mirror of
				git://git.psyced.org/git/psyced
				synced 2024-08-15 03:25:10 +00:00 
			
		
		
		
	Merge remote-tracking branch 'origin/master'
This commit is contained in:
		
						commit
						1729406dda
					
				
					 10 changed files with 130 additions and 26 deletions
				
			
		
							
								
								
									
										19
									
								
								CHANGESTODO
									
										
									
									
									
								
							
							
						
						
									
										19
									
								
								CHANGESTODO
									
										
									
									
									
								
							|  | @ -1570,6 +1570,23 @@ ________________________________________________________________________ | ||||||
|   (later people called this technique 'CERTIFICATE PINNING') |   (later people called this technique 'CERTIFICATE PINNING') | ||||||
| 
 | 
 | ||||||
| == PSYC CLIENTS ======================================================== | == PSYC CLIENTS ======================================================== | ||||||
|  | 
 | ||||||
|  | - PSYC clients are currently not detected as being secure even if they | ||||||
|  |   connect by Tor, TLS or localhost. This is because the net/psyc/user object | ||||||
|  |   as such isn't connected and the attempt to find the corresponding circuit | ||||||
|  |   opens up the question: what if the user has several clients linked? Does | ||||||
|  |   a secure one qualify for the entire user object to be trustworthy? What if | ||||||
|  |   there is another client that isn't secure? Possible approach to solve the | ||||||
|  |   issue: Disallow any password-protected user to be logged in over insecure  | ||||||
|  |   channels at any time. This is probably a good idea anyway as it respects | ||||||
|  |   the civil rights of *other* users that interact with this user in the | ||||||
|  |   expectation that conversations be private. This has the side effect that  | ||||||
|  |   PSYC users are forced to register before entering @welcome, unless we also | ||||||
|  |   do the refactoring described in MULTIPLE CLIENT INTERFACES and somehow fix | ||||||
|  |   that aspect in the process. Or we just walk through all the links and make | ||||||
|  |   sure all of them are secure, but that raises the problem of dealing with a | ||||||
|  |   new insecure client connecting. | ||||||
|  | 
 | ||||||
| - tg runs into trouble using _do_enter and _do_leave. apparently the enter-echo | - tg runs into trouble using _do_enter and _do_leave. apparently the enter-echo | ||||||
|   is not accepted by the UNI and thus does not make it into _list_places |   is not accepted by the UNI and thus does not make it into _list_places | ||||||
| - _do_leave does not forward the echo from remote places back to the client | - _do_leave does not forward the echo from remote places back to the client | ||||||
|  | @ -1582,8 +1599,6 @@ ________________________________________________________________________ | ||||||
| ? psyc clients haben uferlose idle times | ? psyc clients haben uferlose idle times | ||||||
|   und sie altern nicht |   und sie altern nicht | ||||||
| 
 | 
 | ||||||
| ? cryptochat raum? |  | ||||||
| 
 |  | ||||||
| ? how to improve _request_store and _retrieve? | ? how to improve _request_store and _retrieve? | ||||||
|   look at http://asg.web.cmu.edu/acap/ for ideas |   look at http://asg.web.cmu.edu/acap/ for ideas | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -613,7 +613,7 @@ X | ||||||
| # TODO: generate a psyced.gdb file kind of like this | # TODO: generate a psyced.gdb file kind of like this | ||||||
| 	print <<X if 0; | 	print <<X if 0; | ||||||
| file /bin/psyclpc | file /bin/psyclpc | ||||||
| run -DDEBUG=1 -u 4404 4404 2323 6667 5222 9999 etc. whatever flags necessary | run -DDEBUG=1 -u 4404 4404 2323 6667 5222 6697 etc. whatever flags necessary | ||||||
| X | X | ||||||
| 
 | 
 | ||||||
| # PSYCED INIT.D SCRIPT | # PSYCED INIT.D SCRIPT | ||||||
|  |  | ||||||
|  | @ -14,7 +14,7 @@ | ||||||
| #define	HTTPS_PORT	34443 | #define	HTTPS_PORT	34443 | ||||||
| 
 | 
 | ||||||
| #define	IRC_PORT	6667 | #define	IRC_PORT	6667 | ||||||
| #define	IRCS_PORT	9999 | #define	IRCS_PORT	6697 | ||||||
| 
 | 
 | ||||||
| #define	JABBER_PORT	5222 | #define	JABBER_PORT	5222 | ||||||
| #define	JABBERS_PORT	5223 | #define	JABBERS_PORT	5223 | ||||||
|  |  | ||||||
|  | @ -16,7 +16,7 @@ | ||||||
| #define	HTTPS_PORT	34443 | #define	HTTPS_PORT	34443 | ||||||
| 
 | 
 | ||||||
| #define	IRC_PORT	6667 | #define	IRC_PORT	6667 | ||||||
| #define	IRCS_PORT	9999 | #define	IRCS_PORT	6697 | ||||||
| 
 | 
 | ||||||
| #define	JABBER_PORT	5222 | #define	JABBER_PORT	5222 | ||||||
| #define	JABBERS_PORT	5223 | #define	JABBERS_PORT	5223 | ||||||
|  |  | ||||||
|  | @ -125,7 +125,11 @@ _jabber_clients = 5222 | ||||||
| _jabber_clients_encrypted = 5223 | _jabber_clients_encrypted = 5223 | ||||||
| _IRC = 6667 | _IRC = 6667 | ||||||
| _IRC_hidden = 6667 | _IRC_hidden = 6667 | ||||||
| _IRC_encrypted = 9999 | ; according to https://tools.ietf.org/html/draft-butcher-irc-url-04 | ||||||
|  | ; we should be using 994, but then you better do a firewall forward. | ||||||
|  | ; then again https://tools.ietf.org/html/rfc7194 favors 6697. | ||||||
|  | ; who knows what actual ircs: URL implementations will do? | ||||||
|  | _IRC_encrypted = 6697 | ||||||
| _HTTP = 33333 | _HTTP = 33333 | ||||||
| ;_HTTP_hidden = 80 | ;_HTTP_hidden = 80 | ||||||
| _HTTP_encrypted = 34443 | _HTTP_encrypted = 34443 | ||||||
|  |  | ||||||
							
