/** * @internal * * callback for SCGI server. */ void ctr_request_serve_callback() { ctr_argument* argumentList; argumentList = (ctr_argument*) ctr_heap_allocate( sizeof( ctr_argument ) ); varlistGet = CGI_get_query(NULL); varlistCookie = CGI_get_cookie(NULL); varlistPost = CGI_get_post(NULL,"/tmp/_upXXXXXX"); ctr_block_run(CtrStdSCGICB, argumentList, CtrStdSCGICB); ctr_heap_free( argumentList ); CGI_free_varlist(varlistGet); CGI_free_varlist(varlistPost); CGI_free_varlist(varlistCookie); }
int main(int argc, char **argv) { char *author; char *title; CGI_varlist *varlist; CGI_varlist *redirect_vars; CGI_value *value; char *reason; cl = clnt_create(PAPER_ADDRESS, PAPERSERVER_PROG, PAPERSERVER_VERS, "tcp"); if (cl == NULL) { // sprintf(reason, "Error creating RPC client %s", strerror(errno)); redirect_vars = CGI_add_var(NULL, "reason", "Error creating RPC client"); printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL)); // perror("Error creating RPC client!"); CGI_free_varlist(redirect_vars); exit(1); } // fputs("Content-type: text/plain\r\n\r\n", stdout); varlist = CGI_get_all("/tmp/cgi-upload-XXXXXX"); author = CGI_lookup(varlist, "author"); title = CGI_lookup(varlist, "title"); value = CGI_lookup_all(varlist, "fileToUpload"); if (value == 0 || value[1] == 0) { redirect_vars = CGI_add_var(NULL, "reason", "No file was uploaded"); printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL)); CGI_free_varlist(redirect_vars); // fputs("No file was uploaded\r\n", stdout); } else { // printf("Author: %s\n Title: %s\n", author, title); // printf("Your file \"%s\" was uploaded to my file \"%s\"\r\n", // value[1], value[0]); add_article(author, title, strdup(value[0]), strdup(value[1])); /* Do something with the file here */ unlink(value[0]); } CGI_free_varlist(varlist); clnt_destroy(cl); return 0; }
int main(int argc, char **argv) { CGI_varlist *varlist; const char *value; if ((varlist = CGI_get_all(0)) == 0) { fputs("Content-type: text/plain\r\n\r\n", stdout); printf("No CGI data received\r\n"); return 0; } value = CGI_lookup(varlist, "id"); cl = clnt_create(PAPER_ADDRESS, PAPERSERVER_PROG, PAPERSERVER_VERS, "tcp"); if (cl == NULL) { fputs("Content-type: text/plain\r\n\r\n", stdout); perror("Error creating RPC client!"); CGI_free_varlist(varlist); /* free variable list */ exit(1); } if (value != NULL) { get_article_info(value); } else { printf("Content-Type: text/plain\n\n"); printf("id value missing\n\n"); } CGI_free_varlist(varlist); /* free variable list */ clnt_destroy(cl); return 0; }
void finalize() { sqlite3_close(database); CGI_free_varlist(varlist); }
void add_article(char *author, char *title, char *tmp_filename, char *filename) { struct add_article_in *in; article_num *num; CGI_varlist *redirect_vars; char *reason; // char *error_location; // char *success_location; // sprintf(error_location, "%s/papererror.php", WEB_BASEPHP); // sprintf(success_location, "%s/paperinfo.php", WEB_BASEPHP); FILE *fp; struct stat file_stat; fp = fopen(tmp_filename, "rb"); if (fp == NULL) { // sprintf(reason, "Error when opening file %s", strerror(errno)); redirect_vars = CGI_add_var(NULL, "reason", "Error when opening file"); printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL)); CGI_free_varlist(redirect_vars); // perror("Error when opening file"); return; } stat(tmp_filename, &file_stat); in = (struct add_article_in *) malloc(sizeof(struct add_article_in)); // in->author = strdup(author); in->author = author; // in->title = strdup(title); in->title = title; in->filename = filename; in->content.content_val = malloc(sizeof(char) * file_stat.st_size); in->content.content_len = fread(in->content.content_val, 1, file_stat.st_size, fp); if (in->content.content_len == 0) { // sprintf(reason, "Error while reading file %s", strerror(errno)); redirect_vars = CGI_add_var(NULL, "reason", "Error while reading file"); printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/papererror.php?", CGI_encode_varlist(redirect_vars, NULL)); CGI_free_varlist(redirect_vars); // perror("Error while reading"); fclose(fp); exit(1); } fclose(fp); num = add_1(in, cl); // char *query_string = CGI_encode_query(NULL, "id", *num, "new", "success", 0); // redirect_vars = CGI_add_var(NULL, "id", (char*)*num); // redirect_vars = CGI_add_var(redirect_vars, "new", "success"); // printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/paperinfo.php?", query_string); // printf("Status: 303\nLocation: %s%s%s\n\n", WEB_BASEPHP, "/paperinfo.php?", CGI_encode_varlist(redirect_vars, NULL)); printf("Status: 303\nLocation: %s%sid=%ld&new=success\n\n", WEB_BASEPHP, "/paperinfo.php?", *num); // CGI_free_varlist(redirect_vars); // printf("%ld\n", *num); free(in->content.content_val); free(in); return; }
bool CWRequest::ReceiveFromWeb(string* pSessionID, string* pRequestID, bool* pThisIsCookieCheck, bool* pCookieCheckOk, bool* pLongPolling, bool* pKeepAlive, string* pErrorMessage) { Clear(); CGI_varlist* query = 0; CGI_varlist* post = 0; CGI_varlist* cookie = 0; string file_upload_template = TempDir() + "cgi-upload-XXXXXX"; query = CGI_get_query(NULL); post = CGI_get_post(NULL, file_upload_template.c_str()); cookie = CGI_get_cookie(NULL); if(query != 0) { const char *name = 0; CGI_value *value = 0; for(name = CGI_first_name(query); name != 0; name = CGI_next_name(query)) { value = CGI_lookup_all(query, 0); for(int i = 0; value[i] != 0; i++) { string name_value = ""; name_value = name_value + name; name_value = name_value + "="; name_value = name_value + value[i]; Query->Add(name_value); } } } if(post != 0) { const char *name = 0; CGI_value *value = 0; for(name = CGI_first_name(post); name != 0; name = CGI_next_name(post)) { value = CGI_lookup_all(post, 0); for(int i = 0; value[i] != 0; i++) { string name_value = ""; name_value = name_value + name; name_value = name_value + "="; name_value = name_value + value[i]; Post->Add(name_value); } } } if(cookie != 0) { const char *name = 0; CGI_value *value = 0; for(name = CGI_first_name(cookie); name != 0; name = CGI_next_name(cookie)) { value = CGI_lookup_all(cookie, 0); for(int i = 0; value[i] != 0; i++) { string name_value = ""; name_value = name_value + name; name_value = name_value + "="; name_value = name_value + value[i]; Cookie->Add(name_value); } } } CGI_free_varlist(cookie); CGI_free_varlist(post); CGI_free_varlist(query); // environment variables Env->SetValue("SERVER_NAME", GetEnv("SERVER_NAME")); Env->SetValue("SERVER_PORT", GetEnv("SERVER_PORT")); Env->SetValue("SCRIPT_NAME", GetEnv("SCRIPT_NAME")); Env->SetValue("REQUEST_METHOD", GetEnv("REQUEST_METHOD")); Env->SetValue("DOCUMENT_ROOT", GetEnv("DOCUMENT_ROOT")); Env->SetValue("REMOTE_ADDR", GetEnv("REMOTE_ADDR")); Env->SetValue("HTTP_USER_AGENT", GetEnv("HTTP_USER_AGENT")); Env->SetValue("HTTP_REFERER", GetEnv("HTTP_REFERER")); Env->SetValue("HTTP_COOKIE", GetEnv("HTTP_COOKIE")); Env->SetValue("CONTENT_TYPE", GetEnv("CONTENT_TYPE")); Env->SetValue("HTTPS", GetEnv("HTTPS")); // read and return session_id string session_id = Cookie->GetValue("session_id"); string request_id = CreateRequestID(); bool this_is_cookie_check = GetValue("cookie_check") == "1" || GetValue("cookie_check") == "true"; DeleteNameValue("cookie_check"); bool cookie_check_ok = Cookie->GetValue("cookie_check_data") == "123"; bool long_polling = GetValue("long_polling") == "1" || GetValue("long_polling") == "true"; bool keep_alive = GetValue("keep_alive") == "1" || GetValue("keep_alive") == "true"; if(pSessionID != NULL) *pSessionID = session_id; if(pRequestID != NULL) *pRequestID = request_id; if(pThisIsCookieCheck != NULL) *pThisIsCookieCheck = this_is_cookie_check; if(pCookieCheckOk != NULL) *pCookieCheckOk = cookie_check_ok; if(pLongPolling != NULL) *pLongPolling = long_polling; if(pKeepAlive != NULL) *pKeepAlive = keep_alive; return true; }
int main(int argc, char **argv) { void portable_OS_init(); CGI_varlist *varlist; const char *name; char namebuf[512],postbuf[65536],*remoteaddr,*str=0,*retstr,*delim,*url = 0; int i,j,iter,localaccess=0,doneflag=0,portflag = 0; cJSON *json; long offset; CGI_value *value; struct destbuf urlbuf; portable_OS_init(); setenv("CONTENT_TYPE", "application/x-www-form-urlencoded", 1); json = cJSON_CreateObject(); if ( (remoteaddr= getenv("REMOTE_ADDR")) == 0 || strncmp("127.0.0.1",remoteaddr,strlen("127.0.0.1")) == 0 ) remoteaddr = 0,localaccess = 1; else cJSON_AddItemToObject(json,"remoteaddr",cJSON_CreateString(remoteaddr)); for (i=j=0; argv[0][i]!=0; i++) if ( argv[0][i] == '/' || argv[0][i] == '\\' ) j = i+1; strcpy(namebuf,&argv[0][j]); offset = strlen(namebuf) - 4; if ( offset > 0 && strcmp(".exe",namebuf + offset) == 0 ) namebuf[offset] = 0; if ( offset > 0 && strcmp(".cgi",namebuf + offset) == 0 ) namebuf[offset] = 0; if ( strcmp(namebuf,"init") == 0 || strcmp(namebuf,"") == 0 || strcmp(namebuf,"index.cgi") == 0 ) { // "http://178.63.60.131/init/?requestType=status&coin=VRC" //"http://78.47.115.250:7777/public?plugin=relay&method=busdata&servicename=MGW&serviceNXT=8119557380101451968&destplugin=MGW&submethod=status&coin=BTC" if ( strcmp(namebuf,"api") != 0 ) cJSON_AddItemToObject(json,"agent",cJSON_CreateString(namebuf)); cJSON_AddItemToObject(json,"plugin",cJSON_CreateString("relay")); cJSON_AddItemToObject(json,"method",cJSON_CreateString("busdata")); cJSON_AddItemToObject(json,"servicename",cJSON_CreateString("MGW")); cJSON_AddItemToObject(json,"serviceNXT",cJSON_CreateString("8119557380101451968")); cJSON_AddItemToObject(json,"destplugin",cJSON_CreateString("MGW")); if ( jstr(json,"requestType") != 0 ) cJSON_AddItemToObject(json,"submethod",cJSON_CreateString(jstr(json,"requestType"))); } if ( strcmp("nxt",namebuf) == 0 ) { if ( setnxturl(&urlbuf) != 0 ) url = urlbuf.buf; else url = "http://127.0.0.1:7876/nxt"; } else if ( strcmp("nxts",namebuf) == 0 ) url = "https://127.0.0.1:7876/nxt"; else if ( strcmp("port",namebuf) == 0 ) url = "http://127.0.0.1", portflag = 1; else if ( strcmp("ports",namebuf) == 0 ) url = "https://127.0.0.1", portflag = 1; fprintf(stderr,"namebuf.(%s)\n",namebuf); if ( url != 0 ) postbuf[0] = 0, delim = ""; for (iter=0; iter<3; iter++) { if ( (varlist= ((iter==0) ? CGI_get_post(0,0) : ((iter==1) ? CGI_get_query(0) : CGI_get_cookie(0)))) != 0 ) { for (name=CGI_first_name(varlist); name!=0&&doneflag==0; name=CGI_next_name(varlist)) { value = CGI_lookup_all(varlist,0); for (i=0; value[i]!=0; i++) { fprintf(stderr,"iter.%d %s [%d] = %s\r\n",iter,name,i,value[i]); if ( i == 0 ) { if ( url == 0 ) { if ( strcmp(name,"stringified") == 0 || strcmp(namebuf,"stringified") == 0 ) { char *unstringify(char *str); cJSON *obj; if ( (obj= cJSON_Parse(name)) == 0 ) { str = malloc(strlen(value[i])+1); strcpy(str,value[i]); unstringify(str); printf("unstringify (%s) -> (%s)\n",value[i],str); obj= cJSON_Parse(str); } if ( obj != 0 ) { //unstringified ((null)) -> ({"stringified":{"method":"orderbook","baseid":"12071612744977229797","relid":"5527630","maxdepth":"1"},"agent":"InstantDEX"}) free_json(json); if ( jobj(obj,"stringified") != 0 ) json = cJSON_Duplicate(jobj(obj,"stringified"),1), free_json(obj); else json = obj; cJSON_AddItemToObject(json,"agent",cJSON_CreateString("InstantDEX")); if ( remoteaddr != 0 && remoteaddr[0] != 0 ) cJSON_AddItemToObject(json,"remoteaddr",cJSON_CreateString(remoteaddr)); fprintf(stderr,"unstringified (%s) -> (%s)\n",str!=0?str:"",jprint(json,0)); if ( str != 0 ) free(str); doneflag = 1; break; } } cJSON_AddItemToObject(json,name,cJSON_CreateString(value[i])); } else { if ( portflag != 0 && strncmp(name,"port",strlen("port")) == 0 ) sprintf(urlbuf.buf,"%s:%s",url,value[i]), url = urlbuf.buf, portflag = 0; else sprintf(postbuf + strlen(postbuf),"%s%s=%s",delim,name,value[i]), delim = "&"; } } } } } CGI_free_varlist(varlist); } if ( localaccess == 0 ) fputs("Access-Control-Allow-Origin: *\r\n",stdout); else fputs("Access-Control-Allow-Origin: null\r\n",stdout); fputs("Access-Control-Allow-Credentials: true\r\n",stdout); fputs("Access-Control-Allow-Headers: Authorization, Content-Type\r\n",stdout); fputs("Access-Control-Allow-Methods: GET, POST, OPTIONS\r\n",stdout); fputs("Cache-Control: no-cache, no-store, must-revalidate\r\n",stdout); fputs("Content-type: text/plain\r\n",stdout); if ( url != 0 ) { fprintf(stderr,"url.(%s) (%s)\n",url,postbuf); if ( (retstr= issue_POST(url,postbuf)) != 0 ) { //fprintf(stderr,"%s",retstr); printf("Content-Length: %ld\r\n\r\n",strlen(retstr)+2); printf("%s\r\n",retstr); free(retstr); } else printf("{\"error\":\"null return from issue_NXTPOST\"}\r\n"); } else { if ( jobj(json,"agent") == 0 && strcmp(namebuf,"api") != 0 ) cJSON_AddItemToObject(json,"agent",cJSON_CreateString(namebuf)); fprintf(stderr,"PROCESS.(%s)\n",jprint(json,0)); process_json(json,remoteaddr,localaccess); } free_json(json); return 0; }
