From cd72d9c41d90c1e63839a59577833cd10a7ca9e8 Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Tue, 15 Jul 2003 04:09:20 +0000 Subject: [PATCH] * Final bit of patching for the IPGM exploit. Random number generator is now seeded from /dev/urandom if available, otherwise it is seeded from tv.tv_usec. (The latter seed was actually getting done elsewhere already.) * EBIO command now limits input to config.c_maxmsglen bytes. --- citadel/citserver.c | 24 +++++++++++++++++++----- citadel/docs/citadel.html | 2 +- citadel/serv_bio.c | 4 +++- citadel/server_main.c | 1 - 4 files changed, 23 insertions(+), 8 deletions(-) diff --git a/citadel/citserver.c b/citadel/citserver.c index b07a0d637..b2c364198 100644 --- a/citadel/citserver.c +++ b/citadel/citserver.c @@ -74,6 +74,8 @@ time_t server_startup_time; */ void master_startup(void) { struct timeval tv; + unsigned int seed; + FILE *urandom; struct ctdlroom qrbuf; lprintf(9, "master_startup() started\n"); @@ -100,15 +102,27 @@ void master_startup(void) { lputroom(&qrbuf); } - lprintf(7, "Seeding the pseudo-random number generator...\n"); - gettimeofday(&tv, NULL); - srand(tv.tv_usec); + urandom = fopen("/dev/urandom", "r"); + if (urandom != NULL) { + fread(&seed, sizeof seed, 1, urandom); + fclose(urandom); + } + else { + gettimeofday(&tv, NULL); + seed = tv.tv_usec; + } + srandom(seed); + + lprintf(7, "Initializing ipgm secret\n"); + get_config(); + config.c_ipgm_secret = rand(); + put_config(); + lprintf(9, "master_startup() finished\n"); } - /* * Cleanup routine to be called when the server is shutting down. * WARNING: It's no longer safe to call this function to force a shutdown. @@ -774,7 +788,7 @@ void cmd_ipgm(char *argbuf) CC->internal_pgm = 1; strcpy(CC->curr_user, ""); CC->cs_flags = CC->cs_flags|CS_STEALTH; - cprintf("%d Authenticated as an internal program.\n",CIT_OK); + cprintf("%d Authenticated as an internal program.\n", CIT_OK); } else { sleep(5); diff --git a/citadel/docs/citadel.html b/citadel/docs/citadel.html index 10424f30c..0c1f38acd 100644 --- a/citadel/docs/citadel.html +++ b/citadel/docs/citadel.html @@ -1965,7 +1965,7 @@ don't exist (and you've configured them properly) then Citadel should enable them at startup. You can check your logs to be sure, or you can start the server from a shell and watch it load. It might look something like this:

-
smw @ pixel % ./citserver

Multithreaded message server for Citadel/UX
Copyright (C) 1987-2000 by the Citadel/UX development team.
Citadel/UX is open source, covered by the GNU General Public License, and
you are welcome to change it and/or distribute copies of it under certain
conditions.  There is absolutely no warranty for this software.  Please
read the 'COPYING.txt' file for details.

Loading citadel.config
Opening databases
This is GDBM version 1.8.0, as of May 19, 1999.
Checking floor reference counts
Creating base rooms (if necessary)
Registered a new service (TCP port 504)
Registered a new service (TCP port 0)
Initializing loadable modules
Registered server command CHAT (Begin real-time chat)
Registered server command PEXP (Poll for express messages)
Registered server command GEXP (Get express messages)
Registered server command SEXP (Send an express message)
Registered server command DEXP (Disable express messages)
Registered a new session function (type 0)
Registered a new x-msg function (priority 0)
Loaded module: $Id$
Registered a new session function (type 1)
Registered a new message function (type 201)
Registered a new message function (type 202)
Registered server command REGI (Enter registration info)
Registered server command GREG (Get registration info)
Registered a new user function (type 100)
Loaded module: $Id$
Server-hosted upgrade level is 5.62
Loaded module: $Id$
Registered server command EXPI (Expire old system objects)
Registered server command FSCK (Check message ref counts)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 25.
Registered a new service (TCP port 0)
Registered a new session function (type 50)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 110.
Registered a new session function (type 0)
Loaded module: $Id$
Registered a new message function (type 202)Loaded module: $Id$
Registered server command RWHO (Display who is online)
Registered server command HCHG (Masquerade hostname)
Registered server command RCHG (Masquerade roomname)
Registered server command UCHG (Masquerade username)
Registered server command STEL (Enter/exit stealth mode)
Loaded module: $Id$
Changing uid to 513
Starting housekeeper thread
+
smw @ pixel % ./citserver

