Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Provide CSRF token for package uploads

This deals with a recent change to the AUR where we must append the
AURSID cookie as a field called 'token' in the POST request.
  • Loading branch information...
commit b2e067df6d243e168498ac96b1d33f49df9c3202 1 parent 5f8832f
@falconindy authored
Showing with 52 additions and 3 deletions.
  1. +19 −1 burp.c
  2. +30 −1 curl.c
  3. +3 −1 curl.h
View
20 burp.c
@@ -367,10 +367,28 @@ int main(int argc, char **argv) {
}
if (config->cookie_valid || aur_login() == 0) {
+ char *csrf_token;
+
+ /* booo, stupid hacks. curl doesn't prime curl_slist of cookies
+ * we want via CURLINFO_COOKIELIST until we call perform at least
+ * once. */
+ prime_cookielist();
+
+ csrf_token = get_csrf_token();
+ if (csrf_token == NULL) {
+ fprintf(stderr, "failed to obtain CSRF token for uploading\n");
+ goto finish;
+ }
+
ret = 0;
+
while (optind < argc) {
- ret += aur_upload(argv[optind++]);
+ int r = aur_upload(argv[optind++], csrf_token);
+ if (r != 0) {
+ ret = r;
+ }
}
+ free(csrf_token);
}
finish:
View
31 curl.c
@@ -102,6 +102,28 @@ void curl_cleanup() {
curl_global_cleanup();
}
+char *get_csrf_token() {
+ struct curl_slist *i, *cookielist = NULL;
+ char cname[256], token[256];
+
+ curl_easy_getinfo(curl, CURLINFO_COOKIELIST, &cookielist);
+ for (i = cookielist; i; i = i->next) {
+ int r = sscanf(i->data, "%*s\t%*s\t%*s\t%*s\t%*s\t%s\t%s", cname, token);
+ if (r != 2) {
+ continue;
+ }
+ if (strcmp(cname, "AURSID") != 0) {
+ continue;
+ }
+ debug("AURSID cookie found with value: %s\n", token);
+ break;
+ }
+
+ curl_slist_free_all(cookielist);
+
+ return strdup(token);
+}
+
long aur_login(void) {
long httpcode, ret = 0;
CURLcode status;
@@ -195,7 +217,12 @@ static char *strip_html_tags(const char *unsanitized, size_t len) {
return sanitized;
}
-long aur_upload(const char *taurball) {
+void prime_cookielist() {
+ curl_easy_setopt(curl, CURLOPT_URL, "file:///dev/null");
+ curl_easy_perform(curl);
+}
+
+long aur_upload(const char *taurball, const char *csrf_token) {
char *errormsg, *effective_url;
char category[3], errbuffer[CURL_ERROR_SIZE] = {0};
const char *display_name, *error_start, *error_end, *redir_page = NULL;
@@ -232,6 +259,8 @@ long aur_upload(const char *taurball) {
snprintf(category, 3, "%d", config->catnum);
curl_formadd(&post, &last, CURLFORM_COPYNAME, "category",
CURLFORM_COPYCONTENTS, category, CURLFORM_END);
+ curl_formadd(&post, &last, CURLFORM_COPYNAME, "token",
+ CURLFORM_COPYCONTENTS, csrf_token);
headers = curl_slist_append(headers, "Expect:");
View
4 curl.h
@@ -66,10 +66,12 @@ struct write_result {
};
int cookie_setup(void);
+char *get_csrf_token(void);
int curl_init(void);
void curl_cleanup(void);
long aur_login(void);
-long aur_upload(const char*);
+long aur_upload(const char*, const char*);
+void prime_cookielist(void);
#endif /* _BURP_CURL_H */
Please sign in to comment.
Something went wrong with that request. Please try again.