Files
rvlink_reversing/disassemblies/usr/bin/webmgnt/webcfg_main.c
T

728 lines
32 KiB
C

/* WARNING: Heritage AFTER dead removal. Example location: r0x00484044 : 0x00405fe2 */
/* WARNING: Type propagation algorithm not settling */
/* WARNING: Globals starting with '_' overlap smaller symbols at the same address */
/* WARNING: Restarted to delay deadcode elimination for space: ram */
undefined4 webcfg_main(void)
{
undefined3 extraout_var;
int iVar1;
uint uVar2;
undefined *puVar3;
code *pcVar4;
size_t sVar5;
bool bVar10;
undefined **ppuVar6;
time_t tVar7;
char *pcVar8;
ssize_t sVar9;
char *pcVar11;
undefined4 uVar21;
int iVar22;
char *pcVar23;
undefined1 *puVar24;
char local_4c00 [16384];
undefined4 uStack_c00;
char local_bfc [1020];
char acStack_800 [1024];
char acStack_400 [256];
undefined *apuStack_300 [64];
char acStack_200 [80];
undefined *local_1b0;
char *local_1ac;
char *local_1a4;
undefined4 local_1a0;
undefined *apuStack_164 [16];
undefined *apuStack_124 [2];
undefined **local_11c;
char *local_118;
char acStack_ec [36];
char acStack_c8 [32];
undefined *local_a8;
undefined4 local_a4;
undefined4 local_a0;
undefined4 local_9c;
undefined4 local_98;
undefined4 local_94;
undefined4 local_90;
undefined4 local_8c;
char local_88 [16];
undefined *local_78;
undefined4 local_74;
undefined4 local_70;
undefined4 local_6c;
undefined **local_68;
undefined **cgi_func;
undefined1 *local_60;
undefined **local_5c;
undefined **local_58;
char *local_54;
char *local_50;
undefined **local_4c;
uint session_valid;
char *local_44;
FILE *local_40;
FILE *local_3c;
FILE *local_38;
FILE *local_34;
FILE *local_30;
undefined4 local_2c;
char *local_28;
FILE *local_24;
undefined **local_20;
char *local_1c;
char *local_18;
local_60 = &stack0xffefb400;
memset(acStack_200,0,0x50);
local_78 = (undefined *)0x0;
local_74 = 0;
local_70 = 0;
local_6c = 0;
local_88[0] = '\0';
local_88[1] = '\0';
local_88[2] = '\0';
local_88[3] = '\0';
local_88[4] = '\0';
local_88[5] = '\0';
local_88[6] = '\0';
local_88[7] = '\0';
local_88[8] = '\0';
local_88[9] = '\0';
local_88[10] = '\0';
local_88[0xb] = '\0';
local_88[0xc] = '\0';
local_88[0xd] = '\0';
local_88[0xe] = '\0';
local_88[0xf] = '\0';
memset(apuStack_164,0,0x40);
memset(acStack_c8,0,0x20);
local_4c00[0] = '{';
local_4c00[1] = '}';
local_4c00[2] = 0;
memset(local_4c00 + 3,0,0x3ffd);
memset(apuStack_300,0,0x100);
memset(acStack_ec,0,0x21);
memset(&stack0xffefb400,0,0x100000);
local_40 = _stderr;
local_68 = (undefined **)0x44d110;
cgi_func = (undefined **)0x44869c;
fprintf(_stderr,"[%s,%s,%d]: Starting web-management CGI server...","cgi_main.c","webcfg_main");
fputc(10,_stderr);
syslog(6,"Starting web-management CGI server...",&_mips_gp0_value);
pcVar11 = "/tmp/sysinfo/unregister";
uVar21 = 0;
/* This file does exist on the device, contains two characters "ef"
So the below block will always eexcute it seems, "however
/www-comfast/unregistered" does not seem to exist
So, I don't expect this really does anything */
iVar1 = access("/tmp/sysinfo/unregister",0);
if (iVar1 == 0) {
registered_flag = 0;
pcVar11 = "cp /www-comfast/unregistered/* /www-comfast/ -r";
system("cp /www-comfast/unregistered/* /www-comfast/ -r");
}
uci_start(pcVar11,uVar21);
iVar1 = uci_config_get_single_int("mbox.management.config_done");
config_done = iVar1 != 0;
uci_end();
/* PGM_INIT: explicitly ZERO out session ID */
cgi_func = (undefined **)&authenticated_COMFAST_session_id;
memset(&authenticated_COMFAST_session_id,0,0x90);
iVar1 = FCGX_Init();
if (iVar1 < 0) {
local_3c = _stderr;
fprintf(_stderr,"[%s,%s,%d]: fcgi initialization fail, can not continue!","cgi_main.c",
"webcfg_main");
fputc(10,_stderr);
pcVar11 = "[%s,%s,%d]: fcgi initialization fail, can not continue!";
}
else {
