Portable sHFS (HFS via STunnel) + GUI de configuration [français]

[AvvA]

Coucou

Juste un petit mot pour dire que je viens de remettre en service le serveur qui teste le port et indique l'ip publique. Je pense que ce n'était plus fonctionnel depuis un bon mois, voire 2... oups, désolé

[rejetto]

wouldn't you rely on canyouseeme.org ?
it should be a quite stable service, being offered by no-ip

[AvvA]

I'd love to, but after a quick look at it, I didn't find how to send a direct request.

To explain better, and only for the port probing, I send via an HTTP request the port number to check, and my mini-script (included with the sources) send an answer that I can interpret with the GUI (in fact i'm lying, it sends the complete answer , but that doesn't matter, I can play with non-formatted answers too).

So, that would be very nice that I can rely on a stable service, but I need something that can be send an URL with GET (or POST) parameters (http://url.com/asktheport.php?port=XXXX), and that gives formatted unique responses (open,close,timeout, in example). Also the service provider must allow anonymous users to use it.

If you know about something like that, or if canyouseeme.org can be used that way, I'm ready to change what has to, in order to have something solid in time. (If I didn't see about canyouseeme, just tell me, i'll do more research about it).


Anyway, thanks to care about

[rejetto]

what if you post to canyouseeme.org
with values "ip", "port" and "submit"? (submit=Check)

you should get the answer inside the html result

[AvvA]

Thanks, submit=check and port=number are working when put together (ip is the one that makes the request, with a parameter like this it would become a hacking tool  ), I couldn't imagine this submit=check, so I guess either you're lucky either you've got entries at no-ip ^^.
That makes me wonder where Alice is ? Ah, no, but I wonder why I can't find a no-ip page related to these URL parameters, I need it to read an agreement about using their tool the way I planned, if you got leads, I'm taking them

[rejetto]

their page submits the "ip" as well.
it's not very different than the HFS self test.
indeed, i had to put some extra things to avoid exploiting it.

to see the submit=check i just read the html source, the form part.
i know that the submit button is sent as well, just that.

even if you don't know this, you may see it with any tool that will let you watch the POSTed data.
for this task you may use a sniffer, or just make your browser tell it.
with firefox you can use firebug plugin to watch the full content of all requests.

if you don't find documentation about that page/service, it's likely that it's not meant to be used the way you are going to
i guess if you ask for an agreement, you will just get a denial.
if you are going to make low traffic, i guess you can just ignore this, as they will ignore you.
if the traffic is going to grow, you'd better build your own web service.

me spoke.

[AvvA]

Yep yep

Thanks for your thoughts.

As a web language medium/novice, I know how to search this kind of informations, the reason why I didn't is because I like to make sticky choices, and "hacking" a free tool doesn't fit in my thinking of sticky things, no offense.
Also you're right, I know they'll deny and ignore me, but that's not the purpose ^^

I'll Try to explain
Going that way, It would be better to look at your source code to know which hidden parameter(s) you throw to your server for it to accept to send an answer (quite easily I think), first it would be more accurate because you test a lot of ports, second, if it dies HFS project would probably be dead too, so my GUI won't serve anymore.
But I won't do that for 2 reasons, first the archive contains HFS, so it contains the test, if it fails with my GUI, users can still try with HFS (but yes, that would make my GUI a bit useless), second, I'd prefer asking you to use your testfile.php instead of doin' it in your back, I hope that a freemaker like you understand why.

Another thing is that I already put a server in place, I just got unlucky with a domain reset that follow an orient-extremist hacking...
So yes, i'm in search for an open alternative to my self port probing, but I'd like it to be legitimate so that I haven't to rewrite it each monday :p (yes, honesty and lazyness ^^)
I'd like to keep the whole thing a free and clean thing that doesn't rely on unrelated/hacked services.

