commit ecee9ad6bfb5f4d334800a13707d1b36bb7328fb
parent 29424c70a80767831c2ca3e2996c4df2b62d601d
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Sat, 15 May 2021 21:00:48 +0200
increase recv buffer size
Max header size around 8KB is enforced by most web servers. Only
retrieving partial header (e.g., only the 'code' parameter we are
interested in) led to a 'connection reset by peer' on the
client/browser side. Receive full http header first or assume that
anything larger than 8k is malicious. In that case we want to reset
connection.
Diffstat:
| M | caldav.c | | | 111 | ++++++++++++++++++++++++++++++++----------------------------------------------- |
| M | caldav.h | | | 3 | +-- |
2 files changed, 46 insertions(+), 68 deletions(-)
diff --git a/caldav.c b/caldav.c
@@ -61,7 +61,6 @@ void caldav_sync(const struct tm* date, WINDOW* header) {
}
// Show Google Oauth URI
- fprintf(stderr, "Code challenge: %s\n", challenge);
char uri[250];
sprintf(uri, "%s?scope=%s&response_type=%s&redirect_uri=http://%s:%i&client_id=%s",
GOOGLE_OAUTH_AUTHZ_URL,
@@ -78,7 +77,7 @@ void caldav_sync(const struct tm* date, WINDOW* header) {
getmaxyx(header, row, col);
wresize(header, row+5, col);
//curs_set(2);
- mvwprintw(header, 0, 0, "Go to Google OAuth2 authorization URI. Use 'ESC', 'CTRL+C' or 'q' to quit authorization process.\n%s", uri);
+ mvwprintw(header, 0, 0, "Go to Google OAuth2 authorization URI. Use 'q' or 'Ctrl+c' to quit authorization process.\n%s", uri);
//curs_set(0);
wrefresh(header);
@@ -88,6 +87,10 @@ void caldav_sync(const struct tm* date, WINDOW* header) {
perror("Error opening socket");
}
+ // reuse socket address
+ int yes=1;
+ setsockopt(socketfd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof yes);
+
if (bind(socketfd, res->ai_addr, res->ai_addrlen) < 0) {
perror("Error binding socket");
}
@@ -107,13 +110,18 @@ void caldav_sync(const struct tm* date, WINDOW* header) {
pfds[1].events = POLLIN;
int fd_count = 2;
- int len, bytes_rec, bytes_sent;
- char* msg =
- "HTTP/1.1 200 OK\r\n\r\n"
- "hello world\r\n";
- len = strlen(msg);
- char code[GOOGLE_OAUTH_RESPONSE_HEADER_SIZE];
-
+ int connfd, bytes_rec, bytes_sent;
+ char* reply =
+ "HTTP/1.1 200 OK\n"
+ "Content-Type: text/html\n"
+ "Connection: close\n\n"
+ "<p><b>Authorization successfull.</b></p>"
+ "<p>You consented that diary can access your Google calendar.<br/>"
+ "Pleasee close this window and return to diary.</p>";
+ char http_header[8*1024];
+
+ // Handle descriptors read-to-read (POLLIN),
+ // stdin or server socker, whichever is first
for (;;) {
int poll_count = poll(pfds, fd_count, -1);
@@ -121,76 +129,47 @@ void caldav_sync(const struct tm* date, WINDOW* header) {
perror("poll");
break;
}
+
+ // Cancel through stdin
if (pfds[0].revents & POLLIN) {
- int ch = fgetc(stdin);
+ int ch = getchar();
// sudo showkey -a
// Ctrl+c: ^C 0x03
- // Escape: ^[ 0x1b
// q : q 0x71
- if (ch == 0x03 || ch == 0x1b || ch == 0x71) {
+ if (ch == 0x03 || ch == 0x71) {
+ fprintf(stderr, "Escape char: %x\n", ch);
