zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v0.9.41

Browse Source
This commit is contained in:
zefie
2023-08-26 14:49:48 -04:00
parent a9c5ee31cc 64dedd69eb
commit df638518e6
10 changed files with 54 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
zefie_wtvp_minisrv/UserServiceDeps/templates/.gitkeep Normal file
View File

27
zefie_wtvp_minisrv/app.js
View File

@@ -331,6 +331,7 @@ async function processPath(socket, service_vault_file_path, request_headers = ne
var request_is_async = false; var request_is_async = false;
var service_vault_found = false; var service_vault_found = false;
var service_path = unescape(service_vault_file_path); var service_path = unescape(service_vault_file_path);
var vaults_to_scan = service_vaults;
var usingSharedROMCache = false; var usingSharedROMCache = false;
var contextObj = { var contextObj = {
"privileged": false, "privileged": false,
@@ -352,19 +353,17 @@ async function processPath(socket, service_vault_file_path, request_headers = ne
["request_is_async", "request_is_async"] // we need to know if the script is async or not ["request_is_async", "request_is_async"] // we need to know if the script is async or not
] ]
if (!pc_services) { if (pc_services) {
var pc_service_name = getServiceByVaultDir(service_name)
if (minisrv_config.services[pc_service_name].service_vaults) {
vaults_to_scan = minisrv_config.services[pc_service_name].service_vaults;
}
} else {
updateFromVM.push([`ssid_sessions['${socket.ssid}']`, "session_data"]); // user-specific session data from unprivileged scripts updateFromVM.push([`ssid_sessions['${socket.ssid}']`, "session_data"]); // user-specific session data from unprivileged scripts
} }
var privileged = false; var privileged = false;
if (minisrv_config.services[service_name]) { if (minisrv_config.services[service_name]) privileged = (minisrv_config.services[service_name].privileged) ? true : false;
privileged = (minisrv_config.services[service_name].privileged) ? true : false; else if (pc_services) privileged = (minisrv_config.services['pc_services'].privileged) ? true : false;
} else if (pc_services) {
var real_service_name = getServiceByVaultDir(service_name);
if (real_service_name) {
privileged = (minisrv_config.services[real_service_name].privileged) ? true : false;
}
}
if (privileged) { if (privileged) {
updateFromVM.push(["ssid_sessions", "ssid_sessions"]); // global ssid_sessions object for privileged service scripts, such as wtv-setup, wtv-head-waiter, etc updateFromVM.push(["ssid_sessions", "ssid_sessions"]); // global ssid_sessions object for privileged service scripts, such as wtv-setup, wtv-head-waiter, etc
@@ -372,7 +371,7 @@ async function processPath(socket, service_vault_file_path, request_headers = ne
} }
try { try {
service_vaults.forEach(function (service_vault_dir) { vaults_to_scan.forEach(function (service_vault_dir) {
if (service_vault_found) return; if (service_vault_found) return;
if (!usingSharedROMCache) { if (!usingSharedROMCache) {
if (minisrv_config.config.SharedROMCache && shared_romcache) { if (minisrv_config.config.SharedROMCache && shared_romcache) {
@@ -443,7 +442,7 @@ async function processPath(socket, service_vault_file_path, request_headers = ne
} }
if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) { if (!ssid_sessions[socket.ssid].data_store.WTVFlashrom) {
ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(minisrv_config, service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update); ssid_sessions[socket.ssid].data_store.WTVFlashrom = new WTVFlashrom(minisrv_config, search_service_vaults, service_name, minisrv_config.services[service_name].use_zefie_server, bf0app_update);
} }
ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) { ssid_sessions[socket.ssid].data_store.WTVFlashrom.getFlashRom(request_path, function (data, headers) {
@@ -2011,11 +2010,11 @@ if (minisrv_config.config.error_log_file) {
// sanity // sanity
if (minisrv_config.config.user_accounts.max_users_per_account < 1) { if (minisrv_config.config.user_accounts.max_users_per_account < 1) {
console.log(" * WARNING: user_accounts.max_users_per_account should be at least 1, we have set it to 1."); console.log(" * WARNING: user_accounts.max_users_per_account should be >= 1, we have set it to 1.");
minisrv_config.config.user_accounts.max_users_per_account = 1; minisrv_config.config.user_accounts.max_users_per_account = 1;
} }
if (minisrv_config.config.user_accounts.max_users_per_account > 99) { if (minisrv_config.config.user_accounts.max_users_per_account > 99) {
console.log(" * WARNING: user_accounts.max_users_per_account should be less than 99, we have set it to 99."); console.log(" * WARNING: user_accounts.max_users_per_account should be <= 99, we have set it to 99.");
minisrv_config.config.user_accounts.max_users_per_account = 99; minisrv_config.config.user_accounts.max_users_per_account = 99;
} }

2
zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js
View File

@@ -295,8 +295,6 @@ ${(message.subject) ? wtvshared.htmlEntitize(message.subject) : '(No subject)'}
} }
data += `<p> data += `<p>
`; `;
console.log(message.body);
console.log(message.allow_html)
if (Array.isArray(message.attachments)) { if (Array.isArray(message.attachments)) {
message.attachments.forEach((v, k) => { message.attachments.forEach((v, k) => {
if (v) { if (v) {

