The Synchronet FTP server has (since 2001) disallowed PORT/EPRT/LPRT commands with a "reserved" port number (i.e. < 1024) as recommended by RFC2577 and when attempted, would log a "SUSPECTED FTP BOUNCE HACK ATTEMPT" in the data/hack.log file.

However, as Karloch (HISPAMSX) pointed out recently, an FTP Bounce Attack to other TCP ports was still possible (and detected/reported by some security scans as a potential vulnerability).

So, reject all PORT/EPRT/LPRT commands that specify an IP address other than that used for the control TCP connection unless the sysop specifically enables the new "ALLOW_BOUNCE" option flag (in the [ftp] section of sbbs.ini) and the user is an authenticated non-guest/anonymous user. And as before, log the attempt as a suspected hack attempt.

This change also removes the "Directory File Access" checkbox from the Synchronet Control Panel for Windows as that feature is "going away" soon (or at least, it won't be an FTP-specific option/feature if it remains).

Support optional limit on concurrent connections from the same IP address to the FTP server by setting MaxConcurrentConnections in the [ftp] section of sbbs.ini. Unlike the mail server and the terminal server, this concurrent-connection count is not discounted by the number of authenticated logins. The default value is 0 (unlimited).

This closes issue #156

The days of browsers rendering HTML served-up via FTP are over, so remove this feature. This also removes all JavaScript support from the FTP server and that is a bit odd as it was one of the first Synchronet components for which I added JS support.

Removing this feature was pretty painless; much easier than adding it was. The main motivation was less cruft to port to the file base in the works. There should be no more references to 00index.html anywhere at this point. Bye bye cool feature, we'll miss you.

Fix age-old bug with Borland/C++Builder built executables (Windows):
to achieve compatibility with  the default __cdecl symbol naming rules of
Visual C++, we were using __stdcall convention for DLL functions when
building code with Borland/C++Builder tools and using the default (__cdecl)
convention when building with Microsoft (Visual C++) tools. Although this
allowed symbols to be located when linking, the calling convention mismatch
caused a stack cleanup issue that very rarely manifested itself in a bug
(e.g. exception of some kind in sbbsctrl.exe, usually). Mismatching
the calling conventions was unintentional (I thought the default for MSVC
DLL functions was __stdcall) - but since the calls to MSVC-Built DLL functions
worked 99% of the time, I didn't realize there was an underlying issue. So I
now work-around the DLL symbol naming mismatch using a command-line option (-a)
passed to implib in src/sbbs3/ctrl/makelibs.bat

I had previously worked-around exceptions when calling MSVC DLL functions in
sbbsctrl.exe by calling the problematic DLL functions from a timer tick handler
rather than a user control (e.g. button) event handler. Those work-arounds can
now be removed.

The erroneous "DLLCALL" definition design pattern was replicated (copy/pasted)
to many other projects' header files in cvs.synchro.net. In the future, we may
want to just remove all instances of *CALL since they now serve no purpose and
appear as useless "Kruft" (but do allow us to more-easily globally change DLL
function calling conventions if/when necessary in the future).

By default, after 20 consecutive (unique) failed login attempts, *or*
a failed login attempt wtih a name from the name.can filter file.
The default temporary ban duration is 10 minutes.
The temporary ban thershold is configurable via LoginAttemptTempBanThreshold
in sbbs.ini and the ban duration is configurable via LoginAttemptTempBanDuration
(in seconds).

issues with files over 4GB.

before re-reading them.

xpms_add_chararray_list instead.  Prevents having to free string lists
in the sbbs.ini parsing code.

New Features:
- Multiple bindings for each service
  Use comma-separated interfaces on Interface= lines in the ini file.
  Default is now "0.0.0.0,::"
- IPv6 support
- TLS support for the webserver and (non-static) services
  New TLS option in services.ini (ie: Options=TLS)
- Decrease LEN_SCAN_CMD to 35 chars, increase the CID field to 45 chars,
  and rename the MAIL_CMD string to IPADDR.  I think this frees up the
  note field for SysOp use.

MinFileSize and MaxFileSize keys in the [ftp] section of the ctrl/sbbs.ini file
these values default to 0 which effectively applies no min/max to uploaded
files. Set MinFileSize to 11 to defeat the recent penetration testing seen
uploading 10 byte files with random filenames (8 alpha cars ending in ".txt")
with 8 alpha chars in the file, followed by a CRLF pair for a total size of 10
bytes.
Fixed bug whereby failed/aborted uploaded files would be left (not deleted).
Log errors when any file deletion fails in the FTP server.

clients, timeouts, etc.) into the various *srvr.h files and use them instead of
hard-coded constants sprinkled through-out the .c files.
If the web server "max_clients" key isn't specified in the sbbs.ini file,
use 0 (unlimited) for the max_clients value.

The attempt list can be view with sbbscon->'a' command or sbbsctrl->view->Login
Attempt List...
Delay/throttle/hacklog/and auto-filter values/thresholds are now configurable
in sbbs.ini.

error counting/logging/messages to be handled by front-end (e.g. control panel)
regardless of log_level setting.
Mail server now filters blocked-subjects before applying DNSBL tag.
Received message header TO and FROM fields are no longer checked against the
email.can file for SMTP-authenticated clients.
SMTP MAIL FROM and RCTP TO addresses are no longer checked against the
email.can file for SMTP-authenticated clients.
Statistics are displayed in a more legible manner when the mail server is
terminated.
The msgs_received stats counter now includes blocked and ignored messages too.

by properly const-ifying the appropriate functions and variables.

Not yet tested on Win32

startup option - we will *always* use the local timezone. If the sysop wants to
use GMT/UTC, they should configure their operating system accordingly.

instead of a bit-mask representing all the log levels to actually "see", use a
single numeric (or nmemonic) level value (ERROR, WARNING, NOTICE, etc.)
and less severe log levels (levels with a higher numeric value) will be filtered
(e.g. not "seen" or logged). It's the basic syslog() concept.

(enabled by adding LOOKUP_PASV_IP to the "Options" value in the [ftp] section
of your ctrl/sbbs.ini.
This option tells the FTP server to perform a hostname lookup (on the BBS's
hostname) to determine the correct/current public IP address to use in
PASV responses. This is one more kludge to work around stupid NAT devices
(consumer firewalls/routers).

(for broken firewall/NAT devices) and PASV port ranges (default is 1024-65535).

Created sbbs_read_js_settings() and sbbs_set_js_settings() to read and write
all settings to/from .ini files in a modular fashion.
This is a precursor to implementing support for JavaScriptThreadStack (limit)
support for all JS-enabled servers and services (working around the ircd bug).

Added shutdown_now to startup structures, used for nice shutdowns
(when server isn't in use) as opposed to terminate, which is immediate.
shutdown semaphores files are only acted on when server not in use.

by BindRetrycount and BindRetryDelay keys in the ini file.

Will control the number of times/delay between attempted calls to bind()
before the thread packs up and goes home.

STARTUP_INI_BITDESC_TABLES is #defined. These tables (even though declared
"static") were being compiled for every .obj and linked (multiply) into each
binary (possibly causing new segfaults in BSD builds?).
Init field tables are similarly only defined if STARTUP_INIT_FIELD_TABLES is
#defined.

(soon to be removed) to ftpsrvr.h.
Defined ftp_init_fields[] and FTP_INIT_OPTS to specify elements
(and bits) that require server recycle when changed.

is used by sbbscon to re-load the relevent portion of the startup .ini file
when a server is recycled, allowing dynamic changes to sbbs.ini.

of log entries reach the system (NT event) log.

function prototypes (currently using LOG_INFO level for all).

recycling without using semaphore files.

back to callback functions (e.g. lputs, thread_up, etc). This allows servers
to share the same callback functions, eliminating many nearly-identical
functions. This was able to shave quite a bit of redundant code from ntsvcs.c.
This feature is not utilized in sbbs (sbbscon.c) or sbbsctrl (mainformunit.cpp).

If you are not running your BBS as root, update and recompile now.

NOTE: Remember, RH9 users using the new threads - the default should use
gmake THREADS_ACTUALLY_WORK=1

Added semaphore file check frequency (sem_chk_freq) element to all server
startup structures (previously hard-coded to 2 seconds in most cases), defaults
to 5 seconds.
New SemFileCheckFrequency value in .ini file (both global and per-server).

operation).

per sbbs instance).

FreeBSD-tested seteuid(BOOL user) (set effective user-id) callback.
Deuce's mod.