diff --git a/zefie_wtvp_minisrv/UserServiceDeps/templates/.gitkeep b/zefie_wtvp_minisrv/UserServiceDeps/templates/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/zefie_wtvp_minisrv/app.js b/zefie_wtvp_minisrv/app.js index 77024ee5..557df244 100644 --- a/zefie_wtvp_minisrv/app.js +++ b/zefie_wtvp_minisrv/app.js @@ -331,7 +331,8 @@ async function processPath(socket, service_vault_file_path, request_headers = ne var request_is_async = false; var service_vault_found = false; var service_path = unescape(service_vault_file_path); - var usingSharedROMCache = false; + var vaults_to_scan = service_vaults; + var usingSharedROMCache = false; var contextObj = { "privileged": false, "socket": socket, @@ -352,19 +353,17 @@ async function processPath(socket, service_vault_file_path, request_headers = ne ["request_is_async", "request_is_async"] // we need to know if the script is async or not ] - if (!pc_services) { + if (pc_services) { + var pc_service_name = getServiceByVaultDir(service_name) + if (minisrv_config.services[pc_service_name].service_vaults) { + vaults_to_scan = minisrv_config.services[pc_service_name].service_vaults; + } + } else { updateFromVM.push([`ssid_sessions['${socket.ssid}']`, "session_data"]); // user-specific session data from unprivileged scripts } - var privileged = false; - if (minisrv_config.services[service_name]) { - privileged = (minisrv_config.services[service_name].privileged) ? true : false; - } else if (pc_services) { - var real_service_name = getServiceByVaultDir(service_name); - if (real_service_name) { - privileged = (minisrv_config.services[real_service_name].privileged) ? true : false; - } - } + if (minisrv_config.services[service_name]) privileged = (minisrv_config.services[service_name].privileged) ? true : false; + else if (pc_services) privileged = (minisrv_config.services['pc_services'].privileged) ? true : false; if (privileged) { updateFromVM.push(["ssid_sessions", "ssid_sessions"]); // global ssid_sessions object for privileged service scripts, such as wtv-setup, wtv-head-waiter, etc @@ -372,7 +371,7 @@ async function processPath(socket, service_vault_file_path, request_headers = ne } try { - service_vaults.forEach(function (service_vault_dir) { + vaults_to_scan.forEach(function (service_vault_dir) { if (service_vault_found) return; if (!usingSharedROMCache) { if (minisrv_config.config.SharedROMCache && shared_romcache) { @@ -443,7 +442,7 @@ async function processPath(socket, service_vault_file_path, request_headers = ne } if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) { - ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(minisrv_config, service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update); + ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(minisrv_config, search_service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update); } ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) { @@ -2011,11 +2010,11 @@ if (minisrv_config.config.error_log_file) { // sanity if (minisrv_config.config.user_accounts.max_users_per_account < 1) { - console.log(" * WARNING: user_accounts.max_users_per_account should be at least 1, we have set it to 1."); + console.log(" * WARNING: user_accounts.max_users_per_account should be >= 1, we have set it to 1."); minisrv_config.config.user_accounts.max_users_per_account = 1; } if (minisrv_config.config.user_accounts.max_users_per_account > 99) { - console.log(" * WARNING: user_accounts.max_users_per_account should be less than 99, we have set it to 99."); + console.log(" * WARNING: user_accounts.max_users_per_account should be <= 99, we have set it to 99."); minisrv_config.config.user_accounts.max_users_per_account = 99; } diff --git a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js index cd464fba..65a18046 100644 --- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js +++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js @@ -295,8 +295,6 @@ ${(message.subject) ? wtvshared.htmlEntitize(message.subject) : '(No subject)'} } data += `

