Merge CVS history #1

Open
wants to merge 80 commits into
from

Projects

None yet

1 participant

@fwolf
fwolf commented Oct 16, 2013

I have done a new cvs export job using https://github.com/rcls/crap, got all commit history from sourceforge.net/snoopy, and then merged with your modified README.md.

During merge, sourceforge version seems newer in version(1.2.5-dev) and some author mail address.

Although this class has not much usage because there are curl already, I think keep a copy here is good for some old project.

andrei and others added some commits Feb 3, 2000
@fwolf andrei Initial revision 73a6e70
@fwolf andrei *** empty log message *** 041e90d
@fwolf andrei *** empty log message *** 8bb5c7e
@fwolf andrei Make proper distribution. 06bc160
@fwolf mohrt fixed bug with retrieved headers, released v0.91 04561d4
@fwolf mohrt fixed MS server bug, added cookie passing in redirects and following …
…frames
291f351
@fwolf mohrt updated README version number 0375039
@fwolf mohrt added $lastredirectaddr to the variable list 25aa1cc
@fwolf mohrt fixed bug with hostname match in a redirect location header 07ab854
@fwolf mohrt fixed redirect bug, added $lastredirectaddr 4b240e4
@fwolf mohrt fix _check_timeout call to respect timeout setting of 0 (ignore) 7c5038f
@fwolf andrei Removed call-by-reference at call time. 3b22bc8
@fwolf andrei Made it possible to POST arrays. 1d5f6c3
@fwolf mohrt fix up fetchform logic 4b1b938
@fwolf mohrt fixed bug in fetchform regex 38be35a
@fwolf mohrt updated frame issues in class 2fedcc7
@fwolf andrei Added file upload capability. 990ce5c
@fwolf andrei *** empty log message *** c9948c2
@fwolf mohrt allow spaces in < a href > for striplinks f41eef8
@fwolf mohrt fixed & in curl URL 93e063b
@fwolf mohrt fixed problem with curl, removed single quotes 9ae9ce8
@fwolf andrei Use Set-Cookie for setting cookies and terminate them with semicolons. 9c9825a
@fwolf andrei Various fixes. ada6f36
@fwolf mohrt added carriage return along with newline for headers. Some servers ha…
…d problems with this, such as slashdot.org
8a8f95e
@fwolf mohrt removed GET / HTTP/1.0 header for curl fetched documents 3b81cc4
@fwolf mohrt update changelog 25a2925
@fwolf mohrt removed semi-colon from cookie values b80ff6b
@fwolf mohrt fixed bug where text lies inside of <a href or <frame src f3b05c0
@fwolf mohrt fixed muliple cookie problem 3436719
@fwolf mohrt added textarea to stripform functionality facbf0f
@fwolf mohrt added items to search/replace 1671177
@fwolf mohrt fixed problem with PHP 4.3.2 and fread() call 80bd7a8
@fwolf mohrt commit 1.01 changes 673dc4a
@fwolf mohrt fixed post data array problem cc6b06c
@fwolf mohrt added proxy user/pass support f986d9f
@fwolf mohrt fix URL to sourceforge 92e9b2d
@fwolf gene_wood Fix for BUG # 852993 : double urlencoding breaks redirect WITH FIX! 363840d
@fwolf gene_wood Fix for BUG # 859711 : typo: http://snoopy.sourceforge.com 5a23cb2
@fwolf gene_wood Fix for BUG # 929682 : Called undefined function is_executable() on l…
…ine 194.
e1d3c83
@fwolf gene_wood Fix for BUG # 929682 : Called undefined function is_executable() on l…
…ine 194.
3ff0dce
@fwolf gene_wood fixed BUG # 858526 : win32 tmp/$headerfile create error
Changed the definition of $headerfile from uniqid(time()) to tempnam("/tmp", "sno")
Also changed all instances of
/tmp/$headerfile
to
$headerfile

This is to allow php to provide the temporary directory name for us, instead of hard coding it to /tmp

This is done with the tempnam function

I've set it up so that it by default tries /tmp as it's temp directory but will use something else if it can't (for example in windows). I've set it to prefix it's temporary file with the letters sno (for snoopy)
9f0f1e9
@fwolf gene_wood fixed BUG # 858526 : win32 tmp/$headerfile create error f0e9185
@fwolf gene_wood updated to reflect new naming of snoopy class file from Snoopy.class.…
…inc to Snoopy.class.php
4b973a9
@fwolf gene_wood Fixing BUG # 912060 Undefined variable: postdata
The postdata variable isn't initialized in the _prepare_post_body() function causing a "Notice" error.
72985c1
@fwolf gene_wood Grammar corrections 145a079
@fwolf gene_wood Fix for BUG 626849 submitted by Tajh Leitso Corrects the redirect fun…
…ction under the submit functions. When submitting (POST) if a redirect is encountered, it is assumed to also be a POST.

This fix allows for a redirect from a POST to lead to a page that should be pulled with a GET
9f21e96
@fwolf gene_wood Fix for BUG 626849 submitted by Tajh Leitso Removes quotes from an ht…
…tps url to prevent escaping from the curl command line and executing commands.

Also added a temp_dir variable instead of hardcoding the temporary file with the curl command in it to /tmp
bf30d43
@fwolf gene_wood Updated with new temp_dir variable 3d22333
@fwolf gene_wood Fixes BUG 642958 and 912060 Checks to see if $URI_PARTS["query"] is s…
…et and if it isn't, set's it to ''
99f97fc
@fwolf gene_wood Fixed bug 999079 .This is caused by the preg_replace functions in the…
… _exapandlinks function.

