rcmd isn't coming from an imposter. Not possible to prevent everything
ofcourse, just make it a bit harder.
2. altered set/lockout and set/privilege so that they can't executed remotely.
3. Added some code to reject rubbish (with invalid binary characters) protocol
or user lines as input.
4. prevented PC command being executed remotely :-)
+08May99=======================================================================
+1. Added a bit more checking to the rcmd thing to make more sure that this
+rcmd isn't coming from an imposter. Not possible to prevent everything
+ofcourse, just make it a bit harder.
+2. altered set/lockout and set/privilege so that they can't executed remotely.
+3. Added some code to reject rubbish (with invalid binary characters) protocol
+or user lines as input.
+4. prevented PC command being executed remotely :-)
+05May99=======================================================================
+1. change the connection overlap from an abort to a disconnect.
02May99=======================================================================
1. Added the mechanism for doing user spot filtering for spots in the cluster
(no user control just yet - but sysops can do it).
02May99=======================================================================
1. Added the mechanism for doing user spot filtering for spots in the cluster
(no user control just yet - but sysops can do it).
my $line = shift;
my @f = split /\s+/, $line;
my $line = shift;
my @f = split /\s+/, $line;
-return (1, $self->msg('e5')) if $self->priv < 8;
+return (1, $self->msg('e5')) if $self->priv < 8 || $self->remotecmd;
my $call = uc shift @f;
my $dxchan = DXChannel->get($call);
my $call = uc shift @f;
my $dxchan = DXChannel->get($call);
foreach $call (@args) {
$call = uc $call;
foreach $call (@args) {
$call = uc $call;
- if ($ref = DXUser->get_current($call)) {
- $ref->lockout(1);
- $ref->put();
- push @out, $self->msg("lockout", $call);
+ unless ($self->remotecmd) {
+ if ($ref = DXUser->get_current($call)) {
+ $ref->lockout(1);
+ $ref->put();
+ push @out, $self->msg("lockout", $call);
+ } else {
+ $ref = DXUser->new($call);
+ $ref->lockout(1);
+ $ref->put();
+ push @out, $self->msg("lockoutc", $call);
+ }
- $ref = DXUser->new($call);
- $ref->lockout(1);
- $ref->put();
- push @out, $self->msg("lockoutc", $call);
+ push @out, $self->msg('sorry');
foreach $call (@args) {
$call = uc $call;
foreach $call (@args) {
$call = uc $call;
- if ($ref = DXChannel->get($call)) {
- $ref->priv($priv);
- $ref->user->priv($priv);
- $ref->user->put();
- }
- if (!$ref && ($user = DXUser->get($call))) {
- $user->priv($priv);
- $user->put();
- }
- if ($ref || $user) {
- push @out, $self->msg('priv', $call);
+ unless ($self->remotecmd) {
+ if ($ref = DXChannel->get($call)) {
+ $ref->priv($priv);
+ $ref->user->priv($priv);
+ $ref->user->put();
+ }
+ if (!$ref && ($user = DXUser->get($call))) {
+ $user->priv($priv);
+ $user->put();
+ }
+ if ($ref || $user) {
+ push @out, $self->msg('priv', $call);
+ } else {
+ push @out, $self->msg('e3', "Set Privilege", $call);
+ }
- push @out, $self->msg('e3', "Set Privilege", $call);
+ push @out, $self->msg('sorry');
foreach $call (@args) {
$call = uc $call;
foreach $call (@args) {
$call = uc $call;
- if ($ref = DXUser->get_current($call)) {
- $ref->lockout(0);
- $ref->put();
- push @out, $self->msg("lockoutun", $call);
+ unless ($self->remotecmd) {
+ if ($ref = DXUser->get_current($call)) {
+ $ref->lockout(0);
+ $ref->put();
+ push @out, $self->msg("lockoutun", $call);
+ } else {
+ push @out, $self->msg('e3', 'unset/lockout', $call);
+ }
- push @out, $self->msg('e3', 'unset/lockout', $call);
+ push @out, $self->msg('sorry');
# a - an alphanumeric regex
# d - the default rule
#
# a - an alphanumeric regex
# d - the default rule
#
-# if hops is left out or zero then the existing hop count will be used as normal
-#
-# The spot data (in this case '15') is the used as the hop count
-# if this is missing then the normal default applies
+# The hop count IS required on all lines. It won't work without!
