3 // TODO: SO MUCH ERROR CHECKING ITS NOT FUNNY
6 // get out master library for ga4php
7 require_once("../lib/lib.php");
11 // first we want to fork into the background like all good daemons should
12 //$pid = pcntl_fork();
14 // uncomment this bit and comment the fork above to stop it going into the background
20 // i am the parent, i shall leave
21 echo "i am a parent, i leave\n";
24 // here is where i need to swithc to TCP network protocol stuff
25 // i must bind 127.0.0.1 though.
26 // what i want to happen is this:
27 // 1) server receives connection
28 // 2) server forks off process to process connection
29 // 3) main server continues.
30 // a forked process thingy should be fully self contained and capable of dealing
31 // with "problems", i.e. the parent doesnt want to have to clean up children
32 global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
33 global $TCP_PORT_NUMBER;
35 $cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT');
36 $sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT');
38 // Here goes the tcp equivalent
40 $res = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
41 socket_bind($res, "127.0.0.1", 10056);
45 $data_socket = socket_accept($res);
47 $forked = pcntl_fork();
49 // TODO: DEAL WITH THIS PROPERLY
51 echo "Failed to fork\n";
53 // I am the child, i process the request
54 // all the shit down below goes in here
58 $size = socket_recv($data_socket, $recvd_a, 1024, 0);
60 if(preg_match("/.*\:EOD$/", $recvd) {
61 // we have a full string... break out
69 $xps = explode(":", $recvd);
70 $component = unserialize(base64_decode($xps[1]));
71 $msg_type = $component["type"];
72 $msg = $component["data"];
74 // the switch should now set a $data_returned value that gets bundled up and sent back to the client
75 // HERES WHERE THE SWITCH GOES
78 case MSG_GET_RADIUS_CLIENTS:
79 $sql = "select * from radclients";
81 $res = $dbo->query($sql);
84 foreach($res as $row) {
85 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
86 $clients[$i]["name"] = $row["rad_name"];
87 $clients[$i]["ip"] = $row["rad_ip"];
88 $clients[$i]["secret"] = $row["rad_secret"];
89 $clients[$i]["desc"] = $row["rad_desc"];
92 $data_returned = $clients;
94 case MSG_REMOVE_RADIUS_CLIENT:
95 // it should send us a client by rad_name - doesnt work yet
96 $client = $msg["clientname"];
97 $sql = "delete from radclients where rad_name='$client'";
99 $res = $dbo->query($sql);
101 $data_returned = true;
103 case MSG_ADD_RADIUS_CLIENT:
104 echo "in addradclient\n";
105 $client = $msg["clientname"];
106 $clientsecret = $msg["clientsecret"];
107 $clientip = $msg["clientip"];
108 $clientdesc = $msg["clientdescription"];
109 $dbo = getDatabase();
111 // check for existing clients with same name
112 $sql = "select * from radclients where rad_name='$client'";
113 echo "doing select, $sql\n";
114 $res = $dbo->query($sql);
115 if($res->fetchColumn() > 0) {
116 $data_returned = "name";
119 // check for existing clients with same ip
120 $sql = "select * from radclients where rad_ip='$clientip'";
121 $res = $dbo->query($sql);
122 echo "doing select, $sql\n";
123 if($res->fetchColumn() > 0) {
124 $data_returned = "ip";
127 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
128 $res = $dbo->query($sql);
130 $data_returned = true;
135 case MSG_DELETE_USER_TOKEN:
136 $username = $msg["username"];
138 $sql = "select users_otk from users where users_username='$username'";
139 $dbo = getDatabase();
140 $res = $dbo->query($sql);
142 foreach($res as $row) {
143 $otkid = $row["users_otk"];
147 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
150 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
151 $dbo = getDatabase();
152 $res = $dbo->query($sql);
154 $data_returned = true;
156 case MSG_AUTH_USER_TOKEN:
157 echo "Call to auth user token\n";
158 // minimal checking, we leav it up to authenticateUser to do the real
160 if(!isset($msg["username"])) $msg["username"] = "";
161 if(!isset($msg["passcode"])) $msg["passcode"] = "";
162 $username = $msg["username"];
