diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-1800/finish-prereg.js b/zefie_wtvp_minisrv/ServiceVault/wtv-1800/finish-prereg.js
index af4f9572..809212a0 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-1800/finish-prereg.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-1800/finish-prereg.js
@@ -1,37 +1,38 @@
-if (socket_session_data[socket.id].ssid != null && !getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')) {
+if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
var wtvsec_login = new WTVSec();
wtvsec_login.IssueChallenge();
wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
- setSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login', wtvsec_login)
-} else {
- var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')
+ ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
+} else if (socket.ssid != null) {
+ var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
}
-var prereg_contype = "text/html";
+if (wtvsec_login) {
+ var prereg_contype = "text/html";
-// if relogin, skip tellyscript
-if (request_headers.query.relogin) { // skip tellyscript
- wtvsec_login.ticket_b64 = null; // clear old ticket
-}
+ // if relogin, skip tellyscript
+ if (request_headers.query.relogin) { // skip tellyscript
+ wtvsec_login.ticket_b64 = null; // clear old ticket
+ }
-// if relogin, skip tellyscript
-var romtype, file_path = null;
-if (!request_headers.query.relogin && minisrv_config.config.send_tellyscripts) {
- var romtype = getSessionData(socket_session_data[socket.id].ssid, 'wtv-client-rom-type');
-}
+ // if relogin, skip tellyscript
+ var romtype, file_path = null;
+ if (!request_headers.query.relogin && minisrv_config.config.send_tellyscripts) {
+ var romtype = ssid_sessions[socket.ssid].get("wtv-client-rom-type");
+ }
-switch (romtype) {
- case "US-LC2-disk-0MB-8MB":
- prereg_contype = "text/tellyscript";
- var file_path = __dirname + "/ServiceDeps/premade_tellyscripts/LC2/LC2_OISP_5555732_56k.tok";
- break;
+ switch (romtype) {
+ case "US-LC2-disk-0MB-8MB":
+ prereg_contype = "text/tellyscript";
+ var file_path = __dirname + "/ServiceDeps/premade_tellyscripts/LC2/LC2_OISP_5555732_56k.tok";
+ break;
- default:
- data = '';
- break;
-}
+ default:
+ data = '';
+ break;
+ }
-headers = `200 OK
+ headers = `200 OK
Connection: Keep-Alive
wtv-initial-key: ` + wtvsec_login.challenge_key.toString(CryptoJS.enc.Base64) + `
Content-Type: `+ prereg_contype + `
@@ -46,14 +47,20 @@ wtv-client-time-zone: GMT -0000
wtv-client-time-dst-rule: GMT
wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT`;
-if (file_path) {
- request_is_async = true;
- fs.readFile(file_path, null, function (err, file_read_data) {
- if (err) {
- var errmsg = doErrorCode(400);
- headers = errmsg[0];
- file_read_data = errmsg[1] + "\n" + err.toString();
- }
- sendToClient(socket, headers, file_read_data);
- });
+ if (file_path) {
+ request_is_async = true;
+ fs.readFile(file_path, null, function (err, file_read_data) {
+ if (err) {
+ var errmsg = doErrorCode(400);
+ headers = errmsg[0];
+ file_read_data = errmsg[1] + "\n" + err.toString();
+ }
+ sendToClient(socket, headers, file_read_data);
+ });
+ }
+} else {
+ console.log(" * Something bad happened (we don't know the client ssid???)");
+ var errpage = doErrorCode(400)
+ headers = errpage[0];
+ data = errpage[1];
}
\ No newline at end of file
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/willie.js b/zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/willie.js
index 04d9739a..2600705c 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/willie.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/willie.js
@@ -18,7 +18,7 @@ if (!minisrv_config.services[service_name].use_zefie_server) {
var options = {
host: "wtv.zefie.com",
- path: "/willie.php?minisrv=true&pflash=" + getSessionData(socket_session_data[socket.id].ssid, 'wtv-client-rom-type') + proxy_query,
+ path: "/willie.php?minisrv=true&pflash=" + ssid_sessions[socket.ssid].get("wtv-client-rom-type") + proxy_query,
timeout: 5000,
method: 'GET'
}
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/finalize-security.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/finalize-security.js
index 25ed5f5b..086789bc 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/finalize-security.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/finalize-security.js
@@ -1,14 +1,14 @@
var challenge_response, challenge_header = '';
var gourl;
-if (socket_session_data[socket.id].ssid !== null) {
+if (socket.ssid !== null) {
if (request_headers["wtv-ticket"]) {
if (request_headers["wtv-ticket"].length > 8) {
DecodeTicket(request_headers["wtv-ticket"]);
- socket_session_data[socket.id].wtvsec.ticket_b64 = request_headers["wtv-ticket"];
- //socket_session_data[socket.id].secure == true;
+ socket_sessions[socket.id].wtvsec.ticket_b64 = request_headers["wtv-ticket"];
+ //socket_sessions[socket.id].secure == true;
}
- } else if (socket_session_data[socket.id].wtvsec.ticket_b64 == null) {
+ } else if (socket_sessions[socket.id].wtvsec.ticket_b64 == null) {
// TODO: client should have a ticket and send it back by now, if not we should handle this correctly
}
}
@@ -16,7 +16,7 @@ if (socket_session_data[socket.id].ssid !== null) {
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
-wtv-ticket: `+socket_session_data[socket.id].wtvsec.ticket_b64+`
+wtv-ticket: `+socket_sessions[socket.id].wtvsec.ticket_b64+`
wtv-expire-all: htv-
wtv-home-url: wtv-home:/home?
