# HG changeset patch # User John "Elwin" Edwards # Date 1336432139 25200 # Node ID ad0a31e5200742e3b090f381cf710379becbab43 # Parent d1b3c3af34d69ec43918e93e540d6651a8990d3d Call the dgl replacement rlgwebd instead of webttyd. diff -r d1b3c3af34d6 -r ad0a31e52007 index-rlg.html --- a/index-rlg.html Mon May 07 16:03:10 2012 -0700 +++ b/index-rlg.html Mon May 07 16:08:59 2012 -0700 @@ -1,14 +1,14 @@ -WebTTY +RLG-Web -

WebTTY

+

RLG-Web

bell diff -r d1b3c3af34d6 -r ad0a31e52007 rlgwebd.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/rlgwebd.js Mon May 07 16:08:59 2012 -0700 @@ -0,0 +1,526 @@ +#!/usr/bin/env node + +// If you can't quite trust node to find it on its own +var localModules = '/usr/local/lib/node_modules/'; +var http = require('http'); +var url = require('url'); +var path = require('path'); +var fs = require('fs'); +var child_process = require('child_process'); +var daemon = require(path.join(localModules, "daemon")); + +var chrootDir = "/var/dgl/"; +var dropToUID = 501; +var dropToGID = 501; +var serveStaticRoot = "/var/www/"; // inside the chroot +var passwdfile = "/dgldir/dgl-login"; +var sessions = {}; + +var games = { + "rogue3": { + "name": "Rogue V3", + "uname": "rogue3", + "path": "/bin/rogue3" + }, + "rogue4": { + "name": "Rogue V4", + "uname": "rogue4", + "path": "/bin/rogue4" + }, + "rogue5": { + "name": "Rogue V5", + "uname": "rogue5", + "path": "/bin/rogue5" + }, + "srogue": { + "name": "Super-Rogue", + "uname": "srogue", + "path": "/bin/srogue" + } +}; + +/* Constructor for TermSessions. Note that it opens the terminal and + * adds itself to the sessions dict. It currently assumes the user has + * been authenticated. + */ +function TermSession(game, user, files) { + /* First make sure starting the game will work. */ + if (!(game in games)) { + // TODO: throw an exception instead + return null; + } + /* This order seems to best avoid race conditions... */ + this.alive = false; + this.sessid = randkey(); + while (this.sessid in sessions) { + this.sessid = randkey(); + } + /* Grab a spot in the sessions table. */ + sessions[this.sessid] = this; + /* TODO handle tty-opening errors */ + /* TODO make argument-finding into a method */ + args = [games[game].path, "-n", user.toString()]; + this.child = child_process.spawn("/bin/ptyhelper", args); + var ss = this; + this.alive = true; + this.data = []; + this.lock = files[0]; + fs.writeFile(this.lock, this.child.pid.toString() + '\n80\n24\n', "utf8"); + this.record = fs.createWriteStream(files[1], { mode: 0664 }); + /* END setup */ + function ttyrec_chunk(buf) { + var ts = new Date(); + var chunk = new Buffer(buf.length + 12); + /* TTYREC headers */ + chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0); + chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4); + chunk.writeUInt32LE(buf.length, 8); + buf.copy(chunk, 12); + ss.data.push(chunk); + ss.record.write(chunk); + } + this.child.stdout.on("data", ttyrec_chunk); + this.child.stderr.on("data", ttyrec_chunk); + this.child.on("exit", function (code, signal) { + ss.exitcode = (code != null ? code : 255); + ss.alive = false; + fs.unlink(ss.lock); + /* Wait for all the data to get collected */ + setTimeout(ss.cleanup, 1000); + }); + this.write = function (data) { + if (this.alive) + this.child.stdin.write(data); + /* Otherwise, throw some kind of exception? */ + }; + this.read = function () { + if (this.data.length == 0) + return null; + var pos = 0; + var i = 0; + for (i = 0; i < this.data.length; i++) + pos += this.data[i].length - 12; + var nbuf = new Buffer(pos); + var tptr; + pos = 0; + while (this.data.length > 0) { + tptr = this.data.shift(); + tptr.copy(nbuf, pos, 12); + pos += tptr.length - 12; + } + return nbuf; + }; + this.close = function () { + if (this.alive) + this.child.kill('SIGHUP'); + }; + this.cleanup = function () { + /* Call this when the child is dead. */ + if (this.alive) + return; + ss.record.end(); + /* Give the client a chance to read any leftover data. */ + if (ss.data.length > 