fprintf(stderr, "Hanging up, closing server socket\n");
- close(pfds[1].fd);
break;
}
}
- for (int i = 0; i < fd_count; i++) {
- if (pfds[i].revents & POLLIN && pfds[i].fd == socketfd) {
- // accept connections but ignore client addr
- int connfd = accept(socketfd, NULL, NULL);
- if (connfd < 0) {
- perror("Error accepting connection");
- }
-
- bytes_rec = recv(connfd, code, sizeof code, 0);
- if (bytes_rec == 0) {
- fprintf(stderr, "Remote hung up\n");
- break;
- } else if (bytes_rec < 0) {
- perror("Error reading stream message");
- break;
- }
- fprintf(stderr, "Received code: %s\n", code);
-
- // "Authorization step successfull: You consented that diary can access your Google calendar.\r\n"
- // "Pleasee close this window and return to diary.\r\n";
-
- bytes_sent = send(connfd, msg, len, 0);
- if (bytes_sent < 0) {
- perror("Error sending");
- }
-
- close(connfd);
- //close(socketfd);
+ if (pfds[1].revents & POLLIN) {
+ // accept connections but ignore client addr
+ connfd = accept(socketfd, NULL, NULL);
+ if (connfd < 0) {
+ perror("Error accepting connection");
+ break;
+ }
+ bytes_rec = recv(connfd, http_header, sizeof http_header, 0);
+ if (bytes_rec < 0) {
+ perror("Error reading stream message");
break;
- } // end if server socket
- } // end for fd_count
- } // end for ;;
+ }
+ fprintf(stderr, "Received http header: %s\n", http_header);
-// int bytes_rec, bytes_sent;
-// char buff[50];
-// // reading stream returns number of bytes read,
-// // until stream ends, then it returns 0
-// while ( (bytes_rec=read(connfd, buff, strlen(buff))) ) {
-// if (bytes_rec < 0) {
-// perror("Error reading stream message");
-// break;
-// }
-// fprintf(stderr, "reading");
-// }
-// while ( (bytes_sent=write(2, buff, strlen(buff))) ) {
-// // write buffer to stderr
-// if (bytes_sent < 0) {
-// perror("Error writing buffer to stderr");
-// }
-// fprintf(stderr, "writing");
-// }
-//
-// write(connfd, "GET /\r\n", strlen("GET /\r\n"));
+ bytes_sent = send(connfd, reply, strlen(reply), 0);
+ if (bytes_sent < 0) {
+ perror("Error sending");
+ }
+ fprintf(stderr, "Bytes sent: %i\n", bytes_sent);
-// close(connfd);
-// close(socketfd);
+ close(connfd);
+ break;
+ }
+ } // end for ;;
+ // close server socket
+ close(pfds[1].fd);
// CURL *curl;
// CURLcode res;
diff --git a/caldav.h b/caldav.h
@@ -24,13 +24,12 @@
// A valid code_verifier has a length between 43 and 128 characters
#define GOOGLE_OAUTH_CODE_VERIFIER_LENGTH 43
#define GOOGLE_OAUTH_AUTHZ_URL "https://accounts.google.com/o/oauth2/auth"
-#define GOOGLE_OAUTH_SCOPE "calendar.events.owned"
+#define GOOGLE_OAUTH_SCOPE "https://www.googleapis.com/auth/calendar.events.owned"
#define GOOGLE_OAUTH_RESPONSE_TYPE "code"
#define GOOGLE_OAUTH_REDIRECT_HOST "127.0.0.1"
#define GOOGLE_OAUTH_REDIRECT_PORT 9004
#define GOOGLE_OAUTH_REDIRECT_URI "http://" GOOGLE_OAUTH_REDIRECT_HOST ":" MKSTR(GOOGLE_OAUTH_REDIRECT_PORT)
#define GOOGLE_OAUTH_REDIRECT_SOCKET_BACKLOG 10
-#define GOOGLE_OAUTH_RESPONSE_HEADER_SIZE 84
void caldav_sync(const struct tm* date, WINDOW* header);
