web challenge redirects

2018-07-19 17:51:32 +02:00 · 2018-07-19 17:51:32 +02:00 · 372e704a58
parent 4f7fb2cebe
commit 372e704a58
6 changed files with 50 additions and 30 deletions
--- a/world/net/include/net.h
+++ b/world/net/include/net.h
@ -146,6 +146,12 @@
 # echo Please fix your #define REGISTERED_USERS_ONLY
 # define _flag_disable_unauthenticated_users
 #endif
+#ifdef _flag_disable_unauthenticated_users
+# define _flag_disable_unauthenticated_users_XMPP
+#endif
+#ifdef _flag_disable_registration
+# define _flag_disable_registration_XMPP
+#endif

 #ifdef RELAY
 # define	_flag_disable_authorization
--- a/world/net/include/place.gen
+++ b/world/net/include/place.gen
@ -616,12 +616,20 @@ htget(prot, query, headers, qs) {
 // maybe this all belongs into archetype.gen.. chesmo!
 htget(prot, query, headers, qs, data, noprocess) {
 	if (stringp(headers["cookie"]) && regmatch(headers["cookie"],
-		 "challenge=complete&answer="+ md5(CHALLENGE_MATCH)))
-# ifdef HTGET
-	    return HTGET;
+		 "challenge=complete&answer="+ md5(CHALLENGE_MATCH))) {
+		htnotify(query, headers, "_accomplished_web",
+		    "Challenge accomplished in [_nick_place] by [_web_on] coming from [_web_from].");
+# ifdef CHALLENGE_REDIRECT
+		return htredirect(prot, CHALLENGE_REDIRECT);
 # else
-	    return ::htget(prot, query, headers, qs, data, noprocess);
+#  ifdef HTGET
+		// you may want to output a player iframe instead of a redirect...
+		return HTGET;
+#  else
+		return ::htget(prot, query, headers, qs, data, noprocess);
+#  endif
 # endif
+	}
 	string item = headers[item] || "/@"+ MYNICK;
 	if (stringp(query["answer"]) && headers["cookie"] &&
 	    regmatch(headers["cookie"], "challenge=given") &&
@ -645,6 +653,8 @@ htget(prot, query, headers, qs, data, noprocess) {
 	       "_parameters" : query["parameters"] || qs,
 	       "_nick_place" : MYNICK ]) );
 	// printf("%O vs %O\n", query, headers);
+	htnotify(query, headers, "_challenged_web",
+	    "[_nick_place] challenges [_web_on] coming from [_web_from].");
 	return 1;
 }
 #endif
--- a/world/net/jabber/disco.c
+++ b/world/net/jabber/disco.c
@ -18,11 +18,9 @@
 disco_info_root(vars) {
    string featurelist;
    featurelist = "<feature var='http://jabber.org/protocol/muc'/>"
-#ifndef _flag_disable_unauthenticated_users
-# ifndef _flag_disable_registration
-#  ifndef _flag_disable_registration_XMPP
+#ifndef _flag_disable_unauthenticated_users_XMPP
+# ifndef _flag_disable_registration_XMPP
 		"<feature var='jabber:iq:register'/>"
-#  endif
 # endif
 #endif
 #ifndef VOLATILE
--- a/world/net/jabber/server.c
+++ b/world/net/jabber/server.c
@ -187,7 +187,7 @@ jabberMsg(XMLNode node) {
 	    case "jabber:iq:register":
 		if (node["@type"] == "get"){
 		    string packet;
-#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP)
+#if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP)
 		    // super dirty.. this should all be in textdb
 		    packet = sprintf("<iq type='result' id='%s'>"
 				     "<query xmlns='jabber:iq:register'/>"
@ -234,7 +234,7 @@ jabberMsg(XMLNode node) {
 			emit(packet);
 			// QUIT
 		    } else {
-#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP)
+#if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP)
 			// TODO: generate some error as above
 #else
 			user -> vSet("password", t[Cdata]);
@ -358,7 +358,7 @@ jabberMsg(XMLNode node) {
 # endif
 		break;
 #endif
-#ifndef _flag_disable_unauthenticated_users
+#ifndef _flag_disable_unauthenticated_users_XMPP
 	    case "ANONYMOUS":
 		unless(node[Cdata]) {
 		    SASL_ERROR("incorrect-encoding")
@ -481,7 +481,7 @@ open_stream(XMLNode node) {
 		      "<mechanism>DIGEST-MD5</mechanism>"
 #endif
 		      "<mechanism>PLAIN</mechanism>";
-#ifndef _flag_disable_unauthenticated_users
+#ifndef _flag_disable_unauthenticated_users_XMPP
 		    // sasl anonymous
 		      "<mechanism>ANONYMOUS</mechanism>";
 #endif
@ -497,7 +497,7 @@ open_stream(XMLNode node) {
 #endif
 		features += "</mechanisms>";
 		features += "<auth xmlns='http://jabber.org/features/iq-auth'/>";
-#ifndef _flag_disable_unauthenticated_users
+#ifndef _flag_disable_registration_XMPP
 		features += "<register xmlns='http://jabber.org/features/iq-register'/>";
 #endif
 	    }
--- a/world/net/jabber/user.c
+++ b/world/net/jabber/user.c
@ -627,7 +627,7 @@ iq(XMLNode node) {
 	    break;
 	}
 	break;
-#if !defined(_flag_disable_unauthenticated_users) && !defined(_flag_disable_registration) && !defined(_flag_disable_registration_XMPP)
+#if !defined(_flag_disable_unauthenticated_users_XMPP) && !defined(_flag_disable_registration_XMPP)
    case "jabber:iq:register":
 	switch(node["@type"]) {
 	case "get":
--- a/world/net/place/archetype.gen
+++ b/world/net/place/archetype.gen
@ -473,6 +473,27 @@ _request_set_topic(source, mc, data, vars, b) {
 #endif

