zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.8.1

Browse Source 
- fix: reported verbosity levels
 - fix: In some cases SSID was not filtered
 - fix: could not read service folders/files that had urlescape'd characters in them
 - update: change config variable name, allow user override (user_config.json)
 - update user-config example
 - Clean up session info into a class
This commit is contained in:
zefie
2021-07-18 08:11:07 -04:00
parent 23d014a334
commit 857e3639cc
19 changed files with 290 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
zefie_wtvp_minisrv/ServiceVault/wtv-1800/finish-prereg.js
View File

@@ -1,37 +1,38 @@
if (socket_session_data[socket.id].ssid != null && !getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')) {
if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
var wtvsec_login = new WTVSec();
wtvsec_login.IssueChallenge();
wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
setSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login', wtvsec_login)
} else {
var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')
ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
} else if (socket.ssid != null) {
var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
}
var prereg_contype = "text/html";
if (wtvsec_login) {
var prereg_contype = "text/html";
// if relogin, skip tellyscript
if (request_headers.query.relogin) { // skip tellyscript
wtvsec_login.ticket_b64 = null; // clear old ticket
}
// if relogin, skip tellyscript
if (request_headers.query.relogin) { // skip tellyscript
wtvsec_login.ticket_b64 = null; // clear old ticket
}
// if relogin, skip tellyscript
var romtype, file_path = null;
if (!request_headers.query.relogin && services_configured.config.send_tellyscripts) {
var romtype = getSessionData(socket_session_data[socket.id].ssid, 'wtv-client-rom-type');
}
// if relogin, skip tellyscript
var romtype, file_path = null;
if (!request_headers.query.relogin && minisrv_config.config.send_tellyscripts) {
var romtype = ssid_sessions[socket.ssid].get("wtv-client-rom-type");
}
switch (romtype) {
case "US-LC2-disk-0MB-8MB":
prereg_contype = "text/tellyscript";
var file_path = __dirname + "/ServiceDeps/premade_tellyscripts/LC2/LC2_OISP_5555732_56k.tok";
break;
switch (romtype) {
case "US-LC2-disk-0MB-8MB":
prereg_contype = "text/tellyscript";
var file_path = __dirname + "/ServiceDeps/premade_tellyscripts/LC2/LC2_OISP_5555732_56k.tok";
break;
default:
data = '';
break;
}
default:
data = '';
break;
}
headers = `200 OK
headers = `200 OK
Connection: Keep-Alive
wtv-initial-key: ` + wtvsec_login.challenge_key.toString(CryptoJS.enc.Base64) + `
Content-Type: `+ prereg_contype + `
@@ -46,14 +47,20 @@ wtv-client-time-zone: GMT -0000
wtv-client-time-dst-rule: GMT
wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT`;
if (file_path) {
request_is_async = true;
fs.readFile(file_path, null, function (err, file_read_data) {
if (err) {
var errmsg = doErrorCode(400);
headers = errmsg[0];
file_read_data = errmsg[1] + "\n" + err.toString();
}
sendToClient(socket, headers, file_read_data);
});
if (file_path) {
request_is_async = true;
fs.readFile(file_path, null, function (err, file_read_data) {
if (err) {
var errmsg = doErrorCode(400);
headers = errmsg[0];
file_read_data = errmsg[1] + "\n" + err.toString();
}
sendToClient(socket, headers, file_read_data);
});
}
} else {
console.log(" * Something bad happened (we don't know the client ssid???)");
var errpage = doErrorCode(400)
headers = errpage[0];
data = errpage[1];
}

2
zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/get-by-path.js
View File

@@ -6,7 +6,7 @@ headers = "200 OK\n"
if (request_headers.query.raw) {
if ((/\.brom$/).test(request_path)) headers += "Content-Type: binary/x-wtv-bootrom"; // maybe?
else headers += "Content-Type: binary/x-wtv-flashblock";
if (services_configured.services[service_name].use_zefie_server) {
if (minisrv_config.services[service_name].use_zefie_server) {
// get flashrom files from archive.midnightchannel.net
var options = {
host: "archive.midnightchannel.net",

2
zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/get-lc2-page.js
View File

@@ -10,7 +10,7 @@ if (!request_headers.query.path) {
data = errpage[1];
} else {
var request_path = unescape(request_headers.query.path);
if (services_configured.services[service_name].use_zefie_server) {
if (minisrv_config.services[service_name].use_zefie_server) {
// read first 256 bytes of flashrom file from archive.midnightchannel.net
// to get `flashrom_message` and `numparts` if missing
var options = {

2
zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/lc2-download-complete.js
View File

