From: b Date: Thu, 29 Sep 2022 20:56:23 +0000 (+0000) Subject: fixed SETUID situation, X-Git-Url: http://bicyclesonthemoon.info/git-projects/?a=commitdiff_plain;h=83feabaae04f6c274a2c57865c5278e264719537;p=ott%2Fmirror fixed SETUID situation, moved to C. --- diff --git a/bot2.1.cpp b/bot2.1.c similarity index 95% rename from bot2.1.cpp rename to bot2.1.c index 90dfc07..ee6d295 100644 --- a/bot2.1.cpp +++ b/bot2.1.c @@ -1,6 +1,6 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// bot2.cpp (bothasar_t) automatically generated from bot2.1.cpp +// bot2.c (bothasar_t) automatically generated from bot2.1.c // the mirror bot. // 24.09.2022 // @@ -70,7 +70,7 @@ FILE *cwfile; FILE *stopfile; -bool logopen=false; +char logopen=0; char stoppath[N_STRBUF]; char nppath [N_STRBUF]; char nppath1[N_STRBUF]; @@ -89,19 +89,19 @@ int main(int argc, char *argv[]) int yarg; - bool fi=false; - bool fs=false; - bool fm=false; - bool fw=false; - bool fv=false; - bool fo=false; - bool fp=false; - bool recentbot=false; - bool newlog=false; - bool text=false; - bool down=false; - bool down2=false; - bool down3=false; + char fi=0; + char fs=0; + char fm=0; + char fw=0; + char fv=0; + char fo=0; + char fp=0; + char recentbot=0; + char newlog=0; + char text=0; + char down=0; + char down2=0; + char down3=0; unsigned short botID=0; unsigned long start=1; @@ -132,57 +132,57 @@ int main(int argc, char *argv[]) switch(yarg) { case 'i': - fi=true; + fi=1; if(optarg!=NULL) sscanf(optarg,"%hu",&botID); break; case 's': - fs=true; + fs=1; if(optarg!=NULL) sscanf(optarg,"%lu",&start); break; case 'm': - fm=true; + fm=1; if(optarg!=NULL) sscanf(optarg,"%lu",&max); break; case 'o': - fo=true; + fo=1; if(optarg!=NULL) sscanf(optarg,"%lu",&offset); break; case 'w': - fw=true; + fw=1; if(optarg!=NULL) sscanf(optarg,"%lu",&npwait); break; case 'v': - fv=true; + fv=1; if(optarg!=NULL) sscanf(optarg,"%lu",&await); break; case 'p': - fp=true; + fp=1; if(optarg!=NULL) sscanf(optarg,"%lu",&avoid); break; case 'r': - recentbot=true; + recentbot=1; break; case 'n': - newlog=true; + newlog=1; break; case 't': - text=true; + text=1; break; case 'd': - down=true; + down=1; break; case 'a': - down2=true; + down2=1; break; case 'b': - down3=true; + down3=1; break; default: @@ -218,7 +218,7 @@ int main(int argc, char *argv[]) { snprintf(argp1,N_STRBUF,"%s%hu",LOG_PATH,botID); if(freopen(argp1,newlog?"wt":"at",stdout)!=NULL) - logopen=true; + logopen=1; } setvbuf(stdout, NULL, _IONBF, 0); dup2(fileno(stdout),fileno(stderr)); @@ -423,7 +423,7 @@ int longline(const char *in,const char *out, unsigned long limit) { FILE *infile; FILE *outfile; - bool tag; + char tag; unsigned long counter=0; char ch; @@ -445,10 +445,10 @@ int longline(const char *in,const char *out, unsigned long limit) switch(ch) { case '<': - tag=true; + tag=1; break; case '>': - tag=false; + tag=0; if(counter>=limit) { fputc('\n',outfile); diff --git a/bot3.1.cpp b/bot3.1.c similarity index 97% rename from bot3.1.cpp rename to bot3.1.c index d3f8527..ee808d8 100644 --- a/bot3.1.cpp +++ b/bot3.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// bot3.cpp (bothasar_p) automatically generated from bot3.1.cpp +// bot3.c (bothasar_p) automatically generated from bot3.1.c // the post bot. -// 24.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -60,8 +60,8 @@ FILE *cwfile; FILE *stopfile; FILE *listfile; -bool listopen=false; -bool logopen=false; +char listopen=0; +char logopen=0; pid_t sub; int r; @@ -74,11 +74,11 @@ int main(int argc, char *argv[]) int yarg; - bool fm=false; - bool fw=false; + char fm=0; + char fw=0; - bool newlog=false; - bool text=false; + char newlog=0; + char text=0; unsigned long max=0xffffffff; // unsigned long posts=0xffffffff; @@ -111,20 +111,20 @@ int main(int argc, char *argv[]) switch(yarg) { case 'm': - fm=true; + fm=1; if(optarg!=NULL) sscanf(optarg,"%lu",&max); break; case 'w': - fw=true; + fw=1; if(optarg!=NULL) sscanf(optarg,"%lu",&pwait); break; case 'n': - newlog=true; + newlog=1; break; case 't': - text=true; + text=1; break; default: @@ -139,7 +139,7 @@ int main(int argc, char *argv[]) if(!text) { if(freopen(LOG_PATH,newlog?"wt":"at",stdout)!=NULL) - logopen=true; + logopen=1; } setvbuf(stdout, NULL, _IONBF, 0); @@ -220,7 +220,7 @@ int main(int argc, char *argv[]) printf("\nNo posts."); continue; } - listopen=true; + listopen=1; for(p=1;fgets(argp1,N_STRBUF-1,listfile)!=NULL;++p) { @@ -327,7 +327,7 @@ int main(int argc, char *argv[]) } } - listopen=false; + listopen=0; fclose(listfile); if(np #include #include +#include #include // ###C_RM_PATH: #define RM_PATH "/bin/rm" @@ -37,7 +38,18 @@ int main() { s_cgi *cgi; pid_t sub; + uid_t euid; + gid_t egid; int r; + + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + cgi=cgiInit(); printf("Content-type: text/html\n\n"); diff --git a/makefile b/makefile index 31e5378..3921d4c 100644 --- a/makefile +++ b/makefile @@ -21,7 +21,8 @@ -CC =g++ +CC =gcc +CCPP =g++ CF =-g -Wall -Wno-format-truncation L_CGI=-lcgi # AI=mawk -f @@ -73,48 +74,52 @@ CONFIGURE_CMD = $(PERL) $(CONFIGURE) $(CONFIGFILE) # keep these 2 lists in the same order!: GENERATE_FROM=\ bot2.1.awk\ -bot2.1.cpp\ -bot3.1.cpp\ -findpost.1.cpp\ +bot2.1.c\ +bot3.1.c\ +findpost.1.c\ index.1.awk\ -index.1.cpp\ -mpview.1.cpp\ -mview.1.cpp\ +index.1.c\ +mpview.1.c\ +mview.1.c\ ottmirror.1.conf\ ottmirror.1.cron\ pm.1.awk\ post.1.awk\ -post.1.cpp\ -posted.1.cpp\ +post.1.c\ +posted.1.c\ preview.1.awk\ -update.1.cpp\ -view.1.cpp +update.1.c\ +view.1.c TO_GENERATE=\ bot2.awk\ -bot2.cpp\ -bot3.cpp\ -findpost.cpp\ +bot2.c\ +bot3.c\ +findpost.c\ index.awk\ -index.cpp\ -mpview.cpp\ -mview.cpp\ +index.c\ +mpview.c\ +mview.c\ ottmirror.conf\ ottmirror.cron\ pm.awk\ post.awk\ -post.cpp\ -posted.cpp\ +post.c\ +posted.c\ preview.awk\ -update.cpp\ -view.cpp +update.c\ +view.c -PROGR_NORMAL=\ +C=\ bot2\ bot3\ findpost\ image -PROGR_CGI=\ +CPP= + +CPP_CGI= + +C_CGI=\ index\ mpview\ mview\ @@ -125,19 +130,19 @@ update\ view SETUID=\ -post\ -update\ -view\ +index\ +mpview\ mview\ +post\ posted\ -mpview +update\ +view BIN=\ bb2html.awk\ bot2\ bot2.awk\ bot3\ -bot3.cpp\ findlatest.awk\ findpost\ image\ @@ -147,7 +152,6 @@ list.awk\ mpview\ mview\ mview.awk\ -mview.cpp\ pm.awk\ post\ post.awk\ @@ -165,34 +169,34 @@ SRC=\ agpl.txt\ bb2html.awk\ bot2.1.awk\ -bot2.1.cpp\ -bot3.1.cpp\ +bot2.1.c\ +bot3.1.c\ findlatest.awk\ -findpost.1.cpp\ -image.cpp\ +findpost.1.c\ +image.c\ index.1.awk\ -index.1.cpp\ +index.1.c\ list.awk\ makefile\ makefile.1.mak\ -mpview.1.cpp\ -mview.1.cpp\ +mpview.1.c\ +mview.1.c\ mview.awk\ ottmirror.1.conf\ ottmirror.1.cron\ pm.1.awk\ post.1.awk\ -post.1.cpp\ -posted.1.cpp\ +post.1.c\ +posted.1.c\ posted.awk\ preview.1.awk\ -redirect.cpp\ +redirect.c\ settings-release.txt\ settings.txt\ -update.1.cpp\ +update.1.c\ upload.awk\ verify.awk\ -view.1.cpp\ +view.1.c\ view.awk\ www @@ -222,7 +226,7 @@ HIDDEN_DIR=\ $(TMP_PATH)\ $(MEM_POST_PATH) -all: $(TO_GENERATE) $(PROGR_NORMAL) $(PROGR_CGI) +all: $(TO_GENERATE) $(C) $(CPP) $(C_CGI) $(CPP_CGI) makefile: makefile.1.mak $(CONFIGFILE) @@ -231,14 +235,20 @@ makefile: makefile.1.mak $(CONFIGFILE) $(TO_GENERATE): $(GENERATE_FROM) $(CONFIGFILE) $(CONFIGURE_CMD) --in $(GENERATE_FROM) --out $(TO_GENERATE) -$(PROGR_NORMAL): %: %.cpp +$(C): %: %.c $(CC) $(CF) -o $@ $< -$(PROGR_CGI): %: %.cpp +$(CPP): %: %.cpp + $(CCPP) $(CF) -o $@ $< + +$(C_CGI): %: %.c $(CC) $(CF) -o $@ $< $(L_CGI) +$(CPP_CGI): %: %.cpp + $(CCPP) $(CF) -o $@ $< $(L_CGI) + setuid: $(SETUID) - $(CHMOD) u+s $(SETUID) + $(CHMOD) u+s,g+s $(SETUID) mktree: $(MKDIR) -p $(DIR) @@ -267,7 +277,7 @@ install: cp_bin cp_www cp_www_desc cp_src cp_conf cp_cron clean: - $(RM) -f $(TO_GENERATE) $(PROGR_NORMAL) $(PROGR_CGI) + $(RM) -f $(TO_GENERATE) $(C) $(CPP) $(C_CGI) $(CPP_CGI) PHONY: all clean setuid mktree cp_bin co_conf cp_cron cp_src cp_www cp_www_desc install diff --git a/makefile.1.mak b/makefile.1.mak index 4a48039..2c5bc6a 100644 --- a/makefile.1.mak +++ b/makefile.1.mak @@ -21,7 +21,8 @@ -###MAKE_CC: CC=g++ +###MAKE_CC: CC=gcc +###MAKE_CCPP: CCPP=g++ ###MAKE_CF: CF=-g -Wall ###MAKE_L_CGI: L_CGI=-lcgi # AI=mawk -f @@ -73,48 +74,52 @@ CONFIGURE_CMD = $(PERL) $(CONFIGURE) $(CONFIGFILE) # keep these 2 lists in the same order!: GENERATE_FROM=\ bot2.1.awk\ -bot2.1.cpp\ -bot3.1.cpp\ -findpost.1.cpp\ +bot2.1.c\ +bot3.1.c\ +findpost.1.c\ index.1.awk\ -index.1.cpp\ -mpview.1.cpp\ -mview.1.cpp\ +index.1.c\ +mpview.1.c\ +mview.1.c\ ottmirror.1.conf\ ottmirror.1.cron\ pm.1.awk\ post.1.awk\ -post.1.cpp\ -posted.1.cpp\ +post.1.c\ +posted.1.c\ preview.1.awk\ -update.1.cpp\ -view.1.cpp +update.1.c\ +view.1.c TO_GENERATE=\ bot2.awk\ -bot2.cpp\ -bot3.cpp\ -findpost.cpp\ +bot2.c\ +bot3.c\ +findpost.c\ index.awk\ -index.cpp\ -mpview.cpp\ -mview.cpp\ +index.c\ +mpview.c\ +mview.c\ ottmirror.conf\ ottmirror.cron\ pm.awk\ post.awk\ -post.cpp\ -posted.cpp\ +post.c\ +posted.c\ preview.awk\ -update.cpp\ -view.cpp +update.c\ +view.c -PROGR_NORMAL=\ +C=\ bot2\ bot3\ findpost\ image -PROGR_CGI=\ +CPP= + +CPP_CGI= + +C_CGI=\ index\ mpview\ mview\ @@ -125,19 +130,19 @@ update\ view SETUID=\ -post\ -update\ -view\ +index\ +mpview\ mview\ +post\ posted\ -mpview +update\ +view BIN=\ bb2html.awk\ bot2\ bot2.awk\ bot3\ -bot3.cpp\ findlatest.awk\ findpost\ image\ @@ -147,7 +152,6 @@ list.awk\ mpview\ mview\ mview.awk\ -mview.cpp\ pm.awk\ post\ post.awk\ @@ -165,34 +169,34 @@ SRC=\ agpl.txt\ bb2html.awk\ bot2.1.awk\ -bot2.1.cpp\ -bot3.1.cpp\ +bot2.1.c\ +bot3.1.c\ findlatest.awk\ -findpost.1.cpp\ -image.cpp\ +findpost.1.c\ +image.c\ index.1.awk\ -index.1.cpp\ +index.1.c\ list.awk\ makefile\ makefile.1.mak\ -mpview.1.cpp\ -mview.1.cpp\ +mpview.1.c\ +mview.1.c\ mview.awk\ ottmirror.1.conf\ ottmirror.1.cron\ pm.1.awk\ post.1.awk\ -post.1.cpp\ -posted.1.cpp\ +post.1.c\ +posted.1.c\ posted.awk\ preview.1.awk\ -redirect.cpp\ +redirect.c\ settings-release.txt\ settings.txt\ -update.1.cpp\ +update.1.c\ upload.awk\ verify.awk\ -view.1.cpp\ +view.1.c\ view.awk\ www @@ -222,7 +226,7 @@ HIDDEN_DIR=\ $(TMP_PATH)\ $(MEM_POST_PATH) -all: $(TO_GENERATE) $(PROGR_NORMAL) $(PROGR_CGI) +all: $(TO_GENERATE) $(C) $(CPP) $(C_CGI) $(CPP_CGI) makefile: makefile.1.mak $(CONFIGFILE) @@ -231,14 +235,20 @@ makefile: makefile.1.mak $(CONFIGFILE) $(TO_GENERATE): $(GENERATE_FROM) $(CONFIGFILE) $(CONFIGURE_CMD) --in $(GENERATE_FROM) --out $(TO_GENERATE) -$(PROGR_NORMAL): %: %.cpp +$(C): %: %.c $(CC) $(CF) -o $@ $< -$(PROGR_CGI): %: %.cpp +$(CPP): %: %.cpp + $(CCPP) $(CF) -o $@ $< + +$(C_CGI): %: %.c $(CC) $(CF) -o $@ $< $(L_CGI) +$(CPP_CGI): %: %.cpp + $(CCPP) $(CF) -o $@ $< $(L_CGI) + setuid: $(SETUID) - $(CHMOD) u+s $(SETUID) + $(CHMOD) u+s,g+s $(SETUID) mktree: $(MKDIR) -p $(DIR) @@ -267,7 +277,7 @@ install: cp_bin cp_www cp_www_desc cp_src cp_conf cp_cron clean: - $(RM) -f $(TO_GENERATE) $(PROGR_NORMAL) $(PROGR_CGI) + $(RM) -f $(TO_GENERATE) $(C) $(CPP) $(C_CGI) $(CPP_CGI) PHONY: all clean setuid mktree cp_bin co_conf cp_cron cp_src cp_www cp_www_desc install diff --git a/mpview.1.cpp b/mpview.1.c similarity index 93% rename from mpview.1.cpp rename to mpview.1.c index 26378b1..aa79320 100644 --- a/mpview.1.cpp +++ b/mpview.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// mpview.cpp automatically generated from mpview.1.cpp +// mpview.c automatically generated from mpview.1.c // view a post from the mirror. -// 24.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -23,6 +23,7 @@ #include #include #include +#include #include // ###C_RM_PATH: #define RM_PATH "/bin/rm" @@ -50,8 +51,18 @@ int main() { s_cgi *cgi; pid_t sub; + uid_t euid; + gid_t egid; int r; + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + char line[N_STRBUF_SH]; char filename[N_STRBUF_SH]; char postpath[N_STRBUF]; diff --git a/mview.1.cpp b/mview.1.c similarity index 95% rename from mview.1.cpp rename to mview.1.c index 66ddcba..dcbcafb 100644 --- a/mview.1.cpp +++ b/mview.