* room_ops.c: exploitable overrun fixes

[citadel.git] / citadel / ChangeLog

1998-10-16 Nathan Bryant <bryant@cs.usm.maine.edu>
        * sysdep.c (cprintf): generate a newline on truncated buffer
        * room_ops.c: exploitable overrun fixes

Thu Oct 15 19:27:32 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * msgbase.c: reimplemented cmd_move()
          room_ops.c: wrote AddMessageToRoom() which is used for both entering
          and moving messages.
        * setup.c: system-default message expire policy of "number of
          messages, 150" is now a default configuration instead of a temp hack
        * proxy.c: cache dir create now dies on any error except EEXIST

Wed Oct 14 22:41:16 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Misc code cleanup

1998-10-13 Nathan Bryant <bryant@cs.usm.maine.edu>
        * configure.in: don't check for -lcrypt unless autologin is enabled
        * file_ops.c: fix another overrun

Mon Oct 12 15:27:21 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Killed the "rooms" subdirectory (it isn't used anymore)
        * dynloader.c: Made dynamically added server commands case-insensitive
        * import.c is now serv_upgrade.c, a module
        * Removed most of the "level 9" trace messages no longer needed

1998-10-12 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: simplified to use pattern rules; files compiled with
          -D_REENTRANT go to *.ro to allow the same files to be used with both
          client and server
        * tools.c, tools.h: new files; misc routines used by both client and
          server go here. contains safestrncpy() at the moment.
        * rooms.c: fix several exploitable buffer overruns
        * sysdep.c: fix infinite loop when long lines are received from the
          client; fix exploitable buffer overrun in cprintf()
        * ipc_c_tcp.c: fix infinite loop on long line from server
        * serv_upgrade.sh: remove uncnsrd-dependent absolute path
        * .cvsignore: add *.ro

Sun Oct 11 23:17:48 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Built some more of the message expiry infrastructure

1998-10-11 Nathan Bryant <bryant@cs.usm.maine.edu>
        * citserver.c: fix two more overruns, one of which was preventing
          the "From Host" from showing up in the <W>ho listing.

Sun Oct 11 02:51:55 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Moved "struct visit" and its associated defs from citadel.h to
          server.h where they belong
        * Set up data structures for room policies (expiry, etc.)

1998-10-10 Nathan Bryant <bryant@cs.usm.maine.edu>
        * citserver.c: fix overrun which caused segv's on servers with long
          hostnames.

Fri Oct  9 18:34:06 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * user_ops.c: added PurgeStaleRelationships() to do processing at
          session logout time to remove visits for rooms which no longer exist
        * user_ops.c: implemented NewMailCount()

1998-10-09 Nathan Bryant <bryant@cs.usm.maine.edu>
        * serv_chat.c: fix buffer overrun that was resulting in segv's
        * serv_chat.c: fix another overrun that could cause sessions to hang,
          and cleaned up some other strncpy()-related stuff. DON'T FORGET TO
          NULL-TERMINATE DESTINATION BUFFERS AFTER STRNCPY CALLS.

Fri Oct  9 13:22:37 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Implemented "lazy mode" traversal - pressing the space bar will do
          <N>ext messsage, <G>oto next room, or read <N>ew as appropriate.
        * room_ops.c: modify CtdlRoomAccess() to allow access to mailbox rooms
          only to their owners.

Thu Oct  8 17:13:27 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * messages.c, citadel.rc: added the ability to display message numbers
          in the header when reading messages.  I think this is butt ugly, but
          some of the DaveCode afficionados seem to like it...

Thu Oct  8 15:34:45 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * room_ops.c: Added is_noneditable() function to replace all of the
          duplicated code present in all functions which edit room parameters.

1998-10-08 Nathan Bryant <bryant@cs.usm.maine.edu>
        * lots of warning fixes; builds with -std1 on dec unix
        * aidepost.c, citadel.h, citmail.c, file_ops.c, msgbase.c, netmailer.c,
          netproc.c, rcit.c, server.h, stats.c, userlist.c: use time_t where
          needed
        * control.c, room_ops.c, serv_chat.c, sysdep.c: use memset() instead of
          bzero()
        * dynloader.c, dynloader.h, messages.c, server.h, sysdep.c,
          sysdep_decls.h: function pointer/prototyping fixes
        * rooms.c: use mkfifo(3) instead of system("mkfifo")

1998-10-07 Nathan Bryant <bryant@cs.usm.maine.edu>
        * snprintf.c, snprintf.h: new files
        * Makefile.in, configure.in, dynloader.c, sysdep.c: support for the
          above; citserver now builds and runs on Digital Unix 4.0d with the
          GNU-style configure script. there is a bug with the hostname display
          in the wholist.
        * netproc.c: sillyness fix
        * room_ops.h: prototype delete_room()
        * client_chat.c, commands.c, serv_chat.c, sysdep.c:
          use HAVE_SYS_SELECT_H macro

Mon Oct  5 17:01:32 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Began fixing the stuff I broke

Sun Oct  4 23:35:18 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Did the big migration to the new data structures.  Lots of stuff is
          now broken.  Basic moving from room to room works, but Mail is
          broken, and some of the administrative commands are unimplemented.