Multithreaded message server for Citadel/UX
Copyright (C) 1987-2003 by the Citadel/UX development team.
Citadel/UX is open source, covered by the GNU General Public License, and
you are welcome to change it and/or distribute copies of it under certain
conditions.  There is absolutely no warranty for this software.  Please
read the 'COPYING.txt' file for details.

Loading citadel.config
Opening databases
This is GDBM version 1.8.0, as of May 19, 1999.
Checking floor reference counts
Creating base rooms (if necessary)
Registered a new service (TCP port 504)
Registered a new service (TCP port 0)
Initializing loadable modules
Registered server command CHAT (Begin real-time chat)
Registered server command PEXP (Poll for express messages)
Registered server command GEXP (Get express messages)
Registered server command SEXP (Send an express message)
Registered server command DEXP (Disable express messages)
Registered a new session function (type 0)
Registered a new x-msg function (priority 0)
Loaded module: $Id$
Registered a new session function (type 1)
Registered a new message function (type 201)
Registered a new message function (type 202)
Registered server command REGI (Enter registration info)
Registered server command GREG (Get registration info)
Registered a new user function (type 100)
Loaded module: $Id$
Server-hosted upgrade level is 5.62
Loaded module: $Id$
Registered server command EXPI (Expire old system objects)
Registered server command FSCK (Check message ref counts)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 25.
Registered a new service (TCP port 0)
Registered a new session function (type 50)
Loaded module: $Id$
citserver: Can't bind: Address already in use
ERROR: could not bind to TCP port 110.
Registered a new session function (type 0)
Loaded module: $Id$
Registered a new message function (type 202)Loaded module: $Id$
Registered server command RWHO (Display who is online)
Registered server command HCHG (Masquerade hostname)
Registered server command RCHG (Masquerade roomname)
Registered server command UCHG (Masquerade username)
Registered server command STEL (Enter/exit stealth mode)
Loaded module: $Id$
Changing uid to 513
Starting housekeeper thread

The lines emphasized in boldface in the above log output tell you that Citadel "can't bind" to various ports. The error 'address already in use' diff --git a/citadel/serv_bio.c b/citadel/serv_bio.c index cfb23d108..a8313a62e 100644 --- a/citadel/serv_bio.c +++ b/citadel/serv_bio.c @@ -68,7 +68,9 @@ void cmd_ebio(char *cmdbuf) { } cprintf("%d \n",SEND_LISTING); while(client_gets(buf), strcmp(buf,"000")) { - fprintf(fp,"%s\n",buf); + if (ftell(fp) < config.c_maxmsglen) { + fprintf(fp,"%s\n",buf); + } } fclose(fp); } diff --git a/citadel/server_main.c b/citadel/server_main.c index c2d3b46e5..4e574bb64 100644 --- a/citadel/server_main.c +++ b/citadel/server_main.c @@ -143,7 +143,6 @@ int main(int argc, char **argv) /* Load site-specific parameters, and set the ipgm secret */ lprintf(7, "Loading citadel.config\n"); get_config(); - srand(getpid()); config.c_ipgm_secret = rand(); put_config(); -- 2.39.2