adopt new wireless hardware
This commit is contained in:
jtf
parent
a1b71842b5
commit
fbec34f6fa
|
|
@ -1,14 +1,14 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
header() {
|
||||
echo -en 'Content-type: text/html
|
||||
Strict-Transport-Security: max-age=86400000\n\n'
|
||||
echo -e 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n'
|
||||
}
|
||||
|
||||
header_redir_display() {
|
||||
header
|
||||
echo "<head><meta http-equiv=\"Refresh\" content=\"0; $SCRIPT_NAME?secret=$secret\"></head>"
|
||||
}
|
||||
# let nginx do it!
|
||||
#header_redir_display() {
|
||||
# header
|
||||
# echo "<head><meta http-equiv=\"Refresh\" content=\"0; $SCRIPT_NAME?secret=$secret\"></head>"
|
||||
#}
|
||||
|
||||
## enforce SSL
|
||||
#if [ $SERVER_PORT -ne 443 ]; then
|
||||
|
|
@ -19,23 +19,19 @@ header_redir_display() {
|
|||
# extract parameters
|
||||
# tr -dc removes all characters, this prevents things like xss
|
||||
getp() {
|
||||
echo "$REQUEST_URI" | sed 's/.*?//' | sed 's/%20/ /g' | tr "?&" "\n" | tr -dc "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//"
|
||||
echo "$REQUEST_URI" | sed 's/.*?//' | sed 's/%20/ /g' \
|
||||
| tr "?&" "\n" | tr --complement --delete "0-9a-z_= \n" | egrep "^$1=" | sed "s/^$1=//"
|
||||
}
|
||||
secret=$(getp secret)
|
||||
hashed_secret=$(echo "$secret" | md5sum | cut -f1 -d\ )
|
||||
cmd=$(getp cmd)
|
||||
|
||||
#echo "secret $secret" >/var/www/cgi-bin/2
|
||||
#echo "hashed_secret $hashed_secret" >>/var/www/cgi-bin/2
|
||||
#echo "cmd $cmd" >>/var/www/cgi-bin/2
|
||||
|
||||
|
||||
# check secret
|
||||
# the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines
|
||||
# secrets can only contain the characters that are allowed in getp() with tr -dc
|
||||
if [ -z "$secret" ] || ! grep -q "^$hashed_secret$" /etc/door-token-hashs; then
|
||||
header
|
||||
[ -z "$secret" ] || echo "<html><p>Ich bin mir nicht sicher. Mir scheint du bist doch ein Kohlkopf oder Anderes!</p>"
|
||||
[ -z "$secret" ] || echo "<html><p>Ich bin mir nicht sicher. Mir scheint, du bist doch ein Kohlkopf oder Anderes!</p>"
|
||||
cat /var/www/tpl/secret.html
|
||||
exit
|
||||
fi
|
||||
|
|
@ -43,8 +39,8 @@ fi
|
|||
# control relais card
|
||||
if [ -n "$cmd" ]; then
|
||||
case "$cmd" in
|
||||
indoor_lock) pin=17; delay1=0; delay2=1;;
|
||||
indoor_unlock) pin=4; delay1=0; delay2=1;;
|
||||
# indoor_unlock) pin=17; delay1=0; delay2=1;; unused pin
|
||||
indoor_lock) pin=4; delay1=0; delay2=1;;
|
||||
indoor_open) pin=27; delay1=0; delay2=1;;
|
||||
outdoor_buzz) pin=22; delay1=15; delay2=5;;
|
||||
*) header; echo 'Do not hack the hackerspace!'"$cmd"; exit;;
|
||||
|
|
|
|||
|
|
@ -11,13 +11,10 @@
|
|||
<body>
|
||||
<form method="GET" action="#">
|
||||
<input type=hidden name=secret value="XSECRET_HEREX">
|
||||
<h2>Hauptfunktionen</h2>
|
||||
<button class="main_button main_open" type="submit" name="cmd" value="indoor_open">Tür öffnen</button>
|
||||
<button class="main_button" type="submit" name="cmd" value="outdoor_buzz">Haustüröffner</button>
|
||||
|
||||
<h2>weitere Funktionen</h2>
|
||||
<h2>Schließfunktionen</h2>
|
||||
<button class="main_button main_open" type="submit" name="cmd" value="indoor_open">Tür öffnen</button><br/>
|
||||
<button class="main_button" type="submit" name="cmd" value="outdoor_buzz">Haustüröffner</button><br/>
|
||||
<button class="main_close" type="submit" name="cmd" value="indoor_lock">Tür abschließen</button>
|
||||
<button type="submit" name="cmd" value="indoor_unlock">Tür aufschließen</button>
|
||||
</form>
|
||||
</body>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue