search

mbbsemu / MBBSEmu

The MajorBBS Emulation Project is an Open Source, Cross-Platform emulator for easily running The MajorBBS & Worldgroup Modules
https://www.mbbsemu.com
MIT License
126 stars 14 forks source link

[WCCMMUD] MajorMUD 1.11p - How to have my Synchronet SYSOP class account show up as SYSOP for MBBSEMU for MUDOP control? #623

Closed BurnDivision closed 1 week ago

BurnDivision commented 1 month ago

Module Information

Describe the bug Not sure it's a bug, I just can't figure this out.

To Reproduce Steps to reproduce the behavior: Unsure. New board that I finally have up and running with a door to RLOGIN to MBBSEMU.

Expected behavior SYSOP class Synchronet account should have MUDOP access on MajorMUD.

Software Information:

enusbaum commented 1 month ago

Interesting issue!

So, Rlogin users are treaded as "anonymous" users (they don't go through the signup process). Because of this, we don't know for sure which keys should be applied to them by default.

That being said, I think an easy fix here would be applying keys given to a user on mbbsemu to an Rlogin user of the same name. In this case, if you give a user ("sysop", in this example) the key of MUDOP within MBBSEmu, when that same user Rlogin's into the emulator it'll apply the same keys.

If the user isn't found, it'll apply the default keys.

enusbaum commented 1 week ago

I double checked and we are applying the default keys to Rlogin keys.

https://github.com/mbbsemu/MBBSEmu/blob/71cf3e765750ed4b762bfae92730d5654820a9ca/MBBSEmu/HostProcess/ExportedModules/Majorbbs.cs#L2269

I'll need to work through the Rlogin logic again. Not that I'm entirely concerned about security, but this would potentially allow a user to login via rlogin to MBBSEmu "unauthenticated" in this process. Need to noodle on this...

enusbaum commented 1 week ago

OK -- read through this, here's the deal:

Technically, Rlogin users aren't local users, so they won't have any records in the MBBSEmu Accounts Database (and associated key records). Because of this, we apply the "default" keys to users through Rlogin.

While users setup in Mystic/Synchro are setup as sysops locally within those systems, credentials/access levels aren't sent over (nor supported) by the Rlogin protocol.

We apparently accounted for this and there's a work around. For this scenario, user "PowerUser" is a SYSOP on Sychronet. Your steps would be:

  1. "Sign Up" in MBBSEmu using the username "PowerUser"
  2. Using the Sysop Commands (/SYS within MBBSEmu) when logged in as SYSOP, give the user "PowerUser" the keys you need for MUDOP Access
  3. When the user logs in through Rlogin, MBBSEmu will "find" the users Key records for the username sent across via Rlogin and will apply those keys when the haskeys() routine is called by a module.

No code changes required, this process should work as enumerated :)

Hope this helps!