-
src/sbbs3/answer.cpp
From
deuce@VERT to
CVS commit on Thu Feb 27 20:57:57 2014
src/sbbs3 answer.cpp 1.77 1.78
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv21473
Modified Files:
answer.cpp
Log Message:
Fix potential buffer overruns in SSH user name and password.
---
þ Synchronet þ Vertrauen þ Ho
-
From
deuce@VERT to
CVS commit on Fri Feb 28 11:25:49 2014
src/sbbs3 answer.cpp 1.78 1.79
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv2254
Modified Files:
answer.cpp
Log Message:
Remove bit of IPv6 patch that snuck in.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet:
-
From
rswindell@VERT to
CVS commit on Fri Mar 7 23:42:35 2014
src/sbbs3 answer.cpp 1.81 1.82
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv31577
Modified Files:
answer.cpp
Log Message:
Log message and display warning to user when protocol-specified user name does not match database and beginning new user sing-up.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Oct 28 23:55:12 2014
src/sbbs3 answer.cpp 1.83 1.84
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv4168
Modified Files:
answer.cpp
Log Message:
Bug-fix: when SSH or RLogin supplied username is not a valid user, the new user signup process would be started without the current client IP address being added to the 'failed login attempt' list. This means that brute force login attempts using SSH or RLogin would usually not be subject to the loginAttempt delays and logging/filtering settings (in sbbs.ini), since the usernames attempted (e.g. root, admin) are usually not valid usernames.
More:
- Log failed password attempts before calling badlogin() -which can delay.
- Stop RLogin and SSH password prompt loop immediately if disconnected.
- Log RLogin and SSH passwords used for invalid usernames (when password
logging is enabled in SCFG).
- Log attempted usernames in quotes (so prepenned or trailing whitespace is more
obvious)
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Sun Jan 18 21:10:47 2015
src/sbbs3 answer.cpp 1.84 1.85
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv23360
Modified Files:
answer.cpp
Log Message:
Fix off-by-one stack smash of memory past the 'tmp' var as caught
by msvc debug build and reported via assertion.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Wed Aug 26 17:35:52 2015
src/sbbs3 answer.cpp 1.87 1.88
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv22435
Modified Files:
answer.cpp
Log Message:
Updated comments only (no functional change).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Thu Dec 3 02:30:33 2015
src/sbbs3 answer.cpp 1.88 1.89
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv26624
Modified Files:
answer.cpp
Log Message:
Make absolutely sure that useron.number is 0 if answer() returns without logging in a user. Apparently it's possible to disconnect during an SSH login and have this function return with useron.number set to a valid user number even though there was no successful login, leading to undesireable things happening in logout().
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Fri Dec 18 19:35:19 2015
src/sbbs3 answer.cpp 1.90 1.91
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv13226
Modified Files:
answer.cpp
Log Message:
Fix uninitialized SSH password logging bug.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Wed Oct 5 23:37:51 2016
src/sbbs3 answer.cpp 1.91 1.92
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv21999
Modified Files:
answer.cpp
Log Message:
Trim white-space off end of logged password attempt.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ
telnet://vert.synchro.net
-
From
rswindell@VERT to
CVS commit on Sun Jan 21 20:01:47 2018
src/sbbs3 answer.cpp 1.92 1.93
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv30186
Modified Files:
answer.cpp
Log Message:
#define SUPPORT_ZUULTERM if you want this Zuul/HTML terminal support
code included. As far as I know, no one is using one.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Sun Apr 1 00:51:09 2018
src/sbbs3 answer.cpp 1.94 1.95
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv14832
Modified Files:
answer.cpp
Log Message:
If the SSH or RLogin-supplied username is in the name.can, don't start the
new user signup process with that name (just fall-through to a normal login prompt).
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Apr 24 00:02:12 2018
src/sbbs3 answer.cpp 1.95 1.96
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3
Modified Files:
answer.cpp
Log Message:
Make the "UNKNOWN USER" log messages more consistent:
- Using NOTCICE (not INFO) log level.
- Move the protocol name after Node X and remove the colon.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Sat Jul 7 00:52:08 2018
src/sbbs3 answer.cpp 1.96 1.97
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv930
Modified Files:
answer.cpp
Log Message:
For SSH and RLogin 'logins', use the mastchuser() function rather than userdatdupe() to match the passed login-id (username):
* This allows more permissive username matching, e.g. if your user name
is "Analog Kid", you could login with "analogkid", "analog.kid" or
"analog_kid", which is handy when passing a user name on the command
line (e.g. to an ssh client) for example.