 #if HAS_PORT(HTTP_PORT, HTTP_PATH) || HAS_PORT(HTTPS_PORT, HTTP_PATH)
+// for GDPR compliance server owners are expected not to log these messages
+htnotify(query, headers, mc, fmt) {
+	if (query["from"] == "") query["from"] = 0;
+	if (query["location"] == "") query["location"] = 0;
+
+	// should be renamed into _notice_examine_web_place
+	castmsg(ME, "_notice_place"+(mc || "_examine_web"),
+	    fmt || "[_nick_place] viewed on [_web_on] coming from [_web_from].",
+	([	"_web_referrer" : query["from"] || "bookmark",
+		"_web_page" : query["location"] || headers["referer"] || "",
+		"_web_browser" : headers["user-agent"] || "",
+		"_web_on" : query["location"] || headers["referer"] ||
+			    headers["user-agent"] || "",
+		"_web_from" : query["from"] ||
+			    query_ip_name(this_interactive()) ||
+			    headers["user-agent"] || "http",
+		"_host_name" : query_ip_name(this_interactive()) || "",
+		"_nick_place" : MYNICK || "This place",
+	    ]) );
+}
+
 htget(prot, query, headers, qs, data, noprocess) {
    //P3((">> archetype.gen:htget(%O, %O, %O, %O, %O, %O)\n", prot, query, headers, qs, data, noprocess))
 # ifdef PLACE_SCRATCHPAD
@ -629,22 +650,7 @@ htget(prot, query, headers, qs, data, noprocess) {
 	    }
 	}
 #  ifndef _flag_disable_notice_place_examine_web
-	if (query["from"] == "") query["from"] = 0;
-	if (query["location"] == "") query["location"] = 0;
-
-	// should be renamed into _notice_examine_web_place
-	castmsg(ME, "_notice_place_examine_web", "[_nick_place] inspected on [_web_on] coming from [_web_from].",
-	([	"_web_referrer" : query["from"] || "bookmark",
-		"_web_page" : query["location"] || headers["referer"] || "",
-		"_web_browser" : headers["user-agent"] || "",
-		"_web_on" : query["location"] || headers["referer"] ||
-			    headers["user-agent"] || "",
-		"_web_from" : query["from"] ||
-			//    query_ip_name(this_interactive()) ||
-			    headers["user-agent"] || "http",
-		"_host_name" : query_ip_name(this_interactive()) || "",
-		"_nick_place" : MYNICK || "This place",
-	    ]) );
+	htnotify(query, headers, "_examine_web");
 #  endif

 	// this is usually not very interesting really.. like: