1. Forum
  2. FidoNet Areas
  3. SYNC PROGRAMMING

  • src/sbbs3/websrvr.c

    From rswindell@1:103/705 to CVS commit on Sat Aug 8 12:04:58 2020
    src/sbbs3 websrvr.c 1.719 1.720
    Update of /cvsroot/sbbs/src/sbbs3
    In directory cvs:/tmp/cvs-serv17800

    Modified Files:
    websrvr.c
    Log Message:
    The problem: the sysop (me) is not notified of critical errors (e.g. synchro.net zone file problems) in a timely manner.
    Part of the solution: notify a configured user (e.g. user #1) via short-message/telegram and email/netmail logged-errors when messages of a configured severity (e.g. "Critical") are logged.
    The second part of the solution (coming next) will be allowing timed events to log a message of a configurable severity logged when the event fails (returns a non-zero error level to sbbs).

    I'm saving the error-notification-user-number and log-severity as part of the node.cnf file because:
    - that's where the validation user number is already set
    - I can conceive of a large system were certain node ranges (different instances of sbbs) might want different operators to be notified of logged-errors

    This also means I eliminated all the legacy com port/modem stuff from the end of the node.cnf file. None of that is used in sbbs v3.

    Also included in this commit are improvements around logging:
    - reduce the severity of UDP recvfrom failures in services
    - a more detailed log message when the mail server successfully delivers an email (via SMTP) - easier to answer the question: was that email you/they sent delivered successfully?

    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to sbbs/master on Mon Oct 12 11:31:22 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/c9db48cec8efd56f8291443d
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix requests to the webserver using IPv6 address http://[1234:1234::] requests.The host portion contains ":" after split_port_part(), resulting in a 400error.Renaming is_legal_hostname() to is_legal_host(), since requests to webservers are to"hosts" not "hostnames".
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to sbbs/master on Mon Oct 12 11:31:22 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/d17a5ce0ba8d80a29f136c9e
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Merge branch 'leenooks/sbbs-master'
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to sbbs/master on Fri Oct 16 20:53:45 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/37a23fea45bbdb3589e7d909
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix heap corruption that could occur when HSTS feature is enabledAt least on Windows, when realloc() is used to allocate a new buffer,guess what's in that buffer initially? undefined values. So you can'tstrcat() onto the end of that! Ouch. This was a fun one to track down.
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to sbbs/master on Wed Nov 4 23:28:33 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/987c1129e127fe9a7b67d430
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix 32-bit GCC warning on rPi about printf formatformat '%ld' expects argument of type 'long int', but argument 7 has type '__off64_t'
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Stephen Hurd@1:103/705 to Git commit to sbbs/master on Mon Nov 16 23:25:24 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/c399ca73f145f7e8dc625ec6
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Some CGI programs know they're not running from a console becauseQUERY_STRING is defined (even if blank).Always define it.
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to sbbs/master on Mon Nov 16 23:39:04 2020
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/2c66387d8a91bc26d226430a
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Merge remote-tracking branch 'origin/master'
    --- SBBSecho 3.11-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Wed Feb 17 10:55:55 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/22c6721d6f926ba5fce85a54
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Remove unused assignment.No need to get time() here since it's never checked.Resolves CID 174292
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Wed Feb 17 10:59:17 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/6623cff0e3516937e38ae76a
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Always return 403 to requests for access.ars or webctrl.iniPreviously, 403 was only returned if they existed, and 404 if theydidn't.
    --- SBBSecho 3.12-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Fri Feb 19 22:31:58 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/5d3de1eea3288155bc7a630e
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    For the cases we'll send a Content-Length of zero, do not send content.Should fix #223Introduced in d56ba01f which likely fixed some stuff on the wiki.
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Fri Feb 19 23:03:13 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/bc5bfa5f6f9fb7208ed7bbe1
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    We still want the zero-length entity, just not any content.Fixes last commit, which could cause infinite hangs on certain requests.
    --- SBBSecho 3.13-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Fri Mar 19 21:25:53 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/b881935a0f28b65f66d6218c
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Track the active client "highwater mark" (highest number of concurrent clients)Could be useful for knowing if you need to increase MaxClients for typicalusage.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Mon Mar 22 22:37:38 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/9048b3d231b7ceeb823c2220
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    post_to_file() shouldn't close the file since it didn't open it.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to Git commit to main/sbbs/master on Tue Mar 30 21:12:56 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/e2f3407c8cd1379184da9668
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Remove some unused variables.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Sun Apr 4 13:15:46 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/03b7b2f9443db9fa02989aec
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix socket descriptor leak in fastcgi_connect()Found by Coverity-scan (CID 330051)@Deuce should review this.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Sun Apr 4 13:29:04 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/22f130cad457cd21747dd6bc
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix resource leak in ssjs_send_headers()IdArray returned by JS_Enumerate() was never freed.Caught by Coverity-scan, CID 319627.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Sat Jun 5 00:42:05 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/9f7894575eed369cfd56ad40
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Remove incorrect and unnecessary comment.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Sat Jun 5 00:42:05 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/a487e0c681d380e01a76deeb
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Don't allow colons in web-requested path names on WindowsThis fixes issue #269 (NTFS Alternate Data Stream vulnerability) and otherpotential pathname issues on Windows involving colons.There are other illegal filename characters on Windows (e.g. <>|"?*), butfilenames with these characters aren't expected to pass the later stat() test,so should fail with a 404 error.
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to Git commit to main/sbbs/master on Thu Jul 1 13:41:24 2021
    https://gitlab.synchro.net/main/sbbs/-/commit/f38adc13f4b5169a0d59cbce
    Modified Files:
    src/sbbs3/websrvr.c
    Log Message:
    Fix NULL pointer dereference in read_post_data()What took down cvs/sbbs yesterday:Program terminated with signal SIGSEGV, Segmentation fault.6203 session->req.post_data[session->req.post_len]=0;[Current thread is 1 (Thread 0x7f2b989ff700 (LWP 17031))](gdb) print post_lenNo symbol "post_len" in current context.(gdb) print session->req.post_len$1 = 0(gdb) print session->req.post_data$2 = 0x0
    --- SBBSecho 3.14-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)