From 972beaf34b125814148be5e375aef889723db4ba Mon Sep 17 00:00:00 2001
From: Diederik de Groot <ddegroot@talon.nl>
Date: Sun, 16 Feb 2020 20:33:34 +0100
Subject: [PATCH] Replaced index.php with version that uses lib/resolver.php
 Replaced ../etc/nginx/sites-available/tftpboot Example file

Signed-off-by: Diederik de Groot <ddegroot@talon.nl>
---
 config.ini                         |   2 +-
 etc/nginx/sites-available/tftpboot | 277 ++----------------------
 lib/config.php                     |   8 +-
 lib/resolver.php                   |  65 +++---
 tftpboot/index.php                 | 326 +++++------------------------
 5 files changed, 123 insertions(+), 555 deletions(-)
 mode change 100755 => 100644 lib/resolver.php

diff --git a/config.ini b/config.ini
index a5c9db2..21f7036 100644
--- a/config.ini
+++ b/config.ini
@@ -2,7 +2,7 @@
 debug = on 								; The output in the browser window for more information
 cache_filename = "/tmp/provision_sccp_resolver.cache"
 default_language = English_United_States
-log_type = STDOUT							; SYSLOG|STDERR|STDOUT|NULL|FILE
+log_type = SYSLOG							; SYSLOG|STDERR|STDOUT|NULL|FILE
 log_level = LOG_INFO							; LOG_EMERG|LOG_ALERT|LOG_CRIT|LOG_ERR|LOG_WARNING|LOG_NOTICE|LOG_INFO|LOG_DEBUG
 ;log_filename = provision.log						; only in case of log_type = FILE
 
diff --git a/etc/nginx/sites-available/tftpboot b/etc/nginx/sites-available/tftpboot
index 23f3772..9d9c4ce 100644
--- a/etc/nginx/sites-available/tftpboot
+++ b/etc/nginx/sites-available/tftpboot
@@ -1,260 +1,29 @@
 server {
-	listen 6970;
-	server_name tftp.servername.org;
-	#root /tftpboot;
-	root /data/development/sccp/sources/tftp/tftpboot;
-	index XMLDefault.cnf.xml;
+    listen 6970;
+    server_name tftp.servername.org;
+    root /data/development/sccp/sources/tftp/tftpboot;
 
-	# Normal Logging
-	#access_log /var/log/nginx/tftp.access.log;
-	#error_log /var/log/nginx/tftp.error.log;
+    # Normal Logging
+    access_log /var/log/nginx/tftp1.access.log;
+    error_log /var/log/nginx/tftp1.error.log;
 
-	# Debug Rewrite Rules
-	rewrite_log on;
-	access_log /var/log/nginx/tftp.access.log;
-	error_log /var/log/nginx/tftp.error.log notice;
+    index           index.php;
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
+        fastcgi_index   index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+    }
 
-	location / {
-		# settings
-		rewrite ^/((.*)(\.cnf\.xml|\.tlv|authorized_keys)(\.enc)?(\.sgn)?)$ /settings/$1 last;
+    location / {
+        try_files $uri $uri/ /index.php$is_args$args;
+        rewrite ^/(.*)$ /index.php?filename=$1 last;
+    }
 
