• exec/binkit.js

    From rswindell@VERT to CVS commit on Thursday, May 16, 2019 00:22:35
    exec binkit.js 2.17 2.18
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv25013

    Modified Files:
    binkit.js
    Log Message:
    Experimental outbox support (e.g. for inter-bbs game files):
    - 'outbox' value from echocfg/sbbsecho.ini is used for additional outbound
    files
    - normal BSO directories are still searched for outbound files (too)
    - 'inbox' support not added (yet)
    - no node locking (.bsy file checking/creation) implemented
    - requires updated load/fidocfg.js



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Thursday, May 23, 2019 17:05:25
    exec binkit.js 2.18 2.19
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv8925

    Modified Files:
    binkit.js
    Log Message:
    Resolve reported error (new, with outbox support):
    binkit.js line 297: TypeError: bp.cb_data.binkitcfg.node[addr] is undefined



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Friday, May 24, 2019 21:36:44
    exec binkit.js 2.19 2.20
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv27306

    Modified Files:
    binkit.js
    Log Message:
    Rev 1.19 (jan-20-2016) included a "Fix the nocrypt check", but appeared to
    do so incorrectly. This is a correct fix (check the nocrypt property, not
    just that the linked node object is != false).



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Friday, May 24, 2019 23:32:58
    exec binkit.js 2.20 2.21
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv9835

    Modified Files:
    binkit.js
    Log Message:
    inbound_auth_cb(): report a "Password mismatch" error (over BinkP) if
    one of the configured linked-nodes matching the remote address(es) is set for CRAM-MD5 passwords only and a plain-text password was provided by the remote. Previously, the function would log a warning:
    "CRAM-MD5 required (and not provided) by <addr>" but succeeed (the actual password value was not check) and it woudl flag the session as "non-secure" (sending M_OK non-secure), looking like this on the remote side:
    Authentication successful: non-secure
    and any received files would go into the configured non-secure inbound.
    This may explain why some sysops sometimes get unexplained files in their non-secure inbound (looking for "non-secure" in the logs should confirm).
    Now, you should still see (on the answering side) the log message:
    "CRAM-MD5 required (and not provided) ...", but it'll also send a M_ERR Passowrd mismatch error to the remote, thus ending the session.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Friday, May 24, 2019 23:39:08
    exec binkit.js 2.21 2.22
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv12108

    Modified Files:
    binkit.js
    Log Message:
    Send a better error message to the remote (it's not actually a password mismatch, it's an authentication scheme mismatch).



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Sunday, May 26, 2019 17:11:18
    exec binkit.js 2.22 2.23
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv19368

    Modified Files:
    binkit.js
    Log Message:
    Added a BinkP-global setting (in the [binkp] section): "PlainAuthOnly" (defaults to false). If you want to disable all CRAM-MD5 based authentication for both inbound and outbound BinkIT/BinkP connections/sessions (e.g. for trouble-shooting password mismatch issues), then set this to true.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Tuesday, May 28, 2019 16:08:11
    exec binkit.js 2.23 2.24
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv12065

    Modified Files:
    binkit.js
    Log Message:
    When plain_auth_only is set (globally or per node), insure that require_md5
    and require_crypt are set to false as well.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Wednesday, May 29, 2019 01:03:22
    exec binkit.js 2.24 2.25
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv1395

    Modified Files:
    binkit.js
    Log Message:
    Ignore per-node "BinkpAllowPlainText=false" on incoming connections when
    global "PlainAuthOnly=true"



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Friday, June 14, 2019 12:08:42
    exec binkit.js 2.25 2.26
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv27843

    Modified Files:
    binkit.js
    Log Message:
    Since Revision 1.36 of load/fidocfg.js (Jan-8-2019), a blank/unconfigured
    BinkP session password ("SessionPwd") in sbbsecho.ini would cause BinkIT/BinkP to behave as though a session password was specified. The reason for the change to fidocfg.js (specifying a default value for "SessionPwd" as a blank string) was to force the return value to a string so that numeric passwords were not returned as numbers but rather strings.
    The binkit.js and binkp.js code assumed that a blank password would be 'undefined' and not a blank string.
    This commit changes binkit.js and binkp.js to treat all of the following session password values as "no password" with respect to BinkP:
    - false
    - undefined
    - blank string ('')




    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Sunday, June 16, 2019 20:21:20
    exec binkit.js 2.26 2.27
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv10710

    Modified Files:
    binkit.js
    Log Message:
    Added global option to disable BinkP encryption - at Mark Lewis' request.
    With this option, it is now possible to support CRAM-MD5 authenication while not allowing encrypted sessions (inbound or outbound) - not sure why.