163 $passcode = $msg["passcode"];
165 $authval = $myga->authenticateUser($username, $passcode);
166 $data_returned = $authval;
169 if(!isset($msg["username"])) {
170 msg_send($cl_queue, MSG_GET_OTK_ID, false);
172 $username = $msg["username"];
173 $sql = "select users_otk from users where users_username='$username'";
174 $dbo = getDatabase();
175 $res = $dbo->query($sql);
177 foreach($res as $row) {
178 $otkid = $row["users_otk"];
182 $data_returned = false;
184 $data_returned = $otkid;
188 case MSG_GET_OTK_PNG:
189 if(!isset($msg["otk"])) {
190 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
193 $sql = "select users_username from users where users_otk='$otk'";
194 $dbo = getDatabase();
195 $res = $dbo->query($sql);
197 foreach($res as $row) {
198 $username = $row["users_username"];
201 if($username == "") {
202 $data_returned = false;
204 } else if($username != $msg["username"]) {
205 $data_returned = false;
208 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
209 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
211 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
212 $sql = "update users set users_otk='' where users_username='$username'";
214 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
215 $data_returned = $data;
221 if(!isset($msg["username"])) {
222 $data_returned = false;
224 $tokenone = $msg["tokenone"];
225 $tokentwo = $msg["tokentwo"];
227 $data_returned = $myga->resyncCode($msg["username"], $tokenone, $tokentwo);
231 case MSG_GET_TOKEN_TYPE:
232 if(!isset($msg["username"])) {
233 $data_returned = false;
235 $data_returned = $myga->getTokenType($msg["username"]);
238 case MSG_ADD_USER_TOKEN:
239 echo "Call to add user token\n";
240 if(!isset($msg["username"])) {
241 $data_returned = false;
244 $username = $msg["username"];
246 if(isset($msg["tokentype"])) {
247 $tokentype=$msg["tokentype"];
250 if(isset($msg["hexkey"])) {
251 $hexkey = $msg["hexkey"];
254 $myga->setUser($username, $tokentype, "", $hexkey);
256 $url = $myga->createUrl($username);
257 echo "Url was: $url\n";
258 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
259 $otk = generateRandomString();
260 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
262 $sql = "update users set users_otk='$otk' where users_username='$username'";
263 $dbo = getDatabase();
264 $res = $dbo->query($sql);
266 $data_returned = true;
269 case MSG_DELETE_USER:
270 echo "Call to del user\n";
271 if(!isset($msg["username"])) {
272 $data_returned = false;
274 $username = $msg["username"];
277 $sql = "select users_otk from users where users_username='$username'";
278 $dbo = getDatabase();
279 $res = $dbo->query($sql);
281 foreach($res as $row) {
282 $otkid = $row["users_otk"];
285 unlink("otks/$otkid.png");
289 $sql = "delete from users where users_username='$username'";
290 $dbo = getDatabase();
293 $data_returned = true;
296 case MSG_AUTH_USER_PASSWORD:
298 echo "Call to auth user pass\n";
299 if(!isset($msg["username"])) {
300 $data_returned = false;
303 if(!isset($msg["password"])) {
304 $data_returned = false;
308 $username = $msg["username"];
309 $password = $msg["password"];
310 $sql = "select users_password from users where users_username='$username'";
311 $dbo = getDatabase();
312 $res = $dbo->query($sql);
314 foreach($res as $row) {
315 $pass = $row["users_password"];
319 $ourpass = hash('sha512', $password);
320 echo "ourpass: $ourpass\nourhash: $pass\n";
321 if($ourpass == $pass) {
322 $data_returned = true;
325 $data_returned = false;
330 case MSG_SET_USER_PASSWORD:
331 echo "how on earth is that happening Call to set user pass, wtf?\n";
334 if(!isset($msg["username"])) {
335 $data_returned = false;
339 if(!isset($msg["password"])) {
340 $data_returned = false;
345 $username = $msg["username"];
346 $password = $msg["password"];
348 echo "would set pass for $username, to $password\n";
349 if($password == "") $pass = "";
350 else $pass = hash('sha512', $password);
352 $dbo = getDatabase();
353 echo "in set user pass for $username, $pass\n";
354 $sql = "update users set users_password='$pass' where users_username='$username'";
358 $data_returned = true;
361 // these are irrelavent yet
364 case MSG_SET_USER_REALNAME:
365 echo "Call to set user realname\n";
367 if(!isset($msg["username"])) {
368 $data_returned = false;
371 if(!isset($msg["realname"])) {
372 $data_returned = false;
376 $username = $msg["username"];
377 $realname = $msg["realname"];
378 $sql = "update users set users_realname='$realname' where users_username='$username'";
379 $dbo = getDatabase();
383 $data_returned = true;
385 // TODO now set real name
387 case MSG_SET_USER_TOKEN:
389 echo "Call to set user token\n";
390 if(!isset($msg["username"])) {
391 $data_returned = false;
394 if(!isset($msg["tokenstring"])) {
395 $data_returned = false;
400 $username = $msg["username"];
401 $token = $msg["tokenstring"];
402 $return = $myga->setUserKey($username, $token);
403 $data_returned = $return;
405 // TODO now set token
407 case MSG_SET_USER_TOKEN_TYPE:
409 echo "Call to set user token type\n";
410 if(!isset($msg["username"])) {
411 $data_returned = false;
414 if(!isset($msg["tokentype"])) {
415 $data_returned = false;
419 $username = $msg["username"];
420 $tokentype = $msg["tokentype"];
422 $data_returned = $myga->setTokenType($username, $tokentype);
424 // TODO now set token
427 // TODO this needs to be better
428 $sql = "select * from users order by users_username";
430 $dbo = getDatabase();
431 $res = $dbo->query($sql);
435 foreach($res as $row) {
436 $users[$i]["username"] = $row["users_username"];
437 $users[$i]["realname"] = $row["users_realname"];
438 if($row["users_password"]!="") {
439 $users[$i]["haspass"] = true;
441 $users[$i]["haspass"] = false;
443 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
444 if($row["users_tokendata"]!="") {
445 $users[$i]["hastoken"] = true;
447 $users[$i]["hastoken"] = false;
450 if($row["users_otk"]!="") {
451 $users[$i]["otk"] = $row["users_otk"];
453 $users[$i]["otk"] = "";
457 $data_returned = $users;
459 // TODO now set token
464 $d_comp["type"] = $msg_type;
465 $d_comp["data"] = $data_returned;
467 $realdata_returning = "AS:".base64_encode(serialize($d_comp)).":EOD";
469 socket_send($data_socket, $realdata_returning, strlen($realdata_returning), 0);
470 socket_close($data_socket);
472 // now our child exits?
475 // otherwise return to the accept loop
480 $myga = new gaasGA();
485 msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
486 echo "got message of type $msg_type\n";
488 case MSG_GET_RADIUS_CLIENTS:
489 $sql = "select * from radclients";
490 $dbo = getDatabase();
491 $res = $dbo->query($sql);
494 foreach($res as $row) {
495 // $sql = 'CREATE TABLE "radclients" ("rad_id" INTEGER PRIMARY KEY AUTOINCREMENT,"rad_name" TEXT, "rad_ip" TEXT, "rad_secret" TEXT, "rad_desc" TEXT);';
496 $clients[$i]["name"] = $row["rad_name"];
497 $clients[$i]["ip"] = $row["rad_ip"];
498 $clients[$i]["secret"] = $row["rad_secret"];
499 $clients[$i]["desc"] = $row["rad_desc"];
502 msg_send($cl_queue, MSG_GET_RADIUS_CLIENTS, $clients);
504 case MSG_REMOVE_RADIUS_CLIENT:
505 // it should send us a client by rad_name - doesnt work yet
506 $client = $msg["clientname"];
507 $sql = "delete from radclients where rad_name='$client'";
508 $dbo = getDatabase();
509 $res = $dbo->query($sql);
511 msg_send($cl_queue, MSG_REMOVE_RADIUS_CLIENT, true);
513 case MSG_ADD_RADIUS_CLIENT:
514 echo "in addradclient\n";
515 $client = $msg["clientname"];
516 $clientsecret = $msg["clientsecret"];
517 $clientip = $msg["clientip"];
518 $clientdesc = $msg["clientdescription"];
519 $dbo = getDatabase();
521 // check for existing clients with same name
522 $sql = "select * from radclients where rad_name='$client'";
523 echo "doing select, $sql\n";
524 $res = $dbo->query($sql);
525 if($res->fetchColumn() > 0) {
526 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "name");
529 // check for existing clients with same ip
530 $sql = "select * from radclients where rad_ip='$clientip'";
531 $res = $dbo->query($sql);
532 echo "doing select, $sql\n";
533 if($res->fetchColumn() > 0) {
