some new tools. clump is useful. httpd got some better logging. cuturl got some bugfixes I think. todo is just a version of segfault's !todo but for shell. don't remember what I did to telnet-gateway.sh

author: epochqwert <epoch@53flpnlls43fcguy.onion> 2015-02-06 02:32:04 -0600
committer: epochqwert <epoch@53flpnlls43fcguy.onion> 2015-02-06 02:32:04 -0600
commit: 3c2d290d17b739f14774dfcdf48581c1fb212286 (patch)
tree: 4b3bcf021e9994c21030aad99f84831ad31dbe02 /src
parent: abe09a4717370f331b050ad39da3a7e9a478f02d (diff)
download: misc-3c2d290d17b739f14774dfcdf48581c1fb212286.tar.gz
misc-3c2d290d17b739f14774dfcdf48581c1fb212286.zip
3 files changed, 108 insertions, 25 deletions
diff --git a/src/bin/clump.c b/src/bin/clump.c
new file mode 100644
index 0000000..18c8e5b
--- /dev/null
+++ b/src/bin/clump.c
@@ -0,0 +1,37 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+//clumps together consecutive rows containing the same first column
+//to have column 2- printed after a single column 1 value.
+//just try it out.
+//printf "a a\na b\na c\nb a\nb b\nc a\nc b\n" | clump
+//still working on the name.
+
+int main() {
+ char line[256];
+ char *id;
+ char *value;
+ char *oldid=malloc(1);
+ *oldid=0;
+ while(fgets(line,sizeof(line),stdin)) {
+  id=line;
+  if(strchr(line,'\n')) *strchr(line,'\n')=0;
+  if(strchr(id,' ')) {
+   value=strchr(id,' ');
+   *value=0;
+   value++;
+  }
+  if(strcmp(id,oldid)) {
+   if(*oldid != 0) {
+    printf("\n");
+   }
+   printf("%s:",id);
+   free(oldid);
+   oldid=strdup(id);
+  }
+  printf(" %s",value);
+ }
+ printf("\n");
+ return 0;
+}
diff --git a/src/bin/cuturl.c b/src/bin/cuturl.c
index 4a2f3f5..f8b02c7 100644
--- a/src/bin/cuturl.c
+++ b/src/bin/cuturl.c
@@ -1,4 +1,4 @@
-
+#include <netdb.h>
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
@@ -33,14 +33,6 @@
 
 #define AorB(a,b) ((a)?(a):(b))
 
-#define DEFAULT_SCHEME AorB(getenv("CUTURL_SCHEME"),"DEFAULT")
-#define DEFAULT_USERNAME AorB(getenv("CUTURL_USERNAME"),"DEFAULT")
-#define DEFAULT_PASSWORD AorB(getenv("CUTURL_PASSWORD"),"DEFAULT")
-#define DEFAULT_PORT AorB(getenv("CUTURL_PORT"),"DEFAULT")
-#define DEFAULT_PATH AorB(getenv("CUTURL_PATH"),"DEFAULT")
-#define DEFAULT_QUERY_STRING AorB(getenv("CUTURL_QUERY_STRING"),"DEFAULT")
-#define DEFAULT_FRAGMENT_ID AorB(getenv("CUTURL_FRAGMENT_ID"),"DEFAULT")
-
 #define F_SCHEME 1<<0
 #define F_USERNAME 1<<1
 #define F_PASSWORD 1<<2
@@ -63,13 +55,15 @@ int main(int argc,char *argv[]) {
  char *path=0;
  char *query_string=0;
  char *fragment_id=0;
+ char sport[10];
+ struct servent *serv;
  //exactly 8 parts! let's store that in a byte.
  unsigned char flags=0;
  int i;
  int size=1024;
  char using_stdin=1;
  char malloced=0;
- if(argc > 0) {
+ if(argc > 1) {
   if(!strcmp(argv[1],"--help") || !strcmp(argv[1],"-h")) {
    printf("usage: echo urls | cuturl [options]\n");
    printf("usage: cuturl [options] url [options] [url]\n\n");
@@ -82,11 +76,16 @@ int main(int argc,char *argv[]) {
   }
  }
  while(1) {
-  //
-  // todo: add argument parsing
-  //
+  scheme=0;
+  username=0;
+  password=0;
+  domain=0;
+  port=0;
+  path=0;
+  query_string=0;
+  fragment_id=0;
   if(!using_stdin) flags=0;
-  if(argc > 0) {
+  if(argc > 1) {
    for(argc--,argv++;argc>0;argc--,argv++) {
     for(i=0;long_opts[i];i++) {
      if(!strncmp(*argv,"--",2)) {
@@ -111,7 +110,7 @@ int main(int argc,char *argv[]) {
    }
   }
   if(using_stdin) {
-   line=malloc(size);
+   line=malloc(size+1);
    malloced=1;
    if(!fgets(line,size,stdin)) {
     return 0;
@@ -133,7 +132,6 @@ int main(int argc,char *argv[]) {
     break;
    }
   }
-
   if(path) {
    if(strchr(path,'?')) {
     query_string=strchr(path,'?');
@@ -213,14 +211,19 @@ int main(int argc,char *argv[]) {
   // printf("scheme://username:password@domain:port/path?query_string#fragment_id\n\n");
   //let's set them to what'll get printed now...
 
