diff --git a/world/net/include/net.h b/world/net/include/net.h index 0c7fa5d..c47bf56 100644 --- a/world/net/include/net.h +++ b/world/net/include/net.h @@ -135,12 +135,16 @@ #endif #ifdef MUD -# define NO_NEWBIES +# define _flag_disable_authorization +#endif + +#ifdef REGISTERED_USERS_ONLY +# echo Please fix your #define REGISTERED_USERS_ONLY +# define _flag_disable_unauthenticated_users #endif #ifdef RELAY -# define NO_NEWBIES // same as REGISTERED_USERS_ONLY ? - // anyway, chance for some ifdef optimizations TODO +# define _flag_disable_authorization # define IRCGATE_NICK "PSYC.EU" # undef DEFAULT_USER_OBJECT # define DEFAULT_USER_OBJECT IRC_PATH "ghost" diff --git a/world/net/include/person.h b/world/net/include/person.h index 4eaa3c5..f5d0f43 100644 --- a/world/net/include/person.h +++ b/world/net/include/person.h @@ -39,7 +39,7 @@ # define ONLINE (ME && (interactive(ME) || (member(v("locations"), 0) && sizeof(v("locations")[0])))) #endif -#ifdef NO_NEWBIES +#ifdef _flag_disable_authorization # define IS_NEWBIE 0 #else # define IS_NEWBIE (!v("password")) diff --git a/world/net/jabber/active.c b/world/net/jabber/active.c index 84c934b..acfdc40 100644 --- a/world/net/jabber/active.c +++ b/world/net/jabber/active.c @@ -315,7 +315,7 @@ tls_logon(result) { mixed cert = tls_certificate(ME, 0); P3(("active::certinfo %O\n", cert)) if (mappingp(cert)) { - unless (certificate_check_jabbername(hostname, cert)) { + unless (certificate_check_name(hostname, cert, "xmpp-server")) { #ifdef _flag_report_bogus_certificates monitor_report("_error_invalid_certificate_identity", sprintf("%O presented a certificate that " diff --git a/world/net/jabber/common.c b/world/net/jabber/common.c index 2e4c8de..0f2ab3a 100644 --- a/world/net/jabber/common.c +++ b/world/net/jabber/common.c @@ -393,6 +393,7 @@ xmpp_error(node, xmpperror) { return 0; } +// deprecated - use certificate_check_name from library/tls.c instead #ifdef WANT_S2S_TLS certificate_check_jabbername(name, cert) { mixed t; diff --git a/world/net/jabber/disco.c b/world/net/jabber/disco.c index 757e42f..c6363cb 100644 --- a/world/net/jabber/disco.c +++ b/world/net/jabber/disco.c @@ -18,7 +18,7 @@ disco_info_root(vars) { string featurelist; featurelist = "" -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users # ifndef _flag_disable_registration # ifndef _flag_disable_registration_XMPP "" diff --git a/world/net/jabber/gateway.c b/world/net/jabber/gateway.c index 3a4a986..c88c0b5 100644 --- a/world/net/jabber/gateway.c +++ b/world/net/jabber/gateway.c @@ -291,13 +291,14 @@ jabberMsg(XMLNode node) { // paranoia note: as with XEP 0178 we might want to check dns anyway to // protect against stolen certificates if (mappingp(certinfo) && certinfo[0] == 0 - && node["@from"] && certificate_check_jabbername(node["@from"], certinfo)) { - P0(("dialback without dialback %O\n", certinfo)) + && node["@from"] && certificate_check_name(node["@from"], certinfo, "xmpp-server")) { + P2(("dialback without dialback %O\n", certinfo)) verify_connection(node["@to"], node["@from"], "valid"); } else { sendmsg(origin, "_dialback_request_verify", 0, ([ "_INTERNAL_target_jabber" : source, + // we shouldnt have to NAMEPREP a static string.. FIXME "_INTERNAL_source_jabber" : NAMEPREP(_host_XMPP), "_dialback_key" : node[Cdata], "_tag" : streamid @@ -413,7 +414,7 @@ jabberMsg(XMLNode node) { */ int success = 0; - success = certificate_check_jabbername(t, certinfo); + success = certificate_check_name(t, certinfo, "xmpp-server"); if (success) { emitraw(""); P2(("successful sasl external authentication with " @@ -541,8 +542,8 @@ open_stream(XMLNode node) { // sasl external if we know that it will succeed // later on if (node["@from"] && - certificate_check_jabbername(node["@from"], - certinfo)) { + certificate_check_name(node["@from"], + certinfo, "xmpp-server")) { packet += ""; packet += "EXTERNAL"; packet += ""; diff --git a/world/net/jabber/jabber.h b/world/net/jabber/jabber.h index 6232722..b836c11 100644 --- a/world/net/jabber/jabber.h +++ b/world/net/jabber/jabber.h @@ -86,6 +86,7 @@ virtual inherit JABBER_PATH "common"; // net/jabber is not ready for regular is_localhost #define is_localhost(a) (lower_case(a)) == _host_XMPP +// but.. what about NAMEPREP here? #define JABSOURCE "_INTERNAL_source_jabber" diff --git a/world/net/jabber/server.c b/world/net/jabber/server.c index db1d43c..b1d1625 100644 --- a/world/net/jabber/server.c +++ b/world/net/jabber/server.c @@ -187,7 +187,7 @@ jabberMsg(XMLNode node) { case "jabber:iq:register": if (node["@type"] == "get"){ string packet; -#if defined(REGISTERED_USERS_ONLY) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP) +#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP) // super dirty.. this should all be in textdb packet = sprintf("" "" @@ -234,7 +234,7 @@ jabberMsg(XMLNode node) { emit(packet); // QUIT } else { -#if defined(REGISTERED_USERS_ONLY) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP) +#if defined(_flag_disable_unauthenticated_users) || defined(_flag_disable_registration) || defined(_flag_disable_registration_XMPP) // TODO: generate some error as above #else user -> vSet("password", t[Cdata]); @@ -358,7 +358,7 @@ jabberMsg(XMLNode node) { # endif break; #endif -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users case "ANONYMOUS": unless(node[Cdata]) { SASL_ERROR("incorrect-encoding") @@ -481,10 +481,12 @@ open_stream(XMLNode node) { "DIGEST-MD5" #endif "PLAIN"; -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users // sasl anonymous "ANONYMOUS"; #endif + // here it makes sense to use check_jabbername + // but that is currently unused anyway #if __EFUN_DEFINED__(tls_available) if (tls_available() && tls_query_connection_state(ME) > 0 && mappingp(certinfo) && certinfo[0] == 0 @@ -494,7 +496,7 @@ open_stream(XMLNode node) { #endif features += ""; features += ""; -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users features += ""; #endif } diff --git a/world/net/jabber/user.c b/world/net/jabber/user.c index 2d70d71..e72c742 100644 --- a/world/net/jabber/user.c +++ b/world/net/jabber/user.c @@ -277,6 +277,7 @@ logon() { #endif nodeHandler = #'jabberMsg; set_prompt(""); + // we shouldn't have to NAMEPREP our SERVER_HOST for each new user.. FIXME myjid = NODEPREP(MYLOWERNICK) +"@" + NAMEPREP(SERVER_HOST); myjidresource = myjid +"/"+ RESOURCEPREP(resource); P2(("%O ready to rumble (%O)\n", myjidresource, ME)) @@ -626,7 +627,7 @@ iq(XMLNode node) { break; } break; -#if !defined(REGISTERED_USERS_ONLY) && !defined(_flag_disable_registration) && !defined(_flag_disable_registration_XMPP) +#if !defined(_flag_disable_unauthenticated_users) && !defined(_flag_disable_registration) && !defined(_flag_disable_registration_XMPP) case "jabber:iq:register": switch(node["@type"]) { case "get": diff --git a/world/net/library.i b/world/net/library.i index 26d57c6..a02ebf2 100644 --- a/world/net/library.i +++ b/world/net/library.i @@ -132,6 +132,8 @@ static varargs void ready_freddie(vamixed ip) { static void create() { PROTECT("CREATE") + string t; + #ifndef __PIKE__ master = previous_object(); restore_object(DATA_PATH "library"); @@ -194,7 +196,7 @@ static void create() { #ifdef VOLATILE D("VOLATILE flag set: Server will not save any data.