0) + setTimeout(ss.remove, 8000); + else + ss.remove(); + }; + this.remove = function () { + delete sessions[ss.sessid]; + console.log("Session " + this.sessid + " removed."); + }; +} + +/* A few utility functions */ +function timestamp() { + dd = new Date(); + sd = dd.toISOString(); + sd = sd.slice(0, sd.indexOf(".")); + return sd.replace("T", "."); +} + +function randkey() { + rnum = Math.floor(Math.random() * 65536 * 65536); + hexstr = rnum.toString(16); + while (hexstr.length < 8) + hexstr = "0" + hexstr; + return hexstr; +} + +/* Returns a list of the cookies in the request, obviously. */ +function getCookies(req) { + cookies = []; + if ("cookie" in req.headers) { + cookstrs = req.headers["cookie"].split("; "); + for (var i = 0; i < cookstrs.length; i++) { + eqsign = cookstrs[i].indexOf("="); + if (eqsign > 0) { + name = cookstrs[i].slice(0, eqsign).toLowerCase(); + val = cookstrs[i].slice(eqsign + 1); + cookies[name] = val; + } + else if (eqsign < 0) + cookies[cookstrs[i]] = null; + } + } + return cookies; +} + +function urlDec(encstr) { + var decstr = ""; + var tnum; + for (var i = 0; i < encstr.length; i++) + { + if (encstr.charAt(i) == "+") + decstr += " "; + else if (encstr.charAt(i) == "%") + { + tnum = Number("0x" + encstr.slice(i + 1, 2)); + if (!isNaN(tnum) && tnum >= 0) + decstr += String.fromCharCode(tnum); + i += 2; + } + else + decstr += encstr.charAt(i); + } + return decstr; +} + +/* Returns the contents of a form */ +function getFormValues(formtext) { + var pairstrs = formtext.split("&"); + var data = {}; + for (var i = 0; i < pairstrs.length; i++) + { + var eqsign = pairstrs[i].indexOf("="); + if (eqsign > 0) { + rawname = pairstrs[i].slice(0, eqsign); + rawval = pairstrs[i].slice(eqsign + 1); + name = urlDec(rawname); + val = urlDec(rawval); + if (!(name in data)) + data[name] = []; + data[name].push(val); + } + } + return data; +} + +function auth(username, password) { + // Real authentication not implemented + return true; +} + +function login(req, res, formdata) { + if (!("game" in formdata)) { + sendError(res, 2, "No game specified."); + return; + } + else if (!("name" in formdata)) { + sendError(res, 2, "Username not given."); + return; + } + else if (!("pw" in formdata)) { + sendError(res, 2, "Password not given."); + return; + } + var username = formdata["name"][0]; + var password = formdata["pw"][0]; + var gname = formdata["game"][0]; + if (!(gname in games)) { + sendError(res, 2, "No such game: " + gname); + console.log("Request for nonexistant game \"" + gname + "\""); + return; + } + var progressdir = "/dgldir/inprogress-" + games[gname].uname; + + // This sets up the game once starting is approved. + function startgame() { + var ts = timestamp(); + var lockfile = path.join(progressdir, username + ":node:" + ts + ".ttyrec"); + var ttyrec = path.join("/dgldir/ttyrec", username, gname, ts + ".ttyrec"); + var nsession = new TermSession(gname, username, [lockfile, ttyrec]); + if (nsession) { + /* Technically there's a race condition for the "lock"file, but since + * it requires the user deliberately starting two games at similar times, + * it's not too serious. We can't get O_EXCL in Node anyway. */ + res.writeHead(200, {'Content-Type': 'text/plain'}); + res.write("l1\n" + nsession.sessid + "\n"); + res.end(); + console.log("%s playing %s (key %s, pid %d)", username, gname, + nsession.sessid, nsession.child.pid); + } + else { + sendError(res, 5, "Failed to open TTY"); + console.log("Unable to allocate TTY for " + gname); + } + } + function checkit(code, signal) { + // check the password + if (code != 0) { + sendError(res, 3); + console.log("Password check failed for user " + username); + return; + } + // check for an existing game + fs.readdir(progressdir, function(err, files) { + if (!err) { + var fre = RegExp("^" + username + ":"); + for (var i = 0; i < files.length; i++) { + if (files[i].match(fre)) { + sendError(res, 4, null); + return; + } + } + } + // If progressdir isn't readable, start a new game