wtv-visit: wtv-home:/splash?
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
index be58d5a4..52f33699 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
@@ -1,22 +1,22 @@
var challenge_response, challenge_header = '';
var gourl;
-if (socket_session_data[socket.id].ssid != null && !getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')) {
+if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
var wtvsec_login = new WTVSec(1,zdebug);
wtvsec_login.IssueChallenge();
wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
- setSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login', wtvsec_login)
+ ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
} else {
- var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')
+ var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
}
-if (socket_session_data[socket.id].ssid !== null) {
+if (socket.ssid !== null) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers["wtv-ticket"]) {
if (request_headers["wtv-ticket"].length > 8) {
wtvsec_login.DecodeTicket(request_headers["wtv-ticket"]);
wtvsec_login.ticket_b64 = request_headers["wtv-ticket"];
- //socket_session_data[socket.id].secure = true;
+ //socket_sessions[socket.id].secure = true;
}
} else {
challenge_response = wtvsec_login.challenge_response;
@@ -24,11 +24,11 @@ if (socket_session_data[socket.id].ssid !== null) {
if (challenge_response && client_challenge_response) {
//if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
- console.log(" * wtv-challenge-response success for " + processSSID(socket_session_data[socket.id].ssid));
+ console.log(" * wtv-challenge-response success for " + processSSID(socket.ssid));
wtvsec_login.PrepareTicket();
- //socket_session_data[socket.id].secure = true;
+ //socket_sessions[socket.id].secure = true;
} else {
- console.log(" * wtv-challenge-response FAILED for " + processSSID(socket_session_data[socket.id].ssid));
+ console.log(" * wtv-challenge-response FAILED for " + processSSID(socket.ssid));
if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
if (zdebug) console.log("Response Received:", client_challenge_response)
gourl = "wtv-head-waiter:/login?reissue_challenge=true";
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
index e16e5d7e..2aa13408 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
@@ -1,7 +1,7 @@
var challenge_response, challenge_header = '';
-if (socket_session_data[socket.id].ssid !== null) {
- var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login');
+if (socket.ssid !== null) {
+ var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
if (request_headers["wtv-ticket"]) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers["wtv-ticket"].length > 8) {
@@ -15,7 +15,7 @@ if (socket_session_data[socket.id].ssid !== null) {
var client_challenge_response = request_headers["wtv-challenge-response"] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0, 85) == client_challenge_response.substring(0, 85)) {
- console.log(" * wtv-challenge-response success for " + socket_session_data[socket.id].ssid);
+ console.log(" * wtv-challenge-response success for " + socket.ssid);
wtvsec_login.PrepareTicket();
} else {
challenge_header = "wtv-challenge: " + wtvsec_login.IssueChallenge();
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js b/zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js
index 957b5d26..8a07832f 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js
@@ -3,10 +3,10 @@ Connection: Keep-Alive
wtv-expire-all: wtv-home:/splash
Content-type: text/html`
-if (getSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption')) {
+if (ssid_sessions[socket.ssid].get('box-does-psuedo-encryption')) {
var cryptstatus = "Psuedo-encrypted";
} else {
- var cryptstatus = ((socket_session_data[socket.id].secure === true) ? "Encrypted" : "Not Encrypted")