I tried to decode which regex was causing this but was
unable to, so I just added an additional regex to remove the
trailing slash from the URI before the page is concatenated
onto the end of it.
My new regex is :

		$match = preg_replace("|/$|","",$match);

This isn't elegant but it works. If anyone wants to
determine which of the 6 other regexes being run is causing
the double slashes, I'd be happy to fix it and take out my
additional line of code.
5b1d097
@fwolf gene_wood Fixed BUG 1014823
Meta redirect regex inaccurate

The original regex was expecting 1 or more whitespaces between the semicolon and the URL in the http refresh. This is not always that case.

;[\s]+

The new line expects 0 or more whitespaces between the semicolon and the URL

;[\s]*
c3bf47c
@fwolf gene_wood Added myself b214248
@fwolf gene_wood Updated with version 1.1 changes 388a641
@fwolf gene_wood Corrected to reflect Snoopy.class.php instead of Snoopy.class.inc 50f1db2
@fwolf gene_wood Updated for release v 1.1 0b8fe97
@fwolf gene_wood Removed bogus .cvsignore 748cc67
@fwolf gene_wood 1.2 not 1.1 6bcc956
@fwolf gene_wood updated to v 1.2 f8c880f
@fwolf gene_wood added comment to function submit 5e1bc7c
@fwolf gene_wood Fixed BUG # 1097134 $URI_PARTS["path"] can be undefined, generating a…
… "notice" level error.
b9e388f
@fwolf gene_wood BUG # 1097134 356dc7f
@fwolf gene_wood Bug fix of Bug # 864047 pertaining to Root relative links and the _ex…
…pandlinks function.

Root relative links are treated as relative
Snoopy is treating root relative links as relative.

When a page at domain.com/foo/bar/page1.htm has a link
like /foo/bar/page2.htm then Snoopy returns the link to
page 2 as: domain.com/foo/bar/foo/bar/page2.htm instead
of domain.com/foo/bar/page2.htm
198a8e3
@fwolf gene_wood Fixed Bug # 1077870
Snoopy now allows a meta refresh tag to have any number of spaces between the semicolon following the refresh delay and the URL= value.
8cb84e4
@fwolf gene_wood Bug Fix # 1086830
Added :
if($this->lastredirectaddr)
	$URI = $this->lastredirectaddr;

into the fetchlinks, submitlinks and submitext functions to properly expandlinks after a redirect.

Also modified the documentation at the beginning of the file indicating which functions use expandlinks
010dc4a
@fwolf gene_wood Security fix for potential arbitrary command exploit. The http header…
…s in the https curl request weren't being checked for double quotes (the URI was, but not the headers).

Here's the description of the exploit from SEC.

SEC-CONSULT Security Advisory < 2005xxxx-0 >
======================================================================
                  title: Snoopy Remote Code Execution Vulnerability
                program: Snoopy PHP Webclient
     vulnerable version: 1.2 and earlier
               homepage: http://snoopy.sourceforge.net
                  found: 2005-10-10
                     by: D. Fabian / SEC-CONSULT / www.sec-consult.com
======================================================================

vendor description:
---------------

Snoopy is a PHP class that simulates a web browser. It automates the
task of retrieving web page content and posting forms, for example.

Snoopy is used by various RSS parser, which are in turn used in a
whole bunch of applications like weblogs, content management systems,
and many more.

vulnerabilty overview:
---------------

Whenever an SSL protected webpage is requested with one of the many
Snoopy API calls, it calls the function _httpsrequest which takes
the URL as argument. This function in turn calls the PHP-function
exec with unchecked user-input. Using a specially crafted URL, an
attacker can supply arbitrary commands that are executed on the web
server with priviledges of the web user.

While the vulnerability can not be exploited using the Snoopy class
file itself, there may exist implementations which hand unchecked
URLs from users to snoopy.

proof of concept:
---------------

Consider the following code on a webserver:
2caf979
@fwolf gene_wood Added note about curl and curl_path 97ad369
@fwolf gene_wood *** empty log message *** e9014b8
@fwolf gene_wood v1.2.1 3ec73a9
@fwolf gene_wood The escaping done on the https headers had a bug (missing curly braces).
Thanks zaruba and Kellan
e061194
@fwolf gene_wood bugfix # 1110049 : redirect is case sensitive 331f468
@fwolf gene_wood patch # 985470 : http 1.1 Host header not passing port information fo… 6997f4c
@fwolf gene_wood v1.2.2 73693fa
@fwolf gene_wood fixed bug # 1328793 : fetch is case sensetive when it comes to the sc…
…heme (http / https) fixed a typo that I introduced in 1.2.2 (the first character of the file is a "z" updated the version variable in the code to reflect the new version
1bb14bd
@fwolf gene_wood v. 1.2.3 226ff7a
@fwolf mohrt properly escape args to curl for shell escapement c677da9
@fwolf mohrt update emails, set version to dev 99c604e
@fwolf mohrt clean up header escapement, body escapement 0c6e0a9
@fwolf fwolf Initial commit 5911468
@fwolf fwolf Merge remote-tracking branch 'upstream/master' into hurrycaner
Conflicts:
	AUTHORS
	Snoopy.class.php
742216f
@fwolf fwolf Fix file encoding for special chars 07bd28d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment