Commit Graph

5 Commits

Author SHA1 Message Date
Maurice ONeal
6e068a8e83 New versioning system, type ids and a few bug fixes
Changed the versioning system to a 4 number system that have the first 2
numbers as major.minor for the host application itself and the next 2
numbers (tcp_rev.mod_rev) used by clients and modules to determine
compatibility. A full description of this new system has been edited
into protocol.md. This new system offically starts at v3.0.0.0.

Added the PROMPT data type id that will work exactly like PRIV_TEXT except
it tells the client that the command is asking for non-private information
from the user.

Added PROG and PROG_LAST type ids that can be used by commands to notify
the client of the progress of the command if it is long running. The
long running fs_* commands were updated to use these instead of TEXT for
progress updates.

PUB_IPC, PRIV_IPC and PUB_IPC_WITH_FEEDBACK have all been combined into
one: ASYNC_PAYLOAD. This type id is now the only means at which module
commands can now run async commands. The command process object will
now determine where to direct the async payload (public, private or
public with feedback) based on the async command id being requested.

A description for TERM_CMD was missing in data_types.md so it was added.

Refactored HALT_CMD to YIELD_CMD. The new name just seems more appropriate
or the effect it has on the command.

Module commands can now do input hooking using the new ASYNC_HOOK_INPUT
and ASYNC_UNHOOK async commands. input hooking basically makes it so all
client data gets redirected to the module command that initiated the hook.
This can be used to implement something like a EULA agreement that blocks
all actions that can place during the session until the user accepts or
anything else to that effect.

The command process object will now check the open sub-channels list
being sent by ASYNC_CAST or ASYNC_LIMITED_CAST in any order and will not
be required match exactly to open sub-channels list in the session object.
It however cannot contain sub-channels not already listed in session's
list or else the async payload will be blocked.

Fixed the CmdProcess::validAsync() function that was comparing the input
aysnc command id with the process's command id in some places which is
invalid logic for this function.

Fixed the 'cast' core command that was outputting a malformed async
payload that didn't include the open writable sub-channels list.

Fixed a bug that caused all casted payloads to be forwared to the clients
even when the sub-channel(s) are closed.

Fixed the 'set_disp_name' core command so it can now see the -new_name
argument properly.
2020-03-08 14:58:51 -04:00
Maurice ONeal
4c1d13f8f8 Password and account security updates
security updates:

various commands that change or create account passwords now disallow
the user name, display name or email from being contained in it. this
will force users to not use public information inside the password,
hardening password security a little.

the root user name is now changeable and required to be changed on
initial login. this harden security a little by giving host admins the
option to not have a well known user name attached to a high privileged
account.

users can no longer re-use the old password and/or user name when
required to change. however, this does not actually implement full
password history because the user can then later change the password
back to the old password after the required change.

the host can longer block by ip addresses and the auto block threshold
setting has been removed. something like this is best left up to
firewalls, routers, switches or any other networking infrastructure. in
the future i can consider adding event triggering that run certain
admin defined external or internal commands when the host detects
certain event thresholds.

minor changes/bug fixes:

all commands that change or create user names now no longer accept
user names that looks like an mail address. this works out better for
clients when differentiating logging in via user name or email address.

the recover_acct command now also have cancel on blank text options
making it more consistent with all other commands that take text input.

resetting the root user's account password via command line now also
unlocks it if locked.

the -help and -about command line options no longer display the
default password. a new -default_pw option was added for this purpose.

the -status -addr or -stop command line options require super user
privileges to run properly depending on how the host is installed.
an error message like "permission denied" was addded on failure to
make this requirement clear to the end user.

fs_copy and fs_move now does implicit skip on error instead of stop on
error.

the IDLE frame type id now carry an integer return code that can be
interpreted by clients to determine the result of the command that was
sent to the host.

house keeping:

all documentation was updated to reflect the changes made in this commit.
the module tester example is no longer relevant to this project so it
was deleted.
2020-01-29 12:29:01 -05:00
Maurice ONeal
87d9eb0207 Fixed some bugs found in GEN_FILE
genfile commands would not terminate properly or
would end up de-synced with the host in one way or
another.

to fix this, i updated the GEN_FILE data type and
sub-protocol to now define the commands as download
or upload on the NEW_CMD frame so clients can now
define the direction of the GEN_FILE data of the
various GEN_FILE commands at the very start instead
of trying to determine that at run time.

also fixed this by creating the onTerminate() virtual
function in CmdObject and have it call this function
when term() is called. this makes it possible to
properly put the command object in a reset state if
using parameters outside of the base class when
term() is called.

updated all documentation related to the GEN_FILE
sub-protocol to reflect these changes.

fixed ASYNC_DEBUG_TEXT to self correct the ipc type
to PRIV_IPC so no debug messages can accidentally be
sent to peers.
2019-12-14 13:12:25 -05:00
Maurice ONeal
f6ea7239a0 Further updated the documentation and a minor fix
fixed some errors found in the documentation and fully updated the internal
commands docs as well.

also updated the internal module to now respond to KILL_CMD so it can now be
signaled to terminate gracefully.
2019-11-18 19:20:30 -05:00
Maurice ONeal
e7ea316bc0 Full documentation update and minor changes
-the add_mod command now requires the -mod_path argument as it should.
-the session now filter out bad NEW_CMD frames based on bad command names and incorrect
 frame sizes.
-modules running in list mode can now send ERR frames to the session to log error
 messages to the host database.
2019-11-16 13:08:02 -05:00