629029ebce
4 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Maurice ONeal
|
4c1d13f8f8 |
Password and account security updates
security updates: various commands that change or create account passwords now disallow the user name, display name or email from being contained in it. this will force users to not use public information inside the password, hardening password security a little. the root user name is now changeable and required to be changed on initial login. this harden security a little by giving host admins the option to not have a well known user name attached to a high privileged account. users can no longer re-use the old password and/or user name when required to change. however, this does not actually implement full password history because the user can then later change the password back to the old password after the required change. the host can longer block by ip addresses and the auto block threshold setting has been removed. something like this is best left up to firewalls, routers, switches or any other networking infrastructure. in the future i can consider adding event triggering that run certain admin defined external or internal commands when the host detects certain event thresholds. minor changes/bug fixes: all commands that change or create user names now no longer accept user names that looks like an mail address. this works out better for clients when differentiating logging in via user name or email address. the recover_acct command now also have cancel on blank text options making it more consistent with all other commands that take text input. resetting the root user's account password via command line now also unlocks it if locked. the -help and -about command line options no longer display the default password. a new -default_pw option was added for this purpose. the -status -addr or -stop command line options require super user privileges to run properly depending on how the host is installed. an error message like "permission denied" was addded on failure to make this requirement clear to the end user. fs_copy and fs_move now does implicit skip on error instead of stop on error. the IDLE frame type id now carry an integer return code that can be interpreted by clients to determine the result of the command that was sent to the host. house keeping: all documentation was updated to reflect the changes made in this commit. the module tester example is no longer relevant to this project so it was deleted. |
||
|
Maurice ONeal
|
72d57a0b10 |
Major upgrade and module interface changes
Made some major changes to the project to facilitate a lighter code base and the must flexible module interface possible. -the mutli-process architecture now operate at the command object level so each command now operate in it's own process instead of a single process handling multiple command objects. -each module is now an independent application that will now tell the session object all of the commands it can run via named pipe. during command execution, it will run the requested command object also running io with the session object via named pipe. with this change, it is now possible for modules to be developed in different versions or QT or entirely different languages. the only requirement is the need to support named pipes. shared memory segments is also a nice to have but not needed. -clients can now run multiple instances of the same command via changes to the protocol. mrci frames will now include a branch id along with the command id. the branch id can be used by clients to differentiate the io between instances of the same command. -the command states are longer controlled by a single object. it will now be up to the command object (internal/exterenal) to send an IDLE frame to the client to notify it that the command has finished. the session object will still track if the command is in idle state or not but not directly control it. -must async commands now use binary formatted data instead of TEXT as a way to reduce overhead. -all command objects can now send async commands. it is no longer limited to just internal commands, however; the data of these async commands are verified by session in some way to prevent host crashing due to malformed data. -changed up the database structure to rely more on user ids, channel ids and removed all foreign keys pointing to user names, channel names and sub-channel names. also removed the groups table altogether. instead, the host rank is now directly attached to the user data in the users table. -changed the query object to now support the INNER JOIN SQL clause. this change was needed to support the new database structure. -version negotiation is now one-way via tcp connection or module interface. the host will make it's own verion numner known to the client connected via tcp or the module connected via named pipe. it will now be entirely up to the client or module to decide if they support the host. another change in this regard is the removal of the import rev for the modules. compatibility for modules shall now use just the host verion. -removed ls_cmds and cmd_info. the NEW_CMD frame now carries all information about the command (cmd_id, cmd_name, summery, io and full_description) so it is now possible for the clients to display the command documentation instead of the host. Documentation for the internal commands were updated to reflect the changes but all other documentation will need to be updated in the near future. |
||
|
Maurice O'Neal
|
594e1d9812 |
Major bug fixes and a few minor changes
Fixed a bug that caused the host to not respond to any commands when a module is present. CmdExecutor::loadMods() had a malformed 'for' loop that caused the command executor to infinite loop. Also re-formed the way the external command loaders (modules) are constructed. Instead, the modules are also intialized at the same time as the internal command loader. The CmdExecutor::loadModFile() and CmdExecutor::unloadModFile() functions now load and unload modules via the module name instead of the path to the module main file. The documentation for ASYNC_ENABLE_MOD and ASYNC_DISABLE_MOD updated to reflect this change. Also part of the module contruction re-form, it fixed a bug that caused the command loaders to operate in a thread different from the command executor. CmdExecutor::loadMods() was refactored into cmdExecutor::buildCmdLoaders(), added the internal command loader to it and have it so this function gets called only when the command executor successfully moves to it's own thread. Fixed a bug that caused the session to crash only when a module is present. It turns out the qobject_cast() function used in CmdExecutor::loadModFile() only pulled the surface class ModCommandLoader so any attempt to access the base class functions from CommandLoader caused the session to crash so to fix this, ModCommandLoader was merged into CommandLoader. The Command loader documentation and test module were updated to reflect this change. Fixed a bug that auto removed any modules that were installed when the host is restarted. The issue was in TCPServer::syncModPath() that used the modules's main file without a suffix when the file did indeed have a suffix, causing the function to think the module no longer exists and remove all of it's files from the host file system. The original intent for this function was to keep the module database table in sync with what was actually in the host file system. It was decided that this is not necessary so the function was removed altogether. Also changed up the way the module files are deleted. The TCPSever class will now use the module name instead of the path to the module's main library file and will use a single use ModDeleteTimer for each module that was requested to be deleted instead of a single continuous timer constantly checking for modules to delete. The ls_cmds command will now list the commands in alphabetical order of the command names and fixed a bug with the -find option that would display nothing if an exact match to any text in the table could not be found. Fixed a bug found in the deployed application that would segmentation fault on startup due to certain library files being included in the deployed installation directory. Updated the linux_build.sh script to include only libsqlite, libQT5, libssl and libicu files. It will no longer blindly copy all library files from the dev machine and then remove files the setup script thinks the application might or might not need. Any module built on import rev1 will simply not work and no attempt will be made to make it work so the host new minimum import rev is now rev2. this update is mustly just bug fixes; nothing that would require any client behaviour changes so just the host patch is bumped. 1.0.0 --> 1.0.1 |
||
|
Maurice O'Neal
|
beb59ec2ab | Initial commit for the MRCI project. |