X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/blobdiff_plain/3178ae580a3fe97d6a1167b4346d209f04e9b7e3..a9bdccb79164a787b4f1a2c1579a95cf751aef40:/hotline/server.go

diff --git a/hotline/server.go b/hotline/server.go
index 1edfd4a..ccf992e 100644
--- a/hotline/server.go
+++ b/hotline/server.go
@@ -18,7 +18,6 @@ import (
 	"net"
 	"os"
 	"path/filepath"
-	"runtime/debug"
 	"strings"
 	"sync"
 	"time"
@@ -43,12 +42,10 @@ const (
 var nostalgiaVersion = []byte{0, 0, 2, 0x2c} // version ID used by the Nostalgia client
 
 type Server struct {
-	Port         int
-	Accounts     map[string]*Account
-	Agreement    []byte
-	Clients      map[uint16]*ClientConn
-	ThreadedNews *ThreadedNews
-
+	Port          int
+	Accounts      map[string]*Account
+	Agreement     []byte
+	Clients       map[uint16]*ClientConn
 	fileTransfers map[[4]byte]*FileTransfer
 
 	Config        *Config
@@ -64,8 +61,14 @@ type Server struct {
 	outbox chan Transaction
 	mux    sync.Mutex
 
+	threadedNewsMux sync.Mutex
+	ThreadedNews    *ThreadedNews
+
 	flatNewsMux sync.Mutex
 	FlatNews    []byte
+
+	banListMU sync.Mutex
+	banList   map[string]*time.Time
 }
 
 type PrivateChat struct {
@@ -184,6 +187,7 @@ func (s *Server) Serve(ctx context.Context, ln net.Listener) error {
 		go func() {
 			s.Logger.Infow("Connection established", "RemoteAddr", conn.RemoteAddr())
 
+			defer conn.Close()
 			if err := s.handleNewConnection(connCtx, conn, conn.RemoteAddr().String()); err != nil {
 				if err == io.EOF {
 					s.Logger.Infow("Client disconnected", "RemoteAddr", conn.RemoteAddr())
@@ -215,6 +219,7 @@ func NewServer(configDir string, netPort int, logger *zap.SugaredLogger, FS File
 		Stats:         &Stats{StartTime: time.Now()},
 		ThreadedNews:  &ThreadedNews{},
 		FS:            FS,
+		banList:       make(map[string]*time.Time),
 	}
 
 	var err error
@@ -233,6 +238,9 @@ func NewServer(configDir string, netPort int, logger *zap.SugaredLogger, FS File
 		return nil, err
 	}
 
+	// try to load the ban list, but ignore errors as this file may not be present or may be empty
+	_ = server.loadBanList(filepath.Join(configDir, "Banlist.yaml"))
+
 	if err := server.loadThreadedNews(filepath.Join(configDir, "ThreadedNews.yaml")); err != nil {
 		return nil, err
 	}
@@ -269,7 +277,7 @@ func NewServer(configDir string, netPort int, logger *zap.SugaredLogger, FS File
 					if err := register(t, tr); err != nil {
 						server.Logger.Errorw("unable to register with tracker %v", "error", err)
 					}
-					server.Logger.Infow("Sent Tracker registration", "data", tr)
+					server.Logger.Debugw("Sent Tracker registration", "addr", t)
 				}
 
 				time.Sleep(trackerUpdateFrequency * time.Second)
@@ -300,16 +308,16 @@ func (s *Server) keepaliveHandler() {
 			if c.IdleTime > userIdleSeconds && !c.Idle {
 				c.Idle = true
 
-				flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(*c.Flags)))
+				flagBitmap := big.NewInt(int64(binary.BigEndian.Uint16(c.Flags)))
 				flagBitmap.SetBit(flagBitmap, userFlagAway, 1)
-				binary.BigEndian.PutUint16(*c.Flags, uint16(flagBitmap.Int64()))
+				binary.BigEndian.PutUint16(c.Flags, uint16(flagBitmap.Int64()))
 
 				c.sendAll(
 					tranNotifyChangeUser,
 					NewField(fieldUserID, *c.ID),
-					NewField(fieldUserFlags, *c.Flags),
+					NewField(fieldUserFlags, c.Flags),
 					NewField(fieldUserName, c.UserName),
-					NewField(fieldUserIconID, *c.Icon),
+					NewField(fieldUserIconID, c.Icon),
 				)
 			}
 		}
@@ -317,15 +325,31 @@ func (s *Server) keepaliveHandler() {
 	}
 }
 