* This is the same function used for Telnet logins via exec/login.js
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Sun Oct 21 21:22:25 2018
src/sbbs3 answer.cpp 1.99 1.100
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/home/rswindell/sbbs/src/sbbs3
Modified Files:
answer.cpp
Log Message:
Address new GCC printf warnings.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Thu Jul 11 19:10:42 2019
src/sbbs3 answer.cpp 1.102 1.103
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv14360
Modified Files:
answer.cpp
Log Message:
Don't change useron.misc during logon. This could cause a user's account
to have the NO_EXASCII (plain-ASCII only) set if the logged in without a successful auto-terminal-type detection.
And with sbbs_t::term_supports(), we don't need useron.misc to reflect the auto-detected-terminal-type any longer.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Aug 13 13:22:19 2019
src/sbbs3 answer.cpp 1.105 1.106
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv16920
Modified Files:
answer.cpp
Log Message:
If a telnet location was provided by the client, copy it to the caller-ID
(CID) variable, even when the client isn't SEXPOTS.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Fri Sep 27 13:58:38 2019
src/sbbs3 answer.cpp 1.107 1.108
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv17296
Modified Files:
answer.cpp
Log Message:
Support UTF-8 auto-detection for MacOS Terminal v2.8.3 (404.1):
Unexpectedly, a ZWNBSP (U+FEFF) received/echoed by the MacOS Terminal while in the first column causes a subsequent cursor position report to indicate the 2nd column as the current only. I suppose in some weird world a zero-width character can can't as a column position. So if the cursor position has moved less than 2 columns (not exactly 0 columns), then consider it a UTF-8 terminal. Non-UTF-8 terminals normally move the cursor 3 columns when echoing a UTF-8 encoded ZWNBSP. So to summarize, when echoing a ZWNBSP:
- Non-UTF-8 terminals: moves 3 columns
- MacOS terminal: moves 1 columns
- Other UTF-8 terminals: moves 0 columns
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Apr 7 19:14:03 2020
src/sbbs3 answer.cpp 1.109 1.110
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv20278
Modified Files:
answer.cpp
Log Message:
RLogin fix: if no username supplied, don't prompt for a password and then log an invalid login for a random (the last read?) user account with a user number of 0.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Apr 7 19:21:44 2020
src/sbbs3 answer.cpp 1.110 1.111
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv21452
Modified Files:
answer.cpp
Log Message:
Log the actual user number for "FAILED Password attempt" log messages for SSH and RLogin attempts.
It looks like someone copy/pasted the wrong lines from login.cpp.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Tue Apr 7 19:34:26 2020
src/sbbs3 answer.cpp 1.111 1.112
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv23193
Modified Files:
answer.cpp
Log Message:
Allow non-sysops a password re-attempt for SSH and RLogin.
Fixed bug: for RLogin and SSH, if an invalid (e.g. blank) passsword was provided during the handshake, an "Invalid Logon" would be displayed followed by a "Passowrord: " prompt, giving the user an opportunity to reenter the correct password. Only problem: this only worked for sysop accounts. Normal users would just be disconnected after they entere (any) password, correct
or not.
This bug is very old in the RLogin support and appears to have been copy/pasted for the SSH Login bit too.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Wed May 27 01:22:52 2020
src/sbbs3 answer.cpp 1.113 1.114
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv29982
Modified Files:
answer.cpp
Log Message:
Include a non-zero info value for "User not loggon on" error message.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
rswindell@VERT to
CVS commit on Sat Aug 1 20:37:24 2020
src/sbbs3 answer.cpp 1.115 1.116
Update of /cvsroot/sbbs/src/sbbs3
In directory cvs:/tmp/cvs-serv24536
Modified Files:
answer.cpp
Log Message:
Fix typo (missing closing quote) in previous commit as pointed out by Coz via irc. Thanks.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell@VERT to
Git commit to sbbs/master on Wed Sep 16 20:37:29 2020
-
From
Rob Swindell@VERT to
Git commit to sbbs/master on Fri Oct 23 01:51:57 2020
https://gitlab.synchro.net/sbbs/sbbs/-/commit/1a51ac2cf81b9497d52cb924
Modified Files:
src/sbbs3/answer.cpp
Log Message:
This "!CLIENT IP NOT LIST in /path/to/rlogin.cfg" message is weird
This message can be logged when a sysop is prompted for the system password and enters it incorrectly or just disconnects.
