1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • exec/login.js

    From rswindell@VERT to CVS commit on Wednesday, February 12, 2014 17:29:07
    exec login.js 1.7 1.8
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv24309

    Modified Files:
    login.js
    Log Message:
    Clear key buffer after failed login


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Friday, March 07, 2014 20:46:00
    exec login.js 1.8 1.9
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv30452

    Modified Files:
    login.js
    Log Message:
    If a login name was provided by the application protocol (e.g. Telnet, RLogin, SSH), use that as the default login name.
    Clear the bbs.rlogin_name value if the login fails.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Tuesday, May 12, 2015 00:16:51
    exec login.js 1.9 1.10
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv9040

    Modified Files:
    login.js
    Log Message:
    Remove left-over commented-out custom font loading test code.


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Monday, May 09, 2016 00:05:15
    exec login.js 1.11 1.12
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv3431

    Modified Files:
    login.js
    Log Message:
    If login_prompts is set in the [login] section of ctrl/modopts.ini, use that value (instead of the hard-coded 10) to limit the number of login prompts displayed before disconnecting the user. A failed password attempt counts as
    "2 prompts".



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Friday, May 27, 2016 00:34:25
    exec login.js 1.12 1.13
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv4637

    Modified Files:
    login.js
    Log Message:
    When a user fails to login using a block name (from name.can), immediately disconnect them (with a message) and log a notice.



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From rswindell@VERT to CVS commit on Monday, November 27, 2017 22:20:39
    exec login.js 1.14 1.15
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv23206

    Modified Files:
    login.js
    Log Message:
    Added more detail to the lost account info (password) email and log
    a message for the sysop.



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Sunday, October 21, 2018 23:08:53
    exec login.js 1.15 1.16
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv9142

    Modified Files:
    login.js
    Log Message:
    Beautification for smaller (e.g. 40-column) terminals.
    Also, allow the inactivity timeout value for connections without an auto-detected terminal to be set explicitly via modopts.ini
    [login] inactive_hangup = 30 (seconds)
    rather than deriving from the configured inactivity hangup value in SCFG->Nodes.



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Saturday, February 16, 2019 16:09:44
    exec login.js 1.16 1.17
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv3623

    Modified Files:
    login.js
    Log Message:
    Enhancement to the failed login/password-email feature:
    If confirm_email_address = false in the [login] section of modopts.ini, do not ask the user to confirm their email address before sending password.
    Do not display the email address back to the user (in case they did not already know it).
    Send the user a telegram for each failed login attempt (using user alias, not number).
    Send the user a telegram when their account info (password) was requested.



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Monday, July 15, 2019 22:30:41
    exec login.js 1.18 1.19
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv27474

    Modified Files:
    login.js
    Log Message:
    2 changes:
    Always parse/strip the fast_logon_char (default: '!') from the login name /number. This way if users get used to logging in in this fashion, it won't stimy them if the sysop disables the feature.

    Added fast_logon_requirements option (default: blank) which is an optional
    ARS to limit fast logon support to specific user-groups.



    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From rswindell@VERT to CVS commit on Thursday, January 23, 2020 10:48:11
    exec login.js 1.20 1.21
    Update of /cvsroot/sbbs/exec
    In directory cvs:/tmp/cvs-serv28889

    Modified Files:
    login.js
    Log Message:
    Support guest=false in [login] section of modopts.ini


    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to sbbs/master on Saturday, September 19, 2020 22:54:45
    https://gitlab.synchro.net/sbbs/sbbs/-/commit/b05b2cc15bc5da16d5da1be6
    Modified Files:
    exec/login.js
    Log Message:
    Re-enable the short inactivity timeout for non-terminal connections (bots)

    As of Oct-25-2018, the NO_EXASCII flag was set in the autoterm variable
    when there was no ANSI terminal auto-detected. This defeated the short inactivity timeout feature of login.js because it was checking specifically
    for a zero-value autoterm.

    So change this logic to check for no ANSI, PETSCII, or UTF-8 (the 3 indicators of a valid terminal) - though I suppose PETSCII is questionable (it's not actually auto-detected, just a non-standard port usually).

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to main/sbbs/master on Saturday, March 27, 2021 21:57:16
    https://gitlab.synchro.net/main/sbbs/-/commit/35d1f33534a152aa7c46c56c
    Modified Files:
    exec/login.js
    Log Message:
    Run the "inactive_hangup" option through parseInt()

    Just in case it was read as a string (e.g. had a ; comment following the value)

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell@VERT to Git commit to main/sbbs/master on Saturday, January 21, 2023 18:28:12
    https://gitlab.synchro.net/main/sbbs/-/commit/e6017a35aa2fecf4d05a4621
    Modified Files:
    exec/login.js
    Log Message:
    Restore stealth legacy login prompt (NN:)

    This old prompt used to be sent for any login scripts (e.g. QWKnet
    via dial-up) that would key off that WWIV-like "name or number"
    (NN:) prompt, but was removed (accidentally?) in commit fedabb0b8f6dfcdc4.

    Send "NN: " and "PW: " (include the trailing space, just in case), and use carriage return to move back (and overwrite) rather than 4 backspaces.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Saturday, February 04, 2023 20:20:08
    https://gitlab.synchro.net/main/sbbs/-/commit/f5c555808b050bc980af2852
    Modified Files:
    exec/login.js
    Log Message:
    The bare CR is treated as CRLF on PETSCII, so use Ctrl-A[ instead

    We don't do output translation for PETSCII terminals for CR or LF
    chars, so this trick is needed, at least currently, for the NN legacy prompt
    to be properly over-written/invisible for CBM/PETSCII terminals.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on ChromeOS)@VERT to Git commit to main/sbbs/master on Saturday, February 11, 2023 13:35:16
    https://gitlab.synchro.net/main/sbbs/-/commit/1b67a35ef4230d8ac379e04a
    Modified Files:
    exec/login.js
    Log Message:
    Use the new (to v3.20) method of checking for login-by-usernumber support

    The old NM_NO_NUM flag is unused/deprecated.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Saturday, March 18, 2023 14:51:34
    https://gitlab.synchro.net/main/sbbs/-/commit/b91e77719928033321808776
    Modified Files:
    exec/login.js
    Log Message:
    Apply inactive_hangup option (for dumb terminals) using max_socket_inactivity

    this insures that inactive dumb (bot) connections will be disconnected even when using a script (e.g. animated pause prompt) that doesn't time-out.

    Also, if the connected node is the last node (for this sbbs instance), divide the socket inactivity timeout value in half.

    These changes (along with sbbs v3.20) should help with DOS (denial-of-service, not MS-DOS) prevention.

    Mainly for Krueger.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Tuesday, July 25, 2023 17:02:02
    https://gitlab.synchro.net/main/sbbs/-/commit/7f1525c5bca05030d54a2c40
    Modified Files:
    exec/login.js
    Log Message:
    Enable "use strict" mode in this script - best practice

    Requires hex literals for control chars instead of octal
    (e.g. \x01 instead of \1)

    All stock scripts should be using strict mode, so this was a miss.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net