+func (s *Server) writeBanList() error {
+	s.banListMU.Lock()
+	defer s.banListMU.Unlock()
+
+	out, err := yaml.Marshal(s.banList)
+	if err != nil {
+		return err
+	}
+	err = ioutil.WriteFile(
+		filepath.Join(s.ConfigDir, "Banlist.yaml"),
+		out,
+		0666,
+	)
+	return err
+}
+
 func (s *Server) writeThreadedNews() error {
-	s.mux.Lock()
-	defer s.mux.Unlock()
+	s.threadedNewsMux.Lock()
+	defer s.threadedNewsMux.Unlock()
 
 	out, err := yaml.Marshal(s.ThreadedNews)
 	if err != nil {
 		return err
 	}
-	err = ioutil.WriteFile(
+	err = s.FS.WriteFile(
 		filepath.Join(s.ConfigDir, "ThreadedNews.yaml"),
 		out,
 		0666,
@@ -339,12 +363,12 @@ func (s *Server) NewClientConn(conn io.ReadWriteCloser, remoteAddr string) *Clie
 
 	clientConn := &ClientConn{
 		ID:         &[]byte{0, 0},
-		Icon:       &[]byte{0, 0},
-		Flags:      &[]byte{0, 0},
+		Icon:       []byte{0, 0},
+		Flags:      []byte{0, 0},
 		UserName:   []byte{},
 		Connection: conn,
 		Server:     s,
-		Version:    &[]byte{},
+		Version:    []byte{},
 		AutoReply:  []byte{},
 		transfers:  map[int]map[[4]byte]*FileTransfer{},
 		Agreed:     false,
@@ -368,7 +392,7 @@ func (s *Server) NewClientConn(conn io.ReadWriteCloser, remoteAddr string) *Clie
 }
 
 // NewUser creates a new user account entry in the server map and config file
-func (s *Server) NewUser(login, name, password string, access []byte) error {
+func (s *Server) NewUser(login, name, password string, access accessBitmap) error {
 	s.mux.Lock()
 	defer s.mux.Unlock()
 
@@ -376,7 +400,7 @@ func (s *Server) NewUser(login, name, password string, access []byte) error {
 		Login:    login,
 		Name:     name,
 		Password: hashAndSalt([]byte(password)),
-		Access:   &access,
+		Access:   access,
 	}
 	out, err := yaml.Marshal(&account)
 	if err != nil {
@@ -387,7 +411,7 @@ func (s *Server) NewUser(login, name, password string, access []byte) error {
 	return s.FS.WriteFile(filepath.Join(s.ConfigDir, "Users", login+".yaml"), out, 0666)
 }
 
-func (s *Server) UpdateUser(login, newLogin, name, password string, access []byte) error {
+func (s *Server) UpdateUser(login, newLogin, name, password string, access accessBitmap) error {
 	s.mux.Lock()
 	defer s.mux.Unlock()
 
@@ -402,7 +426,7 @@ func (s *Server) UpdateUser(login, newLogin, name, password string, access []byt
 	}
 
 	account := s.Accounts[newLogin]
-	account.Access = &access
+	account.Access = access
 	account.Name = name
 	account.Password = password
 
@@ -439,8 +463,8 @@ func (s *Server) connectedUsers() []Field {
 		}
 		user := User{
 			ID:    *c.ID,
-			Icon:  *c.Icon,
-			Flags: *c.Flags,
+			Icon:  c.Icon,
+			Flags: c.Flags,
 			Name:  string(c.UserName),
 		}
 		connectedUsers = append(connectedUsers, NewField(fieldUsernameWithInfo, user.Payload()))
@@ -448,6 +472,16 @@ func (s *Server) connectedUsers() []Field {
 	return connectedUsers
 }
 
+func (s *Server) loadBanList(path string) error {
+	fh, err := os.Open(path)
+	if err != nil {
+		return err
+	}
+	decoder := yaml.NewDecoder(fh)
+
+	return decoder.Decode(s.banList)
+}
+
 // loadThreadedNews loads the threaded news data from disk
 func (s *Server) loadThreadedNews(threadedNewsPath string) error {
 	fh, err := os.Open(threadedNewsPath)
@@ -507,14 +541,6 @@ func (s *Server) loadConfig(path string) error {
 	return nil
 }
 
-// dontPanic logs panics instead of crashing
-func dontPanic(logger *zap.SugaredLogger) {
-	if r := recover(); r != nil {
-		fmt.Println("stacktrace from panic: \n" + string(debug.Stack()))
-		logger.Errorw("PANIC", "err", r, "trace", string(debug.Stack()))
-	}
-}
-
 // handleNewConnection takes a new net.Conn and performs the initial login sequence
 func (s *Server) handleNewConnection(ctx context.Context, rwc io.ReadWriteCloser, remoteAddr string) error {
 	defer dontPanic(s.Logger)
@@ -535,11 +561,36 @@ func (s *Server) handleNewConnection(ctx context.Context, rwc io.ReadWriteCloser
 	}
 
