Update README.md

Drop privileges when running as root

.travis.yml

@@ -1,2 +1,2 @@
 language: c
-script: make
+script: ./configure && make

Makefile.in

@@ -4,12 +4,15 @@
 # solusipse.net
 # -----------------------------------
 
-CC=gcc
-CFLAGS=-pthread -O2
-prefix=/usr/local
+CFLAGS+=-pthread -O2
+CFLAGS+=@LIBS@
 
-all: fiche.c
-	$(CC) -o fiche $(CFLAGS) fiche.c
+all: fiche
 
 install: fiche
-	install -m 0755 fiche $(prefix)/bin
+	install -m 0755 fiche ${PREFIX}/bin
+
+clean:
+	rm -f fiche
+
+.PHONY: clean

README.md

@@ -1,242 +1,9 @@
-fiche [![Build Status](https://travis-ci.org/solusipse/fiche.svg?branch=master)](https://travis-ci.org/solusipse/fiche)
-=====
+# fiche
 
-Command line pastebin for sharing terminal output.
+## Warning
 
-## Installation ##
+Do not use code from this branch. Please use code from [master](https://github.com/solusipse/fiche) instead.
 
-1. Clone into repository:
 
-    ```
-    https://github.com/solusipse/fiche.git
-    ```
-
-2. Build program:
-
-    ```
-    make
-    ```
-    
-3. Install:
-
-    ```
-    sudo make install
-    ```
-
-## Client-side usage ##
-
-Self explanatory live examples:
-
-```
-ls -la | nc localhost 9999
-```
-
-```
-cat file.txt | nc solusipse.net 9999
-```
-
-```
-echo just testing! | nc code.solusipse.net 9999
-```
-
-If you haven't already set up your server on localhost, try second or third command. My personal server is
-providing fiche-based service all the time on this address `solusipse.net` and this port `9999`.
-
-- To upload text you need to have netcat installed (to check if netcat is installed, simply type ```nc``` in terminal).
-
-## Server-side usage ##
-
-```
-usage: fiche [-pbsdolBuw].
-             [-d domain] [-p port] [-s slug size]
-             [-o output directory] [-B buffer size] [-u user name]
-             [-l log file] [-b banlist] [-w whitelist]
-```
-
-These are command line arguments. You don't have to provide any, but providing basic is recommended. Without them, program
-will use these default settings:
-
-```
-domain = "http://localhost/";
-basedir= "~/code/";
-port = 9999;
-slug_size = 4;
-buffer_size = 8192;
-```
-
-### Arguments ###
-
-Most important is providing **basedir** and **domain**.
-
------------------
-
-#### Basedir ####
-
-Basedir should be **absolute** path to directory where you would like to store text files.
-
-
-```
-fiche -o /absolute/path/to/directory/
-```
-
-```
-fiche -o /home/www/code/
-```
-
------------------
-
-#### Domain ####
-
-Domain should be provided in such format ```domain.com```.
-
-```
-fiche -d domain.com
-```
-
-```
-fiche -d subdomain.domain.com
-```
-
------------------
-
-#### Slug size ####
-
-This will force fiche to create random slugs with given length, example:
-
-```
-fiche -s 6
-```
-
-```
-http://domain.com/abcdef/
-```
-
------------------
-
-#### User name ####
-
-If you use fiche as service (see details below) you may want to save files as other user, to do that use `-u` option,
-there's example:
-
-```
-fiche -u http
-```
-
------------------
-
-#### Buffersize ####
-
-This parameter defines max file size uploaded by user, by default it is set to `32768`.
-Use `-B` parameter to change it:
-
-```
-fiche -B 2048
-```
-
------------------
-
-#### Log file ###
-
-Path to file where all logs will be stored:
-
-```
-fiche -l /home/www/fiche-log.txt
-```
-
------------------
-
-#### Ban list ###
-
-Path to file where you provided all banned IP adresses:
-
-```
-fiche -b /home/www/fiche-bans.txt
-```
-
------------------
-
-#### White list ####
-
-If whitelist mode is enabled, only addresses from list will be able to upload files. There's example:
-
-```
-fiche -w /home/www/fiche-whitelist.txt
-```
-
------------------
-
-#### Whitelist and banlist syntax ####
-
-There is no specific syntax, there files may contain not only addresses.
-
------------------
-
-#### Examples ####
-
-Logging connections with banlist:
-
-```
-fiche -d domain.com -l /home/www/log.txt -b /home/www/bans.txt
-```
-
------------------
-
-Only for personal use with whitelist
-
-```
-fiche -d domain.com -w /home/www/whitelist.txt
-```
-
------------------
-
-Custom output directory, bigger slug size, reduced buffer, custom port:
-
-```
-fiche -d domain.com -o /media/disk/fiche/ -s 8 -B 2048 -p 6666
-```
-
-
-
-## Running as service ##
-You can run fiche as service, there is simple systemd example:
-
-```
-[Unit]
-Description=FICHE-SERVER
-
-[Service]
-ExecStart=/usr/local/bin/fiche -d code.solusipse.net -o /home/www/code/ -l /home/www/log.txt
-
-[Install]
-WantedBy=multi-user.target
-```
-
-In service mode you have to set output directory with `-o` parameter, there's example:
-
-```
-fiche -o /home/www/code/
-```
-
-## Webserver ##
-
-To make files available for users, you need to host them somehow. Http server is easiest option. Just set root 
-directory to ```BASEDIR```.
-
-There is sample configuration for nginx:
-
-```
-server {
-    listen 80;
-    server_name mysite.com www.mysite.com;
-    charset utf-8;
-
-    location / {
-            root /home/www/code/;
-            index index.txt index.html;
-    }
-}
-```
-
-## License ##
-
-Fiche is MIT licensed.
+## Secure branch (legacy note)
+This branch is the result of merging two pull requests: [#16](https://github.com/solusipse/fiche/pull/16) by [Adam Schwalm](https://github.com/ALSchwalm) and [#17](https://github.com/solusipse/fiche/pull/17) by [Renaud Allard](https://github.com/renaudallard), which contained some security-related improvements. It is recommended for `BSD` users or for those who would like to `arc4random`.

