iSpit out error in case of improperly URI escaping with hURL: - geomyidae - A small C-based gopherd. Err bitreich.org 70
hgit clone git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/geomyidae/ URL:git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/geomyidae/ bitreich.org 70
1Log /scm/geomyidae/log.gph bitreich.org 70
1Files /scm/geomyidae/files.gph bitreich.org 70
1Refs /scm/geomyidae/refs.gph bitreich.org 70
1Tags /scm/geomyidae/tag bitreich.org 70
1README /scm/geomyidae/file/README.gph bitreich.org 70
1LICENSE /scm/geomyidae/file/LICENSE.gph bitreich.org 70
i--- Err bitreich.org 70
1commit 4140d67a13c6888267e975e8bf60bfe91f3d21a4 /scm/geomyidae/commit/4140d67a13c6888267e975e8bf60bfe91f3d21a4.gph bitreich.org 70
1parent 666c891cb2fa5ddd436e1cd0662f0c3e3d2ed142 /scm/geomyidae/commit/666c891cb2fa5ddd436e1cd0662f0c3e3d2ed142.gph bitreich.org 70
hAuthor: Christoph Lohmann <20h@r-36.net> URL:mailto:20h@r-36.net bitreich.org 70
iDate: Sat, 10 Feb 2024 12:43:48 +0100 Err bitreich.org 70
i Err bitreich.org 70
iSpit out error in case of improperly URI escaping with hURL: Err bitreich.org 70
i Err bitreich.org 70
iThanks pazzo for giving me the hint! Err bitreich.org 70
i Err bitreich.org 70
iDiffstat: Err bitreich.org 70
i M main.c | 62 ++++++++++++++++++++++--------- Err bitreich.org 70
i Err bitreich.org 70
i1 file changed, 44 insertions(+), 18 deletions(-) Err bitreich.org 70
i--- Err bitreich.org 70
1diff --git a/main.c b/main.c /scm/geomyidae/file/main.c.gph bitreich.org 70
i@@ -61,31 +61,37 @@ char *argv0; Err bitreich.org 70
i char stdbase[] = "/var/gopher"; Err bitreich.org 70
i char *stdport = "70"; Err bitreich.org 70
i char *indexf[] = {"index.gph", "index.cgi", "index.dcgi", "index.bob", "index.bin"}; Err bitreich.org 70
i+ Err bitreich.org 70
i char *nocgierr = "3Sorry, execution of the token '%s' was requested, but this " Err bitreich.org 70
i "is disabled in the server configuration.\tErr" Err bitreich.org 70
i "\tlocalhost\t70\r\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i char *notfounderr = "3Sorry, but the requested token '%s' could not be found.\tErr" Err bitreich.org 70
i "\tlocalhost\t70\r\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i char *toolongerr = "3Sorry, but the requested token '%s' is a too long path.\tErr" Err bitreich.org 70
i "\tlocalhost\t70\r\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i char *tlserr = "3Sorry, but the requested token '%s' requires an encrypted connection.\tErr" Err bitreich.org 70
i "\tlocalhost\t70\r\n"; Err bitreich.org 70
i-char *htredir = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" Err bitreich.org 70
i- "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n" Err bitreich.org 70
i- " \"DTD/xhtml-transitional.dtd\">\n" Err bitreich.org 70
i- "<html xmlns=\"http://www.w3.org/1999/xhtml\"; lang=\"en\">\n" Err bitreich.org 70
i- " <head>\n" Err bitreich.org 70
i- " <title>gopher redirect</title>\n" Err bitreich.org 70
i- "\n" Err bitreich.org 70
i- " <meta http-equiv=\"Refresh\" content=\"1;url=%s\" />\n" Err bitreich.org 70
i- " </head>\n" Err bitreich.org 70
i- " <body>\n" Err bitreich.org 70
i- " This page is for redirecting you to: <a href=\"%s\">%s</a>.\n" Err bitreich.org 70
i- " </body>\n" Err bitreich.org 70
i- "</html>\n"; Err bitreich.org 70
i-char *selinval ="3Happy helping ☃ here: " Err bitreich.org 70
i- "Sorry, your selector does contains '..'. " Err bitreich.org 70
