george/fiche
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

merge into: george:secure
Branches Tags
george:master george:secure george:legacy
george:0.9.1 george:0.9
...
pull from: george:legacy
Branches Tags
george:master george:secure george:legacy
george:0.9.1 george:0.9

16 Commits
secure ... legacy

Author SHA1 Message Date
solusipse
27639c2e6d Update README.md 2017-10-10 15:01:26 +02:00
solusipse
c054f8dc20 Fixed #50 2017-04-15 23:36:22 +02:00
solusipse
44b908ff2b Merge pull request #38 from nnnn20430/master 
added IPv6 support #2
 2016-07-09 17:04:05 +02:00
solusipse
55ef361999 Merge pull request #40 from part1zano/master 
Fixed Makefile
 2016-07-09 16:59:10 +02:00
part1zano
231954696e Fixed Makefile 
If you don't like the default PREFIX on your system, you can always change it.
 2016-04-11 21:20:41 +03:00
nnnn20430
b9ed17e937 added IPv6 support 2016-03-15 14:13:08 +01:00
solusipse
a5c137c06d enhancement #33 2016-01-23 12:36:53 +01:00
solusipse
abf8ae5117 fixing issue #31 2016-01-23 11:44:46 +01:00
solusipse
8f3e23d3de Merge pull request #25 from jungle-boogie/patch-1 
better install path
 2015-11-18 20:45:53 +01:00
jungle-boogie
21d8ac90e8 better install path 2015-11-17 20:51:14 -08:00
solusipse
f76eea8931 Merge pull request #23 from cgie/warnings 
added checks on the return values of read/write
 2015-10-31 12:47:19 +01:00
Christian Gießen
fdbfa98938 Mitigated the non-critical errors into warnings 2015-10-31 12:04:43 +01:00
Christian Gießen
5ceb31a97e added checks on the return values of read/write 2015-10-31 09:18:36 +01:00
solusipse
f6ecdab9c5 Merge pull request #22 from Hypsurus/master 
Fix segfault, and error().
 2015-10-13 19:19:07 +02:00
Hypsurus
bea2fc990d Fix segfault in fopen, no check for null 2015-10-13 19:40:23 +03:00
Hypsurus
a409d1cee6 error() - no need to use ERROR multiple times 2015-10-13 19:30:30 +03:00
4 changed files with 186 additions and 290 deletions
Expand all files Collapse all files

3
Makefile
View File

@@ -5,11 +5,12 @@
# -----------------------------------
CFLAGS+=-pthread -O2
prefix=/usr/local
all: fiche
install: fiche
install -m 0755 fiche ${PREFIX}/bin
install -m 0755 fiche $(prefix)/bin
clean:
rm -f fiche