@@ -58,7 +58,7 @@ Updating complete
<td colspan=9 width=100 height=258 valign=top align=left>
<font size=+1>
The update is complete.<br>
<p><font size=+1>Choose <b>Connect Now</b> if you<br>want to connect to ${services_configured.config.service_name}.
<p><font size=+1>Choose <b>Connect Now</b> if you<br>want to connect to ${minisrv_config.config.service_name}.
<p><font size=+1>Press the <b>power</b> button to switch<br>off your unit.
</font>
<tr>

4
zefie_wtvp_minisrv/ServiceVault/wtv-flashrom/willie.js
View File

@@ -12,13 +12,13 @@ for (const [key, value] of Object.entries(request_headers.query)) {
proxy_query += "&" + key + "=" + value;
}
if (!services_configured.services[service_name].use_zefie_server) {
if (!minisrv_config.services[service_name].use_zefie_server) {
proxy_query += "&minisrv_local_mode=true";
}
var options = {
host: "wtv.zefie.com",
path: "/willie.php?minisrv=true&pflash=" + getSessionData(socket_session_data[socket.id].ssid, 'wtv-client-rom-type') + proxy_query,
path: "/willie.php?minisrv=true&pflash=" + ssid_sessions[socket.ssid].get("wtv-client-rom-type") + proxy_query,
timeout: 5000,
method: 'GET'
}

10
zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/finalize-security.js
View File

@@ -1,14 +1,14 @@
var challenge_response, challenge_header = '';
var gourl;
if (socket_session_data[socket.id].ssid !== null) {
if (socket.ssid !== null) {
if (request_headers["wtv-ticket"]) {
if (request_headers["wtv-ticket"].length > 8) {
DecodeTicket(request_headers["wtv-ticket"]);
socket_session_data[socket.id].wtvsec.ticket_b64 = request_headers["wtv-ticket"];
//socket_session_data[socket.id].secure == true;
socket_sessions[socket.id].wtvsec.ticket_b64 = request_headers["wtv-ticket"];
//socket_sessions[socket.id].secure == true;
}
} else if (socket_session_data[socket.id].wtvsec.ticket_b64 == null) {
} else if (socket_sessions[socket.id].wtvsec.ticket_b64 == null) {
// TODO: client should have a ticket and send it back by now, if not we should handle this correctly
}
}
@@ -16,7 +16,7 @@ if (socket_session_data[socket.id].ssid !== null) {
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
wtv-ticket: `+socket_session_data[socket.id].wtvsec.ticket_b64+`
wtv-ticket: `+socket_sessions[socket.id].wtvsec.ticket_b64+`
wtv-expire-all: htv-
wtv-home-url: wtv-home:/home?
wtv-visit: wtv-home:/splash?

16
zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login-stage-two.js
View File

@@ -1,22 +1,22 @@
var challenge_response, challenge_header = '';
var gourl;
if (socket_session_data[socket.id].ssid != null && !getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')) {
if (socket.ssid != null && !ssid_sessions[socket.ssid].get("wtvsec_login")) {
var wtvsec_login = new WTVSec(1,zdebug);
wtvsec_login.IssueChallenge();
wtvsec_login.set_incarnation(request_headers["wtv-incarnation"]);
setSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login', wtvsec_login)
ssid_sessions[socket.ssid].set("wtvsec_login", wtvsec_login);
} else {
var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login')
var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
}
if (socket_session_data[socket.id].ssid !== null) {
if (socket.ssid !== null) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers["wtv-ticket"]) {
if (request_headers["wtv-ticket"].length > 8) {
wtvsec_login.DecodeTicket(request_headers["wtv-ticket"]);
wtvsec_login.ticket_b64 = request_headers["wtv-ticket"];
//socket_session_data[socket.id].secure = true;
//socket_sessions[socket.id].secure = true;
}
} else {
challenge_response = wtvsec_login.challenge_response;
@@ -24,11 +24,11 @@ if (socket_session_data[socket.id].ssid !== null) {
if (challenge_response && client_challenge_response) {
//if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
console.log(" * wtv-challenge-response success for " + processSSID(socket_session_data[socket.id].ssid));
console.log(" * wtv-challenge-response success for " + processSSID(socket.ssid));
wtvsec_login.PrepareTicket();
//socket_session_data[socket.id].secure = true;
//socket_sessions[socket.id].secure = true;
} else {
console.log(" * wtv-challenge-response FAILED for " + processSSID(socket_session_data[socket.id].ssid));
console.log(" * wtv-challenge-response FAILED for " + processSSID(socket.ssid));
if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
if (zdebug) console.log("Response Received:", client_challenge_response)
gourl = "wtv-head-waiter:/login?reissue_challenge=true";