+ var cryptstatus = ((socket_sessions[socket.id].secure === true) ? "Encrypted" : "Not Encrypted")
}
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js b/zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js
index dc29ff0d..05da295a 100644
--- a/zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js
+++ b/zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js
@@ -9,7 +9,7 @@ Content-length: 0`;
data = '';
var fullpath = __dirname + "/ServiceLogPost/" + Math.floor(new Date().getTime() / 1000) + "_" + request_headers.query.type;
- if (socket_session_data[socket.id].ssid) fullpath += "_" + socket_session_data[socket.id].ssid;
+ if (socket.ssid) fullpath += "_" + socket.ssid;
fullpath += ".txt";
fullpath = fullpath.replace(/\\/g, "/");
@@ -23,7 +23,7 @@ Content-length: 0`;
logdata_outstring_hex += request_headers.post_data.toString(CryptoJS.enc.Hex);
if (minisrv_config.services[service_name].write_logs_to_disk) {
fs.writeFile(fullpath, logdata_outstring_hex, "Hex", function () {
- if (!zquiet) console.log(" * Wrote POST log data from", processSSID(socket_session_data[socket.id].ssid), "for", socket.id);
+ if (!zquiet) console.log(" * Wrote POST log data from", processSSID(socket.ssid), "for", socket.id);
sendToClient(socket, headers, data);
});
} else {
@@ -43,7 +43,7 @@ Content-length: 0`;
var logdata_outstring_hex = Buffer.from(logdata_outstring, 'utf8').toString('hex');
if (minisrv_config.services[service_name].write_logs_to_disk) {
fs.writeFile(fullpath, logdata_outstring_hex, "Hex", function () {
- if (!zquiet) console.log(" * Wrote GET log data from", processSSID(socket_session_data[socket.id].ssid), "for", socket.id);
+ if (!zquiet) console.log(" * Wrote GET log data from", processSSID(socket.ssid), "for", socket.id);
sendToClient(socket, headers, data);
});
} else {
diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-tricks/info.js b/zefie_wtvp_minisrv/ServiceVault/wtv-tricks/info.js
new file mode 100644
index 00000000..e69de29b
diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js
index d48343ee..fc1d385e 100644
--- a/zefie_wtvp_minisrv/app.js
+++ b/zefie_wtvp_minisrv/app.js
@@ -9,6 +9,7 @@ const CryptoJS = require('crypto-js');
const mime = require('mime-types');
const { crc16 } = require('easy-crc');
var WTVSec = require('./wtvsec.js');
+var ClientSessionData = require('./session_data.js');
var ports = [];
@@ -22,6 +23,7 @@ String.prototype.reverse = function () {
}
+
function getServiceString(service) {
if (service === "all") {
var out = "";
@@ -38,24 +40,12 @@ function getServiceString(service) {
}
}
-var ssid_data = new Array();
+var ssid_sessions = new Array();
var socket_buffer = new Array();
-var socket_session_data = new Array();
+var socket_sessions = new Array();
var script_processing_timeout = 10; // seconds
-function getSessionData(ssid, key = null) {
- if (typeof (ssid_data[ssid]) === 'undefined') return null;
- if (key == null) return ssid_data[ssid];
- else if (ssid_data[ssid][key]) return ssid_data[ssid][key];
- else return null;
-}
-
-function setSessionData(ssid, key, value) {
- if (typeof (ssid_data[ssid]) === 'undefined') ssid_data[ssid] = new Array();
- ssid_data[ssid][key] = value;
-}
-
function getFileExt(path) {
return path.reverse().split(".")[0].reverse();
}
@@ -150,7 +140,7 @@ async function processPath(socket, path, request_headers = new Array(), service_
if (!zquiet) console.log(" * Found " + path + ".js to handle request (JS Interpreter mode) [Socket " + socket.id + "]");
// expose var service_dir for script path to the root of the wtv-service
var service_dir = service_vault_dir.replace(/\\/g, "/") + "/" + service_name;
- socket_session_data[socket.id].starttime = Math.floor(new Date().getTime() / 1000);
+ socket_sessions[socket.id].starttime = Math.floor(new Date().getTime() / 1000);
