diff --git a/abserver.tcl b/abserver.tcl index 6566d9b..b7162d5 100755 --- a/abserver.tcl +++ b/abserver.tcl @@ -281,8 +281,29 @@ proc pwhash {user passwd} { sha2::sha256 $user$passwd } +# The socket given us by inetd never expires. If the remote host falls off the +# face of the earth, the program will never terminate. +# Create an after script which runs every 15 minutes and exits if the read loop +# has not iterated theresince. +set timeoutFlag 1 +proc die-if-flag-not-set {} { + if {!$::timeoutFlag} { + log error "Connection timed out" + foreach script $exitHooks { + if {[catch {eval $script} err]} { + log error "Exit hook: $err" + } + } + exit + } + + set ::timeoutFlag 0 + after 900000 die-if-flag-not-set +} + proc main {} { global exitHooks isRunning logOutput userid lastLoginPing hasLoginExpired + die-if-flag-not-set log info "Greetings" if {[catch { while {$isRunning} { @@ -306,6 +327,8 @@ proc main {} { if {$isRunning} { execmsg {*}$line } + + set ::timeoutFlag 1 } } err erropts]} { log error "Unspecified: $err" @@ -1174,6 +1197,22 @@ proc message-top-ai-report-2 {species generation cortex ($::userid, $species, $generation, $cortex, $instance, $score, $comptime) } +proc message-top-abuhops-auth {} { + log info "Requesting authentication for abuhops." + if {[catch { + set f [open /usr/local/etc/abuhops/shared_secret rb] + set secret [read $f] + close $f + set timestamp [clock seconds] + set hmac [::sha2::hmac -hex -key $secret \ + [binary format iia* $::userid $timestamp \ + [encoding convertto utf-8 $::username]]] + wl [list abuhops-auth $::userid $::username $timestamp $hmac] + } err]} { + log error $err + } +} + proc message-job-done {args} { disable job-done job-failed set jobid $::jobid diff --git a/abserver.txt b/abserver.txt index 6e96ff5..b075fbc 100644 --- a/abserver.txt +++ b/abserver.txt @@ -304,24 +304,12 @@ top-ai-report-2 species generation cortex instance score comptime score: float, score of the quadruple comptime: number of milliseconds since last report -top-internet-info ipv laddr lport - Sent by the client. Prepares Internet connectivity with the given Internet - protocol (4 or 6), given what the client sees as its IP address and port - number. - -internet-ready iaddr iport vnum - Sent by the server in response to top-internet-info. Informs the client of its - Internet address and port in the protocol specified in top-internet-info, and - provides the validation number for the hole-punching service. - - IPv4 connections support NAT with the following rules: - If two clients have the same Internet address, they connect to each other - via their reported local addresses. - If a client's "Internet" address is 192.168.*, that address is replaced by - the IP address of abendstern.servegame.com, and its port replaced by a hard- - wired table of port-forwarding values. - Other clients use each others' Internet addresses. - IPv6 connections assume the absense of NAT. +top-abuhops-auth + Sent by the client. Requests credentials for connecting to Abuhops. + +abuhops-auth id name timestamp hmac + Sent by the server. Indicates the credentials the client can use to connect + to Abuhops. job type ... Sent by the server. Requests the client perform the job specified by