Sorry if it feels like moralism, that is not. I just explain my opinion, but I don't force anybody to agree/accept/reject... just my thoughts

[rejetto]

rejetto. com/hfs/test.php?port=1000

just remember to report your software with the user-agent field

[AvvA]

Thank you very much

I begun to look at it, but it seems that I've miss something, I'll probably have time to go further before the end of next week ^^

For now, I used the force to look at the HFS's sources (well, C/Delphi language  '^^), but it wasn't enough so I use a sniffer to see your exact request. In fact there were 2 things differents from what I found in source code with one I don't think I can change, but I'll see later on...

Thanks again for the access (if I understood correctly ^^).

By the way, don't you want me to put a specific user-agent, or an other parameter ? (In order to know if my script makes problem on your server.)

[AvvA]

That's strange, I take a better look at your code and request, but I'm not able to obtain a positive answer, although negatives answers seem to work...
Whenever I test an open & redirected port, I've got no answer, but if I test a closed or stealth or redirected & firewalled, I got the right answer... mystery, or I miss something (that might probably be the last one ^^).

If you got idea about it you can tell me, else I'll look into it later ^^.

[rejetto]

oh, i forgot to tell you something
the test (rejetto.com) will send you "GET test HTTP/1.0"
and you must reply "HFS OK"
otherwise, the test will fail.

[AvvA]

aow ^^

Ok, hundred apologies for the "quite easily" thing.
I think I would never find this, as I was stuck checking another procedure, and as I use the sniffer only to catch HTTP traffic...

I'll see what I can do about this this week, thanks


If you want to delete all those revelations, go, I have them in mind

[SilentPliz]

Salut AvvA !

Juste un petit mot en passant. J'espère que tu passes un chouette été.

Suite à une demande d'un utilisateur à propos de SSL, je suis venu sur ton topic en anglais pour prendre le lien, et un truc m'a sauté aux yeux (j'y vois encore ne crains rien):

confmakr.exe create : X:\your folder\sHFS\stunnel\stunnel.conf
openssl.exe create   : X:\votre répertoire\sHFS\stunnel\stunnel.pem

Si tu envisages une mise à jour de ton pack un de ces jours, ce serait bien que tu ne gardes pas le nom par défaut pour les fichiers de "conf".
Un utilisateur qui ferait la mise à jour de Stunnel par dessus, ne perdrait ainsi pas ses réglages.

A bientôt!

[AvvA]

Salut SilentPliz

L'été se passe bien oui, merci. J'espère qu'il en va de même pour toi !

Ok pour les noms de fichier, je modifierai ça à la prochaine màj.
En attendant, pour ceux qui veulent màj leur Stunnel, c'est une archive auto-extractible, donc n'installez pas, extrayez simplement les exécutables et les dlls.

Aller, je m'y met maintenant ^^
J'espère que je n'ai pas trop oublié la syntaxe d'AutoIt, ça fait 1 an que je ne fais plus que du php/sql/js... :p

à bientôt ^^

[AvvA]

v0.666 BLTN (Better Late Than Never ^^)
J'aurais bien nommé Vieux Motard Que Jamais, mais allez traduire ça en anglais

Modifications :
- random.rnd est écrit dans le dossier d'Stunnel,
- un nouveau random.rnd est créer à chaque lancement d'Stunnel,
- Stunnel est obligé d'utiliser en priorité ce fichier.
- renommage du fichier de configuration d'Stunnel et du certificat et de la clef.

- update d'Stunnel 4.27 à 4.33
- update d'OpenSSL 0.9.8k à 1.0.0a
- update de HFS 2.3 #242 à HFS 2.3 #266

- adaptation aux changements induits par ces nouvelles versions.

Chasse aux bugs :
- La case 'Accès HTTP' dans le cadre 'réseau local' marche désormais convenablement.
- Quelques corrections diverses dans les fichiers de langage.

Rendez-vous sur le 1er post de ce sujet pour le lien de téléchargement et la signature MD5, idem pour les sources