261
README.md
View File

@@ -1,260 +1,5 @@
fiche [![Build Status](https://travis-ci.org/solusipse/fiche.svg?branch=master)](https://travis-ci.org/solusipse/fiche)
=====
# fiche
Command line pastebin for sharing terminal output.
## Warning
## Installation ##
1. Clone into repository:
```
https://github.com/solusipse/fiche.git
```
2. Build program:
```
make
```
3. Install:
```
sudo make install
```
## Client-side usage ##
Self explanatory live examples:
```
ls -la | nc localhost 9999
```
```
cat file.txt | nc solusipse.net 9999
```
```
echo just testing! | nc code.solusipse.net 9999
```
If you haven't already set up your server on localhost, try second or third command. My personal server is
providing fiche-based service all the time on this address `solusipse.net` and this port `9999`.
- To upload text you need to have netcat installed (to check if netcat is installed, simply type ```nc``` in terminal).
## Server-side usage ##
```
usage: fiche [-DepbsdolBuw].
[-d domain] [-p port] [-s slug size]
[-o output directory] [-B buffer size] [-u user name]
[-l log file] [-b banlist] [-w whitelist]
```
These are command line arguments. You don't have to provide any, but providing basic is recommended. Without them, program
will use these default settings:
```
domain = "http://localhost/";
basedir= "~/code/";
port = 9999;
slug_size = 4;
buffer_size = 8192;
```
### Arguments ###
Most important is providing **basedir** and **domain**.
-----------------
#### Basedir ####
Basedir should be **absolute** path to directory where you would like to store text files.
```
fiche -o /absolute/path/to/directory/
```
```
fiche -o /home/www/code/
```
-----------------
#### Domain ####
Domain should be provided in such format ```domain.com```.
```
fiche -d domain.com
```
```
fiche -d subdomain.domain.com
```
-----------------
#### Slug size ####
This will force fiche to create random slugs with given length, example:
```
fiche -s 6
```
```
http://domain.com/abcdef/
```
-----------------
#### User name ####
Set the user that fiche runs as using the `-u` option, example:
```
fiche -u _fiche
```
This option has effect only if fiche was started by root, otherwise it is ignored and fiche runs under the
current user id.
-----------------
#### Buffersize ####
This parameter defines max file size uploaded by user, by default it is set to `32768`.
Use `-B` parameter to change it:
```
fiche -B 2048
```
-----------------
#### Log file ###
Path to file where all logs will be stored:
```
fiche -l /home/www/fiche-log.txt
```
-----------------
#### Ban list ###
Path to file where you provided all banned IP adresses:
```
fiche -b /home/www/fiche-bans.txt
```
-----------------
#### White list ####
If whitelist mode is enabled, only addresses from list will be able to upload files. There's example:
```
fiche -w /home/www/fiche-whitelist.txt
```
-----------------
#### Whitelist and banlist syntax ####
There is no specific syntax, there files may contain not only addresses.
-----------------
#### Daemonize ####
Fork fiche to the background:
fiche -D
-----------------
#### Extended character set for the URL ####
Fork can extend the charcter set for the URL:
fiche -e
-----------------
#### Examples ####
Logging connections with banlist:
```
fiche -d domain.com -l /home/www/log.txt -b /home/www/bans.txt
```
-----------------
Only for personal use with whitelist
```
fiche -d domain.com -w /home/www/whitelist.txt
```
-----------------
Custom output directory, bigger slug size, reduced buffer, custom port:
```
fiche -d domain.com -o /media/disk/fiche/ -s 8 -B 2048 -p 6666
```
## Running as service ##
You can run fiche as service, there is simple systemd example:
```
[Unit]
Description=FICHE-SERVER
[Service]
ExecStart=/usr/local/bin/fiche -d code.solusipse.net -o /home/www/code/ -l /home/www/log.txt -u _fiche
[Install]
WantedBy=multi-user.target
```
In service mode you have to set output directory with `-o` parameter, there's example:
```
fiche -o /home/www/code/
```
## Webserver ##
To make files available for users, you need to host them somehow. Http server is easiest option. Just set root
directory to ```BASEDIR```.
There is sample configuration for nginx:
```
server {
listen 80;
server_name mysite.com www.mysite.com;
charset utf-8;
location / {
root /home/www/code/;
index index.txt index.html;
}
}
```
## License ##
Fiche is MIT licensed.
Do not use code from this branch. Please use code from [master](https://github.com/solusipse/fiche) instead.

