Merge branch 'master' of gitlab.synchro.net:main/sbbs

src/sbbs3/ctrl/FtpCfgDlgUnit.cpp

@@ -69,6 +69,7 @@ void __fastcall TFtpCfgDlg::FormShow(TObject *Sender)
     PasvIpLookupCheckBox->Checked=MainForm->ftp_startup.options&FTP_OPT_LOOKUP_PASV_IP;
 	PasvPortLowEdit->Text=AnsiString((int)MainForm->ftp_startup.pasv_port_low);
   	PasvPortHighEdit->Text=AnsiString((int)MainForm->ftp_startup.pasv_port_high);
+    MaxConConEdit->Text = AnsiString((int)MainForm->ftp_startup.max_concurrent_connections);
 
     IndexFileNameEdit->Text=AnsiString(MainForm->ftp_startup.index_file_name);
     AnswerSoundEdit->Text=AnsiString(MainForm->ftp_startup.answer_sound);
@@ -87,6 +88,8 @@ void __fastcall TFtpCfgDlg::FormShow(TObject *Sender)
 	AutoIndexCheckBox->Checked=MainForm->ftp_startup.options&FTP_OPT_INDEX_FILE;
 	AutoIndexCheckBoxClick(Sender);
     PasvIpLookupCheckBoxClick(Sender);
+    QwkTimeoutEdit->Enabled = AllowQWKCheckBox->Checked;
+    QwkTimeoutLabel->Enabled = AllowQWKCheckBox->Checked;
 
     PageControl->ActivePage=GeneralTabSheet;
 }
@@ -122,6 +125,7 @@ void __fastcall TFtpCfgDlg::OKBtnClick(TObject *Sender)
     MainForm->ftp_startup.max_inactivity=MaxInactivityEdit->Text.ToIntDef(FTP_DEFAULT_MAX_INACTIVITY);
     MainForm->ftp_startup.qwk_timeout=QwkTimeoutEdit->Text.ToIntDef(FTP_DEFAULT_QWK_TIMEOUT);
     MainForm->ftp_startup.port=PortEdit->Text.ToIntDef(IPPORT_FTP);
+    MainForm->ftp_startup.max_concurrent_connections = MaxConConEdit->Text.ToIntDef(0);
     MainForm->FtpAutoStart=AutoStartCheckBox->Checked;
     MainForm->FtpLogFile=LogFileCheckBox->Checked;
 
@@ -220,3 +224,11 @@ void __fastcall TFtpCfgDlg::PasvIpLookupCheckBoxClick(TObject *Sender)
 }
 //---------------------------------------------------------------------------
 
+
+void __fastcall TFtpCfgDlg::AllowQWKCheckBoxClick(TObject *Sender)
+{
+    QwkTimeoutEdit->Enabled = AllowQWKCheckBox->Checked;
+    QwkTimeoutLabel->Enabled = AllowQWKCheckBox->Checked;
+}
+//---------------------------------------------------------------------------
+

