#!/usr/bin/perl -w
# client for stream exchange of the FEX service
#
# Author: Ulli Horlacher <framstag@rus.uni-stuttgart.de>
#
# Perl Artistic Licence
# sexsend / sexget / sexxx
use Getopt::Std;
use Socket;
use IO::Handle;
use IO::Socket::INET;
use Digest::MD5 qw(md5_hex); # encypted ID / SID
use constant k => 2**10;
use constant M => 2**20;
eval 'use Net::INET6Glue::INET_is_INET6';
our $version = 20160328;
our $DEBUG = $ENV{DEBUG};
my %SSL = (SSL_version => 'TLSv1');
my $sigpipe;
if (-f ($_ = '/etc/fex/config.pl')) {
eval { require } or warn $@;
}
$0 =~ s:.*/::;
$| = 1;
# sexsend is default
$usage =
"usage: ... | $0 [options] [SEX-URL/]recipient [stream]\n".
"options: -v verbose mode\n".
" -g show transfer rate\n".
" -V show version\n".
" -t timeout timeout in s (waiting for recipient)\n".
"special: recipient may be \"public\" or \"anonymous\" or \".\"\n".
"see also: sexget, sexxx\n".
"example: tail -f /var/log/syslog | $0 fex.flupp.org/admin log\n";
if ($0 eq 'sexget' or $0 eq 'fuckme') {
$usage =
"usage: $0 [options] [[SEX-URL/]user:ID] [stream]\n".
"options: -v verbose mode\n".
" -g show transfer rate\n".
" -V show version\n".
"arguments: user:ID use this user & ID\n".
" (ID may be \"public\" or user:ID may be \"anonymous\")\n".
" stream name of the stream\n".
"see also: sexsend, sexxx\n".
"example: $0 log | grep kernel\n";
}
if ($0 eq 'sexxx') {
$usage =
"usage: $0 [-v] [-g] [-c] [-u [SEX-URL/]user] [-s stream] [files...]\n".
"usage: $0 [-v] [-g] [-u [SEX-URL/]user] [-s stream] | ...\n".
"options: -v verbose mode\n".
" -g show transfer rate\n".
" -q quiet mode\n".
" -c compress files\n".
" -u SEX-URL/user SEX-URL and user (default: use FEXID/FEXXX)\n".
" -s stream stream name (default: xx)\n".
"see also: sexsend, sexget\n".
"examples: $0 -s config /etc /usr/local/etc\n".
" $0 > backup.tar\n";
}
$fexhome = $ENV{FEXHOME} || $ENV{HOME}.'/.fex';
$user = $id = '';
$type = $timeout = $stream = $mode = '';
$idf = "$fexhome/id";
$bs = $ENV{BS} || 2**16; # I/O blocksize
# server URL, user and auth-ID
if ($FEXID = $ENV{FEXID}) {
$FEXID = decode_b64($FEXID) if $FEXID !~ /\s/;
($fexcgi,$user,$id) = split(/\s+/,$FEXID);
} else {
if (open $idf,$idf) {
chomp($fexcgi = <$idf>) or die "$0: no FEX-URL in $idf\n";
chomp($user = <$idf>) or die "$0: no FROM in $idf\n";
chomp($id = <$idf>) or die "$0: no ID in $idf\n";
close $idf;
despace($fexcgi,$user,$id);
unless ($fexcgi =~ /^[_:=\w\-\.\/\@\%]+$/) {
die "$0: illegal FEX-URL \"$fexcgi\" in $idf\n";
}
unless ($user =~ /^[_:=\w\-\.\/\@\%\+]+$/) {
die "$0: illegal FROM \"$user\" in $idf\n";
}
}
}
$opt_h = $opt_v = $opt_V = $opt_q = 0;
$opt_u = $opt_s = $opt_c = $opt_t = '';
$_ = "$fexhome/config.pl"; require if -f;
if ($0 eq 'sexxx') {
# xx server URL, user and auth-ID
if ($FEXXX = $ENV{FEXXX}) {
$FEXXX = decode_b64($FEXXX) if $FEXXX !~ /\s/;
($fexcgi,$user,$id) = split(/\s+/,$FEXXX);
} elsif (open $idf,$idf) {
while (<$idf>) {
if (/^\[xx\]/) {
chomp($fexcgi = <$idf>) or die "$0: no xx FEX-URL in $idf\n";
