETE_USER, true);
714 case MSG_AUTH_USER_PASSWORD:
716 echo "Call to auth user pass\n";
717 if(!isset($msg["username"])) {
718 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
721 if(!isset($msg["password"])) {
722 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
726 $username = $msg["username"];
727 $password = $msg["password"];
728 $sql = "select users_password from users where users_username='$username'";
729 $dbo = getDatabase();
730 $res = $dbo->query($sql);
732 foreach($res as $row) {
733 $pass = $row["users_password"];
737 $ourpass = hash('sha512', $password);
738 echo "ourpass: $ourpass\nourhash: $pass\n";
739 if($ourpass == $pass) {
740 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, true);
743 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
748 case MSG_SET_USER_PASSWORD:
749 echo "how on earth is that happening Call to set user pass, wtf?\n";
752 if(!isset($msg["username"])) {
753 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
757 if(!isset($msg["password"])) {
758 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
763 $username = $msg["username"];
764 $password = $msg["password"];
766 echo "would set pass for $username, to $password\n";
767 if($password == "") $pass = "";
768 else $pass = hash('sha512', $password);
770 $dbo = getDatabase();
771 echo "in set user pass for $username, $pass\n";
772 $sql = "update users set users_password='$pass' where users_username='$username'";
776 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
779 // these are irrelavent yet
782 case MSG_SET_USER_REALNAME:
783 echo "Call to set user realname\n";
785 if(!isset($msg["username"])) {
786 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
789 if(!isset($msg["realname"])) {
790 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
794 $username = $msg["username"];
795 $realname = $msg["realname"];
796 $sql = "update users set users_realname='$realname' where users_username='$username'";
797 $dbo = getDatabase();
801 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
803 // TODO now set real name
805 case MSG_SET_USER_TOKEN:
807 echo "Call to set user token\n";
808 if(!isset($msg["username"])) {
809 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
812 if(!isset($msg["tokenstring"])) {
813 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
818 $username = $msg["username"];
819 $token = $msg["tokenstring"];
820 $return = $myga->setUserKey($username, $token);
821 msg_send($cl_queue, MSG_SET_USER_TOKEN, $return);
823 // TODO now set token
825 case MSG_SET_USER_TOKEN_TYPE:
827 echo "Call to set user token type\n";
828 if(!isset($msg["username"])) {
829 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
832 if(!isset($msg["tokentype"])) {
833 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
837 $username = $msg["username"];
838 $tokentype = $msg["tokentype"];
840 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, $myga->setTokenType($username, $tokentype));
842 // TODO now set token
845 // TODO this needs to be better
846 $sql = "select * from users order by users_username";
848 $dbo = getDatabase();
849 $res = $dbo->query($sql);
853 foreach($res as $row) {
854 $users[$i]["username"] = $row["users_username"];
855 $users[$i]["realname"] = $row["users_realname"];
856 if($row["users_password"]!="") {
857 $users[$i]["haspass"] = true;
859 $users[$i]["haspass"] = false;
861 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
862 if($row["users_tokendata"]!="") {
863 $users[$i]["hastoken"] = true;
865 $users[$i]["hastoken"] = false;
868 if($row["users_otk"]!="") {
869 $users[$i]["otk"] = $row["users_otk"];
871 $users[$i]["otk"] = "";
875 msg_send($cl_queue, MSG_GET_USERS, $users);
877 // TODO now set token