2
zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/sendmail.js
View File

@@ -210,6 +210,8 @@ Content-Type: audio/wav`;
} }
} }
if (!msg_body) msg_body = "";
if (attachments.length > 0 || msg_body.indexOf('<html>') >= 0) { if (attachments.length > 0 || msg_body.indexOf('<html>') >= 0) {
// usenet attachments // usenet attachments
var tuples = []; var tuples = [];

2
zefie_wtvp_minisrv/includes/classes/WTVAuthor.js
View File

@@ -857,7 +857,7 @@ html += `">next page</a>
} }
for (let i = 0; i < this.stylemedia.length; i++) { for (let i = 0; i < this.stylemedia.length; i++) {
this.fs.mkdirSync(destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i].substr(0, this.stylemedia[i].lastIndexOf("/")), { recursive: true }) this.fs.mkdirSync(destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i].substr(0, this.stylemedia[i].lastIndexOf("/")), { recursive: true })
this.fs.copyFile('ServiceVault/wtv-author' + this.stylemedia[i], destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i], (err) => { this.fs.copyFile('includes/ServiceVault/wtv-author' + this.stylemedia[i], destDir + this.wtvclient.session_store.subscriber_username + '/' + publishname + this.stylemedia[i], (err) => {
if (err) throw err; if (err) throw err;
}); });
} }

2
zefie_wtvp_minisrv/includes/classes/WTVNewsServer.js
View File

@@ -145,7 +145,7 @@ class WTVNewsServer {
cert: this.wtvshared.getServiceDep('wtv-news/localserver_cert.pem'), cert: this.wtvshared.getServiceDep('wtv-news/localserver_cert.pem'),
} }
this.local_server = new nntp_server({ requireAuth: using_auth, tls: tls_options, secure: true, allow_posting: true }); this.local_server = new nntp_server({ requireAuth: using_auth, tls: tls_options, secure: true, allow_posting: true });
this.local_server.listen('nntps://localhost:' + local_server_port); this.local_server.listen('nntps://127.0.0.1:' + local_server_port);
} }
} }

27
zefie_wtvp_minisrv/includes/classes/WTVSec.js
View File

@@ -1,5 +1,6 @@
const CryptoJS = require('crypto-js'); const CryptoJS = require('crypto-js');
const endianness = require('endianness'); const endianness = require('endianness');
var RC4 = require('rc4-crypto');
var crypto = require('crypto'); var crypto = require('crypto');
/** /**
@@ -296,7 +297,7 @@ class WTVSec {
/** /**
* Starts an encryption session * Starts an encryption session
* @param {Number} rc4session Session Type (0 = enc k1, 1 = dec k1, 3 = enc k2, 4 = dec k2, default: all) * @param {Number} rc4session Session Type (0 = enc k1, 1 = dec k1, 2 = enc k2, 3 = dec k2, default: all)
* *
*/ */
SecureOn(rc4session = null) { SecureOn(rc4session = null) {
@@ -310,22 +311,22 @@ class WTVSec {
var key2 = this.wordArrayToBuffer(this.hRC4_Key2); var key2 = this.wordArrayToBuffer(this.hRC4_Key2);
switch (rc4session) { switch (rc4session) {
case 0: case 0:
this.RC4Session[0] = crypto.createCipheriv('rc4', key1,''); this.RC4Session[0] = new RC4.RC4(key1);
break; break;
case 1: case 1:
this.RC4Session[1] = crypto.createDecipheriv('rc4', key1,''); this.RC4Session[1] = new RC4.RC4(key1);
break; break;
case 2: case 2:
this.RC4Session[2] = crypto.createCipheriv('rc4', key2,''); this.RC4Session[2] = new RC4.RC4(key2);
break; break;
case 3: case 3:
this.RC4Session[3] = crypto.createDecipheriv('rc4', key2,''); this.RC4Session[3] = new RC4.RC4(key2);
break; break;
default: default:
this.RC4Session[0] = crypto.createCipheriv('rc4', key1, ''); this.RC4Session[0] = new RC4.RC4(key1);
this.RC4Session[1] = crypto.createDecipheriv('rc4', key1, ''); this.RC4Session[1] = new RC4.RC4(key1);
this.RC4Session[2] = crypto.createCipheriv('rc4', key2, ''); this.RC4Session[2] = new RC4.RC4(key2);
this.RC4Session[3] = crypto.createDecipheriv('rc4', key2, ''); this.RC4Session[3] = new RC4.RC4(key2);
break; break;
} }
} }
@@ -355,10 +356,10 @@ class WTVSec {
} }
if (data.words) { if (data.words) {
data = this.wordArrayToBuffer(data); data = this.wordArrayToBuffer(data);
} else if (data.constructor === ArrayBuffer) { } else if (data.constructor === ArrayBuffer || typeof data == 'string') {
data = new Buffer.from(data); data = new Buffer.from(data);
} }
return this.RC4Session[session_id].update(data); return this.RC4Session[session_id].updateFromBuffer(data);
} }
/** /**
@@ -386,10 +387,10 @@ class WTVSec {
} }
if (data.words) { if (data.words) {
data = this.wordArrayToBuffer(data); data = this.wordArrayToBuffer(data);
} else if (data.constructor === ArrayBuffer) { } else if (data.constructor === ArrayBuffer || typeof data == 'string') {
data = new Buffer.from(data); data = new Buffer.from(data);
} }
return this.RC4Session[session_id].update(data); return this.RC4Session[session_id].updateFromBuffer(data);
} }
} }

12
zefie_wtvp_minisrv/includes/config.json
View File

@@ -305,6 +305,18 @@
"external_proxy_host": "127.0.0.1", // IP address or hostname of proxy "external_proxy_host": "127.0.0.1", // IP address or hostname of proxy
"external_proxy_port": 1080, // Port of proxy "external_proxy_port": 1080, // Port of proxy
"flags": "0x00000001" "flags": "0x00000001"
},
"pb_services": {
// PC Services for PageBuilder
"port": 1697,
"pc_services": true, // defines service as a PC service
"hide_minisrv_version": true, // hide or show the minisrv version (eg like Apache version, can be hidden to hide known exploits for older version)
"servicevault_dir": "http_pb", // The service vault dir for the PC Services for PageBuilder
"service_vaults": ["PageBuilderVault"], // override service vaults for this service
"drop_connection_on_wrong_port": true, // If true, resets connection if the PC browser connects to a port that is not PC Services enabled
"show_verbose_errors": false, // extra debugging
"allow_https": false, // for future use with LetsEncrypt
"force_https": false // for future use with LetsEncrypt
}, },
"pc_services": { "pc_services": {
// PC Services // PC Services

10
zefie_wtvp_minisrv/package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "zefie_wtvp_minisrv", "name": "zefie_wtvp_minisrv",
"version": "0.9.39", "version": "0.9.41",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "zefie_wtvp_minisrv", "name": "zefie_wtvp_minisrv",
"version": "0.9.39", "version": "0.9.41",
"license": "GPL3", "license": "GPL3",
"dependencies": { "dependencies": {
"@mafintosh/vm2": "^3.9.2", "@mafintosh/vm2": "^3.9.2",
@@ -22,6 +22,7 @@
"newsie": "^1.2.1", "newsie": "^1.2.1",
"nntp-server-zefie": "^3.1.0", "nntp-server-zefie": "^3.1.0",
"proxy-agent": "^6.3.0", "proxy-agent": "^6.3.0",
"rc4-crypto": "^1.5.0",
"sanitize-html": "^2.11.0", "sanitize-html": "^2.11.0",
"socks-proxy-agent": "^8.0.1", "socks-proxy-agent": "^8.0.1",
"strftime": "^0.10.2", "strftime": "^0.10.2",
@@ -1155,6 +1156,11 @@
"node": ">=0.10.0" "node": ">=0.10.0"
} }
}, },
"node_modules/rc4-crypto": {
"version": "1.5.0",
"resolved": "https://registry.npmjs.org/rc4-crypto/-/rc4-crypto-1.5.0.tgz",
"integrity": "sha512-0auP5EfZ21/RP437NgmH+eCTgwDGA611KYCU/2ywk1aIUhR1rHToI4z3ZtQ9BRZYw44M9htklIZK5khkBJerAw=="
},
"node_modules/safe-buffer": { "node_modules/safe-buffer": {
"version": "5.2.1", "version": "5.2.1",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",

4
zefie_wtvp_minisrv/package.json
View File

@@ -1,13 +1,12 @@
{ {
"name": "zefie_wtvp_minisrv", "name": "zefie_wtvp_minisrv",
"version": "0.9.40", "version": "0.9.41",
"description": "WebTV Service (WTVP) Emulation Server", "description": "WebTV Service (WTVP) Emulation Server",
"main": "app.js", "main": "app.js",
"homepage": "https://github.com/zefie/zefie_wtvp_minisrv", "homepage": "https://github.com/zefie/zefie_wtvp_minisrv",
"license": "GPL3", "license": "GPL3",
"scripts": { "scripts": {
"start": "node app.js", "start": "node app.js",
"start17": "node --openssl-legacy-provider app.js",
"test": "node test.js" "test": "node test.js"
}, },
"author": { "author": {
@@ -40,6 +39,7 @@
"newsie": "^1.2.1", "newsie": "^1.2.1",
"nntp-server-zefie": "^3.1.0", "nntp-server-zefie": "^3.1.0",
"proxy-agent": "^6.3.0", "proxy-agent": "^6.3.0",
"rc4-crypto": "^1.5.0",
"sanitize-html": "^2.11.0", "sanitize-html": "^2.11.0",
"socks-proxy-agent": "^8.0.1", "socks-proxy-agent": "^8.0.1",
"strftime": "^0.10.2", "strftime": "^0.10.2",