chomp($user = <$idf>) or die "$0: no xx FROM in $idf\n";
chomp($id = <$idf>) or die "$0: no xx ID in $idf\n";
last;
}
}
close $idf;
}
getopts('hgvcu:s:') or die $usage;
die $usage if $opt_h;
die $usage unless -t;
if ($opt_c) {
$opt_c = 'z';
$type = '&type=GZIP';
}
if ($opt_u) {
$fexcgi = $1 if $opt_u =~ s:(.+)/::;
$user = $opt_u;
}
unless ($fexcgi) {
die "$0: no xx user found, use \"$0 -u SEX-URL/user\"\n";
}
unless ($user) {
die "$0: no xx user found, use \"$0 -u user\"\n";
}
} elsif ($0 eq 'sexget' or $0 eq 'fuckme') {
$opt_g = 0;
getopts('hgvVdu:') or die $usage;
die $usage if $opt_h;
if ($opt_V) {
print "Version: $version\n";
exit unless @ARGV;
}
if (not $opt_u and @ARGV and $ARGV[0] =~ m{^anonymous|/|:}) {
$opt_u = shift @ARGV;
}
if ($opt_u) {
$fexcgi = $1 if $opt_u =~ s:(.+)/::;
($user,$id) = split(':',$opt_u);
if ($user =~ /^anonymous/) {
$anonymous = $user;
} elsif (not $id) {
die $usage;
}
}
unless ($fexcgi) {
die "$0: no SEX URL found, use \"$0 -u SEX-URL/recipient\" or \"fexsend -I\"\n";
}
unless ($user) {
die "$0: no recipient found, use \"$0 -u SEX-URL/recipient\" or \"fexsend -I\"\n";
}
} else { # sexsend
$opt_g = 0;
getopts('hguvqVTt:') or die $usage;
die $usage if $opt_h;
if ($opt_V) {
print "Version: $version\n";
exit unless @ARGV;
}
if ($opt_t and $opt_t =~ /^\d+$/) {
$timeout = "&timeout=$opt_t";
}
my $save_user = $user;
$user = shift or die $usage;
$fexcgi = $1 if $user =~ s:(.+)/::;
if ($user =~ /^anonymous/) {
die "$0: need SEX-URL with anonymous SEX\n" unless $fexcgi;
$mode = 'anonymous';
} elsif ($user eq 'public') {
unless ($id) {
die "$0: public SEX not possible without FEXID, set it with \"fexsend -I\"\n";
}
$mode = $user;
$user = $save_user;
} elsif ($user eq '.') {
open $idf,$idf or die "$0: no $idf\n";
$_ = <$idf>;
$user = <$idf>||'';
chomp $user;
} else {
unless ($fexcgi) {
die "$0: no SEX URL found, use \"$0 SEX-URL/recipient\" or \"fexsend -I\"\n";
}
}
}
&get_ssl_env;
$fexcgi =~ s(^http://)()i;
$fexcgi =~ s(/fup.*)();
$server = $fexcgi;
if ($server =~ s(^https://)()i) { $port = 443 }
elsif ($server =~ /:(\d+)/) { $port = $1 }
else { $port = 80 }
$server =~ s([:/].*)();
## set up tcp/ip connection
# $iaddr = gethostbyname($server)
# or die "$0: cannot find ip-address for $server $!\n";
# socket(SH,PF_INET,SOCK_STREAM,getprotobyname('tcp')) or die "$0: socket $!\n";
# connect(SH,sockaddr_in($port,$iaddr)) or die "$0: connect $!\n";
# warn "connecting $server:$port user=$user\n";
if ($port == 443) {
if ($opt_v and %SSL) {
foreach my $v (keys %SSL) {
printf "%s => %s\n",$v,$SSL{$v};
}
}
eval "use IO::Socket::SSL";
die "$0: cannot load IO::Socket::SSL\n" if $@;
$SH = IO::Socket::SSL->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
%SSL
);
} else {
$SH = IO::Socket::INET->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
);
}
die "cannot connect $server:$port - $!\n" unless $SH;
warn "TCPCONNECT to $server:$port\n" if $opt_v;
# autoflush $SH 1;
autoflush STDERR;
$SIG{PIPE} = \&sigpipehandler;
