1 files changed, 57 insertions, 0 deletions

diff --git a/cmd/wurgurboo/nt-driver-builder.go b/cmd/wurgurboo/nt-driver-builder.go
new file mode 100644
index 0000000..1c7eed7
--- /dev/null
+++ b/cmd/wurgurboo/nt-driver-builder.go
@@ -0,0 +1,57 @@
+/* SPDX-License-Identifier: GPL-2.0
+ *
+ * Copyright (C) 2021 Jason A. Donenfeld. All Rights Reserved.
+ */
+
+package main
+
+import (
+	"crypto/hmac"
+	"encoding/base64"
+	"fmt"
+	"net/http"
+	"os"
+
+	"golang.zx2c4.com/irc/hbot"
+)
+
+type NtDriverBuilderNotifier struct {
+	bot     *hbot.Bot
+	channel string
+	secret  [32]byte
+}
+
+func NewNtDriverBuilderNotifier(channel string, bot *hbot.Bot) *NtDriverBuilderNotifier {
+	notifier := new(NtDriverBuilderNotifier)
+	secret, err := base64.StdEncoding.DecodeString(os.Getenv("WURGURBOO_NTDRIVERBUILDERNOTIFIER_SECRET"))
+	if err != nil || len(secret) != 32 {
+		return notifier // Silently disable on failure
+	}
+	copy(notifier.secret[:], secret)
+	notifier.bot = bot
+	notifier.channel = channel
+	return notifier
+}
+
+func isValidNotificationString(s string) bool {
+	for _, c := range []byte(s) {
+		if c < ' ' || c > '~' {
+			return false
+		}
+	}
+	return len(s) >= 3 && len(s) < 200
+}
+
+func (notifier *NtDriverBuilderNotifier) HandleRequest(w http.ResponseWriter, r *http.Request) {
+	w.Header().Add("Server", "WurGurBoo/1.0")
+	secret, _ := base64.StdEncoding.DecodeString(r.Header.Get("Secret"))
+	driver, action := r.Header.Get("Driver"), r.Header.Get("Action")
+	if r.Method != http.MethodPost || notifier.bot == nil || !hmac.Equal(secret, notifier.secret[:]) ||
+		!isValidNotificationString(driver) || !isValidNotificationString(action) {
+		http.Redirect(w, r, "https://www.wireguard.com/", 302)
+		return
+	}
+	notifier.bot.Msg(notifier.channel,
+		fmt.Sprintf("rozmansi, zx2c4: \x0303nt-driver-builder\x0f %s \x0306%s\x0f",
+			action, driver))
+}