|
Post by Dr. Video/ADDiXiON on Apr 2, 2004 12:15:16 GMT -5
My Centipede BBS randomly selects a character to echo back when the user enters his password at login. One of the characters that may be selected is '+'. After typing 3 characters of the password, BBS Server drops the caller.
This may not be easy to fix, since BBS Server is trying to watch for a BBS issued disconnect, as some programs send a string of "+++" to signal a carrier drop.
I patched Centipede at line 20210 in mdl.login by replacing "+" with "!".
However, I suspect that if someone posts a message with 3 or more plus characters string together, they will get dropped.
And suppose my ASCII login screen uses a banner of plus characters? I am guessing the caller will never get past the first 3 chars.
Since this could really screw with a sysop's head, I recommend some thought be given on how to properly configure BBS server to deal with this.
|
|
|
Post by Leif Bloomquist on Apr 2, 2004 12:56:16 GMT -5
Interesting. Why doesn't this happen with a real modem?
BBS Server requires a 1 second "silence" before the "+++", but there are no other restrictions on how fast they're received. But you could see if someone was a really fast typist, or had their password on an F-Key, that they could cause the pluses to appear very quickly, giving the same problem.
|
|
|
Post by Jim Brain on Apr 2, 2004 13:11:08 GMT -5
Handling +++ is tricky. I admit I don't have it down pat yet. What you describe is an issue. Although the BBS Server code isn't completely correct (the SecondTimer should start timing from the occurence of the last char, as in the current code, you could receive a char at the end of the timer time, set DataReceivedInLastSecond to true, the timer pops and sets it to false, and a second has not passed by.... Still, that would not solve your issue. (It shouldn't drop the caller per se, but it would switch into command mode). I think Leif's code is working correctly. A quick solution is to set S2 to another value (DTJBBS does this, it sets it to \03) which tcpser handles (and Leif can add some code to do that quickly. However, for a BBS that needs +++, I can't see how a user that types +++ and the BBS echoes it back would not fall prey to this same issue, as the standard simply says s12s + <1s + <1s + s12s is a valid escape sequence (s12s means the number of seconds in register s12). However, this is another approach, called TIES, and I think I will implement that, as it does not suffer from this issue... It is described at www.microflextech.com/support/pcmcia/bfm5600-cf/chap3.htm
|
|
|
Post by Voyager on Apr 3, 2004 14:45:25 GMT -5
Jeff, Your patch to mdl.login seems a good fix for the most likely place the problem well occur.
I well update the centipede image to include that.
Mike
Last Stand BBS- laststandbbs.net centipede 128
|
|
|
Post by Dr. Video/ADDiXiON on Apr 3, 2004 16:22:04 GMT -5
I have put the patch in the "Centipede Patches" directory on my BBS. If you are unable to download it, I'll transfer it to the PC and email it to you.
|
|
|
Post by Voyager on Apr 4, 2004 10:21:03 GMT -5
I well try and d/l again today and see what happens
Mike last stand bbs laststandbbs.net
|
|