1998-10-02 Nathan Bryant <bryant@cs.usm.maine.edu>
        * configure.in: autologin now defaults to disabled

Fri Oct  2 00:04:31 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Finally removed all three usersupp.foo[MAXROOMS] elements, and
          migrated all the code that used them to use "struct visit" instead.

Thu Oct  1 23:02:20 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Rewrote [l][get|put]room() functions to use room names rather than
          room index numbers.  Temporarily prepended a "n" to these four
          function names until they are put to use.

Thu Oct  1 16:27:13 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Removed a few more references to usersupp.lastseen[]

1998-10-01 Nathan Bryant <bryant@cs.usm.maine.edu>
        * .cvsignore: add so_locations (generated by osf1 ld with shared libs)
        * Makefile.in: restructured variables for greater consistency, use
          @echo to print out notices during the make process, add so_locations
          to `cleaner'
        * configure.in, Makefile.in: configure checks for -rdynamic
        * ipc_c_tcp.c: fix DEC compiler warning wrt unsigned char
        * stats.c: add semicolon to placate DREC compiler
        * user_ops.c: define _POSIX_C_SOURCE, include <limits.h>
        * configure.in: pass -pthread to DEC compiler, don't check for
          libpthread[s] on DEC Unix

1998-09-30 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: new variable PTHREAD_DEFS for portability
        * aidepost.c, citadel.c, citmail.c, mailinglist.c, msgform.c,
          netmailer.c, netpoll.c, netproc.c, rcit.c, readlog.c, setup.c,
          stats.c, userlist.c, whobbs.c: return type of main() is int
        * citadel.c, commands.c, messages.c: use time_t properly
        * citserver.c: include <limits.h>
        * config.guess, config.sub, install-sh: new files
        * configure.in: don't use gcc on Digital Unix

Tue Sep 29 23:17:34 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * room_ops.c: modified usergoto() to look at the new data structures
          for counting new messages and such.

1998-09-29 Nathan Bryant <bryant@cs.usm.maine.edu>
        * user_ops.c: fix compiler warning and potential memory leak,
          include sysdep.h
        * configure.in, Makefile.in: only build the server if we find pthreads
        * Makefile.in: realclean removes config.{cache,log,status}

Tue Sep 29 13:20:14 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Removed code from some of the utilities which was still attempting
          to access the old non-gdbm data store.
        * housekeeping.c: rewrote check_ref_counts() to do a ForEachRoom()
          traversal instead of a MAXROOMS loop.
        * sysdep.c: set up a dummy CitContext record to be used during server
          startup, during which time there is no real context.

Mon Sep 28 23:51:51 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Implemented the function ForEachRoom() to handle all-rooms traversal
          (this will work with both the old and new paradigms, because both
          use a GDBM database with one room per record).  Migrated all room
          list commands to use it.

Mon Sep 28 22:05:35 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Implemented the function CtdlRoomAccess() to handle *all* of the
          user-access-to-rooms functionality.  Migrated all room list commands
          to use it.  Still need to migrate gotos.

1998-09-28 Nathan Bryant <bryant@cs.usm.maine.edu>
        * configure.in, acconfig.h: new files; partially functional GNU
          autoconf configure script. Run autoheader; autoconf; ./configure
          --prefix=`pwd` to test.
        * Makefile.tmpl: new file; this is what Makefile.in used to be. Used by
          Configure.
        * Makefile.in: modified to work with autoconf-style configure script
        * Configure: modified to use Makefile.tmpl and generate autoconf-style
          macros. Removed procfs detection. Pass -O2 to gcc, -O to other
          compilers. Removed mknod/mkfifo detection; code should use mkfifo(3).
        * citmail.c, msgform.c, netproc.c, routines.c, support.c, userlist.c,
          whobbs.c: use HAVE_STRERROR macro rather than NO_STRERROR
        * commands.c: use HAVE_TERMIOS_H macro rather than POSIX_TERMIO
        * netproc.c: remove procfs stuff. simply attempt to kill the target
          process with signal zero instead; this checks whether the process
          exists.
        * setup.c, useradmin.c: use HAVE_CURSES_H macro

Sun Sep 27 23:41:29 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * BOTH the old and new generation systems are being written to at
          this point.  Code that reads stuff is still using the old system.

