mirror of
				git://git.psyced.org/git/psyced
				synced 2024-08-15 03:25:10 +00:00 
			
		
		
		
	Merge remote-tracking branch 'fly/master'
This commit is contained in:
		
						commit
						14449cce13
					
				
					 6 changed files with 114 additions and 35 deletions
				
			
		|  | @ -1,5 +1,5 @@ | ||||||
| // this place is configured in a suitable way for receiving
 | // this place is configured in a suitable way for receiving
 | ||||||
| // syslog events from the syslog2psyc tool in perlpsyc
 | // tor router events from the remotor tool in perlpsyc
 | ||||||
| //
 | //
 | ||||||
| #include <net.h> | #include <net.h> | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -24,18 +24,16 @@ varargs http_error(string prot, int code, string comment, string html) { | ||||||
| 	P2(("hterror(%O,%O,%O,%O) in %O\n", prot,code,comment,html, ME)) | 	P2(("hterror(%O,%O,%O,%O) in %O\n", prot,code,comment,html, ME)) | ||||||
| #if defined(T) | #if defined(T) | ||||||
| 	// use the textdb if available | 	// use the textdb if available | ||||||
| 	out = psyctext( T("_PAGES_error", | 	out = psyctext( T("_PAGES_error", "<title>Error [_code]</title><body><h1 id='code'>[_code]</h1><div id='comment'>[_comment]</div>"), | ||||||
| 			      "<html><title id='code'>[_code]</title>\n" |  | ||||||
| 		"<body><h1 id='comment'>[_comment]</h1></body></html>\n"), |  | ||||||
| 		    ([ "_comment": comment, "_code": code ]) ); | 		    ([ "_comment": comment, "_code": code ]) ); | ||||||
| #else | #else | ||||||
| 	// use some hardcoded defaults | 	// use some hardcoded defaults | ||||||
| 	out = "<body text=white bgcolor=black link=green vlink=green>\n"; | 	out = "<body text='white' bgcolor='black' link='green' vlink='green'>\n"; | ||||||
| 	if (html) out = sprintf("<title>%s</title>\n%s%s", comment, out, html); | 	if (html) out = sprintf("<title>%s</title>\n%s%s", comment, out, html); | ||||||
| 	else out = sprintf("\ | 	else out = sprintf("\ | ||||||
| <title>error %d</title>\n\ | <title>Error %d</title>\n\ | ||||||
| %s\n\ | %s\n\ | ||||||
| <table width=\"100%%\" height=\"90%%\"><tr><th><h1><br>\n\n\ | <table width=\"100%%\" height=\"90%%\"><tr><th><h1><br/>\n\n\ | ||||||
| %s\n\n\ | %s\n\n\ | ||||||
| </h1></th></tr></table>\n\ | </h1></th></tr></table>\n\ | ||||||
| ", | ", | ||||||
|  |  | ||||||
|  | @ -95,12 +95,19 @@ varargs string htredirect(string prot, string target, string comment, int perman | ||||||
| 		printf("%s %d %s\n%s", HTTP_SVERS, | 		printf("%s %d %s\n%s", HTTP_SVERS, | ||||||
| 		  permanent ? R_MOVED : R_FOUND, comment, htheaders()); | 		  permanent ? R_MOVED : R_FOUND, comment, htheaders()); | ||||||
| 	} | 	} | ||||||
|  | 	// this page might actually be visible | ||||||
|  | 	// if content-disposition: attachment is given | ||||||
|  | 	// or redirects are otherwise intercepted by plugin | ||||||
|  | 	// so a proper _PAGES form could be appropriate | ||||||
| 	printf("\ | 	printf("\ | ||||||
| Location: %s\n%s\ | Location: %s\n%s\ | ||||||
| \n\ | \n\ | ||||||
| <a href=\"%s\">%s</a>.\n\ | <title>%s</title>\n\ | ||||||
| ", | <body bgcolor='black' text='white' link='red' vlink='red'>\n\ | ||||||
