#include "wfm.h"
//
// Dispense Common HTML Header
// Used by all (?) functions that display HTML pages
//
void html_title(char *msg) {
fprintf(cgiOut,
HTML_HEADER
" \n"
"
%s : %s \n",
ICONSURL, FAVICON, TAGLINE, msg); // (strlen(virt_dirname)>0) ? ' ' : '/', TAGLINE, virt_dirname
}
//
// Dispense embedded icons
// Called on early action=icon
//
int icon(void) {
char icon_name[32]={0};
cgiFormStringNoNewlines("name", icon_name, sizeof(icon_name));
fprintf(cgiOut, "Cache-Control: max-age=29030400, public\r\n");
cgiHeaderContentType("image/gif");
#include "wfmicondis.h"
exit(0);
}
//
// Display upload status in SHM via key_id
// Called by early action=upstat
//
void upload_status(void) {
int shm_key=-1;
int shm_id=-1;
char *shm_val=NULL;
time_t t;
char *spin[]={"|", "/", "--", "\\"};
if(cgiFormInteger("upload_id", &shm_key, 0) == cgiFormSuccess && shm_key) {
shm_id = shmget(shm_key, SHM_SIZE, 0666);
if(shm_id >= 0)
shm_val = shmat(shm_id, NULL, 0);
}
fprintf(cgiOut, "Cache-Control: no-cache\r\n");
cgiHeaderContentType("text/plain");
time(&t);
if(shm_val)
fprintf(cgiOut, "%s %s\r\n", spin[(int)t % 4], shm_val);
else
fprintf(cgiOut, "%s\r\n", spin[(int)t % 4]);
if (shm_val)
shmdt(shm_val);
exit(0);
}
//
// Generate auth token
// Used by access_check() to compare tokens and login() to generate token from a web form
//
char *mktoken(char *str) {
md5_state_t state;
md5_byte_t digest[16]={0};
char *outstr;
int i;
outstr=(char*) malloc((sizeof(digest)*2)+2);
memset(outstr, 0, (sizeof(digest)*2)+2);
md5_init(&state);
md5_append(&state, (const md5_byte_t *)str, strlen(str));
md5_finish(&state, digest);
for (i = 0; i < sizeof(digest); i++)
sprintf(outstr + i * 2, "%02x", digest[i]);
return outstr;
}
//
// WFM Login Procedure
// Called from WFM main procedure if no sufficient access permission available
//
void login(void) {
char username[64]={0};
char password[64]={0};
char token_inp[256]={0};
cgiFormStringNoNewlines("username", username, sizeof(username)); // only used if JavaScript not
cgiFormStringNoNewlines("password", password, sizeof(password)); // available in the browser
if(strlen(username)) {
snprintf(token_inp, sizeof(token_inp), "%s:%s:%s", cgiRemoteAddr, username, password);
redirect("%s?directory=%s&login=server&token=%s", cgiScriptName, virt_dirname_urlencoded, mktoken(token_inp)); // generate MD5 as if it was the client
}
else
login_ui(); // display actual login page, which normally generates token in JavaScript
}
//
// Access_check
// Called by cfg read routine during initialization
//
void access_check(char *access_string) {
char ipaddr[32]={0};
char user[32]={0};
char pass[32]={0};
char type[4]={0};
char token_inp[64]={0};
if(sscanf(access_string, "access-ip=%2s:%30s", type, ipaddr)==2) {
if(ipaddr[0]=='*') {
if(strcmp(type, "ro")==0)
access_level=PERM_RO;
else if(strcmp(type, "rw")==0)
access_level=PERM_RW;
}
else if(strcmp(cgiRemoteAddr, ipaddr)==0) {
if(strcmp(type, "ro")==0)
access_level=PERM_RO;
else if(strcmp(type, "rw")==0)
access_level=PERM_RW;
}
}
else if(sscanf(access_string, "access-user=%2[^':']:%30[^':']:%30s", type, user, pass)==3) {
users_defined=1;
snprintf(token_inp, sizeof(token_inp), "%s:%s:%s", cgiRemoteAddr, user, pass);
// perform user auth by comparing user supplied token with system generated token
if(strcmp(mktoken(token_inp), token)==0) {
if(strcmp(type, "ro")==0) {
access_level=PERM_RO;
access_as_user=1;
strncpy(loggedinuser, user, sizeof(loggedinuser));
}
else if(strcmp(type, "rw")==0) {
access_level=PERM_RW;
access_as_user=1;
strncpy(loggedinuser, user, sizeof(loggedinuser));
}
}
}
}
//
// Check filename
// Should be called by every function that uses filename
//
void checkfilename(char *inp_filename) {
char temp_dirname[PHYS_FILENAME_SIZE]={0};
char temp_filename[VIRT_FILENAME_SIZE]={0};
char *bname;
if(inp_filename && strlen(inp_filename)) {
strncpy(temp_filename, inp_filename, VIRT_FILENAME_SIZE);
}
else if(cgiFormFileName("filename", temp_filename, VIRT_FILENAME_SIZE) == cgiFormSuccess) {
}
else if(cgiFormStringNoNewlines("filename", temp_filename, VIRT_FILENAME_SIZE) == cgiFormSuccess) {
}
else
error("No filename specified.");
// We only want basename from the client!
