.Spotlight-V100
.Trashes
ehthumbs.db
-Thumbs.db
\ No newline at end of file
+Thumbs.db
+
+server/win32
\ No newline at end of file
--- /dev/null
+CXX = gcc
+FLAGS = -std=c99 -Wall -Werror -pedantic -g
+LIB = -lpthread -lfcgi
+OBJ = fastcgi.o
+RM = rm -f
+
+BIN = fast
+
+$(BIN) : $(OBJ)
+ $(CXX) $(FLAGS) -o $(BIN) $(OBJ) $(LIB)
+
+%.o : %.c
+ $(CXX) $(FLAGS) -c $<
+
+clean:
+ $(RM) $(BIN)
+ $(RM) *.o
+
+clean_full: #cleans up all backup files
+ $(RM) $(BIN) $(OBJ) $(LINKOBJ)
+ $(RM) *.*~
+ $(RM) *~
--- /dev/null
+/**
+ * @file fastcgi.c
+ * @purpose Runs the FCGI request loop to handle web interface requests.
+ *
+ * fcgi_stdio.h must be included before all else so the stdio function
+ * redirection works ok.
+ */
+
+#include <fcgi_stdio.h>
+#include "fastcgi.h"
+//#include "common.h"
+
+/**
+ * Extracts a key/value pair from a request string.
+ * Note that the input is modified by this function.
+ * @param in The string from which to extract the pair
+ * @param key A pointer to a variable to hold the key string
+ * @param value A pointer to a variable to hold the value string
+ * @return A pointer to the start of the next search location, or NULL if
+ * the EOL is reached.
+ */
+char *FCGI_KeyPair(char *in, const char **key, const char **value)
+{
+ char *ptr;
+ if (!in || !*in) { //Invalid input or string is EOL
+ return NULL;
+ }
+
+ *key = in;
+ //Find either = or &, whichever comes first
+ if ((ptr = strpbrk(in, "=&"))) {
+ if (*ptr == '&') { //No value specified
+ *value = ptr;
+ *ptr++ = 0;
+ } else {
+ //Stopped at an '=' sign
+ *ptr++ = 0;
+ *value = ptr;
+ if ((ptr = strchr(ptr,'&'))) {
+ *ptr++ = 0;
+ } else {
+ ptr = "";
+ }
+ }
+ } else { //No value specified and no other pair
+ ptr = "";
+ *value = ptr;
+ }
+ return ptr;
+}
+
+/**
+ * Begins a response to the client in JSON format.
+ * @param status_code The HTTP status code to be returned.
+ * @param module The name of the module that initiated the response.
+ */
+void FCGI_BeginJSON(StatusCodes status_code, const char *module)
+{
+ switch (status_code) {
+ case STATUS_OK:
+ break;
+ case STATUS_UNAUTHORIZED:
+ printf("Status: 401 Unauthorized\r\n");
+ break;
+ default:
+ printf("Status: 400 Bad Request\r\n");
+ }
+ printf("Content-type: application/json; charset=utf-8\r\n\r\n");
+ printf("{\r\n");
+ printf("\t\"module\" : \"%s\"", module);
+}
+
+/**
+ * Adds a key/value pair to a JSON response. The response must have already
+ * been initiated by FCGI_BeginJSON. Note that characters are not escaped.
+ * @param key The key of the JSON entry
+ * ¶m value The value associated with the key.
+ */
+void FCGI_BuildJSON(const char *key, const char *value)
+{
+ printf(",\r\n\t\"%s\" : \"%s\"", key, value);
+}
+
+/**
+ * Ends a JSON response that was initiated by FCGI_BeginJSON.
+ */
+void FCGI_EndJSON()
+{
+ printf("\r\n}\r\n");
+}
+
+/**
+ * Main FCGI request loop that receives/responds to client requests.
+ * @param data A data field to be passed to the selected module handler.