/* First block of code that runs after successful fcgi init */
cgi_func = (undefined **)acStack_200;
/* Listen on localhost:9002
NGINX proxies all requests to /cgi-bin/* to this process
This is why you'll get 502 for trying to request endpoints that don't exist
*/
sprintf((char *)cgi_func,"127.0.0.1:%d",9002);
local_38 = _stderr;
fprintf(_stderr,"[%s,%s,%d]: fcgi listening to %s","cgi_main.c","webcfg_main");
fputc(10,_stderr);
syslog(6,"fcgi listening to %s",cgi_func);
cgi_func = (undefined **)FCGX_OpenSocket(cgi_func,0xffffffff,&_mips_gp0_value);
/* FCGI_OpenSocket() returns -1 on error so
IF SOCKET OPENED { ... } */
if (-1 < (int)cgi_func) {
uVar2 = fcntl((int)cgi_func,1);
fcntl((int)cgi_func,2,uVar2 | 1);
FCGX_InitRequest(apuStack_124,cgi_func,0);
/* Beginning of web request handler loop */
session_valid = 0;
do {
local_98 = 0;
local_94 = 0;
local_90 = 0;
local_8c = 0;
blob_buf_init(&local_98,0);
local_5c = &local_a8;
local_a8 = (undefined *)0x0;
local_a4 = 0;
local_a0 = 0;
local_9c = 0;
blob_buf_init(local_5c,0,&_mips_gp0_value);
local_58 = apuStack_124;
iVar1 = FCGX_Accept_r(local_58,local_58,&_mips_gp0_value);
if (iVar1 < 0) {
return 0;
}
cgi_func = &local_1b0;
local_68 = (undefined **)local_58[5];
memset(cgi_func,0,0x4c);
puVar3 = (undefined *)FCGX_GetParam("QUERY_STRING",local_68);
cgi_func[1] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("REQUEST_METHOD",local_68,&_mips_gp0_value);
cgi_func[2] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("CONTENT_TYPE",local_68);
cgi_func[3] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("CONTENT_LENGTH",local_68,&_mips_gp0_value);
cgi_func[4] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("SCRIPT_NAME",local_68);
cgi_func[5] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("REQUEST_URI",local_68,&_mips_gp0_value);
cgi_func[6] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("DOCUMENT_URI",local_68);
cgi_func[7] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("DOCUMENT_ROOT",local_68,&_mips_gp0_value);
cgi_func[8] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("SERVER_PROTOCOL",local_68);
cgi_func[9] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("HTTPS",local_68,&_mips_gp0_value);
cgi_func[10] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("REMOTE_ADDR",local_68);
cgi_func[11] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("REMOTE_PORT",local_68,&_mips_gp0_value);
cgi_func[12] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("SERVER_ADDR",local_68);
cgi_func[13] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("SERVER_PORT",local_68,&_mips_gp0_value);
cgi_func[14] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("SERVER_NAME",local_68);
cgi_func[15] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("HTTP_HOST",local_68,&_mips_gp0_value);
cgi_func[16] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("USER_AGENT",local_68);
cgi_func[17] = puVar3;
puVar3 = (undefined *)FCGX_GetParam("HTTP_COOKIE",local_68,&_mips_gp0_value);
cgi_func[18] = puVar3;
pcVar11 = local_118;
/* element 11 = "REMOTE_ADDR"
element 7 = "DOCUMENT_URI"
This is checking
IF the IP address of the requester = NULL/empty string
-- OR -- if the DOCUMENT URI = NULL/empty string */
if ((((cgi_func[11] == (char *)0x0) || (*cgi_func[11] == '\0')) ||
(local_50 = cgi_func[7], local_50 == (char *)0x0)) || (*local_50 == '\0')) {
LAB_0040654a:
/* Loads a pointer to the response_400() function and then executes it */
pcVar4 = (code *)0x4055b5;
LAB_0040654e:
/* This branch is for explicit handling of the "/cgi-bin/iswifi" path which so
far I haven't recorded any use of in this environment. In any case it seems
to simply return a 200 response with the COMFAST_SESSION set as a cookie.