if ($0 eq 'sexget' or $0 eq 'fuckme') {
$stream = "&stream=" . shift if @ARGV;
if ($anonymous) {
$cid = 'anonymous';
} elsif ($id eq 'public') {
$cid = 'public';
} else {
$cid = query_sid($server,$port,$id);
}
request("GET /sex?BS=$bs&user=$user&ID=$cid$stream HTTP/1.0");
transfer($SH,STDOUT);
# print while sysread $SH,$_,$bs;
exit;
}
if ($0 eq 'sexxx') {
$stream = "&stream=" . ($opt_s || 'xx');
if (@ARGV) {
warn "streaming:\n";
open my $tar,'-|','tar',"cv${opt_c}f",'-',@ARGV or die "$0: cannot run tar - $!\n";
request("POST /sex?BS=$bs&user=$user$type$stream HTTP/1.0");
transfer($tar,$SH);
# while (read $tar,$_,$bs) { syswrite $SH,$_ }
} else {
$cid = query_sid($server,$port,$id);
request("GET /sex?BS=$bs&user=$user&ID=$cid$stream HTTP/1.0");
$opt_c = 'z' if $H{'CONTENT-TYPE'} =~ /gzip/i;
if (-t STDOUT) {
print "extracting from stream:\n";
open $out,"|tar xv${opt_c}f -" or die "$0: cannot run tar - $!\n";
} else {
if ($opt_c) {
open $out,"|gzip -d" or die "$0: cannot run gunzip - $!\n";
} else {
$out = *STDOUT;
}
}
print {$out} $_ while sysread $SH,$_,$bs;
}
exit;
}
# sexsend
$stream = "&stream=" . shift if @ARGV;
if ($mode eq 'anonymous') {
unless ($opt_q) {
print "http://$server:$port/sex?user=$user&ID=anonymous$stream\n";
printf "http://$server:$port/sex?%s\n",
encode_b64("user=$user&ID=anonymous$stream");
}
$mode = "&mode=anonymous";
} elsif ($mode eq 'public') {
die "$0: need user/ID when sending to public, set it with fexsend -I\n" unless $user and $id;
unless ($opt_q) {
print "http://$server:$port/sex?user=$user&ID=public$stream\n";
printf "http://$server:$port/sex?%s\n",
encode_b64("user=$user&ID=public$stream");
}
$cid = query_sid($server,$port,$id);
$mode = "&ID=$cid&mode=public";
} else {
# $user = checkalias($user) unless $opt_d;
}
request("POST /sex?BS=$bs&user=$user$mode$type$timeout$stream HTTP/1.0");
print STDERR "--> (streaming ...)\n" if $opt_v;
transfer(STDIN,$SH);
exit;
sub transfer {
my $source = shift;
my $destination = shift;
my ($t0,$t1,$tt);
my ($B,$b,$bt);
$t0 = $t2 = time;
$tt = $t0-1;
$t1 = 0;
while ($b = sysread $source,$_,$bs) {
print {$destination} $_ or die "$0: link failure - $!\n";
$B += $b;
$bt += $b;
$t2 = time;
if ($t2>$t1) {
if ($opt_g) {
if ($B>2*M) {
printf STDERR "%d MB %d kB/s \r",
int($B/M),int($bt/k/($t2-$tt));
} else {
printf STDERR "%d kB %d kB/s \r",
int($B/k),int($bt/k/($t2-$tt));
}
}
$t1 = $t2;
if ($t2-$tt>10) {
sleep 1; # be nice to bandwith
$bt = 0;
$tt = $t2;
}
}
}
die "$0: no stream data\n" unless $B;
$tt = (time-$t0)||1;
if ($opt_v or $opt_g) {
if ($B>2097152) {
printf STDERR "transfered: %d MB in %d s with %d kB/s\n",
int($B/1048576),$tt,int($B/1024/$tt);
} elsif($B>2048) {
printf STDERR "transfered: %d kB in %d s with %d kB/s\n",
int($B/1024),$tt,int($B/1024/$tt);
} else {
printf STDERR "transfered: %d B in %d s with %d kB/s\n",
$B,$tt,int($B/1024/$tt);
}
}
}
sub request {
my $req = shift;
print STDERR "--> $req\n" if $opt_v;
syswrite $SH,"$req\r\n";
syswrite $SH,"User-Agent: sexsend\r\n";
