Removed/changed secrets, no more secrets in git
This commit is contained in:
parent
9575a71cc2
commit
32956e2591
|
@ -1,23 +0,0 @@
|
|||
#! /bin/sh
|
||||
|
||||
cd /home/neale/lib/images/chumby
|
||||
|
||||
echo Content-type: image/jpeg
|
||||
echo
|
||||
|
||||
fn=$(ls *.jpg | shuf | head -n1)
|
||||
|
||||
# Guess at scale based on file size
|
||||
s=$(du "$fn" | cut -d' ' -f1)
|
||||
if [ $s -lt 100 ]; then
|
||||
scale=1/1
|
||||
elif [ $s -lt 1000 ]; then
|
||||
scale=1/2
|
||||
elif [ $s -lt 10000 ]; then
|
||||
scale=1/4
|
||||
else
|
||||
scale=1/8
|
||||
fi
|
||||
|
||||
djpeg -scale $scale "$fn" | pnmscale -xysize 320 240 | cjpeg
|
||||
|
13
dirlist
13
dirlist
|
@ -1,13 +0,0 @@
|
|||
#! /bin/sh
|
||||
|
||||
cat $1; shift
|
||||
|
||||
echo '<dl>'
|
||||
for i in "$@"; do
|
||||
size=$(du --si $i | cut -f1)
|
||||
desc=$(sed -n '1,3 s/.*\(Description: \|Title: \|-- \)//p' $i)
|
||||
fn=$(basename $i)
|
||||
echo " <dt><a href=\"$fn\">$fn</a> ($size)</dt>"
|
||||
echo " <dd>$desc</dd>"
|
||||
done
|
||||
echo '</dl>'
|
31
g.cgi.go
31
g.cgi.go
|
@ -1,6 +1,7 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"crypto/md5"
|
||||
"fmt"
|
||||
"log"
|
||||
|
@ -9,12 +10,9 @@ import (
|
|||
"strings"
|
||||
)
|
||||
|
||||
const GitProjectRoot = "/home/neale/projects"
|
||||
|
||||
// printf "USER:PASS" | base64 | while read a; do printf "%s" "$a" | md5sum; done
|
||||
var allowed = []string{
|
||||
"2c64993e88c06e297d4f01cf3b5aebdf", // neale
|
||||
}
|
||||
const AuthFilename = "/home/neale/.config/g.cgi/authorization"
|
||||
const GitProjectRoot = "/home/neale/projects"
|
||||
|
||||
func execv(name string, arg ...string) {
|
||||
c := exec.Command(name, arg...)
|
||||
|
@ -32,6 +30,7 @@ func Authenticated() bool {
|
|||
return false
|
||||
}
|
||||
|
||||
// Build up a string to match
|
||||
parts := strings.Split(auth, " ")
|
||||
switch {
|
||||
case len(parts) != 2:
|
||||
|
@ -43,8 +42,19 @@ func Authenticated() bool {
|
|||
hash := md5.Sum([]byte(parts[1]))
|
||||
hashhex := fmt.Sprintf("%x", hash)
|
||||
|
||||
for _, a := range allowed {
|
||||
if a == hashhex {
|
||||
authfile, err := os.Open(AuthFilename)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
defer authfile.Close()
|
||||
|
||||
scanner := bufio.NewScanner(authfile)
|
||||
for scanner.Scan() {
|
||||
line := scanner.Text()
|
||||
if line == "" || strings.HasPrefix(line, "#") {
|
||||
continue;
|
||||
}
|
||||
if line == hashhex {
|
||||
os.Setenv("AUTH_TYPE", parts[0])
|
||||
os.Setenv("REMOTE_USER", "XXX-neale")
|
||||
return true
|
||||
|
@ -79,12 +89,11 @@ func main() {
|
|||
//log.SetOutput(os.Stdout)
|
||||
//log.SetPrefix("Status: 500 CGI Go Boom\nContent-type: text/plain\n\nERROR: ")
|
||||
|
||||
os.Setenv("GIT_PROJECT_ROOT", GitProjectRoot)
|
||||
|
||||
uri := os.Getenv("REQUEST_URI")
|
||||
switch {
|
||||
case strings.HasSuffix(uri, "git-receive-pack"):
|
||||
case strings.HasSuffix(uri, "git-upload-pack") || strings.HasSuffix(uri, "git-receive-pack"):
|
||||
if Authenticated() {
|
||||
os.Setenv("GIT_PROJECT_ROOT", GitProjectRoot)
|
||||
execv("git", "http-backend")
|
||||
} else {
|
||||
fmt.Println("Status: 401 Not Authorized")
|
||||
|
@ -93,8 +102,6 @@ func main() {
|
|||
fmt.Println()
|
||||
fmt.Println("Nope", os.Getenv("HTTP_AUTHORIZATION"))
|
||||
}
|
||||
case strings.HasSuffix(uri, "git-upload-pack"):
|
||||
execv("git", "http-backend")
|
||||
default:
|
||||
notice()
|
||||
}
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
#include <unistd.h>
|
||||
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
chdir("/home/neale/lib/geneweb");
|
||||
execl("/usr/bin/gwd", "gwd", "-cgi", NULL);
|
||||
return 0;
|
||||
}
|
File diff suppressed because one or more lines are too long
After Width: | Height: | Size: 61 KiB |
|
@ -1 +0,0 @@
|
|||
COPY += $(wildcard images/*.png images/*.gif images/*.jpg)
|
Binary file not shown.
After Width: | Height: | Size: 8.3 KiB |
4
install
4
install
|
@ -1,4 +1,4 @@
|
|||
#! /bin/sh
|
||||
#!/bin/sh
|
||||
|
||||
DESTDIR=${1:-/home/neale/public_html}
|
||||
GOPATH=$HOME/go export GOPATH
|
||||
|
@ -74,7 +74,7 @@ git ls-files | while read fn; do
|
|||
*/install)
|
||||
install $fn
|
||||
;;
|
||||
trigger.cgi.go)
|
||||
trigger.cgi.go|g.cgi.go)
|
||||
gc $fn
|
||||
setuid $fn
|
||||
;;
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
COPY += $(wildcard misc/*.png)
|
||||
COPY += $(wildcard misc/*.jpg)
|
||||
COPY += misc/chupas.svg
|
||||
COPY += misc/cherry-bombs.svg
|
||||
|
87
mp.cgi.go
87
mp.cgi.go
|
@ -1,87 +0,0 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"net"
|
||||
"fmt"
|
||||
"time"
|
||||
"sync"
|
||||
)
|
||||
|
||||
// Internal port: 19132
|
||||
var hosts = []HostEntry{
|
||||
{"h.woozle.org:26548", "Ginnie"},
|
||||
{"h.dirtbags.net:29837", "Neale"},
|
||||
}
|
||||
|
||||
const MAGIC = "\x00\xff\xff\x00\xfe\xfe\xfe\xfe\xfd\xfd\xfd\xfd\x12\x34\x56\x78"
|
||||
|
||||
func isAlive(host string) bool {
|
||||
conn, err := net.Dial("udp", host)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
conn.SetReadDeadline(time.Now().Add(5 * time.Second))
|
||||
|
||||
pkt := "\x01" + "\x00\x00\x00\x00MERF" + MAGIC
|
||||
conn.Write([]byte(pkt))
|
||||
|
||||
resp := make([]byte, 40)
|
||||
rlen, err := conn.Read(resp)
|
||||
if (err != nil) || (rlen == 0) {
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
var wg sync.WaitGroup
|
||||
|
||||
func waitClose(c chan<- string) {
|
||||
wg.Wait()
|
||||
close(c)
|
||||
}
|
||||
|
||||
type HostEntry struct {
|
||||
host string
|
||||
owner string
|
||||
}
|
||||
|
||||
func ping(results chan<- string, e HostEntry) {
|
||||
defer wg.Done()
|
||||
if isAlive(e.host) {
|
||||
results <- e.owner
|
||||
}
|
||||
}
|
||||
|
||||
func main() {
|
||||
results := make(chan string, 5)
|
||||
|
||||
for _, host := range hosts {
|
||||
wg.Add(1)
|
||||
go ping(results, host)
|
||||
}
|
||||
go waitClose(results)
|
||||
|
||||
fmt.Println("Content-type: text/html")
|
||||
fmt.Println("")
|
||||
fmt.Println("<!DOCTYPE html>")
|
||||
fmt.Println("<html>")
|
||||
fmt.Println("<head>")
|
||||
fmt.Println("<meta name=\"viewport\" content=\"width=device-width\">")
|
||||
fmt.Println("<style type=\"text/css\">#a{font-size: 120%; background: silver;}</style>")
|
||||
fmt.Println("<title>Minecraft PE ping</title></head>")
|
||||
fmt.Println("<body>")
|
||||
fmt.Println("<h1>Who is playing Minecraft PE?</h1>")
|
||||
fmt.Println("<ul id=\"a\">")
|
||||
count := 0
|
||||
for msg := range results {
|
||||
fmt.Printf("<li>%s</li>\n", msg)
|
||||
count += 1
|
||||
}
|
||||
fmt.Println("</ul>")
|
||||
if count == 0 {
|
||||
fmt.Println("<p>Sorry, looks like nobody's playing right now.</p>")
|
||||
}
|
||||