int main(int argc, char **argv) { CGI_varlist *varlist; const char *name; CGI_value *value; int i,j,iter,portflag = 0; cJSON *json; long offset; char urlbuf[512],namebuf[512],postbuf[65536],*retstr,*delim,*url = 0; setenv("CONTENT_TYPE", "application/x-www-form-urlencoded", 1); json = cJSON_CreateObject(); for (i=j=0; argv[0][i]!=0; i++) if ( argv[0][i] == '/' || argv[0][i] == '\\' ) j = i+1; strcpy(namebuf,&argv[0][j]); offset = strlen(namebuf) - 4; if ( offset > 0 && strcmp(".exe",namebuf + offset) == 0 ) namebuf[offset] = 0; if ( strcmp(namebuf,"api") != 0 ) cJSON_AddItemToObject(json,"agent",cJSON_CreateString(namebuf)); if ( strcmp("nxt",namebuf) == 0 ) url = "http://127.0.0.1:7876/nxt"; else if ( strcmp("nxts",namebuf) == 0 ) url = "https://127.0.0.1:7876/nxt"; else if ( strcmp("port",namebuf) == 0 ) url = "http://127.0.0.1", portflag = 1; else if ( strcmp("ports",namebuf) == 0 ) url = "https://127.0.0.1", portflag = 1; if ( url != 0 ) postbuf[0] = 0, delim = ""; for (iter=0; iter<2; iter++) { if ( (varlist= ((iter==0) ? CGI_get_post(0,0) : CGI_get_query(0))) != 0 ) { for (name=CGI_first_name(varlist); name!=0; name=CGI_next_name(varlist)) { value = CGI_lookup_all(varlist,0); for (i=0; value[i]!=0; i++) { //fprintf(stderr,"%s [%d] = %s\r\n", name, i, value[i]); if ( i == 0 ) { if ( url == 0 ) cJSON_AddItemToObject(json,name,cJSON_CreateString(value[i])); else { if ( portflag != 0 && strncmp(name,"port",strlen("port")) == 0 ) sprintf(urlbuf,"%s:%s",url,value[i]), url = urlbuf, portflag = 0; else sprintf(postbuf + strlen(postbuf),"%s%s=%s",delim,name,value[i]), delim = "&"; } } } } } CGI_free_varlist(varlist); } fputs("Access-Control-Allow-Origin: null\r\n",stdout); fputs("Access-Control-Allow-Headers: Authorization, Content-Type\r\n",stdout); fputs("Access-Control-Allow-Credentials: true\r\n",stdout); fputs("Access-Control-Allow-Methods: GET, POST, OPTIONS\r\n",stdout); fputs("Content-type: text/plain\r\n",stdout); if ( url != 0 ) { fprintf(stderr,"url.(%s) (%s)\n",url,postbuf); if ( (retstr= issue_POST(url,postbuf)) != 0 ) { //fprintf(stderr,"%s",retstr); printf("Content-Length: %ld\r\n\r\n",strlen(retstr)+2); printf("%s\r\n",retstr); free(retstr); } else printf("{\"error\":\"null return from issue_NXTPOST\"}\r\n"); } else { process_json(json); } free_json(json); return 0; }