-		# firmware
-		rewrite	^/((.*).(bin|bin.|loads|LOADS|sbn|SBN|sb2|sbin|zz|zup)(\.sgn)?)$ /firmware/$1 last;
-
-		# locales
-		rewrite ^/(.*)/((.*)-tones\.xml(\.sgn)?)$ /locales/countries/$1/$2 last;
-		rewrite ^/(.*)/((.*)(-dictionary(.*)\.xml)(\.sgn)?)$ /locales/languages/$1/$2 last;
-		rewrite ^/(.*)/((.*)(-kate(.*)\.xml)(\.sgn)?)$ /locales/languages/$1/$2 last;
-		rewrite ^/(.*)/((.*)(-sccp\.jar)(\.sgn)?)$ /locales/languages/$1/$2 last;
-		rewrite ^/(.*)/((.*)(-font\.xml)(\.sgn)?)$ /locales/languages/$1/$2 last;
-		rewrite ^/(.*)/(CIPC_Locale\.(.*))(\.sgn)?)$ /locales/languages/$1/$2 last;
-
-		rewrite ^/(.*)/((.*)(-tones.xml)(\.sgn)?)$ /locales/countries/$1/$2 last;
-
-		# ringtones
-		rewrite ^/([D|d]istinctive)?([R|r]ing[L|l]ist)\.(xml|XML)(\.sgn)?$ /ringtones/ringlist.xml last;
-		#rewrite ^/((.*)(\.raw|\.pcm)(\.sgn))?$ /ringtones/$1 last;
-
-		# wallpapers
-		rewrite ^/Desktops/(.*)/((.*)(\.sgn)?)$ /wallpapers/$1/$2 last;
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# settings
-	location /settings {
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# firmware
-	location /firmware {
-		# 6901 firmware (java-based)
-		rewrite ^/firmware/(APP6901SCCP.+\.sgn)$ /firmware/6901/$1 last;
-		rewrite ^/firmware/(KNL6901SCCP.+\.sgn)$ /firmware/6901/$1 last;
-		rewrite ^/firmware/(SCCP6901.+\.loads)$ /firmware/6901/$1 last;
-
-		# 6911 firmware (java-based)
-		rewrite ^/firmware/(APP6911SCCP.+\.sgn)$ /firmware/6911/$1 last;
-		rewrite ^/firmware/(BFS6911SCCP.+\.sgn)$ /firmware/6911/$1 last;
-		rewrite ^/firmware/(KNL6911SCCP.+\.sgn)$ /firmware/6911/$1 last;
-		rewrite ^/firmware/(SCCP6911.+\.loads)$ /firmware/6911/$1 last;
-
-		# 6921 firmware (java-based)
-		rewrite ^/firmware/(BOOT69xx.+\.sgn)$ /firmware/6921/$1 last;
-		rewrite ^/firmware/(DSP69xx.+\.sgn)$ /firmware/6921/$1 last;
-		rewrite ^/firmware/(SCCP69xx.+\.loads)$ /firmware/6921/$1 last;
-		rewrite ^/firmware/(SCCP69xx.+\.sgn)$ /firmware/6921/$1 last;
-
-		# 6945 firmware (java-based)
-		rewrite ^/firmware/(SCCP6945.+\.sgn)$ /firmware/6945/$1 last;
-		rewrite ^/firmware/(SCCP6945.+\.loads)$ /firmware/6945/$1 last;
-
-		# 69xx firmware (java-based)
-		rewrite ^/firmware/(BOOT69xx.+\.sgn)$ /firmware/69xx/$1 last;
-		rewrite ^/firmware/(DSP69xx.+\.sgn)$ /firmware/69xx/$1 last;
-		rewrite ^/firmware/(SCCP69xx.+\.loads)$ /firmware/69xx/$1 last;
-		rewrite ^/firmware/(SCCP69xx.+\.sgn)$ /firmware/69xx/$1 last;
-
-		# 7902 firmware (ancient)
-		rewrite ^/firmware/(CP7902080002SCCP060817A.sbin)$ /firmware/7902/$1 last;
-
-		# 7905 firmware (ancient)
-		rewrite ^/firmware/(CP7905080003SCCP070409A.sbin)$ /firmware/7905/$1 last;
-		rewrite ^/firmware/(CP7905080003SCCP070409A.zup)$ /firmware/7905/$1 last;
-
-		# 7906_7911 firmware (java-based)
-		rewrite ^/firmware/(apps11.+\.sbn)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(cnu11.+\.sbn)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(cvm11sccp.+\.sbn)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(dsp11.+\.sbn)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(jar11sccp.+\.sbn)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(SCCP11.+\.loads)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(term06.+\.loads)$ /firmware/7906_7911/$1 last;
-		rewrite ^/firmware/(term11.+\.loads)$ /firmware/7906_7911/$1 last;
-
-		# 7910 firmware (ancient)
-		rewrite ^/firmware/(P00405000700.bin)$ /firmware/7910/$1 last;
-		rewrite ^/firmware/(P00405000700.sbn)$ /firmware/7910/$1 last;
-
-		# 7912 firmware (ancient)
-		rewrite ^/firmware/(CP7912080004SCCP080108A.sbin)$ /firmware/7912/$1 last;
-
-		# 7915 firmware (ancient)
-		rewrite ^/firmware/(B015-1-0-4.SBN)$ /firmware/7915/$1 last;
-
-		# 7916 firmware (ancient)
-		rewrite ^/firmware/(B016-1-0-4.SBN)$ /firmware/7916/$1 last;
-
-		# 7920 firmware (ancient)
-		rewrite ^/firmware/(cmterm_7920.4.0-03-02.bin)$ /firmware/7920/$1 last;
-
-		# 7921_7925 firmware (ancient)
-		rewrite ^/firmware/(APPS-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(CP7921G-1.4.3.4.LOADS)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(GUI-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(SYS-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(TNUX-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(TNUXR-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-		rewrite ^/firmware/(WLAN-1.4.3.4.SBN)$ /firmware/7921_7925/$1 last;
-
-		# 7926 firmware (ancient)
-		rewrite ^/firmware/(APPSS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(CP7926G-1.4.1SR1.LOADS)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(EA15FW-BF3-220.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(GUIS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(JSYSS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(JUIS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(SYSS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(TNUXRS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(TNUXS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-		rewrite ^/firmware/(WLANS-1.4.1SR1.SBN)$ /firmware/7926/$1 last;
-
-		# 7931 firmware (java-based)