fmt.Println("</body></html>")
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
COPY += $(wildcard papers/clovis-*.png)
|
114
portal.cgi
114
portal.cgi
|
@ -1,114 +0,0 @@
|
|||
#! /bin/sh
|
||||
|
||||
case "$HTTP_USER_AGENT" in
|
||||
*MIDP*)
|
||||
TINY=1
|
||||
NOCAL=1
|
||||
;;
|
||||
*Mobile*)
|
||||
NOCAL=1
|
||||
;;
|
||||
esac
|
||||
|
||||
weather () {
|
||||
curl -s 'http://rss.wunderground.com/auto/rss_full/NM/Los_Alamos.xml?units=metric' | \
|
||||
awk -F ' [-:] ' '
|
||||
(/Current Conditions/) {
|
||||
print "<p class=\"weather\"><a href=\"http://m.wund.com/cgi-bin/findweather/getForecast?brand=mobile&query=87544\">" $2 "</a></p>";
|
||||
}
|
||||
|
||||
(c == 2) {
|
||||
print "<p class=\"weather\">" $0 "</p>";
|
||||
exit;
|
||||
}
|
||||
|
||||
(/CDATA/) {
|
||||
c++;
|
||||
}'
|
||||
|
||||
}
|
||||
|
||||
section () {
|
||||
echo "<h2><a href=\"$2\">$1</a></h2>"
|
||||
echo "<ul>"
|
||||
[ "$TINY" ] && pfx="http://news.google.com/gwt/x?u="
|
||||
curl -s "$3" | \
|
||||
awk -F '>' -v RS='<' -v m=${4:-5} -v pfx="$pfx" '
|
||||
(/^item[> ]/) {
|
||||
a++;
|
||||
}
|
||||
|
||||
(/^title/) {
|
||||
title=$2;
|
||||
}
|
||||
|
||||
(a && a<m+1 && /^link/) {
|
||||
l=$2;
|
||||
sub(/.*url=/, "", l);
|
||||
print "<li><a href=\"" pfx l "\">" title "</a></li>";
|
||||
}'
|
||||
|
||||
echo "</ul>"
|
||||
}
|
||||
|
||||
cat <<EOF
|
||||
Content-type: text/html; charset=utf-8
|
||||
Refresh: 500
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Houyhnhnm</title>
|
||||
<style type="text/css">
|
||||
h1 {
|
||||
font-size: large;
|
||||
font-weight: bold;
|
||||
text-align: center;
|
||||
}
|
||||
h2 {
|
||||
font-size: large;
|
||||
font-weight: normal;
|
||||
font-style: italic;
|
||||
}
|
||||
.calendar {
|
||||
height: 300px;
|
||||
float: right;
|
||||
}
|
||||
</style>
|
||||
<link rel="icon" type="image/png" href="portal.png">
|
||||
<meta name="viewport" content="width=device-width" />
|
||||
</head>
|
||||
<body>
|
||||
EOF
|
||||
|
||||
if ! [ "$NOCAL" ]; then
|
||||
printf '<iframe class="calendar" src="%s"></iframe>\n' \
|
||||
'https://www.google.com/calendar/embed?title=Calendar&showTitle=0&showDate=0&showPrint=0&showTz=0&mode=AGENDA&height=350&wkst=1&bgcolor=%23FFFFFF&src=2cdrf19kah6jkonhom8evck38c%40group.calendar.google.com&color=%23333333&src=s531giqfiotabht4qrn59tjf9g%40group.calendar.google.com&color=%231B887A&src=dartcatcher%40gmail.com&color=%23125A12&src=laderbydames%40gmail.com&color=%2323164E&src=uulosalamos.org_gu7e0s8dsh1tn8iktt468tk95k%40group.calendar.google.com&color=%232F6309&src=en.usa%23holiday%40group.v.calendar.google.com&color=%238D6F47&ctz=America%2FDenver'
|
||||
fi
|
||||
|
||||
if [ "$TINY" ]; then
|
||||
echo '<form action="http://www.google.com/"><input name="q" size="12"><input type="submit" value="G">'
|
||||
echo '</form>'
|
