bankinit.php

   1 <?php
   2
   3   // Initialize the server database and create a client account for the bank
   4
   5 require_once "lib/weblib.php";
   6
   7 // Define $dbdir, $bank_name, $index_file, $bankurl, $ssl_domain
   8 if (file_exists("settings.php")) require_once "settings.php";
   9
  10 die_unless_server_properly_configured();
  11 maybe_forward_to_ssl($ssl_domain);
  12
  13 pagehead();
  14 doit();
  15 pagetail();
  16
  17 function mq($x) {
  18   if (get_magic_quotes_gpc()) return stripslashes($x);
  19   else return $x;
  20 }
  21
  22 function mqreq($x) {
  23   return mq($_REQUEST[$x]);
  24 }
  25
  26 $enabledebug = false;
  27
  28 $debug = '';
  29
  30 function appenddebug($x) {
  31   global $debug;
  32   $debug .= $x;
  33 }
  34
  35 function hsc($x) {
  36   return htmlspecialchars($x);
  37 }
  38
  39 function trimsig($x) {
  40   $x = trim($x);
  41   $x = str_replace("\r", "", $x);
  42   $x = str_replace("\n", "", $x);
  43   return $x;
  44 }
  45
  46 function doit() {
  47   global $dbdir, $bank_name, $bankurl;
  48   global $template_file;
  49
  50   $init = mqreq('init');
  51   $initadmin = mqreq('initadmin');
  52   $drawadmin = mqreq('drawadmin');
  53   $passphrase = mqreq('passphrase');
  54   $verification = mqreq('verification');
  55   $bankpass = mqreq('bankpass');
  56   $name = mqreq('name');
  57   $random = mqreq('random');
  58   $sig = mqreq('sig');
  59
  60   require_once "lib/fsdb.php";
  61   require_once "lib/ssl.php";
  62   require_once "lib/server.php";
  63
  64   $ssl = new ssl();
  65   $db = new fsdb($dbdir);
  66
  67   if ($init) {
  68     if (!$passphrase) $error = "Passphrase must be entered";
  69     elseif ($passphrase != $verification) {
  70       $error = "Passphrase doesn't match verification. Try again.";
  71     } else {
  72       $server = new server($db, $ssl, false, $bank_name, $bankurl);
  73       $t = $server->t;
  74       $bankid = $server->bankid;
  75       $tokenid = $server->tokenid;
  76       $msg = "(0,bankid,0):0";
  77       $res = $server->process($msg);
  78       $args = $server->unpack_bankmsg($res, $t->BANKID);
  79       if (is_string($args)) $error = "Error testing server: $args";
  80       else {
  81         $bal = $db->get("account/$bankid/balance/main/$tokenid");
  82         if (!$bal) $error = "Bank has no token balance";
  83         else {
  84           $args = $server->unpack_bankmsg($bal, $t->ATBALANCE, $t->BALANCE);
  85           if (is_string($args)) $error = "On parsing bank token balance: $args";
  86         }
  87       }
  88     }
  89
  90     // Initialize client
  91     if (!$error) {
  92       $dbdir = '';
  93       if (file_exists('client/settings.php')) require_once "client/settings.php";
  94       $dbdir = "client/$dbdir";
  95       $template_file = "client/$template_file";
  96       $error = die_unless_client_properly_configured(true);
  97       if (!$error) {
  98         require_once "lib/client.php";
  99         $clientdb = new fsdb("$dbdir");
 100         $client = new client($clientdb, $ssl);
 101
 102         if ($enabledebug) $client->showprocess = 'appenddebug';
 103
 104         $hash = $client->passphrasehash($passphrase);
 105         if ($clientdb->get("privkey/$hash") ||
 106             $clientdb->get("account/$bankid/bank/$bankid/req")) {
 107           $error = $client->login($passphrase);
 108           if ($error || $bankid != $client->id) {
 109             $error = "Passphrase not for bank account";
 110           }
 111         } else {
 112           $privkey = $db->get('privkey');
 113           $pk = $ssl->load_private_key($privkey);
 114           if (!$pk) $error = "Can't load bank private key";
 115           else {
 116             openssl_pkey_export($pk, $privkey, $passphrase);
 117             openssl_free_key($pk);
 118             $error = $client->verifybank($bankurl, $bankid);
 119             if (!$error) {
 120               $error = $client->newuser($passphrase, $privkey);
 121             }
 122           }
 123         }
 124       }
 125     }
 126     if (!$error) {
 127       $drawadmin = true;
 128       $bankpass = $passphrase;
 129       require_once "lib/LoomRandom.php";
 130       $random = new LoomRandom();
 131       $random = $random->random_id();
 132       $sig = trimsig($ssl->sign($random, $db->get('privkey')));
 133     }
 134   } elseif ($initadmin) {
 135     if (!$passphrase) $error = "Passphrase must be entered";
 136     elseif ($passphrase != $verification) {
 137       $error = "Passphrase doesn't match verification. Try again.";
 138     } else {
 139       // This requires you to get here by knowing the bank passphrase
 140       $sig = trimsig($sig);
 141       $newsig = trimsig($ssl->sign($random, $db->get('privkey')));
 142       if ($newsig != $sig) {
 143         echo "<p>Hacking attempt foiled!</p>";
 144         echo "Lens: " . strlen($sig) . ", " . strlen($newsig) . "<br>\n";
 145         echo "<pre>\"$sig\"\n\n\"$newsig\"</pre>";
 146         return;
 147       }
 148
 149       if (!$server) $server = new server($db, $ssl, false, $bank_name, $bankurl);
 150       $t = $server->t;
 151       $bankid = $server->bankid();
 152       $tokenid = $server->tokenid;
 153
 154       if (file_exists('client/settings.php')) require_once "client/settings.php";
 155       $dbdir = "client/$dbdir";
 156       $template_file = "client/$template_file";
 157       $error = die_unless_client_properly_configured(true);
 158       if (!$error) {
 159         require_once "lib/client.php";
 160         $clientdb = new fsdb("$dbdir");
 161         $client = new client($clientdb, $ssl);
 162
 163         if ($enabledebug) $client->showprocess = 'appenddebug';
 164
 165         $hash = $client->passphrasehash($passphrase);
 166         if (!$clientdb->get("privkey/$hash")) {
 167           // Create the new account
 168           $error = $client->newuser($passphrase);
 169         } else {
 170           $error = $client->login($passphrase);
 171         }
 172         if (!$error) {
 173           $id = $client->id;
 174           if ($clientdb->get("account/$id/bank/$bankid/req")) {
 175             $error = 'Account already exists for that passphrase. ' .
