3 // TODO: SO MUCH ERROR CHECKING ITS NOT FUNNY
6 // get out master library for ga4php
7 require_once("../lib/lib.php");
11 // first we want to fork into the background like all good daemons should
12 //$pid = pcntl_fork();
15 // uncomment this bit and comment the fork above to stop it going into the background
21 // i am the parent, i shall leave
22 echo "i am a parent, i leave\n";
25 // here is where i need to swithc to TCP network protocol stuff
26 // i must bind 127.0.0.1 though.
27 // what i want to happen is this:
28 // 1) server receives connection
29 // 2) server forks off process to process connection
30 // 3) main server continues.
31 // a forked process thingy should be fully self contained and capable of dealing
32 // with "problems", i.e. the parent doesnt want to have to clean up children
34 // Here goes the tcp equivalent
35 global $TCP_PORT_NUMBER;
36 $res = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
37 socket_bind($res, "127.0.0.1", $TCP_PORT_NUMBER);
39 echo "am now listneing\n";
42 $data_socket = socket_accept($res);
44 $forked = pcntl_fork();
46 // TODO: DEAL WITH THIS PROPERLY
48 echo "Failed to fork\n";
50 // I am the child, i process the request
51 // all the shit down below goes in here
55 $size = socket_recv($data_socket, $recvd_a, 1024, 0);
57 if(preg_match("/.*\:EOD$/", $recvd)) {
58 // we have a full string... break out
66 $xps = explode(":", $recvd);
67 $component = unserialize(base64_decode($xps[1]));
68 $msg_type = $component["type"];
69 $msg = $component["data"];
71 echo "I now have a message of $msg_type\n";
75 // the switch should now set a $data_returned value that gets bundled up and sent back to the client
76 // HERES WHERE THE SWITCH GOES
79 case MSG_GET_RADIUS_CLIENTS:
80 $sql = "select * from radclients";
82 $res = $dbo->query($sql);
85 foreach($res as $row) {
86 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
87 $clients[$i]["name"] = $row["rad_name"];
88 $clients[$i]["ip"] = $row["rad_ip"];
89 $clients[$i]["secret"] = $row["rad_secret"];
90 $clients[$i]["desc"] = $row["rad_desc"];
93 $data_returned = $clients;
95 case MSG_REMOVE_RADIUS_CLIENT:
96 // it should send us a client by rad_name - doesnt work yet
97 $client = $msg["clientname"];
98 $sql = "delete from radclients where rad_name='$client'";
100 $res = $dbo->query($sql);
102 $data_returned = true;
104 case MSG_ADD_RADIUS_CLIENT:
105 echo "in addradclient\n";
106 $client = $msg["clientname"];
107 $clientsecret = $msg["clientsecret"];
108 $clientip = $msg["clientip"];
109 $clientdesc = $msg["clientdescription"];
110 $dbo = getDatabase();
112 // check for existing clients with same name
113 $sql = "select * from radclients where rad_name='$client'";
114 echo "doing select, $sql\n";
115 $res = $dbo->query($sql);
116 if($res->fetchColumn() > 0) {
117 $data_returned = "name";
120 // check for existing clients with same ip
121 $sql = "select * from radclients where rad_ip='$clientip'";
122 $res = $dbo->query($sql);
123 echo "doing select, $sql\n";
124 if($res->fetchColumn() > 0) {
125 $data_returned = "ip";
128 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
129 $res = $dbo->query($sql);
131 $data_returned = true;
136 case MSG_DELETE_USER_TOKEN:
137 $username = $msg["username"];
139 $sql = "select users_otk from users where users_username='$username'";
140 $dbo = getDatabase();
141 $res = $dbo->query($sql);
143 foreach($res as $row) {
144 $otkid = $row["users_otk"];
148 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
151 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
152 $dbo = getDatabase();
153 $res = $dbo->query($sql);
155 $data_returned = true;
157 case MSG_AUTH_USER_TOKEN:
158 echo "Call to auth user token\n";
159 // minimal checking, we leav it up to authenticateUser to do the real
161 if(!isset($msg["username"])) $msg["username"] = "";
162 if(!isset($msg["passcode"])) $msg["passcode"] = "";
163 $username = $msg["username"];
164 $passcode = $msg["passcode"];
166 $authval = $myga->authenticateUser($username, $passcode);
167 $data_returned = $authval;
170 if(!isset($msg["username"])) {
171 msg_send($cl_queue, MSG_GET_OTK_ID, false);
173 $username = $msg["username"];
174 $sql = "select users_otk from users where users_username='$username'";
175 $dbo = getDatabase();
176 $res = $dbo->query($sql);
178 foreach($res as $row) {
179 $otkid = $row["users_otk"];
183 $data_returned = false;
185 $data_returned = $otkid;
189 case MSG_GET_OTK_PNG:
190 if(!isset($msg["otk"])) {
191 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
194 $sql = "select users_username from users where users_otk='$otk'";
195 $dbo = getDatabase();
196 $res = $dbo->query($sql);
198 foreach($res as $row) {
199 $username = $row["users_username"];
202 if($username == "") {
203 $data_returned = false;
205 } else if($username != $msg["username"]) {
206 $data_returned = false;
209 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
210 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
212 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
213 $sql = "update users set users_otk='' where users_username='$username'";
215 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