\n"); #endif - myLowerCaseHost = lower_case(SERVER_HOST); + myLowerCaseHost = NAMEPREP(SERVER_HOST); register_localhost(myLowerCaseHost); #ifdef __PIKE__ //debug_write("Creating psyced library in Pike.\n"); @@ -259,9 +261,10 @@ static void create() { #ifdef JABBER_PATH register_target("xmpp:"+ myLowerCaseHost); # ifdef _host_XMPP - register_localhost(lower_case(_host_XMPP)); - register_target(lower_case(_host_XMPP)); - register_target("xmpp:"+ lower_case(_host_XMPP)); + t = NAMEPREP(_host_XMPP); + register_localhost(t); + register_target(t); + register_target("xmpp:"+ t); # endif #endif // base64decode("test2000"); diff --git a/world/net/library/tls.c b/world/net/library/tls.c index a90ad77..c975171 100644 --- a/world/net/library/tls.c +++ b/world/net/library/tls.c @@ -82,3 +82,78 @@ mapping tls_certificate(object who, int longnames) { P2(("cert is %O\n", cert)) return cert; } + +// generalized variant of the old certificate_check_jabbername +// RFC 6125 describes the process in more detail +int certificate_check_name(string name, mixed cert, string scheme) { + mixed t; + string idn; + // FIXME: should probably be more careful about internationalized + // domain names - need testcases +#define WILDCARD_MATCH(thing) (strlen(thing) > 2 && thing[0] == '*' && thing[1] == '.' && trail(thing[2..], name)) + /* this does not support wildcards if there is more than one + * id-on-xmppAddr/CN + * API Note: name MUST be an utf8 string + */ + unless(name && cert && mappingp(cert)) return 0; + + name = NAMEPREP(name); + + // subjectAlternativeName - dNSName + if ((t = cert["2.5.29.17:dNSName"])) { + if (stringp(t)) t = ({ t }); + foreach(string t2 : t) { + t2 = NAMEPREP(t2); + if (name == t2 || WILDCARD_MATCH(t2)) + return 1; + } + } + + // subjectAlternativeName - SRV ID - FIXME + // unfortunately, the only ones I have encountered so far were ... unusable + if ((t = cert["2.5.29.17:1.3.6.1.5.5.7.8.7"])) { + P2(("encountered SRVName, please tell fippo: %O\n", t)) + } + + // URI ID - FIXME + // not seen yet + +#if 0 + // id-on-xmppAddr - have not seen them issued by anyone but + // startcom and those usually include dnsname, too + if ((t = cert["2.5.29.17:1.3.6.1.5.5.7.8.5"])) { + if (pointerp(t)) { + if (member(t, name) != -1) return 1; + foreach(string cn : t) { + if (NAMEPREP(cn) == name) return 1; + } + } + else if (name == NAMEPREP(t)) + return 1; + } +#endif + + // commonName - deprecated to put the host here but... + // this is only to be checked if no subjectAlternativeName is present + if (!cert["2.5.29.17"] && (t = cert["2.5.4.3"])) { // common name + if (pointerp(t)) { // does that happen?! I don't think so... + // fast way - works for traditional hostnames + if (member(t, name) != -1) return 1; + + // look for idn encoded stuff + foreach(string cn : t) { + idn = NAMEPREP(idna_to_unicode(cn)); + if (idn == name) return 1; + } + return 0; + } +#ifdef __IDNA__ + idn = NAMEPREP(idna_to_unicode(t)); +#else + idn = NAMEPREP(t); +#endif + if (idn == name || WILDCARD_MATCH(idn)) + return 1; + } + return 0; +} diff --git a/world/net/person.c b/world/net/person.c index 24e2e98..5838ccd 100644 --- a/world/net/person.c +++ b/world/net/person.c @@ -756,7 +756,7 @@ checkPassword(try, method, salt, args, cb, varargs cbargs) { #endif // why here? //while (remove_call_out(#'quit) != -1); -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users # ifdef AUTH_HMAC_SECRET if (IS_NEWBIE && method != "hmac-sha1-shared") ARETURN(1) # else diff --git a/world/net/psyc/circuit.c b/world/net/psyc/circuit.c index e35d28b..0f82c61 100644 --- a/world/net/psyc/circuit.c +++ b/world/net/psyc/circuit.c @@ -225,8 +225,8 @@ int logon(int neverfails) { P1(("%O believing dNSName %O\n", ME, m)) // probably also: register_target? // but be careful never to register_target wildcards - if (stringp(m)) sAuthenticated(NAMEPREP(m)); - else foreach(t : m) sAuthenticated(NAMEPREP(t)); + if (stringp(m)) sAuthenticated(m); + else foreach(t : m) sAuthenticated(t); } //#ifdef _flag_allow_certificate_name_common // to be switched this year # ifndef _flag_disallow_certificate_name_common @@ -235,7 +235,7 @@ int logon(int neverfails) { // note: CN is deprecated for good reasons. else if (t = cert["2.5.4.3"]) { P1(("%O believing CN %O\n", ME, t)) - sAuthenticated(NAMEPREP(t)); + sAuthenticated(t); } # endif if (m = tls_query_connection_info(ME)) { diff --git a/world/net/psyc/library.i b/world/net/psyc/library.i index c7b8b4f..538ca4d 100644 --- a/world/net/psyc/library.i +++ b/world/net/psyc/library.i @@ -343,6 +343,9 @@ int psyc_sendmsg(mixed target, string mc, mixed data, mapping vars, // nothing else is possible, but some clients may // no longer be able to connect to you... } +#ifdef USE_SPYC + o -> sender_verification(SERVER_UNIFORM, u[URoot]); +#endif register_target($4, o); register_target(psychopo, o); register_target(psycippo, o); diff --git a/world/net/psyc/parse.i b/world/net/psyc/parse.i index 94c7dd3..4f541fe 100644 --- a/world/net/psyc/parse.i +++ b/world/net/psyc/parse.i @@ -598,7 +598,7 @@ vamixed getdata(string a) { #else # ifdef PSYC_TCP // Authenticated - } else if (qAuthenticated(NAMEPREP(u[UHost]))) { + } else if (qAuthenticated(u[UHost])) { if (u[UTransport] && (u[UTransport] != # if __EFUN_DEFINED__(tls_query_connection_state) tls_query_connection_state() ? "s" : @@ -997,17 +997,34 @@ protected int deliver(mixed ip, string host, string mc, string buffer, mapping c } P1(("RELAYING denied from %O to %O (%O)\n", source, t, ME)) -#if 0 monitor_report("_warning_unsupported_relay", S("%O is trying to find %O here. Relaying denied.\n", ME, t)); croak("_failure_unsupported_relay", //"Well done mate, you crashed me."); "Relaying denied: [_host] is not a hostname of ours.", ([ "_host": u[UHost] ])); +#if 0 // TODO: we quit here to not do the same hash-lookup // in rootmsg again. // (didn't get it? nevermind.. it's just el's sick humor) QUIT +#else + // we do not QUIT here as an evil attacker may + // CNAME his evil.com to us and try to disrupt + // our communications with some popular server + // by making us drop an otherwise very popular + // circuit. then again, what if a sender SHOULD + // not send to us with any other hostname but + // the one we announced ourselves as _source + // when we sent our first greeting() ? then we + // could just dump "illegal" transmissions. + // well, we don't need to be so harsh against + // multi domain hosters really: relaying is + // denied by default so the attacker needs to + // be a user on the sending server. in the end + // it's a question of trust: don't let zero + // trust users send funny amounts of data. + return 1; #endif } // .. yes.. add is_localhost check here, but without callback diff --git a/world/net/root.c b/world/net/root.c index 585c0e0..51a0b93 100644 --- a/world/net/root.c +++ b/world/net/root.c @@ -55,7 +55,7 @@ msg(source, mc, data, vars, showingLog, target) { "version", // _tab "time", "lasttime" #endif -#if !defined(REGISTERED_USERS_ONLY) && !defined(_flag_disable_registration) &&!defined(_flag_disable_registration_XMPP) +#if !defined(_flag_disable_unauthenticated_users) && !defined(_flag_disable_registration) &&!defined(_flag_disable_registration_XMPP) "registration", #endif #ifndef VOLATILE diff --git a/world/net/server.c b/world/net/server.c index 324bb11..80f0e29 100644 --- a/world/net/server.c +++ b/world/net/server.c @@ -81,7 +81,7 @@ hello(ni, elm, try, method, salt) { ni, try, elm); } -#ifdef REGISTERED_USERS_ONLY // TODO: rename into a _flag +#ifdef _flag_disable_unauthenticated_users ohYeah(whatever) { input_to(#'ohYeah, input_to_settings); // input ignore warning? inverting mc's is really a good idea! @@ -120,7 +120,7 @@ authChecked(int result, ni, try, elm) { // return; // } } -#ifdef REGISTERED_USERS_ONLY +#ifdef _flag_disable_unauthenticated_users else { if (user -> isNewbie()) { #ifdef PSYC_SYNCHRONIZE @@ -157,7 +157,7 @@ authChecked(int result, ni, try, elm) { return promptForPassword(user); #endif } -#ifndef REGISTERED_USERS_ONLY +#ifndef _flag_disable_unauthenticated_users // added user->isNewbie() check for ircers if (user->online() && user->isNewbie() #ifdef _flag_log_hosts diff --git a/world/net/spyc/circuit.c b/world/net/spyc/circuit.c index e65f5d5..4fb1cf3 100644 --- a/world/net/spyc/circuit.c +++ b/world/net/spyc/circuit.c @@ -38,6 +38,7 @@ mapping outstate; mapping legal_senders; +array(mixed) verify_queue = ({ }); volatile int flags = 0; @@ -74,24 +75,26 @@ varargs mixed croak(string mc, string data, vamapping vars, vamixed source) { return 0; } -#ifdef USE_VERIFICATION // request sender authentication and/or target acknowledgement // from the remote side -void sender_verification(array(string) sourcehosts, array(string) targethosts) +void sender_verification(string sourcehost, mixed targethost) { - // FIXME: wrong variables here - mapping vars = ([ "_list_sources_hosts" : sourcehosts, - "_list_targets_hosts" : targethosts, - "_tag" : RANDHEXSTRING ]); - // assumption: we have already resolved all targethosts and - // they point to the remote ip - foreach(string ho : targethosts) { - sAuthenticated(ho); + unless(interactive()) { + verify_queue += ({ ({ sourcehost, targethost }) }); + return; } - - msg(0, "_request_verification", 0, vars); + mapping vars = ([ "_uniform_source" : sourcehost, + "_uniform_target" : targethost, + "_tag" : RANDHEXSTRING ]); + P0(("sender_verification(%O, %O)\n", sourcehost, targethost)) + // since we send packets to them we should trust them to + // send packets to us, eh? + if (stringp(targethost)) { + targethost = parse_uniform(targethost); + } + sAuthenticated(targethost[UHost]); + msg(0, "_request_authorization", 0, vars); } -#endif // gets called during socket logon int logon(int failure) { @@ -117,10 +120,10 @@ int logon(int failure) { // probably also: register_target? // but be careful never to register_target wildcards if (stringp(m)) - sAuthenticated(NAMEPREP(m)); + sAuthenticated(m); else foreach(t : m) - sAuthenticated(NAMEPREP(t)); + sAuthenticated(t); } //#ifdef _flag_allow_certificate_name_common // to be switched this year #ifndef _flag_disallow_certificate_name_common @@ -129,7 +132,7 @@ int logon(int failure) { // note: CN is deprecated for good reasons. else if (t = cert["2.5.4.3"]) { P1(("%O believing CN %O\n", ME, t)) - sAuthenticated(NAMEPREP(t)); + sAuthenticated(t); } #endif if (m = tls_query_connection_info(ME)) { @@ -161,20 +164,12 @@ int logon(int failure) { // FIXME unless(isServer()) { emit("|\n"); // initial greeting -#ifdef USE_FEATURES - // we have no features to request or offer - msg(0, "_request_features", 0); -#else -# ifdef USE_VERIFICATION - // start hostname verification - // rather: look at Q and look for the hostnames we need - sender_verification(({ SERVER_HOST }), ({ peerhost })); -# else - if (function_exists("runQ")) { - runQ(); + if (sizeof(verify_queue)) { + foreach(mixed t : verify_queue) { + sender_verification(t[0], t[1]); + } + verify_queue = ({ }); } -# endif -#endif } return 1; } @@ -209,74 +204,66 @@ first_response() { // receives a msg from the