#!/bin/bash _PWDFILE='/www/lib/admin/htpasswd' _TMP='/tmp' _LOG="${_TMP}/admin.log" _DEBUG=1 ## logging logThis() { [[ $_DEBUG -gt 0 ]] || return 0 [[ $_ERR -gt 0 ]] && _TYPE='E:' || _TYPE='I:' ## Info or Error indication local _TIME=$(printf '%(%d.%m.%Y %H:%M:%S)T' -1) printf '%b\n' "$_TIME $_TYPE ${1} " >> $_LOG [[ $_DEBUG -gt 1 ]] && printf '%b\n' "[verbose] $_TYPE ${1}" return 0 } ## http response headerPrint() { case ${1} in 200) printf '%b' 'HTTP/1.1 200 OK\nAccess-Control-Allow-Origin: *\n\n';; 301) printf '%b' "HTTP/1.1 301 Moved Permanently\nLocation: ${HTTP_REFERER}\n\n";; 403) printf '%b' 'HTTP/1.1 403 Forbidden\n\n';; 405) printf '%b' 'HTTP/1.1 405 Method Not Allowed\n\n';; 406) printf '%b' 'HTTP/1.1 406 Not Acceptable\n\n';; esac return 0 } htDigest() { _USER='admin' _PWD=$1 _REALM='superglue' _HASH=$(echo -n "$_USER:$_REALM:$_PWD" | md5sum | cut -b -32) echo -n "$_USER:$_REALM:$_HASH" } urlDec() { local value=${*//+/%20} for part in ${value//%/ \\x}; do printf "%b%s" "${part:0:4}" "${part:4}" done } setQueryVars() { local _POST=$(cat) local vars=${_POST//\*/%2A} for var in ${vars//&/ }; do local value=$(urlDec "${var#*=}") value=${value//\\/\\\\} eval "_${var%=*}=\"${value//\"/\\\"}\"" done } getQueryFile() { _POST_TMP=$(mktemp -p $_TMP) ## make tmp POST file cat > $_POST_TMP ## cautiously storing entire POST in a file logThis "'multipart': decoding stream" local _BND=$(findPostOpt 'boundary') ## bash is binary unsafe and eats away precious lines ## thus using gawk function cutFile() { gawk -v "want=$1" -v "bnd=$_BND" ' BEGIN { RS="\r\n"; ORS="\r\n" } # reset based on boundaries $0 == "--"bnd"" { st=1; next; } $0 == "--"bnd"--" { st=0; next; } $0 == "--"bnd"--\r" { st=0; next; } # search for wanted file st == 1 && $0 ~ "^Content-Disposition:.* name=\""want"\"" { st=2; next; } st == 1 && $0 == "" { st=9; next; } # wait for newline, then start printing st == 2 && $0 == "" { st=3; next; } st == 3 { print $0 } ' 2>&1 } cutFile 'fwupload' < "${_POST_TMP}" > "${_TMP}/fwupload.bin" } ## find arbitrary option supplied in Content-Type header ## eg: "Content-Type:application/octet-stream; verbose=1" findPostOpt() { for i in "${CONTENT_TYPE[@]:1}"; do case "${i/=*}" in "$1") printf '%b' "${i/*=}" ;; esac done return 0 } runSuid() { local _SID=$(ps -p $$ -o sid=) ## pass session id to the child local _CMD=$@ sudo ./suid.sh $_CMD $_SID 2>&1 } pwdChange() { if [[ ! -z "${_pwd##$_pwdd}" ]]; then _ERR=1 showMesg 'Passwords did not match' fi if [[ ${#_pwd} -lt 6 ]]; then _ERR=1 showMesg 'Password must be at least 6 characters long' fi runSuid "echo -e \"$_pwd\n$_pwd\" | passwd root" runSuid "echo $(htDigest $_pwd) > $_PWDFILE" _ERR=$? if [[ $_ERR -gt 0 ]]; then showMesg 'Password change failed' else showMesg 'Password is changed' fi } ssidChange() { ## default enc for now local _enc='psk2' logThis "new ssid is: $_ssid" logThis "new key is: $_key" if [[ $_ssid != $_pssid ]]; then if [[ ${#_ssid} -lt 4 ]]; then _ERR=1 showMesg 'SSID must be at least 4 characters long' fi setUci ssid $_ssid _ERR=$? [[ $_ERR -gt 0 ]] && showMesg 'New SSID is not set' fi if [[ $_key != $_pkey ]]; then if [[ -z $_key ]]; then ## if key is empty set encryption to none and remove key setUci key && setUci enc 'none' _ERR=$? else if [[ ${#_key} -lt 8 ]]; then _ERR=1 showMesg 'Passphrase must be at least 8 characters long' fi setUci key $_key && setUci enc $_enc _ERR=$? [[ $_ERR -gt 0 ]] && showMesg 'Passphrase is not set' fi fi [[ $_ERR -gt 0 ]] && showMesg 'Wireless changes failed' commitUci && showMesg 'Wireless changes applied' } #showError() { # headerPrint 406 # logThis "$@" # echo "ERROR: $@" # exit 1 #} showMesg() { logThis "$@" local _MSG=$1 local _SUBMSG=$2 _MSG=${_MSG:='Not defined'} _SUBMSG=${_SUBMSG:='back to control panel in a second..'} if [[ $_ERR -gt 0 ]]; then local _TYPE='ERROR: ' headerPrint 406 else local _TYPE='OK: ' headerPrint 200 fi htmlHead "" echo "