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// mview.cpp automatically generated from mview.1.cpp +// mview.c automatically generated from mview.1.c // view posts from the mirror. -// 24.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -23,6 +23,7 @@ #include #include #include +#include #include // ###C_RM_PATH: #define RM_PATH "/bin/rm" @@ -93,10 +94,12 @@ unsigned long p2np(unsigned long p) } return 1L; } -int main() +int main(int argc, char **argv) { s_cgi *cgi; pid_t sub; + uid_t euid; + gid_t egid; int r; char *arg; @@ -114,6 +117,14 @@ int main() unsigned long last=0xffffffff; unsigned long ps=0xffffffff; + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + cgi=cgiInit(); file = fopen(LAST_PATH,"rt"); diff --git a/post.1.cpp b/post.1.c similarity index 81% rename from post.1.cpp rename to post.1.c index 185e547..508ffb0 100644 --- a/post.1.cpp +++ b/post.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// post.cpp automatically generated from post.1.cpp +// post.c automatically generated from post.1.c // write posts from the mirror. -// 24.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -56,8 +57,8 @@ pid_t sub; int r; FILE *tempfile; FILE *postfile; -bool tf=false; -bool pf=false; +char tf=0; +char pf=0; char temppath[N_STRBUF]=""; char postpath[N_STRBUF]=""; @@ -81,9 +82,9 @@ char wrong[N_STRBUF]; void submit(); void preview (const char *text); -void writeArg(FILE *file,const char *name,const char *value, bool all); -void writeArg(FILE *file,const char *name,const char *value, char *insert); -void writeArgH(FILE *file,const char *name,const char *value, unsigned char br); +void writeArgA(FILE *file,const char *name,const char *value, char all); +void writeArgI(FILE *file,const char *name,const char *value, char *insert); +void writeArgHN(FILE *file,const char *name,const char *value, unsigned char br); void writeArgH(FILE *file,const char *value); void end(int m); @@ -113,7 +114,7 @@ void end(int m) exit(m); } -void writeArg(FILE *file,const char *name,const char *value, bool all=false) +void writeArgA(FILE *file,const char *name,const char *value, char all) { unsigned short length, i, v; fprintf(file,"%s=",name); @@ -129,7 +130,7 @@ void writeArg(FILE *file,const char *name,const char *value, bool all=false) fputc('\n',file); } -void writeArg(FILE *file,const char *name,const char *value, char *insert) +void writeArgI(FILE *file,const char *name,const char *value, char *insert) { unsigned short length, i, v; fprintf(file,"%s=",name); @@ -154,7 +155,7 @@ void writeArg(FILE *file,const char *name,const char *value, char *insert) fputc('\n',file); } -void writeArgH(FILE *file,const char *name,const char *value, unsigned char br=0) +void writeArgHN(FILE *file,const char *name,const char *value, unsigned char br) { unsigned short length, i, v; fprintf(file,"%s=",name); @@ -246,30 +247,30 @@ void submit() tempfile=fopen(temppath,"wt"); if(tempfile==NULL) preview("Couldn't create