var jscript_eval = fs.readFileSync(path + ".js").toString();
eval(jscript_eval);
if (request_is_async && !zquiet) console.log(" * Script requested Asynchronous mode");
@@ -242,7 +232,7 @@ async function processURL(socket, request_headers) {
}
if (shortURL.indexOf(':/') >= 0 && shortURL.indexOf('://') < 0) {
- var ssid = socket_session_data[socket.id].ssid;
+ var ssid = socket.ssid;
if (ssid == null) {
ssid = request_headers["wtv-client-serial-number"];
}
@@ -270,7 +260,7 @@ async function processURL(socket, request_headers) {
var errpage = doErrorPage(400);
headers = errpage[0];
data = errpage[1]
- socket_session_data[socket.id].close_me = true;
+ socket_sessions[socket.id].close_me = true;
sendToClient(socket, headers, data);
}
}
@@ -385,7 +375,7 @@ async function headerStringToObj(headers, response = false) {
headers_obj_pre.forEach(function (d) {
if (/^SECURE ON/.test(d) && !response) {
headers_obj.secure = true;
- //socket_session_data[socket.id].secure_headers = true;
+ //socket_sessions[socket.id].secure_headers = true;
} else if (/^([0-9]{3}) $/.test(d.substring(0, 4)) && response) {
headers_obj.http_response = d.replace("\r", "");
} else if (/^(GET |PUT |POST)$/.test(d.substring(0, 4)) && !response) {
@@ -424,7 +414,7 @@ async function sendToClient(socket, headers_obj, data) {
}
// encrypt if needed
- if (socket_session_data[socket.id].secure == true) {
+ if (socket_sessions[socket.id].secure == true) {
var clen = null;
if (typeof data.length !== 'undefined') {
clen = data.length;
@@ -433,9 +423,9 @@ async function sendToClient(socket, headers_obj, data) {
}
headers_obj["wtv-encrypted"] = 'true';
headers_obj = moveObjectElement('wtv-encrypted', 'Connection', headers_obj);
- if (clen > 0 && socket_session_data[socket.id].wtvsec) {
+ if (clen > 0 && socket_sessions[socket.id].wtvsec) {
if (!zquiet) console.log(" * Encrypting response to client ...")
- var enc_data = socket_session_data[socket.id].wtvsec.Encrypt(1, data);
+ var enc_data = socket_sessions[socket.id].wtvsec.Encrypt(1, data);
data = enc_data;
}
}
@@ -481,18 +471,18 @@ async function sendToClient(socket, headers_obj, data) {
socket.write(toClient);
} else if (typeof data == 'object') {
if (zquiet) var verbosity_mod = (headers_obj["wtv-encrypted"] == 'true') ? " encrypted response" : "";
- if (socket_session_data[socket.id].secure_headers == true) {
+ if (socket_sessions[socket.id].secure_headers == true) {
// encrypt headers
if (zquiet)verbosity_mod += " with encrypted headers";
- var enc_headers = socket_session_data[socket.id].wtvsec.Encrypt(1, headers + "\n");
+ var enc_headers = socket_sessions[socket.id].wtvsec.Encrypt(1, headers + "\n");
socket.write(new Uint8Array(concatArrayBuffer(enc_headers, data)));
} else {
socket.write(new Uint8Array(concatArrayBuffer(Buffer.from(headers + "\n"), data)));
}
if (zquiet) console.log(" * Sent" + verbosity_mod + " " + headers_obj.http_response + " to client (Content-Type:", headers_obj['Content-Type'], "~", headers_obj['Content-Length'], "bytes)");
}
- socket_session_data[socket.id].buffer = null;
- if (socket_session_data[socket.id].close_me) socket.end();
+ socket_sessions[socket.id].buffer = null;
+ if (socket_sessions[socket.id].close_me) socket.end();
if (headers_obj["Connection"]) {
if (headers_obj["Connection"].toLowerCase() == "close" && !headers["wtv-connection-close"] == "false") {
socket.destroy();
@@ -556,17 +546,17 @@ async function processRequest(socket, data_hex, returnHeadersBeforeSecure = fals
// if its a POST request, assume its a binary blob and not encrypted (dangerous)
if (!encryptedRequest) {
// its not a POST and it 1failed the headersAreStandard test, so we think this is an encrypted blob
- if (socket_session_data[socket.id].secure != true) {
+ if (socket_sessions[socket.id].secure != true) {