int main(int argc, char **argv) { CLIENT *cl; CGI_varlist *varlist; int value; const char *author = "author"; const char *title = "title"; const char *file = "file"; const char* authorTmp; const char* titleTmp; CGI_value* fileValue; char* authorVal; char* titleVal; char* fileVal; if ((varlist = CGI_get_all("/tmp/cgi-upload-XXXXXX")) == NULL || varlist == 0) { redirectError("No CGI data received"); return 0; } if((varlist = CGI_get_post(varlist, "/tmp/cgi-upload-XXXXXX")) == NULL || varlist == 0) { redirectError("No CGI post data received"); return 0; } if(((authorTmp = CGI_lookup(varlist, author)) == NULL) || strlen(authorTmp) == 0) { redirectError("Did not receive Author data"); return 0; } if(((titleTmp = CGI_lookup(varlist, title)) == NULL) || strlen(titleTmp) == 0) { redirectError("Did not receive Title data "); return 0; } if(((fileValue = CGI_lookup_all(varlist, file)) == NULL)) { redirectError("Did not receive File data"); return 0; } if(fileValue == 0 || fileValue[1] == 0){ redirectError("No file was uploaded"); return 0; } authorVal = (char*) malloc(strlen(authorTmp)*sizeof(char)); titleVal = (char*) malloc(strlen(titleTmp)*sizeof(char)); fileVal = (char*) malloc(strlen(fileValue[0])*sizeof(char)); strcpy(authorVal, authorTmp); strcpy(titleVal, titleTmp); strcpy(fileVal, fileValue[0]); CGI_free_varlist(varlist); cl = createClient(); value = addArticle(cl, authorVal, titleVal, fileVal); clnt_destroy(cl); if(value < 0){ redirectError("Add Article Error"); } redirectSuccess(value); return value; }
int main(int argc, char **argv) { CGI_varlist *vl; int tlen = strlen(TMP_PATH); FILE *log; const char *name, *dir; char prefix[BUFSIZ] = UPL_PATH, dst[BUFSIZ], srv[BUFSIZ], *p = getenv("SCRIPT_NAME"); umask(umask((mode_t)0)|S_IWUSR|S_IWGRP|S_IWOTH|S_IXUSR|S_IXGRP|S_IXOTH); printf("Content-type: text/plain\r\n\r\n"); if(p != NULL) /* The CGI-reported basename must be the target server */ { char genbuf[BUFSIZ]; if(strlcpy(dst, p, BUFSIZ) >= BUFSIZ) return 1; /* These are self- */ if((p = strrchr(dst, '/')) != NULL) p++; else p = dst; if(strlcpy(genbuf, p, BUFSIZ) >= BUFSIZ) return 1; /* inflicted errors */ if(strlcpy(srv, p, BUFSIZ) >= BUFSIZ) return 1; /* that users should*/ if((p = strchr(genbuf, '.')) != NULL) *p = '\0'; if((p = strchr(srv, '.')) != NULL) *p = '\0'; if(strlcat(prefix, genbuf, BUFSIZ) >= BUFSIZ || strlcat(prefix, "-", BUFSIZ) >= BUFSIZ) return 1; /* not normally see */ } else { e("config error"); return 1; } if((log = fopen(LOG_PATH, "a")) == NULL) { e("log error"); return 1; } if((vl = CGI_get_all(TMP_PATH"-XXXXXX")) == 0 ) { e("nodata"); return 1; } /*All files received--force to disk: sync && echo 3 > /proc/sys/vm/drop_caches*/ sync(); /* Suggest to disk */ if((dir = CGI_lookup(vl, "dir"))) { FILE *dirs = fopen(DIR_PATH, "r"); /* SMB server permitted directories */ char genbuf[BUFSIZ], f = 1; if(!dirs) { e("no dir"); return 1; } while(fgets(genbuf, BUFSIZ, dirs)) { /* Remove the fgets-included newline */ if((p = strrchr(genbuf, '\n')) != NULL) *p = '\0'; if(!strcmp(genbuf, dir)) { f = 0; break; } } fclose(dirs); if(f) { e("no dir"); return 1; } } else { e("no dir"); return 1; } printf("%s\n", dir); for(name = CGI_first_name(vl); name != 0; name = CGI_next_name(vl)) { int i; CGI_value *val; if(!