config.h.in

@@ -0,0 +1,2 @@
+#undef HAVE_ARC4RANDOM
+

configure.in

@@ -0,0 +1,20 @@
+AC_INIT([fiche], [0.99])
+AC_CONFIG_SRCDIR([fiche.c])
+AC_CONFIG_HEADERS([config.h])
+
+# Checks for programs.
+AC_PROG_CC
+
+# Function arc4random() is in BSD standard C or GNU systems -lbsd
+AC_SEARCH_LIBS([arc4random], [bsd], [HAVE_ARC4RANDOM="yes"])
+
+# Checks for library functions.
+AC_CHECK_FUNCS([bzero arc4random])
+
+AC_SUBST(HAVE_ARC4RANDOM)
+
+AC_CONFIG_FILES([Makefile])
+AC_OUTPUT
+
+
+

fiche.c

@@ -9,11 +9,15 @@ Live example: http://code.solusipse.net/
 
 -------------------------------------------------------------------------------
 
-usage: fiche [-pbsdolBuw].
-             [-d domain] [-p port] [-s slug size]
+usage: fiche [-DepbsdolBuw].
+             [-D] [-e] [-d domain] [-p port] [-s slug size]
              [-o output directory] [-B buffer size] [-u user name]
              [-l log file] [-b banlist] [-w whitelist]
 
+-D option is for daemonizing fiche
+
+-e option is for using an extended character set for the URL
+
 Compile with Makefile or manually with -O2 and -pthread flags.
 To install use `make install` command.
 
@@ -24,16 +28,28 @@ $ cat fiche.c | nc localhost 9999
 -------------------------------------------------------------------------------
 */
 
+#include <sys/param.h>
+#include <stdio.h>
+#include "config.h"
 #include "fiche.h"
 
 int main(int argc, char **argv)
 {
-    time_seed = time(0);
-
     parse_parameters(argc, argv);
+
+    if (getuid() == 0)
+    {
+        if (UID == -1)
+            error("ERROR: user not set");
+        if (setgid(GID) != 0)
+            error("ERROR: Unable to drop group privileges");
+        if (setuid(UID) != 0)
+            error("ERROR: Unable to drop user privileges");
+    }
+
     if (BASEDIR == NULL)
         set_basedir();
-    
+
     startup_message();
 
     int listen_socket, optval = 1;
@@ -45,7 +61,20 @@ int main(int argc, char **argv)
     server_address = set_address(server_address);
     bind_to_port(listen_socket, server_address);
 