bname=strrchr(temp_filename, '/');
if(!bname)
bname=strrchr(temp_filename, '\\');
if(!bname)
bname=temp_filename;
else
(void) *bname++;
strip(bname, VIRT_FILENAME_SIZE, VALIDCHRS);
strncpy(virt_filename, bname, VIRT_FILENAME_SIZE);
snprintf(phys_filename, PHYS_FILENAME_SIZE, "%s/%s", phys_dirname, virt_filename);
if(!strlen(phys_filename) || strlen(phys_filename)>(PHYS_FILENAME_SIZE-2)) error("Invalid phys_filename lenght [%d]", strlen(phys_filename));
if(!strlen(virt_filename) || strlen(virt_filename)>(VIRT_FILENAME_SIZE-2)) error("Invalid virt_filename lenght [%d]", strlen(virt_filename));
if(regexec(&dotdot, phys_filename, 0, 0, 0)==0) error("Double dots in pfilename");
if(regexec(&dotdot, virt_filename, 0, 0, 0)==0) error("Double dots in vfilename");
strncpy(temp_dirname, phys_filename, PHYS_FILENAME_SIZE);
if(strlen(dirname(temp_dirname)) < strlen(HOMEDIR)) error("Invalid directory name.");
virt_filename_urlencoded=url_encode(virt_filename);
}
//
// Check destination
// Only called by move()
//
void checkdestination(void) {
int absolute_destination;
cgiFormStringNoNewlines("destination", virt_destination, VIRT_DESTINATION_SIZE);
strip(virt_destination, VIRT_DESTINATION_SIZE, VALIDCHRS_DIR);
cgiFormInteger("absdst", &absolute_destination, 0); // move operation relies on absolute paths
if(absolute_destination)
snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", HOMEDIR, virt_destination);
else
snprintf(phys_destination, PHYS_DESTINATION_SIZE, "%s/%s", phys_dirname, virt_destination);
if(strlen(phys_destination)<1 || strlen(phys_destination)>(PHYS_DESTINATION_SIZE-2)) error("Invalid phys_destination lenght [%d]", strlen(phys_destination));
if(strlen(virt_destination)<1 || strlen(virt_destination)>(VIRT_DESTINATION_SIZE-2)) error("Invalid virt_destination lenght [%d]", strlen(virt_destination));
if(regexec(&dotdot, phys_destination, 0, 0, 0)==0) error("Double dots in pfilename");
if(regexec(&dotdot, virt_destination, 0, 0, 0)==0) error("Double dots in vfilename");
}
//
// Check directory
// Only called by cgiMain during initialization
//
void checkdirectory(void) {
char temp[VIRT_DIRNAME_SIZE]={0};
cgiFormStringNoNewlines("directory", virt_dirname, VIRT_DIRNAME_SIZE);
strip(virt_dirname, VIRT_DIRNAME_SIZE, VALIDCHRS_DIR);
snprintf(phys_dirname, PHYS_DIRNAME_SIZE, "%s/%s", HOMEDIR, virt_dirname);
if(strlen(phys_dirname)<2 || strlen(phys_dirname)>(PHYS_DIRNAME_SIZE-2))
error("Invalid directory name.");
if(regexec(&dotdot, phys_dirname, 0, 0, 0)==0) error("Invalid directory name.");
if(strlen(phys_dirname) < strlen(HOMEDIR)) error("Invalid directory name.");
if(!strlen(virt_dirname)) strcpy(virt_dirname, "/");
virt_dirname_urlencoded=url_encode(virt_dirname);
// parent
strncpy(temp, virt_dirname, VIRT_DIRNAME_SIZE);
strncpy(virt_parent, dirname(temp), VIRT_DIRNAME_SIZE);
virt_parent_urlencoded=url_encode(virt_parent);
}
void tstart(void) {
gettimeofday(&mt, 0);
t1=mt.tv_sec+(mt.tv_usec/1000000.0);
}
void tstop(void) {
gettimeofday(&mt, 0);
t2=mt.tv_sec+(mt.tv_usec/1000000.0);
}
// strip unwanted characters from string
// deny all by default
// allow a=alpha n=numeric u=spaces as underscore
// use: allow="an.-@" for email
// use: allow="anu.-_!" for filenames
// ! is a cmd termination char
// use !! to allow only ! char
// use !a to allow only letter a
int strip(char *str, int len, char *allow) {
int n,a;
int alpha=0, number=0, spctou=0;
char *dst;
if(!str || !strlen(str) || !allow || !strlen(allow))
return -1;
if(*allow == 'a') {
alpha=1;
allow++;
}
if(*allow == 'n') {
number=1;
allow++;
}
if(*allow == 'u') {
spctou=1;
allow++;
}
if(*allow == '!') {
allow++;
}
dst=str;
for(n=0; n= P1024_1 && v < P1024_2 ) { size = v / P1024_1; unit = 'K'; }
else if(v >= P1024_2 && v < P1024_3 ) { size = v / P1024_2; unit = 'M'; }
else if(v >= P1024_3 && v < P1024_4 ) { size = v / P1024_3; unit = 'G'; }
else { size = v; unit = ' '; }
buffer=(char *)calloc(128, sizeof(char));
if(unit == 'G' && bold)
snprintf(buffer, 128, " %5.1f %cB ", size, unit);
else if(unit == 'M' && bold)
snprintf(buffer, 128, "%5.1f %cB", size, unit);
else if(bold)
snprintf(buffer, 128, " %5.1f %cB ", size, unit);
else
snprintf(buffer, 128, " %5.1f %cB", size, unit);
return (char *)buffer;
}
//
// redirect browser
//
void redirect(char *location, ...) {
va_list ap;
char buff[1024]={0};
va_start(ap, location);
vsnprintf(buff, sizeof(buff), location, ap);
va_end(ap);
cgiHeaderLocation(buff);
}
//
// CGI entry
//
int cgiMain(void) {
char action[32]={0};
char ea[8]={0};
FILE *cfgfile;
char cfgname[128]={0};
char cfgline[256]={0};
char c_tagline[]="tagline=";
char c_favicon[]="favicon=";
char c_homeurl[]="browser-url=";
char c_homedir[]="directory=";
char c_editdef[]="txt-default-edit=true";
char c_editany[]="edit-any-file=true";
char c_du[]="recursive-du=true";
char c_access[]="access";
// early action - simple actions before cfg is read or access check performed (no security!)
cgiFormStringNoNewlines("ea", ea, sizeof(ea));
if(strcmp(ea, "icon")==0) icon();
if(strcmp(ea, "upstat")==0) upload_status();
// normal initialization
tstart();
if(regcomp(&dotdot, "\\.\\.", REG_EXTENDED | REG_ICASE)!=0)
error("Regex compilation problem. %s", strerror(errno));
fprintf(cgiOut, "Cache-Control: max-age=0, private\r\nExpires: -1\r\n");
memset(virt_dirname, 0, VIRT_DIRNAME_SIZE);
memset(phys_dirname, 0, PHYS_DIRNAME_SIZE);
memset(virt_filename, 0, VIRT_FILENAME_SIZE);
memset(phys_filename, 0, PHYS_FILENAME_SIZE);
memset(virt_destination, 0, VIRT_DESTINATION_SIZE);
memset(phys_destination, 0, PHYS_DESTINATION_SIZE);
memset(final_destination, 0, PHYS_DESTINATION_SIZE);
memset(virt_parent, 0, VIRT_DIRNAME_SIZE);
snprintf(ICONSURL, sizeof(ICONSURL), "%s?ea=icon&name=", cgiScriptName);
// config file defaults
access_level=PERM_NO; // no access by default
access_as_user=0;
users_defined=0;
edit_by_default=0; // for .txt files
edit_any_file=0;
recursive_du=0;
memset(HOMEDIR, 0, sizeof(HOMEDIR));
memset(HOMEURL, 0, sizeof(HOMEURL));
memset(TAGLINE, 0, sizeof(TAGLINE));
memset(FAVICON, 0, sizeof(FAVICON));
// process config file
cgiFormStringNoNewlines("token", token, sizeof(token));
snprintf(cfgname, sizeof(cfgname), "%s.cfg", basename(cgiScriptName));
cfgfile=fopen(cfgname, "r");
if(!cfgfile)
error("Unable to open configuration file %s. %s", cfgname, strerror(errno));
while(fgets(cfgline, sizeof(cfgline), cfgfile)) {
if((*cfgline==';')||(*cfgline=='/')||(*cfgline=='#')||(*cfgline=='\n')) continue;
else if(strncmp(cfgline, c_homedir, strlen(c_homedir))==0) strncpy(HOMEDIR, cfgline+strlen(c_homedir), sizeof(HOMEDIR));
else if(strncmp(cfgline, c_homeurl, strlen(c_homeurl))==0) strncpy(HOMEURL, cfgline+strlen(c_homeurl), sizeof(HOMEURL));
else if(strncmp(cfgline, c_tagline, strlen(c_tagline))==0) strncpy(TAGLINE, cfgline+strlen(c_tagline), sizeof(TAGLINE));
