Gargoyle Forum

Posted: **Sat Mar 13, 2010 9:50 am**

I use v1.1.7, PPPoE and dynamic DNS and have not noticed any problem with updated.

Does it starting working for you again if you reboot your router?

Posted: **Thu Mar 25, 2010 8:06 am**

I put this thread up to report a possible ddns_updater bug

if the user above had a password contaning @ it seems that in all the @ query http/https involving @ (see ddns_providers.conf) update won't work because password is read truncated at first @ encountered

in fact if you use the same password with no-ip (which query doesn't contain @) the service works

I'm looking at the c code and in fact there should be the possibility

Posted: **Thu Mar 25, 2010 11:49 am**

You're right, there's a bug there.

The best way to fix it is to let do_line_substitution take an optional argument to escape things, and call it with that whenever substituting into a URL. However, there's also going to need to be a way to tell it not not escape certain variables, otherwise afraid.org support is going to break (it's a bit wierd).

I'm working on it.

Posted: **Thu Mar 25, 2010 1:26 pm**

another way is to get the password lenght and shift after username:

this was my first tought workaround

update: the same thing could happen with username and : separator

Posted: **Thu Mar 25, 2010 4:39 pm**

thanks for the high-speed update eric

new solution is already present on last commit snapshot

Posted: **Fri Mar 26, 2010 11:15 am**

Sorry Eric but there seems to be another issue

http_minimal_client.c

Code: Select all

plain_auth = dynamic_strcat(3, url->user, ":", url->password);

at this poin when forming user:pass string couple words are copied with meta substituted characters eg u%45ser pass%45word etc and it seems that if the couple i not on its readable form it fails the update

In fact, i tried to override the pass%45word writing directly:

Code: Select all

plain_auth = dynamic_strcat(3, url->user, ":", "pass@word");

and the upgrade went fine
is url_sub revertible ?

Posted: **Fri Mar 26, 2010 3:42 pm**

Yeah, I found that issue too -- that's the reason I never replied saying "it works" or released an update. I just haven't gotten around to including the code to unescape username/password in http_minimal_client quite yet (give me another day or two).

Posted: **Fri Mar 26, 2010 8:05 pm**

don't worry we're here to learn

anyway, if you find it helpful I've done some tries and found a possible solution included into this patch appended to last 779 snapshot

I't very simple, I've only moved a function from updater to minimal client because needed and added the conversion routine

deparserizing user/pass update should work as I've tested

Code: Select all

diff -urN trunk/package/ddns-gargoyle/src/ddns_updater.c trunk/package/ddns-gargoyle/src/ddns_updater.c
--- trunk/package/ddns-gargoyle/src/ddns_updater.c	2010-03-27 00:43:17.740206000 +0100
+++ trunk/package/ddns-gargoyle/src/ddns_updater.c	2010-03-27 00:45:35.196106014 +0100
@@ -141,7 +141,6 @@
 char* do_url_substitution(ddns_service_provider* def, ddns_service_config* config, char* current_ip);
 char* do_line_substitution(char* line, string_map* variables, string_map* escaped_variables);
 char *http_req_escape(char *unescaped);
-char *replace_str(char *s, char *old, char *new);
 
 
 int do_single_update(ddns_service_config *service_config, string_map *service_providers, char* remote_ip, char* local_ip, int force_update, int verbose);
diff -urN trunk/package/ddns-gargoyle/src/http_minimal_client.c trunk/package/ddns-gargoyle/src/http_minimal_client.c
--- trunk/package/ddns-gargoyle/src/http_minimal_client.c	2010-03-27 00:43:34.839840996 +0100
+++ trunk/package/ddns-gargoyle/src/http_minimal_client.c	2010-03-27 00:51:34.468062219 +0100
@@ -76,6 +76,7 @@
 static int read_http(void* connection_data, char* read_buffer, int read_length);
 static int write_http(void* connection_data, char* data, int data_length);
 static void destroy_connection_http(void* connection_data);
+static char* reverse_parse_word(char* word);
 