+ */
+void FCGI_RequestLoop (void *data)
+{
+ int count = 0;
+ while (FCGI_Accept() >= 0) {
+ ModuleHandler module_handler = NULL;
+ char module[BUFSIZ], params[BUFSIZ];
+
+ //strncpy doesn't zero-truncate properly
+ snprintf(module, BUFSIZ, "%s", getenv("DOCUMENT_URI_LOCAL"));
+ snprintf(params, BUFSIZ, "%s", getenv("QUERY_STRING"));
+
+ //Remove trailing slashes (if present) from module query
+ size_t lastchar = strlen(module) - 1;
+ if (lastchar > 0 && module[lastchar] == '/')
+ module[lastchar] = 0;
+
+
+ if (!strcmp("sensors", module)) {
+ //module_handler = Handler_Sensors;
+ } else if (!strcmp("actuators", module)) {
+
+ }
+
+ if (module_handler) {
+ module_handler(data, params);
+ } else {
+ char buf[BUFSIZ];
+
+ FCGI_BeginJSON(400, module);
+ FCGI_BuildJSON("description", "400 Invalid response");
+ snprintf(buf, BUFSIZ, "%d", count);
+ FCGI_BuildJSON("request-number", buf);
+ FCGI_BuildJSON("params", params);
+ FCGI_BuildJSON("host", getenv("SERVER_HOSTNAME"));
+ FCGI_EndJSON();
+ }
+
+ count++;
+ }
+}
--- /dev/null
+/**
+ * @file fastcgi.h
+ * @purpose Headers for the fastcgi web interface
+ */
+
+#ifndef _FASTCGI_H
+#define _FASTCGI_H
+
+/**HTTP status codes that fcgi module handlers can return**/
+typedef enum StatusCodes {
+ STATUS_OK = 200,
+ STATUS_BADREQUEST = 400,
+ STATUS_UNAUTHORIZED = 401
+} StatusCodes;
+
+typedef void (*ModuleHandler) (void *data, char *params);
+
+extern char *FCGI_KeyPair(char *in, const char **key, const char **value);
+extern void FCGI_BeginJSON(StatusCodes status_code, const char *module);
+extern void FCGI_BuildJSON(const char *key, const char *value);
+extern void FCGI_EndJSON();
+extern void FCGI_RequestLoop (void *data);
+#endif
+++ /dev/null
-#include "fcgi_stdio.h" /* fcgi library; put it first*/
-#include <stdlib.h>
-
-/*
- But the suggestion was: FunctionName, variable_name (local or member),
- Structure, ENUMVALUE, Extern_FunctionName, g_global
-*/
-
-typedef struct Data Data;
-
-typedef void (*ModuleHandler) (Data *data, const char *params);
-
-static void SensorsHandler(Data *data, const char *params) {
- printf("Sensors module!<br>");
-}
-
-/*
- API Schema:
- Sensors:
- /cgi/sensors?get=x
- *get=x is optional. Retrieves info for sensor with id x
- Devices:
- /cgi/devices?status=x&power=y&id=z
- *status and power is optional
- *status retrieves whether device with id x is operational
- *power tells whether or not to power on/off the device with id z
-
- Response format:
- 200 OK if request was ok
- 400 bad request for malformed request
-
-*/
-int main (int argc, char *argv[])
-{
- Data *data = NULL;
- int count = 0;
-
- //FCGI Accept loop
- while (FCGI_Accept() >= 0) {
- ModuleHandler module_handler = NULL;
- const char *module = getenv("DOCUMENT_URI_LOCAL");
- const char *params = getenv("QUERY_STRING");
-
- if (!strcmp("sensors", module)) {
- module_handler = SensorsHandler; //Replace with pointer to sensors handler
- } else if (!strcmp("admin"), module) {
- module_handler = NULL; //Replace with pointer to admin handler
- printf("Admin module selected!\n");
- }
-
- if (module_handler) {
- printf("Content-type: text/html\r\n\r\n"); //Replace with actual type
- module_handler(data, params);
