1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
| /*
#add_header Content-Security-Policy "default-src 'self' jjj123.com *.jjj123.com; script-src 'self' jjj123.com *.jjj123.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' jjj123.com *.jjj123.com 'unsafe-inline'; img-src 'self' jjj123.com *.jjj123.com data: blob:; media-src 'self' jjj123.com *.jjj123.com data:; object-src 'self'; font-src 'self' jjj123.com *.jjj123.com data:; connect-src 'self' jjj123.com *.jjj123.com;";
#add_header Content-Security-Policy "default-src 'self' *.jjj123.com; script-src 'self' *.jjj123.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.jjj123.com 'unsafe-inline'; img-src 'self' *.jjj123.com data: blob:; media-src 'self' *.jjj123.com data:; object-src 'self'; font-src 'self' *.jjj123.com data:; connect-src 'self' *.jjj123.com; report-uri https://jjj123.com/csp-report;";
#add_header Content-Security-Policy "default-src 'self' *.jjj123.com; script-src 'self' *.jjj123.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.jjj123.com 'unsafe-inline'; img-src 'self' *.jjj123.com data: blob:; media-src 'self' *.jjj123.com data:; object-src 'self'; font-src 'self' *.jjj123.com data:; connect-src 'self' *.jjj123.com;";
Default: ./csp_report_server
Listens on /www/www.csp.report.sock and /www/www.csp.report.sock.monitor.
Custom socket: ./csp_report_server -s /custom/path.sock
Listens on /custom/path.sock and /custom/path.sock.monitor.
Help: ./csp_report_server -h
Socket Listening: Listens on /www/www.csp.report.sock (or custom path via -s/--sock) for CSP reports in JSON format.
Command-Line Options:
-s/--sock: Custom socket path.
-h/--help: Prints usage.
Dual Sockets: Second socket (*.sock.monitor) serves the last 30 reports.
Report Storage: Keeps up to 30 reports in memory, overwriting oldest first.
HTML Output:
Converts compact JSON to human-readable format with indentation.
Table with columns: Index, Received Time, Human JSON.
Embedded CSS for mobile/desktop compatibility:
Responsive design with max-width and viewport.
Readable table with borders and alternating row colors.
printf "GET / HTTP/1.1\r\nHost: localhost\r\n\r\n" | socat - UNIX-CONNECT:/lxc_/u98/wwwFS/sock.www.csp.report.sock.monitor
curl -v https://c0.jjj123.com/csp_monitor |wc
curl -X POST -H "Content-Type: application/csp-report" -d '{"csp-report": {"document-uri": "https://example.com", "violated-directive": "script-src", "blocked-uri": "https://malicious.com"}}' https://c0.jjj123.com/csp_report
#define DEFAULT_SOCK_PATH "/wwwFS.socket/sock.www.csp.report.sock"
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <time.h>
#include <getopt.h>
#include <sys/stat.h>
#include <sys/select.h>
#include <sys/types.h>
//#define DEFAULT_SOCK_PATH "/www/www.csp.report.sock"
//#define DEFAULT_SOCK_PATH "/wwwFS.socket/sock.www.csp.report.sock"
#define DEFAULT_SOCK_PATH "/wwwFS.out/sock.www.csp.report.sock"
#define MAX_REPORTS 30
#define BUFFER_SIZE 4096
#define MAX_PATH_LEN 108 // UNIX socket path limit
// Structure to store CSP reports
typedef struct {
char *json;
time_t received_time;
} Report;
Report reports[MAX_REPORTS];
int report_count = 0;
int report_index = 0;
// Function to format JSON into human-friendly form (basic indenting)
char *format_json(const char *compact_json) {
char *formatted = malloc(BUFFER_SIZE);
if (!formatted) return NULL;
int indent = 0, pos = 0;
for (int i = 0; compact_json[i] && pos < BUFFER_SIZE - 1; i++) {
if (compact_json[i] == '{' || compact_json[i] == '[') {
formatted[pos++] = compact_json[i];
formatted[pos++] = '\n';
indent += 2;