anyway. + startgame(); + }); + } + /* Look for the user in the password file */ + fs.readFile(passwdfile, "utf8", function(err, data) { + if (err) { + sendError(res, 3); + console.log("Can't authenticate: " + err.toString()); + return; + } + var dlines = data.split('\n'); + for (var n = 0; n < dlines.length; n++) { + var fields = dlines[n].split(':'); + if (fields[0] == username) { + // check the password with the quickrypt utility + checker = require('child_process').spawn("/bin/quickrypt") + checker.on("exit", checkit); + checker.stdin.end(password + '\n' + fields[2] + '\n', "utf8"); + return; + } + } + sendError(res, 3); + console.log("Attempted login by nonexistent user " + username); + }); + return; +} + +function logout(term, res) { + if (!term.alive) { + sendError(res, 1, null); + return; + } + cterm.close(); + var resheaders = {'Content-Type': 'text/plain'}; + res.writeHead(200, resheaders); + res.write("q1\n\n"); + res.end(); + return; +} + +function findTermSession(formdata) { + if ("id" in formdata) { + var sessid = formdata["id"][0]; + if (sessid in sessions) { + return sessions[sessid]; + } + } + return null; +} + +function serveStatic(req, res, fname) { + var nname = path.normalize(fname); + if (nname == "" || nname == "/") + nname = "index.html"; + if (nname.match(/\/$/)) + path.join(nname, "index.html"); /* it was a directory */ + var realname = path.join(serveStaticRoot, nname); + var extension = path.extname(realname); + path.exists(realname, function (exists) { + var resheaders = {}; + if (!exists || !extension || extension == ".html") + resheaders["Content-Type"] = "text/html"; + else if (extension == ".png") + resheaders["Content-Type"] = "image/png"; + else if (extension == ".css") + resheaders["Content-Type"] = "text/css"; + else if (extension == ".js") + resheaders["Content-Type"] = "text/javascript"; + else if (extension == ".svg") + resheaders["Content-Type"] = "image/svg+xml"; + else + resheaders["Content-Type"] = "application/octet-stream"; + if (exists) { + fs.readFile(realname, function (error, data) { + if (error) { + res.writeHead(500, {}); + res.end(); + } + else { + res.writeHead(200, resheaders); + res.write(data); + res.end(); + } + }); + } + else { + res.writeHead(404, resheaders); + res.write("" + nname + "\n

" + nname + " Not Found

\n"); + res.end(); + } + }); + return; +} + +function readFeed(res, term) { + if (term) { + var result = term.read(); + res.writeHead(200, { "Content-Type": "text/plain" }); + if (result == null) + resultstr = ""; + else + resultstr = result.toString("hex"); + if (result == null && !term.alive) { + /* Child has terminated and data is flushed. */ + res.write("q1\n\n"); + } + else + res.write("d" + resultstr.length.toString() + "\n" + resultstr + "\n"); + res.end(); + } + else { + //console.log("Where's the term?"); + sendError(res, 1, null); + } +} + +var errorcodes = [ "Generic Error", "Not logged in", "Invalid data", + "Login failed", "Already playing", "Game launch failed" ]; + +function sendError(res, ecode, msg) { + res.writeHead(200, { "Content-Type": "text/plain" }); + if (ecode < errorcodes.length && ecode > 0) { + var emsg = errorcodes[ecode]; + if (msg) + emsg += ": " + msg; + res.write("E" + ecode + '\n' + emsg + '\n'); + } + else + res.write("E0\nGeneric Error\n"); + res.end(); +} + +function handler(req, res) { + /* default headers for the response */ + var resheaders = {'Content-Type': 'text/html'}; + /* The request body will be added to this as it arrives. */ + var reqbody = ""; + var formdata; + + /* Register a listener to get the body. */ + function moredata(chunk) { + reqbody += chunk; + } + req.on('data', moredata); + + /* This will send the response once the whole request is here. */ + function respond() { + formdata = getFormValues(reqbody); + var target = url.parse(req.url).pathname; + var cterm = findTermSession(formdata); + /* First figure out if the client is POSTing to a command interface. */ + if (req.method == 'POST') { + if (target == '/feed') { + if (!cterm) { + sendError(res, 1, null); + return; + } + if ("quit" in formdata) { + /* The client wants to terminate the process. */ + logout(cterm, res); + } + else if (formdata["keys"]) { + /* process the keys */ + hexstr = formdata["keys"][0].replace(/[^0-9a-f]/gi, ""); + if (hexstr.length % 2 != 0) { + sendError(res, 2, "incomplete byte"); + return; + } + keybuf = new Buffer(hexstr, "hex"); + cterm.write(keybuf); + } + readFeed(res, cterm); + } + else if (target == "/login") { + login(req, res, formdata); + } + else { + res.writeHead(405, resheaders); + res.end(); + } + } + else if (req.method == 'GET' || req.method == 'HEAD') { + if (target == '/feed') { + if (!cterm) { + sendError(res, 1, null); + return; + } + readFeed(res, cterm); + } + /* Default page, create a new term */ + /* FIXME New term not created anymore, is a special case still needed? */ + else if (target == '/') { + serveStatic(req, res, "/"); + } + else /* Go look for it in the filesystem */ + serveStatic(req, res, target); + } + else { /* Some other method */ + res.writeHead(501, resheaders); + res.write("501\n

501 Not Implemented

\n"); + res.end(); + } + return; + } + req.on('end', respond); + +} + +process.on("exit", function () { + for (var sessid in sessions) { + if (sessions[sessid].alive) + sessions[sessid].child.kill('SIGHUP'); + } + console.log("Quitting..."); + return; +}); + +/* Initialization STARTS HERE */ +process.env["TERM"] = "xterm-256color"; + +if (process.getuid() != 0) { + console.log("Not running as root, cannot chroot."); + process.exit(1); +} +try { + process.chdir(chrootDir); +} +catch (err) { + console.log("Cannot enter " + chrootDir + " : " + err); + process.exit(1); +} +try { + daemon.chroot(chrootDir); +} +catch (err) { + console.log("chroot to " + chrootDir + " failed: " + err); + process.exit(1); +} +try { + // drop gid first, that requires UID=0 + process.setgid(dropToGID); + process.setuid(dropToUID); +} +catch (err) { + console.log("Could not drop permissions: " + err); + process.exit(1); +} + +http.createServer(handler).listen(8080, "127.0.0.1"); +console.log('rlgwebd running at http://127.0.0.1:8080/'); diff -r d1b3c3af34d6 -r ad0a31e52007 webttyd.js --- a/webttyd.js Mon May 07 16:03:10 2012 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,531 +0,0 @@ -#!/usr/bin/env node - -// If you can't quite trust node to find it on its own -var localModules = '/usr/local/lib/node_modules/'; -var http = require('http'); -var url = require('url'); -var path = require('path'); -var fs = require('fs'); -//var tty = require("tty"); -var child_process = require('child_process'); -var daemon = require(path.join(localModules, "daemon")); - -var chrootDir = "/var/dgl/"; -var dropToUID = 501; -var dropToGID = 501; -var serveStaticRoot = "/var/www/"; // inside the chroot -var passwdfile = "/dgldir/dgl-login"; -var sessions = {}; - -var games = { - "rogue3": { - "name": "Rogue V3", - "uname": "rogue3", - "path": "/bin/rogue3" - }, - "rogue4": { - "name": "Rogue V4", - "uname": "rogue4", - "path": "/bin/rogue4" - }, - "rogue5": { - "name": "Rogue V5", - "uname": "rogue5", - "path": "/bin/rogue5" - }, - "srogue": { - "name": "Super-Rogue", - "uname": "srogue", - "path": "/bin/srogue" - } -}; - -/* Constructor for TermSessions. Note that it opens the terminal and - * adds itself to the sessions dict. It currently assumes the user has - * been authenticated. - */ -function TermSession(game, user, files) { - /* First make sure starting the game will work. */ - if (!