DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

Update to SVR.JS 3.14.1

Browse source
This commit is contained in:
Dorian Niemiec 2024-02-02 20:07:11 +01:00
parent 91f2d3b50f
commit 06712f35b5
5 changed files with 175 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
index.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.14.0</title>
<title>SVR.JS 3.14.1</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,7 +12,7 @@
</style>
</head>
<body>
<h1>Welcome to SVR.JS 3.14.0</h1>
<h1>Welcome to SVR.JS 3.14.1</h1>
<br/>
<img src="/logo.png" style="width: 256px;" />
<br/>
@ -134,9 +134,8 @@
</div>
<p>Changes:</p>
<ul>
<li>Added new <i>config.json</i> properties: <i>useClientCertificate</i>, <i>rejectUnauthorizedClientCertificates</i>, <i>cipherSuite</i>, <i>ecdhCurve</i>, <i>tlsMinVersion</i>, <i>tlsMaxVersion</i>, <i>signatureAlgorithms</i> and <i>http2Settings</i>.</li>
<li>Added support for web root postfixes (along with postfix prefixes).</li>
<li>Custom head and foot inclusion is now returning 500 error in case of server error instead of crashing the server.</li>
<li>Added support for IP-based virtual hosts.</li>
<li>Fixed SVR.JS crashes with <i>X-SVR-JS-From-Main-Thread</i> header and unknown client IPs.</li>
</ul>
<br/>
<a href="/tests.html">Tests</a><br/>

8
licenses/index.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.14.0 Licenses</title>
<title>SVR.JS 3.14.1 Licenses</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,8 +12,8 @@
</style>
</head>
<body>
<h1>SVR.JS 3.14.0 Licenses</h1>
<h2>SVR.JS 3.14.0</h2>
<h1>SVR.JS 3.14.1 Licenses</h1>
<h2>SVR.JS 3.14.1</h2>
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
MIT License<br/>
<br/>
@ -37,7 +37,7 @@
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
SOFTWARE.<br/>
</div>
<h2>Packages used by SVR.JS 3.14.0</h2>
<h2>Packages used by SVR.JS 3.14.1</h2>
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
<div style="float: right;">License: MIT</div>
<div style="font-size: 20px;">

BIN
mods/easteregg.tar.gz
View file

Binary file not shown.

