Implement handler for letsencrypt ACME challenges. - bitreich-httpd - Bitreich HTTPD service HTML git clone git://bitreich.org/bitreich-httpd git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/bitreich-httpd DIR Log DIR Files DIR Refs DIR Tags DIR README DIR LICENSE --- DIR commit d0062f038d181b8d5eb150003ea7b50bcb5330f3 DIR parent a0590477c4c74d7111a031a4cb1c9e5d61ff3044 HTML Author: parazyd <parazyd@dyne.org> Date: Fri, 28 Oct 2022 15:07:04 +0200 Implement handler for letsencrypt ACME challenges. Signed-off-by: Christoph Lohmann <20h@r-36.net> Diffstat: M bitreich-httpd.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) --- DIR diff --git a/bitreich-httpd.c b/bitreich-httpd.c @@ -105,8 +105,8 @@ servefile(char *path, char *ctype, int sock) int main(int argc, char *argv[]) { - char *wwwbase, *wwwindex, request[512], *ctype, *path, - clienth[NI_MAXHOST], clientp[NI_MAXSERV], *zuccbase; + char *wwwbase, *wwwindex, request[512], *ctype, *path, *le_file, + *le_base, clienth[NI_MAXHOST], clientp[NI_MAXSERV], *zuccbase; int rlen; struct sockaddr_storage clt; socklen_t cltlen = sizeof(clt); @@ -115,6 +115,7 @@ main(int argc, char *argv[]) wwwbase = "/bitreich/www"; wwwindex = "index.html"; + le_base = "/br/www/uacme"; zuccbase = "/br/www/zuccless"; if (!getpeername(0, (struct sockaddr *)&clt, &cltlen)) { @@ -166,6 +167,19 @@ main(int argc, char *argv[]) sleep(1); asprintf(&path, "%s/s/yolo-css.css", wwwbase); ctype = "text/css"; + } else if ((le_file = strstr(request, ".well-known/acme-challenge/"))) { + /* Setup for Letsencrypt */ + le_file += strlen(".well-known/acme-challenge/"); + char *requested = strtok(le_file, " "); + if (strchr(requested, '/') != NULL) { + /* Get Zucced, no path exploitation. */ + asprintf(&path, "%s/zucc-job.webm", zuccbase); + ctype = "video/webm"; + } else { + /* Seems legit. */ + asprintf(&path, "%s/%s", le_base, requested); + ctype = "text/plain"; + } } else { if (strstr(request, "zuccless.org")) { tim = time(NULL);