moved archetype.pl into psyconf for improved security

This commit is contained in:
psyc://psyced.org/~lynX 2009-03-03 04:03:29 +01:00
parent e4017f34e1
commit 40e7a625ee
5 changed files with 105 additions and 137 deletions

View File

@ -9,12 +9,9 @@ ________________________________________________________________________
- remote IRC place does not send names listing on /join - remote IRC place does not send names listing on /join
- remote IRC /part shows no reaction at first attempt - remote IRC /part shows no reaction at first attempt
+++ not limited to IRC!! thx marenz +++ not limited to IRC!! thx marenz
- /set multiplace should be ignored for rich accesses
- XMPP: first reply to a stranger's remote psyc message did not show up in psi - XMPP: first reply to a stranger's remote psyc message did not show up in psi
? would you prefer psyced to store hashed passwords by default ?
- IRC shows "*** k kindly asks for your friendship." for remote - IRC shows "*** k kindly asks for your friendship." for remote
friendship requests. eh! where's the uniform!? friendship requests. eh! where's the uniform!?
@ -39,12 +36,6 @@ ________________________________________________________________________
</error> </error>
</message> </message>
- minor paranoia thing:
- cvs-move archetype.pl out of the sandbox
- change the require in psyconf to point to the new path
! profiles.pl and its Makefile aren't a real threat, we don't expect
anyone to run them, they are for developers only.
- spam by unregistered users: limit unregistered users to 1 per minute for now? - spam by unregistered users: limit unregistered users to 1 per minute for now?
or force them to do web-based registration? or even.. trustee-based? or force them to do web-based registration? or even.. trustee-based?
it's the real thing.....! it's the real thing.....!
@ -3908,4 +3899,7 @@ pkggen
+ ported from cvs to git + ported from cvs to git
sockets sockets
+ show encryption protocol and cipher in /tcp + show encryption protocol and cipher in /tcp
psyconf
+ generate bin/psyced with -u, -d and -m flags using git
+ merged archetype.pl into here, which improves sandbox security

View File

@ -637,7 +637,107 @@ X
} }
chdir "$sandbox/net/place" or die "Where is my net/place? $!"; chdir "$sandbox/net/place" or die "Where is my net/place? $!";
require "archetype.pl";
## start of former archetype.pl
# generate psyced place models using combinations of archetype flags
my @opts, @predef, %map;
open(I, "archetype.gen") or die <<X;
$0: Cannot open archetype.gen in $sandbox/net/place.
X
while (<I>) {
if (m!define\s(\w+)\s*//\s\[(.)\]!) {
if ($2 eq '+') {
push @predef, $1;
} else {
$map{$2} = $1;
push(@opts, $2);
}
} elsif (/^#endif/) {
last;
}
}
close I;
print "Generating archetype place models...\n";
# print join("\n", @opts), "\n\n";
# print "$_\n" foreach ( %map );
open (O, ">../include/place.i") or die $!;
print O <<X;
// generated by '$0': place.i for place.gen
X
my $file = '';
foreach $o (@opts) {
print O <<X;
#ifdef $map{$o}
# define O$o "$o"
#else
# define O$o ""
#endif
X
$file .= " O$o";
}
print O <<X;
inherit NET_PATH "place/_"$file;
X
$predef = '';
foreach $p (@predef) {
$predef .= "#define $p\n";
}
# open(IG, ">.cvsignore") or print <<X;
#Warning: cannot create .cvsignore. Well, doesn't matter.
#X
# # funny how it likes to see itself in there
# print IG ".cvsignore\n";
my $bits = 1 + $#opts;
for ($v = 1 << $bits; $v;) {
$v--;
$f = '';
$model = '';
for ($i = 0; $i < $bits; $i++) {
if ($v & 1 << $i) {
my $o = $opts[$i];
$f .= $o;
$model .= "#define $map{$o}\n";
}
}
# special case: skip all exports without history
next if $f =~ /^e/;
# same special case is also handled in place.gen
printf " (%02d _%s)", $v, $f;
#print " ($v _$f)";
# print IG "_$f.c\n";
open (O, ">_$f.c") or die $!;
# proud and noisy.. for a week or two at least ;)
#echo loading model '_$f' generated by '$0'
print O <<X;
// model '_$f' generated by '$0'
#define ESSENTIALS
$model
#include "archetype.gen"
X
# used to output $predef but it's easier to
# have archetype.gen sort out ESSENTIALS
close O;
}
# close IG;
print "\nModel creation completed successfully.\n";
## end of former archetype.pl
say "\nCaution: You may have to completely shut down and restart psyced\n"; say "\nCaution: You may have to completely shut down and restart psyced\n";
say "to ensure the newly generated start-up scripts are actually used.\n"; say "to ensure the newly generated start-up scripts are actually used.\n";