-  scheme=AorB(scheme,DEFAULT_SCHEME);
-  username=AorB(username,DEFAULT_USERNAME);
-  password=AorB(password,DEFAULT_PASSWORD);
+  scheme=AorB(scheme,AorB(getenv("CUTURL_SCHEME"),"DEFAULT"));
+  username=AorB(username,AorB(getenv("CUTURL_USERNAME"),"DEFAULT"));
+  password=AorB(password,AorB(getenv("CUTURL_PASSWORD"),"DEFAULT"));
   //domain=domain; doesn't change. heh.
-  port=AorB(port,DEFAULT_PORT);
-  path=AorB(path,DEFAULT_PATH);
-  query_string=AorB(query_string,DEFAULT_QUERY_STRING);
-  fragment_id=AorB(fragment_id,DEFAULT_FRAGMENT_ID);
+  serv=getservbyname(scheme,strcmp(scheme,"udp")?"tcp":"udp");
+  if(serv) snprintf(sport,sizeof(sport)-1,"%d",ntohs(serv->s_port));
+  port=AorB(port,AorB(getenv("CUTURL_PORT"),(serv?sport:"DEFAULT")));
+  //port=AorB(port,AorB(getenv("CUTURL_PORT"),"DEFAULT"));
+
+
+  path=AorB(path,AorB(getenv("CUTURL_PATH"),"DEFAULT"));
+  query_string=AorB(query_string,AorB(getenv("CUTURL_QUERY_STRING"),"DEFAULT"));
+  fragment_id=AorB(fragment_id,AorB(getenv("CUTURL_FRAGMENT_ID"),"DEFAULT"));
 
   if(flags) {
    if(flags&F_SCHEME) printf("%s\n",scheme);
diff --git a/src/libexec/httpd.c b/src/libexec/httpd.c
index 8ba9413..f22e139 100644
--- a/src/libexec/httpd.c
+++ b/src/libexec/httpd.c
@@ -15,6 +15,37 @@
 #define CGI "cgi-bin"
 #define SERVER "epochttpd/2.0 (Unix)"
 