(game in games)) { - // TODO: throw an exception instead - return null; - } - /* This order seems to best avoid race conditions... */ - this.alive = false; - this.sessid = randkey(); - while (this.sessid in sessions) { - this.sessid = randkey(); - } - /* Grab a spot in the sessions table. */ - sessions[this.sessid] = this; - /* TODO handle tty-opening errors */ - //var pterm = tty.open(games[game].path, ["-n", user.toString()]); - /* TODO make argument-finding into a method */ - args = [games[game].path, "-n", user.toString()]; - this.child = child_process.spawn("/bin/ptyhelper", args); - var ss = this; - //this.ptmx = pterm[0]; - //this.child = pterm[1]; - this.alive = true; - this.data = []; - this.lock = files[0]; - fs.writeFile(this.lock, this.child.pid.toString() + '\n80\n24\n', "utf8"); - this.record = fs.createWriteStream(files[1], { mode: 0664 }); - /* END setup */ - function ttyrec_chunk(buf) { - var ts = new Date(); - var chunk = new Buffer(buf.length + 12); - /* TTYREC headers */ - chunk.writeUInt32LE(Math.floor(ts.getTime() / 1000), 0); - chunk.writeUInt32LE(1000 * (ts.getTime() % 1000), 4); - chunk.writeUInt32LE(buf.length, 8); - buf.copy(chunk, 12); - ss.data.push(chunk); - ss.record.write(chunk); - } - this.child.stdout.on("data", ttyrec_chunk); - this.child.stderr.on("data", ttyrec_chunk); - this.child.on("exit", function (code, signal) { - ss.exitcode = (code != null ? code : 255); - ss.alive = false; - fs.unlink(ss.lock); - /* Wait for all the data to get collected */ - setTimeout(ss.cleanup, 1000); - }); - this.write = function (data) { - if (this.alive) - this.child.stdin.write(data); - /* Otherwise, throw some kind of exception? */ - }; - this.read = function () { - if (this.data.length == 0) - return null; - var pos = 0; - var i = 0; - for (i = 0; i < this.data.length; i++) - pos += this.data[i].length - 12; - var nbuf = new Buffer(pos); - var tptr; - pos = 0; - while (this.data.length > 0) { - tptr = this.data.shift(); - tptr.copy(nbuf, pos, 12); - pos += tptr.length - 12; - } - return nbuf; - }; - this.close = function () { - if (this.alive) - this.child.kill('SIGHUP'); - }; - this.cleanup = function () { - /* Call this when the child is dead. */ - if (this.alive) - return; - //ss.ptmx.destroy(); - ss.record.end(); - /* Give the client a chance to read any leftover data. */ - if (ss.data.length > 0) - setTimeout(ss.remove, 8000); - else - ss.remove(); - }; - this.remove = function () { - delete sessions[ss.sessid]; - console.log("Session " + this.sessid + " removed."); - }; -} - -/* A few utility functions */ -function timestamp() { - dd = new Date(); - sd = dd.toISOString(); - sd = sd.slice(0, sd.indexOf(".")); - return sd.replace("T", "."); -} - -function randkey() { - rnum = Math.floor(Math.random() * 65536 * 65536); - hexstr = rnum.toString(16); - while (hexstr.length < 8) - hexstr = "0" + hexstr; - return hexstr; -} - -/* Returns a list of the cookies in the request, obviously. */ -function getCookies(req) { - cookies = []; - if ("cookie" in req.headers) { - cookstrs = req.headers["cookie"].split("; "); - for (var i = 0; i < cookstrs.length; i++) { - eqsign = cookstrs[i].indexOf("="); - if (eqsign > 0) { - name = cookstrs[i].slice(0, eqsign).toLowerCase(); - val = cookstrs[i].slice(eqsign + 1); - cookies[name] = val; - } - else if (eqsign < 0) - cookies[cookstrs[i]] = null; - } - } - return cookies; -} - -function urlDec(encstr) { - var decstr = ""; - var tnum; - for (var i = 0; i < encstr.length; i++) - { - if (encstr.charAt(i) == "+") - decstr += " "; - else if (encstr.charAt(i) == "%") - { - tnum = Number("0x" + encstr.slice(i + 1, 2)); - if (!isNaN(tnum) && tnum >= 0) - decstr += String.fromCharCode(tnum); - i += 2; - } - else - decstr += encstr.charAt(i); - } - return decstr; -} - -/* Returns the contents of a form */ -function getFormValues(formtext) { - var pairstrs = formtext.split("&"); - var data = {}; - for (var i = 0; i < pairstrs.length; i++) - { - var eqsign = pairstrs[i].indexOf("="); - if (eqsign > 0) { - rawname = pairstrs[i].slice(0, eqsign); - rawval = pairstrs[i].slice(eqsign + 1); - name = urlDec(rawname); - val = urlDec(rawval); - if (!(name in data)) - data[name] = []; - data[name].push(val); - } - } - return data; -} - -function auth(username, password) { - // Real authentication not implemented - return true; -} - -function login(req, res, formdata) { - if (!("game" in formdata)) { - sendError(res, 2, "No game specified."); - return; - } - else if (!