file."); - tf=true; - writeArgH(tempfile,"timenumber",timenumber); - writeArgH(tempfile,"timetext",timetext); - writeArgH(tempfile,"BBHTML",message,1); - writeArgH(tempfile,"BB",message,3); - writeArgH(tempfile,"username_h",username); - writeArgH(tempfile,"subject_h",subject); - writeArg (tempfile,"username",username); - writeArg (tempfile,"password",password,1); - writeArg (tempfile,"subject",subject); - writeArg (tempfile,"addbbcode20",addbbcode20); - writeArg (tempfile,"message",message,botinfo); + tf=1; + writeArgHN(tempfile,"timenumber",timenumber,0); + writeArgHN(tempfile,"timetext", timetext, 0); + writeArgHN(tempfile,"BBHTML", message, 1); + writeArgHN(tempfile,"BB", message, 3); + writeArgHN(tempfile,"username_h",username, 0); + writeArgHN(tempfile,"subject_h", subject, 0); + writeArgA (tempfile,"username", username, 0); + writeArgA (tempfile,"password", password, 1); + writeArgA (tempfile,"subject", subject, 0); + writeArgA (tempfile,"addbbcode20",addbbcode20,0); + writeArgI (tempfile,"message", message, botinfo); if(disable_bbcode[0]!='\0') - writeArg(tempfile,"disable_bbcode",disable_bbcode); + writeArgA(tempfile,"disable_bbcode",disable_bbcode,0); if(disable_smilies[0]!='\0') - writeArg(tempfile,"disable_smilies",disable_smilies); + writeArgA(tempfile,"disable_smilies",disable_smilies,0); if(disable_magic_url[0]!='\0') - writeArg(tempfile,"disable_magic_url",disable_magic_url); + writeArgA(tempfile,"disable_magic_url",disable_magic_url,0); if(attach_sig[0]!='\0') - writeArg(tempfile,"attach_sig",attach_sig); + writeArgA(tempfile,"attach_sig",attach_sig,0); if(notify[0]!='\0') - writeArg(tempfile,"notify",notify); + writeArgA(tempfile,"notify",notify,0); fclose(tempfile); - tf=false; + tf=0; snprintf(arg1,N_STRBUF,"outfile=%s",temppath); fflush(stdout); @@ -315,7 +316,7 @@ void submit() } else { - tf=true; + tf=1; if(fgets(listpath,N_STRBUF-1,tempfile)) sscanf(listpath,"%lu",&lastpage); if(fgets(listpath,N_STRBUF-1,tempfile)) @@ -328,12 +329,12 @@ void submit() else ++postslast; fclose(tempfile); - tf=false; + tf=0; } tempfile=fopen(MLAST_PATH,"wt"); if(tempfile==NULL) { - pf=true; + pf=1; preview("Couldn't update list."); } fprintf(tempfile,"%lu\n%hu\n%s\n",lastpage,postslast,timenumber); @@ -343,7 +344,7 @@ void submit() tempfile=fopen(listpath,"at"); if(tempfile==NULL) { - pf=true; + pf=1; preview("Couldn't update list."); } fprintf(tempfile,"%s\n",timenumber); @@ -396,28 +397,28 @@ void preview (const char *text) tempfile=fopen(temppath,"wt"); if(tempfile==NULL) end(1); - tf=true; - - writeArgH(tempfile,"HTML",message,1); - writeArgH(tempfile,"BB",message,3); - writeArgH(tempfile,"wrong",text); - writeArgH(tempfile,"username",username); - writeArgH(tempfile,"subject",subject); - writeArgH(tempfile,"message",message); - // writeArgH(tempfile,"addbbcode20",addbbcode20); - writeArgH(tempfile,"disable_bbcode",disable_bbcode); - writeArgH(tempfile,"disable_smilies",disable_smilies); - writeArgH(tempfile,"disable_magic_url",disable_magic_url); - writeArgH(tempfile,"attach_sig",attach_sig); - writeArgH(tempfile,"notify",notify); - writeArgH(tempfile,"addquote",addquote); - writeArgH(tempfile,"edit",edit); - writeArgH(tempfile,"forceID",forceID); - // writeArgH(tempfile,"Preview",Preview); - // writeArgH(tempfile,"post",post); + tf=1; + + writeArgHN(tempfile,"HTML", message, 