bankinit.php

   1 <?php
   2
   3   // Initialize the server database and create a client account for the bank
   4
   5 require_once "lib/weblib.php";
   6
   7 // Define $dbdir, $bank_name, $index_file, $bankurl, $ssl_domain
   8 if (file_exists("settings.php")) require_once "settings.php";
   9
  10 die_unless_server_properly_configured();
  11 maybe_forward_to_ssl($ssl_domain);
  12
  13 pagehead();
  14 doit();
  15 pagetail();
  16
  17 function mq($x) {
  18   if (get_magic_quotes_gpc()) return stripslashes($x);
  19   else return $x;
  20 }
  21
  22 function mqreq($x) {
  23   return mq($_REQUEST[$x]);
  24 }
  25
  26 $enabledebug = false;
  27
  28 $debug = '';
  29
  30 function appenddebug($x) {
  31   global $debug;
  32   $debug .= $x;
  33 }
  34
  35 function hsc($x) {
  36   return htmlspecialchars($x);
  37 }
  38
  39 function trimsig($x) {
  40   $x = trim($x);
  41   $x = str_replace("\r", "", $x);
  42   $x = str_replace("\n", "", $x);
  43   return $x;
  44 }
  45
  46 function doit() {
  47   global $dbdir, $bank_name, $bankurl;
  48   global $template_file;
  49
  50   $init = mqreq('init');
  51   $initadmin = mqreq('initadmin');
  52   $drawadmin = mqreq('drawadmin');
  53   $passphrase = mqreq('passphrase');
  54   $verification = mqreq('verification');
  55   $bankpass = mqreq('bankpass');
  56   $name = mqreq('name');
  57   $random = mqreq('random');
  58   $sig = mqreq('sig');
  59
  60   require_once "lib/fsdb.php";
  61   require_once "lib/ssl.php";
  62   require_once "lib/server.php";
  63
  64   $ssl = new ssl();
  65   $db = new fsdb($dbdir);
  66
  67   if ($init) {
  68     if (!$passphrase) $error = "Passphrase must be entered";
  69     elseif ($passphrase != $verification) {
  70       $error = "Passphrase doesn't match verification. Try again.";
  71     } else {
  72       $server = new server($db, $ssl, false, $bank_name, $bankurl);
  73       $t = $server->t;
  74       $bankid = $server->bankid;
  75       $tokenid = $server->tokenid;
  76       $msg = "(0,bankid,0):0";
  77       $res = $server->process($msg);
  78       $args = $server->unpack_bankmsg($res, $t->BANKID);
  79       if (is_string($args)) $error = "Error testing server: $args";
  80       else {
  81         $bal = $db->get("account/$bankid/balance/main/$tokenid");
  82         if (!$bal) $error = "Bank has no token balance";
  83         else {
  84           $args = $server->unpack_bankmsg($bal, $t->ATBALANCE, $t->BALANCE);
  85           if (is_string($args)) $error = "On parsing bank token balance: $args";
  86         }
  87       }
  88     }
  89
  90     // Initialize client
  91     if (!$error) {
  92       if (file_exists('client/settings.php')) require_once "client/settings.php";
  93       $dbdir = "client/$dbdir";
  94       $template_file = "client/$template_file";
  95       $error = die_unless_client_properly_configured(true);
  96       if (!$error) {
  97         require_once "lib/client.php";
  98         $clientdb = new fsdb("$dbdir");
  99         $client = new client($clientdb, $ssl);
 100
 101         if ($enabledebug) $client->showprocess = 'appenddebug';
 102
 103         $hash = $client->passphrasehash($passphrase);
 104         if ($clientdb->get("privkey/$hash") ||
 105             $clientdb->get("account/$bankid/bank/$bankid/req")) {
 106           $error = $client->login($passphrase);
 107           if ($error || $bankid != $client->id) {
 108             $error = "Passphrase not for bank account";
 109           }
 110         } else {
 111           $privkey = $db->get('privkey');
 112           $pk = $ssl->load_private_key($privkey);
 113           if (!$pk) $error = "Can't load bank private key";
 114           else {
 115             openssl_pkey_export($pk, $privkey, $passphrase);
 116             openssl_free_key($pk);
 117             $error = $client->verifybank($bankurl, $bankid);
 118             if (!$error) {
 119               $error = $client->newuser($passphrase, $privkey);
 120             }
 121           }
 122         }
 123       }
 124     }
 125     if (!$error) {
 126       $drawadmin = true;
 127       $bankpass = $passphrase;
 128       require_once "lib/LoomRandom.php";
 129       $random = new LoomRandom();
 130       $random = $random->random_id();
 131       $sig = trimsig($ssl->sign($random, $db->get('privkey')));
 132     }
 133   } elseif ($initadmin) {
 134     if (!$passphrase) $error = "Passphrase must be entered";
 135     elseif ($passphrase != $verification) {
 136       $error = "Passphrase doesn't match verification. Try again.";
 137     } else {
 138       // This requires you to get here by knowing the bank passphrase
 139       $sig = trimsig($sig);
 140       $newsig = trimsig($ssl->sign($random, $db->get('privkey')));
 141       if ($newsig != $sig) {
 142         echo "<p>Hacking attempt foiled!</p>";
 143         echo "Lens: " . strlen($sig) . ", " . strlen($newsig) . "<br>\n";
 144         echo "<pre>\"$sig\"\n\n\"$newsig\"</pre>";
 145         return;
 146       }
 147
 148       if (!$server) $server = new server($db, $ssl, false, $bank_name, $bankurl);
 149       $t = $server->t;
 150       $bankid = $server->bankid();
 151       $tokenid = $server->tokenid;
 152
 153       if (file_exists('client/settings.php')) require_once "client/settings.php";
 154       $dbdir = "client/$dbdir";
 155       $template_file = "client/$template_file";
 156       $error = die_unless_client_properly_configured(true);
 157       if (!$error) {
 158         require_once "lib/client.php";
 159         $clientdb = new fsdb("$dbdir");
 160         $client = new client($clientdb, $ssl);
 161
 162         if ($enabledebug) $client->showprocess = 'appenddebug';
 163
 164         $hash = $client->passphrasehash($passphrase);
 165         if (!$clientdb->get("privkey/$hash")) {
 166           // Create the new account
 167           $error = $client->newuser($passphrase);
 168         } else {
 169           $error = $client->login($passphrase);
 170         }
 171         if (!$error) {
 172           $id = $client->id;
 173           if ($clientdb->get("account/$id/bank/$bankid/req")) {
 174             $error = 'Account already exists for that passphrase. ' .
