Compare commits
4 Commits
474d09d21a
...
29298b2d31
Author | SHA1 | Date |
---|---|---|
Oskari Rauta | 29298b2d31 | |
Paul Donald | 4628b6bd43 | |
Dirk Brenken | 2c6d5adac0 | |
Oskari Rauta | 365e7063a3 |
|
@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=banip
|
||||
PKG_VERSION:=0.9.5
|
||||
PKG_RELEASE:=2
|
||||
PKG_RELEASE:=3
|
||||
PKG_LICENSE:=GPL-3.0-or-later
|
||||
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ IP address blocking is commonly used to protect against brute force attacks, pre
|
|||
| adguard | adguard IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| adguardtrackers | adguardtracker IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| antipopads | antipopads IPs | | | x | tcp: 80, 443 | [Link](https://github.com/dibdot/banIP-IP-blocklists) |
|
||||
| asn | ASN segments | | | x | tcp: 80, 443 | [Link](https://asn.ipinfo.app) |
|
||||
| asn | ASN segments | x | x | x | | [Link](https://asn.ipinfo.app) |
|
||||
| backscatterer | backscatterer IPs | x | x | | | [Link](https://www.uceprotect.net/en/index.php) |
|
||||
| becyber | malicious attacker IPs | x | x | | | [Link](https://github.com/duggytuxy/malicious_ip_addresses) |
|
||||
| binarydefense | binary defense banlist | x | x | | | [Link](https://iplists.firehol.org/?ipset=bds_atif) |
|
||||
|
@ -114,7 +114,7 @@ IP address blocking is commonly used to protect against brute force attacks, pre
|
|||
* It's strongly recommended to use the LuCI frontend to easily configure all aspects of banIP, the application is located in LuCI under the 'Services' menu
|
||||
* If you're using a complex network setup, e.g. special tunnel interfaces, than untick the 'Auto Detection' option under the 'General Settings' tab and set the required options manually
|
||||
* Start the service with '/etc/init.d/banip start' and check everything is working by running '/etc/init.d/banip status' and also check the 'Firewall Log' and 'Processing Log' tabs
|
||||
* If you're going to configure banIP via CLI, edit the config file '/etc/config/banip' and enable the service (set ban\_enabled to '1'), then add pre-configured feeds via 'ban\_feed' (see the feed list above) and add/change other options to your needs (see the options reference below)
|
||||
* If you're going to configure banIP via CLI, edit the config file '/etc/config/banip' and enable the service (set ban\_enabled to '1'), then add pre-configured feeds via 'ban\_feed' (see the feed list above) and add/change other options to your needs, see the options reference table below
|
||||
|
||||
## banIP CLI interface
|
||||
* All important banIP functions are accessible via CLI.
|
||||
|
@ -428,12 +428,12 @@ A valid JSON source object contains the following information, e.g.:
|
|||
"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"descr": "tor exit nodes",
|
||||
"flag": "tcp 80-89 443"
|
||||
"flag": "gz tcp 80-88 udp 50000"
|
||||
},
|
||||
[...]
|
||||
```
|
||||
Add an unique feed name (no spaces, no special chars) and make the required changes: adapt at least the URL, the regex and the description for a new feed.
|
||||
Please note: the flag field is optional, it's a space separated list of options: supported are 'gz' as an archive format, protocols 'tcp' or 'udp' with port numbers/port ranges for destination port limitations.
|
||||
Please note: the flag field is optional, it's a space separated list of options: supported are 'gz' as an archive format, protocols 'tcp' or 'udp' with port numbers/port ranges for destination port limitations - multiple definitions are possible.