("name" in formdata)) { - sendError(res, 2, "Username not given."); - return; - } - else if (!("pw" in formdata)) { - sendError(res, 2, "Password not given."); - return; - } - var username = formdata["name"][0]; - var password = formdata["pw"][0]; - var gname = formdata["game"][0]; - if (!(gname in games)) { - sendError(res, 2, "No such game: " + gname); - console.log("Request for nonexistant game \"" + gname + "\""); - return; - } - var progressdir = "/dgldir/inprogress-" + games[gname].uname; - - // This sets up the game once starting is approved. - function startgame() { - var ts = timestamp(); - var lockfile = path.join(progressdir, username + ":node:" + ts + ".ttyrec"); - var ttyrec = path.join("/dgldir/ttyrec", username, gname, ts + ".ttyrec"); - var nsession = new TermSession(gname, username, [lockfile, ttyrec]); - if (nsession) { - /* Technically there's a race condition for the "lock"file, but since - * it requires the user deliberately starting two games at similar times, - * it's not too serious. We can't get O_EXCL in Node anyway. */ - res.writeHead(200, {'Content-Type': 'text/plain'}); - res.write("l1\n" + nsession.sessid + "\n"); - res.end(); - console.log("%s playing %s (key %s, pid %d)", username, gname, - nsession.sessid, nsession.child.pid); - } - else { - sendError(res, 5, "Failed to open TTY"); - console.log("Unable to allocate TTY for " + gname); - } - } - function checkit(code, signal) { - // check the password - if (code != 0) { - sendError(res, 3); - console.log("Password check failed for user " + username); - return; - } - // check for an existing game - fs.readdir(progressdir, function(err, files) { - if (!err) { - var fre = RegExp("^" + username + ":"); - for (var i = 0; i < files.length; i++) { - if (files[i].match(fre)) { - sendError(res, 4, null); - return; - } - } - } - // If progressdir isn't readable, start a new game anyway. - startgame(); - }); - } - /* Look for the user in the password file */ - fs.readFile(passwdfile, "utf8", function(err, data) { - if (err) { - sendError(res, 3); - console.log("Can't authenticate: " + err.toString()); - return; - } - var dlines = data.split('\n'); - for (var n = 0; n < dlines.length; n++) { - var fields = dlines[n].split(':'); - if (fields[0] == username) { - // check the password with the quickrypt utility - checker = require('child_process').spawn("/bin/quickrypt") - checker.on("exit", checkit); - checker.stdin.end(password + '\n' + fields[2] + '\n', "utf8"); - return; - } - } - sendError(res, 3); - console.log("Attempted login by nonexistent user " + username); - }); - return; -} - -function logout(term, res) { - if (!term.alive) { - sendError(res, 1, null); - return; - } - cterm.close(); - var resheaders = {'Content-Type': 'text/plain'}; - res.writeHead(200, resheaders); - res.write("q1\n\n"); - res.end(); - return; -} - -function findTermSession(formdata) { - if ("id" in formdata) { - var sessid = formdata["id"][0]; - if (sessid in sessions) { - return sessions[sessid]; - } - } - return null; -} - -function serveStatic(req, res, fname) { - var nname = path.normalize(fname); - if (nname == "" || nname == "/") - nname = "index.html"; - if (nname.match(/\/$/)) - path.join(nname, "index.html"); /* it was a directory */ - var realname = path.join(serveStaticRoot, nname); - var extension = path.extname(realname); - path.exists(realname, function (exists) { - var resheaders = {}; - if (!exists || !extension || extension == ".html") - resheaders["Content-Type"] = "text/html"; - else if (extension == ".png") - resheaders["Content-Type"] = "image/png"; - else if (extension == ".css") - resheaders["Content-Type"] = "text/css"; - else if (extension == ".js") - resheaders["Content-Type"] = "text/javascript"; - else if (extension == ".svg") - resheaders["Content-Type"] = "image/svg+xml"; - else - resheaders["Content-Type"] = "application/octet-stream"; - if (exists) { - fs.readFile(realname, function (error, data) { - if (error) { - res.writeHead(500, {}); - res.end(); - } - else { - res.writeHead(200, resheaders); - res.write(data); - res.end(); - } - }); - } - else { - res.writeHead(404, resheaders); - res.write("" + nname + "\n