-    while (1) perform_connection(listen_socket);
+    if (DAEMON)
+    {
+        pid_t pid;
+
+        pid = fork();
+        if (pid == -1)
+            error("ERROR: Failed to fork");
+        if (pid == 0)
+            while (1) perform_connection(listen_socket);
+    }
+    else
+        while (1) perform_connection(listen_socket);
+
+    return 0;
 }
 
 void *thread_connection(void *args)
@@ -57,27 +86,25 @@ void *thread_connection(void *args)
 
     char buffer[BUFSIZE];
     bzero(buffer, BUFSIZE);
-    int status = recv(connection_socket, buffer, BUFSIZE, MSG_WAITALL);
+    int status = recv(connection_socket, buffer, BUFSIZE, MSG_DONTWAIT);
 
-    if (WHITELIST != NULL)
-        if (check_whitelist(data.ip_address) == NULL)
-        {
-            display_info(data, NULL, "Rejected connection from unknown user.");
-            save_log(NULL, data.ip_address, data.hostname);
-            write(connection_socket, "You are not whitelisted!\n", 26);
-            close(connection_socket);
-            pthread_exit(NULL);
-        }
+    if (WHITELIST != NULL && check_whitelist(data.ip_address) == NULL)
+    {
+        display_info(data, NULL, "Rejected connection from unknown user.");
+        save_log(NULL, data.ip_address, data.hostname);
+        write(connection_socket, "You are not whitelisted!\n", 26);
+        close(connection_socket);
+        pthread_exit(NULL);
+    }
 
-    if (BANLIST != NULL)
-        if (check_banlist(data.ip_address) != NULL)
-        {
-            display_info(data, NULL, "Rejected connection from banned user.");
-            save_log(NULL, data.ip_address, data.hostname);
-            write(connection_socket, "You are banned!\n", 17);
-            close(connection_socket);
-            pthread_exit(NULL);
-        }
+    if (BANLIST != NULL && check_banlist(data.ip_address) != NULL)
+    {
+        display_info(data, NULL, "Rejected connection from banned user.");
+        save_log(NULL, data.ip_address, data.hostname);
+        write(connection_socket, "You are banned!\n", 17);
+        close(connection_socket);
+        pthread_exit(NULL);
+    }
 
     if (check_protocol(buffer) == 1)
         status = -1;
@@ -106,9 +133,9 @@ void perform_connection(int listen_socket)
 {
     pthread_t thread_id;
     struct sockaddr_in client_address;
-    
-    int address_lenght = sizeof(client_address);
-    int connection_socket = accept(listen_socket, (struct sockaddr *) &client_address, (void *) &address_lenght);
+
+    int address_length = sizeof(client_address);
+    int connection_socket = accept(listen_socket, (struct sockaddr *) &client_address, (void *) &address_length);
 
     struct timeval timeout;
     timeout.tv_sec = 5;
@@ -129,11 +156,6 @@ void perform_connection(int listen_socket)
         pthread_detach(thread_id);
 }
 
-void display_date()
-{
-    printf("%s\n", get_date());
-}
-
 char *get_date()
 {
     time_t rawtime;
@@ -157,7 +179,7 @@ struct client_data get_client_address(struct sockaddr_in client_address)
     hostp = gethostbyaddr((const char *)&client_address.sin_addr.s_addr, sizeof(client_address.sin_addr.s_addr), AF_INET);
     if (hostp == NULL)
     {
-        printf("ERROR: Couldn't obtain client's hostname\n");
+        printf("WARNING: Couldn't obtain client's hostname\n");
         data.hostname = "n/a";
     }
     else
@@ -166,7 +188,7 @@ struct client_data get_client_address(struct sockaddr_in client_address)
     hostaddrp = inet_ntoa(client_address.sin_addr);
     if (hostaddrp == NULL)
     {
-        printf("ERROR: Couldn't obtain client's address\n");
+        printf("WARNING: Couldn't obtain client's address\n");
         data.ip_address = "n/a";
     }
     else
@@ -195,12 +217,17 @@ void save_log(char *slug, char *hostaddrp, char *h_name)
 
 void display_info(struct client_data data, char *slug, char *message)
 {
+    if (DAEMON)
+        return;
+
     if (slug == NULL)
         printf("%s\n", message);
-    else printf("Saved to: %s\n", slug);
-    display_date();
+    else
+        printf("Saved to: %s\n", slug);
+
+    printf("%s\n", get_date());
     printf("Client: %s (%s)\n", data.ip_address, data.hostname);
-    display_line();
+    printf("====================================\n");
 }
 
 char *check_banlist(char *ip_address)
@@ -239,12 +266,11 @@ void load_list(char *file_path, int type)
 int create_socket()
 {
     int lsocket = socket(AF_INET, SOCK_STREAM, 0);
+
     if (lsocket < 0)
-    {
         error("ERROR: Couldn't open socket");
-        return 0;
-    }
-    else return lsocket;
+
+    return lsocket;
 }
 