||||
fi
|
||||
|
||||
weather
|
||||
|
||||
section LA \
|
||||
'http://ladailypost.com/' \
|
||||
'http://www.ladailypost.com/rss.xml'
|
||||
section "Ars Technica" \
|
||||
'http://m.arstechnica.com/' \
|
||||
'http://feeds.arstechnica.com/arstechnica/index?format=xml'
|
||||
section NPR \
|
||||
'http://thin.npr.org/t.php?tid=1001' \
|
||||
'http://www.npr.org/rss/rss.php?id=1001'
|
||||
section CSM \
|
||||
'http://www.csmonitor.com/textedition' \
|
||||
'http://rss.csmonitor.com/feeds/csm'
|
||||
section AJE \
|
||||
'http://m.aljazeera.net' \
|
||||
'http://www.aljazeera.com/Services/Rss/?PostingId=2007731105943979989'
|
||||
cat <<EOF
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
BIN
portal.png
BIN
portal.png
Binary file not shown.
Before Width: | Height: | Size: 929 B |
99
slack.cgi.c
99
slack.cgi.c
|
@ -1,99 +0,0 @@
|
|||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stdbool.h>
|
||||
#include <unistd.h> // only for chdir
|
||||
#include <stdio.h>
|
||||
|
||||
#include "cgi.h"
|
||||
|
||||
char const *botdir = "/home/neale/bot";
|
||||
|
||||
void
|
||||
jputchar(unsigned char c)
|
||||
{
|
||||
if (c == '\n') {
|
||||
printf("\\n");
|
||||
} else if (c < 0x20) {
|
||||
printf("\\u%04x", c);
|
||||
} else if ((c == '\\') || (c == '"')) {
|
||||
putchar('\\');
|
||||
putchar(c);
|
||||
} else {
|
||||
putchar(c);
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
char key[80];
|
||||
char val[2000];
|
||||
|
||||
bool its_me = false;
|
||||
|
||||
cgi_init(argv);
|
||||
|
||||
for (;;) {
|
||||
size_t len;
|
||||
|
||||
len = cgi_item(key, sizeof(key));
|
||||
len = cgi_item(val, sizeof(val));
|
||||
|
||||
if (0 == len) {
|
||||
break;
|
||||
}
|
||||
|
||||
if (0 == strcmp(key, "user_id")) {
|
||||
if (0 == strcmp(val, "USLACKBOT")) {
|
||||
its_me = true;
|
||||
}
|
||||
} else if (0 == strcmp(key, "channel_name")) {
|
||||
char chan[40];
|
||||
|
||||
snprintf(chan, sizeof(chan), "#%s", val);
|
||||
setenv("forum", chan, true);
|
||||
} else if (0 == strcmp(key, "user_name")) {
|
||||
setenv("sender", val, true);
|
||||
} else if (0 == strcmp(key, "text")) {
|
||||
setenv("text", val, true);
|
||||
} else if (0 == strcmp(key, "token")) {
|
||||
setenv("token", val, true);
|
||||
}
|
||||
}
|
||||
|
||||
cgi_header("text/json");
|
||||
|
||||
if (its_me) {
|
||||
printf("{}");
|
||||
return 0;
|
||||
}
|
||||
|
||||
setenv("command", "PRIVMSG", true);
|
||||
|
||||
chdir(botdir);
|
||||
{
|
||||
FILE *p = popen("./handler", "r");
|
||||
int newlines = 0;
|
||||
|
||||
printf("{\"text\":\"");
|
||||
for (;;) {
|
||||
int c = fgetc(p);
|
||||
|
||||
if (EOF == c) {
|
||||
break;
|
||||
} else if ('\n' == c) {
|
||||
newlines += 1;
|
||||
} else {
|
||||
for (; newlines > 0; newlines -= 1) {
|
||||
jputchar('\n');
|
||||
}
|
||||
jputchar(c);
|
||||