" + nname + " Not Found

\n"); - res.end(); - } - }); - return; -} - -function readFeed(res, term) { - if (term) { - var result = term.read(); - res.writeHead(200, { "Content-Type": "text/plain" }); - if (result == null) - resultstr = ""; - else - resultstr = result.toString("hex"); - if (result == null && !term.alive) { - /* Child has terminated and data is flushed. */ - res.write("q1\n\n"); - } - else - res.write("d" + resultstr.length.toString() + "\n" + resultstr + "\n"); - res.end(); - } - else { - //console.log("Where's the term?"); - sendError(res, 1, null); - } -} - -var errorcodes = [ "Generic Error", "Not logged in", "Invalid data", - "Login failed", "Already playing", "Game launch failed" ]; - -function sendError(res, ecode, msg) { - res.writeHead(200, { "Content-Type": "text/plain" }); - if (ecode < errorcodes.length && ecode > 0) { - var emsg = errorcodes[ecode]; - if (msg) - emsg += ": " + msg; - res.write("E" + ecode + '\n' + emsg + '\n'); - } - else - res.write("E0\nGeneric Error\n"); - res.end(); -} - -function handler(req, res) { - /* default headers for the response */ - var resheaders = {'Content-Type': 'text/html'}; - /* The request body will be added to this as it arrives. */ - var reqbody = ""; - var formdata; - - /* Register a listener to get the body. */ - function moredata(chunk) { - reqbody += chunk; - } - req.on('data', moredata); - - /* This will send the response once the whole request is here. */ - function respond() { - formdata = getFormValues(reqbody); - var target = url.parse(req.url).pathname; - var cterm = findTermSession(formdata); - /* First figure out if the client is POSTing to a command interface. */ - if (req.method == 'POST') { - if (target == '/feed') { - if (!cterm) { - sendError(res, 1, null); - return; - } - if ("quit" in formdata) { - /* The client wants to terminate the process. */ - logout(cterm, res); - } - else if (formdata["keys"]) { - /* process the keys */ - hexstr = formdata["keys"][0].replace(/[^0-9a-f]/gi, ""); - if (hexstr.length % 2 != 0) { - sendError(res, 2, "incomplete byte"); - return; - } - keybuf = new Buffer(hexstr, "hex"); - cterm.write(keybuf); - } - readFeed(res, cterm); - } - else if (target == "/login") { - login(req, res, formdata); - } - else { - res.writeHead(405, resheaders); - res.end(); - } - } - else if (req.method == 'GET' || req.method == 'HEAD') { - if (target == '/feed') { - if (!cterm) { - sendError(res, 1, null); - return; - } - readFeed(res, cterm); - } - /* Default page, create a new term */ - /* FIXME New term not created anymore, is a special case still needed? */ - else if (target == '/') { - serveStatic(req, res, "/"); - } - else /* Go look for it in the filesystem */ - serveStatic(req, res, target); - } - else { /* Some other method */ - res.writeHead(501, resheaders); - res.write("501\n

501 Not Implemented

\n"); - res.end(); - } - return; - } - req.on('end', respond); - -} - -process.on("exit", function () { - for (var sessid in sessions) { - if (sessions[sessid].alive) - sessions[sessid].child.kill('SIGHUP'); - } - console.log("Quitting..."); - return; -}); - -/* Initialization STARTS HERE */ -process.env["TERM"] = "xterm-256color"; - -if (process.getuid() != 0) { - console.log("Not running as root, cannot chroot."); - process.exit(1); -} -try { - process.chdir(chrootDir); -} -catch (err) { - console.log("Cannot enter " + chrootDir + " : " + err); - process.exit(1); -} -try { - daemon.chroot(chrootDir); -} -catch (err) { - console.log("chroot to " + chrootDir + " failed: " + err); - process.exit(1); -} -try { - // drop gid first, that requires UID=0 - process.setgid(dropToGID); - process.setuid(dropToUID); -} -catch (err) { - console.log("Could not drop permissions: " + err); - process.exit(1); -} - -http.createServer(handler).listen(8080, "127.0.0.1"); -console.log('webttyd running at http://127.0.0.1:8080/');