So lower the log level to DEBUG. And include the IP address that we searched for too.
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell@VERT to
Git commit to sbbs/master on Mon Nov 2 01:34:31 2020
https://gitlab.synchro.net/sbbs/sbbs/-/commit/2df371fe01859b77a1c69afc
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Manual terminal settings were cleared when logging in via SSH or RLogin
This appears to go back to a change Deuce made in 2004 (rev 1.41) where ANSI, COLOR, RIP and WIP user terminal settings were always cleared when logging in via RLogin.
I happened to notice that manually enabling iCE color support wasn't working when logging in via RLogin (the iCE color flag would be cleared every login, but worked fine when logging in via Telnet). Upon investigation, I found that *all* user's manual terminal settings were cleared for either RLogin or SSH logins (copy/pasted bug). So... stop doing that. The method of dynamic terminal capability detection/checking has changed since 2004, so we should not need to mess with the user's misc flags.
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell@VERT to
Git commit to main/sbbs/master on Wed Feb 10 21:18:22 2021
https://gitlab.synchro.net/main/sbbs/-/commit/838f67529b17611dd63d48b7
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Apply IP filters to address reported via Telnet Location command
Feature requested (?) by u/jumbotronjim on
https://www.reddit.com/r/synchronet/:
If the client connection is from a blocked IP address (in ip[-silent].can), but still manages to get through the web server and websocketservice and have their correct IP address reported via Telnet Location, terminate the connection. Seems dubious.
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell (on Windows)@VERT to
Git commit to main/sbbs/master on Sun Sep 24 01:57:53 2023
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Wed Dec 27 17:11:05 2023
https://gitlab.synchro.net/main/sbbs/-/commit/becf01f28860535195705e43
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Address new GCC build warning in new ssh related code
comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare]
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Wed Jan 17 17:37:50 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Sat Jan 20 22:41:53 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Sat Jan 20 22:42:59 2024
-
From
Rob Swindell (on Debian Linux)@VERT to
Git commit to main/sbbs/master on Sun Jan 21 01:13:24 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Sun Jan 21 12:12:26 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Mon Jan 22 18:20:28 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Mon Jan 22 18:24:16 2024
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Fri Feb 16 18:17:02 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Tue Feb 27 14:56:09 2024
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Wed Feb 28 08:52:16 2024
https://gitlab.synchro.net/main/sbbs/-/commit/7bfb1ef12e482ecfb30a9648
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Guard against answer() being called before the first channel is created.
In this case, just accept whatever we get info on as the "first" one.
Likely fixes #728
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Wed Feb 28 11:00:41 2024
https://gitlab.synchro.net/main/sbbs/-/commit/dc04dba2dd1317000fcbc79e
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Early-out of the channel type loop for channel errors.
If there's an error setting the channel or getting the channel
type, give up on the session immediately.
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Sat Mar 2 15:48:30 2024
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Sat Mar 2 15:48:30 2024
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Sat Mar 2 15:48:30 2024
https://gitlab.synchro.net/main/sbbs/-/commit/ccce5a7c40c325f3e0628fe1
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Initialize sbbs_t::client and call client_on() as expected for logins
See sbbs_t::logon() for example
Note: the client.protocol is still "SSH" here (not "SFTP"). Perhaps that
should be changed?
Does any client actually support simultaneous "SSH" and "SFTP" sessions over the same socket?
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
-
From
Deucе@VERT to
Git commit to main/sbbs/master on Sun Mar 3 10:36:45 2024
https://gitlab.synchro.net/main/sbbs/-/commit/479c00be08fcee60913272a4
Modified Files:
src/sbbs3/answer.cpp
Log Message:
Fix issue when third SSH authentication attempt succeeds
Because the session is activated on the *next* time through the
loop, if the third attempt to authenticate (including public key)
fails, it would leave the session inactive and fail to log in with
a confusing error about an obsolete cryptlib.
On success, decrement ssh_failed to ensure another pass through
the loop.
Also, add more debug logging around the auth so you can clearly
see each failure, and log client_socket each time so it's clearly
grouped.
---
ï¿ Synchronet ï¿ Vertrauen ï¿ Home of Synchronet ï¿ [vert/cvs/bbs].synchro.net
-
From
Rob Swindell (on Windows 11)@VERT to
Git commit to main/sbbs/master on Thu Oct 17 21:57:19 2024