83 lines
2.7 KiB
Bash
Executable file
83 lines
2.7 KiB
Bash
Executable file
#!/bin/sh -e
|
|
# tuer3 web interface
|
|
# Copyright (C) 2017-2019 Hackspace Jena e. V.
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
header() {
|
|
printf 'Content-type: text/html\nStrict-Transport-Security: max-age=86400000\n\n'
|
|
}
|
|
|
|
# extract parameters
|
|
# tr -cd removes all characters, this prevents things like xss
|
|
getp() {
|
|
echo "$REQUEST_URI" | sed 's/.*?//' | sed 's/%20/ /g' \
|
|
| tr '?&' '\n' | tr --complement --delete '0-9a-z_= \n' \
|
|
| grep --extended-regexp "^$1=" | sed "s/^$1=//"
|
|
}
|
|
|
|
secret="$(getp secret)"
|
|
secret_length="$(echo "$secret" | wc --chars)"
|
|
hashed_secret="$(echo "$secret" | sha512sum | cut -f1 -d\ )"
|
|
cmd=$(getp cmd)
|
|
|
|
# check secret
|
|
# the secrets file has to contain the hashes on a single line, comments are allowed on seperate lines
|
|
# secrets can only contain the characters that are allowed in getp() with tr -cd
|
|
if [ -z "$secret" ] \
|
|
|| [ "$secret_length" -lt 30 ] \
|
|
|| ! grep -q ";$hashed_secret$" /etc/tuer3.0/door_access_list
|
|
then
|
|
header
|
|
|
|
CABBAGE=""
|
|
[ -z "$secret" ] || CABBAGE="Ich bin mir nicht sicher. Mir scheint, du bist doch ein Kohlkopf oder Anderes!"
|
|
|
|
# shellcheck disable=SC2002
|
|
cat /var/www/tpl/secret.html | sed 's/<!--XCABBAGEX-->/'"$CABBAGE"'/'
|
|
|
|
exit
|
|
fi
|
|
|
|
# control relais card
|
|
if [ -n "$cmd" ]; then
|
|
case "$cmd" in
|
|
#indoor_unlock) pin=17; delay1=0; delay2=1;; unused pin
|
|
indoor_lock) pin=4; delay1=0; delay2=1;;
|
|
indoor_open) pin=27; delay1=0; delay2=1;;
|
|
outdoor_buzz) pin=22; delay1=15; delay2=5;;
|
|
*) header; echo 'Do not hack the hackerspace!'"$cmd"; exit;;
|
|
esac
|
|
|
|
# execute long-running ppio job in background shell
|
|
( sleep $delay1
|
|
/usr/local/bin/gpio -g write $pin on
|
|
sleep $delay2
|
|
/usr/local/bin/gpio -g write $pin off
|
|
) </dev/null >/dev/null 2>/dev/null &
|
|
|
|
DATE="$(date +"%F %T")"
|
|
echo "$DATE $cmd $hashed_secret" >>/var/log/tuer/log &
|
|
|
|
header
|
|
sed 's/XTIMEOUTX/'"$((delay1 + delay2))"'/' /var/www/tpl/wait.html | sed 's/XSECRETX/'"$secret"/
|
|
|
|
exit
|
|
fi
|
|
|
|
# show feature page
|
|
header
|
|
sed 's/XSECRET_HEREX/'"$secret"'/' /var/www/tpl/features.html
|
|
exit
|