- } else {
- printf("Status: 400 Bad Request\r\n"
- "Content-type: text/html\r\n\r\n"
- "<title>400 Bad Request</title>\n"
- "Unknown module '%s' selected.<br>\n",
- module);
- }
-
- //Debgging:
- printf("Module: %s, Params: %s<br>\n", module, params);
- printf("Request number %d, host <i>%s</i>\n",
- count++, getenv("SERVER_HOSTNAME"));
- }
-}
--- /dev/null
+#include <openssl/sha.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#define SALT_LENGTH 20
+
+int ReadBytes(char *str, unsigned char *buffer, size_t buffer_length) {
+ unsigned i, val;
+ if (strlen(str) != buffer_length * 2)
+ return 0;
+ for (i = 0; i < buffer_length; i++) {
+ sscanf(str + i*2, "%2x", &val);
+ buffer[i] = (unsigned char) val;
+ }
+ return 1;
+}
+
+unsigned char *HashPass(const char *pass, unsigned char salt[SALT_LENGTH]) {
+ unsigned char *buffer, *result;
+ size_t pass_length = strlen(pass);
+ size_t buffer_length = pass_length + SALT_LENGTH;
+ buffer = malloc(buffer_length * sizeof(unsigned char));
+ if (!buffer)
+ return NULL;
+
+ memcpy(buffer, pass, pass_length);
+ memcpy(buffer + pass_length, salt, SALT_LENGTH);
+ result = SHA1(buffer, buffer_length, NULL);
+ free(buffer);
+
+ return result;
+}
+
+int WriteUserPass(FILE *fp, const char *user, const char *pass) {
+ unsigned char salt[SALT_LENGTH], *sha1;
+ size_t i;
+
+ FILE *fpr = fopen("/dev/urandom", "r");
+ if (!fpr)
+ return 0;
+ fread(salt, sizeof(unsigned char), SALT_LENGTH, fpr);
+ fclose(fpr);
+
+ if (!fp)
+ return 0;
+
+ sha1 = HashPass(pass, salt);
+ if (!sha1)
+ return 0;
+
+ fprintf(fp, "%s:", user);
+ for (i = 0; i < SALT_LENGTH; i++) {
+ fprintf(fp, "%02x", salt[i]);
+ }
+ fprintf(fp, "$");
+ for (i = 0; i < 20; i++) {
+ fprintf(fp, "%02x", sha1[i]);
+ }
+ fprintf(fp, "\n");
+
+ return 1;
+}
+
+int CheckUserPass(const char *passfile, const char *cuser, const char *cpass) {
+ FILE *fp = fopen(passfile, "r");
+ char buffer[BUFSIZ];
+ int ret = 0;
+ if (!fp)
+ return 0;
+
+ while (fgets(buffer, BUFSIZ, fp)) {
+ char *user, *salt, *hash, *ptr;
+
+ user = buffer;
+ ptr = strchr(buffer, ':');
+ if (ptr) {
+ *ptr++ = 0;
+ salt = ptr;
+ ptr = strchr(ptr, '$');
+ if (ptr) {
+ *ptr++ = 0;
+ hash = ptr;
+ ptr = strchr(ptr, '\n');
+ if (ptr)
+ *ptr = 0;
+
+ if (strlen(hash) != 20 * 2) {
+ printf("Invalid SHA-1 hash: %s\n", hash);
+ continue;
+ } else if (strlen(salt) != SALT_LENGTH * 2) {
+ printf("Invalid salt length: %s\n", salt);
+ continue;
+ } else if (strcmp(user, cuser)) {
+ continue;
+ }
+
+ unsigned char saltbytes[SALT_LENGTH], hashbytes[20];
+ ReadBytes(salt, saltbytes, SALT_LENGTH);
+ ReadBytes(hash, hashbytes, 20);
+ if (!memcmp(HashPass(cpass, saltbytes), hashbytes, 20)) {
+ printf("Matched with user: %s\n", cuser);
+ ret = 1;
+ break;
+ }
+
+ }
+ }
+ }
+
+ fclose(fp);
+ return ret;
+}
+
+int main(int argc, char *argv[]) {
+ if (argc != 4) {
+ printf("Usage: %s user pass fname\n", argv[0]);
+ return 1;
+ }
+
+ FILE *fp = fopen(argv[3], "w");
+
+ if (!WriteUserPass(fp, argv[1], argv[2])) {
+ fprintf(stderr, "Failed to hash: %s:%s\n", argv[1], argv[2]);
+ return 1;
+ }
+ fclose(fp);
+
+ CheckUserPass(argv[3], argv[1], argv[2]);
+ return 0;
+}
--- /dev/null