src/sbbs3/ctrl/FtpCfgDlgUnit.dfm

 object FtpCfgDlg: TFtpCfgDlg
-  Left = 837
-  Top = 423
+  Left = 1282
+  Top = 534
   BorderStyle = bsDialog
   Caption = 'FTP Server Configuration'
   ClientHeight = 245
@@ -58,13 +58,21 @@ object FtpCfgDlg: TFtpCfgDlg
         Caption = 'Interfaces (IPs)'
       end
       object QwkTimeoutLabel: TLabel
-        Left = 7
+        Left = 148
         Top = 138
         Width = 78
         Height = 20
         AutoSize = False
         Caption = 'QWK Timeout'
       end
+      object MaxConConLabel: TLabel
+        Left = 7
+        Top = 138
+        Width = 85
+        Height = 19
+        AutoSize = False
+        Caption = 'Max Con-Conn'
+      end
       object AutoStartCheckBox: TCheckBox
         Left = 7
         Top = 10
@@ -122,18 +130,19 @@ object FtpCfgDlg: TFtpCfgDlg
       end
       object AllowQWKCheckBox: TCheckBox
         Left = 148
-        Top = 60
+        Top = 109
         Width = 119
         Height = 20
         Hint = 'Allow QWK packet transfers'
         Caption = 'QWK Packets'
         ParentShowHint = False
         ShowHint = True
-        TabOrder = 7
+        TabOrder = 9
+        OnClick = AllowQWKCheckBoxClick
       end
       object LocalFileSysCheckBox: TCheckBox
         Left = 148
-        Top = 86
+        Top = 62
         Width = 119
         Height = 20
         Hint = 
@@ -142,7 +151,7 @@ object FtpCfgDlg: TFtpCfgDlg
         Caption = 'Local File System'
         ParentShowHint = False
         ShowHint = True
-        TabOrder = 8
+        TabOrder = 7
       end
       object HostnameCheckBox: TCheckBox
         Left = 148
@@ -157,23 +166,33 @@ object FtpCfgDlg: TFtpCfgDlg
       end
       object DirFilesCheckBox: TCheckBox
         Left = 148
-        Top = 110
+        Top = 86
         Width = 125
         Height = 20
         Hint = 'Allow users access to files in directory, but not in database'
         Caption = 'Directory File Access'
         ParentShowHint = False
         ShowHint = True
-        TabOrder = 9
+        TabOrder = 8
       end
       object QwkTimeoutEdit: TEdit
-        Left = 85
+        Left = 223
         Top = 138
         Width = 39
         Height = 21
         Hint = 'Maximum number of seconds before QWK packet creation timeout'
         ParentShowHint = False
         ShowHint = True
+        TabOrder = 10
+      end
+      object MaxConConEdit: TEdit
+        Left = 85
+        Top = 138
+        Width = 39
+        Height = 21
+        Hint = 'Maximum Concurrent Connections from same IP (0=unlimited)'
+        ParentShowHint = False
+        ShowHint = True
         TabOrder = 6
       end
     end

src/sbbs3/ctrl/FtpCfgDlgUnit.h

@@ -86,6 +86,8 @@ __published:
     TEdit *PasvPortHighEdit;
     TLabel *PasvPortThroughLabel;
     TCheckBox *PasvIpLookupCheckBox;
+    TLabel *MaxConConLabel;
+    TEdit *MaxConConEdit;
 	void __fastcall FormShow(TObject *Sender);
 	void __fastcall OKBtnClick(TObject *Sender);
 	void __fastcall AnswerSoundButtonClick(TObject *Sender);
@@ -93,6 +95,7 @@ __published:
 	void __fastcall AutoIndexCheckBoxClick(TObject *Sender);
     void __fastcall HackAttemptSoundButtonClick(TObject *Sender);
     void __fastcall PasvIpLookupCheckBoxClick(TObject *Sender);
+    void __fastcall AllowQWKCheckBoxClick(TObject *Sender);
 private:
 public:
 	virtual __fastcall TFtpCfgDlg(TComponent* AOwner);

src/sbbs3/ctrl/MailCfgDlgUnit.dfm

 object MailCfgDlg: TMailCfgDlg
-  Left = 1274
-  Top = 822
+  Left = 1214
+  Top = 710
   BorderStyle = bsDialog
   Caption = 'Mail Server Configuration'
   ClientHeight = 246

src/sbbs3/ctrl/MainFormUnit.dfm

 object MainForm: TMainForm
-  Left = 760
-  Top = 266
+  Left = 733
+  Top = 639
   Width = 793
   Height = 398
   Caption = 'Synchronet Control Panel'

src/sbbs3/ftpsrvr.c

@@ -84,6 +84,7 @@ static volatile BOOL	terminate_server=FALSE;
 static char 	*text[TOTAL_TEXT];
 static str_list_t recycle_semfiles;
 static str_list_t shutdown_semfiles;
+static link_list_t current_connections;
 
 #ifdef SOCKET_DEBUG
 	static BYTE 	socket_debug[0x10000]={0};
@@ -203,12 +204,15 @@ static void update_clients(void)
 
 static void client_on(SOCKET sock, client_t* client, BOOL update)
 {
+	if(!update)
+		listAddNodeData(&current_connections, client->addr, strlen(client->addr) + 1, sock, LAST_NODE);
 	if(startup!=NULL && startup->client_on!=NULL)
 		startup->client_on(startup->cbdata,TRUE,sock,client,update);
 }
 
 static void client_off(SOCKET sock)
 {
+	listRemoveTaggedNode(&current_connections, sock, /* free_data */TRUE);
 	if(startup!=NULL && startup->client_on!=NULL)
 		startup->client_on(startup->cbdata,FALSE,sock,NULL,FALSE);
 }
@@ -1239,6 +1243,7 @@ static void receive_thread(void* arg)
 	thread_down();
 }
 