216 $data_returned = $data;
222 if(!isset($msg["username"])) {
223 $data_returned = false;
225 $tokenone = $msg["tokenone"];
226 $tokentwo = $msg["tokentwo"];
228 $data_returned = $myga->resyncCode($msg["username"], $tokenone, $tokentwo);
232 case MSG_GET_TOKEN_TYPE:
233 if(!isset($msg["username"])) {
234 $data_returned = false;
236 $data_returned = $myga->getTokenType($msg["username"]);
239 case MSG_ADD_USER_TOKEN:
240 echo "Call to add user token\n";
241 if(!isset($msg["username"])) {
242 $data_returned = false;
245 $username = $msg["username"];
247 if(isset($msg["tokentype"])) {
248 $tokentype=$msg["tokentype"];
251 if(isset($msg["hexkey"])) {
252 $hexkey = $msg["hexkey"];
255 $myga->setUser($username, $tokentype, "", $hexkey);
257 $url = $myga->createUrl($username);
258 echo "Url was: $url\n";
259 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
260 $otk = generateRandomString();
261 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
263 $sql = "update users set users_otk='$otk' where users_username='$username'";
264 $dbo = getDatabase();
265 $res = $dbo->query($sql);
267 $data_returned = true;
270 case MSG_DELETE_USER:
271 echo "Call to del user\n";
272 if(!isset($msg["username"])) {
273 $data_returned = false;
275 $username = $msg["username"];
278 $sql = "select users_otk from users where users_username='$username'";
279 $dbo = getDatabase();
280 $res = $dbo->query($sql);
282 foreach($res as $row) {
283 $otkid = $row["users_otk"];
286 unlink("otks/$otkid.png");
290 $sql = "delete from users where users_username='$username'";
291 $dbo = getDatabase();
294 $data_returned = true;
297 case MSG_AUTH_USER_PASSWORD:
299 echo "Call to auth user pass\n";
300 if(!isset($msg["username"])) {
301 $data_returned = false;
304 if(!isset($msg["password"])) {
305 $data_returned = false;
309 $username = $msg["username"];
310 $password = $msg["password"];
311 $sql = "select users_password from users where users_username='$username'";
312 $dbo = getDatabase();
313 $res = $dbo->query($sql);
315 foreach($res as $row) {
316 $pass = $row["users_password"];
320 $ourpass = hash('sha512', $password);
321 echo "ourpass: $ourpass\nourhash: $pass\n";
322 if($ourpass == $pass) {
323 $data_returned = true;
326 $data_returned = false;
331 case MSG_SET_USER_PASSWORD:
332 echo "how on earth is that happening Call to set user pass, wtf?\n";
335 if(!isset($msg["username"])) {
336 $data_returned = false;
340 if(!isset($msg["password"])) {
341 $data_returned = false;
346 $username = $msg["username"];
347 $password = $msg["password"];
349 echo "would set pass for $username, to $password\n";
350 if($password == "") $pass = "";
351 else $pass = hash('sha512', $password);
353 $dbo = getDatabase();
354 echo "in set user pass for $username, $pass\n";
355 $sql = "update users set users_password='$pass' where users_username='$username'";
359 $data_returned = true;
362 // these are irrelavent yet
365 case MSG_SET_USER_REALNAME:
366 echo "Call to set user realname\n";
368 if(!isset($msg["username"])) {
369 $data_returned = false;
372 if(!isset($msg["realname"])) {
373 $data_returned = false;
377 $username = $msg["username"];
378 $realname = $msg["realname"];
379 $sql = "update users set users_realname='$realname' where users_username='$username'";
380 $dbo = getDatabase();
384 $data_returned = true;
386 // TODO now set real name
388 case MSG_SET_USER_TOKEN:
390 echo "Call to set user token\n";
391 if(!isset($msg["username"])) {
392 $data_returned = false;
395 if(!isset($msg["tokenstring"])) {
396 $data_returned = false;
401 $username = $msg["username"];
402 $token = $msg["tokenstring"];
403 $return = $myga->setUserKey($username, $token);
404 $data_returned = $return;
406 // TODO now set token
408 case MSG_SET_USER_TOKEN_TYPE:
410 echo "Call to set user token type\n";
411 if(!isset($msg["username"])) {
412 $data_returned = false;
415 if(!isset($msg["tokentype"])) {
416 $data_returned = false;
420 $username = $msg["username"];
421 $tokentype = $msg["tokentype"];
423 $data_returned = $myga->setTokenType($username, $tokentype);
425 // TODO now set token
428 // TODO this needs to be better
429 $sql = "select * from users order by users_username";
431 $dbo = getDatabase();
432 $res = $dbo->query($sql);
436 foreach($res as $row) {
437 $users[$i]["username"] = $row["users_username"];
438 $users[$i]["realname"] = $row["users_realname"];
439 if($row["users_password"]!="") {
440 $users[$i]["haspass"] = true;
442 $users[$i]["haspass"] = false;
444 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
445 if($row["users_tokendata"]!="") {
446 $users[$i]["hastoken"] = true;
448 $users[$i]["hastoken"] = false;
451 if($row["users_otk"]!="") {
452 $users[$i]["otk"] = $row["users_otk"];
454 $users[$i]["otk"] = "";
458 $data_returned = $users;
460 // TODO now set token
465 $d_comp["type"] = $msg_type;
466 $d_comp["data"] = $data_returned;
468 $realdata_returning = "AS:".base64_encode(serialize($d_comp)).":EOD";
470 socket_send($data_socket, $realdata_returning, strlen($realdata_returning), 0);
471 socket_close($data_socket);
473 // now our child exits?
476 // otherwise return to the accept loop