1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • exec/login.js

    From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sat Mar 18 14:51:34 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/b91e77719928033321808776
    Modified Files:
    exec/login.js
    Log Message:
    Apply inactive_hangup option (for dumb terminals) using max_socket_inactivity

    this insures that inactive dumb (bot) connections will be disconnected even when using a script (e.g. animated pause prompt) that doesn't time-out.

    Also, if the connected node is the last node (for this sbbs instance), divide the socket inactivity timeout value in half.

    These changes (along with sbbs v3.20) should help with DOS (denial-of-service, not MS-DOS) prevention.

    Mainly for Krueger.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Tue Jul 25 17:02:02 2023
    https://gitlab.synchro.net/main/sbbs/-/commit/7f1525c5bca05030d54a2c40
    Modified Files:
    exec/login.js
    Log Message:
    Enable "use strict" mode in this script - best practice

    Requires hex literals for control chars instead of octal
    (e.g. \x01 instead of \1)

    All stock scripts should be using strict mode, so this was a miss.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Debian Linux)@VERT to Git commit to main/sbbs/master on Sun Jun 1 00:26:31 2025
    https://gitlab.synchro.net/main/sbbs/-/commit/7276d373acdc2b3453b4bb0e
    Modified Files:
    exec/login.js
    Log Message:
    Use User.is_sysop instead of comparison of user's sec level < 90

    Don't bother emailing a blank password (shouldn't even get here in that
    case).

    Don't send legacy prompts (NN:, PW:) unless legacy_prompts=true is set
    in ctrl/modopts/login.ini (or the [login] section of ctrl/modopts.ini).
    I got tired of seeing these old/obsolete prompts (does WWIV even still
    send them? I don't think so) in captures of terminals that don't support
    bare CR correctly (hello ROMTERM) - and since I'm doubtful there are any
    login scripts that actually key off of these prompts any more, just disable thenm by default.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net