191
fiche.c
View File

@@ -36,15 +36,16 @@ int main(int argc, char **argv)
time_seed = time(0);
parse_parameters(argc, argv);
set_domain_name();
if (getuid() == 0)
{
if (UID == -1)
error("ERROR: user not set");
error("user not set");
if (setgid(GID) != 0)
error("ERROR: Unable to drop group privileges");
error("Unable to drop group privileges");
if (setuid(UID) != 0)
error("ERROR: Unable to drop user privileges");
error("Unable to drop user privileges");
}
if (BASEDIR == NULL)
@@ -58,8 +59,21 @@ int main(int argc, char **argv)
listen_socket = create_socket();
setsockopt(listen_socket, SOL_SOCKET, SO_REUSEADDR, (const void *)&optval , sizeof(int));
server_address = set_address(server_address);
bind_to_port(listen_socket, server_address);
#if (HAVE_INET6)
struct sockaddr_in6 server_address6;
if (IPv6)
{
server_address6 = set_address6(server_address6);
bind_to_port6(listen_socket, server_address6);
}
else
{
#else
if (1) {
#endif
server_address = set_address(server_address);
bind_to_port(listen_socket, server_address);
}
if (DAEMON)
{
@@ -67,7 +81,7 @@ int main(int argc, char **argv)
pid = fork();
if (pid == -1)
error("ERROR: Failed to fork");
error("Failed to fork");
if (pid == 0)
while (1) perform_connection(listen_socket);
}
@@ -80,19 +94,34 @@ int main(int argc, char **argv)
void *thread_connection(void *args)
{
int connection_socket = ((struct thread_arguments *) args ) -> connection_socket;
struct sockaddr_in client_address = ((struct thread_arguments *) args ) -> client_address;
struct client_data data = get_client_address(client_address);
struct sockaddr_in client_address;
struct client_data data;
#if (HAVE_INET6)
struct sockaddr_in6 client_address6;
if (IPv6)
{
client_address6 = ((struct thread_arguments *) args ) -> client_address6;
data = get_client_address6(client_address6);
}
else
{
#else
if (1) {
#endif
client_address = ((struct thread_arguments *) args ) -> client_address;
data = get_client_address(client_address);
}
char buffer[BUFSIZE];
bzero(buffer, BUFSIZE);
int status = recv(connection_socket, buffer, BUFSIZE, MSG_DONTWAIT);
int status = recv(connection_socket, buffer, BUFSIZE, MSG_WAITALL);
if (WHITELIST != NULL && check_whitelist(data.ip_address) == NULL)
{
display_info(data, NULL, "Rejected connection from unknown user.");
save_log(NULL, data.ip_address, data.hostname);
write(connection_socket, "You are not whitelisted!\n", 26);
if (write(connection_socket, "You are not whitelisted!\n", 26) < 0)
printf("Error writing on stream socket\n");
close(connection_socket);
pthread_exit(NULL);
}
@@ -101,7 +130,8 @@ void *thread_connection(void *args)
{
display_info(data, NULL, "Rejected connection from banned user.");
save_log(NULL, data.ip_address, data.hostname);
write(connection_socket, "You are banned!\n", 17);
if (write(connection_socket, "You are banned!\n", 17) < 0)
printf("Error writing on stream socket\n");
close(connection_socket);
pthread_exit(NULL);
}
@@ -116,13 +146,15 @@ void *thread_connection(void *args)
save_log(slug, data.ip_address, data.hostname);
char response[strlen(slug) + strlen(DOMAIN) + 2];
snprintf(response, sizeof response, "%s%s\n", DOMAIN, slug);
write(connection_socket, response, strlen(response));
if (write(connection_socket, response, strlen(response)) < 0)
printf("Error writing on stream socket\n");
}
else
{
display_info(data, NULL, "Invalid connection.");
save_log(NULL, data.ip_address, data.hostname);
write(connection_socket, "Use netcat.\n", 12);
if (write(connection_socket, "Use netcat.\n", 12) < 0)
printf("Error writing on stream socket\n");
}
close(connection_socket);
@@ -134,24 +166,45 @@ void perform_connection(int listen_socket)
pthread_t thread_id;
struct sockaddr_in client_address;
int address_length = sizeof(client_address);
int connection_socket = accept(listen_socket, (struct sockaddr *) &client_address, (void *) &address_length);
int address_length;
int connection_socket;
#if (HAVE_INET6)
struct sockaddr_in6 client_address6;
if (IPv6)
{
address_length = sizeof(client_address6);
connection_socket = accept(listen_socket, (struct sockaddr *) &client_address6, (void *) &address_length);
}
else
{
#else
if (1) {
#endif
address_length = sizeof(client_address);
connection_socket = accept(listen_socket, (struct sockaddr *) &client_address, (void *) &address_length);
}
struct timeval timeout;
timeout.tv_sec = 5;
timeout.tv_usec = 0;
if (setsockopt (connection_socket, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout, sizeof(timeout)) < 0)
error("ERROR while setting setsockopt timeout");
error("while setting setsockopt timeout");
if (setsockopt (connection_socket, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout)) < 0)
