zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.7.0

Browse Source 
- Async support
 - Added RMF content-type
 - Better file extension detection
 - Clarify installation instructions
 - Update README.md
 - Remove encryption keys from wtv-home:/home
 - Decode URI for support for files with urlencoded elements
 - Fixed MSTV Sim compatiblity
 - Fix a typo
 - Add nobind feature to configure external services
 - Add url accessor to wtv-home:/home for non-internal builds
 - Add wtv-tricks:/access?url=
 - Very initial HTTP Proxy work (won't work yet)
This commit is contained in:
zefie
2021-07-15 03:20:20 -04:00
parent 6300348e2e
commit 4731ba1975
20 changed files with 355 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
hacktv_updsrv/ServiceVault/wtv-head-waiter/finalize-security.js
View File

@@ -5,10 +5,10 @@ if (socket_session_data[socket.id].ssid !== null) {
if (request_headers['wtv-ticket']) {
if (request_headers['wtv-ticket'].length > 8) {
DecodeTicket(request_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = request_headers['wtv-ticket'];
socket_session_data[socket.id].wtvsec.ticket_b64 = request_headers['wtv-ticket'];
//socket_session_data[socket.id].secure == true;
}
} else if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
} else if (socket_session_data[socket.id].wtvsec.ticket_b64 == null) {
// TODO: client should have a ticket and send it back by now, if not we should handle this correctly
}
}
@@ -16,7 +16,7 @@ if (socket_session_data[socket.id].ssid !== null) {
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
wtv-ticket: `+socket_session_data[socket.id].wtvsec.ticket_b64+`
wtv-expire-all: htv-
wtv-home-url: wtv-home:/home?
wtv-visit: wtv-home:/splash?

24
hacktv_updsrv/ServiceVault/wtv-head-waiter/login-stage-two.js
View File

@@ -1,22 +1,32 @@
var challenge_response, challenge_header = '';
var gourl;
if (socket_session_data[socket.id].ssid != null && !getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')) {
var wtvsec_login = new WTVSec();
wtvsec_login = new WTVSec();
wtvsec_login.IssueChallenge();
wtvsec_login.set_incarnation(request_headers['wtv-incarnation']);
setSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login', wtvsec_login)
} else {
var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')
}
if (socket_session_data[socket.id].ssid !== null) {
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers['wtv-ticket']) {
if (request_headers['wtv-ticket'].length > 8) {
sec_session[socket_session_data[socket.id].ssid].DecodeTicket(request_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = request_headers['wtv-ticket'];
wtvsec_login.DecodeTicket(request_headers['wtv-ticket']);
wtvsec_login.ticket_b64 = request_headers['wtv-ticket'];
//socket_session_data[socket.id].secure = true;
}
} else {
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
challenge_response = wtvsec_login.challenge_response;
var client_challenge_response = request_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
//if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
wtvsec_login.PrepareTicket();
//socket_session_data[socket.id].secure = true;
} else {
console.log(" * wtv-challenge-response FAILED for " + socket_session_data[socket.id].ssid);
@@ -56,7 +66,7 @@ wtv-visit: client:closeallpanels
wtv-expire-all: client:closeallpanels
wtv-offline-user-list: `+offline_user_list+`
wtv-bypass-proxy: true
wtv-ticket: `+ sec_session[socket_session_data[socket.id].ssid].ticket_b64 + `
wtv-ticket: `+ wtvsec_login.ticket_b64 + `
wtv-messagewatch-checktimeoffset: off
wtv-input-timeout: 14400
wtv-connection-timeout: 90
@@ -71,6 +81,8 @@ wtv-noback-all: wtv-
wtv-service: reset
`+ getServiceString('all') + `
wtv-boot-url: wtv-1800:/preregister?relogin=true
wtv-ssl-certs-download-url: wtv-head-waiter:/ssl-cert.der
wtv-ssl-certs-checksum: 473926DC1B11F635A6B920953FDCDE6A
wtv-user-name: `+ nickname + `
wtv-human-name: `+ nickname + `
wtv-irc-nick: `+ nickname + `

50
hacktv_updsrv/ServiceVault/wtv-head-waiter/login.js
View File

@@ -1,26 +1,32 @@
var challenge_response, challenge_header = '';
if (socket_session_data[socket.id].ssid !== null) {
var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login');
if (request_headers['wtv-ticket']) {
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers['wtv-ticket'].length > 8) {
sec_session[socket_session_data[socket.id].ssid].DecodeTicket(request_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = request_headers['wtv-ticket'];
wtvsec_login.DecodeTicket(request_headers['wtv-ticket']);
wtvsec_login.ticket_b64 = request_headers['wtv-ticket'];
}
}
} else {
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
var client_challenge_response = request_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
if (wtvsec_login) {
challenge_response = wtvsec_login.challenge_response;
var client_challenge_response = request_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0, 85) == client_challenge_response.substring(0, 85)) {
console.log(" * wtv-challenge-response success for " + socket_session_data[socket.id].ssid);
wtvsec_login.PrepareTicket();
} else {
challenge_header = "wtv-challenge: " + wtvsec_login.IssueChallenge();
}
} else {
challenge_header = "wtv-challenge: "+issueWTVChallenge(socket);
challenge_header = "wtv-challenge: " + wtvsec_login.IssueChallenge();
}
} else {
challenge_header = "wtv-challenge: "+issueWTVChallenge(socket);
}
wtvsec_login = new WTVSec();
}
}
}
@@ -42,15 +48,27 @@ if (request_headers) {
});
}
*/
headers = `200 OK
if (challenge_header != '') {
headers = `200 OK
Connection: Keep-Alive
Expires: Wed, 09 Oct 1991 22:00:00 GMT
wtv-expire-all: wtv-head-waiter:
`+getServiceString('wtv-log')+`
`+ getServiceString('wtv-log') + `
wtv-log-url: wtv-log:/log
`+challenge_header+`
`+ challenge_header + `
wtv-relogin-url: wtv-1800:/preregister?relogin=true
wtv-reconnect-url: wtv-1800:/preregister?reconnect=true
wtv-visit: wtv-head-waiter:/login-stage-two?
Content-type: text/html`;
data = '';
data = '';
} else {
headers = `200 OK
Connection: Keep-Alive
Expires: Wed, 09 Oct 1991 22:00:00 GMT
wtv-expire-all: wtv-head-waiter:
wtv-expire-all: wtv-1800:
wtv-visit: wtv-1800:/preregister?relogin=true
Content-type: text/html`;
}

BIN
hacktv_updsrv/ServiceVault/wtv-head-waiter/ssl-cert.der Normal file
View File

Binary file not shown.