remote side // note: this is circuit-messaging void circuit_msg(string mc, mapping vars, string data) { + mapping rv = ([ ]); + mixed *u; switch(mc) { - case "_request_verification": - if (tls_query_connection_state(ME) == 0) { - array(string) targethosts = ({ }); - foreach(string ho : vars["_list_targets_hosts"]) { - if (is_localhost(ho)) { - targethosts += ({ ho }); - } - } - if (sizeof(vars["_list_sources_hosts"]) == 1) { - // doing multiple resolutions in parallel is more complicated - string ho = vars["_list_sources_hosts"][0]; - if (qAuthenticated(ho)) { - P0(("warning: trying to reverify authenticated host %O",ho)) - } else { - dns_resolve(ho, (: - // FIXME: psyc/parse::deliver is much better here - mixed rv = (["_list_targets_accepted_hosts":targethosts]); + case "_request_authorization": + if (vars["_tag"]) { + rv["_tag_relay"] = vars["_tag"]; + } + if (!vars["_uniform_source"] && vars["_uniform_target"]) { + CIRCUITERROR("_request_authorization without uniform source and/or target?!"); + } - if (vars["_tag"]) rv["_tag_reply"] = vars["_tag"]; - if ($1 == peerip) { - sAuthenticated(NAMEPREP(ho)); - rv["_list_sources_verified_hosts"] = ({ ho }); - } else { - rv["_list_sources_rejected_hosts"] = ({ ho }); - } - msg(0, "_notice_verification", 0, rv); - return; - :)); + rv["_uniform_target"] = vars["_uniform_target"]; + rv["_uniform_source"] = vars["_uniform_source"]; + + u = parse_uniform(vars["_uniform_target"]); + if (!(u && is_localhost(u[UHost]))) { + msg(0, "_error_invalid_uniform_target", "[_uniform_target] is not hosted here.", rv); + return; + } + u = parse_uniform(vars["_uniform_source"]); + // qAuthenticated does that:u[UHost] = NAMEPREP(u[UHost]); + if (qAuthenticated(u[UHost])) { + // possibly different _uniform_target only + if (flags & TCP_PENDING_TIMEOUT) { + P0(("removing call out\n")) + remove_call_out(#'quit); + flags -= TCP_PENDING_TIMEOUT; } - } else { - // FIXME!!!! - CIRCUITERROR("sorry, no more than one element in _list_sources_hosts currently"); - P0(("more than one element in _list_sources_hosts: %O\n", vars["_list_sources_hosts"])) - } - // keep tag if present!!! - // resolve all of _list_sources_hosts - // look at _list_targets_hosts and determine localhostiness + msg(0, "_status_authorization", 0, rv); + // } else if (tls_query_connection_state(ME) == 1 && ...) { + // FIXME } else { - CIRCUITERROR("_request_verification is not allowed on TLS circuits."); + string ho = u[UHost]; + // FIXME: this actually needs to consider srv, too... + dns_resolve(ho, (: + // FIXME: psyc/parse::deliver is much better here + P0(("resolved %O to %O, expecting %O\n", ho, $1, peerip)) + if ($1 == peerip) { + sAuthenticated(ho); + if (flags & TCP_PENDING_TIMEOUT) { + P0(("removing call out\n")) + remove_call_out(#'quit); + flags -= TCP_PENDING_TIMEOUT; + } + msg(0, "_status_authorization", 0, rv); + } else { + msg(0, "_error_invalid_uniform_source", 0, rv); + } + return; + :)); } break; - case "_notice_features": - // FIXME: watch for _list_using_modules - if (flags & TCP_PENDING_TIMEOUT) { - P0(("removing call out\n")) - remove_call_out(#'quit); - flags -= TCP_PENDING_TIMEOUT; - } - sTextPath(); -#ifdef USE_FEATURES - if (tls_query_connection_state(ME) == 0) { -# ifdef USE_VERIFICATION - // start hostname verification - // rather: look at Q and look for the hostnames we need - sender_verification(({ SERVER_HOST }), ({ peerhost })); -# endif - } else { - if (function_exists("runQ")) { - runQ(); - } - } -#endif - break; - case "_notice_verification": - P0(("_notice verification with %O\n", vars)) + case "_status_authorization": + P0(("_status authorization with %O\n", vars)) + // this means