    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From mark lewis@VERT to digitalman on Monday, June 17, 2019 05:47:18
    On 2019 Jun 16 22:21:20, rswindell wrote to CVS commit:

    Modified Files:
    binkit.js
    Log Message:
    Added global option to disable BinkP encryption - at Mark Lewis' request. With this option, it is now possible to support CRAM-MD5 authenication while not allowing encrypted sessions (inbound or outbound) - not sure
    why.

    thank you, sir...

    FWIW: one of the reasons i asked for this is because binkd allows it...

    )\/(ark

    Always Mount a Scratch Monkey
    Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
    ... Oh, we have both kinds - country AND western. -the bar lady
    ---
    * Origin: (1:3634/12.73)
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From Digital Man@VERT to mark lewis on Monday, June 17, 2019 10:59:26
    Re: exec/binkit.js
    By: mark lewis to digitalman on Mon Jun 17 2019 07:47 am


    On 2019 Jun 16 22:21:20, rswindell wrote to CVS commit:

    Modified Files:
    binkit.js
    Log Message:
    Added global option to disable BinkP encryption - at Mark Lewis' request. With this option, it is now possible to support CRAM-MD5 authenication while not allowing encrypted sessions (inbound or outbound) - not sure
    why.

    thank you, sir...

    No problem. It's unfortunate that I have to touch base in so many places to add an option like that. Perhaps if echocfg was re-written in JS that would allow more code reuse between BinkIT and echocfg. Not going to happen anytime soon (if every) - but it's an idea.

    FWIW: one of the reasons i asked for this is because binkd allows it...

    Okay. Hopefully it's useful to somebody someday. I made it global because that's the only way to tweak the capabilities/options for incoming connections.

    digital man

    Synchronet/BBS Terminology Definition #23:
    DSZ = DOS Send ZMODEM (by Chuck Forsberg)
    Norco, CA WX: 71.1F, 71.0% humidity, 5 mph E wind, 0.00 inches rain/24hrs

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From mark lewis@VERT to Digital Man on Monday, June 17, 2019 15:58:28
    On 2019 Jun 17 12:59:26, you wrote to me:

    thank you, sir...

    No problem. It's unfortunate that I have to touch base in so many places
    to
    add an option like that. Perhaps if echocfg was re-written in JS that
    would
    allow more code reuse between BinkIT and echocfg. Not going to happen anytime soon (if every) - but it's an idea.

    iknow what you speak of... i wish i was more fluent in javascript than i am... i did alright with my mods to tickit and tickitcfg but they were pushing my limits with having to look up everything as well as trying to find what was available in sbbs' libraries... that's not a bad thing... it is just an old mind not quite up to learning new languages...

    FWIW: one of the reasons i asked for this is because binkd allows it...

    Okay. Hopefully it's useful to somebody someday. I made it global because that's the only way to tweak the capabilities/options for incoming connections.

    that's how binkd does it, too... the following is from the debian wheezy man page for binkd... note the -r and -m options :)

    -C Binkd running with this option will reread the configuration file if it is changed. The modification time of the configuration file is checked every 60 seconds and on every incoming and outgoing connection.

    -c Start client only. Normally Binkd starts both server and client.

    -D Run Binkd as a daemon (cannot be used for client-only mode).

    -i Run Binkd from inetd.

    -P Poll a node. An empty *.ilo file in the outbound will be created, which will force Binkd to connect to and to receive mail from the node ( Binkd will also add "Node node * -" record to the table-of-nodes in Binkd's memory if there is no entry for the node in the configuration file).

    -p Start client manager, process polls, quit if the queue seems to be empty after the next rescan. Implies -c.

    -q Quiet mode. Turns off printq, conlog and percents statements of configuration.

    -r Disable crypt traffic.

    -s Start server only. Normally Binkd starts both server and client.

    -v Be verbose. This flag can be specified multiple times for even higher verbosity. Binkd -v will dump binkd's version and quit. Binkd -vvv binkd.cfg will dump binkd's configuration and still work.

    -m Disable CRAM-MD5 authorization. Implies -r.

    -n doing not call or listen (only check cfg and make polls)

    -h Print help message.


    thanks again!

    )\/(ark

    Always Mount a Scratch Monkey
    Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
    ... Love may be blind, but marriage is a real eye-opener!
    ---
    * Origin: (1:3634/12.73)
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net