It's worth noting that it does conditionally set the cookie value to
"DELETED" based on the state of local_48 which apears to be a boolean, likely
something like "is_logged_in" */
(*pcVar4)(pcVar11);
}
else {
*cgi_func = (undefined *)local_58;
iVar1 = strncmp(local_50,"/cgi-bin/iswifi",0xf);
if (iVar1 == 0) {
local_68 = (undefined **)acStack_ec;
iVar1 = deal_iswifi(cgi_func[1],(char *)apuStack_300,(char *)local_68);
if (iVar1 == 0) {
iswifi_output(local_5c,(char *)local_68);
local_5c = (undefined **)blobmsg_format_json_with_cb(*local_5c,1,0,0);
local_50 = local_58[3];
if (session_valid == 0) {
local_68 = (undefined **)0x44881c;
pcVar11 = "Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Version=1";
}
else {
local_68 = (undefined **)&authenticated_COMFAST_session_id;
pcVar11 = "Path=/; Version=1";
}
cgi_func = (undefined **)pcVar11;
local_54 = (char *)strlen((char *)local_5c);
local_58 = apuStack_300;
strlen((char *)local_58);
FCGX_FPrintF(local_50,
"Status: 200 OK\r\nSet-Cookie: %s=%s; %s\r\nContent-Length: %d\r\nContent-Type: text/javascript; charset=utf-8\r\n\r\n%s(%s);\r\n"
,"COMFAST_SESSIONID",local_68);
free(local_5c);
}
}
else {
iVar1 = strncmp(local_50,"/cgi-bin/",9);
if (iVar1 != 0) {
pcVar11 = local_58[3];
LAB_00407552:
pcVar4 = (code *)0x405589;
goto LAB_0040654e;
}
local_68 = (undefined **)cgi_func[2];
iVar1 = strcmp((char *)local_68,"GET");
if (iVar1 == 0) {
local_5c = (undefined **)cgi_func[6];
cgi_func = (undefined **)0x448b28;
pcVar11 = strstr((char *)local_5c,"height=");
if (pcVar11 == (char *)0x0) {
local_4c = (undefined **)&DAT_00000001;
}
else {
cgi_func = (undefined **)0x448b30;
pcVar11 = strstr((char *)local_5c,"width=");
if (pcVar11 != (char *)0x0) {
cgi_func = (undefined **)(local_88 + 0x10);
local_68 = (undefined **)local_88;
local_88[0] = '\0';
local_88[1] = '\0';
local_88[2] = '\0';
local_88[3] = '\0';
local_88[4] = '\0';
local_88[5] = '\0';
local_88[6] = '\0';
local_88[7] = '\0';
local_88[8] = '\0';
local_88[9] = '\0';
local_88[10] = '\0';
local_88[0xb] = '\0';
local_88[0xc] = '\0';
local_88[0xd] = '\0';
local_88[0xe] = '\0';
local_88[0xf] = '\0';
local_58 = apuStack_164;
local_78 = (undefined *)0x0;
local_74 = 0;
local_70 = 0;
local_6c = 0;
memset(local_58,0,0x40);
local_50 = acStack_c8;
memset(local_50,0,0x20);
pcVar11 = strstr((char *)local_5c,"height=");
get_para_from_uri(pcVar11,(int)cgi_func);
pcVar11 = strstr((char *)local_5c,"width=");
get_para_from_uri(pcVar11,(int)local_68);
get_css_path_from_uri((char *)((int)local_5c + 9),(int)local_50);
sprintf((char *)local_58,"/www-comfast/%s",local_50);
memset(&stack0xffefb400,0,0x100000);
local_68 = (undefined **)atoi((char *)local_68);
iVar1 = atoi((char *)cgi_func);
modify_css(local_68,iVar1,&stack0xffefb400,(char *)local_58);
sVar5 = strlen(&stack0xffefb400);
FCGX_FPrintF(local_118,
