Merge branch 'dev'
This commit is contained in:
zefie
@@ -351,7 +351,7 @@ main()
|
||||
|
||||
flush();
|
||||
|
||||
setprogresstext("Dialing your hacky modem...");
|
||||
setprogresstext("Dialing HackTV...");
|
||||
setprogresspercentage(32);
|
||||
setprogressdirty(1);
|
||||
|
||||
|
||||
Binary file not shown.
@@ -207,36 +207,38 @@ if (request_headers['wtv-request-type'] == 'download') {
|
||||
var wtv_download_list = new Array();
|
||||
var newest_file_epoch = version;
|
||||
Object.keys(diskmap_group_data.files).forEach(function (k) {
|
||||
if (!diskmap_group_data.files[k].location) diskmap_group_data.files[k].location = diskmap_group_data.location + diskmap_group_data.files[k].file.replace(diskmap_group_data.base, "");
|
||||
var post_match_file = null;
|
||||
if (!diskmap_group_data.files[k].location) diskmap_group_data.files[k].location = wtvshared.makeSafePath(diskmap_group_data.location,diskmap_group_data.files[k].file.replace(diskmap_group_data.base, ""));
|
||||
var diskmap_data_file = null;
|
||||
Object.keys(service_vaults).forEach(function (g) {
|
||||
if (post_match_file != null) return;
|
||||
post_match_file = service_vaults[g] + "/" + service_name + "/" + diskmap_group_data.files[k].location;
|
||||
if (!fs.existsSync(post_match_file)) post_match_file = null;
|
||||
if (diskmap_data_file != null) return;
|
||||
diskmap_data_file = service_vaults[g] + "/" + service_name + "/" + diskmap_group_data.files[k].location;
|
||||
if (!fs.existsSync(diskmap_data_file)) {
|
||||
console.error("Could not find a file for", diskmap_group_data.files[k].location, "(Last tried SV:", diskmap_data_file, ")");
|
||||
}
|
||||
});
|
||||
|
||||
var post_match_file_lstat = fs.lstatSync(post_match_file);
|
||||
var post_match_file_data = new Buffer.from(fs.readFileSync(post_match_file, {
|
||||
var diskmap_file_stat = fs.lstatSync(diskmap_data_file);
|
||||
var diskmap_file_data = new Buffer.from(fs.readFileSync(diskmap_data_file, {
|
||||
encoding: null,
|
||||
flags: 'r'
|
||||
}));
|
||||
diskmap_group_data.files[k].base = diskmap_group_data.base;
|
||||
diskmap_group_data.files[k].last_modified = (new Date(new Date(post_match_file_lstat.mtime).toUTCString()) / 1000);
|
||||
diskmap_group_data.files[k].content_length = post_match_file_lstat.size;
|
||||
diskmap_group_data.files[k].last_modified = (new Date(new Date(diskmap_file_stat.mtime).toUTCString()) / 1000);
|
||||
diskmap_group_data.files[k].content_length = diskmap_file_stat.size;
|
||||
diskmap_group_data.files[k].action = (diskmap_group_data.files[k].action) ? diskmap_group_data.files[k].action.toUpperCase() : "GET";
|
||||
|
||||
if (wtvshared.getFileExt(post_match_file).toLowerCase() == "gz") {
|
||||
// we need the checksum of the uncompressed data
|
||||
var gunzipped = zlib.gunzipSync(post_match_file_data);
|
||||
// we need the checksum of the uncompressed data
|
||||
if (wtvshared.getFileExt(diskmap_data_file).toLowerCase() == "gz") {
|
||||
var gunzipped = zlib.gunzipSync(diskmap_file_data);
|
||||
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(gunzipped)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||
var gzip_fn_end = post_match_file_data.indexOf("\0", 10);
|
||||
var gzip_fn_end = diskmap_file_data.indexOf("\0", 10);
|
||||
if (!diskmap_group_data.files[k].dont_extract_filename) {
|
||||
diskmap_group_data.files[k].original_filename = post_match_file_data.toString('utf8', 10, gzip_fn_end);
|
||||
diskmap_group_data.files[k].original_filename = diskmap_file_data.toString('utf8', 10, gzip_fn_end);
|
||||
}
|
||||
diskmap_group_data.files[k].uncompressed_size = gunzipped.byteLength;
|
||||
gunzipped = null;
|
||||
} else {
|
||||
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(post_match_file_data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(diskmap_file_data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||
}
|
||||
|
||||
if (parseInt(diskmap_group_data.files[k].last_modified) > newest_file_epoch) newest_file_epoch = parseInt(diskmap_group_data.files[k].last_modified);
|
||||
|
||||
@@ -92,10 +92,13 @@ data += `
|
||||
<upgradeblock width=280 height=15
|
||||
nexturl="${flashrom_info.next_rompath}"
|
||||
errorurl="${service_name}:/lc2-download-failed?"
