1. 24 Feb, 2022 1 commit
  2. 01 Feb, 2022 1 commit
  3. 30 Jan, 2022 1 commit
    • Rob Swindell's avatar
      Fix HTTP-requests for files >= 2GB in size · d8c099db
      Rob Swindell authored
      An int is 32-bits on all supported platforms, so this has always been broken. The actual file size/request-length sent would depend on fun 2's complement math (a 32GB file was being truncated to 433MB).
      
      Also fixed some wrong uses of PRIuOFF: off_t is a signed integer, so technically the maximum file size you can request now is 2^63 bytes, which is "big enough".
      d8c099db
  4. 28 Jan, 2022 1 commit
    • Rob Swindell's avatar
      Use sbbs.ini [web] FileVPathPrefix to configure web filebase prefix · acd808d3
      Rob Swindell authored
      It bothered Deuce having a web server setting in scfg_t/SCFG->File Options, so I moved this setting to [web_]startup_t and the sbbs.ini file.
      
      The downside is that file_area.web_file_prefix is no longer available to JS environments outside of the web server and terminal server, but meh, probably not going to use it elsewhere anyway? I can imagine use cases for JSexec scripts to want to generate URLs to filebase files. If that ends up being a need, they'll have to find and parse the "right" sbbs.ini file to determine the vpath prefix. 
      acd808d3
  5. 17 Jan, 2022 1 commit
  6. 16 Jan, 2022 2 commits
    • Rob Swindell's avatar
      Add support for web request path aliases (defined in web_alias.ini) · f2858ee6
      Rob Swindell authored
      Similar to the ctrl/ftpalias.cfg file, the new ctrl/web_alias.ini file (optional) can be used to map a portion (the first portion, only) of a web request path to a different physical or virtual path. For example, I'm using it to map:
      /Synchronet/ = /files/main/sbbs/
      for filebase access to my main->sbbs directory of Vertrauen's filebase using a /Synchronet/* web request (i.e. for slightly prettier or shorter custom URLs, if desired).
      f2858ee6
    • Rob Swindell's avatar
      Add direct filebase access from the web server (optional) · 1ab2956b
      Rob Swindell authored
      By setting SCFG->File Options->Web File Virtual Path Prefix to something (e.g. "/files/"), all HTTP or HTTPS requests to the Synchronet Web Server with request paths beginning with this prefix will be interpreted as filebase access requests (with full access control enforcement). This is configured here (in SCFG) rather than, say, the [web] section of sbbs.ini, because I have plans for the terminal server to use this prefix to generate Web-URLs for files to display or email to users.
      
      Currently, only requests to *files* (for download) are supported (no index generation, file information, etc. and definitely no upload support). Full access control (using HTTP auth, not cookies) is used for libraries and directories with controlled access. Credits are deducted and awarded and uploaders are notified of downloads, as one would expect. Requests to any dynamic-web-content files (e.g. .SSJS, .XJS, etc.) will be treated as static file download requests (no script will be executed).
      
      I'm reusing the same virtual path parsing logic from the FTP server (moved to the userdat lib), so the virtual path to a file for download would be, for example, http://yourdomain/files/lib/dir-code/filename.ext
      
      The main motivation for this feature is: FTP-links in email and web pages are just not useful to many users these days and I don't think that sysops should have to rely on a SSJS web UI (e.g. ecWebv4, cool as it is), to provide web-access to the filebases. Using this feature, you can share simpler/shorter web links to your files that will be more enduring.
      1ab2956b
  7. 01 Jul, 2021 1 commit
    • Rob Swindell's avatar
      Fix NULL pointer dereference in read_post_data() · f38adc13
      Rob Swindell authored
      What took down cvs/sbbs yesterday:
      Program terminated with signal SIGSEGV, Segmentation fault.
      6203                    session->req.post_data[session->req.post_len]=0;
      [Current thread is 1 (Thread 0x7f2b989ff700 (LWP 17031))]
      (gdb) print post_len
      No symbol "post_len" in current context.
      (gdb) print session->req.post_len
      $1 = 0
      (gdb) print session->req.post_data
      $2 = 0x0
      f38adc13
  8. 05 Jun, 2021 3 commits
  9. 19 Apr, 2021 1 commit
    • Rob Swindell's avatar
      Control sound-mute via semfile (ctrl/sound.muted) rather than sbbs.ini · a88cce19
      Rob Swindell authored
      There was a bug with reloading the configuration files in sbbsctrl where the sound button no longer reflected the truth and the sysop's previous click-state of the button was lost. Rather than going through writing the OPT_MUTE flag to the Options fields of all the sections of the sbbs.ini and then re-loading that file as a result, just do like we did with the sysop chat availability: use a semfile. So much simpler.
      