// first time so reroll sessions
if (zdebug) console.log(" # [ UNEXPECTED BINARY BLOCK ] First sign of encryption, re-creating RC4 sessions for socket id", socket.id);
- socket_session_data[socket.id].wtvsec = new WTVSec(1,zdebug);
- socket_session_data[socket.id].wtvsec.IssueChallenge();
- socket_session_data[socket.id].wtvsec.SecureOn();
- socket_session_data[socket.id].secure = true;
+ socket_sessions[socket.id].wtvsec = new WTVSec(1,zdebug);
+ socket_sessions[socket.id].wtvsec.IssueChallenge();
+ socket_sessions[socket.id].wtvsec.SecureOn();
+ socket_sessions[socket.id].secure = true;
}
var enc_data = CryptoJS.enc.Hex.parse(data_hex.substring(header_length * 2));
if (enc_data.sigBytes > 0) {
- var dec_data = CryptoJS.lib.WordArray.create(socket_session_data[socket.id].wtvsec.Decrypt(0, enc_data));
+ var dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data));
var secure_headers = await processRequest(socket, dec_data.toString(CryptoJS.enc.Hex), true, true);
headers.encrypted = true;
Object.keys(secure_headers).forEach(function (k, v) {
@@ -577,19 +567,24 @@ async function processRequest(socket, data_hex, returnHeadersBeforeSecure = fals
}
if (headers["wtv-client-serial-number"] != null) {
- socket_session_data[socket.id].ssid = headers["wtv-client-serial-number"];
- }
- if (headers["wtv-client-rom-type"] != null) {
- if (socket_session_data[socket.id].ssid) {
- setSessionData(socket_session_data[socket.id].ssid, "wtv-client-rom-type", headers["wtv-client-rom-type"]);
+ socket.ssid = headers["wtv-client-serial-number"];
+ if (!ssid_sessions[socket.ssid]) {
+ ssid_sessions[socket.ssid] = new ClientSessionData();
}
}
- if (headers["wtv-incarnation"] != null) {
- if (socket_session_data[socket.id].wtvsec) {
- socket_session_data[socket.id].wtvsec.set_incarnation(headers["wtv-incarnation"]);
- } else {
- setSessionData(socket_session_data[socket.id].ssid, "incarnation", headers["wtv-incarnation"])
- }
+
+
+ // log all client wtv- headers to the SessionData for that SSID
+ // this way we can pull up client info such as wtv-client-rom-type or wtv-system-sysconfig
+ if (socket.ssid) {
+ Object.keys(headers).forEach(function (k) {
+ if (k.substr(0, 4) === "wtv-") {
+ if (k === "wtv-incarnation" && socket_sessions[socket.id].wtvsec) {
+ socket_sessions[socket.id].wtvsec.set_incarnation(headers[k]);
+ }
+ ssid_sessions[socket.ssid].set(k, headers[k]);
+ }
+ });
}
if (returnHeadersBeforeSecure) {
@@ -598,21 +593,21 @@ async function processRequest(socket, data_hex, returnHeadersBeforeSecure = fals
}
if (headers.secure === true) {
- if (!socket_session_data[socket.id].wtvsec) {
+ if (!socket_sessions[socket.id].wtvsec) {
if (!zquiet) console.log(" * Starting new WTVSec instance on socket", socket.id);
- if (getSessionData(socket_session_data[socket.id].ssid, "incarnation")) {
- socket_session_data[socket.id].wtvsec = new WTVSec(getSessionData(socket_session_data[socket.id].ssid, "incarnation"), zdebug);
+ if (ssid_sessions[socket.ssid].get("wtv-incarnation")) {
+ socket_sessions[socket.id].wtvsec = new WTVSec(ssid_sessions[socket.ssid].get("wtv-incarnation"), zdebug);
} else {
- socket_session_data[socket.id].wtvsec = new WTVSec(1, zdebug);
+ socket_sessions[socket.id].wtvsec = new WTVSec(1, zdebug);
}
- socket_session_data[socket.id].wtvsec.DecodeTicket(headers["wtv-ticket"]);
- socket_session_data[socket.id].wtvsec.ticket_b64 = headers["wtv-ticket"];
- socket_session_data[socket.id].wtvsec.SecureOn();
+ socket_sessions[socket.id].wtvsec.DecodeTicket(headers["wtv-ticket"]);
+ socket_sessions[socket.id].wtvsec.ticket_b64 = headers["wtv-ticket"];
+ socket_sessions[socket.id].wtvsec.SecureOn();
}
- if (socket_session_data[socket.id].secure != true) {
+ if (socket_sessions[socket.id].secure != true) {
// first time so reroll sessions
