m1ngsama/TNT
1
0
Fork 0
mirror of https://github.com/m1ngsama/TNT.git synced 2026-02-08 00:54:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
TNT's Not Tunnel
134 commits 10 branches 0 tags 360 KiB
C 80.9%
Shell 17%
Makefile 2.1%
Find a file
m1ngsama 4f3a07c5e2 fix(security): implement comprehensive input validation 
- Add is_valid_username() function to prevent injection attacks
  * Reject shell metacharacters: |;&$`<>(){}[]'"\
  * Reject control characters (except tab)
  * Reject usernames starting with space, dot, or dash
- Apply username validation in read_username() with fallback to "anonymous"
- Add rate limiting via sleep(1) on validation failure
- Sanitize message content in message_save():
  * Replace pipe, newline, carriage return to prevent log injection
  * Ensure null termination of sanitized strings
- Enhance message_load() validation:
  * Check for oversized lines
  * Validate field lengths before copying
  * Validate timestamp reasonableness (not >1 day future, <10 years past)
  * Ensure null termination of all loaded strings

These changes address:
- Username injection vulnerabilities
- Message content injection in log files
- Log file format corruption attacks
- Malformed timestamp handling

Prevents:
- Command injection via usernames
- Log poisoning attacks
- DoS via oversized messages
2026-01-22 13:59:58 +08:00
.github/workflows Add CI/CD and deployment automation 2025-12-02 12:47:15 +08:00
include Fix critical memory and concurrency bugs 2025-11-30 09:00:00 +08:00
src fix(security): implement comprehensive input validation 2026-01-22 13:59:58 +08:00
.gitignore Add development and testing infrastructure 2025-12-02 10:00:00 +08:00
CHANGELOG.md Add developer documentation 2025-12-02 15:00:00 +08:00
CICD.md Add CI/CD and deployment automation 2025-12-02 12:47:15 +08:00
DEPLOYMENT.md Add CI/CD and deployment automation 2025-12-02 12:47:15 +08:00
HACKING Add developer documentation 2025-12-02 15:00:00 +08:00
install.sh Add CI/CD and deployment automation 2025-12-02 12:47:15 +08:00
LICENSE Initial commit 2025-07-01 09:00:00 +08:00
Makefile Add development and testing infrastructure 2025-12-02 10:00:00 +08:00
QUICKREF Add developer documentation 2025-12-02 15:00:00 +08:00
README Rewrite README in classic Unix style 2025-12-02 12:57:18 +08:00
README.md Rewrite README in classic Unix style 2025-12-02 12:57:18 +08:00
test_basic.sh Add development and testing infrastructure 2025-12-02 10:00:00 +08:00
test_stress.sh Add development and testing infrastructure 2025-12-02 10:00:00 +08:00
tnt.service Add CI/CD and deployment automation 2025-12-02 12:47:15 +08:00

README.md

TNT

Terminal chat server. Vim-style interface. SSH-based.

Install

curl -sSL https://raw.githubusercontent.com/m1ngsama/TNT/main/install.sh | sh

Or download from releases.

Run

tnt              # port 2222
tnt -p 3333      # custom port
PORT=3333 tnt    # env var

Connect: ssh -p 2222 localhost

Keys

INSERT (default)

  • ESC → NORMAL
  • Enter → send
  • Backspace → delete

NORMAL

  • i → INSERT
  • : → COMMAND
  • j/k → scroll
  • g/G → top/bottom
  • ? → help

COMMAND

  • :list → users
  • :help → commands
  • ESC → back

Build

make              # normal
make debug        # with symbols
make asan         # sanitizer
make check        # static analysis

Requires: libssh

Deploy

See DEPLOYMENT.md for systemd setup.

Files

messages.log      chat history
host_key          SSH key (auto-gen)
tnt.service       systemd unit

Test

./test_basic.sh         # functional
./test_stress.sh 50     # 50 clients

Docs

  • README - man page style
  • HACKING - dev guide
  • DEPLOYMENT.md - production
  • CICD.md - automation
  • QUICKREF - cheat sheet

License

MIT