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset="utf-8">
+ <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
+ <title>FastCGI API Test</title>
+ <style>
+ body {
+ font-family: "Trebuchet MS", "Verdana", "Arial", "Sans";
+ font-size: 12px;
+ margin: 1em;
+ }
+ h2 {
+ border-bottom: 1px solid gray;
+ }
+ .io {
+ border: 1px solid gray;
+ padding: 0.5em;
+ margin: 1em;
+ min-height: 5em;
+ background-color: GhostWhite;
+ }
+ </style>
+
+ <script>
+ $(document).ready(function()
+ {
+ $('#inputquery').submit(function ()
+ {
+ $('#output').text("Submitting query...");
+ var query = $('#inputquery').find('input[name="query"]').val();
+
+ var d = new Date();
+ var start = d.getMilliseconds();
+ var domain = document.domain == "mctx.us.to" ? "mctx.us.to:8080" : document.domain;
+ $.getJSON('http://'+domain+'/api/'+query, function(data) {
+ var items = [];
+ var timeDiff = d.getMilliseconds() - start; //Not precise at all, use web console
+
+ $.each(data, function(key, val) {
+ items.push('<li>"' + key + '" : "' + val + '"</li>');
+ });
+
+
+ $('#output').html("Response ok (" + timeDiff + "ms)! Output:<br>");
+ $('<ul/>', {
+ html: items.join("\n")
+ }).appendTo('#output');
+
+ }).fail(function(jqXHR) {
+ $('#output').text("Query failed with response code: " + jqXHR.status);
+ });
+ return false;
+ });
+ });
+ </script>
+ </head>
+
+ <body>
+ <h1>FastCGI API Test</h1>
+ The API is located at: <a href="http://mctx.us.to:8080/api/">http://mctx.us.to:8080/api/</a><br>
+ <h2>Input</h2>
+ Place a query string here. Examples include:<br>
+ <ul>
+ <li><pre>sensors?key=value&key2</pre></li>
+ <li><pre>doesntexist?f</pre></li>
+ </ul>
+ Response times are inaccurate via JavaScript. Use the web console of
+ your browser to determine how long the query takes.<br>
+ Hopefully this doesn't break!
+ <div class="io">
+ <form id="inputquery" name="input" action="#">
+ Query string: <input type="text" name="query"><br>
+ <input type="submit" value="Submit">
+ </form>
+ </div>
+
+ <h2>Output</h2>
+ <div id="output" class="io">
+ </div>
+ </body>
+</html>
--- /dev/null
+#!/bin/bash
+
+USER=www-data
+GROUP=www-data
+HOST=127.0.0.1
+PORT=9005
+
+CGI_NAME=/usr/bin/mctxserv
+CGI_BASENAME=`basename $CGI_NAME`
+PID=/var/run/$CGI_BASENAME.pid
+DAEMON=/usr/bin/spawn-fcgi
+DAEMON_BASENAME=`basename $DAEMON`
+DAEMON_OPTS="-a $HOST -p $PORT -u $USER -g $GROUP -P $PID $CGI_NAME"
+
+#Test if daemon exists
+[ -x "$DAEMON" ] || (echo $DAEMON doesn\'t exist! && exit 1)
+#Test if cgi module exists
+[ -x "$CGI_NAME" ] || (echo $CGI_BASENAME doesn\'t exist! && exit 1)
+
+start() {
+ echo -n "Starting FastCGI Daemon: "
+ start-stop-daemon --start --quiet --pidfile $PID \
+ --exec $DAEMON -- $DAEMON_OPTS > /dev/null
+ RETVAL=$?
+ echo "$CGI_BASENAME."
+}
+stop() {
+ echo -n "Stopping FastCGI Daemon: "
+ start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile $PID
+ RETVAL=$?
+ echo "$CGI_BASENAME."
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ *)
+ echo "Usage: mctxserv {start|stop|restart}"
+ exit 1
+ ;;
+esac
+exit $RETVAL
#Custom cgi
- location ~ ^/cgi/([^?]*) {
+ location ~ ^/api/?([^?]*) {
fastcgi_pass 127.0.0.1:9005;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_HOSTNAME mctxsoft;