if (zdebug) console.log(" # [ SECURE ON BLOCK (" + socket.id + ")]");
- socket_session_data[socket.id].secure = true;
+ socket_sessions[socket.id].secure = true;
}
if (!headers.request_url) {
@@ -630,15 +625,23 @@ async function processRequest(socket, data_hex, returnHeadersBeforeSecure = fals
if (zdebug) console.log(" # Psuedo-encrypted Request (SECURE ON)", "on", socket.id);
// don't actually encrypt output
headers.psuedo_encryption = true;
- setSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption', true);
- socket_session_data[socket.id].secure = false;
+ ssid_sessions[socket.ssid].set("box-does-psuedo-encryption", true);
+ socket_sessions[socket.id].secure = false;
var secure_headers = await processRequest(socket, enc_data.toString(CryptoJS.enc.Hex), true);
} else {
// SECURE ON and detected encrypted data
- setSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption', false);
- var dec_data = CryptoJS.lib.WordArray.create(socket_session_data[socket.id].wtvsec.Decrypt(0, enc_data))
+ ssid_sessions[socket.ssid].set("box-does-psuedo-encryption", false);
+ var dec_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data))
var secure_headers = await processRequest(socket, dec_data.toString(CryptoJS.enc.Hex), true);
- if (zdebug) console.log(" # Encrypted Request (SECURE ON)", "on", socket.id);
+ if (zdebug) console.log(" # Encrypted Request (SECURE ON)", "on", socket.id, secure_headers);
+ if (!secure_headers.request) {
+ socket_sessions[socket.id].secure = false;
+ var errpage = doErrorPage(499, "Security Stream Busted");
+ headers = errpage[0];
+ data = errpage[1];
+ sendToClient(socket, headers, data);
+ return;
+ }
}
// Merge new headers into existing headers object
Object.keys(secure_headers).forEach(function (k, v) {
@@ -651,7 +654,7 @@ async function processRequest(socket, data_hex, returnHeadersBeforeSecure = fals
if (!headers.request_url) {
// still no url, likely lost encryption stream, tell client to relog
/*
- socket_session_data[socket.id].secure = false;
+ socket_sessions[socket.id].secure = false;
headers = `300 OK
Connection: Keep-Alive
Expires: Wed, 09 Oct 1991 22:00:00 GMT
@@ -662,8 +665,8 @@ wtv-visit: client:relog
Content-type: text/html`;
data = '';
*/
- delete socket_session_data[socket.id].wtvsec;
- socket_session_data[socket.id].close_me = true;
+ delete socket_sessions[socket.id].wtvsec;
+ socket_sessions[socket.id].close_me = true;
sendToClient(socket, headers, data);
} else {
processURL(socket, headers);
@@ -685,27 +688,27 @@ async function checkForPostData(socket, headers, data, data_hex) {
// \n\n
var header_length = data.length + 2;
}
- if (socket_session_data[socket.id].secure == true) {
- var enc_data = CryptoJS.enc.Hex.parse(socket_session_data[socket.id].buffer.toString(CryptoJS.enc.Hex).substring(header_length * 2));
+ if (socket_sessions[socket.id].secure == true) {
+ var enc_data = CryptoJS.enc.Hex.parse(socket_sessions[socket.id].buffer.toString(CryptoJS.enc.Hex).substring(header_length * 2));
if (enc_data.sigBytes > 0) {
if (headersAreStandard(enc_data.toString(CryptoJS.enc.Latin1))) {
// some builds (like our targeted 3833), send SECURE ON but then unencrypted headers
if (zdebug) console.log(" # Psuedo-encrypted POST Content (SECURE ON)", "on", socket.id);
// don't actually encrypt output
headers.psuedo_encryption = true;
- setSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption', true);
- socket_session_data[socket.id].secure = false;
+ ssid_sessions[socket.ssid].set("box-does-psuedo-encryption", true);
+ socket_sessions[socket.id].secure = false;
headers.post_data = await processRequest(socket, enc_data.toString(CryptoJS.enc.Hex), true);
} else {
// SECURE ON and detected encrypted data
- setSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption', false);
