diff options
| author | KatolaZ <katolaz@freaknet.org> | 2018-07-23 17:19:22 +0100 | 
|---|---|---|
| committer | KatolaZ <katolaz@freaknet.org> | 2018-07-23 17:19:22 +0100 | 
| commit | 3a85f51e72909d82cd887efd1e364438ed766c91 (patch) | |
| tree | cedcc37700eaa771b4a43bf1451420515b2a11fa | |
| parent | 6ebc6b6d4fbd63428ea7c3e9f8e3bc18407600d9 (diff) | |
shellcheck on gosher -- a few checks disabled
| -rw-r--r-- | README.md | 37 | ||||
| -rwxr-xr-x | gosher | 53 | 
2 files changed, 49 insertions, 41 deletions
| @@ -23,19 +23,19 @@ gophermap.  ## Which netcat? -There are currently several different implementations of `netcat`, and -each of them works in a slightly different way and/or offers a different -set of options. For the sake of using `gosher`, the main issue is -whether your `netcat` implementation does exit or not when its standard -input gets closed.  Notably, the original `netcat` implementation by -hobbit@avian.org does **not** exit, while other common implementations -(OpenBSD `netcat`, `ncat` from the nmap project, and GNU `netcat`) -normally do.  The current version of `gosher` can work with different -implementations of `netcat`, provided that the variable `NETCAT` points -to the `netcat` version you want to use, and that the variable `STYLE` -in `gosher` is set correctly. In particular, `STYLE` can pe set equal to -either 'pipe' or 'fork'. Please check below what is the recommended -combination for your version of `netcat`: +There are currently several different implementations of `netcat(1)`, +and each of them works in a slightly different way and/or offers a +different set of options. For the sake of using `gosher`, the main issue +is whether your `netcat(1)` implementation does exit or not when its +standard input gets closed.  Notably, the original `netcat(1)` +implementation by hobbit@avian.org does **not** exit, while other common +implementations (OpenBSD `netcat(1)`, `ncat(1)` from the nmap project, +and GNU `netcat(1)`) normally do.  The current version of `gosher` can +work with different implementations of `netcat(1)`, provided that the +variable `NETCAT` points to the `netcat(1)` version you want to use, and +that the variable `STYLE` in `gosher` is set correctly. In particular, +`STYLE` can pe set equal to either 'pipe' or 'fork'. Please check below +what is the recommended combination for your version of `netcat(1)`:  	+----------------+--------------+--------------+  	| netcat version | STYLE='fork' | STYLE='pipe' | @@ -51,18 +51,19 @@ combination for your version of `netcat`:  the 'fork' mode is a potential security risk** -## Running `gosher` under `chroot` +## Running `gosher` under `chroot(8)` -In general, it makes sense to run a server in a `chroot` environment, to +In general, it makes sense to run a server in a `chroot(8)` environment, to  reduce the risks connected with remote exploits. If you would like to -run `gosher` under `chroot` be sure to have the following binaries (and +run `gosher` under `chroot(8)` be sure to have the following binaries (and  the corresponding libs) available in the chroot-ed environment:  ``` -	basename cat cut mkfifo netcat realpath rm sed sh +	basename(1) cat(1) cut(1) dirname(1) mkfifo(1) netcat(1) realpath(1) +	rm(1) sed(1) sh(1) which(1)  ``` -Obviously, `netcat` will be your preferred `netcat` implementation.  +Obviously, `netcat(1)` will be your preferred `netcat(1)` implementation.   ## Why `gosher`? @@ -58,13 +58,13 @@ DEBUG=  ## function  cleanup(){ -	[ -n "$INF"  ] &&  [ -p "$INF"  ] && rm -f ${INF} +	[ -n "$INF"  ] &&  [ -p "$INF"  ] && rm -f "${INF}"  	exit 1  } -MYNAME=$(basename $0) -MYDIR=$(dirname $(realpath $0)) -NETCAT=$(which $NETCAT) +MYNAME=$(basename "$0") +MYDIR=$(dirname "$(realpath "$0")") +NETCAT=$(which "$NETCAT")  if [ -z "${MYNAME#gosher}" ]; then  	## we are called as gosher -- launch the server @@ -72,27 +72,30 @@ if [ -z "${MYNAME#gosher}" ]; then  	PORT=${1:-70}  	GOPHERDIR=${2:-"./"} -	[ ! -f "${NETCAT}" -o ! -x "${NETCAT}" ] && { +	[ ! -f "${NETCAT}" ] || [ ! -x "${NETCAT}" ] && {  		echo "Wrong NETCAT -- Exiting" >&2  		exit 2  	} -	if [ -f "${MYDIR}/gosher_serve" -o -h "${MYDIR}/gosher_serve" ]; then +	if [ -f "${MYDIR}/gosher_serve" ] ||  [ -h "${MYDIR}/gosher_serve" ]; then  		GOSHER_SERVE="${MYDIR}/gosher_serve"  		trap cleanup 0 HUP INT TRAP TERM QUIT -		INF=${IPREFIX}$$ +		INF="${IPREFIX}$$"  		[ "$STYLE" = "pipe" ] && { -			mkfifo -m 600 $INF +			mkfifo -m 600 "$INF" +# shellcheck disable=SC2050  			while [ 1 -eq 1 ]; do -				${GOSHER_SERVE} ${GOPHERDIR} <$INF | ${NETCAT} -vvvvv -l -p ${PORT} >$INF +# shellcheck disable=SC2094 +				${GOSHER_SERVE} "${GOPHERDIR}" <"$INF" | ${NETCAT} -vvvvv -l -p "${PORT}" >"$INF"  			done  			rm -f $INF  			exit 0  		}  		[ "$STYLE" = 'fork' ] && { +# shellcheck disable=SC2050  			while [ 1 -eq 1 ]; do -				${NETCAT} -vv -l -p $PORT -c "${GOSHERSERVE} ${GOPHERDIR}" +				${NETCAT} -vv -l -p "$PORT" -c "${GOSHER_SERVE} ${GOPHERDIR}"  			done  			exit 0  		} @@ -115,6 +118,7 @@ fi  invalid_selector(){  	sel="$1"  	echo "3Error: Invalid selector: \"$sel\"" +# shellcheck disable=SC1117  	printf ".\r\n"  	exec 1>&-  	exec 2>&- @@ -139,19 +143,20 @@ serve_index(){          IDX=$1          IFS='  ' -        while read line; do -                rline=$(echo $line | sed -r -e 's/\r//g') -                case $rline in +        while read -r line; do +                rline=$(echo "$line" | sed -r -e 's/\r//g') +                case "$rline" in                          '['*) -                                echo $rline | sed -r -e 's/\[//g;s/\]//g;s/\|/\t/g;s/\t//;s/$/\r/g' +                                echo "$rline" | sed -r -e 's/\[//g;s/\]//g;s/\|/\t/g;s/\t//;s/$/\r/g'                          ;;                         t*) -                               echo $rline | cut -c 2- +                               echo "$rline" | cut -c 2-                         ;;                          *) -                                echo $line +                                echo "$line"                  esac -        done < $IDX +        done < "$IDX" +# shellcheck disable=SC1117  	printf ".\r\n"  	exec 1>&-  	exec 2>&- @@ -183,9 +188,9 @@ EOF  GOPHERDIR=${1:-"./"} -read selector +read -r selector -selector=$(echo $selector | sed -r 's:\$.*::g;s:\r::g' ) +selector=$(echo "$selector" | sed -r 's:\$.*::g;s:\r::g' )  [ -n "$DEBUG" ] && {  	echo "iGOPHERDIR: ${GOPHERDIR}" @@ -194,13 +199,15 @@ selector=$(echo $selector | sed -r 's:\$.*::g;s:\r::g' )  case $selector in  	URL:*) -		url=$(echo $selector | cut -d ":" -f 2-) -		serve_redirect $url +		url=$(echo "$selector" | cut -d ":" -f 2-) +		serve_redirect "$url"          ;;  	/?*|"")  		RP1=$(realpath "${GOPHERDIR}"/"${selector}" || "") +# shellcheck disable=SC2181  		[ $? -eq 0 ] || invalid_selector "$selector"  		RP2=$(realpath "${GOPHERDIR}")"${selector}" +# shellcheck disable=SC2181  		[ $? -eq 0 ] || invalid_selector "$selector"  		[ -n "$DEBUG" ] && {  			echo "iRP1: ${RP1}" @@ -209,8 +216,8 @@ case $selector in  		if [ "${RP1}" = "${RP2}" ]; then  			if [ -f "${RP1}" ]; then -				if [ -n "$(echo $RP1 | sed -n '/\.gph$/p')" ]; then  -					serve_index $RP1 +				if [ -n "$(echo "${RP1}" | sed -n '/\.gph$/p')" ]; then  +					serve_index "${RP1}"  				else  					serve_selector "${RP1}"  				fi | 