								
								
									
										19
									
								
								install.sh
									
										
									
									
									
								
							
							
						
						
									
										19
									
								
								install.sh
									
										
									
									
									
								
							|  | @ -22,10 +22,11 @@ | ||||||
| # | # | ||||||
| # psyclpc as obtained from http://lpc.psyc.eu | # psyclpc as obtained from http://lpc.psyc.eu | ||||||
| driver="psyclpc" | driver="psyclpc" | ||||||
| driverver="20111122" | driverver="20160417" | ||||||
|  | driversha256="ad403ad4243fea52d79b1d89d9ad30e2f6a89b4263cf13f329386d03cb6d4fbf" | ||||||
| lpcbaseurl="http://www.psyced.org/files/" | lpcbaseurl="http://www.psyced.org/files/" | ||||||
| zip="bz2" | zip="xz" | ||||||
| zipcmd="bzip2" | zipcmd="xz" | ||||||
| 
 | 
 | ||||||
| # useful for debugging - see what files it would produce | # useful for debugging - see what files it would produce | ||||||
| exit="exit 1" | exit="exit 1" | ||||||
|  | @ -47,8 +48,14 @@ then | ||||||
| 
 | 
 | ||||||
| !!${hi} HEY YOU, PORTAGE USER ${lo}!! | !!${hi} HEY YOU, PORTAGE USER ${lo}!! | ||||||
| If you are running gentoo/portage you should try out our beautiful ebuilds | If you are running gentoo/portage you should try out our beautiful ebuilds | ||||||
| at http://www.psyced.org/files/gentoo.tar.bz2 instead of this installation | in the youbroketheinternet-overlay instead of this installation script. | ||||||
| script. Stop it now. | Stop it now and do this... | ||||||
|  | 
 | ||||||
|  | torify git clone git://git.cheettyiapsyciew.onion/youbroketheinternet-overlay | ||||||
|  | 
 | ||||||
|  | or this instead: | ||||||
|  | 
 | ||||||
|  | git clone git://git.psyced.org/youbroketheinternet-overlay | ||||||
| 
 | 
 | ||||||
| ${hi}Warning: OLD-SCHOOL install.sh STARTING${lo} ... | ${hi}Warning: OLD-SCHOOL install.sh STARTING${lo} ... | ||||||
| 
 | 
 | ||||||
|  | @ -193,6 +200,8 @@ if ! test `ls -1 ${driver}-*tar.${zip} 2>/dev/null` | ||||||
|         if wget "${lpcbaseurl}/${driver}-${driverver}.tar.${zip}" |         if wget "${lpcbaseurl}/${driver}-${driverver}.tar.${zip}" | ||||||
|         then |         then | ||||||
| 	    echo "${driver} successfully retrieved." | 	    echo "${driver} successfully retrieved." | ||||||
|  | 	    echo "Expect this checksum:\n\n${driversha256}" | ||||||
|  | 	    sha256sum ${driver} | ||||||
| 	else | 	else | ||||||
| 	    echo "${hi}ATTENTION: Unable to download ${driver}" | 	    echo "${hi}ATTENTION: Unable to download ${driver}" | ||||||
| 	    echo "${hi}ATTENTION: ${lo}You have no ${driver}-*.tar.${zip} in this directory." | 	    echo "${hi}ATTENTION: ${lo}You have no ${driver}-*.tar.${zip} in this directory." | ||||||
|  |  | ||||||
|  | @ -1,11 +1,17 @@ | ||||||
| #include <net.h> | #include <net.h> | ||||||
| 
 | 
 | ||||||
| #define	CONNECT_TELNET	"nemesis.de", 2000 | //#ifdef BRAIN
 | ||||||
|  | # define	CONNECT_TELNET	"nemesis.de", 2000 | ||||||
|  | //#else
 | ||||||
|  | //# define	CONNECT_TELNET	"nemesis.de", 2001  // NemTest
 | ||||||
|  | //#endif
 | ||||||
|  | 
 | ||||||
| #define	ON_CONNECT	emit("guest\n"); | #define	ON_CONNECT	emit("guest\n"); | ||||||
