aniani/gophernicus
1
0
Fork 0
mirror of https://github.com/gophernicus/gophernicus.git synced 2024-06-02 06:11:10 +00:00
Code

Compare commits

base: aniani:c5eeaec4dab8a365e0397087dca0de08eb3609cc
Branches Tags
aniani:master
aniani:v3.1.1
aniani:v3.1
aniani:3.0.1
aniani:3.0
aniani:3.1.1
aniani:3.1
aniani:3.1rc1
aniani:v3.1-beta1
aniani:v3.0.1
...
compare: aniani:e93042f17403eef912047cc80ebd1c91df586c67
Branches Tags
aniani:master
aniani:v3.1.1
aniani:v3.1
aniani:3.0.1
aniani:3.0
aniani:3.1.1
aniani:3.1
aniani:3.1rc1
aniani:v3.1-beta1
aniani:v3.0.1

20 Commits
c5eeaec4da ... e93042f174

Author SHA1 Message Date
Omar Polo
e93042f174
Merge a5fcd38896 into d7c297ae5f 2024-02-27 12:21:07 +01:00
fosslinux
d7c297ae5f
Merge pull request #108 from augfab/fix/106 
Fix part of issue #106 (option -d)
 2024-02-27 11:16:32 +00:00
fosslinux
f845dd97f6
Merge pull request #116 from ryandesign/ryandesign-stderr 
Suppress stderr output when checking for install
 2024-02-27 11:15:26 +00:00
fosslinux
1a089816fa
Merge pull request #103 from omar-polo/missing-die-fixes 
fix call to die with NULL as an argument forgot in #100
 2024-02-27 11:15:15 +00:00
fosslinux
a00fa5330d Fix URI inserting aribitary scripts 
Fixes #118
Fixes #117

Encodes characters using html percent encoding.

I hope this is correct, I'm pretty sure it is, but can't be certain
right now.
 2024-02-27 22:12:52 +11:00
fosslinux
ac249aaeef
Merge pull request #110 from RileyInkTheCat/master 
Fix #92 properly
 2024-02-27 10:29:09 +00:00
fosslinux
4407583da3
Merge pull request #112 from ryandesign/patch-1 
Fix spelling of "receive"
 2024-02-27 10:28:52 +00:00
fosslinux
af1aafbe0b
Merge pull request #113 from ryandesign/ryandesign-available 
Fix spelling of "available"
 2024-02-27 10:28:25 +00:00
fosslinux
103f21f50b
Merge pull request #115 from ryandesign/ryandesign-distributions 
Fix spelling of "distributions"
 2024-02-27 10:28:10 +00:00
fosslinux
7f1f3515f1
Merge pull request #114 from ryandesign/ryandesign-doesnt 
Fix spelling of "doesn't"
 2024-02-27 10:27:58 +00:00
Ryan Schmidt
02fc3c3dc4 Suppress stderr output when checking for install 
When checking the features of the install program, send any output on
stderr to /dev/null rather than to stdout.
 2023-01-18 02:22:22 -06:00
Ryan Schmidt
e318b1b294 Fix spelling of "distributions" 2023-01-18 01:25:11 -06:00
Ryan Schmidt
3a8d4f007b Fix spelling of "receive" 2023-01-18 01:21:01 -06:00
Ryan Schmidt
d2007f675f Fix spelling of "available" 2023-01-18 01:18:28 -06:00
Ryan Schmidt
5fd9e72ed3 Fix spelling of "doesn't" 2023-01-18 01:14:28 -06:00
Mustached Squid
1d79de712d Previous attempt at fixing 'make install-root' had a tiny bug, which is 
now solved
 2022-06-17 15:26:52 +01:00
Mustached Squid
1d6aeecfc7 fix 'make install-root' clobbering existing gophermaps 2022-06-17 15:09:47 +01:00
Augustin Fabre
74b3b0adfa
Fix description of `-d' in manual page 
Setting option `-d' has no effect on /server-status.
 2022-05-29 14:32:13 +02:00
Augustin Fabre
9e7885f00f
Stop sending log messages to client when in debug mode 
inetd(8) sends the contents of stdout AND stderr to the client. This means that
configuring syslog(3) with LOG_PERROR (print messages to stderr) is a bad idea.
 2022-05-29 14:27:32 +02:00
Omar Polo
9f2767fde7 fix call to die with NULL as an argument forgot in #100 2022-01-22 18:44:55 +01:00
9 changed files with 45 additions and 20 deletions
Show Stats Expand all files Collapse all files

