So, it's time to add some kind of interface to push messages to skype-daemon. I'll use small but powerful enough cgi-supporting mini-httpd. Mini-httpd used in many soho routers in embedded environments since early 2000-s i think. So it's proofed itself to be stable and secure.
I would use this server as cgi-server for my dirty-written bash scripts :)
Install mini-httpd:
root@skype:/# aptitude install mini-httpdModify config file: /etc/mini-httpd.conf
port=8880 user=skype chroot dir=/home/skype/ data_dir=/cgi cgipat=*.cgi logfile=/home/skype/mini-httpd.log pidfile=/home/skype/mini-httpd.pid charset=utf-8Runit-script: /etc/sv/mini-httpd/run
#!/bin/bash TIME="Finished. Process took %E. %P CPU was eaten. %MK memory was used." # time stuff name=`basename $(dirname $(pwd)/fake)` # ugly hack workingdir="/home/skype/" command="/usr/sbin/mini-httpd -C /etc/mini-httpd.conf -D" exec 2>&1 echo starting $name... export TIME set -x cd $workingdir exec chpst -v time $commandDon't forget to enable runit-job for mini-httpd.
Create needed directories:
root@skype:/# su - skype skype@skype:~$ mkdir -p /home/skype/cgi/ skype@skype:~$ cd /home/skype/cgi/Create web cgi scripts(and don't forget to set executable bit on them) sendim.cgi
#!/bin/bash printf "Content-type: text/html\n\n" set -- $QUERY_STRING ../addcontact.sh "$1"index.cgi
#!/bin/bash printf "Content-type: text/html\n\n" echo "Go away"sendim.cgi
#!/bin/bash
if [ "$REQUEST_METHOD" = "POST" ]; then
if [ "$CONTENT_LENGTH" -gt 0 ]; then
read -n $CONTENT_LENGTH POST_DATA <&0
fi
else
printf "Content-type: text/html\n\n"
echo "use POST"
exit 0
fi
printf "Content-type: text/html\n\n"
set -- $QUERY_STRING
../sendim.sh "$1" "$POST_DATA"
Test it! Run from your main computer's console:
~ $ curl -d "Hello from curl" 'http://ipaddress:8880/sendim.cgi?skypename'Test auth request script:
~ $ curl 'http://ipaddress:8880/addcontact.cgi?skypename'That's it. Skype server is ready to serve you! PS These scripts could contain some vulnerables, because i didn't validate input at all, so allow access to web-server on your firewall(iptables) only for trusted networks. If you found vulns and know how to fix them, feel free to contact me in comments.
Комментариев нет:
Отправить комментарий