| 		target, extra, target, comment); | %s\n", | ||||||
|  | 	// exposing the link to end-user may not be intended: | ||||||
|  | 	// <a href=\"%s\">%s</a>. | ||||||
|  | 		target, extra, comment, comment); | ||||||
| 	return 0; | 	return 0; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -18,6 +18,10 @@ | ||||||
| #include <status.h> | #include <status.h> | ||||||
| #include <uniform.h> | #include <uniform.h> | ||||||
| 
 | 
 | ||||||
|  | #ifndef HT_LOGO | ||||||
|  | # define HT_LOGO DEFAULT_HT_LOGO | ||||||
|  | #endif | ||||||
|  | 
 | ||||||
| #ifdef BRAIN | #ifdef BRAIN | ||||||
| 
 | 
 | ||||||
| # ifdef SLAVE | # ifdef SLAVE | ||||||
|  | @ -610,8 +614,9 @@ htget(prot, query, headers, qs) { | ||||||
| } | } | ||||||
| #endif | #endif | ||||||
| 
 | 
 | ||||||
| #ifdef CHALLENGE_MATCH | #ifdef CHALLENGE_QUESTION   // should make media player etc work also w/o challenge FIXME | ||||||
| #include <sys/regexp.h> | #include <sys/regexp.h> | ||||||
|  | #include "ht/http.h" | ||||||
| 
 | 
 | ||||||
| #define CHALOG(verb)	log_file("CHALLENGE", "%s %s %O A:%O P:%O C:%O\n", \ | #define CHALOG(verb)	log_file("CHALLENGE", "%s %s %O A:%O P:%O C:%O\n", \ | ||||||
| 		 MYNICK, verb, query_ip_name(), \ | 		 MYNICK, verb, query_ip_name(), \ | ||||||
|  | @ -619,14 +624,47 @@ htget(prot, query, headers, qs) { | ||||||
| 
 | 
 | ||||||
| // maybe this all belongs into archetype.gen.. chesmo! | // maybe this all belongs into archetype.gen.. chesmo! | ||||||
| htget(prot, query, headers, qs, data, noprocess) { | htget(prot, query, headers, qs, data, noprocess) { | ||||||
| 	string item = headers[item] || "/@"+ MYNICK; | 	if (probably_private(this_interactive()) <= PRIVACY_SURVEILLED) { | ||||||
| 	if (stringp(headers["cookie"]) && regmatch(headers["cookie"], | 		hterror(prot, R_PAYMENTREQ, "To protect against abuse in this nasty world this function needs 'https' instead of 'http'."); | ||||||
| 		 "challenge=complete&answer="+ md5(CHALLENGE_MATCH))) { | 		htnotify(query, headers, "_challenge_disabled_encryption", | ||||||
|  | 		    "[_nick_place] sees no TLS by [_web_on] from [_web_from]."); | ||||||
|  | 		return 0; | ||||||
|  | 	} | ||||||
|  | 	string item = "/@"+ MYNICK; | ||||||
|  | 	if ( | ||||||
|  | # ifdef CHALLENGE_AGENT | ||||||
|  | 	    stringp(headers["user-agent"]) && | ||||||
|  | 	       regmatch(lower_case(headers["user-agent"]), CHALLENGE_AGENT) | ||||||
|  | # else | ||||||
|  | #  ifdef CHALLENGE_ACCOUNTS | ||||||
|  | #   define CHALLENGE_CHECK CHALLENGE_ACCOUNTS | ||||||
|  | #  else | ||||||
|  | #   ifdef CHALLENGE_MATCH | ||||||
|  | #    define CHALLENGE_CHECK CHALLENGE_MATCH | ||||||
|  | #   endif | ||||||
|  | #  endif | ||||||
|  | 	    stringp(headers["cookie"]) && regmatch(headers["cookie"], | ||||||
|  | 		 "challenge=complete&answer="+ md5(CHALLENGE_CHECK)) | ||||||
|  | # endif | ||||||
|  | 	     ) { | ||||||
| 		CHALOG("completes"); | 		CHALOG("completes"); | ||||||
| 		htnotify(query, headers, "_accomplished_web", | 		htnotify(query, headers, "_challenge_accomplished_web", | ||||||
| 		    "Challenge accomplished in [_nick_place] by [_web_on] coming from [_web_from]."); | 		    "Challenge accomplished in [_nick_place] by [_web_on] coming from [_web_from]."); | ||||||