`; - console.log(message.body); - console.log(message.allow_html) if (Array.isArray(message.attachments)) { message.attachments.forEach((v, k) => { if (v) { diff --git a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/sendmail.js b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/sendmail.js index 4d57a318..843f0864 100644 --- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/sendmail.js +++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/sendmail.js @@ -210,6 +210,8 @@ Content-Type: audio/wav`; } } + if (!msg_body) msg_body = ""; + if (attachments.length > 0 || msg_body.indexOf('') >= 0) { // usenet attachments var tuples = []; diff --git a/zefie_wtvp_minisrv/includes/classes/WTVAuthor.js b/zefie_wtvp_minisrv/includes/classes/WTVAuthor.js index 4b60b3f6..86616ba0 100644 --- a/zefie_wtvp_minisrv/includes/classes/WTVAuthor.js +++ b/zefie_wtvp_minisrv/includes/classes/WTVAuthor.js @@ -857,7 +857,7 @@ html += `">next page } for (let i = 0; i < this.stylemedia.length; i++) { this.fs.mkdirSync(destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i].substr(0, this.stylemedia[i].lastIndexOf("/")), { recursive: true }) - this.fs.copyFile('ServiceVault/wtv-author' + this.stylemedia[i], destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i], (err) => { + this.fs.copyFile('includes/ServiceVault/wtv-author' + this.stylemedia[i], destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i], (err) => { if (err) throw err; }); } diff --git a/zefie_wtvp_minisrv/includes/classes/WTVNewsServer.js b/zefie_wtvp_minisrv/includes/classes/WTVNewsServer.js index b92c40bd..6ba693bc 100644 --- a/zefie_wtvp_minisrv/includes/classes/WTVNewsServer.js +++ b/zefie_wtvp_minisrv/includes/classes/WTVNewsServer.js @@ -145,7 +145,7 @@ class WTVNewsServer { cert: this.wtvshared.getServiceDep('wtv-news/localserver_cert.pem'), } this.local_server = new nntp_server({ requireAuth: using_auth, tls: tls_options, secure: true, allow_posting: true }); - this.local_server.listen('nntps://localhost:' + local_server_port); + this.local_server.listen('nntps://127.0.0.1:' + local_server_port); } } diff --git a/zefie_wtvp_minisrv/includes/classes/WTVSec.js b/zefie_wtvp_minisrv/includes/classes/WTVSec.js index 265bcfed..75be545d 100644 --- a/zefie_wtvp_minisrv/includes/classes/WTVSec.js +++ b/zefie_wtvp_minisrv/includes/classes/WTVSec.js @@ -1,5 +1,6 @@ const CryptoJS = require('crypto-js'); const endianness = require('endianness'); +var RC4 = require('rc4-crypto'); var crypto = require('crypto'); /** @@ -296,7 +297,7 @@ class WTVSec { /** * Starts an encryption session - * @param {Number} rc4session Session Type (0 = enc k1, 1 = dec k1, 3 = enc k2, 4 = dec k2, default: all) + * @param {Number} rc4session Session Type (0 = enc k1, 1 = dec k1, 2 = enc k2, 3 = dec k2, default: all) * */ SecureOn(rc4session = null) { @@ -310,22 +311,22 @@ class WTVSec { var key2 = this.wordArrayToBuffer(this.hRC4_Key2); switch (rc4session) { case 0: - this.RC4Session[0] = crypto.createCipheriv('rc4', key1,''); + this.RC4Session[0] = new RC4.RC4(key1); break; case 1: - this.RC4Session[1] = crypto.createDecipheriv('rc4', key1,''); + this.RC4Session[1] = new RC4.RC4(key1); break; case 2: - this.RC4Session[2] = crypto.createCipheriv('rc4', key2,''); + this.RC4Session[2] = new RC4.RC4(key2); break; case 3: - this.RC4Session[3] = crypto.createDecipheriv('rc4', key2,''); + this.RC4Session[3] = new RC4.RC4(key2); break; default: - this.RC4Session[0] = crypto.createCipheriv('rc4', key1, ''); - this.RC4Session[1] = crypto.createDecipheriv('rc4', key1, ''); - this.RC4Session[2] = crypto.createCipheriv('rc4', key2, ''); - this.RC4Session[3] = crypto.createDecipheriv('rc4', key2, ''); + this.RC4Session[0] = new RC4.RC4(key1); + this.RC4Session[1] = new