| #define	ON_ANY		NET_PATH "tn/outgoing"::msg(source, mc, data, vars); | #define	ON_ANY		NET_PATH "tn/outgoing"::msg(source, mc, data, vars); | ||||||
| 
 | 
 | ||||||
| #include <place.gen> | #include <place.gen> | ||||||
| 
 | 
 | ||||||
|  | // to do this properly, we need a systematic way to redo prompts FIXME
 | ||||||
| parse(all) { | parse(all) { | ||||||
| 	// remove Nemesis' guest prompt.. why was i so funny
 | 	// remove Nemesis' guest prompt.. why was i so funny
 | ||||||
| 	// back then to implement several prompt chars?
 | 	// back then to implement several prompt chars?
 | ||||||
|  |  | ||||||
|  | @ -363,6 +363,11 @@ _notice_typing_active | ||||||
| _notice_typing_gone | _notice_typing_gone | ||||||
| |<message to='[_INTERNAL_target_jabber]' from='[_INTERNAL_source_jabber]'><gone xmlns='http://jabber.org/protocol/chatstates'/></message> | |<message to='[_INTERNAL_target_jabber]' from='[_INTERNAL_source_jabber]'><gone xmlns='http://jabber.org/protocol/chatstates'/></message> | ||||||
| 
 | 
 | ||||||
|  | _notice_telnet_verbatim | ||||||
|  | |<message from='[_INTERNAL_source_jabber_bare]' to='[_INTERNAL_target_jabber]' type='groupchat'> | ||||||
|  | |	<body>[_text_verbatim]</body> | ||||||
|  | |</message> | ||||||
|  | 
 | ||||||
| _notice_place | _notice_place | ||||||
| |<message from='[_INTERNAL_source_jabber_bare]' to='[_INTERNAL_target_jabber]' type='groupchat'> | |<message from='[_INTERNAL_source_jabber_bare]' to='[_INTERNAL_target_jabber]' type='groupchat'> | ||||||
| |	<body>[_data]</body> | |	<body>[_data]</body> | ||||||
|  |  | ||||||
|  | @ -1,43 +1,73 @@ | ||||||
| // vim:syntax=lpc
 | // vim:syntax=lpc
 | ||||||
| 
 | 
 | ||||||
|  | // DEBUG: FIXME
 | ||||||
|  | #define _flag_log_sockets_telnet_outgoing | ||||||
|  | 
 | ||||||
| #include <net.h> | #include <net.h> | ||||||
| //#include <status.h>
 |  | ||||||
| #include <services.h> | #include <services.h> | ||||||
| #include <text.h> | //#include <text.h>
 | ||||||
| //#include <uniform.h>
 | 
 | ||||||
|  | // this outgoing "telnet" socket thing implements both '/set mudlink'
 | ||||||
|  | // for users as MUD chatrooms such as @nemesis. would be cool if it
 | ||||||
|  | // actually was capable of handling telnet protocol, but the mud in
 | ||||||
|  | // question isn't, either.
 | ||||||
|  | //
 | ||||||
|  | // for a tighter integration between psyced and MUD it would also be
 | ||||||
|  | // cool to either have a native PSYC side channel, or to embed crypto-
 | ||||||
|  | // graphically signed PSYC packets (using a shared secret hash) into
 | ||||||
|  | // this stream.
 | ||||||
| 
 | 
 | ||||||
| // message queueing and automatic reconnect mgmt
 | // message queueing and automatic reconnect mgmt
 | ||||||
| inherit NET_PATH "circuit"; | inherit NET_PATH "circuit"; | ||||||
| 
 | 
 | ||||||
| //inherit NET_PATH "place/public";
 | virtual inherit NET_PATH "output"; | ||||||
| 
 | 
 | ||||||
|  | static string connectstring; | ||||||
|  | static object owner; | ||||||
|  | 
 | ||||||
|  | send(all) { | ||||||
|  | 	// if this doesn't work, then maybe you just forgot
 | ||||||
|  | 	// to /set charset in your test user
 | ||||||
|  | 	iconv(all, SYSTEM_CHARSET, "ASCII//TRANSLIT");	// should be configurable
 | ||||||
| #ifdef _flag_log_sockets_telnet_outgoing | #ifdef _flag_log_sockets_telnet_outgoing | ||||||
