From 33f00487d0baba30eac8db396af42919e2715601 Mon Sep 17 00:00:00 2001
From: solusipse <solus1ps3@gmail.com>
Date: Thu, 26 Sep 2013 12:36:29 +0200
Subject: [PATCH] issue #3 (rejecting http)

---
 fiche.c | 24 ++++++++++++++++++++++--
 fiche.h |  2 +-
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/fiche.c b/fiche.c
index a42d585..e5b57fc 100755
--- a/fiche.c
+++ b/fiche.c
@@ -66,12 +66,12 @@ void *thread_connection(void *args)
             printf("Rejected connection from unknown user.\n");
             display_line();
             save_log(NULL, data.ip_address, data.hostname);
-            write(connection_socket, "You are not whitelisted!\n", 17);
+            write(connection_socket, "You are not whitelisted!\n", 26);
             close(connection_socket);
             pthread_exit(NULL);
         }
 
-    if ((BANLIST != NULL))
+    if (BANLIST != NULL)
         if (check_banlist(data.ip_address) != NULL)
         {
             printf("Rejected connection from banned user.\n");
@@ -82,6 +82,16 @@ void *thread_connection(void *args)
             pthread_exit(NULL);
         }
 
+    if (check_protocol(buffer) == 1)
+    {
+        printf("Rejected due to wrong protocol.\n");
+        display_line();
+        save_log(NULL, data.ip_address, data.hostname);
+        write(connection_socket, "Use netcat!", 11);
+        close(connection_socket);
+        pthread_exit(NULL);
+    }
+
     if (status != -1)
     {
         char slug[SLUG_SIZE+8];
@@ -327,6 +337,16 @@ void set_uid_gid(char *username)
     GID = userdata->pw_gid;
 }
 
+int check_protocol(char *buffer)
+{
+    if (strlen(buffer) < 1)
+        return 1;
+    if ((strncmp(buffer, "GET", 3) == 0)||(strncmp(buffer, "POST", 4) == 0))
+        if (strstr(buffer, "HTTP/1."))
+            return 1;
+    return 0;
+}
+
 void set_basedir()
 {
     BASEDIR = getenv("HOME");
diff --git a/fiche.h b/fiche.h
index d78a507..7afb297 100644
--- a/fiche.h
+++ b/fiche.h
@@ -60,11 +60,11 @@ const char *symbols = "abcdefghijklmnopqrstuvwxyz0123456789";
 
 int create_socket();
 int create_directory(char *slug);
+int check_protocol(char *buffer);
 
 void bind_to_port(int listen_socket, struct sockaddr_in serveraddr);
 void display_line(){printf("====================================\n");}
 void error(char *error_code){perror(error_code); exit(1);}
-void nerror(char *error_code){perror(error_code);}
 void display_date();
 void perform_connection(int listen_socket);
 void generate_url(char *buffer, char *slug, size_t slug_length);