- [ 1, 0, 'r', [ 50000.0, 3000000.0 ] ], # no hops required
- [ 0, 0, 'd' ], # don't want anything else
+ [ 1, 0, 'r', [ 50000.0, 3000000.0 ], 1 ], # hops _ARE_ required
+ [ 0, 0, 'd', 0, 1 ], # don't want anything else
if ($pcno == 34 || $pcno == 36) { # remote commands (incoming)
if ($field[1] eq $main::mycall) {
my $ref = DXUser->get_current($field[2]);
if ($pcno == 34 || $pcno == 36) { # remote commands (incoming)
if ($field[1] eq $main::mycall) {
my $ref = DXUser->get_current($field[2]);
+ my $cref = DXCluster->get($field[2]);
Log('rcmd', 'in', $ref->{priv}, $field[2], $field[3]);
Log('rcmd', 'in', $ref->{priv}, $field[2], $field[3]);
- unless ($field[3] =~ /rcmd/i) { # not allowed to relay RCMDS!
+ unless ($field[3] =~ /rcmd/i || !$cref || !$ref || $cref->mynode->call ne $ref->homenode) { # not allowed to relay RCMDS!
if ($ref->{priv}) { # you have to have SOME privilege, the commands have further filtering
$self->{remotecmd} = 1; # for the benefit of any command that needs to know
my @in = (DXCommandmode::run_cmd($self, $field[3]));
if ($ref->{priv}) { # you have to have SOME privilege, the commands have further filtering
$self->{remotecmd} = 1; # for the benefit of any command that needs to know
my @in = (DXCommandmode::run_cmd($self, $field[3]));
Log('rcmd', 'out', $field[2], $_);
}
delete $self->{remotecmd};
Log('rcmd', 'out', $field[2], $_);
}
delete $self->{remotecmd};
+ } else {
+ $self->send(pc35($main::mycall, $field[2], "$main::mycall:sorry...!"));
- $self->send(pc35($main::mycall, $field[2], "$main::mycall:Tut tut tut...!"));
+ $self->send(pc35($main::mycall, $field[2], "$main::mycall:your attempt is logged, Tut tut tut...!"));
}
} else {
route($field[1], $line);
}
} else {
route($field[1], $line);
if ($dxchan = DXChannel->get($call)) {
disconnect($dxchan);
sleep(1);
if ($dxchan = DXChannel->get($call)) {
disconnect($dxchan);
sleep(1);
# is there one already connected elsewhere in the cluster (and not a cluster)
my $user = DXUser->get($call);
# is there one already connected elsewhere in the cluster (and not a cluster)
my $user = DXUser->get($call);
my $data = $self->{data};
my $dxchan = $self->{dxchan};
my ($sort, $call, $line) = $data =~ /^(\w)(\S+)\|(.*)$/;
my $data = $self->{data};
my $dxchan = $self->{dxchan};
my ($sort, $call, $line) = $data =~ /^(\w)(\S+)\|(.*)$/;
+
+ # the above regexp must work
+ return unless ($sort && $call && $line);
+
+ # translate any crappy characters into hex characters
+ if ($line =~ /[\x00-\x06\x08\x0a-\x1f\x7f-\xff]/o) {
+ $line =~ s/([\x00-\x1f\x7f-\xff])/uc sprintf("%%%02x",ord($1))/eg;
+ dbg('chan', "<- $sort $call **CRAP**: $line");
+ return;
+ }
# do the really sexy console interface bit! (Who is going to do the TK interface then?)
dbg('chan', "<- $sort $call $line\n") unless $sort eq 'D';
# do the really sexy console interface bit! (Who is going to do the TK interface then?)
dbg('chan', "<- $sort $call $line\n") unless $sort eq 'D';
# handle A records
my $user = $dxchan->user;
if ($sort eq 'A' || $sort eq 'O') {
# handle A records
my $user = $dxchan->user;
if ($sort eq 'A' || $sort eq 'O') {