|
||||
|
||||
## Support
|
||||
Please join the banIP discussion in this [forum thread](https://forum.openwrt.org/t/banip-support-thread/16985) or contact me by mail <dev@brenken.org>
|
||||
|
|
|
@ -595,24 +595,30 @@ f_etag() {
|
|||
# build initial nft file with base table, chains and rules
|
||||
#
|
||||
f_nftinit() {
|
||||
local wan_dev vlan_allow vlan_block log_ct log_icmp log_syn log_udp log_tcp feed_log feed_rc allow_proto allow_dport flag file="${1}"
|
||||
local wan_dev vlan_allow vlan_block log_ct log_icmp log_syn log_udp log_tcp feed_log feed_rc flag tmp_proto tmp_port allow_dport file="${1}"
|
||||
|
||||
wan_dev="$(printf "%s" "${ban_dev}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
[ -n "${ban_vlanallow}" ] && vlan_allow="$(printf "%s" "${ban_vlanallow%%?}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
[ -n "${ban_vlanblock}" ] && vlan_block="$(printf "%s" "${ban_vlanblock%%?}" | "${ban_sedcmd}" 's/^/\"/;s/$/\"/;s/ /\", \"/g')"
|
||||
|
||||
for flag in ${ban_allowflag}; do
|
||||
if [ -z "${allow_proto}" ] && { [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; }; then
|
||||
allow_proto="${flag}"
|
||||
elif [ -n "${allow_proto}" ] && [ -n "${flag//[![:digit]-]/}" ] && ! printf "%s" "${allow_dport}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ -z "${allow_dport}" ]; then
|
||||
allow_dport="${flag}"
|
||||
else
|
||||
allow_dport="${allow_dport}, ${flag}"
|
||||
if [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; then
|
||||
if [ -z "${tmp_proto}" ]; then
|
||||
tmp_proto="${flag}"
|
||||
elif ! printf "%s" "${tmp_proto}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_proto="${tmp_proto}, ${flag}"
|
||||
fi
|
||||
elif [ -n "${flag//[![:digit]-]/}" ]; then
|
||||
if [ -z "${tmp_port}" ]; then
|
||||
tmp_port="${flag}"
|
||||
elif ! printf "%s" "${tmp_port}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_port="${tmp_port}, ${flag}"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
[ -n "${allow_dport}" ] && allow_dport="${allow_proto} dport { ${allow_dport} }"
|
||||
if [ -n "${tmp_proto}" ] && [ -n "${tmp_port}" ]; then
|
||||
allow_dport="meta l4proto { ${tmp_proto} } th dport { ${tmp_port} }"
|
||||
fi
|
||||
|
||||
if [ "${ban_logprerouting}" = "1" ]; then
|
||||
log_icmp="log level ${ban_nftloglevel} prefix \"banIP/pre-icmp/drop: \""
|
||||
|
@ -697,7 +703,7 @@ f_nftinit() {
|
|||
#
|
||||
f_down() {
|
||||
local log_input log_forwardwan log_forwardlan start_ts end_ts tmp_raw tmp_load tmp_file split_file ruleset_raw handle rc etag_rc
|
||||
local expr cnt_set cnt_dl restore_rc feed_direction feed_rc feed_log feed_comp feed_proto feed_dport feed_target
|
||||
local expr cnt_set cnt_dl restore_rc feed_direction feed_rc feed_log feed_comp feed_target feed_dport tmp_proto tmp_port flag
|
||||
local feed="${1}" proto="${2}" feed_url="${3}" feed_rule="${4}" feed_flag="${5}"
|
||||
|
||||
start_ts="$(date +%s)"
|
||||
|
@ -756,19 +762,25 @@ f_down() {
|
|||
# prepare feed flags
|
||||
#
|
||||
for flag in ${feed_flag}; do
|
||||
if [ "${flag}" = "gz" ] && ! printf "%s" "${feed_comp}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ "${flag}" = "gz" ]; then
|
||||
feed_comp="${flag}"
|
||||
elif [ -z "${feed_proto}" ] && { [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; }; then
|
||||
feed_proto="${flag}"
|
||||
elif [ -n "${feed_proto}" ] && [ -n "${flag//[![:digit]-]/}" ] && ! printf "%s" "${feed_dport}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
if [ -z "${feed_dport}" ]; then
|
||||
feed_dport="${flag}"
|
||||
else