6
zefie_wtvp_minisrv/ServiceVault/wtv-head-waiter/login.js
View File

@@ -1,7 +1,7 @@
var challenge_response, challenge_header = '';
if (socket_session_data[socket.id].ssid !== null) {
var wtvsec_login = getSessionData(socket_session_data[socket.id].ssid, 'wtvsec_login');
if (socket.ssid !== null) {
var wtvsec_login = ssid_sessions[socket.ssid].get("wtvsec_login");
if (request_headers["wtv-ticket"]) {
if (wtvsec_login.ticket_b64 == null) {
if (request_headers["wtv-ticket"].length > 8) {
@@ -15,7 +15,7 @@ if (socket_session_data[socket.id].ssid !== null) {
var client_challenge_response = request_headers["wtv-challenge-response"] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0, 85) == client_challenge_response.substring(0, 85)) {
console.log(" * wtv-challenge-response success for " + socket_session_data[socket.id].ssid);
console.log(" * wtv-challenge-response success for " + socket.ssid);
wtvsec_login.PrepareTicket();
} else {
challenge_header = "wtv-challenge: " + wtvsec_login.IssueChallenge();

4
zefie_wtvp_minisrv/ServiceVault/wtv-home/home.js
View File

@@ -3,10 +3,10 @@ Connection: Keep-Alive
wtv-expire-all: wtv-home:/splash
Content-type: text/html`
if (getSessionData(socket_session_data[socket.id].ssid, 'box-does-psuedo-encryption')) {
if (ssid_sessions[socket.ssid].get('box-does-psuedo-encryption')) {
var cryptstatus = "<a href='client:showalert?message=Your%20WebTV%20Unit%20sent%20us%20a%20request%20for%20SECURE%20ON%2C%20but%20did%20not%20encrypt%20any%20data%2C%20nor%20will%20accept%20it.%20However%2C%20we%20send%20the%20wtv-encryption%20flag%20to%20roll%20with%20it%2C%20enabling%20%27psuedo-encryption%27.%20Nothing%20is%20encrypted%2C%20but%20the%20box%20trusts%20us.%20This%20will%20probably%20go%20away%20if%20you%20reload%20or%20change%20pages.&buttonaction1=client:donothing&buttonlabel1=Oh%2C%20okay...'>Psuedo-encrypted</a>";
} else {
var cryptstatus = ((socket_session_data[socket.id].secure === true) ? "Encrypted" : "Not Encrypted")
var cryptstatus = ((socket_sessions[socket.id].secure === true) ? "Encrypted" : "Not Encrypted")
}

10
zefie_wtvp_minisrv/ServiceVault/wtv-log/log.js
View File

@@ -9,7 +9,7 @@ Content-length: 0`;
data = '';
var fullpath = __dirname + "/ServiceLogPost/" + Math.floor(new Date().getTime() / 1000) + "_" + request_headers.query.type;
if (socket_session_data[socket.id].ssid) fullpath += "_" + socket_session_data[socket.id].ssid;
if (socket.ssid) fullpath += "_" + socket.ssid;
fullpath += ".txt";
fullpath = fullpath.replace(/\\/g, "/");
@@ -21,9 +21,9 @@ Content-length: 0`;
logdata_outstring += "\r\n";
var logdata_outstring_hex = Buffer.from(logdata_outstring, 'utf8').toString('hex');
logdata_outstring_hex += request_headers.post_data.toString(CryptoJS.enc.Hex);
if (services_configured.services[service_name].write_logs_to_disk) {
if (minisrv_config.services[service_name].write_logs_to_disk) {
fs.writeFile(fullpath, logdata_outstring_hex, "Hex", function () {
if (!zquiet) console.log(" * Wrote POST log data from", processSSID(socket_session_data[socket.id].ssid), "for", socket.id);
if (!zquiet) console.log(" * Wrote POST log data from", processSSID(socket.ssid), "for", socket.id);
sendToClient(socket, headers, data);
});
} else {
@@ -41,9 +41,9 @@ Content-length: 0`;
logdata_outstring += k + "=" + unescape(request_headers.query[k].toString()) + "\r\n";
});
var logdata_outstring_hex = Buffer.from(logdata_outstring, 'utf8').toString('hex');
if (services_configured.services[service_name].write_logs_to_disk) {
if (minisrv_config.services[service_name].write_logs_to_disk) {
fs.writeFile(fullpath, logdata_outstring_hex, "Hex", function () {
if (!zquiet) console.log(" * Wrote GET log data from", processSSID(socket_session_data[socket.id].ssid), "for", socket.id);
if (!zquiet) console.log(" * Wrote GET log data from", processSSID(socket.ssid), "for", socket.id);
sendToClient(socket, headers, data);
});
} else {

0
zefie_wtvp_minisrv/ServiceVault/wtv-tricks/info.js Normal file
View File