for (int j = 0; j < indent && pos < BUFFER_SIZE - 1; j++) formatted[pos++] = ' ';
} else if (compact_json[i] == '}' || compact_json[i] == ']') {
formatted[pos++] = '\n';
indent -= 2;
for (int j = 0; j < indent && pos < BUFFER_SIZE - 1; j++) formatted[pos++] = ' ';
formatted[pos++] = compact_json[i];
} else if (compact_json[i] == ',') {
formatted[pos++] = compact_json[i];
formatted[pos++] = '\n';
for (int j = 0; j < indent && pos < BUFFER_SIZE - 1; j++) formatted[pos++] = ' ';
} else {
formatted[pos++] = compact_json[i];
}
}
formatted[pos] = '\0';
return formatted;
}
// Function to store a new report
void store_report(const char *json) {
if (report_count < MAX_REPORTS) report_count++;
if (reports[report_index].json) free(reports[report_index].json);
reports[report_index].json = strdup(json);
reports[report_index].received_time = time(NULL);
report_index = (report_index + 1) % MAX_REPORTS;
}
// Function to generate HTML report
char *generate_html_report() {
char *html = malloc(BUFFER_SIZE * 2);
if (!html) return NULL;
//strcpy(html, "<!DOCTYPE html><html><head><meta charset='UTF-8'><meta name='viewport' content='width=device-width, initial-scale=1.0'><title>CSP Reports</title><style>table { border-collapse: collapse; width: 100%; max-width: 800px; margin: 20px auto; font-family: Arial, sans-serif; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } tr:nth-child(even) { background-color: #f9f9f9; } pre { margin: 0; white-space: pre-wrap; word-wrap: break-word; } @media (max-width: 600px) { th, td { font-size: 14px; padding: 5px; } }</style></head><body><h1>CSP Reports (Last 30)</h1><table><tr><th>Index</th><th>Received Time</th><th>Report</th></tr>");
strcpy(html, "<!DOCTYPE html><html><head><meta charset='UTF-8'><meta name='viewport' content='width=device-width, initial-scale=1.0'><title>CSP Reports</title><style>"
"table { border-collapse: collapse; width: 100%; max-width: 800px; margin: 20px auto; font-family: Arial, sans-serif; }"
"th, td { border: 1px solid #ddd; padding: 8px; text-align: left; }"
"th { background-color: #f2f2f2; }"
"tr:nth-child(even) { background-color: #f9f9f9; }"
"pre { margin: 0; white-space: pre-wrap; word-wrap: break-word; }"
"h1 { text-align: center; }" // Add this line to center the heading
"@media (max-width: 600px) { th, td { font-size: 14px; padding: 5px; } }"
"</style></head><body>"
"<h1>CSP Reports (Last 30)</h1>" // This is the heading to be centered
"<table><tr><th>Index</th><th>Received Time</th><th>Report</th></tr>");
int pos = strlen(html);
for (int i = 0; i < report_count; i++) {
int idx = (report_index - report_count + i + MAX_REPORTS) % MAX_REPORTS;
char time_str[26];
ctime_r(&reports[idx].received_time, time_str);
time_str[24] = '\0'; // Remove newline
char *formatted_json = format_json(reports[idx].json);
pos += snprintf(html + pos, BUFFER_SIZE * 2 - pos, "<tr><td>%d</td><td>%s</td><td><pre>%s</pre></td></tr>", i + 1, time_str, formatted_json);
free(formatted_json);
}
strcat(html, "</table></body></html>");
return html;
}
// Print usage
void print_usage(const char *prog_name) {
printf("Usage: %s [-s|--sock SOCKET_PATH] [-h|--help]\n", prog_name);
printf(" -s, --sock Specify custom UNIX socket path (default: %s)\n", DEFAULT_SOCK_PATH);
printf(" -h, --help Show this help message\n");
printf(" This is a Tools to be used for CSP monitor/report. \n"
" please add 'report-uri https://jjj123.com/csp-report;' to your CSP, \n"
" then, it will try to report, \n"
" then you can check the result in https://c0.jjj123.com/csp_monitor\n" );
}
// Send a minimal HTTP response to satisfy Nginx