|
||||
feed_dport="${feed_dport}, ${flag}"
|
||||
elif [ "${flag}" = "tcp" ] || [ "${flag}" = "udp" ]; then
|
||||
if [ -z "${tmp_proto}" ]; then
|
||||
tmp_proto="${flag}"
|
||||
elif ! printf "%s" "${tmp_proto}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_proto="${tmp_proto}, ${flag}"
|
||||
fi
|
||||
elif [ -n "${flag//[![:digit]-]/}" ]; then
|
||||
if [ -z "${tmp_port}" ]; then
|
||||
tmp_port="${flag}"
|
||||
elif ! printf "%s" "${tmp_port}" | "${ban_grepcmd}" -qw "${flag}"; then
|
||||
tmp_port="${tmp_port}, ${flag}"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
[ -n "${feed_dport}" ] && feed_dport="${feed_proto} dport { ${feed_dport} }"
|
||||
if [ -n "${tmp_proto}" ] && [ -n "${tmp_port}" ]; then
|
||||
feed_dport="meta l4proto { ${tmp_proto} } th dport { ${tmp_port} }"
|
||||
fi
|
||||
|
||||
# chain/rule maintenance
|
||||
#
|
||||
|
|
|
@ -36,8 +36,7 @@
|
|||
"url_6": "https://asn.ipinfo.app/api/text/list/",
|
||||
"rule_4": "/^(([0-9]{1,3}\\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])(\\/(1?[0-9]|2?[0-9]|3?[0-2]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"rule_6": "/^(([0-9A-f]{0,4}:){1,7}[0-9A-f]{0,4}:?(\\/(1?[0-2][0-8]|[0-9][0-9]))?)$/{printf \"%s,\\n\",$1}",
|
||||
"descr": "ASN IP segments",
|
||||
"flag": "tcp 80 443"
|
||||
"descr": "ASN IP segments"
|
||||
},
|
||||
"backscatterer":{
|
||||
"url_4": "http://wget-mirrors.uceprotect.net/rbldnsd-all/ips.backscatterer.org.gz",
|
||||
|
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=p910nd
|
||||
PKG_VERSION:=0.97
|
||||
PKG_RELEASE:=13
|
||||
PKG_RELEASE:=14
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
|
||||
PKG_SOURCE_URL:=@SF/p910nd
|
||||
|
|
|
@ -281,8 +281,7 @@ get_and_store_printer_info() {
|
|||
[ "$DEBUG" ] && echo ${MFG:+MFG=$MFG} ${MDL:+MDL=$MDL} ${CMD:+CMD=$CMD} ${CLS:+CLS=$CLS} ${DES:+DES=$DES} ${SN:+SN=$SN}
|
||||
|
||||
[ "$DEBUG" ] && echo 'uci set' for UCI_DEV_CFG_NUMBER: $UCI_DEV_CFG_NUMBER
|
||||
# Take the USB info as fact: set bidir regardless. It seems to be a source of confusion.
|
||||
eval "$uqsddu_cmd.bidirectional='$BIDIR'"
|
||||
[ -z "$(eval "$uqgddu_cmd".bidirectional)" ] && eval "$uqsddu_cmd.bidirectional='$BIDIR'"
|
||||
[ -z "$(eval "$uqgddu_cmd".port)" ] && eval "$uqsddu_cmd.port='0'"
|
||||
[ -z "$(eval "$uqgddu_cmd".enabled)" ] && eval "$uqsddu_cmd.enabled='1'"
|
||||
[ -z "$(eval "$uqgddu_cmd".usbvidpid)" ] && [ -n "$THIS_USB_VIDPID" ] && eval "$uqsddu_cmd.usbvidpid='$THIS_USB_VIDPID'"
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sftp-server
|
||||
PKG_VERSION:=2
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://github.com/ewxrjk/sftpserver.git
|
||||
PKG_SOURCE_DATE:=2024-04-17
|
||||
PKG_SOURCE_VERSION:=454309adcd99e3253f106f1f634e800e4d098b18
|
||||
PKG_MIRROR_HASH:=9590f6c0d4defe820eed8f359f5f782cd87801ca40c2c2f0d160e521bc80dc3b
|
||||
|
||||
PKG_MAINTAINER:=Oskari Rauta <oskari.rauta@gmail.com>
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
PKG_LICENSE_FILES:=COPYING
|
||||
|
||||
PKG_FIXUP:=autoreconf
|
||||
PKG_INSTALL:=1
|
||||
|
||||
include $(INCLUDE_DIR)/package.mk
|
||||
|
||||
define Package/sftp-server
|
||||
SECTION:=net
|
||||
CATEGORY:=Network
|
||||
SUBMENU:=SSH
|
||||
TITLE:=Green End SFTP Server
|
||||
CONFLICTS:=openssh-sftp-server
|
||||
URL:=http://www.greenend.org.uk/rjk/sftpserver/
|
||||
endef
|
||||
|
||||
define Package/sftp-server/description
|
||||
This is an SFTP server supporting up to protocol version 6.
|
||||
It is possible to use it as a drop-in replacement
|
||||
for the OpenSSH server.
