This one breaks all ;) Lets see, what happens

dynamic-accesslists
erdgeist 18 years ago
parent 62a6f60559
commit bef60daf2b

@ -31,6 +31,8 @@ unsigned long const OT_CLIENT_TIMEOUT = 15;
static unsigned int ot_overall_connections = 0; static unsigned int ot_overall_connections = 0;
static time_t ot_start_time; static time_t ot_start_time;
static const unsigned int SUCCESS_HTTP_HEADER_LENGTH = 80; static const unsigned int SUCCESS_HTTP_HEADER_LENGTH = 80;
static char reply[8192];
static size_t reply_size;
static void carp(const char* routine) { static void carp(const char* routine) {
buffer_puts(buffer_2,routine); buffer_puts(buffer_2,routine);
@ -50,36 +52,40 @@ struct http_data {
unsigned long ip; unsigned long ip;
}; };
int header_complete(struct http_data* r) int header_complete(struct http_data* r) {
{ long l = array_bytes(&r->r);
long i; const char* c = array_start(&r->r);
long i;
long l = array_bytes(&r->r);
const char* c = array_start(&r->r);
for (i=0; i+1<l; ++i) for (i=0; i+1<l; ++i) {
{ if (c[i]=='\n' && c[i+1]=='\n') return i+2;
if (c[i]=='\n' && c[i+1]=='\n') if (i+3<l && c[i]=='\r' && c[i+1]=='\n' && c[i+2]=='\r' && c[i+3]=='\n') return i+4;
return i+2; }
return 0;
}
if (i+3<l && c[i]=='\r' && c[i+1]=='\n' && c[i+2]=='\r' && c[i+3]=='\n') // whoever sends data is not interested in its input-array
return i+4; void senddata(int64 s,struct http_data* h) {
} size_t written_size;
return 0;
if( h ) array_reset(&h->r);
written_size = write( s, reply, reply_size );
if( ( written_size < 0 ) || ( written_size == reply_size ) ) {
free(h); io_close( s );
} else {
fprintf( stderr, "Should have handled this.\n" );
free(h); io_close( s );
}
} }
void httperror(struct http_data* h,const char* title,const char* message) void httperror(int64 s,struct http_data* h,const char* title,const char* message) {
{ reply_size = sprintf( reply, "HTTP/1.0 %s\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: %zd\r\n\r\n<title>%s</title>\n",
char* c = (char*)malloc(strlen(message)+strlen(title)+200); title, strlen(message)+strlen(title)+16-4,title+4);
if( !c) iob_addbuf(&h->iob, "HTTP/1.0 500 internal error\r\nContent-Type: text/plain\r\nConnection: close\r\n\r\nout of memory\n", 90); senddata(s,h);
else iob_addbuf_free( &h->iob, c,
sprintf( c, "HTTP/1.0 %s\r\nContent-Type: text/html\r\nConnection: close\r\nContent-Length: %zd\r\n\r\n<title>%s</title>\n",
title, strlen(message)+strlen(title)+16-4,title+4) );
} }
// bestimmten http parameter auslesen und adresse zurueckgeben // bestimmten http parameter auslesen und adresse zurueckgeben
const char* http_header(struct http_data* r,const char* h) const char* http_header(struct http_data* r,const char* h) {
{
long i; long i;
long l = array_bytes(&r->r); long l = array_bytes(&r->r);
@ -99,24 +105,23 @@ const char* http_header(struct http_data* r,const char* h)
return 0; return 0;
} }
void httpresponse(struct http_data* h,int64 s) void httpresponse(int64 s,struct http_data* h)
{ {
char *c, *data, *reply = NULL; char *c, *data; // must be enough
ot_peer peer; ot_peer peer;
ot_torrent *torrent; ot_torrent *torrent;
ot_hash *hash = NULL; ot_hash *hash = NULL;
int numwant, tmp, scanon; int numwant, tmp, scanon;
unsigned short port = htons(6881); unsigned short port = htons(6881);
size_t reply_size = 0;
reply_size = 0;
array_cat0(&h->r); array_cat0(&h->r);
c = array_start(&h->r); c = array_start(&h->r);
if (byte_diff(c,4,"GET ")) { if (byte_diff(c,4,"GET ")) {
e400: e400:
httperror(h,"400 Invalid Request","This server only understands GET."); return httperror(s,h,"400 Invalid Request","This server only understands GET.");
goto bailout;
} }
c+=4; c+=4;
@ -147,14 +152,12 @@ e400:
continue; continue;
} }
/* ignore this, when we have less than 20 bytes */ /* ignore this, when we have less than 20 bytes */
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) ) { if( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) != 20 ) {
case -1: e400_param:
goto e404; return httperror(s,h,"400 Invalid Request","Invalid parameter");
case 20:
hash = (ot_hash*)data; /* Fall through intended */
default:
continue;
} }
hash = (ot_hash*)data; /* Fall through intended */
break;
default: default:
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
break; break;
@ -162,19 +165,12 @@ e400:
} }
/* Scanned whole query string, wo */ /* Scanned whole query string, wo */