"HTTP/1.1 200 OK\r\nServer: nginx/1.4.7\r\nDate: Mon, 17 Jun 2019 10:42:35 GMT\r\nContent-Type: text/css\r\nContent-Length: %d\r\nLast-Modified: Thu, 01-Jan-1970 00:00:01 GMT\r\nConnection: keep-alive\r\nETag: \"5c666a67-1acd\"\r\nAccept-Ranges: bytes\r\n\r\n%s"
,sVar5,&stack0xffefb400);
goto LAB_00406556;
}
local_4c = (undefined **)&DAT_00000001;
}
}
else {
iVar1 = strcmp((char *)local_68,"POST");
if (iVar1 != 0) {
pcVar11 = local_58[3];
goto LAB_00407552;
}
cgi_func = (undefined **)strtoul(cgi_func[4],(char **)0x0,0);
if ((char *)0xffffff < (char *)((int)cgi_func + -1)) {
local_30 = _stderr;
local_68 = &local_1b0;
local_2c = local_1a0;
fprintf(_stderr,"[%s,%s,%d]: Invalid request of content length: %s cl=%d",
"cgi_main.c","webcfg_main");
fputc(10,_stderr);
syslog(3,"Invalid request of content length: %s cl=%d",local_68[4],cgi_func);
}
local_68 = (undefined **)local_1ac;
pcVar11 = strstr(local_1ac,"section=system_");
if (pcVar11 == (char *)0x0) {
system_state = (char *)0x0;
}
else {
pcVar11 = strstr((char *)local_68,"system_config_backup");
if (((pcVar11 == (char *)0x0) &&
(pcVar11 = strstr((char *)local_68,"system_account_download"),
pcVar11 == (char *)0x0)) &&
(pcVar11 = strstr((char *)local_68,"system_passwd_download"),
pcVar11 == (char *)0x0)) {
pcVar11 = strstr((char *)local_68,"system_load_config");
if (pcVar11 == (char *)0x0) {
pcVar11 = strstr((char *)local_68,"system_upgrade");
if ((pcVar11 == (char *)0x0) &&
(pcVar11 = strstr((char *)local_68,"system_upgrade_keep"),
pcVar11 == (char *)0x0)) {
pcVar11 = strstr((char *)local_68,"system_upload_file");
if (((((pcVar11 == (char *)0x0) &&
(pcVar11 = strstr((char *)local_68,"system_upload_account"),
pcVar11 == (char *)0x0)) &&
(pcVar11 = strstr((char *)local_68,"system_upload_passwd"),
pcVar11 == (char *)0x0)) &&
((pcVar11 = strstr((char *)local_68,"system_upload_wxpay_cert_pem"),
pcVar11 == (char *)0x0 &&
(pcVar11 = strstr((char *)local_68,"system_upload_wxpay_key_pem"),
pcVar11 == (char *)0x0)))) &&
((pcVar11 = strstr((char *)local_68,"system_upload_radius_template"),
pcVar11 == (char *)0x0 &&
(pcVar11 = strstr((char *)local_68,"system_cluster_upgrade_file"),
pcVar11 == (char *)0x0)))) {
pcVar11 = strstr((char *)local_68,"system_wl_upload_pic_file");
if (pcVar11 == (char *)0x0) {
system_state = strstr((char *)local_68,"system_suite_upgrade_file_upload")
;
if (system_state != (char *)0x0) {
system_state = (char *)0x6;
}
}
else {
system_state = (char *)0x5;
}
}
else {
system_state = (char *)0x4;
}
}
else {
system_state = (char *)0x3;
}
}
else {
system_state = &DAT_00000002;
}
}
else {
system_state = &DAT_00000001;
}
if (((local_1a4 != (char *)0x0) &&
(pcVar11 = strstr(local_1a4,"multipart/form-data"), pcVar11 != (char *)0x0)) &&
(local_28 = system_state, 1 < (int)system_state)) {
local_58 = local_11c;
memset(acStack_800,0,0x400);
memset(acStack_400,0,0x100);
do {
if ((int)cgi_func < 1) goto LAB_00406fa2;
local_68 = (undefined **)acStack_800;
memset(local_68,0,0x400);