 struct sockaddr_in set_address(struct sockaddr_in server_address)
@@ -258,7 +284,7 @@ struct sockaddr_in set_address(struct sockaddr_in server_address)
 
 void bind_to_port(int listen_socket, struct sockaddr_in server_address)
 {
-    if (bind(listen_socket, (struct sockaddr *) &server_address, sizeof(server_address)) < 0) 
+    if (bind(listen_socket, (struct sockaddr *) &server_address, sizeof(server_address)) < 0)
         error("ERROR while binding to port");
     if (listen(listen_socket, QUEUE_SIZE) < 0)
         error("ERROR while starting listening");
@@ -268,34 +294,47 @@ void generate_url(char *buffer, char *slug, size_t slug_length, struct client_da
 {
     int i;
     memset(slug, '\0', slug_length);
+#if !defined(BSD)
+    FILE* frandom = fopen("/dev/urandom", "r");
+#endif
+    int symbol_id;
 
     for (i = 0; i <= SLUG_SIZE - 1; i++)
     {
-        int symbol_id = rand_r(&time_seed) % strlen(symbols);
-        slug[i] = symbols[symbol_id];
+#if defined(HAVE_ARC4RANDOM)
+	int symbol_id = arc4random() % strlen(symbols);
+#else
+        fread(&symbol_id, sizeof(symbol_id), 1, frandom);
+#endif
+        slug[i] = symbols[symbol_id % strlen(symbols)];
     }
 
     while (create_directory(slug) == -1)
     {
-        int symbol_id = rand_r(&time_seed) % strlen(symbols);
-        slug[strlen(slug)] = symbols[symbol_id];
+#if defined(HAVE_ARC4RANDOM)
+	int symbol_id = arc4random() % strlen(symbols);
+#else
+        fread(&symbol_id, sizeof(symbol_id), 1, frandom);
+#endif
+        slug[strlen(slug)] = symbols[symbol_id % strlen(symbols)];
     }
 
     save_to_file(slug, buffer, data);
+
+#if !defined(BSD)
+    fclose(frandom);
+#endif
 }
 
 int create_directory(char *slug)
 {
-    char *directory = malloc(strlen(BASEDIR) + strlen(slug) + 1);
+    char *directory = malloc(strlen(BASEDIR) + strlen(slug) + sizeof(char) + 1);
 
-    strcpy(directory, BASEDIR);
-    strcat(directory, slug);
+    snprintf(directory, strlen(BASEDIR) + strlen(slug) + sizeof(char) + 1, "%s%s%s", BASEDIR, "/", slug);
 
     mkdir(BASEDIR, S_IRWXU | S_IRGRP | S_IROTH | S_IXOTH | S_IXGRP);
     int result = mkdir(directory, S_IRWXU | S_IRGRP | S_IROTH | S_IXOTH | S_IXGRP);
 
-    change_owner(directory);
-
     free(directory);
 
     return result;
@@ -303,28 +342,20 @@ int create_directory(char *slug)
 
 void save_to_file(char *slug, char *buffer, struct client_data data)
 {
-    char *directory = malloc(strlen(BASEDIR) + strlen(slug) + strlen("/index.txt") + 1);
-    strcpy(directory, BASEDIR);
-    strcat(directory, slug);
-    strcat(directory, "/index.txt");
+    char *directory = malloc(strlen(BASEDIR) + strlen(slug) + 11 * sizeof(char) + 1 );
+
+    snprintf(directory, strlen(BASEDIR) + strlen(slug) + 11 * sizeof(char) + 1, "%s%s%s%s", BASEDIR , "/", slug, "/index.txt");
 
     FILE *fp;
     fp = fopen(directory, "w");
     fprintf(fp, "%s", buffer);
     fclose(fp);
 
-    change_owner(directory);
     display_info(data, directory, "");
 
     free(directory);
 }
 
-void change_owner(char *directory)
-{
-    if ((UID != -1)&&(GID != -1))
-    chown(directory, UID, GID);
-}
-
 void set_uid_gid(char *username)
 {
     struct passwd *userdata = getpwnam(username);
@@ -348,25 +379,43 @@ int check_protocol(char *buffer)
 void set_basedir()
 {
     BASEDIR = getenv("HOME");
-    strcat(BASEDIR, "/code/");
+    strncat(BASEDIR, "/code", 5 * sizeof(char));
 }
 
 void startup_message()
 {
-    display_line();
+    if (DAEMON)
+        return;
+
+    printf("====================================\n");
     printf("Domain name: %s\n", DOMAIN);
     printf("Saving files to: %s\n", BASEDIR);
     printf("Fiche started listening on port %d.\n", PORT);
-    display_line();
+    printf("Buffer size set to: %d.\n", BUFSIZE);
+    printf("Slug size set to: %d.\n", SLUG_SIZE);
+    printf("Log file: %s\n", LOG);
+    printf("====================================\n");
+}
+
+void error(char *buffer)
+{
+    printf("%s\n", buffer);
+    exit(1);
 }
 
 void parse_parameters(int argc, char **argv)
 {
     int c;
 
