--- lbbs/src/net_server.c 2025/11/21 08:59:29 1.95 +++ lbbs/src/net_server.c 2025/12/02 08:48:05 1.101 @@ -40,6 +40,7 @@ #include #include #include +#include #include #include @@ -114,6 +115,11 @@ static int auth_password(ssh_session ses else { ret = check_user(user, password); + if (ret == 2) // Enforce update user agreement + { + BBS_update_eula = 1; + ret = 0; + } } if (ret == 0) @@ -422,6 +428,8 @@ static int fork_server(void) log_error("Error setting SSH options: %s\n", ssh_get_error(SSH_session)); goto cleanup; } + + ssh_set_blocking(SSH_session, 0); } // Redirect Input @@ -446,14 +454,12 @@ static int fork_server(void) SYS_child_process_count = 0; -#ifdef __MSYS__ - // Load BWF config - if (bwf_load(CONF_BWF) < 0) + // BWF compile + if (bwf_compile() < 0) { - log_error("bwf_load() error\n"); + log_error("bwf_compile() error\n"); goto cleanup; } -#endif bbs_main(); @@ -491,10 +497,8 @@ cleanup: ssh_free(SSH_session); ssh_finalize(); -#ifdef __MSYS__ - // Cleanup BWF - bwf_unload(); -#endif + // BWF cleanup + bwf_cleanup(); // Close Input and Output for client io_cleanup(); @@ -511,6 +515,7 @@ cleanup: int net_server(const char *hostaddr, in_port_t port[]) { + struct stat file_stat; unsigned int addrlen; int ret; int flags_server[2]; @@ -527,6 +532,7 @@ int net_server(const char *hostaddr, in_ time_t tm_notify_child_exit = time(NULL); int i, j; pid_t pid; + int ssh_key_valid = 0; int ssh_log_level = SSH_LOG_NOLOG; #ifdef HAVE_SYSTEMD_SD_DAEMON_H @@ -537,10 +543,41 @@ int net_server(const char *hostaddr, in_ sshbind = ssh_bind_new(); + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_RSA_KEY_FILE) < 0) + { + log_error("Error loading SSH RSA key: %s\n", SSH_HOST_RSA_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ED25519_KEY_FILE) < 0) + { + log_error("Error loading SSH ED25519 key: %s\n", SSH_HOST_ED25519_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ECDSA_KEY_FILE) < 0) + { + log_error("Error loading SSH ECDSA key: %s\n", SSH_HOST_ECDSA_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + + if (!ssh_key_valid) + { + log_error("Error: no valid SSH host key\n"); + ssh_bind_free(sshbind); + return -1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, hostaddr) < 0 || ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port) < 0 || - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_KEYFILE) < 0 || - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "ssh-rsa,rsa-sha2-512,rsa-sha2-256") < 0 || + ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "+ssh-rsa") < 0 || ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &ssh_log_level) < 0) { log_error("Error setting SSH bind options: %s\n", ssh_get_error(sshbind)); @@ -618,6 +655,8 @@ int net_server(const char *hostaddr, in_ fcntl(socket_server[i], F_SETFL, flags_server[i] | O_NONBLOCK); } + ssh_bind_set_blocking(sshbind, 0); + hash_dict_pid_sockaddr = hash_dict_create(MAX_CLIENT_LIMIT); if (hash_dict_pid_sockaddr == NULL) { @@ -765,13 +804,21 @@ int net_server(const char *hostaddr, in_ log_error("Reload conf failed\n"); } -#ifndef __MSYS__ // Reload BWF config if (bwf_load(CONF_BWF) < 0) { log_error("Reload BWF conf failed\n"); } -#endif + + // Get EULA modification tm + if (stat(DATA_EULA, &file_stat) == -1) + { + log_error("stat(%s) error\n", DATA_EULA, errno); + } + else + { + BBS_eula_tm = file_stat.st_mtim.tv_sec; + } if (detach_menu_shm(&bbs_menu) < 0) {