 	c := s.NewClientConn(rwc, remoteAddr)
+
+	// check if remoteAddr is present in the ban list
+	if banUntil, ok := s.banList[strings.Split(remoteAddr, ":")[0]]; ok {
+		// permaban
+		if banUntil == nil {
+			s.outbox <- *NewTransaction(
+				tranServerMsg,
+				c.ID,
+				NewField(fieldData, []byte("You are permanently banned on this server")),
+				NewField(fieldChatOptions, []byte{0, 0}),
+			)
+			time.Sleep(1 * time.Second)
+			return nil
+		} else if time.Now().Before(*banUntil) {
+			s.outbox <- *NewTransaction(
+				tranServerMsg,
+				c.ID,
+				NewField(fieldData, []byte("You are temporarily banned on this server")),
+				NewField(fieldChatOptions, []byte{0, 0}),
+			)
+			time.Sleep(1 * time.Second)
+			return nil
+		}
+
+	}
 	defer c.Disconnect()
 
 	encodedLogin := clientLogin.GetField(fieldUserLogin).Data
 	encodedPassword := clientLogin.GetField(fieldUserPassword).Data
-	*c.Version = clientLogin.GetField(fieldVersion).Data
+	c.Version = clientLogin.GetField(fieldVersion).Data
 
 	var login string
 	for _, char := range encodedLogin {
@@ -562,23 +613,27 @@ func (s *Server) handleNewConnection(ctx context.Context, rwc io.ReadWriteCloser
 			return err
 		}
 
-		c.logger.Infow("Login failed", "clientVersion", fmt.Sprintf("%x", *c.Version))
+		c.logger.Infow("Login failed", "clientVersion", fmt.Sprintf("%x", c.Version))
 
 		return nil
 	}
 
-	if clientLogin.GetField(fieldUserName).Data != nil {
-		c.UserName = clientLogin.GetField(fieldUserName).Data
-	}
-
 	if clientLogin.GetField(fieldUserIconID).Data != nil {
-		*c.Icon = clientLogin.GetField(fieldUserIconID).Data
+		c.Icon = clientLogin.GetField(fieldUserIconID).Data
 	}
 
 	c.Account = c.Server.Accounts[login]
 
+	if clientLogin.GetField(fieldUserName).Data != nil {
+		if c.Authorize(accessAnyName) {
+			c.UserName = clientLogin.GetField(fieldUserName).Data
+		} else {
+			c.UserName = []byte(c.Account.Name)
+		}
+	}
+
 	if c.Authorize(accessDisconUser) {
-		*c.Flags = []byte{0, 2}
+		c.Flags = []byte{0, 2}
 	}
 
 	s.outbox <- c.NewReply(clientLogin,
@@ -588,24 +643,33 @@ func (s *Server) handleNewConnection(ctx context.Context, rwc io.ReadWriteCloser
 	)
 
 	// Send user access privs so client UI knows how to behave
-	c.Server.outbox <- *NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, *c.Account.Access))
-
-	// Show agreement to client
-	c.Server.outbox <- *NewTransaction(tranShowAgreement, c.ID, NewField(fieldData, s.Agreement))
+	c.Server.outbox <- *NewTransaction(tranUserAccess, c.ID, NewField(fieldUserAccess, c.Account.Access[:]))
+
+	// Accounts with accessNoAgreement do not receive the server agreement on login.  The behavior is different between
+	// client versions.  For 1.2.3 client, we do not send tranShowAgreement.  For other client versions, we send
+	// tranShowAgreement but with the NoServerAgreement field set to 1.
+	if c.Authorize(accessNoAgreement) {
+		// If client version is nil, then the client uses the 1.2.3 login behavior
+		if c.Version != nil {
+			c.Server.outbox <- *NewTransaction(tranShowAgreement, c.ID, NewField(fieldNoServerAgreement, []byte{1}))
+		}
+	} else {
+		c.Server.outbox <- *NewTransaction(tranShowAgreement, c.ID, NewField(fieldData, s.Agreement))
+	}
 
 	// Used simplified hotline v1.2.3 login flow for clients that do not send login info in tranAgreed
-	if *c.Version == nil || bytes.Equal(*c.Version, nostalgiaVersion) {
+	if c.Version == nil || bytes.Equal(c.Version, nostalgiaVersion) {
 		c.Agreed = true
 		c.logger = c.logger.With("name", string(c.UserName))
-		c.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%x", *c.Version))
+		c.logger.Infow("Login successful", "clientVersion", fmt.Sprintf("%v", func() int { i, _ := byteToInt(c.Version); return i }()))
 
 		for _, t := range c.notifyOthers(
 			*NewTransaction(
 				tranNotifyChangeUser, nil,
 				NewField(fieldUserName, c.UserName),
 				NewField(fieldUserID, *c.ID),
-				NewField(fieldUserIconID, *c.Icon),
-				NewField(fieldUserFlags, *c.Flags),
+				NewField(fieldUserIconID, c.Icon),
+				NewField(fieldUserFlags, c.Flags),
 			),
 		) {
 			c.Server.outbox <- t