Merge branch 'dev'
This commit is contained in:
zefie
@@ -351,7 +351,7 @@ main()
|
|||||||
|
|
||||||
flush();
|
flush();
|
||||||
|
|
||||||
setprogresstext("Dialing your hacky modem...");
|
setprogresstext("Dialing HackTV...");
|
||||||
setprogresspercentage(32);
|
setprogresspercentage(32);
|
||||||
setprogressdirty(1);
|
setprogressdirty(1);
|
||||||
|
|
||||||
|
|||||||
Binary file not shown.
@@ -207,36 +207,38 @@ if (request_headers['wtv-request-type'] == 'download') {
|
|||||||
var wtv_download_list = new Array();
|
var wtv_download_list = new Array();
|
||||||
var newest_file_epoch = version;
|
var newest_file_epoch = version;
|
||||||
Object.keys(diskmap_group_data.files).forEach(function (k) {
|
Object.keys(diskmap_group_data.files).forEach(function (k) {
|
||||||
if (!diskmap_group_data.files[k].location) diskmap_group_data.files[k].location = diskmap_group_data.location + diskmap_group_data.files[k].file.replace(diskmap_group_data.base, "");
|
if (!diskmap_group_data.files[k].location) diskmap_group_data.files[k].location = wtvshared.makeSafePath(diskmap_group_data.location,diskmap_group_data.files[k].file.replace(diskmap_group_data.base, ""));
|
||||||
var post_match_file = null;
|
var diskmap_data_file = null;
|
||||||
Object.keys(service_vaults).forEach(function (g) {
|
Object.keys(service_vaults).forEach(function (g) {
|
||||||
if (post_match_file != null) return;
|
if (diskmap_data_file != null) return;
|
||||||
post_match_file = service_vaults[g] + "/" + service_name + "/" + diskmap_group_data.files[k].location;
|
diskmap_data_file = service_vaults[g] + "/" + service_name + "/" + diskmap_group_data.files[k].location;
|
||||||
if (!fs.existsSync(post_match_file)) post_match_file = null;
|
if (!fs.existsSync(diskmap_data_file)) {
|
||||||
|
console.error("Could not find a file for", diskmap_group_data.files[k].location, "(Last tried SV:", diskmap_data_file, ")");
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
var post_match_file_lstat = fs.lstatSync(post_match_file);
|
var diskmap_file_stat = fs.lstatSync(diskmap_data_file);
|
||||||
var post_match_file_data = new Buffer.from(fs.readFileSync(post_match_file, {
|
var diskmap_file_data = new Buffer.from(fs.readFileSync(diskmap_data_file, {
|
||||||
encoding: null,
|
encoding: null,
|
||||||
flags: 'r'
|
flags: 'r'
|
||||||
}));
|
}));
|
||||||
diskmap_group_data.files[k].base = diskmap_group_data.base;
|
diskmap_group_data.files[k].base = diskmap_group_data.base;
|
||||||
diskmap_group_data.files[k].last_modified = (new Date(new Date(post_match_file_lstat.mtime).toUTCString()) / 1000);
|
diskmap_group_data.files[k].last_modified = (new Date(new Date(diskmap_file_stat.mtime).toUTCString()) / 1000);
|
||||||
diskmap_group_data.files[k].content_length = post_match_file_lstat.size;
|
diskmap_group_data.files[k].content_length = diskmap_file_stat.size;
|
||||||
diskmap_group_data.files[k].action = (diskmap_group_data.files[k].action) ? diskmap_group_data.files[k].action.toUpperCase() : "GET";
|
diskmap_group_data.files[k].action = (diskmap_group_data.files[k].action) ? diskmap_group_data.files[k].action.toUpperCase() : "GET";
|
||||||
|
|
||||||
if (wtvshared.getFileExt(post_match_file).toLowerCase() == "gz") {
|
// we need the checksum of the uncompressed data
|
||||||
// we need the checksum of the uncompressed data
|
if (wtvshared.getFileExt(diskmap_data_file).toLowerCase() == "gz") {
|
||||||
var gunzipped = zlib.gunzipSync(post_match_file_data);
|
var gunzipped = zlib.gunzipSync(diskmap_file_data);
|
||||||
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(gunzipped)).toString(CryptoJS.enc.Hex).toLowerCase();
|
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(gunzipped)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||||
var gzip_fn_end = post_match_file_data.indexOf("\0", 10);
|
var gzip_fn_end = diskmap_file_data.indexOf("\0", 10);
|
||||||
if (!diskmap_group_data.files[k].dont_extract_filename) {
|
if (!diskmap_group_data.files[k].dont_extract_filename) {
|
||||||
diskmap_group_data.files[k].original_filename = post_match_file_data.toString('utf8', 10, gzip_fn_end);
|
diskmap_group_data.files[k].original_filename = diskmap_file_data.toString('utf8', 10, gzip_fn_end);
|
||||||
}
|
}
|
||||||
diskmap_group_data.files[k].uncompressed_size = gunzipped.byteLength;
|
diskmap_group_data.files[k].uncompressed_size = gunzipped.byteLength;
|
||||||
gunzipped = null;
|
gunzipped = null;
|
||||||
} else {
|
} else {
|
||||||
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(post_match_file_data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
diskmap_group_data.files[k].checksum = CryptoJS.MD5(CryptoJS.lib.WordArray.create(diskmap_file_data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (parseInt(diskmap_group_data.files[k].last_modified) > newest_file_epoch) newest_file_epoch = parseInt(diskmap_group_data.files[k].last_modified);
|
if (parseInt(diskmap_group_data.files[k].last_modified) > newest_file_epoch) newest_file_epoch = parseInt(diskmap_group_data.files[k].last_modified);
|
||||||
|
|||||||
@@ -92,10 +92,13 @@ data += `
|
|||||||
<upgradeblock width=280 height=15
|
<upgradeblock width=280 height=15
|
||||||
nexturl="${flashrom_info.next_rompath}"
|
nexturl="${flashrom_info.next_rompath}"
|
||||||
errorurl="${service_name}:/lc2-download-failed?"
