• src/sbbs3/services.c

    From rswindell@VERT to CVS commit on Friday, April 06, 2018 02:18:00
    src/sbbs3 services.c 1.321 1.322
    Update of /cvsroot/sbbs/src/sbbs3
    In directory cvs:/home/rswindell/sbbs/src/sbbs3

    Modified Files:
    services.c
    Log Message:
    Enabled GCC-assisted printf-style format/arg checking for lprintf() and
    fix the resulting warnings.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Saturday, October 06, 2018 22:34:00
    src/sbbs3 services.c 1.323 1.324
    Update of /cvsroot/sbbs/src/sbbs3
    In directory cvs:/tmp/cvs-serv14449

    Modified Files:
    services.c
    Log Message:
    Zero-initialize the allocated subscan array.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Tuesday, April 23, 2019 16:31:00
    src/sbbs3 services.c 1.327 1.328
    Update of /cvsroot/sbbs/src/sbbs3
    In directory cvs:/tmp/cvs-serv1307

    Modified Files:
    services.c
    Log Message:
    Check the relevant service's configured log_level before logging messages
    (e.g. "<service> connection accepted from: <ip_addr> port <num>").
    Some strcpy->SAFECOPY, sprintf->SAFEPRINTF replacements for good measure.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Friday, August 09, 2019 00:49:19
    src/sbbs3 services.c 1.330 1.331
    Update of /cvsroot/sbbs/src/sbbs3
    In directory cvs:/tmp/cvs-serv16636

    Modified Files:
    services.c
    Log Message:
    Fix long standing bug with the global JS function login():
    A few *service.js scripts call this function without a password argument
    (the second argument), e.g. login("guest");
    If there was no guest account (or the guest account had a password assigned), this would result in a failed login attempt as "guest" along with a garbage password (e.g. a floating point number, like 3.7042561) and since it would
    be a unique garbage password for each login() call without an actual password specified, these login() calls would be counted as unique failed login attempts and potentially cause the client's IP address to be added to the hack.log
    and even ip.can (IP address filter).

    As seen on Mortifis' system where VERT was filtereed due to
    "SUSPECTED NNTP LOGIN HACK ATTEMPT", likely due to the daily sbbslist verifications when just perform a TCP connection and no actual login attempt, but nntpservice.js would still call login("guest") before the client (vert) would be disconnected.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to sbbs/master on Sunday, September 27, 2020 01:24:35
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/2ec90d7a5e2b30b7f2fcd471
    Modified Files:
    src/sbbs3/services.c
    Log Message:
    Place socket error description at the end of the logged messages.

    Socket error descriptions on Windows can be quite long (e.g. > 128 chars) and include punctuation, so include at the end of logged socket error messages.

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net