i- "That's illegal here.\tErr\tlocalhost\t70\r\n.\r\n\r\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i+/* TODO: Transform gopherspace to not need this anymore. See sacc(1). */ Err bitreich.org 70
i+char *htredir = "<!DOCTYPE html>\n" Err bitreich.org 70
i+ "<html><head><title>gopher redirect</title>\n" Err bitreich.org 70
i+ "<meta http-equiv=\"refresh\" content=\"1;url=%s\" />\n" Err bitreich.org 70
i+ "</head><body>\n" Err bitreich.org 70
i+ "Please consider using native gopher 'w' type.\n" Err bitreich.org 70
i+ "HTML is insecure and bloated.<br/>\n" Err bitreich.org 70
i+ "You will be redirected to: <a href=\"%s\">%s</a>.\n" Err bitreich.org 70
i+ "</body></html>\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i+char *htescape = "3Happy helping ☃ here: " Err bitreich.org 70
i+ "Sorry, your URI was not properly escaped." Err bitreich.org 70
i+ "\tErr\tlocalhost\t70\r\n.\r\n\r\n"; Err bitreich.org 70
i+ Err bitreich.org 70
i+char *selinval = "3Happy helping ☃ here: " Err bitreich.org 70
i+ "Sorry, your selector does contains '..'. " Err bitreich.org 70
i+ "That's illegal here.\tErr\tlocalhost\t70\r\n.\r\n\r\n"; Err bitreich.org 70
i Err bitreich.org 70
i int Err bitreich.org 70
i dropprivileges(struct group *gr, struct passwd *pw) Err bitreich.org 70
i@@ -186,7 +192,7 @@ handlerequest(int sock, char *req, int rlen, char *base, char *ohost, Err bitreich.org 70
i * mode. Err bitreich.org 70
i */ Err bitreich.org 70
i if (!nocgi && recvb[0] != '/' && (c = strchr(recvb, ' '))) { Err bitreich.org 70
i- *c++ = '\0'; Err bitreich.org 70
i+ *c = '\0'; Err bitreich.org 70
i if (strchr(recvb, '/')) Err bitreich.org 70
i goto dothegopher; Err bitreich.org 70
i if (snprintf(path, sizeof(path), "%s/%s", base, recvb) <= sizeof(path)) { Err bitreich.org 70
i@@ -199,8 +205,9 @@ handlerequest(int sock, char *req, int rlen, char *base, char *ohost, Err bitreich.org 70
i return; Err bitreich.org 70
i } Err bitreich.org 70
i } Err bitreich.org 70
i- } Err bitreich.org 70
i dothegopher: Err bitreich.org 70
i+ *c = ' '; Err bitreich.org 70
i+ } Err bitreich.org 70
i Err bitreich.org 70
i /* Do not allow requests including "..". */ Err bitreich.org 70
i if (strstr(recvb, "..")) { Err bitreich.org 70
i@@ -237,7 +244,26 @@ dothegopher: Err bitreich.org 70
i memmove(recvc, recvb, rlen+1); Err bitreich.org 70
i Err bitreich.org 70
i /* Redirect to HTML redirecting to the specified URI. */ Err bitreich.org 70
i+ /* TODO: Fix gopherspace to not require this. */ Err bitreich.org 70
i if (!strncmp(recvb, "URL:", 4)) { Err bitreich.org 70
i+ for (i = 4; i < sizeof(recvb)-1; i++) { Err bitreich.org 70
i+ switch (recvb[i]) { Err bitreich.org 70
i+ case '\0': Err bitreich.org 70
i+ i = sizeof(recvb); Err bitreich.org 70
i+ break; Err bitreich.org 70
i+ case '"': Err bitreich.org 70
i+ case '&': Err bitreich.org 70
i+ case '>': Err bitreich.org 70
i+ case '<': Err bitreich.org 70
i+ case ' ': Err bitreich.org 70
i+ case '\'': Err bitreich.org 70
i+ case '\\': Err bitreich.org 70
i+ write(sock, htescape, strlen(htescape)); Err bitreich.org 70
i+ if (loglvl & ERRORS) Err bitreich.org 70
i+ logentry(clienth, clientp, recvc, "Unescaped HTTP redirect"); Err bitreich.org 70
i+ return; Err bitreich.org 70
i+ } Err bitreich.org 70
i+ } Err bitreich.org 70
i len = snprintf(path, sizeof(path), htredir, Err bitreich.org 70
i recvb + 4, recvb + 4, recvb + 4); Err bitreich.org 70
i if (len > sizeof(path)) Err bitreich.org 70
.
Response:
text/plain