RC4.RC4(key1); + this.RC4Session[2] = new RC4.RC4(key2); + this.RC4Session[3] = new RC4.RC4(key2); break; } } @@ -355,10 +356,10 @@ class WTVSec { } if (data.words) { data = this.wordArrayToBuffer(data); - } else if (data.constructor === ArrayBuffer) { + } else if (data.constructor === ArrayBuffer || typeof data == 'string') { data = new Buffer.from(data); } - return this.RC4Session[session_id].update(data); + return this.RC4Session[session_id].updateFromBuffer(data); } /** @@ -386,10 +387,10 @@ class WTVSec { } if (data.words) { data = this.wordArrayToBuffer(data); - } else if (data.constructor === ArrayBuffer) { + } else if (data.constructor === ArrayBuffer || typeof data == 'string') { data = new Buffer.from(data); } - return this.RC4Session[session_id].update(data); + return this.RC4Session[session_id].updateFromBuffer(data); } } diff --git a/zefie_wtvp_minisrv/includes/config.json b/zefie_wtvp_minisrv/includes/config.json index 841310b3..03771d4f 100644 --- a/zefie_wtvp_minisrv/includes/config.json +++ b/zefie_wtvp_minisrv/includes/config.json @@ -305,6 +305,18 @@ "external_proxy_host": "127.0.0.1", // IP address or hostname of proxy "external_proxy_port": 1080, // Port of proxy "flags": "0x00000001" + }, + "pb_services": { + // PC Services for PageBuilder + "port": 1697, + "pc_services": true, // defines service as a PC service + "hide_minisrv_version": true, // hide or show the minisrv version (eg like Apache version, can be hidden to hide known exploits for older version) + "servicevault_dir": "http_pb", // The service vault dir for the PC Services for PageBuilder + "service_vaults": ["PageBuilderVault"], // override service vaults for this service + "drop_connection_on_wrong_port": true, // If true, resets connection if the PC browser connects to a port that is not PC Services enabled + "show_verbose_errors": false, // extra debugging + "allow_https": false, // for future use with LetsEncrypt + "force_https": false // for future use with LetsEncrypt }, "pc_services": { // PC Services diff --git a/zefie_wtvp_minisrv/package-lock.json b/zefie_wtvp_minisrv/package-lock.json index 02ccab77..92c3182f 100644 --- a/zefie_wtvp_minisrv/package-lock.json +++ b/zefie_wtvp_minisrv/package-lock.json @@ -1,12 +1,12 @@ { "name": "zefie_wtvp_minisrv", - "version": "0.9.39", + "version": "0.9.41", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "zefie_wtvp_minisrv", - "version": "0.9.39", + "version": "0.9.41", "license": "GPL3", "dependencies": { "@mafintosh/vm2": "^3.9.2", @@ -22,6 +22,7 @@ "newsie": "^1.2.1", "nntp-server-zefie": "^3.1.0", "proxy-agent": "^6.3.0", + "rc4-crypto": "^1.5.0", "sanitize-html": "^2.11.0", "socks-proxy-agent": "^8.0.1", "strftime": "^0.10.2", @@ -1155,6 +1156,11 @@ "node": ">=0.10.0" } }, + "node_modules/rc4-crypto": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/rc4-crypto/-/rc4-crypto-1.5.0.tgz", + "integrity": "sha512-0auP5EfZ21/RP437NgmH+eCTgwDGA611KYCU/2ywk1aIUhR1rHToI4z3ZtQ9BRZYw44M9htklIZK5khkBJerAw==" + }, "node_modules/safe-buffer": { "version": "5.2.1", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", diff --git a/zefie_wtvp_minisrv/package.json b/zefie_wtvp_minisrv/package.json index b4d29d51..d6a8e2ea 100644 --- a/zefie_wtvp_minisrv/package.json +++ b/zefie_wtvp_minisrv/package.json @@ -1,13 +1,12 @@ { "name": "zefie_wtvp_minisrv", - "version": "0.9.40", + "version": "0.9.41", "description": "WebTV Service (WTVP) Emulation Server", "main": "app.js", "homepage": "https://github.com/zefie/zefie_wtvp_minisrv", "license": "GPL3", "scripts": { "start": "node app.js", - "start17": "node --openssl-legacy-provider app.js", "test": "node test.js" }, "author": { @@ -40,6 +39,7 @@ "newsie": "^1.2.1", "nntp-server-zefie": "^3.1.0", "proxy-agent": "^6.3.0", + "rc4-crypto": "^1.5.0", "sanitize-html": "^2.11.0", "socks-proxy-agent": "^8.0.1", "strftime": "^0.10.2",