| emit(all, source) { | 	log_file("RAW_TN_OUT", "%O > %O\n", ME, all); | ||||||
| 	log_file("RAW_TN_OUT", "%d %O\t-> %s", time(), ME, all); |  | ||||||
| 	return ::emit(all); |  | ||||||
| } |  | ||||||
| #endif | #endif | ||||||
|  | 	//if (function_exists("emit")) return emit(all);
 | ||||||
|  | 	return emit(all); | ||||||
|  | } | ||||||
| 
 | 
 | ||||||
| parse(all) { | parse(all) { | ||||||
| 	next_input_to(#'parse); | 	next_input_to(#'parse); | ||||||
| #ifdef _flag_log_sockets_telnet_outgoing | #ifdef _flag_log_sockets_telnet_outgoing | ||||||
| 	log_file("RAW_TN_OUT", "%d %O\t<- %s", time(), ME, all); | 	log_file("RAW_TN_OUT", "%O < %O\n", ME, all); | ||||||
| #endif | #endif | ||||||
| 	// assumes multicaster.. fix later
 | 	if (all && all != "") iconv(all, "ASCII//TRANSLIT", SYSTEM_CHARSET); | ||||||
| 	castmsg(ME, "_notice_telnet_verbatim", "[_text_verbatim]", | 	if (owner) sendmsg(owner, | ||||||
|  | 	     "_notice_telnet_verbatim", "[_text_verbatim]", | ||||||
|  | 	    ([ "_text_verbatim": all ])); | ||||||
|  | 	else if (function_exists("castmsg")) castmsg(ME, | ||||||
|  | 	     "_notice_telnet_verbatim", "[_text_verbatim]", | ||||||
| 	    ([ "_text_verbatim": all ])); | 	    ([ "_text_verbatim": all ])); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| link(ho, po) { | link(ho, po) { | ||||||
| 	sTextPath(0, 0, "tn"); | 	//sTextPath(0, 0, "tn");
 | ||||||
| 	return ::circuit(ho, po || TELNET_SERVICE); | 	return ::circuit(ho, po || TELNET_SERVICE); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | config(host, port, justdoit) { | ||||||
|  | 	connectstring = replace(justdoit, " ", "\n") + "\n"; | ||||||
|  | 	owner = previous_object(); | ||||||
|  | 	link(host, port); | ||||||
|  | } | ||||||
|  | 
 | ||||||
| logon(failure) { | logon(failure) { | ||||||
| 	int rc = ::logon(failure); | 	int rc = ::logon(failure); | ||||||
| 	unless (rc) return 0; | 	unless (rc) return 0; | ||||||
| 	next_input_to(#'parse); | 	next_input_to(#'parse); | ||||||
| 	parse("[connected]");	// hack to maintain logon ascii graphics intact
 | 	parse("[connected]");	// hack to maintain logon ascii graphics intact
 | ||||||
|  | 				// could have queued this instead:
 | ||||||
|  | 	if (connectstring) call_out(#'send, 1, connectstring); | ||||||
| 	call_out(#'runQ, 3);	// deliver the queue of messages in circuit.c
 | 	call_out(#'runQ, 3);	// deliver the queue of messages in circuit.c
 | ||||||
| 	return rc; | 	return rc; | ||||||
| } | } | ||||||
|  | @ -78,7 +108,7 @@ msg(source, mc, data, mapping vars, showingLog, target) { | ||||||
| 	if (abbrev("_message_public", mc)) { | 	if (abbrev("_message_public", mc)) { | ||||||
| 		// FIXME: should we handle the disconnect instead?
 | 		// FIXME: should we handle the disconnect instead?
 | ||||||
| 		if (data == "quit") return 1; | 		if (data == "quit") return 1; | ||||||
| 		return emit(data + "\n"); | 		return send(data + "\n"); | ||||||
| 	} | 	} | ||||||
| #endif | #endif | ||||||
| } | } | ||||||
|  | @ -99,7 +129,7 @@ render(string mc, string data, mapping vars, mixed source) { | ||||||
| 	output = psyctext( template, vars, data, source); | 	output = psyctext( template, vars, data, source); | ||||||