6
INSTALL.md
View File

@ -22,7 +22,7 @@ Important configure arguments include:
- `--listener`. This is the only required argument. You must - `--listener`. This is the only required argument. You must
choose a listener that passes network requests to choose a listener that passes network requests to
gophernicus, as gophernicus dosen't do this by itself. The gophernicus, as gophernicus doesn't do this by itself. The
options are: options are:
- systemd, a common init system on many Linux distributions - systemd, a common init system on many Linux distributions
that can do this without an external program. that can do this without an external program.
@ -32,7 +32,7 @@ Important configure arguments include:
config files. config files.
- mac, to be used on Mac OSX machines. - mac, to be used on Mac OSX machines.
- haiku, to be used on Haiku machines. - haiku, to be used on Haiku machines.
- autodetect, which looks at what you have avaliable - autodetect, which looks at what you have available
(unrecommended, please manually specify where possible). (unrecommended, please manually specify where possible).
- `--hostname`. This is by default attempted to be autodetected - `--hostname`. This is by default attempted to be autodetected
by the configure script, using the command `hostname`. It is by the configure script, using the command `hostname`. It is
@ -123,5 +123,5 @@ distribution? Thanks! Please see issue #50 to help. Some tips:
- You probably want to support as many listeners as possible. - You probably want to support as many listeners as possible.
We allow this through the use of a comma seperated list to We allow this through the use of a comma seperated list to
`--listener`. `--listener`.
- The default gopher root is `/var/gopher`; many disributions - The default gopher root is `/var/gopher`; many distributions
prefer `/srv`. prefer `/srv`.

2
Makefile.in
View File

@ -142,7 +142,7 @@ install-man:
install-root: install-root:
$(INSTALL) -d -m 755 $(DESTDIR)$(ROOT) $(INSTALL) -d -m 755 $(DESTDIR)$(ROOT)
$(INSTALL) -m 644 $(MAP).sample $(DESTDIR)$(ROOT)/gophermap [ ! -f $(DESTDIR)$(ROOT)/gophermap ] && $(INSTALL) -m 644 $(MAP).sample $(DESTDIR)$(ROOT)/gophermap
install-inetd-update: install-root install-inetd-update: install-root
update-inetd --add "$$(sed -e "s:@BINARY_PATH@:$(SBINDIR)/$(BINARY):g" -e "s/@OPTIONS@/$(INETOPT)/g" init/inetlin.in)" update-inetd --add "$$(sed -e "s:@BINARY_PATH@:$(SBINDIR)/$(BINARY):g" -e "s/@OPTIONS@/$(INETOPT)/g" init/inetlin.in)"

2
README.md
View File

@ -178,7 +178,7 @@ directories and you're (kind of) up and running.
There is a serious issue with virtual hosting. There is a serious issue with virtual hosting.
As stated previously, RFC1436 dosen't support virtual hosting. Clients won't As stated previously, RFC1436 doesn't support virtual hosting. Clients won't
like it. like it.
How the virtual hosting works, is that it loops through the vhosts looking for How the virtual hosting works, is that it loops through the vhosts looking for

10
configure vendored
View File

@ -16,7 +16,7 @@ usage() {
printf " --haikusrv=/boot/common/settings/network/services Path to services directory in Haiku\\n" printf " --haikusrv=/boot/common/settings/network/services Path to services directory in Haiku\\n"
printf " --systemd=/lib/systemd/system Path to systemd directory when using systemd listener\\n" printf " --systemd=/lib/systemd/system Path to systemd directory when using systemd listener\\n"
printf " --os=autodetected Your target OS, one of linux, mac, haiku, netbsd, openbsd or freebsd\\n" printf " --os=autodetected Your target OS, one of linux, mac, haiku, netbsd, openbsd or freebsd\\n"
printf " --listener=somelistener Program to recieve and pass network requests; one or more of systemd, inetd, xinetd, comma-seperated, or autodetect, mac or haiku (parameter required, mac/haiku required on respective OSes)\\n" printf " --listener=somelistener Program to receive and pass network requests; one or more of systemd, inetd, xinetd, comma-seperated, or autodetect, mac or haiku (parameter required, mac/haiku required on respective OSes)\\n"
printf " --hostname=autodetected Desired hostname for gophernicus to identify as\\n" printf " --hostname=autodetected Desired hostname for gophernicus to identify as\\n"
} }
@ -113,9 +113,9 @@ else
# Check it has required features (*cough* macos) # Check it has required features (*cough* macos)
mkdir testconf mkdir testconf
touch testfile touch testfile
${INSTALL} -t testconf testfile 2>&1 >/dev/null || INSTALL=build-aux/install-sh ${INSTALL} -t testconf testfile >/dev/null 2>&1 || INSTALL=build-aux/install-sh
rm testconf/testfile rm testconf/testfile
${INSTALL} -T testfile testconf/testfile 2>&1 >/dev/null || INSTALL=build-aux/install-sh ${INSTALL} -T testfile testconf/testfile >/dev/null 2>&1 || INSTALL=build-aux/install-sh
rm -r testconf testfile rm -r testconf testfile
printf "%s" "${INSTALL}" printf "%s" "${INSTALL}"
fi fi
@ -236,7 +236,7 @@ if [ "${HOSTNAME}" = "autodetect" ]; then
fi fi
printf "%s\\n" "${HOSTNAME}" printf "%s\\n" "${HOSTNAME}"
# Use libwrap when it is avaliable # Use libwrap when it is available
printf "checking for libwrap... " printf "checking for libwrap... "
cat > conftest.c <<EOF cat > conftest.c <<EOF
#include <tcpd.h> #include <tcpd.h>
@ -251,7 +251,7 @@ else
fi fi
printf "\\n" printf "\\n"
# Check and use SHM if avaliable # Check and use SHM if available
printf "checking for ipcrm (SHM management)... " printf "checking for ipcrm (SHM management)... "
if ! IPCRM="$(command -v ipcrm)"; then if ! IPCRM="$(command -v ipcrm)"; then
printf "not found" printf "not found"