| # ifdef CHALLENGE_REDIRECT | # ifdef CHALLENGE_REDIRECT | ||||||
| 		return htredirect(prot, CHALLENGE_REDIRECT, "There you go", 0, "Set-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n"); | #  ifdef CHALLENGE_REDIRECT_TITLE | ||||||
|  | #   ifdef CHALLENGE_QUESTION | ||||||
|  | 		htok3(prot, 0, "Set-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n"); | ||||||
|  | #   else | ||||||
|  | 		htok(); | ||||||
|  | #   endif | ||||||
|  | 		w("_PAGES_frame_redirect", 0, | ||||||
|  | 		    ([ "_uniform_page" : CHALLENGE_REDIRECT, | ||||||
|  | 		       "_title_page" : CHALLENGE_REDIRECT_TITLE, | ||||||
|  | 		       "_nick_place" : MYNICK ]) ); | ||||||
|  | 		return 1; | ||||||
|  | #  else | ||||||
|  | 		return htredirect(prot, CHALLENGE_REDIRECT, "Download or redirect initiated", 0, "Content-Disposition: attachment\nSet-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n"); | ||||||
|  | #  endif | ||||||
| # else | # else | ||||||
| #  ifdef HTGET | #  ifdef HTGET | ||||||
| 		// you may want to output a player iframe instead of a redirect... | 		// you may want to output a player iframe instead of a redirect... | ||||||
|  | @ -636,33 +674,66 @@ htget(prot, query, headers, qs, data, noprocess) { | ||||||
| #  endif | #  endif | ||||||
| # endif | # endif | ||||||
| 	} | 	} | ||||||
| 	if (stringp(query["answer"]) && headers["cookie"] && | # if defined(CHALLENGE_MATCH) || defined(CHALLENGE_ACCOUNTS) | ||||||
| 	    regmatch(headers["cookie"], "challenge=given") && | 	if (stringp(query["answer"])) { | ||||||
| 	    regmatch(lower_case(query["answer"]), CHALLENGE_MATCH)) { | 		unless (headers["cookie"]) { | ||||||
| 		// lazy me could have used referer here ;) | 			CHALOG("disabled"); | ||||||
| 		string nu = stringp(query["parameters"]) && | 			hterror(prot, R_PAYMENTREQ, "To protect against abuse in this nasty world this function needs just temporarily enabled cookies. There are no de-anonymizing purposes involved. Or did you just lowercase my name in the URL?"); | ||||||
| 			     strlen(query["parameters"]) ? | 			htnotify(query, headers, "_challenge_disabled_web", | ||||||
| 			 item +"?"+ query["parameters"] : item; | 			    "[_nick_place] sees no cookies by [_web_on] from [_web_from]."); | ||||||
| 		CHALOG("reloads"); | 			return 1; | ||||||
| 		htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer="+ md5(CHALLENGE_MATCH) +"\"; Path="+ item +"; Secure; Max-Age=99\n"); | 		} | ||||||
| 		return 1; | 		string acct; | ||||||
|  | 		if (regmatch(headers["cookie"], "challenge=given")) { | ||||||
|  | 			if (query["answer"] &&  | ||||||
|  | #  ifdef CHALLENGE_ACCOUNTS | ||||||
|  | 			    (acct = CHALLENGE_ACCOUNTS->consult(query["answer"])) | ||||||
|  | #  else | ||||||
|  | 			    regmatch(lower_case(query["answer"]), CHALLENGE_MATCH) | ||||||
|  | #  endif | ||||||
|  | 			) { | ||||||
|  | 				// lazy me could have used referer here ;) | ||||||
|  | 				string nu = stringp(query["parameters"]) && | ||||||
|  | 					     strlen(query["parameters"]) && | ||||||
|  | 					     query["parameters"] != "0" ? | ||||||