syswrite $SH,"\r\n";
for (;;) {
unless (defined($_ = &getline)) {
die "$0: server has closed the connection\n";
}
if (/^HTTP\/[\d\.]+ 200/) {
print STDERR "<-- $_" if $opt_v;
last;
} elsif (/^HTTP\/[\d\.]+ 199/) {
print STDERR "<-- $_" if $opt_v;
} else {
if ($opt_v) {
print STDERR "<-- $_";
exit 3;
} else {
s:^HTTP/[ \d\.]+::;
s/\r//;
die "$0: server response: $_";
}
}
}
while (defined($_ = &getline)) {
last if /^\s*$/;
$H{uc($1)} = $2 if /(.+):\s*(.+)/;
print STDERR "<-- $_" if $opt_v;
}
}
# check for (mutt) alias
sub checkalias {
my $to = shift;
if ($to !~ /@/ and open F,$ENV{HOME}.'/.mutt/aliases') {
while (<F>) {
next if /,/;
if (/^alias $to\s/i) {
chomp;
s/\s*#.*//;
s/\s+$//;
s/.*\s+//;
s/<//;
s/>//;
$to = $_;
warn "$0: found alias, using address $to\n";
die unless $to;
last;
}
}
close F;
}
return $to;
}
sub despace {
foreach (@_) {
s/^\s+//;
s/\s+$//;
}
}
sub query_sid {
my ($server,$port,$id) = @_;
my $req;
local $_;
$req = "GET SID HTTP/1.1";
print STDERR "--> $req\n" if $opt_v;
syswrite $SH,"$req\r\n\r\n";
$_ = &getline;
unless (defined $_ and /\w/) {
print STDERR "\n" if $opt_v;
die "$0: no response from server\n";
}
s/\r//;
if (/^HTTP.* 201 (.+)/) {
print STDERR "<-- $_" if $opt_v;
$id = 'MD5H:'.md5_hex($id.$1);
while (defined($_ = &getline)) {
s/\r//;
last if /^\n/;
print STDERR "<-- $_" if $opt_v;
}
} else {
die "$0: $server does not support session ID\n";
}
return $id;
}
sub sigpipehandler {
local $_ = '';
$SIG{ALRM} = sub { };
alarm(1);
$_ = &getline||'';
if (/^HTTP.* \d+ (.*)/) {
if ($opt_v) {
die "\n$0: server error: @_\n";
} else {
die "\n$0: server error: $1\n";
}
} else {
die "\n$0: got SIGPIPE (server closed connection)\n";
}
}
# read one text line from $SH;
sub getline {
my $line = '';
my $c;
local $SIG{ALRM} = sub { die "$0: timeout while waiting for server reply\n" };
alarm($opt_t||300);
# must use sysread to avoid perl line buffering
while (sysread $SH,$c,1) {
$line .= $c;
last if $c eq "\n";
}
alarm(0);
return $line;
}
# from MIME::Base64::Perl
sub decode_b64 {
local $_ = shift;
my $uu = '';
my ($i,$l);
tr|A-Za-z0-9+=/||cd;
s/=+$//;
tr|A-Za-z0-9+/| -_|;
return "" unless length;
$l = (length) - 60;
for ($i = 0; $i <= $l; $i += 60) {
$uu .= "M" . substr($_,$i,60);
}
$_ = substr($_,$i);
if (length) {
$uu .= chr(32 + (length)*3/4) . $_;
}
return unpack ("u",$uu);
}
### common functions ###
sub mtime {
my @d = localtime((stat shift)[9]);
return sprintf('%d%02d%02d',$d[5]+1900,$d[4]+1,$d[3]);
}
sub urldecode {
local $_ = shift;
s/\%([a-f\d]{2})/chr(hex($1))/ige;
return $_;
}
sub get_ssl_env {
# set SSL/TLS options
$SSL{SSL_verify_mode} = $ENV{SSLVERIFY} if defined($ENV{SSLVERIFY});
foreach my $opt (qw(
SSL_version
SSL_cipher_list
SSL_verify_mode
SSL_ca_path
SSL_ca_file)
) {
my $env = uc($opt);
$env =~ s/_//g;
$SSL{$opt} = $ENV{$env} if defined($ENV{$env});
}
if ($SSL{SSL_verify_mode}) {
&search_ca;
unless ($SSL{SSL_ca_path} or $SSL{SSL_ca_file}) {
die "$0: \$SSLVERIFYMODE, but not valid \$SSLCAPATH or \$SSLCAFILE\n";