we can send from _uniform_source to _uniform_target + // we already did sAuthenticated _uniform_target before so we can't get + // tricked into it here if (function_exists("runQ")) { - runQ(); + runQ(); + // actually runQ(_uniform_source, _uniform_target) } break; default: @@ -290,6 +277,7 @@ varargs int msg(string source, string mc, string data, mapping vars, int showingLog, mixed target) { string buf = ""; + mixed u; unless(vars) vars = ([ ]); buf = render_psyc(source, mc, data, vars, showingLog, target); diff --git a/world/net/spyc/dispatch.i b/world/net/spyc/dispatch.i index 8a7026e..24549eb 100644 --- a/world/net/spyc/dispatch.i +++ b/world/net/spyc/dispatch.i @@ -161,14 +161,12 @@ void dispatch(mapping rvars, mapping evars, mixed method, mixed body) { unless (u = parse_uniform(t)) { DISPATCHERROR("logical source is not a uniform\n") } -#ifdef USE_VERIFICATION -# ifdef PSYC_TCP - unless (qAuthenticated(NAMEPREP(u[UHost]))) { +#ifdef PSYC_TCP + unless (qAuthenticated(u[UHost])) { DISPATCHERROR("non-authenticated host\n") } -# else +#else // TODO? -# endif #endif } diff --git a/world/net/spyc/server.c b/world/net/spyc/server.c index ac0190a..61765f8 100644 --- a/world/net/spyc/server.c +++ b/world/net/spyc/server.c @@ -69,6 +69,7 @@ void greet() { // should be sharing code with net/psyc and do a proper greeting // three separate packets follow (thus three emits) //emit(S_GLYPH_PACKET_DELIMITER "\n"); + /* emit("\ :_source\t"+ SERVER_UNIFORM +"\n\ :_target_peer\tpsyc://"+ peeraddr +"/\n\ @@ -81,6 +82,7 @@ _status_circuit\n" S_GLYPH_PACKET_DELIMITER "\n"); #ifdef _flag_log_sockets_SPYC log_file("RAW_SPYC", "« %O greeted.\n", ME); #endif + */ } static void resolved(mixed host, mixed tag) { @@ -176,20 +178,27 @@ static void resolved(mixed host, mixed tag) { sTextPath(); greet(); - // FIXME: determine response to greeting - // instead of this dummy - msg(0, "_notice_features", 0, tag ? ([ "_tag_reply" : tag ]) : 0); + //msg(0, "_notice_features", 0, tag ? ([ "_tag_reply" : tag ]) : 0); } -void circuit_msg(string mc, mapping vars, string data) { - switch(mc) { - case "_request_features": // only servers handle _request_features - interrupt_parse(); - dns_rresolve(peerip, #'resolved, vars && vars["_tag"]); - break; - default: - return ::circuit_msg(mc, vars, data); - } +int logon(int nothing) { + P2(("%O accepted TCP from %O (%s:%O)\n", ME, + query_ip_name(), query_ip_number(), peerport)) + // we could set the next_input_to and reply with _failure until + // hostname is resolved .. TODO ... no, we need some form + // of queuing for the scripts which do not wait.. why? don't we + // squeeze received packets thru dns-lambdas anyway? + // peerport has either positive or negative value + //peeraddr = peerip+":"+peerport; + ::logon(0); +#if 0 //def EXPERIMENTAL + // added this because greet() happens after dns resolution and + // some quick clients may not be waiting that long.. then again + // if they do, they deserve other treatment + sTextPath(); +#endif + dns_rresolve(peerip, #'resolved); + return 1; // success } #endif // LIBPSYC diff --git a/world/net/trust.c b/world/net/trust.c index 49801af..95f0308 100644 --- a/world/net/trust.c +++ b/world/net/trust.c @@ -29,12 +29,14 @@ volatile mapping authhosts; void sAuthenticated(string hostname) { P3(("sAuthenticated: %O\n", hostname)) unless(authhosts && mappingp(authhosts)) authhosts = ([ ]); + hostname = NAMEPREP(hostname); authhosts[hostname] = 1; } int qAuthenticated(mixed hostname) { P3(("qAuthenticated %O, %O\n", hostname, authhosts)) unless (authhosts && mappingp(authhosts)) return 0; + hostname = NAMEPREP(hostname); return member(authhosts, hostname); }