From b72f931c26a2af18538bbfb93a099165a5adcb24 Mon Sep 17 00:00:00 2001 From: developer Date: Wed, 25 Sep 2019 20:32:12 +0200 Subject: [PATCH] fix codestyle, indentation and shellcheck issue --- cgi-bin/kraut.space | 39 ++++++++++++++++++--------------------- 1 file changed, 18 insertions(+), 21 deletions(-) diff --git a/cgi-bin/kraut.space b/cgi-bin/kraut.space index 3c94e66..d67ed5f 100755 --- a/cgi-bin/kraut.space +++ b/cgi-bin/kraut.space @@ -1,31 +1,26 @@ #!/bin/sh -e header() { - echo -e 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n' + printf 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n' } # extract parameters -# tr -dc removes all characters, this prevents things like xss +# tr -cd removes all characters, this prevents things like xss getp() { echo "$REQUEST_URI" | sed 's/.*?//' | sed 's/%20/ /g' \ - | tr "?&" "\n" | tr --complement --delete "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//" + | tr '?&' '\n' | tr --complement --delete '0-9a-z_= \n' \ + | grep --extended-regexp "^$1=" | sed "s/^$1=//" } -#header -#echo "anz $# " -#echo "alle $@" -#printenv -#exit - -secret=$(getp secret) -secret_length=`echo $secret | wc --chars` -hashed_secret=$(echo "$secret" | sha512sum | cut -f1 -d\ ) +secret="$(getp secret)" +secret_length="$(echo "$secret" | wc --chars)" +hashed_secret="$(echo "$secret" | sha512sum | cut -f1 -d\ )" cmd=$(getp cmd) # check secret # the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines -# secrets can only contain the characters that are allowed in getp() with tr -dc -if [ -z "$secret" ] || [ $secret_length -lt 30 ] || ! grep -q ";$hashed_secret$" /etc/tuer3.0/door_access_list; then +# secrets can only contain the characters that are allowed in getp() with tr -cd +if [ -z "$secret" ] || [ "$secret_length" -lt 30 ] || ! grep -q ";$hashed_secret$" /etc/tuer3.0/door_access_list; then header [ -z "$secret" ] || echo "

Ich bin mir nicht sicher. Mir scheint, du bist doch ein Kohlkopf oder Anderes!

" # $hashed_secret" @@ -36,13 +31,13 @@ fi # control relais card if [ -n "$cmd" ]; then case "$cmd" in -# indoor_unlock) pin=17; delay1=0; delay2=1;; unused pin - indoor_lock) pin=4; delay1=0; delay2=1;; - indoor_open) pin=27; delay1=0; delay2=1;; - outdoor_buzz) pin=22; delay1=15; delay2=5;; - *) header; echo 'Do not hack the hackerspace!'"$cmd"; exit;; + #indoor_unlock) pin=17; delay1=0; delay2=1;; unused pin + indoor_lock) pin=4; delay1=0; delay2=1;; + indoor_open) pin=27; delay1=0; delay2=1;; + outdoor_buzz) pin=22; delay1=15; delay2=5;; + *) header; echo 'Do not hack the hackerspace!'"$cmd"; exit;; esac - + # execute long-running ppio job in background shell ( sleep $delay1 /usr/local/bin/gpio -g write $pin on @@ -50,9 +45,11 @@ if [ -n "$cmd" ]; then /usr/local/bin/gpio -g write $pin off ) /dev/null 2>/dev/null & + DATE="$(date +"%F %T")" + echo "$DATE $cmd $hashed_secret" >>/var/log/tuer/log & header - sed 's/XTIMEOUTX/'"$(($delay1 + $delay2))"'/' /var/www/tpl/wait.html | sed 's/XSECRETX/'"$secret"/ + sed 's/XTIMEOUTX/'"$((delay1 + delay2))"'/' /var/www/tpl/wait.html | sed 's/XSECRETX/'"$secret"/ exit fi