pcVar11 = (char *)((int)cgi_func + 1);
if (0x400 < (int)pcVar11) {
pcVar11 = (char *)0x400;
}
iVar1 = FCGX_GetLine(local_68,pcVar11,local_58);
if (iVar1 == 0) goto LAB_00407400;
local_68 = (undefined **)acStack_800;
sVar5 = strlen((char *)local_68);
cgi_func = (undefined **)((int)cgi_func - sVar5);
iVar1 = strncasecmp((char *)local_68,"Content-Disposition:",0x14);
} while (iVar1 != 0);
local_68 = (undefined **)strstr((char *)local_68,"filename=");
if (local_68 != (undefined **)0x0) {
local_5c = (undefined **)((int)local_68 + 10);
local_54 = strchr((char *)local_5c,0x22);
if (local_54 != (char *)0x0) {
memset(upload_filename,0,0x100);
strncpy(upload_filename,(char *)local_5c,
(size_t)(local_54 + (-10 - (int)local_68)));
}
}
for (; 0 < (int)cgi_func; cgi_func = (undefined **)((int)cgi_func - sVar5)) {
local_68 = (undefined **)acStack_800;
iVar1 = strcmp((char *)local_68,"\n");
if ((iVar1 == 0) || (iVar1 = strcmp((char *)local_68,"\r\n"), iVar1 == 0))
break;
memset(local_68,0,0x400);
pcVar11 = (char *)((int)cgi_func + 1);
if (0x400 < (int)pcVar11) {
pcVar11 = (char *)0x400;
}
iVar1 = FCGX_GetLine(local_68,pcVar11,local_58);
if (iVar1 == 0) goto LAB_00407400;
sVar5 = strlen(acStack_800);
}
LAB_00406fa2:
pcVar11 = strstr(upload_filename,".png");
if ((((pcVar11 == (char *)0x0) &&
(pcVar11 = strstr(upload_filename,".PNG"), pcVar11 == (char *)0x0)) &&
(pcVar11 = strstr(upload_filename,".jpg"), pcVar11 == (char *)0x0)) &&
(((pcVar11 = strstr(upload_filename,".JPG"), pcVar11 == (char *)0x0 &&
(pcVar11 = strstr(upload_filename,".jpeg"), pcVar11 == (char *)0x0)) &&
(pcVar11 = strstr(upload_filename,".JPEG"), pcVar11 == (char *)0x0)))) {
puVar24 = (undefined1 *)0x104800;
pcVar11 = "/tmp/bakup.file";
strcpy(acStack_400,"/tmp/bakup.file");
}
else {
local_68 = (undefined **)0x448e6c;
iVar1 = access("/tmp/img",0);
if ((iVar1 != 0) && (iVar1 = mkdir("/tmp/img",0x1ff), iVar1 != 0))
goto LAB_00407400;
puVar24 = upload_filename;
pcVar11 = "%s/%s";
sprintf(acStack_400,"%s/%s","/tmp/img");
}
local_5c = (undefined **)0x448e80;
bVar10 = file_exists("/tmp/bakup.file",pcVar11,&_mips_gp0_value,puVar24);
if (CONCAT31(extraout_var,bVar10) == 0) {
memset(&uStack_c00,0,0x400);
local_54 = (char *)open(acStack_400,0x302,0x1ff);
if (-1 < (int)local_54) {
local_68 = (undefined **)0x0;
for (; 0 < (int)cgi_func;
cgi_func = (undefined **)((int)cgi_func - (int)ppuVar6)) {
local_4c = cgi_func;
if (0x400 < (int)cgi_func) {
local_4c = (undefined **)0x400;
}
local_5c = (undefined **)FCGX_GetStr(&uStack_c00,local_4c,local_58);
if (local_5c != local_4c) break;
if ((int)cgi_func < 0x400) {
for (; (int)local_68 < (int)(cgi_func + -1);
local_68 = (undefined **)((int)local_68 + 1)) {
if ((((*(char *)((int)&uStack_c00 + (int)local_68) == '\r') &&
(*(char *)((int)&uStack_c00 + 1 + (int)local_68) == '\n')) &&
(*(char *)((int)&uStack_c00 + 2 + (int)local_68) == '-')) &&
((*(char *)((int)&uStack_c00 + 3 + (int)local_68) == '-' &&
(local_bfc[(int)local_68] == '-')))) {
*(char *)((int)&uStack_c00 + (int)local_68) = '\0';
cgi_func = (undefined **)
((int)cgi_func + ((int)local_68 - (int)local_5c));
local_5c = local_68;
break;
}
}
}
ppuVar6 = (undefined **)write((int)local_54,&uStack_c00,(size_t)local_5c);
if (ppuVar6 != local_5c) break;
}
close((int)local_54);
}
}
else {
local_58 = (undefined **)&uStack_c00;
memset(local_58,0,0x80);
local_68 = (undefined **)open("/tmp/bakup.file",2);
if ((int)local_68 < 0) {
unlink((char *)local_5c);
}
else {
local_5c = (undefined **)lseek((int)local_68,0,2);
lseek((int)local_68,(__off_t)((int)local_5c + -0x7f),0);
read((int)local_68,local_58,0x7f);
iVar1 = 0;
do {
iVar22 = iVar1;
if (iVar22 == 0x7c) {
iVar22 = 0x7c;
break;
}
iVar1 = iVar22 + 1;
} while (((*(char *)((int)&uStack_c00 + iVar22 + 1) != '\r') ||
(*(char *)((int)&uStack_c00 + iVar22 + 2) != '\n')) ||
((*(char *)((int)&uStack_c00 + iVar22 + 3) != '-' ||
(local_bfc[iVar22] != '-'))));
ftruncate((int)local_68,(__off_t)((int)local_5c + iVar22 + -0x7e));
close((int)local_68);
local_68 = (undefined **)acStack_400;
iVar1 = strcmp("/tmp/bakup.file",(char *)local_68);
if (iVar1 != 0) {
rename("/tmp/bakup.file",(char *)local_68);
}
}
}
}
}
LAB_00407400:
if ((undefined **)0x4000 < cgi_func) {
cgi_func = (undefined **)0x3fff;
}
local_68 = (undefined **)local_4c00;
memset(local_68,0,0x4000);
local_5c = apuStack_124;
FCGX_GetStr(local_68,cgi_func,local_11c);
*(char *)((int)local_68 + (int)cgi_func) = '\0';
if ((system_state == (char *)0x0) &&
(iVar1 = blobmsg_add_json_from_string(&local_98,local_68), iVar1 == 0)) {
local_24 = _stderr;
fprintf(_stderr,"[%s,%s,%d]: Fail to parse JSON from post data: %s","cgi_main.c",
"webcfg_main");
fputc(10,_stderr);
syslog(3,"Fail to parse JSON from post data: %s",local_68);
pcVar11 = local_5c[3];
goto LAB_0040654a;
}
local_4c = (undefined **)&DAT_00000002;
}
cgi_func = (undefined **)authenticated_session_expiration_time;
tVar7 = time((time_t *)0x0);
cgi_func = (undefined **)((int)cgi_func - tVar7);
if ((int)cgi_func < 0) {
iVar1 = uptime_timeout();
if (iVar1 == 0) {
memset(&authenticated_COMFAST_session_id,0,0x90);
}
else {
tVar7 = time((time_t *)0x0);
authenticated_session_expiration_time = tVar7 + 600;
}
}
else {
tVar7 = time((time_t *)0x0);
authenticated_session_expiration_time = tVar7 + 600;
}
session_valid = 0;
if (is_logged_in != '\0') {
session_valid = (int)cgi_func < 1 ^ 1;
}
/* Figure out how to dispatch incoming request
Loops over cgi_functions in &cgi_functions which is itself an array of data
structures */
for (cgi_func = &cgi_functions; cgi_func != (undefined **)&DAT_00464bf4;
cgi_func = cgi_func + 5) {
local_20 = (undefined **)cgi_func[1];
if ((local_20 == local_4c) && (iVar1 = strcmp(*cgi_func,local_50 + 9), iVar1 == 0)) {
/* Here's the auth check
Every CGI entry in cgi_functions[] has a one-byte “needs-auth” flag
(offset +2).
If that flag is zero or the session is valid */
if ((*(char *)(cgi_func + 2) == '\0') || (session_valid != 0)) {
local_68 = &local_1b0;
pcVar23 = "ac_list_get";
pcVar11 = local_1ac;
pcVar8 = strstr(local_1ac,"ac_list_get");
if (pcVar8 == (char *)0x0) {
uci_start(pcVar11,pcVar23);
local_68 = (undefined **)(*(code *)cgi_func[3])(local_68,&local_98,&local_a8);
uci_end();
}
else {
ac_list_get(&local_98,&local_a8);
local_68 = (undefined **)0x0;
}
local_1c = system_state;
if (system_state != &DAT_00000001) {
ppuVar6 = local_68;
if ((int)local_68 < 0) {
ppuVar6 = (undefined **)-(int)local_68;
}
goto LAB_004077ae;
}
}
else {
ppuVar6 = (undefined **)(char *)0x4;
LAB_004077ae:
cgi_gen_error(&local_a8,(int)ppuVar6);
}
local_18 = system_state;
if (system_state == &DAT_00000001) {
local_68 = (undefined **)local_118;
memset(&uStack_c00,0,0x400);
if (download_filename == '\0') {
strcpy(&download_filename,"bakup.file");
}
FCGX_FPrintF(local_68,"Content-Disposition: attachment; filename=\"%s\"\r\n",
&download_filename);
FCGX_FPrintF(local_68,"Content-Type: application/x-targz\r\n");
FCGX_FPrintF(local_68,"Cache-Control: no-cache\r\n",&_mips_gp0_value);
FCGX_FPrintF(local_68,"Expires: 0\r\n",&_mips_gp0_value);
FCGX_FPrintF(local_68,"\r\n",&_mips_gp0_value);
local_54 = (char *)0x3;
while( true ) {
local_58 = (undefined **)0x448e80;
local_5c = (undefined **)open("/tmp/bakup.file",2);
if (local_5c != (undefined **)0xffffffff) break;
local_54 = local_54 + -1;
if (local_54 == (char *)0x0) goto LAB_00407956;
sleep(1);
}
ppuVar6 = (undefined **)&uStack_c00;
while( true ) {
memset(ppuVar6,0,0x400);
local_58 = (undefined **)&uStack_c00;
sVar9 = read((int)local_5c,local_58,0x3ff);
if (sVar9 < 1) break;
*(char *)((int)local_58 + sVar9) = '\0';
FCGX_PutStr(local_58,sVar9,local_68);
ppuVar6 = local_58;
}
LAB_00407956:
memset(&download_filename,0,0x100);
if (-1 < (int)local_5c) {
close((int)local_5c);
}
unlink("/tmp/bakup.file");
}
else {
if (*(char *)(cgi_func + 4) != '\0') break;
local_5c = (undefined **)blobmsg_format_json_with_cb(local_a8,1,0,0);
local_54 = "COMFAST_SESSIONID";
if ((int)system_state < 2) {
local_44 = local_118;
if (session_valid == 0) {
local_58 = (undefined **)0x44881c;
local_68 = (undefined **)0x448824;
}
else {
local_58 = (undefined **)&authenticated_COMFAST_session_id;
local_68 = (undefined **)0x448808;
}
strlen((char *)local_5c);
pcVar11 =
"Status: 200 OK\r\nSet-Cookie: %s=%s; %s\r\nContent-Length: %d\r\nContent-Type: application/json\r\n\r\n%s\r\n"
;
}
else {
local_44 = local_118;
if (session_valid == 0) {
local_58 = (undefined **)0x44881c;
local_68 = (undefined **)0x448824;
}
else {
local_58 = (undefined **)&authenticated_COMFAST_session_id;
local_68 = (undefined **)0x448808;
}
strlen((char *)local_5c);
pcVar11 =
"Status: 200 OK\r\nSet-Cookie: %s=%s; %s\r\nContent-Length: %d\r\nContent-Type: text/html\r\n\r\n%s\r\n"
;
}
FCGX_FPrintF(local_44,pcVar11,local_54,local_58);
free(local_5c);
}
}
}
}
}
LAB_00406556:
blob_buf_free(&local_98);
blob_buf_free(&local_a8);
FCGX_Finish_r(apuStack_124);
iVar1 = config_action_get();
if (iVar1 != 0) {
apply_settings();
}
} while( true );
}
/* This is the end of the IF FCGI_OPEN_SOCKET() succeeded block */
local_34 = _stderr;
fprintf(_stderr,"[%s,%s,%d]: Fail to open fcgi socket, can not continue!","cgi_main.c",
"webcfg_main");
fputc(10,_stderr);
pcVar11 = "[%s,%s,%d]: Fail to open fcgi socket, can not continue!";
}
syslog(3,pcVar11 + 0xc,&_mips_gp0_value);
return 0xffffffff;
}