+// WARNING: this http software is vulnerable. I'm leaving it that way.
+
+/* just notes for environment variables for CGIs when I need them.
+
+Key             Value
+DOCUMENT_ROOT   The root directory of your server
+HTTP_COOKIE     The visitor's cookie, if one is set
+HTTP_HOST       The hostname of the page being attempted
+HTTP_REFERER    The URL of the page that called your program
+HTTP_USER_AGENT The browser type of the visitor
+HTTPS           "on" if the program is being called through a secure server
+PATH            The system path your server is running under
+QUERY_STRING    The query string (see GET, below)
+REMOTE_ADDR     The IP address of the visitor
+REMOTE_HOST     The hostname of the visitor (if your server has
+                reverse-name-lookups on; otherwise this is the IP address again)
+REMOTE_PORT     The port the visitor is connected to on the web server
+REMOTE_USER     The visitor's username (for .htaccess-protected pages)
+REQUEST_METHOD  GET or POST
+REQUEST_URI     The interpreted pathname of the requested document or CGI
+                (relative to the document root)
+SCRIPT_FILENAME The full pathname of the current CGI
+SCRIPT_NAME     The interpreted pathname of the current CGI (relative to
+                the document root)
+SERVER_ADMIN    The email address for your server's webmaster
+SERVER_NAME     Your server's fully qualified domain name (e.g.
+                www.cgi101.com)
+SERVER_PORT     The port number your server is listening on
+SERVER_SOFTWARE The server software you're using (e.g. Apache 1.3)
+*/
+
 void standard_headers() {
  printf("Server: %s\r\n",SERVER);
  printf("Connection: close\r\n");
@@ -33,7 +64,9 @@ int main(int argc,char *argv[]) {
  struct sockaddr_in6 sa6;
  unsigned int sl=sizeof(sa6);
  char h[NI_MAXHOST];
- if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) syslog(LOG_WARNING,"getpeername: %m");
+ openlog("httpd",LOG_PID,LOG_DAEMON);
+ if(getpeername(0,(struct sockaddr *)&sa6,&sl) == -1) 
+  syslog(LOG_WARNING,"getpeername: %m");
  getnameinfo((struct sockaddr *)&sa6,sl,h,sizeof(h),0,0,NI_NUMERICHOST);
  setenv("REMOTE_ADDR",h,1);
  if(!strchr(line,'\n')) {
@@ -41,10 +74,10 @@ int main(int argc,char *argv[]) {
   standard_headers();
   printf("Content-type: text/plain\r\n\r\n");
   printf("use smaller (<%d bytes) headers.\n",getpagesize());
+  syslog(LOG_WARNING,"413 Entity Too Large %s len: %d\n",h,strlen(line));
   return 0;
  }
  if(strchr(line,'\r')) *strchr(line,'\r')=0;
- syslog(LOG_WARNING,"%s %s\n",h,line);
  method=strdup(line);
  if((page=strchr(method,' '))) {
   *page=0;
@@ -67,24 +100,32 @@ int main(int argc,char *argv[]) {
    standard_headers();
    printf("Content-type: text/plain\r\n\r\n");
    printf("use smaller (<%d bytes) headers.\n",getpagesize());
+   syslog(LOG_WARNING,"413 somewhere in request line 2+: %s %d\n",h,strlen(line));
    return 0;
   }
   if(strchr(line,'\r')) *strchr(line,'\r')=0;
   if(!strncasecmp(line,"Host: ",6)) {
    setenv("HTTP_HOST",line+6,1);
   }
+  if(!strncasecmp(line,"User-agent: ",12)) {
+   setenv("HTTP_USER_AGENT",line+12,1);
+  }
   if(!strcmp(line,"")) {
    break;
   }
  }
  alarm(0);//no more timeout.
+ //
+ syslog(LOG_WARNING,"%s: %s %s %s\n",h,getenv("HTTP_USER_AGENT"),page,get_param);
  //TODO: sanitize this.
  if(chdir(VHOST_ROOT) == -1) {
    printf("HTTP/1.1 500 Internal Server Error\r\n");
    standard_headers();
    printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",VHOST_ROOT);
+   syslog(LOG_WARNING,"can't chdir to VHOST_ROOT: %s",VHOST_ROOT);
    exit(3);
  }
+ //I had fun exploiting this. :)
  if(chdir((char*)getenv("HTTP_HOST")) == -1) {
   if(chdir(SITES_ROOT) != -1) {
    if(chdir("default") == -1) {
@@ -92,6 +133,7 @@ int main(int argc,char *argv[]) {
     printf("HTTP/1.1 500 Internal Server Error\r\n");
     standard_headers();
     printf("Content-type: text/html\r\n\r\nfuck");
+    syslog(LOG_WARNING,"can't chdir to default site dir.");
     exit(1);
    }
    //we're good.
@@ -100,6 +142,7 @@ int main(int argc,char *argv[]) {
    standard_headers();
    printf("Content-type: text/html\r\n\r\ncouldn't chdir(\"%s\");",SITES_ROOT);
    //wtf? no sites dir???
+   syslog(LOG_WARNING,"can't chdir to SITES_ROOT: %s",SITES_ROOT);
    exit(2);
   }
  }
author	epochqwert <epoch@53flpnlls43fcguy.onion>	2015-02-06 02:32:04 -0600
committer	epochqwert <epoch@53flpnlls43fcguy.onion>	2015-02-06 02:32:04 -0600
commit	3c2d290d17b739f14774dfcdf48581c1fb212286 (patch)
tree	4b3bcf021e9994c21030aad99f84831ad31dbe02 /src
parent	abe09a4717370f331b050ad39da3a7e9a478f02d (diff)
download	misc-3c2d290d17b739f14774dfcdf48581c1fb212286.tar.gz misc-3c2d290d17b739f14774dfcdf48581c1fb212286.zip