|
||||
blockurl="${flashrom_info.rompath}"
|
||||
`
|
||||
if (!flashrom_info.is_last_part) data += `blockurl = "${flashrom_info.rompath}"`;
|
||||
|
||||
data += `
|
||||
lastblock="${flashrom_info.is_last_part}"
|
||||
curblock="` + (flashrom_info.part_number + 1) + `"
|
||||
`
|
||||
`;
|
||||
if (flashrom_info.part_count) {
|
||||
data += `totalblocks="${flashrom_info.part_count}"`;
|
||||
}
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
headers = `200 OK
|
||||
Connection: Close
|
||||
wtv-connection-close: true
|
||||
Content-type: text/html`
|
||||
|
||||
data = `<html>
|
||||
|
||||
@@ -166,7 +166,7 @@ class WTVShared {
|
||||
} else {
|
||||
// already absolute path
|
||||
}
|
||||
return path;
|
||||
return this.fixPathSlashes(path);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -206,11 +206,25 @@ class WTVShared {
|
||||
*/
|
||||
makeSafePath(base, target) {
|
||||
target.replace(/[\|\&\;\$\%\@\"\<\>\+\,\\]/g, "");
|
||||
if (this.path.sep != "/") target = target.replace(/\//g, this.path.sep);
|
||||
var targetPath = this.path.posix.normalize(target)
|
||||
return base + this.path.sep + targetPath;
|
||||
return this.fixPathSlashes(base + this.path.sep + targetPath);
|
||||
}
|
||||
|
||||
/**
|
||||
* Corrects any / or \ differences, if any for file paths
|
||||
* @param {string} path
|
||||
* @returns {string} corrected path
|
||||
*/
|
||||
fixPathSlashes(path) {
|
||||
// fix slashes
|
||||
if (this.path.sep == '/' && path.indexOf("\\") != -1) path = path.replace(/\\/g, this.path.sep);
|
||||
else if (this.path.sep == "\\" && path.indexOf("/") != -1) path = path.replace(/\//g, this.path.sep);
|
||||
|
||||
// remove double slashes
|
||||
while (path.indexOf(this.path.sep + this.path.sep) != -1) path = path.replace(this.path.sep + this.path.sep, this.path.sep);
|
||||
|
||||
return path;
|
||||
}
|
||||
/**
|
||||
* Makes sure an SSID is clean, and doesn't contain any exploitable characters
|
||||
* @param {string} ssid
|
||||
|
||||
@@ -585,25 +585,7 @@ async function sendToClient(socket, headers_obj, data) {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//is this needed here?
|
||||
/*
|
||||
if (content_length > 0) {
|
||||
if (socket_sessions[socket.id].wtv_request_type == "download") {
|
||||
if (headers_obj['Content-Type'] != "wtv/download-list") {
|
||||
if (wtvshared.getFileExt(socket_sessions[socket.id].request_headers.request_url).toLowerCase() == "gz") {
|
||||
// we need the checksum of the uncompressed data
|
||||
var gunzipped = zlib.gunzipSync(data);
|
||||
headers_obj['wtv-checksum'] = CryptoJS.MD5(CryptoJS.lib.WordArray.create(gunzipped)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||
headers_obj['wtv-uncompressed-size'] = gunzipped.byteLength;
|
||||
gunzipped = null;
|
||||
} else {
|
||||
headers_obj['wtv-checksum'] = CryptoJS.MD5(CryptoJS.lib.WordArray.create(data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
// if box can do compression, see if its worth enabling
|
||||
// small files actually get larger, so don't compress them
|
||||
@@ -633,8 +615,10 @@ async function sendToClient(socket, headers_obj, data) {
|
||||
|
||||
case 2:
|
||||
// zlib DEFLATE implementation
|
||||
var zlib_options = { 'level': 9 };
|
||||
if (uncompressed_content_length > 4194304) zlib_options.strategy = 2;
|
||||
headers_obj['Content-Encoding'] = 'deflate';
|
||||
data = zlib.deflateSync(data, { 'level': 9 });
|
||||
data = zlib.deflateSync(data, zlib_options);
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user