|  | 					 item +"?"+ query["parameters"] : item; | ||||||
|  | 				CHALOG(acct? ("authenticates as "+ acct): "reloads"); | ||||||
|  | 				htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer="+ md5(CHALLENGE_CHECK) +"\"; Path="+ item +"; Secure; Max-Age=99\n"); | ||||||
|  | 				if (acct) htnotify(query, headers, "_challenge_authenticated_web", | ||||||
|  | 		    "[_web_on] authenticated for [_nick_place] coming from [_web_from].", acct); | ||||||
|  | 				return 1; | ||||||
|  | 			} else { | ||||||
|  | 				CHALOG("fails"); | ||||||
|  | 				htnotify(query, headers, "_challenge_failed_web", | ||||||
|  | 				    "[_nick_place] sees [_web_on] from [_web_from] fail the challenge."); | ||||||
|  | 			} | ||||||
|  | 		} | ||||||
|  | 	} else | ||||||
|  | # endif | ||||||
|  |        	{ | ||||||
|  | 		CHALOG("challenges"); | ||||||
|  | 		htnotify(query, headers, "_challenge_presented_web", | ||||||
|  | 		    "[_nick_place] challenges [_web_on] coming from [_web_from]."); | ||||||
|  | 		    //	(query [_web_query], cookie [_web_cookie])."); | ||||||
| 	} | 	} | ||||||
|  | 	// If you have trouble reloading the HTML template | ||||||
|  | 	// look out for both 'ht' and 'html' textdbs! | ||||||
| 	sTextPath(query["layout"], query["lang"], "html"); | 	sTextPath(query["layout"], query["lang"], "html"); | ||||||
| 	// using a non-psyced cookie here so that you can't construct a  | 	// using a non-psyced cookie here so that you can't construct a  | ||||||
| 	// url that allows other people to bypass the challenge. | 	// url that allows other people to bypass the challenge. | ||||||
| 	// could add a timeout here... |  | ||||||
| 	htok3(prot, 0, "Set-Cookie: psycplace=\"challenge=given\"; Path="+ item +"; Secure; Max-Age=999\n"); | 	htok3(prot, 0, "Set-Cookie: psycplace=\"challenge=given\"; Path="+ item +"; Secure; Max-Age=999\n"); | ||||||
| 	CHALOG("challenges"); | # ifndef CHALLENGE_REDIRECT_TITLE | ||||||
|  | #  define CHALLENGE_REDIRECT_TITLE "Challenge for " MYNICK | ||||||
|  | # endif | ||||||
| 	w("_PAGES_group_challenge", 0, | 	w("_PAGES_group_challenge", 0, | ||||||
| 	    ([ "_challenge" : htquote(CHALLENGE_QUESTION), | 	    ([ "_challenge" : htquote(CHALLENGE_QUESTION), | ||||||
| 		    // if the user failed the challenge, | 		    // if the user failed the challenge, | ||||||
| 		    // we maintain the original qs for next attempt: | 		    // we maintain the original qs for next attempt: | ||||||
| 	       "_parameters" : query["parameters"] || qs, | 	       "_parameters" : query["parameters"] || qs, | ||||||
|  | 	       "_uniform_logo" : HT_LOGO, | ||||||
|  | 	       "_title_page" : CHALLENGE_REDIRECT_TITLE, | ||||||
| 	       "_nick_place" : MYNICK ]) ); | 	       "_nick_place" : MYNICK ]) ); | ||||||
| 	// printf("%O vs %O\n", query, headers); | 	// printf("%O vs %O\n", query, headers); | ||||||
| 	htnotify(query, headers, "_challenged_web", |  | ||||||
| 	    "[_nick_place] challenges [_web_on] coming from [_web_from]."); |  | ||||||
| 	    //	(query [_web_query], cookie [_web_cookie])."); |  | ||||||
| 	return 1; | 	return 1; | ||||||
| } | } | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