|         if (!output || output=="") return D2(D("tn/out: empty output\n")); |         if (!output || output=="") return D2(D("tn/out: empty output\n")); | ||||||
| 	if (template == "") output += "\n"; | 	if (template == "") output += "\n"; | ||||||
| 	emit(output); | 	send(output); | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
|  | @ -143,6 +143,27 @@ input(a, dest) { | ||||||
| #endif | #endif | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | #define MUDLINK //FIXME | ||||||
|  | 
 | ||||||
|  | #ifdef MUDLINK | ||||||
|  | object mudlink; | ||||||
|  | 
 | ||||||
|  | mudlink(config) { | ||||||
|  | 	string connectstring, host; int port; | ||||||
|  | 	// should have mud nicknames instead, so that charsets, prompts | ||||||
|  | 	// and login procedures can be automated.. | ||||||
|  | 	if (sscanf(config, "%s %d %s", host, port, connectstring)) { | ||||||
|  | 		// FIXME L8R: | ||||||
|  | 		//unless (objectp(mudlink)) mudlink = named_clone(NET_PATH "tn/outgoing", MYNICK); | ||||||
|  | 		unless (objectp(mudlink)) mudlink = clone_object(NET_PATH "tn/outgoing"); | ||||||
|  | 		if (objectp(mudlink)) mudlink -> config(host, port, connectstring); | ||||||
|  | 		return 1; | ||||||
|  | 	} | ||||||
|  | 	// could produce a dedicated syntax warning here.. default is okay | ||||||
|  | 	return 0; | ||||||
|  | } | ||||||
|  | #endif | ||||||
|  | 
 | ||||||
| parsecmd(command, dest) { | parsecmd(command, dest) { | ||||||
| 	array(string) args; | 	array(string) args; | ||||||
| 	string a; | 	string a; | ||||||
|  | @ -2011,6 +2032,13 @@ tell(pal, what, palo, how, mc, tv) { | ||||||
| 		return; | 		return; | ||||||
| 	} | 	} | ||||||
| #endif | #endif | ||||||
|  | #ifdef MUDLINK | ||||||
|  | 	if (pal == "$mud") { | ||||||
|  | 		unless (objectp(mudlink) && interactive(mudlink)) mudlink(v("mudlink")); | ||||||
|  | 		if (objectp(mudlink)) mudlink -> send(what +"\n"); | ||||||
|  | 		return; | ||||||
|  | 	} | ||||||
|  | #endif // MUDLINK | ||||||
| #ifdef ALIASES | #ifdef ALIASES | ||||||
|         // this also allows for /alias MEP MunichElectropunk |         // this also allows for /alias MEP MunichElectropunk | ||||||
|        deaPal = aliases[lower_case(pal)] || pal; |        deaPal = aliases[lower_case(pal)] || pal; | ||||||
|  | @ -2664,6 +2692,7 @@ checkVar(key, value) { | ||||||
| 	string a, b; | 	string a, b; | ||||||
| 	array(string) t; | 	array(string) t; | ||||||
| 
 | 
 | ||||||
|  | 	P3(("%O checkVar(%O, %O)\n", ME, key, value)) | ||||||
| 	// aliases for variable names | 	// aliases for variable names | ||||||
| 	switch(key) { | 	switch(key) { | ||||||
| 	case "befehlszeichen": | 	case "befehlszeichen": | ||||||
|  | @ -2969,6 +2998,12 @@ checkVar(key, value) { | ||||||
| //	case "popstarfave": | //	case "popstarfave": | ||||||
| //	case "musicfave": | //	case "musicfave": | ||||||
| 		break;	// always valid | 		break;	// always valid | ||||||
|  | #ifdef MUDLINK | ||||||
|  | 	case "mudlink": | ||||||
|  | 		P0(("mudlink %O\n", value)) | ||||||
|  | 		if (value && !mudlink(value)) value = 0; | ||||||
|  | 		break; | ||||||
|  | #endif | ||||||
| 	case "encoding": | 	case "encoding": | ||||||
| 		key = "charset"; // fall thru | 		key = "charset"; // fall thru | ||||||
| 	case "charset": | 	case "charset": | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue