1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • exec/rlogin.js

    From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Mon Oct 21 16:32:07 2024
    https://gitlab.synchro.net/main/sbbs/-/commit/454ef936c5163eece13fbe00
    Modified Files:
    exec/rlogin.js
    Log Message:
    The P, C, and v options would report 'unrecognized option'

    Fix for issue #798
    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Tue Oct 29 18:45:03 2024
    https://gitlab.synchro.net/main/sbbs/-/commit/f654c1d758fad83eaa3d19b1
    Modified Files:
    exec/rlogin.js
    Log Message:
    Allow multiple uses of -c and -s options to built-up an auth string

    To solve problem of adding some kind of prefix/tag to a user alias when connecting to a door server. e.g. ?rlogin server -s [TAG] -s %a

    Hopefully you don't need/want a space separating the string elements, as
    that's not really doable with this solution.
    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Thu Apr 10 17:49:18 2025
    https://gitlab.synchro.net/main/sbbs/-/commit/dbbdd109a053fc1b6ca42c28
    Modified Files:
    exec/rlogin.js
    Log Message:
    Fix default mode value (should *not* be 10, i.e TG_NODESYNC|TG_CRLF)

    Bug introduced in commit 49053f3158e5a0b671c

    the 'mode' value was by default, undefined.
    the 'timeout' value is by default, 10.

    When mode value/flags was not provided on the command-line, undefined
    was passed to bbs.rlogin_gate() as the 5th parameter, but the number 10
    is passed as the 6th parameter (for time-out). The problem is, the first
    Number parameter passed to bbs.rlogin_gate() is interpretted as the mode
    value and so that becomes 10 (0x0A) which includes TG_NODESYNC thus enabling all node messages/activity being displayed to the rlogin user and interrupting their rlogin session (e.g. game play).

    Just make the 0 the default value for mode, like we did in telgate.js.
    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Thu Apr 10 19:42:03 2025
    https://gitlab.synchro.net/main/sbbs/-/commit/0b011cc83ef109cfadb6b536
    Modified Files:
    exec/rlogin.js
    Log Message:
    Add '-h' option to send a salted and hashed password to the server

    Like the -p option, except the server won't get a copy of the client BBS
    user's password or be able to decode it.

    The user's password, user number and account creation date are used to generate the password hash (along with the salt), so changing any of these will change the resulting hashed password sent (and presumably logged/stored) on the server. The resulting SHA-1 hash is sent as 40 hexadecimal digits.

    The default salt is the system's QWK-ID, but the sysop can specify their own salt (e.g. random number or secret passphrase) via the "salt" key in the [rlogin] section of modopts.ini or root section of ctrl/modopts/rlogin.ini
    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Thu Apr 10 20:13:46 2025
    https://gitlab.synchro.net/main/sbbs/-/commit/a54caff6cb0e403b156b0a24
    Modified Files:
    exec/rlogin.js
    Log Message:
    Allow optional pepper to be specified with '-h' (hashed password) option

    e.g. '-hSEVERNAME'

    This allows server-unique hashing so that if one BBS auto-registers /authenticates its users with *multiple* Rlogin servers, the credentials
    stored on of the rlogin servers may not be used to authenticate on the others. ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net