| 6 |
* Copyright (C) 2004-2025 Leaflet <leaflet@leafok.com> |
* Copyright (C) 2004-2025 Leaflet <leaflet@leafok.com> |
| 7 |
*/ |
*/ |
| 8 |
|
|
| 9 |
|
#ifdef HAVE_CONFIG_H |
| 10 |
|
#include "config.h" |
| 11 |
|
#endif |
| 12 |
|
|
| 13 |
#include "bbs.h" |
#include "bbs.h" |
| 14 |
#include "common.h" |
#include "common.h" |
| 15 |
#include "database.h" |
#include "database.h" |
| 25 |
#include <string.h> |
#include <string.h> |
| 26 |
#include <regex.h> |
#include <regex.h> |
| 27 |
#include <unistd.h> |
#include <unistd.h> |
| 28 |
#include <mysql/mysql.h> |
#include <mysql.h> |
| 29 |
#include <sys/param.h> |
#include <sys/param.h> |
| 30 |
|
|
| 31 |
static const int BBS_username_min_len = 3; // common len = 5, special len = 3 |
static const int BBS_username_min_len = 3; // common len = 5, special len = 3 |
| 32 |
static const int BBS_password_min_len = 5; // legacy len = 5, current len = 6 |
static const int BBS_password_min_len = 5; // legacy len = 5, current len = 6 |
| 33 |
|
|
| 34 |
|
static const int BBS_allowed_login_failures_within_interval = 10; |
| 35 |
|
static const int BBS_login_failures_count_interval = 10; // minutes |
| 36 |
|
static const int BBS_allowed_login_failures_per_account = 3; |
| 37 |
|
|
| 38 |
|
const int BBS_login_retry_times = 3; |
| 39 |
|
|
| 40 |
int bbs_login(void) |
int bbs_login(void) |
| 41 |
{ |
{ |
| 42 |
char username[BBS_username_max_len + 1]; |
char username[BBS_username_max_len + 1]; |
| 90 |
return -1; |
return -1; |
| 91 |
} |
} |
| 92 |
|
|
|
log_common("User \"%s\"(%ld) login from %s:%d\n", |
|
|
BBS_username, BBS_priv.uid, hostaddr_client, port_client); |
|
|
|
|
| 93 |
return 0; |
return 0; |
| 94 |
} |
} |
| 95 |
|
|
| 116 |
// Verify format |
// Verify format |
| 117 |
for (i = 0; ok && username[i] != '\0'; i++) |
for (i = 0; ok && username[i] != '\0'; i++) |
| 118 |
{ |
{ |
| 119 |
if (!(isalpha(username[i]) || (i > 0 && (isdigit(username[i]) || username[i] == '_')))) |
if (!(isalpha((int)username[i]) || (i > 0 && (isdigit((int)username[i]) || username[i] == '_')))) |
| 120 |
{ |
{ |
| 121 |
ok = 0; |
ok = 0; |
| 122 |
} |
} |
| 127 |
} |
} |
| 128 |
for (i = 0; ok && password[i] != '\0'; i++) |
for (i = 0; ok && password[i] != '\0'; i++) |
| 129 |
{ |
{ |
| 130 |
if (!isalnum(password[i])) |
if (!isalnum((int)password[i])) |
| 131 |
{ |
{ |
| 132 |
ok = 0; |
ok = 0; |
| 133 |
} |
} |
| 339 |
goto cleanup; |
goto cleanup; |
| 340 |
} |
} |
| 341 |
|
|
| 342 |
|
if (!SSH_v2 && checklevel2(&BBS_priv, P_MAN_S)) |
| 343 |
|
{ |
| 344 |
|
prints("\033[1;31m非普通账户必须使用SSH方式登录\033[m\r\n"); |
| 345 |
|
ret = 1; |
| 346 |
|
goto cleanup; |
| 347 |
|
} |
| 348 |
|
|
| 349 |
snprintf(sql, sizeof(sql), |
snprintf(sql, sizeof(sql), |
| 350 |
"UPDATE user_pubinfo SET visit_count = visit_count + 1, " |
"UPDATE user_pubinfo SET visit_count = visit_count + 1, " |
| 351 |
"last_login_dt = NOW() WHERE UID = %d", |
"last_login_dt = NOW() WHERE UID = %d", |
| 447 |
goto cleanup; |
goto cleanup; |
| 448 |
} |
} |
| 449 |
|
|
| 450 |
|
if (last_login_dt < BBS_eula_tm) |
| 451 |
|
{ |
| 452 |
|
ret = -2; // require update agreement first |
| 453 |
|
goto cleanup; |
| 454 |
|
} |
| 455 |
|
|
| 456 |
cleanup: |
cleanup: |
| 457 |
mysql_free_result(rs); |
mysql_free_result(rs); |
| 458 |
|
|
Parent Directory
| 
Revision Log
| 
Patch