+// Returns TRUE upon error?!?
 static BOOL start_tls(SOCKET *sock, CRYPT_SESSION *sess, BOOL resp)
 {
 	BOOL nodelay;
@@ -2703,13 +2708,18 @@ static void ctrl_thread(void* arg)
 					sockprintf(sock,sess,"534 Already in TLS mode");
 					continue;
 				}
-				if (start_tls(&sock, &sess, TRUE))
+				if (start_tls(&sock, &sess, TRUE)) {
+					lprintf(LOG_WARNING, "%04d <%s> failed to initialize TLS successfully", sock, host_ip);
 					break;
+				}
 				user.number=0;
 				sysop=FALSE;
 				filepos=0;
 				got_pbsz = FALSE;
 				protection = FALSE;
+				lprintf(LOG_INFO, "%04d <%s> initialized TLS successfully", sock, host_ip);
+				client.protocol = "FTPS";
+				client_on(sock, &client, /* update: */TRUE);
 				continue;
 			}
 			sockprintf(sock,sess,"504 TLS is the only AUTH supported");
@@ -5029,6 +5039,8 @@ static void cleanup(int code, int line)
 
 	update_clients();	/* active_clients is destroyed below */
 
+	listFree(&current_connections);
+
 	if(protected_uint32_value(active_clients))
 		lprintf(LOG_WARNING,"!!!! Terminating with %d active clients", protected_uint32_value(active_clients));
 	else
@@ -5117,6 +5129,7 @@ void DLLCALL ftp_server(void* arg)
 	protected_uint32_init(&thread_count, 0);
 
 	do {
+		listInit(&current_connections, LINK_LIST_MUTEX);
 		protected_uint32_init(&active_clients, 0);
 
 		/* Setup intelligent defaults */
@@ -5295,6 +5308,20 @@ void DLLCALL ftp_server(void* arg)
 				startup->socket_open(startup->cbdata,TRUE);
 
 			inet_addrtop(&client_addr, client_ip, sizeof(client_ip));
+
+			if(startup->max_concurrent_connections > 0) {
+				int ip_len = strlen(client_ip) + 1;
+				uint connections = listCountMatches(&current_connections, client_ip, ip_len);
+				if(connections >= startup->max_concurrent_connections
+					&& !is_host_exempt(&scfg, client_ip, /* host_name */NULL)) {
+					lprintf(LOG_NOTICE, "%04d [%s] !Maximum concurrent connections (%u) exceeded"
+ 						,client_socket, client_ip, startup->max_concurrent_connections);
+					sockprintf(client_socket, -1, "421 Maximum connections (%u) exceeded", startup->max_concurrent_connections);
+					ftp_close_socket(&client_socket,&none,__LINE__);
+					continue;
+				}
+			}
+
 			if(trashcan(&scfg,client_ip,"ip-silent")) {
 				ftp_close_socket(&client_socket,&none,__LINE__);
 				continue;
@@ -5304,7 +5331,6 @@ void DLLCALL ftp_server(void* arg)
 				lprintf(LOG_WARNING,"%04d !MAXIMUM CLIENTS (%d) reached, access denied"
 					,client_socket, startup->max_clients);
 				sockprintf(client_socket,-1,"421 Maximum active clients reached, please try again later.");
-				mswait(3000);
 				ftp_close_socket(&client_socket,&none,__LINE__);
 				continue;
 			}
@@ -5313,7 +5339,6 @@ void DLLCALL ftp_server(void* arg)
 				lprintf(LOG_CRIT,"%04d !ERROR allocating %d bytes of memory for ftp_t"
 					,client_socket,(int)sizeof(ftp_t));
 				sockprintf(client_socket,-1,"421 System error, please try again later.");
-				mswait(3000);
 				ftp_close_socket(&client_socket,&none,__LINE__);
 				continue;
 			}

src/sbbs3/ftpsrvr.h

@@ -83,6 +83,8 @@ typedef struct {
 	struct login_attempt_settings login_attempt;
 	link_list_t* login_attempt_list;
 
+	uint	max_concurrent_connections;
+
 } ftp_startup_t;
 
 /* startup options that requires re-initialization/recycle when changed */

src/sbbs3/mailsrvr.c

@@ -6086,10 +6086,10 @@ void DLLCALL mail_server(void* arg)
 