|
||||
endef
|
||||
|
||||
CONFIGURE_ARGS += --libexecdir=/usr/libexec
|
||||
|
||||
define Package/sftp-server/install
|
||||
$(INSTALL_DIR) $(1)/usr/libexec
|
||||
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/libexec/gesftpserver $(1)/usr/libexec/sftp-server
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,sftp-server))
|
|
@ -0,0 +1,83 @@
|
|||
From 234709884c84896511d5d5d52f5f7926b44ca6ad Mon Sep 17 00:00:00 2001
|
||||
From: Andy Pan <andypan@ntuosc.org>
|
||||
Date: Wed, 6 Sep 2023 14:12:03 +0800
|
||||
Subject: [PATCH] Eliminate autoconf warnings
|
||||
|
||||
---
|
||||
acinclude.m4 | 20 ++++++++++----------
|
||||
configure.ac | 6 +++---
|
||||
2 files changed, 13 insertions(+), 13 deletions(-)
|
||||
|
||||
--- a/acinclude.m4
|
||||
+++ b/acinclude.m4
|
||||
@@ -120,10 +120,10 @@ $suppress \
|
||||
fi
|
||||
AC_CACHE_CHECK([whether <inttypes.h> macros produce warnings],
|
||||
[rjk_cv_inttypeswarnings],[
|
||||
- AC_TRY_COMPILE([#include <stddef.h>
|
||||
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <stddef.h>
|
||||
#include <stdio.h>
|
||||
-#include <inttypes.h>],
|
||||
- [uint64_t x=0;size_t sz=0;printf("%"PRIu64" %zu\n", x, sz);],
|
||||
+#include <inttypes.h>]],[
|
||||
+ [uint64_t x=0;size_t sz=0;printf("%"PRIu64" %zu\n", x, sz);]])],
|
||||
[rjk_cv_inttypeswarnings=no],
|
||||
[rjk_cv_inttypeswarnings=yes])
|
||||
])
|
||||
@@ -144,16 +144,16 @@ AC_DEFUN([RJK_GTKFLAGS],[
|
||||
AC_DEFUN([RJK_STAT_TIMESPEC],[
|
||||
AC_CACHE_CHECK([for timespec style in struct stat],[rjk_cv_stat_timespec],[
|
||||
rjk_cv_stat_timespec=none
|
||||
- AC_TRY_COMPILE([#include <sys/stat.h>],[
|
||||
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/stat.h>]],[[
|
||||
struct stat sb;
|
||||
sb.st_atim.tv_sec = 0;
|
||||
(void)sb;
|
||||
- ],[rjk_cv_stat_timespec=POSIX])
|
||||
- AC_TRY_COMPILE([#include <sys/stat.h>],[
|
||||
+ ]])],[rjk_cv_stat_timespec=POSIX],[])
|
||||
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <sys/stat.h>]],[[
|
||||
struct stat sb;
|
||||
sb.st_atimespec.tv_sec = 0;
|
||||
(void)sb;
|
||||
- ],[rjk_cv_stat_timespec=BSD])
|
||||
+ ]])],[rjk_cv_stat_timespec=BSD],[])
|
||||
])
|
||||
case "$rjk_cv_stat_timespec" in
|
||||
BSD )
|
||||
@@ -243,12 +243,12 @@ AC_DEFUN([RJK_SIZE_MAX],[
|
||||
AC_CHECK_SIZEOF([size_t])
|
||||
AC_CHECK_HEADERS([stdint.h])
|
||||
AC_CACHE_CHECK([for SIZE_MAX],[rjk_cv_size_max],[
|
||||
- AC_TRY_COMPILE([#include <limits.h>
|
||||
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <limits.h>
|
||||
#include <stddef.h>
|
||||
#if HAVE_STDINT_H
|
||||
# include <stdint.h>
|
||||
- #endif],
|
||||
- [size_t x = SIZE_MAX;++x;],
|
||||
+ #endif]],
|
||||
+ [[size_t x = SIZE_MAX;++x;]])],
|
||||
[rjk_cv_size_max=yes],
|
||||
[rjk_cv_size_max=no])
|
||||
])