}
} elsif (defined($SSL{SSL_verify_mode})) {
# user has set SSLVERIFY=0 !
} else {
&search_ca;
$SSL{SSL_verify_mode} = 1 if $SSL{SSL_ca_path} or $SSL{SSL_ca_file};
}
}
sub search_ca {
local $_;
return if $SSL{SSL_ca_file} or $SSL{SSL_ca_path};
foreach (qw(/etc/ssl/certs/ca-certificates.crt)) {
if (-f) {
$SSL{SSL_ca_file} = $_;
return;
}
}
foreach (qw(/etc/ssl/certs /etc/pki/tls/certs)) {
if (-f) {
$SSL{SSL_ca_path} = $_;
return;
}
}
}
sub serverconnect {
my ($server,$port) = @_;
my $connect = "CONNECT $server:$port HTTP/1.1";
local $_;
if ($proxy) {
tcpconnect(split(':',$proxy));
if ($https) {
printf "--> %s\n",$connect if $opt_v;
nvtsend($connect,"");
$_ = <$SH>;
s/\r//;
printf "<-- $_"if $opt_v;
unless (/^HTTP.1.. 200/) {
die "$0: proxy error : $_";
}
&enable_ssl;
$SH = IO::Socket::SSL->start_SSL($SH,%SSL);
}
} else {
tcpconnect($server,$port);
}
# if ($https and $opt_v) {
# printf "%s\n",$SH->get_cipher();
# }
}
# set up tcp/ip connection
sub tcpconnect {
my ($server,$port) = @_;
if ($SH) {
close $SH;
undef $SH;
}
if ($https) {
# eval "use IO::Socket::SSL qw(debug3)";
&enable_ssl;
$SH = IO::Socket::SSL->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
%SSL
);
} else {
$SH = IO::Socket::INET->new(
PeerAddr => $server,
PeerPort => $port,
Proto => 'tcp',
);
}
if ($SH) {
autoflush $SH 1;
binmode $SH;
} else {
die "$0: cannot connect $server:$port - $@\n";
}
print "TCPCONNECT to $server:$port\n" if $opt_v;
}
sub enable_ssl {
eval "use IO::Socket::SSL";
die "$0: cannot load IO::Socket::SSL\n" if $@;
eval '$SSL{SSL_verify_mode} = 0 if Net::SSLeay::SSLeay() <= 9470143';
if ($opt_v) {
foreach my $v (keys %SSL) {
printf "%s => %s\n",$v,$SSL{$v};
}
}
}
sub sendheader {
my $sp = shift;
my @head = @_;
my $head;
push @head,"Host: $sp";
foreach $head (@head) {
print "--> $head\n" if $opt_v;
print {$SH} $head,"\r\n";
}
print "-->\n" if $opt_v;
print {$SH} "\r\n";
}
sub nvtsend {
local $SIG{PIPE} = sub { $sigpipe = "@_" };
$sigpipe = '';
die "$0: internal error: no active network handle\n" unless $SH;
die "$0: remote host has closed the link\n" unless $SH->connected;
foreach my $line (@_) {
print {$SH} $line,"\r\n";
if ($sigpipe) {
undef $SH;
return 0;
}
}
return 1;
}
sub quote {
local $_ = shift;
s/([^\w\@\/%^,.=+_:+-])/\\$1/g;
return $_;
}
sub debug {
print "## DEBUG: @_\n" if $DEBUG;
}
# from MIME::Base64::Perl
sub encode_b64 {
my $res = "";
my $eol = "\n";
my $padding;
pos($_[0]) = 0;
$res = join '',map(pack('u',$_)=~ /^.(\S*)/, ($_[0]=~/(.{1,45})/gs));
$res =~ tr|` -_|AA-Za-z0-9+/|;
$padding = (3-length($_[0])%3)%3;
$res =~ s/.{$padding}$/'=' x $padding/e if $padding;
return $res;
}