 	SetThreadName("sbbs/mailServer");
 	protected_uint32_init(&thread_count, 0);
-	listInit(&current_logins, LINK_LIST_MUTEX);
-	listInit(&current_connections, LINK_LIST_MUTEX);
 
 	do {
+		listInit(&current_logins, LINK_LIST_MUTEX);
+		listInit(&current_connections, LINK_LIST_MUTEX);
 		protected_uint32_init(&active_clients, 0);
 
 		/* Setup intelligent defaults */

src/sbbs3/sbbs_ini.c

@@ -39,6 +39,7 @@ static const char*	strInterfaces="Interface";
 static const char*	strPort="Port";
 static const char*	strMaxClients="MaxClients";
 static const char*	strMaxInactivity="MaxInactivity";
+static const char*	strMaxConConn="MaxConcurrentConnections";
 static const char*	strHostName="HostName";
 static const char*	strLogLevel="LogLevel";
 static const char*	strBindRetryCount="BindRetryCount";
@@ -391,7 +392,7 @@ void sbbs_read_ini(
 		bbs->bind_retry_delay=iniGetInteger(list,section,strBindRetryDelay,global->bind_retry_delay);
 
 		bbs->login_attempt = get_login_attempt_settings(list, section, global);
-		bbs->max_concurrent_connections = iniGetInteger(list, section, "MaxConcurrentConnections", 0);
+		bbs->max_concurrent_connections = iniGetInteger(list, section, strMaxConConn, 0);
 	}
 
 	/***********************************************************************/
@@ -459,6 +460,7 @@ void sbbs_read_ini(
 		ftp->bind_retry_count=iniGetInteger(list,section,strBindRetryCount,global->bind_retry_count);
 		ftp->bind_retry_delay=iniGetInteger(list,section,strBindRetryDelay,global->bind_retry_delay);
 		ftp->login_attempt = get_login_attempt_settings(list, section, global);
+		ftp->max_concurrent_connections = iniGetInteger(list, section, strMaxConConn, 0);
 	}
 
 	/***********************************************************************/
@@ -563,7 +565,7 @@ void sbbs_read_ini(
 		mail->bind_retry_count=iniGetInteger(list,section,strBindRetryCount,global->bind_retry_count);
 		mail->bind_retry_delay=iniGetInteger(list,section,strBindRetryDelay,global->bind_retry_delay);
 		mail->login_attempt = get_login_attempt_settings(list, section, global);
-		mail->max_concurrent_connections = iniGetInteger(list, section, "MaxConcurrentConnections", 0);
+		mail->max_concurrent_connections = iniGetInteger(list, section, strMaxConConn, 0);
 	}
 
 	/***********************************************************************/
@@ -801,7 +803,7 @@ BOOL sbbs_write_ini(
 			break;
 		if(!iniSetShortInt(lp,section,"OutbufDrainTimeout",bbs->outbuf_drain_timeout,&style))
 			break;
-		if(!iniSetInteger(lp,section,"MaxConcurrentConnections",bbs->max_concurrent_connections,&style))
+		if(!iniSetInteger(lp,section,strMaxConConn,bbs->max_concurrent_connections,&style))
 			break;
 
 
@@ -886,6 +888,8 @@ BOOL sbbs_write_ini(
 			break;
 		if(!iniSetShortInt(lp,section,strMaxInactivity,ftp->max_inactivity,&style))
 			break;
+		if(!iniSetInteger(lp,section,strMaxConConn,ftp->max_concurrent_connections,&style))
+			break;
 		if(!iniSetShortInt(lp,section,"QwkTimeout",ftp->qwk_timeout,&style))
 			break;
 		if(!iniSetBytes(lp,section,"MinFileSize",1,ftp->min_fsize,&style))
@@ -1010,7 +1014,7 @@ BOOL sbbs_write_ini(
 			break;
 		if(!iniSetInteger(lp,section,"ConnectTimeout",mail->connect_timeout,&style))
 			break;
-		if(!iniSetInteger(lp,section,"MaxConcurrentConnections",mail->max_concurrent_connections,&style))
+		if(!iniSetInteger(lp,section,strMaxConConn,mail->max_concurrent_connections,&style))
 			break;
 
 		if(strcmp(mail->host_name,global->host_name)==0