/*

This is a really dumb server program that listens for commands on
port 5194 and sends back results.  Each command has to be on a single
line; some commands like writefile are followed by data on further lines
ending with a line containing just "end".

This program is a major security hole as currently written, since it
will accept any shell command.  This has to be fixed before you let 
anyone else use it.

There's no way to get the output of a command directly, though there
probably ought to be.  Meanwhile, this works, though the client code
has to remove the "end" from the result.
	sh cmd >foo
	readfile foo

The server starts up a separate thread for each connection, so multiple
people can use it at the same time.

*/

import java.net.*;
import java.io.*;
import java.util.*;

public class srvcmd {

public static void main(String[] argv) {
	srvcmd srv;
	if (argv.length == 0)
		srv = new srvcmd("5194");
	else
		srv = new srvcmd(argv[0]);
}

srvcmd(String port) {
	Socket sock;
	try {
		ServerSocket server = new ServerSocket(Integer.parseInt(port));
		while (true) {
			sock = server.accept();
			System.err.println("srvcmd accepted " + sock);
			new docmd(sock);
		}
	} catch (IOException e) {
		e.printStackTrace();
	}
}
}

class docmd extends Thread {
	String Field[] = new String[20];
	Socket sock;
	DataInputStream in;
	DataOutputStream out;
	BufferedOutputStream bout;
	// ought to be rewritten to use InputReader stuff; that will turn off
	// the "deprecated" warnings

docmd(Socket sock) {
	this.sock = sock;
	start();
}

public void run() {
	try {
		System.err.println("run " + sock);
		in = new DataInputStream(sock.getInputStream());
		// buffered I/O really matters; very slow otherwise
		bout = new BufferedOutputStream(sock.getOutputStream());
		out = new DataOutputStream(bout);
		String s;
		int stat = 0;
	
		while ((s = in.readLine()) != null) {
			System.err.println("srvcmd docmd read " + s);	// debugging
			int n = fieldsplit(s);
			if (n == 0)
				continue;
			if (Field[0].equals("die!")) {
				System.exit(0);
			} else if (Field[0].equals("ls")) {
				listfiles();
			} else if (Field[0].equals("readfile")) {
				readfile(Field[1]);
			} else if (Field[0].equals("writefile")) {
				writefile(Field[1]);
			} else if (Field[0].equals("sh")) {
				stat = sh(s);
			} else {
				sendback("Huh? " + s);
			}
		}
		sock.close();
	} catch (IOException e) {
        	e.printStackTrace();
	}
}

void sendback(String s) {
	System.err.println("srvcmd sending back " + s);	// debugging
	try {
		out.writeBytes(s);
		out.writeByte('\n');
		out.flush();
	} catch (IOException e) {
		e.printStackTrace();
	}
}

void listfiles() {	// return list of filenames, terminated with "end"
	File f = new File(".");
	File[] files = f.listFiles();	// can't figure out filenamefilters

	String s = "";
	try {
		for (int i = 0; i < files.length; i++) {
			s = files[i].toString();
			// add filtering here; this passes everything because of "true"
			if (true || s.endsWith(".sum")) {
				out.writeBytes(s);
				out.writeByte('\n');
			}
		}
		out.writeBytes("end\n");
		out.flush();
	} catch (Exception e) {
		System.err.println("srvcmd listfiles " + e + " " + s); // eof
	}
}

void writefile(String f) {	// create a file from lines until "end"
	String s;
	try {
		PrintStream pout;
		pout = new PrintStream(new FileOutputStream(f));
		while ((s = in.readLine()) != null) {
			if (s.equals("end"))
				break;
			pout.println(s);
		}
		pout.close();
	} catch (IOException e) {
		System.err.println("srvcmd.writefile " + e);
	}
}

int sh(String s) throws IOException {	// BAD IDEA: runs arbitrary command
	Runtime rt = Runtime.getRuntime();
	Process proc;
	String[] cmd = new String[3];
	int stat = 1;

	cmd[0] = "/bin/sh";	// Unix-specific
	cmd[1] = "-c";
	cmd[2] = s.substring(2);	// discard "sh " at front
	System.err.println("srvcmd starting " + cmd[2]);
	try {
		proc = rt.exec(cmd);	// who returns the output ???
		proc.waitFor();
		stat = proc.exitValue();
		System.err.println("back from exec; status = " + stat); // debugging
	} catch (Exception e) {
		System.err.println("sh " + e);
	}
	return stat;
}

void readfile(String f) {
	DataInputStream in;

	Date d0 = new Date();
	try {
		FileInputStream fin = new FileInputStream(f);
		BufferedInputStream bin = new BufferedInputStream(fin);
		in = new DataInputStream(bin);
	} catch (FileNotFoundException e) {
		System.err.println(e + " can't open " + f);
		return;
	}

	String s = "";
	try {
		while ((s = in.readLine()) != null) {
			out.writeBytes(s);
			out.writeByte('\n');
		}
		out.writeBytes("end\n");
		out.flush();
	} catch (Exception e) {
		System.err.println("readfile " + e + " " + s); // eof
	}

	Date d1 = new Date();
	long dt = d1.getTime() - d0.getTime();
	System.err.println("srvcmd readfile " + f + " " + dt + " msec");	// debugging

}

int fieldsplit(String s) {
	StringTokenizer st = new StringTokenizer(s);
	int n = 0;
	try {
		for (n = 0; st.hasMoreTokens(); n++)
			Field[n] = st.nextToken();
	} catch (Exception e) {
		System.err.println("fieldsplit " + s + " " + e);
	}
	return n;
}

}