// ============================================================================
// This is a Servlet sample for the G-WAN Web Server (http://www.trustleap.com)
// ----------------------------------------------------------------------------
// attack.c: send malicious URIs (from 'attack.txt' file) to the Web Server
//
//           It's always better to do it yourself rather than waiting others
//           to do it for you. 
//
//           Now you have an easy way to test your servlets (by just editing
//           the "attack.txt" file).
//
// ============================================================================
#include "xbuffer.h" // G-WAN dynamic buffers

// Title of our HTML page
static char title[]="Attacking your own web server";

// Top of our HTML page
static char top[]="<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">"
     "<html lang=\"en\"><head><title>%s</title><meta http-equiv"
     "=\"Content-Type\" content=\"text/html; charset=utf-8\">"
     "<link href=\"imgs/style.css\" rel=\"stylesheet\" type=\"text/css\">"
     "</head><body><h1>%s</h1>";

// ----------------------------------------------------------------------------
// imported functions:
//   get_reply(): get a pointer on the 'reply' dynamic buffer from the server
//   set_reply(): send back the 'reply' dynamic buffer's pointer to the server
//  xbuf_reset(): (re)initiatize a dynamic buffer object
// xbuf_frfile(): load a file, and store it in a dynamic buffer
//  xbuf_frurl(): make an Http request, and store results in a dynamic buffer
//   xbuf_ncat(): like strncat(), but in the specified dynamic buffer 
//   xbuf_xcat(): formatted strcat() (a la printf) in a given dynamic buffer 
//   xbuf_free(): release the memory allocated for a dynamic buffer
// ----------------------------------------------------------------------------
// The Http methods we can use with xbuf_frurl()
static enum  s_Methods {HTTP_BAD=0, HTTP_GET, HTTP_HEAD, HTTP_PUT, HTTP_POST};

// ----------------------------------------------------------------------------
int main(int argc, char *argv[])
{
   xbuf_ctx buf, list;
   int code=0, codcut=0,cod2xx=0,cod3xx=0,cod4xx=0,cod5xx=0;

   // create a dynamic buffer and get a pointer on the server response buffer
   xbuf_ctx reply; get_reply(argv, &reply);
   
   // ---- format the top of our HTML page with a title
   xbuf_xcat(&reply, top, title, title);

   // ---- write static text
   xbuf_cat(&reply, "<br>The web server replied:<br><br>");

   // ---- load our bad URIs list
   xbuf_reset (&list);
   xbuf_frfile(&list, "csp/attack.txt");
   if(list.len)
   {
      char uri[1024]; // loop to send all URIs
      while(xbuf_getln(&list, uri, sizeof(uri)-1)!=-1)
      {
         // send the Http request (with a 250 ms timeout)
         xbuf_reset(&buf);
         code=xbuf_frurl(&buf, "127.0.0.1", 80, HTTP_HEAD, uri, 500, 0);
         if(code== 0) codcut++; else
         if(code<300) cod2xx++; else
         if(code<400) cod3xx++; else
         if(code<500) cod4xx++; else
         if(code<600) cod5xx++;
         if(code && code<300)
         {
            //xbuf_tofile(&buf, "fdump.txt");
            while(xbuf_repl(&buf, "\r", "<br>"));
            xbuf_xcat(&reply, "Reply: %d for &quot;%s&quot;<br>", code, uri);
            xbuf_ncat(&reply, buf.ptr,  buf.len);
         }
         else
            xbuf_xcat(&reply, "Reply: %d for &quot;%s&quot;<br>", code, uri);
      }
      xbuf_free(&buf);
      xbuf_free(&list);

      // ---- display results and close our HTML page
      xbuf_xcat(&reply, 
                "hard-close : %u<br>"
                "2xx replies: %u<br>"
                "3xx replies: %u<br>"
                "4xx replies: %u<br>"
                "5xx replies: %u<br></body></html>",
                codcut, cod2xx, cod3xx, cod4xx, cod5xx);
   }
   else // no URI list file
   {
      xbuf_xcat(&reply, "The 'attack.txt' URI file was not found<br>"
                        "</body></html>");
   }
   // confirm the reply's dynamic buffer address and size to the server
   // (they have changed when more memory is allocated during formatting)
   set_reply(argv, &reply); return(200); // return an HTTP code (200:'OK')
}
// ============================================================================
// End of Source Code
// ============================================================================