 175                      'Use the <a href="client/">client interface</a> to administer.';
 176           } else {
 177             $error = $client->login($bankpass);
 178             if (!$error) $error = $client->addbank($bankurl);
 179             if (!$error) $error = $client->setbank($bankid);
 180             if (!$error) $error = $client->spend($id, $tokenid, "10000");
 181             if ($error) $error = "While spending tokens from bank: $error";
 182           }
 183           if (!$error) {
 184             $error = $client->login($passphrase);
 185             if (!$error) $error = $client->addbank($bankurl, $name);
 186             if (!$error) {
 187 ?>
 188 <p>Your bank is now ready for business. You may now login as administrator in the
 189 <a href="client/">Client interface</a>, accept your initial tokens from
 190 the bank, and start inviting customers.</p>
 191 <?php
 192               return;
 193             }
 194           }
 195         }
 196       }
 197     }
 198   }
 199
 200   if (!$error) $error = "&nbsp;";
 201
 202   if ($drawadmin) {
 203 ?>
 204 <p>Congratulations! You have succesfully initialized your bank.</p>
 205
 206 <p>Use the form below to create an administration account for your bank.
 207 Use the bank's account only to spend usage tokens to the administration account.
 208 Use the administration account to mint coupons, and to conduct other
 209 bank business.</p>
 210
 211 <p style="color: red;"><?php echo $error; ?></p>
 212 <form method="post" action="./bankinit.php" autocomplete="off">
 213 <input type="hidden" name="drawadmin" value="true"/>
 214 <input type="hidden" name="bankpass" value="<?php echo $bankpass; ?>"/>
 215 <input type="hidden" name="random" value="<?php echo hsc($random); ?>"/>
 216 <input type="hidden" name="sig" value="<?php echo hsc($sig); ?>"/>
 217 <table>
 218 <tr>
 219 <td><b>Admin Passphrase:</b></td>
 220 <td><input type="password" name="passphrase" size="50"/></td>
 221 </tr>
 222 <tr>
 223 <td><b>Verification:</b></td>
 224 <td><input type="password" name="verification" size="50"/></td>
 225 </tr>
 226 <tr>
 227 <tr>
 228 <td><b>Name (optional):</b></td>
 229 <td><input type="text" name="name" size="40" value="<?php echo $name; ?>"/></td>
 230 </tr>
 231 <tr>
 232 <td></td>
 233 <td><input type="submit" name="initadmin" value="Create Admin Account"/></td>
 234 </tr>
 235 </table>
 236 </form>
 237 <?php
 238     return;
 239   }
 240
 241 ?>
 242 <p style="color: red;"><?php echo $error; ?></p>
 243 <form method="post" action="./bankinit.php" autocomplete="off">
 244 <table>
 245 <tr>
 246 <td><b>Bank Passphrase:</b></td>
 247 <td><input type="password" name="passphrase" size="50"/></td>
 248 </tr>
 249 <tr>
 250 <td><b>Verification:</b></td>
 251 <td><input type="password" name="verification" size="50"/></td>
 252 </tr>
 253 <tr>
 254 <td></td>
 255 <td><input type="submit" name="init" value="Initialize"/></td>
 256 </tr>
 257 </table>
 258 </form>
 259 <?php
 260 }
 261
 262 function pagehead() {
 263 ?>
 264 <html>
 265 <head>
 266 <title>Trubanc Bank Initialization</title>
 267 </title>
 268 </head>
 269 <body onload="document.forms[0].passphrase.focus()">
 270 <p>This page initializes your bank, creates the bank private key,
 271 and creates a client account for the bank.</p>
 272 <?php
 273 }
 274
 275 function pagetail() {
 276   global $debug;
 277
 278  if ($debug) echo "<b>=== Debug log ===</b><br/><pre>$debug</pre>\n";
 279 ?>
 280 </body>
 281 </html>
 282 <?php
 283 }