534 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, "ip");
537 $sql = "insert into radclients values (NULL, '$client', '$clientip', '$clientsecret', '$clientdesc')";
538 $res = $dbo->query($sql);
540 msg_send($cl_queue, MSG_ADD_RADIUS_CLIENT, true);
545 case MSG_DELETE_USER_TOKEN:
546 $username = $msg["username"];
548 $sql = "select users_otk from users where users_username='$username'";
549 $dbo = getDatabase();
550 $res = $dbo->query($sql);
552 foreach($res as $row) {
553 $otkid = $row["users_otk"];
557 unlink("$BASE_DIR/authserver/authd/otks/$otkid.png");
560 $sql = "update users set users_tokendata='',users_otk='' where users_username='$username'";
561 $dbo = getDatabase();
562 $res = $dbo->query($sql);
564 msg_send($cl_queue, MSG_DELETE_USER_TOKEN, true);
566 case MSG_AUTH_USER_TOKEN:
567 echo "Call to auth user token\n";
568 // minimal checking, we leav it up to authenticateUser to do the real
570 if(!isset($msg["username"])) $msg["username"] = "";
571 if(!isset($msg["passcode"])) $msg["passcode"] = "";
572 $username = $msg["username"];
573 $passcode = $msg["passcode"];
575 $authval = $myga->authenticateUser($username, $passcode);
576 msg_send($cl_queue, MSG_AUTH_USER_TOKEN, $authval);
579 if(!isset($msg["username"])) {
580 msg_send($cl_queue, MSG_GET_OTK_ID, false);
582 $username = $msg["username"];
583 $sql = "select users_otk from users where users_username='$username'";
584 $dbo = getDatabase();
585 $res = $dbo->query($sql);
587 foreach($res as $row) {
588 $otkid = $row["users_otk"];
592 msg_send($cl_queue, MSG_GET_OTK_ID, false);
594 msg_send($cl_queue, MSG_GET_OTK_ID, $otkid);
598 case MSG_GET_OTK_PNG:
599 if(!isset($msg["otk"])) {
600 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
603 $sql = "select users_username from users where users_otk='$otk'";
604 $dbo = getDatabase();
605 $res = $dbo->query($sql);
607 foreach($res as $row) {
608 $username = $row["users_username"];
611 if($username == "") {
612 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
613 } else if($username != $msg["username"]) {
614 msg_send($cl_queue, MSG_GET_OTK_PNG, false);
617 $hand = fopen("$BASE_DIR/authserver/authd/otks/$otk.png", "rb");
618 $data = fread($hand, filesize("$BASE_DIR/authserver/authd/otks/$otk.png"));
620 unlink("$BASE_DIR/authserver/authd/otks/$otk.png");
621 $sql = "update users set users_otk='' where users_username='$username'";
623 error_log("senting otk, fsize: ".filesize("$BASE_DIR/authserver/authd/otks/$otk.png")." $otk ");
624 msg_send($cl_queue, MSG_GET_OTK_PNG, $data);
630 if(!isset($msg["username"])) {
631 msg_send($cl_queue, MSG_SYNC_TOKEN, false);
633 $tokenone = $msg["tokenone"];
634 $tokentwo = $msg["tokentwo"];
636 msg_send($cl_queue, MSG_SYNC_TOKEN, $myga->resyncCode($msg["username"], $tokenone, $tokentwo));
640 case MSG_GET_TOKEN_TYPE:
641 if(!isset($msg["username"])) {
642 msg_send($cl_queue, MSG_GET_TOKEN_TYPE, false);
644 msg_send($cl_queue, MSG_GET_TOKEN_TYPE, $myga->getTokenType($msg["username"]));
647 case MSG_ADD_USER_TOKEN:
648 echo "Call to add user token\n";
649 if(!isset($msg["username"])) {
650 msg_send($cl_queue, MSG_ADD_USER_TOKEN, false);
653 $username = $msg["username"];
655 if(isset($msg["tokentype"])) {
656 $tokentype=$msg["tokentype"];
659 if(isset($msg["hexkey"])) {
660 $hexkey = $msg["hexkey"];
663 $myga->setUser($username, $tokentype, "", $hexkey);
665 $url = $myga->createUrl($username);
666 echo "Url was: $url\n";
667 if(!file_exists("$BASE_DIR/authserver/authd/otks")) mkdir("$BASE_DIR/authserver/authd/otks");
668 $otk = generateRandomString();
669 system("qrencode -o $BASE_DIR/authserver/authd/otks/$otk.png '$url'");
671 $sql = "update users set users_otk='$otk' where users_username='$username'";
672 $dbo = getDatabase();
673 $res = $dbo->query($sql);
675 msg_send($cl_queue, MSG_ADD_USER_TOKEN, true);
678 case MSG_DELETE_USER:
679 echo "Call to del user\n";
680 if(!isset($msg["username"])) {
681 msg_send($cl_queue, MSG_DELETE_USER, false);
683 $username = $msg["username"];