1); + writeArgHN(tempfile,"BB", message, 3); + writeArgHN(tempfile,"wrong", text, 0); + writeArgHN(tempfile,"username", username, 0); + writeArgHN(tempfile,"subject", subject, 0); + writeArgHN(tempfile,"message", message, 0); + // writeArgHN(tempfile,"addbbcode20",addbbcode20, 0); + writeArgHN(tempfile,"disable_bbcode", disable_bbcode, 0); + writeArgHN(tempfile,"disable_smilies", disable_smilies, 0); + writeArgHN(tempfile,"disable_magic_url",disable_magic_url,0); + writeArgHN(tempfile,"attach_sig", attach_sig, 0); + writeArgHN(tempfile,"notify", notify, 0); + writeArgHN(tempfile,"addquote", addquote, 0); + writeArgHN(tempfile,"edit", edit, 0); + writeArgHN(tempfile,"forceID", forceID, 0); + // writeArgHN(tempfile,"Preview", Preview, 0); + // writeArgHN(tempfile,"post", post, 0); fclose(tempfile); - tf=false; + tf=0; printf("Content-type: text/html\n\n"); @@ -448,13 +449,23 @@ void preview (const char *text) end(0); } -int main() +int main(int argc, char **argv) { - bool missing=false; - + char missing=0; + uid_t euid; + gid_t egid; + int r; char *arg; + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + cgi=cgiInit(); snprintf(temppath,N_STRBUF,"%s%lu",TEMP_PATH,(unsigned long)getpid()); @@ -464,7 +475,7 @@ int main() password=arg; else { - missing=true; + missing=1; strcpy(wrong,"Password is missing."); } @@ -473,7 +484,7 @@ int main() username=arg; else { - missing=true; + missing=1; strcpy(wrong,"Username is missing."); } @@ -482,7 +493,7 @@ int main() subject=arg; else { - missing=true; + missing=1; strcpy(wrong,"Subject was missing. Replaced with default value."); } @@ -491,14 +502,14 @@ int main() message=arg; else { - missing=true; + missing=1; strcpy(wrong,"Post is empty."); } arg=cgiGetValue(cgi,"password2"); if(arg!=NULL) { - missing=true; + missing=1; strcpy(wrong,"Please don't write in the \"Leave this empty\" field."); } diff --git a/posted.1.cpp b/posted.1.c similarity index 91% rename from posted.1.cpp rename to posted.1.c index 384c212..2d0d8ca 100644 --- a/posted.1.cpp +++ b/posted.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// posted.cpp automatically generated from posted.1.cpp +// posted.c automatically generated from posted.1.c // posts recently sent from the mirror. -// 24.