      If anyone ever needs instance-specific muting, we can create/check instance/host-specific mute semfiles then. Doubt that'll happen though.
      
      Also, removed the old sysavail control methods of ntsvcs too.
      a88cce19
  10. 18 Apr, 2021 1 commit
    • Rob Swindell's avatar
      Update sound (WAV) file play-on-event support in Windows build · f26a82b0
      Rob Swindell authored
      A "hack attempt" sound file is now supported in the Terminal Server, Mail Server,  and Services.
      
      "login" and "logoff" sound files are now supported in the Terminal Server, FTP Server, Web Server, Mail Server, and Services.
      This enhancement fixes Issue #157
      
      The following sound files may now be configured in the [Global] section of the ctrl/sbbs.ini file, if desired to set the default sound files for all servers/services in on place:
      - AnswerSound
      - LoginSound
      - LogoutSound
      - HangupSound
      - HackAttemptSound
      f26a82b0
  11. 05 Apr, 2021 1 commit
    • Deucе's avatar
      More closely reproduce select() behaviour when using poll() · b5b02ba5
      Deucе authored
      Specifically, have errors mean the fd is "ready".
      
      Also, fix some extra revent clearing and a spy socket issue while
      we're looking at this code.
      
      Should fix issues with CGI scripts that close stdin/stdout but do
      not terminate, and maybe deal with some other corner cases at the
      same time.
      b5b02ba5
  12. 04 Apr, 2021 4 commits
  13. 02 Apr, 2021 1 commit
    • Deucе's avatar
      Initial work on setTimeout() · ad635a64
      Deucе authored
      This appears to work and the event handler *should* work on other
      event types already.
      
      Note, this is *nix-only due to the use of poll().  select() will
      need to be used for Windows to keep XP compatability.
      ad635a64
  14. 31 Mar, 2021 1 commit
  15. 30 Mar, 2021 1 commit
    • Deucе's avatar
      Initial poll() work · af30c430
      Deucе authored
      Still needs updates in services_thread(), CGI stuff in websrvr.c,
      and sbbs_t::external()
      af30c430
  16. 23 Mar, 2021 1 commit
  17. 20 Mar, 2021 1 commit
  18. 17 Mar, 2021 1 commit
  19. 08 Mar, 2021 1 commit
  20. 06 Mar, 2021 1 commit
    • Rob Swindell's avatar
      Allow fine-grained control over JavaScript compiler options via *.ini · 2c7f3bc6
      Rob Swindell authored
      JavaScriptOptions bit-field can be set in sbbs.ini and jsexec.ini to over-ride the default JS compiler options which have been changed from 0 to (options previously only used by JSDoor):
      JIT | METHODJIT | COMPILE_N_GO | PROFILING
      
      * JIT - TraceMonkey
      * METHODJIT - JägerMonkey
      * COMPILE_N_GO - compile-time scope chain resolution of consts
      * PROFILING - Choose between TraceMonkey and JägerMonkey at compile-time based on profiling results
      
      Other options available but not enabled by default:
      * STRICT - warn on debious practice (i.e. similar to "use strict")
      * WERROR - convert warnings to errors
      * VAROBJFIX -  use last object on scope chain as the ECMA 'variables object'
      * RELIMIT - Throw exception on any regular expression which backtracks more than n^3 times, where n is length of the input string
      * ANONFUNFIX - Disallow function () {} in statement context per ECMA-262 Edition 3.
      * METHODJIT_ALWAYS - Always whole-method JIT, don't tune at run-time.
      
      Also:
      - Fixed JS warning string formatting (missing space separator).
      - Removed an extraneous new-line in lprintf() call in mailsrvr.
      - Added basic assertEq() global method to jsexec, required when running SpiderMonkey test scripts.
      2c7f3bc6
  21. 22 Feb, 2021 2 commits
  22. 20 Feb, 2021 2 commits
  23. 18 Feb, 2021 3 commits
  24. 17 Feb, 2021 2 commits
  25. 16 Feb, 2021 1 commit
    • Rob Swindell's avatar
      Optional cap on TLS log message severity level · 113a9a56
      Rob Swindell authored
      Are you tired of getting TLS-related error log messages that you can't do anything about? e.g.
      web  0139 TLS ERROR 'Received TLS alert message: Unexpected message' (-15) setting session active
      
      The new sbbs.ini [web] TLSErrorLevel option (defaults to 0 / "Emergency") allows the sysop to set a cap (maximum severity) on TLS-related log messages in the web server (e.g. TLSErrorLevel=Warning).
      113a9a56
  26. 15 Feb, 2021 4 commits