686 $sql = "select users_otk from users where users_username='$username'";
687 $dbo = getDatabase();
688 $res = $dbo->query($sql);
690 foreach($res as $row) {
691 $otkid = $row["users_otk"];
694 unlink("otks/$otkid.png");
698 $sql = "delete from users where users_username='$username'";
699 $dbo = getDatabase();
702 msg_send($cl_queue, MSG_DELETE_USER, true);
705 case MSG_AUTH_USER_PASSWORD:
707 echo "Call to auth user pass\n";
708 if(!isset($msg["username"])) {
709 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
712 if(!isset($msg["password"])) {
713 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
717 $username = $msg["username"];
718 $password = $msg["password"];
719 $sql = "select users_password from users where users_username='$username'";
720 $dbo = getDatabase();
721 $res = $dbo->query($sql);
723 foreach($res as $row) {
724 $pass = $row["users_password"];
728 $ourpass = hash('sha512', $password);
729 echo "ourpass: $ourpass\nourhash: $pass\n";
730 if($ourpass == $pass) {
731 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, true);
734 msg_send($cl_queue, MSG_AUTH_USER_PASSWORD, false);
739 case MSG_SET_USER_PASSWORD:
740 echo "how on earth is that happening Call to set user pass, wtf?\n";
743 if(!isset($msg["username"])) {
744 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
748 if(!isset($msg["password"])) {
749 msg_send($cl_queue, MSG_SET_USER_PASSWORD, false);
754 $username = $msg["username"];
755 $password = $msg["password"];
757 echo "would set pass for $username, to $password\n";
758 if($password == "") $pass = "";
759 else $pass = hash('sha512', $password);
761 $dbo = getDatabase();
762 echo "in set user pass for $username, $pass\n";
763 $sql = "update users set users_password='$pass' where users_username='$username'";
767 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
770 // these are irrelavent yet
773 case MSG_SET_USER_REALNAME:
774 echo "Call to set user realname\n";
776 if(!isset($msg["username"])) {
777 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
780 if(!isset($msg["realname"])) {
781 msg_send($cl_queue, MSG_SET_USER_REALNAME, false);
785 $username = $msg["username"];
786 $realname = $msg["realname"];
787 $sql = "update users set users_realname='$realname' where users_username='$username'";
788 $dbo = getDatabase();
792 msg_send($cl_queue, MSG_SET_USER_REALNAME, true);
794 // TODO now set real name
796 case MSG_SET_USER_TOKEN:
798 echo "Call to set user token\n";
799 if(!isset($msg["username"])) {
800 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
803 if(!isset($msg["tokenstring"])) {
804 msg_send($cl_queue, MSG_SET_USER_TOKEN, false);
809 $username = $msg["username"];
810 $token = $msg["tokenstring"];
811 $return = $myga->setUserKey($username, $token);
812 msg_send($cl_queue, MSG_SET_USER_TOKEN, $return);
814 // TODO now set token
816 case MSG_SET_USER_TOKEN_TYPE:
818 echo "Call to set user token type\n";
819 if(!isset($msg["username"])) {
820 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
823 if(!isset($msg["tokentype"])) {
824 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, false);
828 $username = $msg["username"];
829 $tokentype = $msg["tokentype"];
831 msg_send($cl_queue, MSG_SET_USER_TOKEN_TYPE, $myga->setTokenType($username, $tokentype));
833 // TODO now set token
836 // TODO this needs to be better
837 $sql = "select * from users order by users_username";
839 $dbo = getDatabase();
840 $res = $dbo->query($sql);
844 foreach($res as $row) {
845 $users[$i]["username"] = $row["users_username"];
846 $users[$i]["realname"] = $row["users_realname"];
847 if($row["users_password"]!="") {
848 $users[$i]["haspass"] = true;
850 $users[$i]["haspass"] = false;
852 echo "user: ".$users[$i]["username"]." has tdata: \"".$row["users_tokendata"]."\"\n";
853 if($row["users_tokendata"]!="") {
854 $users[$i]["hastoken"] = true;
856 $users[$i]["hastoken"] = false;
859 if($row["users_otk"]!="") {
860 $users[$i]["otk"] = $row["users_otk"];
862 $users[$i]["otk"] = "";
866 msg_send($cl_queue, MSG_GET_USERS, $users);
868 // TODO now set token