(val = CGI_lookup_all(vl, 0))) continue; for(i = 0; val[i]; i++) { struct stat junk_buf; /* Does filename match TMP_PATH, and exist? */ if(!strncmp(val[i], TMP_PATH, tlen) && !stat(val[i], &junk_buf)) { /* RFC-1867 files come in name pairs, and the index must be advanced. */ FILE *goodfile; const char *z; time_t epoch = time(NULL); struct tm *now = localtime(&epoch); int j = i++; /* Now, val[j] == tmp_name, val[i] == user's sent name. */ strftime(dst, BUFSIZ, "%y/%m/%d %H:%M:%S", now); fprintf(log, "%s %s %s", dst, getenv("REMOTE_ADDR"), val[i]); if((z = strrchr(val[i], '/')) != NULL) z++; else z = val[i]; if((p = strrchr(z, '\\')) != NULL) z = p + 1; /* IE sends full path. */ if(strlcpy(dst, prefix, BUFSIZ) >= BUFSIZ || strlcat(dst, z, BUFSIZ) >= BUFSIZ) /* Skip if basename oversized. */ { e("error\n"); fprintf(log, " _FLEN-RETAINED_ %s\n", val[j]); continue; } if(link(val[j], dst) && /* On link failure, try to keep this data. */ (strlcat(dst, val[j] + tlen, BUFSIZ) >= BUFSIZ || /* new filename */ link(val[j], dst))) /* mkstemp suffix appended */ { printf("name_error\t%s\n", val[i]); fprintf(log, " _LINK-RETAINED_ %s\n", val[j]); continue; } else fprintf(log, " _RENAMED_ %s", dst); if(unlink(val[j])) { printf("tmp_error\t%s\n", val[i]); /* This is not a fatal error */ fprintf(log, " _UNLINK-RETAINED_ %s", val[j]); } fprintf(log,"\n"); if((goodfile = fopen(dst, "r"))) { SHA256_CTX ctx; uchar buf[BUFSIZ]; char cmd[BUFSIZ], dirbuf[BUFSIZ]; /* Report the sha256sum--at least client can verify this leg of the trip */ sha256_init(&ctx); while((j = fread(buf, 1, BUFSIZ, goodfile))) sha256_update(&ctx, buf, j); sha256_final(&ctx, buf); fclose(goodfile); for(j = 0; j < 32; j++) printf("%02x", buf[j]); printf("\t%s\n", val[i]); /* Build the smbclient command line - add -e for encryption if desired */ if(strlcpy(cmd, "smbclient -mSMB3 -A/usr/local/etc/.", BUFSIZ) >= BUFSIZ || strlcat(cmd, srv, BUFSIZ) >= BUFSIZ ||/*Note:smbclient didn't get*/ strlcat(cmd, ".auth '//", BUFSIZ) >= BUFSIZ ||/* SMB3 until Samba v4.1*/ strlcat(cmd, srv, BUFSIZ) >= BUFSIZ) { E(); continue; } if(*dir != '/' && strlcat(cmd, "/", BUFSIZ) >= BUFSIZ) { E(); continue; } if( strlcpy(dirbuf, dir, BUFSIZ) >= BUFSIZ) { E(); continue; } if((p = strchr(dirbuf + 1, '/')) != NULL) { /* Pull the share name off, then cd to subdir */ *p = '\0'; if(strlcat(cmd, dirbuf, BUFSIZ) >= BUFSIZ || strlcat(cmd, "' -c 'cd \"", BUFSIZ) >= BUFSIZ || strlcat(cmd, p + 1, BUFSIZ) >= BUFSIZ || strlcat(cmd, "\"; ", BUFSIZ) >= BUFSIZ) { E(); continue; } } /* smbclient doesn't cd properly if this isn't done */ else { /* No subdir, so put directly */ if(strlcat(cmd, dir, BUFSIZ) >= BUFSIZ || strlcat(cmd, "' -c '", BUFSIZ) >= BUFSIZ) { E(); continue; } } if(strlcat(cmd, "put \"", BUFSIZ) >= BUFSIZ || strlcat(cmd, dst, BUFSIZ) >= BUFSIZ || strlcat(cmd, "\" \"", BUFSIZ) >= BUFSIZ || strlcat(cmd, z, BUFSIZ) >= BUFSIZ || strlcat(cmd, "\"; dir \"", BUFSIZ) >= BUFSIZ || strlcat(cmd, z, BUFSIZ) >= BUFSIZ || strlcat(cmd, "\"' 2>&1", BUFSIZ) >= BUFSIZ) { E(); continue; } fprintf(log, "%s\n", cmd); if((goodfile = popen(cmd, "r"))) /* Run the SMB transfer */ { while(fgets(cmd, BUFSIZ, goodfile)) printf("%s", cmd); pclose(goodfile); } } } } } CGI_free_varlist(vl); fclose(log); fflush(NULL); return 0; }