155
svr.js
View file

@ -69,7 +69,7 @@ function deleteFolderRecursive(path) {
}
var os = require("os");
var version = "3.14.0";
var version = "3.14.1";
var singlethreaded = false;
if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions
@ -306,7 +306,7 @@ function generateETag(filePath, stat) {
return ETagDB[filePath + "-" + stat.size + "-" + stat.mtime];
}
// Brute force-related
// Brute force protection-related
var bruteForceDb = {};
// PBKDF2/scrypt cache
@ -321,6 +321,7 @@ var reallyExiting = false;
var crashed = false;
var threadLimitWarned = false;
// SVR.JS worker forking function
function SVRJSFork() {
// Log
if (SVRJSInitialized) serverconsole.locmessage("Starting next thread, because previous one hung up/crashed...");
@ -531,7 +532,85 @@ function createRegex(regex, isPath) {
return new RegExp(searchString, modifiers);
}
function checkForEnabledDirectoryListing(hostname) {
// Function to check if IPs are equal
function ipMatch(IP1, IP2) {
if (!IP1) return true;
if (!IP2) return false;
// Function to normalize IPv4 address (remove leading zeros)
function normalizeIPv4Address(address) {
return address.replace(/(^|\.)(?:0(?!\.|$))+/g, "");
}
// Function to expand IPv6 address to full format
function expandIPv6Address(address) {
var fullAddress = "";
var expandedAddress = "";
var validGroupCount = 8;
var validGroupSize = 4;
var ipv4 = "";
var extractIpv4 = /([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})/;
var validateIpv4 = /((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})/;
if (validateIpv4.test(address)) {
var oldGroups = address.match(extractIpv4);
for (var i = 1; i < oldGroups.length; i++) {
ipv4 += ("00" + (parseInt(oldGroups[i], 10).toString(16))).slice(-2) + (i == 2 ? ":" : "");
}
address = address.replace(extractIpv4, ipv4);
}
if (address.indexOf("::") == -1) {
fullAddress = address;
} else {
var sides = address.split("::");
var groupsPresent = 0;
sides.forEach(function (side) {
groupsPresent += side.split(":").length;
});
fullAddress += sides[0] + ":";
if (validGroupCount - groupsPresent > 1) {
fullAddress += "0000:".repeat(validGroupCount - groupsPresent);
}
fullAddress += sides[1];
}
var groups = fullAddress.split(":");
for (var i = 0; i < validGroupCount; i++) {
if (groups[i].length < validGroupSize) {
groups[i] = "0".repeat(validGroupSize - groups[i].length) + groups[i];
}
expandedAddress += (i != validGroupCount - 1) ? groups[i] + ":" : groups[i];
}
return expandedAddress;
}
// Normalize or expand IP addresses
IP1 = IP1.toLowerCase();
if (IP1 == "localhost") IP1 = "::1";
if (IP1.indexOf("::ffff:") == 0) IP1 = IP1.substr(7);
if (IP1.indexOf(":") > -1) {
IP1 = expandIPv6Address(IP1);
} else {
IP1 = normalizeIPv4Address(IP1);
}
IP2 = IP2.toLowerCase();
if (IP2 == "localhost") IP2 = "::1";
if (IP2.indexOf("::ffff:") == 0) IP2 = IP2.substr(7);
if (IP2.indexOf(":") > -1) {
IP2 = expandIPv6Address(IP2);
} else {
IP2 = normalizeIPv4Address(IP2);
}
// Check if processed IPs are equal
if (IP1 == IP2) return true;
else return false;
}
function checkForEnabledDirectoryListing(hostname, localAddress) {
function matchHostname(hostnameM) {
if (typeof hostnameM == "undefined" || hostnameM == "*") {
return true;
@ -550,7 +629,7 @@ function checkForEnabledDirectoryListing(hostname) {
if (!configJSON.enableDirectoryListingVHost) return main;
var vhostP = null;
configJSON.enableDirectoryListingVHost.every(function (vhost) {
if (matchHostname(vhost.host)) {
if (matchHostname(vhost.host) && ipMatch(vhost.ip, localAddress)) {
vhostP = vhost;
return false;
} else {
@ -757,7 +836,7 @@ function ipBlockList(rawBlockList) {
// Normalize or expand the IP address
rawValue = rawValue.toLowerCase();
if (rawValue == "localhost") rawValue = "127.0.0.1";
if (rawValue == "localhost") rawValue = "::1";
if (rawValue.indexOf("::ffff:") == 0) rawValue = rawValue.substr(7);
if (rawValue.indexOf(":") > -1) {
isIPv6 = true;
@ -854,6 +933,7 @@ function calculateNetworkIPv4FromCidr(ipWithCidr) {
}).join(".");
}
// IP and network inteface-related
var ifaces = {};
var ifaceEx = null;
try {
@ -864,11 +944,7 @@ try {
var ips = [];
var brdIPs = ["255.255.255.255", "127.255.255.255", "0.255.255.255"];
var netIPs = ["127.0.0.0"];
var attmts = 5;
var attmtsRedir = 5;
var errors = os.constants.errno;
var timestamp = new Date().getTime();
var wwwredirect = false;
Object.keys(ifaces).forEach(function (ifname) {
var alias = 0;
ifaces[ifname].forEach(function (iface) {
@ -885,6 +961,7 @@ Object.keys(ifaces).forEach(function (ifname) {
alias++;
});
});
if (ips.length == 0) {
Object.keys(ifaces).forEach(function (ifname) {
var alias = 0;