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -17,14 +17,14 @@
|
||||
# USA
|
||||
|
||||
# Process this file with autoconf to produce a configure script.
|
||||
-AC_INIT(sftpserver, 2, rjk@greenend.org.uk)
|
||||
+AC_INIT([sftpserver],[2],[rjk@greenend.org.uk])
|
||||
AC_CONFIG_AUX_DIR([config.aux])
|
||||
AM_INIT_AUTOMAKE([foreign])
|
||||
AC_CONFIG_SRCDIR([alloc.c])
|
||||
-AM_CONFIG_HEADER([config.h])
|
||||
+AC_CONFIG_HEADERS([config.h])
|
||||
|
||||
AC_PROG_CC
|
||||
-AC_SET_MAKE
|
||||
+AC_PROG_MAKE_SET
|
||||
|
||||
#AC_PROG_LIBTOOL
|
||||
#AC_LIBTOOL_DLOPEN
|
|
@ -0,0 +1,21 @@
|
|||
From b5113a1a3fd72dca5d358ce8c8c7f387f7f9356b Mon Sep 17 00:00:00 2001
|
||||
From: Andy Pan <andy0130tw@yahoo.com.tw>
|
||||
Date: Mon, 13 Nov 2023 01:09:56 +0800
|
||||
Subject: [PATCH] Fix config script where rl_copy_text is not found in old
|
||||
libedit.
|
||||
|
||||
ref. https://github.com/gphoto/gphoto2/issues/381
|
||||
---
|
||||
configure.ac | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -41,6 +41,7 @@ AC_CHECK_LIB([socket],[socket])
|
||||
AC_CHECK_LIB([readline],[readline],
|
||||
[AC_SUBST([LIBREADLINE],[-lreadline])
|
||||
AC_DEFINE([HAVE_READLINE],[1],[define if you have a readline library])])
|
||||
+AC_CHECK_LIB([readline],[rl_copy_text])
|
||||
RJK_ICONV
|
||||
AC_DEFINE([_GNU_SOURCE], [1], [required for e.g. strsignal])
|
||||
AC_C_INLINE
|
|
@ -0,0 +1,21 @@
|
|||
From 5b944c94527555457ee76815351d50a662892929 Mon Sep 17 00:00:00 2001
|
||||
From: Andy Pan <andy0130tw@yahoo.com.tw>
|
||||
Date: Mon, 13 Nov 2023 01:13:35 +0800
|
||||
Subject: [PATCH] Do not print char >= 0x7f even if isprint returns nonzero
|
||||
|
||||
... which is seemingly caused by `setlocale(LC_CTYPE, "");`
|
||||
---
|
||||
debug.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
--- a/debug.c
|
||||
+++ b/debug.c
|
||||
@@ -75,7 +75,7 @@ void sftp_debug_hexdump(const void *ptr,
|
||||
output += 2;
|
||||
for(j = 0; j < 16; ++j)
|
||||
if(i + j < n)
|
||||
- *output++ = isprint(p[i + j]) ? p[i + j] : '.';
|
||||
+ *output++ = (isprint(p[i + j]) && p[i + j] < 0x7f) ? p[i + j] : '.';
|
||||
*output++ = '\n';
|
||||
*output = 0;
|
||||
fputs(buffer, debugfp);
|
|
@ -0,0 +1,127 @@
|
|||
From 1c589910e6726bfc2d01ec01092ae744174f7219 Mon Sep 17 00:00:00 2001
|
||||
From: Andy Pan <andy0130tw@yahoo.com.tw>
|
||||
Date: Thu, 16 Nov 2023 03:25:04 +0800
|
||||
Subject: [PATCH] Add an option --websocat in SFTP server
|
||||
|
||||
---
|
||||
configure.ac | 2 +-
|
||||
send.c | 8 ++++++++
|
||||
sftpclient.c | 3 +++
|
||||
sftpserver.c | 19 +++++++++++++++++++
|
||||
sftpserver.h | 7 +++++++
|
||||
5 files changed, 38 insertions(+), 1 deletion(-)
|
||||
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -41,7 +41,7 @@ AC_CHECK_LIB([socket],[socket])
|
||||
AC_CHECK_LIB([readline],[readline],
|
||||
[AC_SUBST([LIBREADLINE],[-lreadline])
|
||||
AC_DEFINE([HAVE_READLINE],[1],[define if you have a readline library])])
|
||||
-AC_CHECK_LIB([readline],[rl_copy_text])
|
||||
+AC_CHECK_LIB([readline],[rl_copy_text],[true])
|
||||
RJK_ICONV
|
||||
AC_DEFINE([_GNU_SOURCE], [1], [required for e.g. strsignal])
|
||||
AC_C_INLINE
|
||||
--- a/send.c
|
||||
+++ b/send.c
|
||||
@@ -93,6 +93,14 @@ void sftp_send_end(struct worker *w) {
|
||||