Sun Sep 27 16:10:49 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Changed all "generation" variables from char to long, in preparation
          for removing MAXROOMS.  Generations for new rooms are now timestamps.
        * Defined "struct visit" to hold user/room relationships.
        * Removed some #define's from citadel.h that are no longer used.

Wed Sep 23 13:41:49 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * More changes to support attachments.  They mostly work, but only
          in fixed-format messages.

Mon Sep 21 21:19:17 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * msgbase.c: began laying the groundwork to support attachments.
          Purchased Rogaine(tm) in preparation for expected hair loss.

1998-09-21 Nathan Bryant <bryant@cs.usm.maine.edu>
        * msgbase.c: include dynloader.h
        * citadelapi.h: removed
        * dynloader.h: prototype CtdlRegisterUserHook()

Sun Sep 20 18:56:37 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Added a UserFunctionHook category to implement hooks which perform
          operations on various users or usernames

Fri Sep 18 21:14:41 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * citserver.c: removed cmd_extn() and related code

1998-09-18 Nathan Bryant <bryant@cs.usm.maine.edu>
        * user_ops.c: include dynloader.h
        * roomstats.{c,mk}: removed
        * Configure, Makefile.in: autodependency-related fixes

Thu Sep 17 22:55:29 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Various changes to allow "new messages" to work correctly with Mail

Thu Sep 17 22:21:45 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * server.h, dynloader.c, citserver.c, user_ops.c: reduced the number
          of hook types by inventing an EventType field to the Session hook.
        * proxy.c: added pre-fetching

1998-09-17 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: add SERV_MODULES and PROXY_TARGETS to `cleaner'
        * dynloader.[ch], serv_{chat,test}.[ch], sysdep.c: cleaned
          up the dynamic loader interface as follows:
          - all the symbol table stuff is gone.
          - modules are loaded once at server startup and never unloaded.
          - Added a new function CtdlRegisterProtoHook() to handle the stuff
            that was being done with the symbol tables.
          - Dynamic_Module_Init() now returns a pointer to a static struct
            DLModule_Info; this structure itself has been modified to use char*
            fields instead of fixed char arrays.
        * roomstats.c: include <stdarg.h> not <stdargs.h> (is this file still
          in use?)
        * Configure, Makefile.in: added autodependency support

Wed Sep 16 22:25:13 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Implemented separate structs, lists, and functions for each type
          of server-side hook available.

1998-09-16 Nathan Bryant <bryant@cs.usm.maine.edu>
        * ipc_c_tcp.c: Fixed up some #include/prototyping stuff, call memcpy()
          instead of bcopy()
        * hooks.h: removed
        * sysdep.c, user_ops.c: removed reference to hooks.h

Wed Sep 16 11:42:42 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * ipc_c_tcp.c: Reversed any changes that have been made to this file,
          because something was causing abominally slow response time.
        * proxy.c: added.  This will eventually become a caching, pre-fetching
          multiuser proxy server for the Citadel protocol.

1998-09-15 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: remove support.o from serv_chat.so, add -fPIC to compile
          flags for serv_chat.o
        * dynloader.c: include "sysdep_decls.h", use RTLD_NOW not RTLD_LAZY
        * dynloader.h: prototype CtdlRegisterHook()
        * .cvsignore: added data

Mon Sep 14 20:49:08 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Tried my hand at adding the ability for server extensions to
          register various types of "hooks" in addition to just adding
          server commands.  This is probably not final.

Tue Sep  8 12:11:56 EDT 1998 Brian Costello <btx@calyx.net>
        * Added support for dynamic server modules.  Reworked serv_chat.c
          to be such a module.

Tue Sep  1 23:09:50 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * userpurge.c: rewrote using functions from the server core, rather
          than the now-defunct external API.  This'll be ready once the module
          loading code is done.  (I just had to commit _something_ tonight.)

Mon Aug 31 22:47:58 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Yanked the citadelapi.c module.  This wasn't working out well.
        * techdocs/citadelapi.txt - began documenting the new API to be used
          by modules which will be dynamic linked into the server - most of
          this API is existing server functions.
        * Added a ForEachUser() function with callback mechanism, and reworked
          cmd_list() to use it.