else if(strncmp(cfgline, c_favicon, strlen(c_favicon))==0) strncpy(FAVICON, cfgline+strlen(c_favicon), sizeof(FAVICON));
else if(strncmp(cfgline, c_editdef, strlen(c_editdef))==0) edit_by_default=1;
else if(strncmp(cfgline, c_editany, strlen(c_editany))==0) edit_any_file=1;
else if(strncmp(cfgline, c_du, strlen(c_du))==0) recursive_du=1;
else if(strncmp(cfgline, c_access, strlen(c_access))==0) access_check(cfgline);
}
fclose(cfgfile);
// remove newlines
if(strlen(HOMEDIR)>2) HOMEDIR[strlen(HOMEDIR)-1]='\0';
if(strlen(HOMEURL)>2) HOMEURL[strlen(HOMEURL)-1]='\0';
if(strlen(TAGLINE)>2) TAGLINE[strlen(TAGLINE)-1]='\0';
if(strlen(FAVICON)>2) FAVICON[strlen(FAVICON)-1]='\0';
// do checks
if(strlen(HOMEDIR) < 4 || *HOMEDIR!='/')
error("Home directory not defined.");
if(!strlen(TAGLINE))
strcpy(TAGLINE, "Web File Manager");
if(!strlen(FAVICON))
strcpy(FAVICON, "wfmicon.gif");
snprintf(VALIDCHRS_DIR, sizeof(VALIDCHRS_DIR), "%s/", VALIDCHRS);
checkdirectory();
// JavaScript check
if(strncmp(cgiUserAgent, "Mozilla/5", 9)==0) js=2;
else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 6", 31)==0) js=2;
else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 7", 31)==0) js=2;
else if(strncmp(cgiUserAgent, "Mozilla/4.0 (compatible; MSIE 8", 31)==0) js=2;
else if(strncmp(cgiUserAgent, "Mozilla/4", 9)==0) js=1;
else js=0;
// main routine - regular actions
cgiFormStringNoNewlines("action", action, sizeof(action));
if(cgiFormSubmitClicked("noop")==cgiFormSuccess && access_level >= PERM_RO) dirlist();
else if(cgiFormSubmitClicked("multi_delete_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete");
else if(cgiFormSubmitClicked("multi_delete_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("delete");
else if(cgiFormSubmitClicked("multi_move_prompt")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move");
else if(cgiFormSubmitClicked("multi_move_prompt.x")==cgiFormSuccess && access_level >= PERM_RO) multiprompt_ui("move");
else if(cgiFormSubmitClicked("upload")==cgiFormSuccess && access_level >= PERM_RW) receivefile();
else if(strcmp(action, "sendfile")==0 && access_level >= PERM_RO) sendfile();
else if(strcmp(action, "delete")==0 && access_level >= PERM_RW) delete();
else if(strcmp(action, "delete_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("delete");
else if(strcmp(action, "move_prompt")==0 && access_level >= PERM_RW) multiprompt_ui("move");
else if(strcmp(action, "rename_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("move");
else if(strcmp(action, "move")==0 && access_level >= PERM_RW) move();
else if(strcmp(action, "edit")==0 && access_level >= PERM_RO) edit_ui();
else if(strcmp(action, "edit_save")==0 && access_level >= PERM_RW) edit_save();
else if(strcmp(action, "mkfile")==0 && access_level >= PERM_RW) mkfile();
else if(strcmp(action, "mkfile_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkfile");
else if(strcmp(action, "mkdir")==0 && access_level >= PERM_RW) newdir();
else if(strcmp(action, "mkdir_prompt")==0 && access_level >= PERM_RW) singleprompt_ui("mkdir");
else if(strcmp(action, "about")==0 && access_level >= PERM_RO) about();
else if(strcmp(action, "login")==0 ) login();
else if( access_level >= PERM_RO) dirlist();
else
if(users_defined) // if users present but supplied credentials didn't match, or credentials not specified
redirect("%s?action=login", cgiScriptName);
else
error("Access Denied.");
return 0;
}