error("ERROR while setting setsockopt timeout");
error("while setting setsockopt timeout");
struct thread_arguments arguments;
arguments.connection_socket = connection_socket;
arguments.client_address = client_address;
#if (HAVE_INET6)
if (IPv6)
arguments.client_address6 = client_address6;
else
#endif
arguments.client_address = client_address;
if (pthread_create(&thread_id, NULL, &thread_connection, &arguments) != 0)
error("ERROR on thread creation");
error("on thread creation");
else
pthread_detach(thread_id);
}
@@ -197,6 +250,36 @@ struct client_data get_client_address(struct sockaddr_in client_address)
return data;
}
#if (HAVE_INET6)
struct client_data get_client_address6(struct sockaddr_in6 client_address6)
{
struct hostent *hostp;
struct client_data data;
static char hostaddrp[INET6_ADDRSTRLEN];
hostp = gethostbyaddr((const char *)&client_address6.sin6_addr, sizeof(client_address6.sin6_addr), AF_INET6);
if (hostp == NULL)
{
printf("WARNING: Couldn't obtain client's hostname\n");
data.hostname = "n/a";
}
else
data.hostname = hostp->h_name;
inet_ntop(AF_INET6, &(client_address6.sin6_addr), hostaddrp,
INET6_ADDRSTRLEN);
if (hostaddrp == NULL)
{
printf("WARNING: Couldn't obtain client's address\n");
data.ip_address = "n/a";
}
else
data.ip_address = hostaddrp;
return data;
}
#endif
void save_log(char *slug, char *hostaddrp, char *h_name)
{
if (LOG != NULL)
@@ -244,13 +327,18 @@ char *check_whitelist(char *ip_address)
void load_list(char *file_path, int type)
{
FILE *fp = fopen(file_path, "r");
FILE *fp;
if (( fp = fopen(file_path, "r")) == NULL )
error("cannot load list");
fseek(fp, 0, SEEK_END);
long fsize = ftell(fp);
fseek(fp, 0, SEEK_SET);
char *buffer = malloc(fsize + 1);
fread(buffer, fsize, 1, fp);
if (fread(buffer, fsize, 1, fp) != fsize)
error("reading list failed");
fclose(fp);
buffer[fsize] = 0;
@@ -265,10 +353,16 @@ void load_list(char *file_path, int type)
int create_socket()
{
int lsocket = socket(AF_INET, SOCK_STREAM, 0);
int lsocket;
#if (HAVE_INET6)
if (IPv6)
lsocket = socket(AF_INET6, SOCK_STREAM, 0);
else
#endif
lsocket = socket(AF_INET, SOCK_STREAM, 0);
if (lsocket < 0)
error("ERROR: Couldn't open socket");
error("Couldn't open socket");
return lsocket;
}
@@ -282,14 +376,35 @@ struct sockaddr_in set_address(struct sockaddr_in server_address)
return server_address;
}
#if (HAVE_INET6)
struct sockaddr_in6 set_address6(struct sockaddr_in6 server_address6)
{
bzero((char *) &server_address6, sizeof(server_address6));
server_address6.sin6_family = AF_INET6;
server_address6.sin6_addr = in6addr_any;
server_address6.sin6_port = htons((unsigned short)PORT);
return server_address6;
}
#endif
void bind_to_port(int listen_socket, struct sockaddr_in server_address)
{
if (bind(listen_socket, (struct sockaddr *) &server_address, sizeof(server_address)) < 0)
error("ERROR while binding to port");
error("while binding to port");
if (listen(listen_socket, QUEUE_SIZE) < 0)
error("ERROR while starting listening");
error("while starting listening");
}
#if (HAVE_INET6)
void bind_to_port6(int listen_socket, struct sockaddr_in6 server_address6)
{
if (bind(listen_socket, (struct sockaddr *) &server_address6, sizeof(server_address6)) < 0)
error("while binding to port");
if (listen(listen_socket, QUEUE_SIZE) < 0)
error("while starting listening");
}
#endif
void generate_url(char *buffer, char *slug, size_t slug_length, struct client_data data)
{
int i;
@@ -391,25 +506,41 @@ void startup_message()
void error(char *buffer)
{
printf("%s\n", buffer);
printf("Error: %s\n", buffer);
exit(1);
}
void set_domain_name() {
char b[128];
memcpy(b, DOMAIN, sizeof DOMAIN);
if (HTTPS)
snprintf(DOMAIN, sizeof DOMAIN, "%s%s", "https://", b);
else
snprintf(DOMAIN, sizeof DOMAIN, "%s%s", "http://", b);
}
void parse_parameters(int argc, char **argv)
{
int c;
while ((c = getopt (argc, argv, "Dep:b:s:d:o:l:B:u:w:")) != -1)
while ((c = getopt (argc, argv, "D6eSp:b:s:d:o:l:B:u:w:")) != -1)
switch (c)
{
case 'D':
DAEMON = 1;
break;
case '6':
IPv6 = 1;
break;
case 'e':
snprintf(symbols, sizeof symbols, "%s", "abcdefghijklmnopqrstuvwxyz0123456789-+_=.ABCDEFGHIJKLMNOPQRSTUVWXYZ");
break;
case 'S':
HTTPS = 1;
break;
case 'd':
snprintf(DOMAIN, sizeof DOMAIN, "%s%s%s", "http://", optarg, "/");
snprintf(DOMAIN, sizeof DOMAIN, "%s%s", optarg, "/");
break;
case 'p':
PORT = atoi(optarg);
@@ -438,7 +569,7 @@ void parse_parameters(int argc, char **argv)
load_list(WHITEFILE, 1);
break;
default:
printf("usage: fiche [-pbsdolBuw].\n");
printf("usage: fiche [-D6epbsdSolBuw].\n");
printf(" [-d domain] [-p port] [-s slug_size]\n");
printf(" [-o output directory] [-B buffer_size] [-u user name]\n");
printf(" [-l log file] [-b banlist] [-w whitelist]\n");