}
|
||||
}
|
||||
printf("\",\"parse\":\"full\"}\n");
|
||||
|
||||
pclose(p);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
17
src/src.mk
17
src/src.mk
|
@ -1,17 +0,0 @@
|
|||
HTML += $(patsubst %.mdwn, %.html, $(wildcard src/*.mdwn src/*/*.mdwn))
|
||||
|
||||
HTML += $(patsubst %/index.head.mdwn, %/index.html, $(wildcard src/*/index.head.mdwn))
|
||||
|
||||
COPY += $(wildcard src/ipqueue/*.tar.*) src/eguile/eguile.scm
|
||||
|
||||
include src/*/*.mk
|
||||
|
||||
$(DESTDIR)/src/%/index.html: src/%/index.head.mdwn
|
||||
@mkdir -p $(@D)
|
||||
cp $(wordlist 2, $(words $^), $^) $(@D)
|
||||
./dirlist $+ | $(MDWNTOHTML) > $@
|
||||
|
||||
|
||||
$(DESTDIR)/src/misc/index.html: src/misc/*
|
||||
$(DESTDIR)/src/postscript/index.html: src/postscript/*.ps
|
||||
$(DESTDIR)/src/python/index.html: src/python/*.py
|
|
@ -1,4 +0,0 @@
|
|||
PLAIN += toys
|
||||
|
||||
COPY += $(wildcard toys/*.cgi toys/cards/*.png)
|
||||
COPY += toys/timer.html
|
|
@ -11,7 +11,7 @@ import (
|
|||
"os"
|
||||
)
|
||||
|
||||
const authtok = "~!Jf5!uYFxhK"
|
||||
// These are not actually secrets, and get posted around various forums
|
||||
const clientId = "81527cff06843c8634fdc09e8ac0abefb46ac849f38fe1e431c2ef2106796384"
|
||||
const clientSec = "c7257eb71a564034f9419ee651c7d0e5f7aa6bfbd18bafb5c5c033b093bb2fa3"
|
||||
|
||||
|
@ -42,16 +42,18 @@ type Handler struct {
|
|||
cgi.Handler
|
||||
}
|
||||
|
||||
func (h Handler) TriggerHvac(w http.ResponseWriter, r *http.Request) {
|
||||
os.Setenv("HOME", "/home/neale")
|
||||
func getSecret(host string) netrc.Entry {
|
||||
n, _ := netrc.Parse()
|
||||
secrets := n["gitosis.com"] // Requiring a password here is such bullshit.
|
||||
return n[host]
|
||||
}
|
||||
|
||||
func (h Handler) TriggerHvac(w http.ResponseWriter, r *http.Request) {
|
||||
secret := getSecret("teslamotors.com")
|
||||
auth := tesla.Auth{
|
||||
ClientID: clientId,
|
||||
ClientSecret: clientSec,
|
||||
Email: secrets.Login,
|
||||
Password: secrets.Password,
|
||||
Email: secret.Login,
|
||||
Password: secret.Password,
|
||||
}
|
||||
cli, err := tesla.NewClient(&auth)
|
||||
if err != nil {
|
||||
|
@ -83,7 +85,8 @@ func (h Handler) TriggerHvac(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
if r.FormValue("auth") != authtok {
|
||||
secret := getSecret("host:trigger.cgi")
|
||||
if r.FormValue("auth") != secret.Password {
|
||||
http.Error(w, "Invalid authtok", 401)
|
||||
return
|
||||
}
|
||||
|
@ -101,6 +104,7 @@ func main() {
|
|||
log.SetOutput(os.Stdout)
|
||||
log.SetFlags(0)
|
||||
log.SetPrefix("Status: 500 CGI Go Boom\nContent-type: text/plain\n\nERROR: ")
|
||||
os.Setenv("HOME", "/home/neale") // required by netrc library
|
||||
h := Handler{}
|
||||
if err := cgi.Serve(h); err != nil {
|
||||
log.Fatal(err)
|
||||
|
|
Loading…
Reference in New Issue