View File

@ -131,7 +131,7 @@ int main(int argc, char **argv) {
} }
puts(">> Doing a git garbage collection"); puts(">> Doing a git garbage collection");
if (system("git gc")) { if (system("git gc --aggressive")) {
puts(">> Error during git gc. Exiting."); puts(">> Error during git gc. Exiting.");
return 1; return 1;
} }

View File

@ -1,25 +0,0 @@
.cvsignore
_hesmo.c
_hsmo.c
_smo.c
_hemo.c
_hmo.c
_mo.c
_heso.c
_hso.c
_so.c
_heo.c
_ho.c
_o.c
_hesm.c
_hsm.c
_sm.c
_hem.c
_hm.c
_m.c
_hes.c
_hs.c
_s.c
_he.c
_h.c
_.c

View File

@ -1,101 +0,0 @@
#!/usr/bin/perl
#
# generator of psyced place models using combinations of archetype flags.
# lynX 2007
my @opts, @predef, %map;
open(I, "archetype.gen") or die <<X;
$0: Cannot open archetype.gen. Need to be in my directory!
X
while (<I>) {
if (m!define\s(\w+)\s*//\s\[(.)\]!) {
if ($2 eq '+') {
push @predef, $1;
} else {
$map{$2} = $1;
push(@opts, $2);
}
} elsif (/^#endif/) {
last;
}
}
close I;
print "Generating archetype models...\n";
# print join("\n", @opts), "\n\n";
# print "$_\n" foreach ( %map );
open (O, ">../include/place.i") or die $!;
print O <<X;
// generated by '$0': place.i for place.gen
X
my $file = '';
foreach $o (@opts) {
print O <<X;
#ifdef $map{$o}
# define O$o "$o"
#else
# define O$o ""
#endif
X
$file .= " O$o";
}
print O <<X;
inherit NET_PATH "place/_"$file;
X
$predef = '';
foreach $p (@predef) {
$predef .= "#define $p\n";
}
open(IG, ">.cvsignore") or print <<X;
Warning: cannot create .cvsignore. Well, doesn't matter.
X
# funny how it likes to see itself in there
print IG ".cvsignore\n";
my $bits = 1 + $#opts;
for ($v = 1 << $bits; $v;) {
$v--;
$f = '';
$model = '';
for ($i = 0; $i < $bits; $i++) {
if ($v & 1 << $i) {
my $o = $opts[$i];
$f .= $o;
$model .= "#define $map{$o}\n";
}
}
# special case: skip all exports without history
next if $f =~ /^e/;
# same special case is also handled in place.gen
printf " (%02d _%s)", $v, $f;
#print " ($v _$f)";
print IG "_$f.c\n";
open (O, ">_$f.c") or die $!;
# proud and noisy.. for a week or two at least ;)
#echo loading model '_$f' generated by '$0'
print O <<X;
// model '_$f' generated by '$0'
#define ESSENTIALS
$model
#include "archetype.gen"
X
# used to output $predef but it's easier to
# have archetype.gen sort out ESSENTIALS
close O;
}
close IG;
print "\nModel creation completed successfully.\n";
1; # this just so that psyconf can use it