// flashsocket.js
// By Fishy, SysOp at Defcon BBS (telnet://bbs.defcon.no)
// Code is so simple, and based directly on the Adobe samples,
// so it is released as public domain
// Synchronet Service for the Flash Socket Policy files
// http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html
// $Id$
// Example configuration (in ctrl/services.ini)
// [Flashsocket]
// Port=843
// MaxClients=10
// Options=NO_HOST_LOOKUP
// Command=flashsocket.js
load("sockdefs.js");
log("FLASHSOCKET connection!");
if(datagram != undefined)
{
// Flash policy server is TCP-only.
exit();
}
else
{
// TCP Request, that's OK
request = client.socket.recv(32 /*maxlen*/, 10 /*timeout*/);
}
if(request==null) {
log(LOG_WARNING,"!TIMEOUT waiting for request");
exit();
}
// Adobe claims: "The request for a policy file is very simple:
// Flash Player sends the string followed
// by a NULL byte to the port where it is requesting a policy file;
// no more, no less."
if( request.substr(0,22).toUpperCase()==""
&& request.substr(22,1) == '\0'
&& request.length == 23 )
{
log("OK Policy File request");
var policyfile = ''
+ ''
+ ''
+ ''
+ ''
// Client is a global to the service handler...
// socket.send outputs the data and flushes.
client.socket.send(policyfile);
}
else
{
log("Incompatible request recieved");
}
exit();
/* End of flashsocket.js */
/* Simple, right? */