-    while ((c = getopt (argc, argv, "p:b:s:d:o:l:B:u:w:")) != -1)
+    while ((c = getopt (argc, argv, "Dep:b:s:d:o:l:B:u:w:")) != -1)
         switch (c)
         {
+            case 'D':
+                DAEMON = 1;
+                break;
+            case 'e':
+                snprintf(symbols, sizeof symbols, "%s", "abcdefghijklmnopqrstuvwxyz0123456789-+_=.ABCDEFGHIJKLMNOPQRSTUVWXYZ");
+                break;
             case 'd':
                 snprintf(DOMAIN, sizeof DOMAIN, "%s%s%s", "http://", optarg, "/");
                 break;
@@ -375,7 +424,6 @@ void parse_parameters(int argc, char **argv)
                 break;
             case 'B':
                 BUFSIZE = atoi(optarg);
-                printf("Buffer size set to: %d.\n", BUFSIZE);
                 break;
             case 'b':
                 BANFILE = optarg;
@@ -383,16 +431,12 @@ void parse_parameters(int argc, char **argv)
                 break;
             case 's':
                 SLUG_SIZE = atoi(optarg);
-                printf("Slug size set to: %d.\n", SLUG_SIZE);
                 break;
             case 'o':
                 BASEDIR = optarg;
-                if((BASEDIR[strlen(BASEDIR) - 1]) != '/')
-                    strcat(BASEDIR, "/");
                 break;
             case 'l':
                 LOG = optarg;
-                printf("Log file: %s\n", LOG);
                 break;
             case 'u':
                 set_uid_gid(optarg);

fiche.h

@@ -9,11 +9,15 @@ Live example: http://code.solusipse.net/
 
 -------------------------------------------------------------------------------
 
-usage: fiche [-pbsdolBuw].
-             [-d domain] [-p port] [-s slug size]
+usage: fiche [-DepbsdolBuw].
+             [-D] [-e] [-d domain] [-p port] [-s slug size]
              [-o output directory] [-B buffer size] [-u user name]
              [-l log file] [-b banlist] [-w whitelist]
 
+-D option is for daemonizing fiche
+
+-e option is for using an extended character set for the URL
+
 Compile with Makefile or manually with -O2 and -pthread flags.
 To install use `make install` command.
 
@@ -49,14 +53,15 @@ char *BANLIST;
 char *BANFILE;
 char *WHITEFILE;
 char *WHITELIST;
+int DAEMON = 0;
 int PORT = 9999;
 int SLUG_SIZE = 4;
 int BUFSIZE = 32768;
 int QUEUE_SIZE = 500;
 char DOMAIN[128] = "http://localhost/";
+char symbols[67] = "abcdefghijklmnopqrstuvwxyz0123456789";
 
 unsigned int time_seed;
-const char *symbols = "abcdefghijklmnopqrstuvwxyz0123456789";
 
 struct thread_arguments
 {
@@ -75,9 +80,7 @@ int create_directory(char *slug);
 int check_protocol(char *buffer);
 
 void bind_to_port(int listen_socket, struct sockaddr_in serveraddr);
-void display_line(){printf("====================================\n");}
-void error(char *error_code){perror(error_code); exit(1);}
-void display_date();
+void error(char *buffer);
 void perform_connection(int listen_socket);
 void generate_url(char *buffer, char *slug, size_t slug_length, struct client_data data);
 void save_to_file(char *buffer, char *slug, struct client_data data);
@@ -87,10 +90,8 @@ void set_basedir();
 void load_list(char *file_path, int type);
 void parse_parameters(int argc, char **argv);
 void save_log(char *slug, char *hostaddrp, char *h_name);
-void change_owner(char *directory);
 void set_uid_gid();
 
-char *return_line(){return("\n====================================");}
 char *check_banlist(char *ip_address);
 char *check_whitelist(char *ip_address);
 char *get_date();