5 $ENV{PATH} = "/usr/bin:/bin";
8 # if we are suid, set uid := euid
23 print "Content-type: text/plain\n\nd0er $err";
30 my $ip = $ENV{REMOTE_ADDR};
31 return 0 if -f "$dir/$ip";
37 my ($goodpatterns, $badpatterns, $list) = @_;
39 my $name = $ENV{REMOTE_HOST} . ".";
40 my $addr = $ENV{REMOTE_ADDR};
45 if($name =~ /^(??{$_})$/ || $addr =~ /^(??{$_})$/)
53 if($name =~ /^(??{$_})$/ || $addr =~ /^(??{$_})$/)
55 warn "$addr/$name blocked by $_";
61 my $h = gethostbyname $addr;
64 warn "$addr blocked by gethostbyname()";
68 my $blprefix = join '.', reverse unpack 'C4', $h;
73 my $hn = "$blprefix.$_.";
74 my $h2 = gethostbyname $hn;
77 my $h2_text = join '.', reverse unpack 'C4', $h2;
78 warn "$addr blocked by $hn -> $h2_text";
86 # create table ip ( id INT AUTO_INCREMENT PRIMARY KEY, ip VARCHAR(64), t DATETIME, error BOOLEAN, INDEX(ip), INDEX(t), INDEX(error) );
88 # CREATE TABLE ip ( id INT PRIMARY KEY generated always as identity, ip VARCHAR(64), t TIMESTAMP, error BOOLEAN );
89 # CREATE INDEX ip_index ON ip ( ip, t, error );
94 my ($DBH, $tbl, $ip) = @_;
96 #my $status = $DBH->selectrow_arrayref("select count(*) from $tbl where ip=? and error=false and t>date_sub(now(), interval 7 day)", undef, $ip)
98 my $status = $DBH->selectrow_arrayref("select count(*) from $tbl where ip=? and error=false and t>(now() - interval '7' day)", undef, $ip)
104 my ($DBH, $tbl, $ip) = @_;
106 #my $status = $DBH->selectall_arrayref("select error, t>date_sub(now(), interval 7 day) from $tbl where ip=?", undef, $ip)
108 my $status = $DBH->selectall_arrayref("select error, t>(now() - interval '7' day) from $tbl where ip=?", undef, $ip)
109 or die "DBI/DBD: $!";
112 if($status->[0][0] || !$status->[0][1]) # error, or after interval
114 $DBH->do("update $tbl set error=false, t=now() where ip=?", undef, $ip);
124 $DBH->do("insert into $tbl(ip, error, t) values(?, false, now())", undef, $ip);
130 my ($DBH, $tbl, $ip) = @_;
131 $DBH->do("update $tbl set error=true where ip=?", undef, $ip);
134 sub check_sql($$$$$$$$$)
136 my ($dsn, $u, $p, $tbl, $per32, $per24, $per16, $per8, $inc) = @_;
137 my $ip = $ENV{REMOTE_ADDR};
138 my $DBH = ($__CACHED_DBH__ ? $__CACHED_DBH__ : ($__CACHED_DBH__ = DBI->connect($dsn, $u, $p, { RaiseError => 1, AutoCommit => 0 })))
139 or die "DBI/DBD: $!";
141 # PostgreSQL defaults to utf8 everywhere so we don't need to set it
142 # MySQL defaults to latin1
143 #$DBH->do("set character set utf8");
144 #$DBH->do("set names utf8");
145 #$DBH->do("set time_zone = '+0:00'");
147 $DBH->do("SET TIME ZONE +0");
149 undef $__CACHED_DBH__;
154 delete_ip_record($DBH, $tbl, $ip);
161 my $status = check_ip_record($DBH, $tbl, $ip);
165 warn "$ip blocked by SQL";
171 my $status = insert_ip_record($DBH, $tbl, $ip);
176 warn "$ip blocked by SQL";
185 my $ip = $ENV{REMOTE_ADDR};
186 my @s = split /\n/, get $s;
190 if("$ip." =~ /^\Q$i\E\./)
192 warn "$ip blocked by SQL";
204 if((my $key = $cgi->param('key')))
209 my $ca = $cgi->param('ca');
210 $ca = $default_ca if not defined $ca;
211 error "Invalid CA" if not defined $ca{$ca};
212 error "Not allowed" if not $ca{$ca}->{check}->(1);
216 $tempfh = File::Temp->new();
218 my $fh = $cgi->upload('key');
222 print $tempfh $_ for <$fh>;
227 $key = decode_base64($key);
232 $ENV{REQUESTFILE} = $tempfh->filename;
233 $ENV{RESPONSEFILE} = $tempfh->filename;
234 $ENV{SECRET} = "key_$ca.d0sk";
235 open my $errfh, '-|', './crypto-keygen-standalone -P "$SECRET" -j "$REQUESTFILE" -o "$RESPONSEFILE" 2>&1'
236 or die "cannot start crypto-keygen-standalone";
239 or die "crypto-keygen-standalone failed: $err";
244 $ca{$ca}->{check}->(-1);
248 print "Content-type: application/octet-stream\n\n";
255 Content-type: text/html
260 <title>Xonotic keygen</title>
263 <h1>Xonotic keygen</h1>
264 <form action="response.d0ir" method="post" enctype="multipart/form-data">
265 To generate and sign a key IN GAME, follow these steps on the console:
267 <li>crypto_keygen $default_ca http://ca.xonotic.org/?ca=$default_ca&key=</li>
269 To generate and sign a key MANUALLY, follow these steps on a UNIX command line:
271 <li>./crypto-keygen-standalone -p key_$default_ca.d0pk -o key_$default_ca.d0si</li>
272 <li>./crypto-keygen-standalone -p key_$default_ca.d0pk -I key_$default_ca.d0si -o request.d0iq -O camouflage.d0ic
273 <li>Upload the request.d0iq file: <input type="file" name="key"><input type="submit"></li>
274 <li>Save the response.d0ir file you are getting</li>
275 <li>./crypto-keygen-standalone -p key_$default_ca.d0pk -I key_$default_ca.d0si -c camouflage.d0ic -J response.d0ir -o key_$default_ca.d0si</li>
276 <li>Delete request.d0iq, camouflage.d0ic, response.d0ir</li>
278 Your key_$default_ca.d0si key is now signed.
280 To use another CA, please enter its number here before using this page:
281 <input type="text" name="ca" value="$default_ca" size="2">
283 REMOTE_HOST=$ENV{REMOTE_HOST}<br>
284 REMOTE_ADDR=$ENV{REMOTE_ADDR}