const char *mini_response = "HTTP/1.1 200 OK\r\nContent-Length: 0\r\n\r\n";
int main(int argc, char *argv[]) {
char sock_path[MAX_PATH_LEN] = DEFAULT_SOCK_PATH;
char monitor_sock_path[MAX_PATH_LEN];
// Parse command-line options
static struct option long_options[] = {
{"sock", required_argument, 0, 's'},
{"help", no_argument, 0, 'h'},
{0, 0, 0, 0}
};
int opt;
while ((opt = getopt_long(argc, argv, "s:h", long_options, NULL)) != -1) {
switch (opt) {
case 's':
strncpy(sock_path, optarg, MAX_PATH_LEN - 1);
sock_path[MAX_PATH_LEN - 1] = '\0';
break;
case 'h':
print_usage(argv[0]);
return 0;
default:
print_usage(argv[0]);
return 1;
}
}
// Set monitor socket path
snprintf(monitor_sock_path, MAX_PATH_LEN, "%s.monitor", sock_path);
// Initialize reports array
memset(reports, 0, sizeof(reports));
// Create CSP report socket
int report_fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (report_fd < 0) { perror("Report socket creation failed"); return 1; }
struct sockaddr_un report_addr = { .sun_family = AF_UNIX };
//strncpy(report_addr.sun_path, sock_path, sizeof(report_addr.sun_path) - 1);
snprintf(report_addr.sun_path, sizeof(report_addr.sun_path), "%s", sock_path);
unlink(sock_path); // Remove existing socket
if (bind(report_fd, (struct sockaddr*)&report_addr, sizeof(report_addr)) < 0) { perror("Report bind failed"); return 1; }
chmod(sock_path, 0666);
if (listen(report_fd, 5) < 0) { perror("Report listen failed"); return 1; }
// Create monitor socket
int monitor_fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (monitor_fd < 0) { perror("Monitor socket creation failed"); return 1; }
struct sockaddr_un monitor_addr = { .sun_family = AF_UNIX };
//strncpy(monitor_addr.sun_path, monitor_sock_path, sizeof(monitor_addr.sun_path) - 1);
snprintf(monitor_addr.sun_path, sizeof(monitor_addr.sun_path), "%s", monitor_sock_path);
unlink(monitor_sock_path); // Remove existing socket
if (bind(monitor_fd, (struct sockaddr*)&monitor_addr, sizeof(monitor_addr)) < 0) { perror("Monitor bind failed"); return 1; }
chmod(monitor_sock_path, 0666);
if (listen(monitor_fd, 5) < 0) { perror("Monitor listen failed"); return 1; }
printf("Listening on %s and %s\n", sock_path, monitor_sock_path);
// Main loop
fd_set readfds;
while (1) {
FD_ZERO(&readfds);
FD_SET(report_fd, &readfds);
FD_SET(monitor_fd, &readfds);
int max_fd = report_fd > monitor_fd ? report_fd : monitor_fd;
if (select(max_fd + 1, &readfds, NULL, NULL, NULL) < 0) { perror("Select failed"); continue; }
if (FD_ISSET(report_fd, &readfds)) {
int client_fd = accept(report_fd, NULL, NULL);
if (client_fd < 0) { perror("Report accept failed"); continue; }
char buffer[BUFFER_SIZE] = {0};
int bytes = read(client_fd, buffer, BUFFER_SIZE - 1);
if (bytes > 0) {
store_report(buffer);
write(client_fd, mini_response, strlen(mini_response));
}
close(client_fd);
}
if (FD_ISSET(monitor_fd, &readfds)) {
int client_fd = accept(monitor_fd, NULL, NULL);
if (client_fd < 0) { perror("Monitor accept failed"); continue; }
char *html = generate_html_report();
if (html) {
//write(client_fd, html, strlen(html));
char http_response[BUFFER_SIZE * 2];
snprintf(http_response, BUFFER_SIZE * 2,
"HTTP/1.1 200 OK\r\n"
"Content-Type: text/html\r\n"
"Content-Length: %zu\r\n"
"\r\n" // End of headers
"%s\r\n", // HTML content
strlen(html), html);
write(client_fd, http_response, strlen(http_response));
free(html);
}
close(client_fd);
}
}
close(report_fd);
close(monitor_fd);
unlink(sock_path);
unlink(monitor_sock_path);
for (int i = 0; i < MAX_REPORTS; i++) if (reports[i].json) free(reports[i].json);
return 0;
}
|