@ -901,9 +978,20 @@ if (ips.length == 0) {
});
});
}
// Server startup attempt counter
var attmts = 5;
var attmtsRedir = 5;
// Some variables...
var errors = os.constants.errno;
var timestamp = new Date().getTime();
// Server IP address
var host = ips[(ips.length) - 1];
if (!host) host = "[offline]";
// Public IP address-related
var ipRequestCompleted = false;
var ipRequestGotError = false;
if (host != "[offline]" || ifaceEx) {
@ -1060,11 +1148,11 @@ if (fs.existsSync(__dirname + "/config.json")) {
}
} catch (err) {
configJSONRErr = err2;
// throw new Error("Cannot read JSON file.");
}
}
// Default server configuration properties
var wwwredirect = false;
var rawBlackList = [];
var users = [];
var page404 = "404.html";
@ -1199,6 +1287,7 @@ try {
if (vnum === undefined) vnum = 0;
if (process.isBun) vnum = 64;
// SVR.JS path sanitizer function
function sanitizeURL(resource) {
if (resource == "*") return "*";
if (resource == "") return "";
@ -1231,6 +1320,7 @@ function sanitizeURL(resource) {
else return sanitizedResource;
}
// Node.JS mojibake URL fixing function
function fixNodeMojibakeURL(string) {
var encoded = "";
@ -1249,6 +1339,7 @@ function fixNodeMojibakeURL(string) {
});
}
// SSL-related
var key = "";
var cert = "";
@ -1403,7 +1494,7 @@ var serverconsole = {
}
};
// Wrap around process.exit, so log contents can flush.
// Wrap around process.exit, so that log contents can be flushed.
process.unsafeExit = process.exit;
process.exit = function (code) {
if (logFile && logFile.writable && !logFile.pending) {
@ -1438,6 +1529,7 @@ process.exit = function (code) {
}
};
// SVR.JS mod loader
var modLoadingErrors = [];
var SSJSError = undefined;
@ -1742,6 +1834,7 @@ function sha256(s) {
}
}
// Function to get URL path for use in forbidden path adding.
function getInitializePath(to) {
var cwd = process.cwd();
if (os.platform() == "win32") {
@ -1758,6 +1851,7 @@ function getInitializePath(to) {
}
}
// Function to check if URL path name is a forbidden path.
function isForbiddenPath(decodedHref, match) {
var forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false;
@ -1772,6 +1866,7 @@ function isForbiddenPath(decodedHref, match) {
return false;
}
// Function to check if URL path name is index of one of defined forbidden paths.
function isIndexOfForbiddenPath(decodedHref, match) {
var forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false;
@ -1786,7 +1881,6 @@ function isIndexOfForbiddenPath(decodedHref, match) {
return false;
}
// Set up forbidden paths
var forbiddenPaths = {};
@ -1864,7 +1958,7 @@ var serverErrorDescs = {
599: "The server couldn't connect in time while it was acting as a proxy."
};
// Create server
// Create server instances
if (!cluster.isPrimary) {
var reqcounter = 0;
var malformedcounter = 0;
@ -2799,7 +2893,7 @@ if (!cluster.isPrimary) {
if (configJSON.customHeadersVHost) {
var vhostP = null;
configJSON.customHeadersVHost.every(function (vhost) {
if (matchHostname(vhost.host)) {
if (matchHostname(vhost.host) && ipMatch(vhost.ip, req.socket ? req.socket.localAddress : undefined)) {
vhostP = vhost;
return false;
} else {
@ -2875,7 +2969,7 @@ if (!cluster.isPrimary) {
}
}
if (req.headers["x-svr-js-from-main-thread"] == "true" && (!req.socket.remoteAddress || req.socket.remoteAddress == "::1" || req.socket.remoteAddress == "::ffff:127.0.0.1" || req.socket.remoteAddress == "127.0.0.1" || req.socket.remoteAddress == "localhost" || req.socket.remoteAddress == host || req.socket.remoteAddress == "::ffff:" + host)) {
if (req.headers["x-svr-js-from-main-thread"] == "true" && req.socket && (!req.socket.remoteAddress || req.socket.remoteAddress == "::1" || req.socket.remoteAddress == "::ffff:127.0.0.1" || req.socket.remoteAddress == "127.0.0.1" || req.socket.remoteAddress == "localhost" || req.socket.remoteAddress == host || req.socket.remoteAddress == "::ffff:" + host)) {
var headers = getCustomHeaders();
res.writeHead(204, "No Content", headers);
res.end();
@ -3067,7 +3161,7 @@ if (!cluster.isPrimary) {
return;
}
if (list[_i].scode != errorCode || !matchHostname(list[_i].host)) {
if (list[_i].scode != errorCode || !(matchHostname(list[_i].host) && ipMatch(list[_i].ip, req.socket ? req.socket.localAddress : undefined))) {
getErrorFileName(list, callback, _i + 1);
return;
} else {
@ -3286,7 +3380,7 @@ if (!cluster.isPrimary) {
}
}
// URL-related objects.
var uobject = parseURL(req.url);
var search = uobject.search;
var href = uobject.pathname;
@ -3303,6 +3397,7 @@ if (!cluster.isPrimary) {
}
if (req.headers["expect"] && req.headers["expect"] != "100-continue") {
// Expectations not met.
callServerError(417);
return;