4
gophernicus.8
View File

@ -196,9 +196,7 @@ Disable execution of gophermaps and scripts.
Disable HTTP response to HTTP GET and POST requests. Disable HTTP response to HTTP GET and POST requests.
.It Fl d .It Fl d
Print debug output in Print debug output in
.Xr syslog 3 .Xr syslog 3 .
and
.Pa /server-status .
When When
.Fl ns .Fl ns
(disable (disable

9
src/file.c
View File

@ -107,10 +107,13 @@ void send_text_file(state *st)
*/ */
void url_redirect(state *st) void url_redirect(state *st)
{ {
char dest[BUFSIZE]; char unsafe[BUFSIZE];
/* Basic security checking */ /* Basic security checking */
sstrlcpy(dest, st->req_selector + 4); sstrlcpy(unsafe, st->req_selector + 4);
char dest[BUFSIZE];
html_encode(unsafe, dest, BUFSIZE);
if (sstrncmp(dest, "http://") != MATCH && if (sstrncmp(dest, "http://") != MATCH &&
sstrncmp(dest, "https://") != MATCH && sstrncmp(dest, "https://") != MATCH &&
@ -374,7 +377,7 @@ static void run_cgi(state *st, char *script, char *arg)
} }
/* Didn't work - die */ /* Didn't work - die */
die(st, ERR_ACCESS, NULL); die(st, ERR_ACCESS, "");
} }

27
src/gophernicus.c
View File

@ -107,6 +107,27 @@ void footer(state *st)
} }
} }
void html_encode(const char *unsafe, char *dest, int bufsize)
{
char literals[] = "!#$&'()*+,/:;=?@[]-_.~";
int i = 0, j = 0;
while (unsafe[i] != '\0') {
if (j >= bufsize - 5) {
break;
}
if (strchr(literals, unsafe[i]) ||
(unsafe[i] >= 'a' && unsafe[i] <= 'z') ||
(unsafe[i] >= 'A' && unsafe[i] <= 'Z') ||
(unsafe[i] >= '0' && unsafe[i] <= '9')) {
dest[j] = unsafe[i];
i += 1;
j += 1;
} else {
j += snprintf(&dest[j], BUFSIZE - j, "%%%02x", unsafe[i]);
i += 1;
}
}
}
/* /*
* Print error message & exit * Print error message & exit
@ -134,13 +155,17 @@ void die(state *st, const char *message, const char *description)
/* Handle HTML errors */ /* Handle HTML errors */
else if (st->req_filetype == TYPE_HTML) { else if (st->req_filetype == TYPE_HTML) {
char safe_message[BUFSIZE];
html_encode(message, safe_message, BUFSIZE);
char safe_description[BUFSIZE];
html_encode(description, safe_description, BUFSIZE);
printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n" printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\">\n"
"<HTML>\n<HEAD>\n" "<HTML>\n<HEAD>\n"
" <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html;charset=iso-8859-1\">\n" " <META HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html;charset=iso-8859-1\">\n"
" <TITLE>" ERROR_PREFIX "%1$s %2$s</TITLE>\n" " <TITLE>" ERROR_PREFIX "%1$s %2$s</TITLE>\n"
"</HEAD>\n<BODY>\n" "</HEAD>\n<BODY>\n"
"<STRONG>" ERROR_PREFIX "%1$s %2$s</STRONG>\n" "<STRONG>" ERROR_PREFIX "%1$s %2$s</STRONG>\n"
"<PRE>", message, description); "<PRE>", safe_message, safe_description);
footer(st); footer(st);
printf("</PRE>\n</BODY>\n</HTML>\n"); printf("</PRE>\n</BODY>\n</HTML>\n");
} }

1
src/gophernicus.h
View File

@ -446,6 +446,7 @@ void info(state *st, char *str, char type);
void footer(state *st); void footer(state *st);
void die(state *st, const char *message, const char *description); void die(state *st, const char *message, const char *description);
void log_combined(state *st, int status); void log_combined(state *st, int status);
void html_encode(const char *unsafe, char *dest, int bufsize);
/* file.c */ /* file.c */
void send_binary_file(state *st); void send_binary_file(state *st);

4
src/log.c
View File

@ -27,9 +27,7 @@ void log_init(int enable, int debug)
_enable = enable; _enable = enable;
openlog(PROGNAME, openlog(PROGNAME, LOG_PID, LOG_DAEMON);
LOG_PID | (debug ? LOG_PERROR : 0),
LOG_DAEMON);
setlogmask(_LOG_UPTO(debug ? LOG_DEBUG : LOG_INFO)); setlogmask(_LOG_UPTO(debug ? LOG_DEBUG : LOG_INFO));
} }