 //functions for actually performing http request
 static char* create_http_request(url_data* url);
@@ -408,13 +409,21 @@
 	if(url->user != NULL)
 	{
 		char* plain_auth = NULL;
+		char* userrevparsed = NULL;
+		char* passrevparsed = NULL;
 		if(url->password == NULL)
 		{
-			plain_auth = strdup(url->user);
+			userrevparsed = reverse_parse_word(url->user);
+			plain_auth = strdup(userrevparsed);
+			free(userrevparsed);
 		}
 		else
 		{
-			plain_auth = dynamic_strcat(3, url->user, ":", url->password);
+			userrevparsed = reverse_parse_word(url->user);
+			passrevparsed = reverse_parse_word(url->password);
+			plain_auth = dynamic_strcat(3, userrevparsed, ":", passrevparsed);
+			free(userrevparsed);
+			free(passrevparsed);
 		}
 		char* encoded_auth = encode_base_64_str(plain_auth, 999999);
 		
@@ -866,6 +875,27 @@
 	}
 }
 
+static char* reverse_parse_word(char* word) {  //substitute [%00 - %ff] with related Glyph char
+char* s;
+char* modword=strdup(word);
+
+	for(s=word;*s != '\0';s++) {  //analyze each single word character
+		if(*s == '%') {  //hex-encoded char founded
+		char old[4];
+		char new[2];
+		char* new_modword;
+		strncpy(old, s, 3);  //copy old hex code from word
+		old[3]='\0';  //make sure to terminate string after %xx (strncpy doesn't add '\0')
+		s+=2;  //point string over hex code (avoid 2 next useless checkouts)
+		sprintf(new, "%c", (old[1]>'9'?(old[1]&0xDF)-'A'+10:old[1]-'0')*16+(old[2]>'9'?(old[2]&0xDF)-'A'+10:old[2]-'0'));  //format conversion
+		new_modword = replace_str(modword, old, new);
+		free(modword);
+		modword = new_modword;
+		}
+	}
+return modword;  //remember to free this string
+}
+
 #ifdef HAVE_SSL
 
 static void* initialize_connection_https(char* host, int port)
diff -urN trunk/package/ddns-gargoyle/src/http_minimal_client.h trunk/package/ddns-gargoyle/src/http_minimal_client.h
--- trunk/package/ddns-gargoyle/src/http_minimal_client.h	2010-03-27 00:48:21.279840195 +0100
+++ trunk/package/ddns-gargoyle/src/http_minimal_client.h	2010-03-27 00:48:18.987919620 +0100
@@ -45,6 +45,7 @@
 http_response* get_url_str(char* url_str);
 http_response* get_url(url_data* url);
 void free_http_response(http_response* page);
+char *replace_str(char *s, char *old, char *new);
 
 
 #endif //end HTTP_MINIMAL_CLIENT_H

I hope it's readable, but I didn't find the way of appending files, so I've put it also here:
http://www.megaupload.com/?d=MS302OBC

Posted: **Mon Mar 29, 2010 8:53 am**

Should be fixed now.

The reason i didn't use your solution is that I wanted to refactor the dynamic dns code at the same time to address another issuethat I've been meaning to fix for a while, again with afraid.org (as I said, it's wierd).

The problem is that I need to fetch 2 urls for afraid.org, not one. To do this I assigned a meta-variable (which runs a shell script with user-defined variables to define another "meta" variable), to use wget to fetch the first url. Only problem is that the default wget can't handle encryption, making afraid.org the only provider that doesn't use https, and therefore less secure.

So, I split out the http_minimal_client library into a separate library, and link dynamically to it. I also created a small program called ewget (embedded wget) that links to that same library, and can be used to fetch the encrypted url from the meta-variable shell script.

In the process of doing all this I adjusted the ewget library to automatically unescape the user/password fields in the parse_url function. This is a better place for it than the create_http_request function, since that way the url_data (renamed to url_request now) structure contains the unescaped password, which makes more sense.

Posted: **Mon Mar 29, 2010 10:22 am**

are dyns.cx & everydns.net https too ? the ddns_providers.conf has http:// as url query string (maybe discontinued) ?

yeah solutions were identical: mine maybe is a bit more oriented to general purpose (it converts all the %00 %ff passed through), yours derives from the complementary one

but I hope this advice had been helpful: you got the occasion to implement the encrypted wget, always useful

Gargoyle Forum

Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working

Re: Dynamic DNS Stopped Working