- headers.post_data = CryptoJS.lib.WordArray.create(socket_session_data[socket.id].wtvsec.Decrypt(0, enc_data))
+ ssid_sessions[socket.ssid].set("box-does-psuedo-encryption", false);
+ headers.post_data = CryptoJS.lib.WordArray.create(socket_sessions[socket.id].wtvsec.Decrypt(0, enc_data))
if (zdebug) console.log(" # Encrypted POST Content (SECURE ON)", "on", socket.id);
}
}
} else {
if (zdebug) console.log(" # Unencrypted POST Content", "on", socket.id);
- headers.post_data = CryptoJS.enc.Hex.parse(socket_session_data[socket.id].buffer.toString(CryptoJS.enc.Hex).substring(header_length * 2));
+ headers.post_data = CryptoJS.enc.Hex.parse(socket_sessions[socket.id].buffer.toString(CryptoJS.enc.Hex).substring(header_length * 2));
}
}
}
@@ -715,10 +718,10 @@ async function checkForPostData(socket, headers, data, data_hex) {
async function cleanupSocket(socket) {
try {
if (!zquiet) console.log(" * Destroying old WTVSec instance on disconnected socket", socket.id);
- delete socket_session_data[socket.id].buffer;
+ delete socket_sessions[socket.id].buffer;
- delete socket_session_data[socket.id].wtvsec;
- delete socket_session_data[socket.id];
+ delete socket_sessions[socket.id].wtvsec;
+ delete socket_sessions[socket.id];
socket.end();
} catch (e) {
console.log(" # Could not clean up socket data for socket ID", socket.id, e);
@@ -730,21 +733,21 @@ async function handleSocket(socket) {
// create unique socket id with client address and port
socket.id = parseInt(crc16('CCITT-FALSE', Buffer.from(String(socket.remoteAddress) + String(socket.remotePort), "utf8")).toString(16), 16);
- socket_session_data[socket.id] = [];
+ socket_sessions[socket.id] = [];
socket.setEncoding('hex'); //set data encoding (either 'ascii', 'utf8', or 'base64')
socket.on('data', function (data_hex) {
socket.setTimeout(300);
- if (socket_session_data[socket.id].buffer) {
- socket_session_data[socket.id].buffer.concat(CryptoJS.enc.Hex.parse(data_hex));
+ if (socket_sessions[socket.id].buffer) {
+ socket_sessions[socket.id].buffer.concat(CryptoJS.enc.Hex.parse(data_hex));
} else {
- socket_session_data[socket.id].buffer = CryptoJS.enc.Hex.parse(data_hex);
+ socket_sessions[socket.id].buffer = CryptoJS.enc.Hex.parse(data_hex);
}
});
socket.on('timeout', async function () {
// start the async chain
- if (socket_session_data[socket.id].buffer) {
- processRequest(this, socket_session_data[socket.id].buffer.toString(CryptoJS.enc.Hex));
+ if (socket_sessions[socket.id].buffer) {
+ processRequest(this, socket_sessions[socket.id].buffer.toString(CryptoJS.enc.Hex));
}
});
diff --git a/zefie_wtvp_minisrv/session_data.js b/zefie_wtvp_minisrv/session_data.js
new file mode 100644
index 00000000..f6e14679
--- /dev/null
+++ b/zefie_wtvp_minisrv/session_data.js
@@ -0,0 +1,28 @@
+class ClientSessionData {
+ data_store = null;
+
+ constructor() {
+ this.data_store = new Array();
+ }
+
+ get(key = null) {
+ if (typeof (this.data_store) === 'undefined') return null;
+ else if (key === null) return this.data_store;
+ else if (this.data_store[key]) return this.data_store[key];
+ else return null;
+ }
+
+ set(key, value) {
+ if (key === null) throw ("ClientSessionData.set(): invalid key provided");
+ if (typeof (this.data_store) === 'undefined') this.data_store = new Array();
+ this.data_store[key] = value;
+ }
+
+ delete(key) {
+ if (key === null) throw ("ClientSessionData.delete(): invalid key provided");
+ delete this.data_store[key];
+ }
+}
+
+
+module.exports = ClientSessionData;
\ No newline at end of file
diff --git a/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj b/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
index 1258cc5a..6be887f0 100644
--- a/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
+++ b/zefie_wtvp_minisrv/zefie_wtvp_minisrv.njsproj
@@ -181,6 +181,9 @@
+
+ Code
+
@@ -198,6 +201,9 @@
+
+ Code
+