From 18e6d6e66101ea041b94514e0edb2713e069abb0 Mon Sep 17 00:00:00 2001
Message-Id: <18e6d6e66101ea041b94514e0edb2713e069abb0.1714136685.git.mdw@distorted.org.uk>
From: Mark Wooding <mdw@chiark.greenend.org.uk>
Date: Sun, 16 Sep 2007 17:26:14 +0100
Subject: [PATCH] --wide-open option; better login failure logging
Organization: Straylight/Edgeware

From: rjk@greenend.org.uk <>

---
 server/disorderd.c |  2 ++
 server/server.c    | 37 ++++++++++++++++++++++---------------
 server/server.h    |  2 ++
 3 files changed, 26 insertions(+), 15 deletions(-)

diff --git a/server/disorderd.c b/server/disorderd.c
index 4a3915a..f2ebb9a 100644
--- a/server/disorderd.c
+++ b/server/disorderd.c
@@ -70,6 +70,7 @@ static const struct option options[] = {
   { "log", required_argument, 0, 'l' },
   { "pidfile", required_argument, 0, 'P' },
   { "no-initial-rescan", no_argument, 0, 'N' },
+  { "wide-open", no_argument, 0, 'w' },
   { "syslog", no_argument, 0, 's' },
   { 0, 0, 0, 0 }
 };
@@ -221,6 +222,7 @@ int main(int argc, char **argv) {
     case 'P': pidfile = optarg; break;
     case 'N': initial_rescan = 0; break;
     case 's': logsyslog = 1; break;
+    case 'w': wideopen = 1; break;
     default: fatal(0, "invalid option");
     }
   }
diff --git a/server/server.c b/server/server.c
index 6e15115..5837e38 100644
--- a/server/server.c
+++ b/server/server.c
@@ -69,6 +69,12 @@
 
 int volume_left, volume_right;		/* last known volume */
 
+/** @brief Accept all well-formed login attempts
+ *
+ * Used in debugging.
+ */
+int wideopen;
+
 struct listener {
   const char *name;
   int pf;
@@ -373,28 +379,29 @@ static int c_user(struct conn *c,
       sink_writes(ev_writer_sink(c->w), "530 authentication failure\n");
       return 1;
     }
-  }
+  } else
+    strcpy(host, "local");
   /* find the user */
   for(n = 0; n < config->allow.n
 	&& strcmp(config->allow.s[n].s[0], vec[0]); ++n)
     ;
   /* if it's a real user check whether the response is right */
-  if(n < config->allow.n) {
-    res = authhash(c->nonce, sizeof c->nonce, config->allow.s[n].s[1]);
-    if(res && !strcmp(res, vec[1])) {
-      c->who = vec[0];
-      /* currently we only bother logging remote connections */
-      if(c->l->pf != PF_UNIX)
-	info("S%x %s connected from %s", c->tag, vec[0], host);
-      sink_writes(ev_writer_sink(c->w), "230 OK\n");
-      return 1;
-    }
+  if(n >= config->allow.n) {
+    info("S%x unknown user '%s' from %s", c->tag, vec[0], host);
+    sink_writes(ev_writer_sink(c->w), "530 authentication failed\n");
+    return 1;
+  }
+  res = authhash(c->nonce, sizeof c->nonce, config->allow.s[n].s[1]);
+  if(wideopen || (res && !strcmp(res, vec[1]))) {
+    c->who = vec[0];
+    /* currently we only bother logging remote connections */
+    if(c->l->pf != PF_UNIX)
+      info("S%x %s connected from %s", c->tag, vec[0], host);
+    sink_writes(ev_writer_sink(c->w), "230 OK\n");
+    return 1;
   }
   /* oops, response was wrong */
-  if(c->l->pf != PF_UNIX)
-    info("S%x authentication failure for %s from %s", c->tag, vec[0], host);
-  else
-    info("S%x authentication failure for %s", c->tag, vec[0]);
+  info("S%x authentication failure for %s from %s", c->tag, vec[0], host);
   sink_writes(ev_writer_sink(c->w), "530 authentication failed\n");
   return 1;
 }
diff --git a/server/server.h b/server/server.h
index f044120..a3a5beb 100644
--- a/server/server.h
+++ b/server/server.h
@@ -36,6 +36,8 @@ int server_stop(ev_source *ev, int fd);
 
 extern int volume_left, volume_right;	/* last known volume */
 
+extern int wideopen;			/* blindly accept all logins */
+
 #endif /* SERVER_H */
 
 /*
-- 
[mdw]