Sun Aug 30 21:52:43 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Moved all of the gdbm databases to a separate "data" directory.

1998-08-26 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: realclean removes Makefile, fixed `touch citadel.h'
          problem

1998-08-25 Nathan Bryant <bryant@cs.usm.maine.edu>
        * room_ops.c: include time.h
        * userlist.c, whobbs.c, serv_chat.c, user_ops.c, sysdep.c, stats.c,
          citadel_decls.h, commands.c, messages.h, routines.h, routines2.h:
          remove duplicated declarations

Mon Aug 24 23:45:01 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * setup.c: Removed yesno_s()
        * citadel.h, room_ops.c: added QRmtime field to struct quickroom,
          modified whenever a room is modified or posted in.
        * citadelapi.c: Added CtdlForEachRoom() function

Mon Aug 24 20:04:04 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: new target `cleaner' does the same as `realclean' 
          without removing sysdep.h
        * proto.h: is bad. eliminate. I've moved the prototypes into several
          header files, one per .c file

Mon Aug 24 00:45:55 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Added a CtdlGotoRoom() function to the CitadelAPI.
 
Sun Aug 23 21:47:00 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * sysoputil is finally dead!  Removed it from the build.
        * Added userpurge.c server extension (initial implementation)

Tue Aug 18 00:42:33 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: `clean' target no longer rm's sysdep.h; new target
          `realclean' removes everything clean does, plus sysdep.h, plus
          target binaries.
        * Configure: add -Wstrict-prototypes to CFLAGS for gcc systems
        * *.[ch]: protoized. Added several new header files containing
          prototypes and other external declarations; many duplicated
          declarations still should be moved to header files. proto.h must die
          as well, IMHO.

Mon Aug 17 23:52:13 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Implemented a bunch of user account related functions in the
          CitadelAPI library.

Mon Aug 17 20:01:18 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Fixed the crash problem.  It wasn't AGUP/ASUP, but rather a buffer
          overrun in getuser() (thanks, Nathan).  Implemented overrun checks
          in getuser(), getroom(), and getfloor() to prevent future problems.

Mon Aug 17 00:06:52 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Updated citmail.c with the latest stuff from the production system.
        * Implemented AGUP and ASUP commands, but AGUP crashes the server
          after its first successful use (user-not-found's don't affect it).

Thu Aug  6 19:25:01 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Got the CitadelAPI library to the point where the server can start
          up an extension, and the extension will connect to the server, do
          some initialization, call a user-supplied CtdlMain(), and exit.  Also
          hacked together a _temporary_ form of the new EXTN server command.
 
Wed Aug  5 23:02:22 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Second attempt at getting the server API started.  Now it runs
          outside of the server and builds a connection.

Tue Aug  4 18:33:06 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Modified the appearance of Internet addresses when they arrive on
          a Citadel system.
        * Removed the <E> field from the message format writeup in hack.txt.
        * Fixed-up citmail.c so that it doesn't try to do database lookups.

Mon Aug  3 23:01:37 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Started developing the server-side API.  This is in its very
          initial stages.  See serverapi.c and techdoc/api.txt

1998-08-02  Nathan Bryant  <bryant@cs.usm.maine.edu>
        * Makefile.in: added config_decls.h to dependencies

Sun Aug  2 21:09:09 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * config_defs.h: renamed to config_decls.h
        * config.c, sysoputil.c: updated to reflect the above

Sun Aug  2 18:52:05 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * config_defs.h: new file, contains external declarations from config.c
        * config.c: moved defs to config_defs.h, use PATH_MAX from <limits.h>
          for bbs_home_directory
        * mailinglist.c, support.c: include <string.h>
        * sysoputil.c: include <string.h>, <limits.h>, "config_defs.h", remove
          duplicated defs, replace gets() call with fgets()
        * user_ops.c: define _XOPEN_SOURCE_EXTENDED

Sat Aug  1 18:32:52 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * ipc_c_tcp.c: fixed order of memcpy parameters after gethostbyname

Sun Jul 19 17:26:12 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * ChangeLog: reordered; the GNU standard is to add new entries to the
          top.
        * .cvsignore: added userlist

Sun Jul 12 20:58:59 EDT 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Finished migrating everything to the new data store.
        * Replaced the binary "calllog" with the ASCII "citadel.log"
        * Began converting broken utilities that depend on the old data store

Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
        * Makefile.in: removed msgstats

Fri Jul 10 1998 Art Cancro <ajc@uncnsrd.mt-kisco.ny.us>
        * Initial CVS import