if( !hash ) { if( !hash )
httperror(h,"400 Invalid Request","This server only serves specific scrapes."); return httperror(s,h,"400 Invalid Request","This server only serves specific scrapes.");
goto bailout;
}
// Enough for http header + whole scrape string // Enough for http header + whole scrape string
reply = malloc( SUCCESS_HTTP_HEADER_LENGTH + 128 ); if( ( reply_size = return_scrape_for_torrent( hash, SUCCESS_HTTP_HEADER_LENGTH + reply ) ) <= 0 )
if( reply )
reply_size = return_scrape_for_torrent( hash, SUCCESS_HTTP_HEADER_LENGTH + reply );
if( !reply || ( reply_size < 0 ) ) {
if( reply ) free( reply );
goto e500; goto e500;
}
break; break;
case 8: case 8:
if( byte_diff(data,8,"announce")) if( byte_diff(data,8,"announce"))
@ -198,7 +194,7 @@ e400:
if(!byte_diff(data,2,"ip")) { if(!byte_diff(data,2,"ip")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ); size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
unsigned char ip[4]; unsigned char ip[4];
if( ( len <= 0 ) || scan_fixed_ip( data, len, ip ) ) goto e404; if( ( len <= 0 ) || scan_fixed_ip( data, len, ip ) ) goto e400_param;
OT_SETIP ( &peer, ip ); OT_SETIP ( &peer, ip );
} else } else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
@ -207,11 +203,11 @@ e400:
case 4: case 4:
if(!byte_diff(data,4,"port")) { if(!byte_diff(data,4,"port")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ); size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) || ( tmp > 0xffff ) ) goto e404; if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) || ( tmp > 0xffff ) ) goto e400_param;
port = htons( tmp ); OT_SETPORT ( &peer, &port ); port = htons( tmp ); OT_SETPORT ( &peer, &port );
} else if(!byte_diff(data,4,"left")) { } else if(!byte_diff(data,4,"left")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ); size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) ) goto e404; if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) ) goto e400_param;
if( !tmp ) OT_FLAG( &peer ) |= PEER_FLAG_SEEDING; if( !tmp ) OT_FLAG( &peer ) |= PEER_FLAG_SEEDING;
} else } else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
@ -221,7 +217,7 @@ e400:
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
else switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) ) { else switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) ) {
case -1: case -1:
goto e404; goto e400_param;
case 7: case 7:
if(!byte_diff(data,7,"stopped")) OT_FLAG( &peer ) |= PEER_FLAG_STOPPED; if(!byte_diff(data,7,"stopped")) OT_FLAG( &peer ) |= PEER_FLAG_STOPPED;
break; break;
@ -234,15 +230,13 @@ e400:
case 7: case 7:
if(!byte_diff(data,7,"numwant")) { if(!byte_diff(data,7,"numwant")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ); size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &numwant ) ) goto e404; if( ( len <= 0 ) || scan_fixed_int( data, len, &numwant ) ) goto e400_param;
if( numwant > 200 ) numwant = 200; if( numwant > 200 ) numwant = 200;
} else if(!byte_diff(data,7,"compact")) { } else if(!byte_diff(data,7,"compact")) {
size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ); size_t len = scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE );
if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) ) goto e404; if( ( len <= 0 ) || scan_fixed_int( data, len, &tmp ) ) goto e400_param;
if( !tmp ) { if( !tmp )
httperror(h,"400 Invalid Request","This server only delivers compact results."); return httperror(s,h,"400 Invalid Request","This server only delivers compact results.");
goto bailout;
}
} else } else
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
break; break;
@ -252,14 +246,10 @@ e400:
continue; continue;
} }
/* ignore this, when we have less than 20 bytes */ /* ignore this, when we have less than 20 bytes */
switch( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) ) { if( scan_urlencoded_query( &c, data = c, SCAN_SEARCHPATH_VALUE ) != 20 )
case -1: goto e400;
goto e404; hash = (ot_hash*)data;
case 20: break;
hash = (ot_hash*)data;
default: // Fall through intended
continue;
}
default: default:
scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE ); scan_urlencoded_query( &c, NULL, SCAN_SEARCHPATH_VALUE );
break; break;
@ -267,34 +257,24 @@ e400:
} }
/* Scanned whole query string */ /* Scanned whole query string */
if( !hash ) goto e404; if( !hash ) goto e400;
if( OT_FLAG( &peer ) & PEER_FLAG_STOPPED ) { if( OT_FLAG( &peer ) & PEER_FLAG_STOPPED ) {