|
errorurl="${service_name}:/lc2-download-failed?"
|
||||||
blockurl="${flashrom_info.rompath}"
|
`
|
||||||
|
if (!flashrom_info.is_last_part) data += `blockurl = "${flashrom_info.rompath}"`;
|
||||||
|
|
||||||
|
data += `
|
||||||
lastblock="${flashrom_info.is_last_part}"
|
lastblock="${flashrom_info.is_last_part}"
|
||||||
curblock="` + (flashrom_info.part_number + 1) + `"
|
curblock="` + (flashrom_info.part_number + 1) + `"
|
||||||
`
|
`;
|
||||||
if (flashrom_info.part_count) {
|
if (flashrom_info.part_count) {
|
||||||
data += `totalblocks="${flashrom_info.part_count}"`;
|
data += `totalblocks="${flashrom_info.part_count}"`;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,4 +1,6 @@
|
|||||||
headers = `200 OK
|
headers = `200 OK
|
||||||
|
Connection: Close
|
||||||
|
wtv-connection-close: true
|
||||||
Content-type: text/html`
|
Content-type: text/html`
|
||||||
|
|
||||||
data = `<html>
|
data = `<html>
|
||||||
|
|||||||
@@ -166,7 +166,7 @@ class WTVShared {
|
|||||||
} else {
|
} else {
|
||||||
// already absolute path
|
// already absolute path
|
||||||
}
|
}
|
||||||
return path;
|
return this.fixPathSlashes(path);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -206,11 +206,25 @@ class WTVShared {
|
|||||||
*/
|
*/
|
||||||
makeSafePath(base, target) {
|
makeSafePath(base, target) {
|
||||||
target.replace(/[\|\&\;\$\%\@\"\<\>\+\,\\]/g, "");
|
target.replace(/[\|\&\;\$\%\@\"\<\>\+\,\\]/g, "");
|
||||||
if (this.path.sep != "/") target = target.replace(/\//g, this.path.sep);
|
|
||||||
var targetPath = this.path.posix.normalize(target)
|
var targetPath = this.path.posix.normalize(target)
|
||||||
return base + this.path.sep + targetPath;
|
return this.fixPathSlashes(base + this.path.sep + targetPath);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Corrects any / or \ differences, if any for file paths
|
||||||
|
* @param {string} path
|
||||||
|
* @returns {string} corrected path
|
||||||
|
*/
|
||||||
|
fixPathSlashes(path) {
|
||||||
|
// fix slashes
|
||||||
|
if (this.path.sep == '/' && path.indexOf("\\") != -1) path = path.replace(/\\/g, this.path.sep);
|
||||||
|
else if (this.path.sep == "\\" && path.indexOf("/") != -1) path = path.replace(/\//g, this.path.sep);
|
||||||
|
|
||||||
|
// remove double slashes
|
||||||
|
while (path.indexOf(this.path.sep + this.path.sep) != -1) path = path.replace(this.path.sep + this.path.sep, this.path.sep);
|
||||||
|
|
||||||
|
return path;
|
||||||
|
}
|
||||||
/**
|
/**
|
||||||
* Makes sure an SSID is clean, and doesn't contain any exploitable characters
|
* Makes sure an SSID is clean, and doesn't contain any exploitable characters
|
||||||
* @param {string} ssid
|
* @param {string} ssid
|
||||||
|
|||||||
@@ -586,24 +586,6 @@ async function sendToClient(socket, headers_obj, data) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//is this needed here?
|
|
||||||
/*
|
|
||||||
if (content_length > 0) {
|
|
||||||
if (socket_sessions[socket.id].wtv_request_type == "download") {
|
|
||||||
if (headers_obj['Content-Type'] != "wtv/download-list") {
|
|
||||||
if (wtvshared.getFileExt(socket_sessions[socket.id].request_headers.request_url).toLowerCase() == "gz") {
|
|
||||||
// we need the checksum of the uncompressed data
|
|
||||||
var gunzipped = zlib.gunzipSync(data);
|
|
||||||
headers_obj['wtv-checksum'] = CryptoJS.MD5(CryptoJS.lib.WordArray.create(gunzipped)).toString(CryptoJS.enc.Hex).toLowerCase();
|
|
||||||
headers_obj['wtv-uncompressed-size'] = gunzipped.byteLength;
|
|
||||||
gunzipped = null;
|
|
||||||
} else {
|
|
||||||
headers_obj['wtv-checksum'] = CryptoJS.MD5(CryptoJS.lib.WordArray.create(data)).toString(CryptoJS.enc.Hex).toLowerCase();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
// if box can do compression, see if its worth enabling
|
// if box can do compression, see if its worth enabling
|
||||||
// small files actually get larger, so don't compress them
|
// small files actually get larger, so don't compress them
|
||||||
@@ -633,8 +615,10 @@ async function sendToClient(socket, headers_obj, data) {
|
|||||||
|
|
||||||
case 2:
|
case 2:
|
||||||
// zlib DEFLATE implementation
|
// zlib DEFLATE implementation
|
||||||
|
var zlib_options = { 'level': 9 };
|
||||||
|
if (uncompressed_content_length > 4194304) zlib_options.strategy = 2;
|
||||||
headers_obj['Content-Encoding'] = 'deflate';
|
headers_obj['Content-Encoding'] = 'deflate';
|
||||||
data = zlib.deflateSync(data, { 'level': 9 });
|
data = zlib.deflateSync(data, zlib_options);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user