D(("%s:", sendtype));
|
||||
sftp_debug_hexdump(w->buffer + 4, w->bufused - 4);
|
||||
}
|
||||
+
|
||||
+ if (websocat_compatible) {
|
||||
+ uint32_t buf_prefix = htonl(w->bufused);
|
||||
+ if ((n = write(sftpout, &buf_prefix, 4)) != 4) {
|
||||
+ sftp_fatal("error sending response prefix: %s", strerror(errno));
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
/* Write the whole buffer, coping with short writes */
|
||||
written = 0;
|
||||
while((size_t)written < w->bufused)
|
||||
--- a/sftpclient.c
|
||||
+++ b/sftpclient.c
|
||||
@@ -132,6 +132,9 @@ static int forceversion;
|
||||
|
||||
static char *sftp_realpath(const char *path);
|
||||
|
||||
+/* used in server; unused in client. */
|
||||
+int websocat_compatible;
|
||||
+
|
||||
enum {
|
||||
OPT_QUIRK_REVERSE_SYMLINK = 256,
|
||||
OPT_STOP_ON_ERROR,
|
||||
--- a/sftpserver.c
|
||||
+++ b/sftpserver.c
|
||||
@@ -82,8 +82,14 @@ static const struct queuedetails workque
|
||||
const struct sftpprotocol *protocol = &sftp_preinit;
|
||||
const char sendtype[] = "response";
|
||||
|
||||
+int websocat_compatible;
|
||||
+
|
||||
/* Options */
|
||||
|
||||
+enum {
|
||||
+ OPT_WEBSOCAT_COMPATIBLE = 256,
|
||||
+};
|
||||
+
|
||||
static const struct option options[] = {
|
||||
{"help", no_argument, 0, 'h'},
|
||||
{"version", no_argument, 0, 'V'},
|
||||
@@ -99,6 +105,7 @@ static const struct option options[] = {
|
||||
{"ipv4", no_argument, 0, '4'},
|
||||
{"ipv6", no_argument, 0, '6'},
|
||||
#endif
|
||||
+ {"websocat", no_argument, 0, OPT_WEBSOCAT_COMPATIBLE},
|
||||
{"readonly", no_argument, 0, 'R'},
|
||||
{0, 0, 0, 0}};
|
||||
|
||||
@@ -121,6 +128,7 @@ static void attribute((noreturn)) help(v
|
||||
" -4|-6 Force IPv4 or IPv6 for --listen\n"
|
||||
" --background, -b Daemonize\n"
|
||||
#endif
|
||||
+ " --websocat Transmit length-prefixed messages\n"
|
||||
" --readonly, -R Read-only mode\n");
|
||||
exit(0);
|
||||
}
|
||||
@@ -498,6 +506,9 @@ int main(int argc, char **argv) {
|
||||
case 'C':
|
||||
config = optarg;
|
||||
break;
|
||||
+ case OPT_WEBSOCAT_COMPATIBLE:
|
||||
+ websocat_compatible = 1;
|
||||
+ break;
|
||||
default:
|
||||
exit(1);
|
||||
}
|
||||
@@ -664,6 +675,14 @@ static void sftp_service(void) {
|
||||
umask(0);
|
||||
while(sftp_state_get() != sftp_state_stop &&
|
||||
!sftp_xread(0, &len, sizeof len)) {
|
||||
+
|
||||
+ if (websocat_compatible) {
|
||||
+ /* discard the prefix and read again */
|
||||
+ if (sftp_xread(0, &len, sizeof len)) {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
job = sftp_xmalloc(sizeof *job);
|
||||
job->len = ntohl(len);
|
||||
if(!job->len || job->len > MAXREQUEST)
|
||||
--- a/sftpserver.h
|
||||
+++ b/sftpserver.h
|
||||
@@ -57,6 +57,13 @@
|
||||
# define NTHREADS 4
|
||||
# endif
|
||||
|
||||
+/* If true, operate in websocat-compatible mode.
|
||||
+ For use in conjunction with "lengthprefix:" overlay in websocat.
|
||||
+ See websocat's doc for detail.
|
||||
+ Prefix all outgoing messages with their length in uint32BE.
|
||||
+ Also expect incoming messages to be formatted in the same way. */
|
||||
+extern int websocat_compatible;
|
||||
+
|
||||
/** @brief Send an @ref SSH_FXP_STATUS message
|
||||
* @param job Job
|
||||
* @param status Status code
|
Loading…
Reference in New Issue