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -23,6 +23,7 @@ #include #include #include +#include // #include #include @@ -40,10 +41,11 @@ #define N_STRBUF 256 #define N_STRBUF_SH 256 -s_cgi *cgi; -pid_t sub; -int r; - + s_cgi *cgi; + pid_t sub; + uid_t euid; + gid_t egid; + int r; int main(int argc, char **argv) { @@ -54,7 +56,14 @@ int main(int argc, char **argv) FILE *tempfile; FILE *postfile; - + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + // dup2(fileno(stdout),fileno(stderr)); cgi=cgiInit(); diff --git a/redirect.cpp b/redirect.c similarity index 95% rename from redirect.cpp rename to redirect.c index a30495b..dd41809 100644 --- a/redirect.cpp +++ b/redirect.c @@ -1,6 +1,6 @@ // OTT mirror // Copyright (C) 2014 Balthasar Szczepañski -// redirect.cpp +// redirect.c // redirect srevice for the "Jump to:" list. // 24.08.2014 // diff --git a/settings-release.txt b/settings-release.txt index 34b6739..d8dddac 100644 --- a/settings-release.txt +++ b/settings-release.txt @@ -57,7 +57,8 @@ rm: /usr/bin/rm sudo: sudo wget: /usr/bin/wget -CC: g++ +CC: gcc +CCPP: g++ CF: -g -Wall -Wno-format-truncation L_CGI: -lcgi diff --git a/settings.txt b/settings.txt index baece28..625b1e5 100644 --- a/settings.txt +++ b/settings.txt @@ -110,6 +110,7 @@ MAKE_RM = RM =$rm MAKE_SUDO = SUDO =$sudo MAKE_CC = CC =$CC +MAKE_CCPP = CCPP =$CCPP MAKE_CF = CF =$CF MAKE_L_CGI = L_CGI=$L_CGI diff --git a/update.1.cpp b/update.1.c similarity index 81% rename from update.1.cpp rename to update.1.c index 375e23d..ba764b8 100644 --- a/update.1.cpp +++ b/update.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// update.cpp automatically generated from update.1.cpp +// update.c automatically generated from update.1.c // update a page. -// 25.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -23,19 +23,30 @@ #include #include #include +#include #include // ###C_BOT_PATH_2: #define BOT_PATH "/eizm/pro/ottmirror/bot2" #define UPDATE_PATH "/ott/update.htm" -int main() +int main(int argc, char **argv) { s_cgi *cgi; pid_t sub; + uid_t euid; + gid_t egid; int r; char *arg; + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); + cgi=cgiInit(); arg=cgiGetValue(cgi,"np"); if(arg!=NULL) diff --git a/view.1.cpp b/view.1.c similarity index 95% rename from view.1.cpp rename to view.1.c index 6f860e7..3b36cc2 100644 --- a/view.1.cpp +++ b/view.1.c @@ -1,8 +1,8 @@ // OTT mirror // Copyright (C) 2014, 2022 Balthasar Szczepański -// view.cpp automatically generated from view.1.cpp +// view.c automatically generated from view.1.c // view a page. -// 25.09.2022 +// 29.09.2022 // // This file is part of OTT mirror. // @@ -23,6 +23,7 @@ #include #include #include +#include #include #define RM_PATH "/bin/rm" @@ -93,10 +94,12 @@ unsigned long p2np(unsigned long p) } return 1L; } -int main() +int main(int argc, char **argv) { s_cgi *cgi; pid_t sub; + uid_t euid; + gid_t egid; int r; char *arg; @@ -111,14 +114,22 @@ int main() unsigned long p=0L; unsigned long last=0xffffffff; unsigned long ps=0xffffffff; - bool mustard=false; + char mustard=0; + + /* always be yourself in your total life */ + euid = geteuid(); + egid = getegid(); + if ((r = setreuid(euid, euid))) + return (r = errno); + if ((r = setregid(egid, egid))) + return (r = errno); cgi=cgiInit(); file = fopen(MLAST_PATH,"rt"); if(file!=NULL) { - mustard=true; + mustard=1; fclose(file); }