 176                      'Use the <a href="client/">client interface</a> to administer.';
 177           } else {
 178             $error = $client->login($bankpass);
 179             if (!$error) $error = $client->addbank($bankurl);
 180             if (!$error) $error = $client->setbank($bankid);
 181             if (!$error) $error = $client->spend($id, $tokenid, "10000");
 182             if ($error) $error = "While spending tokens from bank: $error";
 183           }
 184           if (!$error) {
 185             $error = $client->login($passphrase);
 186             if (!$error) $error = $client->addbank($bankurl, $name);
 187             if (!$error) {
 188 ?>
 189 <p>Your bank is now ready for business. You may now login as administrator in the
 190 <a href="client/">Client interface</a>, accept your initial tokens from
 191 the bank, and start inviting customers.</p>
 192 <?php
 193               return;
 194             }
 195           }
 196         }
 197       }
 198     }
 199   }
 200
 201   if (!$error) $error = "&nbsp;";
 202
 203   if ($drawadmin) {
 204 ?>
 205 <p>Congratulations! You have succesfully initialized your bank.</p>
 206
 207 <p>Use the form below to create an administration account for your bank.
 208 Use the bank's account only to spend usage tokens to the administration account.
 209 Use the administration account to mint coupons, and to conduct other
 210 bank business.</p>
 211
 212 <p style="color: red;"><?php echo $error; ?></p>
 213 <form method="post" action="./bankinit.php" autocomplete="off">
 214 <input type="hidden" name="drawadmin" value="true"/>
 215 <input type="hidden" name="bankpass" value="<?php echo $bankpass; ?>"/>
 216 <input type="hidden" name="random" value="<?php echo hsc($random); ?>"/>
 217 <input type="hidden" name="sig" value="<?php echo hsc($sig); ?>"/>
 218 <table>
 219 <tr>
 220 <td><b>Admin Passphrase:</b></td>
 221 <td><input type="password" name="passphrase" size="50"/></td>
 222 </tr>
 223 <tr>
 224 <td><b>Verification:</b></td>
 225 <td><input type="password" name="verification" size="50"/></td>
 226 </tr>
 227 <tr>
 228 <tr>
 229 <td><b>Name (optional):</b></td>
 230 <td><input type="text" name="name" size="40" value="<?php echo $name; ?>"/></td>
 231 </tr>
 232 <tr>
 233 <td></td>
 234 <td><input type="submit" name="initadmin" value="Create Admin Account"/></td>
 235 </tr>
 236 </table>
 237 </form>
 238 <?php
 239     return;
 240   }
 241
 242 ?>
 243 <p style="color: red;"><?php echo $error; ?></p>
 244 <form method="post" action="./bankinit.php" autocomplete="off">
 245 <table>
 246 <tr>
 247 <td><b>Bank Passphrase:</b></td>
 248 <td><input type="password" name="passphrase" size="50"/></td>
 249 </tr>
 250 <tr>
 251 <td><b>Verification:</b></td>
 252 <td><input type="password" name="verification" size="50"/></td>
 253 </tr>
 254 <tr>
 255 <td></td>
 256 <td><input type="submit" name="init" value="Initialize"/></td>
 257 </tr>
 258 </table>
 259 </form>
 260 <?php
 261 }
 262
 263 function pagehead() {
 264 ?>
 265 <html>
 266 <head>
 267 <title>Trubanc Bank Initialization</title>
 268 </title>
 269 </head>
 270 <body onload="document.forms[0].passphrase.focus()">
 271 <p>This page initializes your bank, creates the bank private key,
 272 and creates a client account for the bank.</p>
 273 <?php
 274 }
 275
 276 function pagetail() {
 277   global $debug;
 278
 279  if ($debug) echo "<b>=== Debug log ===</b><br/><pre>$debug</pre>\n";
 280 ?>
 281 </body>
 282 </html>
 283 <?php
 284 }