}
@ -3427,11 +3522,6 @@ if (!cluster.isPrimary) {
return;
}
/////////////////////////////////////////////
////THERE IS NO MORE "THE BOOK OF ZSOIE"!////
//// But it's in easteregg.tar.gz mod... ////
/////////////////////////////////////////////
var pth = decodeURIComponent(href).replace(/\/+/g, "/").substr(1);
var readFrom = "./" + pth;
fs.stat(readFrom, function (err, stats) {
@ -3516,7 +3606,7 @@ if (!cluster.isPrimary) {
function properDirectoryListingAndStaticFileServe() {
if (stats.isDirectory()) {
// Check if directory listing is enabled in the configuration
if (checkForEnabledDirectoryListing(req.headers.host)) {
if (checkForEnabledDirectoryListing(req.headers.host, req.socket ? req.socket.localAddress : undefined)) {
var customHeaders = getCustomHeaders();
customHeaders["Content-Type"] = "text/html; charset=utf-8";
res.writeHead(200, http.STATUS_CODES[200], customHeaders);
@ -4185,7 +4275,7 @@ if (!cluster.isPrimary) {
return;
}
// Handle redirects to addresses with www.
// Handle redirects to addresses with "www." prefix
if (wwwredirect) {
var hostname = req.headers.host.split[":"];
var hostport = null;
@ -4220,7 +4310,7 @@ if (!cluster.isPrimary) {
doCallback = false;
break;
}
if (matchHostname(mapEntry.host) && address.match(createRegex(mapEntry.definingRegex)) && !(mapEntry.isNotDirectory && _fileState == 2) && !(mapEntry.isNotFile && _fileState == 1)) {
if (matchHostname(mapEntry.host) && ipMatch(mapEntry.ip, req.socket ? req.socket.localAddress : undefined) && address.match(createRegex(mapEntry.definingRegex)) && !(mapEntry.isNotDirectory && _fileState == 2) && !(mapEntry.isNotFile && _fileState == 1)) {
try {
mapEntry.replacements.forEach(function (replacement) {
rewrittenURL = rewrittenURL.replace(createRegex(replacement.regex), replacement.replacement);
@ -4284,7 +4374,7 @@ if (!cluster.isPrimary) {
}
});
wwwrootPostfixesVHost.every(function (postfixEntry) {
if (matchHostname(postfixEntry.host) && !(postfixEntry.skipRegex && req.url.match(createRegex(postfixEntry.skipRegex)))) {
if (matchHostname(postfixEntry.host) && ipMatch(postfixEntry.ip, req.socket ? req.socket.localAddress : undefined) && !(postfixEntry.skipRegex && req.url.match(createRegex(postfixEntry.skipRegex)))) {
urlWithPostfix = postfixPrefix + "/" + postfixEntry.postfix + urlWithPostfix;
return false;
} else {
@ -4446,7 +4536,7 @@ if (!cluster.isPrimary) {
// Scan for non-standard codes
if (!isProxy && nonStandardCodes != undefined) {
for (var i = 0; i < nonStandardCodes.length; i++) {
if (matchHostname(nonStandardCodes[i].host)) {
if (matchHostname(nonStandardCodes[i].host) && ipMatch(nonStandardCodes[i].ip, req.socket ? req.socket.localAddress : undefined)) {
var isMatch = false;
if (nonStandardCodes[i].regex) {
// Regex match
@ -4794,12 +4884,14 @@ if (!cluster.isPrimary) {
var closedMaster = true;
// IPC listener for server listening signalization
function listenConnListener(msg) {
if (msg == "\x12LISTEN") {
listeningMessage();
}
}
// IPC listener for brue force protection
function bruteForceListenerWrapper(worker) {
return function bruteForceListener(message) {
var ip = "";
@ -4834,6 +4926,7 @@ function bruteForceListenerWrapper(worker) {
var isWorkerHungUpBuff = true;
var isWorkerHungUpBuff2 = true;
// General IPC message listener
function msgListener(msg) {
for (var i = 0; i < Object.keys(cluster.workers).length; i++) {
if (msg == "\x12END") {
@ -5813,20 +5906,22 @@ if (cluster.isPrimary || cluster.isPrimary === undefined) {
process.exit();
});
} else {
// Crash handler
process.on("uncaughtException", function (err) {
// CRASH HANDLER
serverconsole.locerrmessage("SVR.JS worker just crashed!!!");
serverconsole.locerrmessage("Stack:");
serverconsole.locerrmessage(generateErrorStack(err));
process.exit(err.errno);
});
process.on("unhandledRejection", function (err) {
// CRASH HANDLER
serverconsole.locerrmessage("SVR.JS worker just crashed!!!");
serverconsole.locerrmessage("Stack:");
serverconsole.locerrmessage(err.stack ? generateErrorStack(err) : String(err));
process.exit(err.errno);
});
// Warning handler
process.on("warning", function (warning) {
serverconsole.locwarnmessage(warning.message);
if (warning.stack) {

4
tests.html
View file

@ -1,7 +1,7 @@
<!DOCTYPE html>
<html>
<head>
<title>SVR.JS 3.14.0 Tests</title>
<title>SVR.JS 3.14.1 Tests</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" />
<style>
@ -12,7 +12,7 @@
</style>
</head>
<body>
<h1>SVR.JS 3.14.0 Tests</h1>
<h1>SVR.JS 3.14.1 Tests</h1>
<h2>Directory (without trailing slash)</h2>
<iframe src="/testdir" width="50%" height="300px"></iframe>
<h2>Directory (with query)</h2>