21
fiche.h
View File

@@ -31,6 +31,10 @@ $ cat fiche.c | nc localhost 9999
#ifndef FICHE_H
#define FICHE_H
#ifndef HAVE_INET6
#define HAVE_INET6 1
#endif
#include <pwd.h>
#include <time.h>
#include <netdb.h>
@@ -54,11 +58,13 @@ char *BANFILE;
char *WHITEFILE;
char *WHITELIST;
int DAEMON = 0;
int HTTPS = 0;
int PORT = 9999;
int IPv6 = 0;
int SLUG_SIZE = 4;
int BUFSIZE = 32768;
int QUEUE_SIZE = 500;
char DOMAIN[128] = "http://localhost/";
char DOMAIN[128] = "localhost/";
char symbols[67] = "abcdefghijklmnopqrstuvwxyz0123456789";
unsigned int time_seed;
@@ -67,6 +73,9 @@ struct thread_arguments
{
int connection_socket;
struct sockaddr_in client_address;
#if (HAVE_INET6)
struct sockaddr_in6 client_address6;
#endif
};
struct client_data
@@ -80,6 +89,9 @@ int create_directory(char *slug);
int check_protocol(char *buffer);
void bind_to_port(int listen_socket, struct sockaddr_in serveraddr);
#if (HAVE_INET6)
void bind_to_port6(int listen_socket, struct sockaddr_in6 serveraddr6);
#endif
void error(char *buffer);
void perform_connection(int listen_socket);
void generate_url(char *buffer, char *slug, size_t slug_length, struct client_data data);
@@ -87,6 +99,7 @@ void save_to_file(char *buffer, char *slug, struct client_data data);
void display_info(struct client_data data, char *slug, char *message);
void startup_message();
void set_basedir();
void set_domain_name();
void load_list(char *file_path, int type);
void parse_parameters(int argc, char **argv);
void save_log(char *slug, char *hostaddrp, char *h_name);
@@ -97,6 +110,12 @@ char *check_whitelist(char *ip_address);
char *get_date();
struct sockaddr_in set_address(struct sockaddr_in serveraddr);
#if (HAVE_INET6)
struct sockaddr_in6 set_address6(struct sockaddr_in6 serveraddr6);
#endif
struct client_data get_client_address(struct sockaddr_in client_address);
#if (HAVE_INET6)
struct client_data get_client_address6(struct sockaddr_in6 client_address6);
#endif
#endif