remove_peer_from_torrent( hash, &peer ); remove_peer_from_torrent( hash, &peer );
reply = malloc( SUCCESS_HTTP_HEADER_LENGTH + 26 );
if( !reply )
goto e500;
MEMMOVE( reply + SUCCESS_HTTP_HEADER_LENGTH, "d15:warning message4:Okaye", reply_size = 26 ); MEMMOVE( reply + SUCCESS_HTTP_HEADER_LENGTH, "d15:warning message4:Okaye", reply_size = 26 );
} else { } else {
torrent = add_peer_to_torrent( hash, &peer ); torrent = add_peer_to_torrent( hash, &peer );
if( !torrent ) { if( !torrent ) {
e500: e500:
httperror(h,"500 Internal Server Error","A server error has occured. Please retry later."); return httperror(s,h,"500 Internal Server Error","A server error has occured. Please retry later.");
goto bailout;
} }
reply = malloc( SUCCESS_HTTP_HEADER_LENGTH + numwant * 6 + 128 ); // http header + peerlist + seeder, peers and lametta 80 + n*6+81 a.t.m. if( ( reply_size = return_peers_for_torrent( torrent, numwant, SUCCESS_HTTP_HEADER_LENGTH + reply ) ) <= 0 )
if( reply )
reply_size = return_peers_for_torrent( torrent, numwant, SUCCESS_HTTP_HEADER_LENGTH + reply );
if( !reply || ( reply_size <= 0 ) ) {
if( reply ) free( reply );
goto e500; goto e500;
}
} }
break; break;
case 11: case 11:
if( byte_diff(data,11,"mrtg_scrape")) if( byte_diff(data,11,"mrtg_scrape"))
goto e404; goto e404;
reply = malloc( SUCCESS_HTTP_HEADER_LENGTH + 128 );
{ {
unsigned long seconds_elapsed = time( NULL ) - ot_start_time; unsigned long seconds_elapsed = time( NULL ) - ot_start_time;
reply_size = sprintf( reply + SUCCESS_HTTP_HEADER_LENGTH, reply_size = sprintf( reply + SUCCESS_HTTP_HEADER_LENGTH,
@ -305,31 +285,16 @@ e500:
break; break;
default: /* neither *scrape nor announce */ default: /* neither *scrape nor announce */
e404: e404:
httperror(h,"404 Not Found","No such file or directory."); return httperror(s,h,"404 Not Found","No such file or directory.");
goto bailout;
} }
if( reply && reply_size ) { if( reply_size ) {
MEMMOVE( reply, "HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\nContent-Length: X \r\n\r\n", SUCCESS_HTTP_HEADER_LENGTH ); MEMMOVE( reply, "HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\nContent-Length: X \r\n\r\n", SUCCESS_HTTP_HEADER_LENGTH );
fmt_ulonglong( reply+59, (long long)reply_size ); fmt_ulonglong( reply+59, (long long)reply_size );
iob_addbuf_free(&h->iob, reply, SUCCESS_HTTP_HEADER_LENGTH + reply_size );
} }
reply_size += SUCCESS_HTTP_HEADER_LENGTH;
bailout:
io_dontwantread(s); io_dontwantread(s);
io_wantwrite(s); senddata(s,h);
reply_size=iob_send(s,&h->iob);
if (reply_size==-1) {
io_eagain(s);
} else
if ((reply_size<=0)||(h->iob.bytesleft==0))
{
array_reset(&h->r);
iob_reset(&h->iob);
free(h);
io_close(s);
}
} }
void graceful( int s ) { void graceful( int s ) {
@ -468,7 +433,6 @@ allparsed:
if (h) if (h)
{ {
array_reset(&h->r); array_reset(&h->r);
iob_reset(&h->iob);
free(h); free(h);
} }
io_close(i); io_close(i);
@ -478,21 +442,11 @@ allparsed:
array_catb(&h->r,buf,l); array_catb(&h->r,buf,l);
if (array_failed(&h->r)) if (array_failed(&h->r))
{ httperror(i,h,"500 Server Error","Request too long.");
httperror(h,"500 Server Error","request too long.");
emerge:
io_dontwantread(i);
io_wantwrite(i);
}
else if (array_bytes(&h->r)>8192) else if (array_bytes(&h->r)>8192)
{ httperror(i,h,"500 request too long","You sent too much headers");
httperror(h,"500 request too long","You sent too much headers");
goto emerge;
}
else if ((l=header_complete(h))) else if ((l=header_complete(h)))
{ httpresponse(i,h);
httpresponse(h,i);
}
} }
} }
} }
@ -507,7 +461,6 @@ emerge:
else else
if ((r<=0)||(h->iob.bytesleft==0)) if ((r<=0)||(h->iob.bytesleft==0))
{ {
array_reset(&h->r);
iob_reset(&h->iob); iob_reset(&h->iob);
free(h); free(h);
io_close(i); io_close(i);

@ -4,9 +4,9 @@ while true; do
request_string="GET /announce?info_hash=0123456789012345678%$(printf %02X $(( $RANDOM & 0xff )) )&\ request_string="GET /announce?info_hash=0123456789012345678%$(printf %02X $(( $RANDOM & 0xff )) )&\
ip=10.1.1.$(( $RANDOM & 0xff ))&port=$(( $RANDOM & 0xff )) HTTP/1.0\n" ip=10.1.1.$(( $RANDOM & 0xff ))&port=$(( $RANDOM & 0xff )) HTTP/1.0\n"
echo -e $request_string # echo -e $request_string
echo # echo
echo -e $request_string | nc 213.73.88.214 6969 | tr -C "[:print:]" _ echo -e $request_string | nc 23.23.23.182 6969 >/dev/null &
echo # echo
done done

Loading…
Cancel
Save