|  | @ -191,7 +191,7 @@ jabberMsg(XMLNode node) { | ||||||
| 		    // super dirty.. this should all be in textdb
 | 		    // super dirty.. this should all be in textdb
 | ||||||
| 		    packet = sprintf("<iq type='result' id='%s'>" | 		    packet = sprintf("<iq type='result' id='%s'>" | ||||||
| 				     "<query xmlns='jabber:iq:register'/>" | 				     "<query xmlns='jabber:iq:register'/>" | ||||||
| 	 "<error code='501>Registration by XMPP not permitted.</error></iq>", | 	 "<error code='501'>Registration by XMPP not permitted.</error></iq>", | ||||||
| 				     id); | 				     id); | ||||||
| #else | #else | ||||||
| 		    packet = sprintf("<iq type='result' id='%s'>" | 		    packet = sprintf("<iq type='result' id='%s'>" | ||||||
|  | @ -235,7 +235,10 @@ jabberMsg(XMLNode node) { | ||||||
| 			// QUIT
 | 			// QUIT
 | ||||||
| 		    } else { | 		    } else { | ||||||
| #if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP) | #if defined(_flag_disable_unauthenticated_users_XMPP) || defined(_flag_disable_registration_XMPP) | ||||||
| 			// TODO: generate some error as above
 | 			emit(sprintf("<iq type='result' id='%s'>" | ||||||
|  | 				     "<query xmlns='jabber:iq:register'/>" | ||||||
|  | 	 "<error code='501'>Registration by XMPP not permitted.</error></iq>", | ||||||
|  | 				     id)); | ||||||
| #else | #else | ||||||
| 			user -> vSet("password", t[Cdata]); | 			user -> vSet("password", t[Cdata]); | ||||||
| 			if (t = helper["/email"]) { | 			if (t = helper["/email"]) { | ||||||
|  |  | ||||||
|  | @ -474,7 +474,7 @@ _request_set_topic(source, mc, data, vars, b) { | ||||||
| 
 | 
 | ||||||
| #if HAS_PORT(HTTP_PORT, HTTP_PATH) || HAS_PORT(HTTPS_PORT, HTTP_PATH) | #if HAS_PORT(HTTP_PORT, HTTP_PATH) || HAS_PORT(HTTPS_PORT, HTTP_PATH) | ||||||
| // for GDPR compliance server owners are expected not to log these messages | // for GDPR compliance server owners are expected not to log these messages | ||||||
| htnotify(query, headers, mc, fmt) { | htnotify(query, headers, mc, fmt, acct) { | ||||||
| 	if (query["from"] == "") query["from"] = 0; | 	if (query["from"] == "") query["from"] = 0; | ||||||
| 	if (query["location"] == "") query["location"] = 0; | 	if (query["location"] == "") query["location"] = 0; | ||||||
| 
 | 
 | ||||||
|  | @ -484,7 +484,7 @@ htnotify(query, headers, mc, fmt) { | ||||||
| 	([	"_web_referrer" : query["from"] || "bookmark", | 	([	"_web_referrer" : query["from"] || "bookmark", | ||||||
| 		"_web_page" : query["location"] || headers["referer"] || "", | 		"_web_page" : query["location"] || headers["referer"] || "", | ||||||
| 		"_web_browser" : headers["user-agent"] || "", | 		"_web_browser" : headers["user-agent"] || "", | ||||||
| 		"_web_on" : query["location"] || headers["referer"] || | 		"_web_on" : acct || query["location"] || headers["referer"] || | ||||||
| 			    headers["user-agent"] || "", | 			    headers["user-agent"] || "", | ||||||
| 		"_web_from" : query["from"] || | 		"_web_from" : query["from"] || | ||||||
| 			    query_ip_name(this_interactive()) || | 			    query_ip_name(this_interactive()) || | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue