Synchronet now requires the libarchive development package (e.g. libarchive-dev on Debian-based Linux distros, for more info) to build successfully.

  1. 08 Nov, 2014 4 commits
  2. 07 Nov, 2014 3 commits
  3. 06 Nov, 2014 2 commits
  4. 05 Nov, 2014 1 commit
  5. 03 Nov, 2014 1 commit
  6. 30 Oct, 2014 8 commits
  7. 29 Oct, 2014 2 commits
    • rswindell's avatar
    • rswindell's avatar
      Bug-fix: when SSH or RLogin supplied username is not a valid user, the new user · 01ea9701
      rswindell authored
      signup process would be started without the current client IP address being
      added to the 'failed login attempt' list. This means that brute force login
      attempts using SSH or RLogin would usually not be subject to the loginAttempt
      delays and logging/filtering settings (in sbbs.ini), since the usernames
      attempted (e.g. root, admin) are usually not valid usernames.
      - Log failed password attempts before calling badlogin() -which can delay.
      - Stop RLogin and SSH password prompt loop immediately if disconnected.
      - Log RLogin and SSH passwords used for invalid usernames (when password
        logging is enabled in SCFG).
      - Log attempted usernames in quotes (so prepenned or trailing whitespace is more
  8. 28 Oct, 2014 1 commit
    • rswindell's avatar
      Fix node hang (infinite loop) possible when input_thread() is terminated before · f18856a8
      rswindell authored
      answer() set online to ON_REMOTE. This should resolve the issue with SSH brute
      force password attackers hanging nodes in "new user applying for access".
      The actual fix was to remove the set of the online variable to ON_REMOTE
      in answer() (it's initialized to this value in the sbbs_t constructor), the
      check in getkey() is just for extra paranoia and should not be necessary.
  9. 14 Oct, 2014 7 commits
  10. 09 Oct, 2014 1 commit
  11. 08 Oct, 2014 7 commits
  12. 07 Oct, 2014 1 commit
  13. 06 Oct, 2014 2 commits