-		rewrite ^/firmware/(apps31.+\.sbn)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(cnu31.+\.sbn)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(cvm31sccp.+\.sbn)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(dsp31.+\.sbn)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(jar31sccp.+\.sbn)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(SCCP31.+\.loads)$ /firmware/7931/$1 last;
-		rewrite ^/firmware/(term31.+\.loads)$ /firmware/7931/$1 last;
-
-		# 7935 firmware (ancient)
-		rewrite ^/firmware/(P00503021900.bin)$ /firmware/7935/$1 last;
-
-		# 7936 firmware (ancient)
-		rewrite ^/firmware/(cmterm_7936.3-3-21-0.bin)$ /firmware/7936/$1 last;
-
-		# 7937 firmware (ancient)
-		rewrite ^/firmware/(apps37sccp.1-4-5-7.bin)$ /firmware/7937/$1 last;
-
-		# 7940_7960 firmware (ancient)
-		rewrite ^/firmware/(P0030801SR.+\.bin)$ /firmware/7940_7960/$1 last;
-		rewrite ^/firmware/(P0030801SR.+\.loads)$ /firmware/7940_7960/$1 last;
-		rewrite ^/firmware/(P0030801SR.+\.sb2)$ /firmware/7940_7960/$1 last;
-		rewrite ^/firmware/(P0030801SR.+\.sbn)$ /firmware/7940_7960/$1 last;
-
-		# 7941_7961 firmware (java-based)
-		rewrite ^/firmware/(apps41.+\.sbn)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(cnu41.+\.sbn)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(cvm41sccp.+\.sbn)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(dsp41.+\.sbn)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(jar41sccp.+\.sbn)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(SCCP41.+\.loads)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(term41.+\.loads)$ /firmware/7941_7961/$1 last;
-		rewrite ^/firmware/(term61.+\.loads)$ /firmware/7941_7961/$1 last;
-
-		# 7942_7962 firmware (java-based)
-		rewrite ^/firmware/(apps42.+\.sbn)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(cnu42.+\.sbn)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(cvm42sccp.+\.sbn)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(dsp42.+\.sbn)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(jar42sccp.+\.sbn)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(SCCP42.+\.loads)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(term42.+\.loads)$ /firmware/7942_7962/$1 last;
-		rewrite ^/firmware/(term62.+\.loads)$ /firmware/7942_7962/$1 last;
-
-		# 7945_7965 firmware (java-based)
-		rewrite ^/firmware/(apps45.+\.sbn)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(cnu45.+\.sbn)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(cvm45sccp.+\.sbn)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(dsp45.+\.sbn)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(jar45sccp.+\.sbn)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(SCCP45.+\.loads)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(term45.+\.loads)$ /firmware/7945_7965/$1 last;
-		rewrite ^/firmware/(term65.+\.loads)$ /firmware/7945_7965/$1 last;
-
-		# 7970_7971 firmware (java-based)
-		rewrite ^/firmware/(apps70.+\.sbn)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(cnu70.+\.sbn)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(cvm70sccp.+\.sbn)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(dsp70.+\.sbn)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(jar70sccp.+\.sbn)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(SCCP70.+\.loads)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(term70.+\.loads)$ /firmware/7970_7971/$1 last;
-		rewrite ^/firmware/(term71.+\.loads)$ /firmware/7970_7971/$1 last;
-
-		# 7975 firmware (java-based)
-		rewrite ^/firmware/(apps75.+\.sbn)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(cnu75.+\.sbn)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(cvm75sccp.+\.sbn)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(dsp75.+\.sbn)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(jar75sccp.+\.sbn)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(SCCP75.+\.loads)$ /firmware/7975/$1 last;
-		rewrite ^/firmware/(term75.+\.loads)$ /firmware/7975/$1 last;
-
-		# 7985 firmware (ancient)
-		rewrite ^/firmware/(cmterm_7985.4-1-7-0.bin)$ /firmware/7985/$1 last;
-
-		# 894x firmware (java-based)
-		rewrite ^/firmware/(BOOT894x.+\.sgn)$ /firmware/894x/$1 last;
-		rewrite ^/firmware/(SCCP894x.+\.sgn)$ /firmware/894x/$1 last;
-		rewrite ^/firmware/(SCCP894x.+\.loads)$ /firmware/894x/$1 last;
-
-		# ata186 firmware (ancient)
-		rewrite ^/firmware/(ATA030204SCCP090202A.zup)$ /firmware/ata186/$1 last;
-
-		# ata188 firmware (ancient)
-		rewrite ^/firmware/(ATA030204SCCP090202A.zup)$ /firmware/ata188/$1 last;
-
-		# SPA50x
-		rewrite ^/firmware/(spa50x.+\.bin)$ /firmware/spa50x/$1 last;
-		rewrite ^/firmware/(spa51x.+\.bin)$ /firmware/spa51x/$1 last;
-		rewrite ^/firmware/(spa515.+\.bin)$ /firmware/spa525/$1 last;
-		rewrite ^/firmware/(spa941.+\.bin)$ /firmware/spa941/$1 last;
-
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# locales
-
-	location /locales {
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# ringtones
-	location /ringtones {
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# wallpapers
-	location /wallpapers {
-		try_files $uri $uri/ =404;
-		autoindex off;
-	}
-
-	# Deny access to .htaccess
-	location ~ /\.ht {
-		deny all;
-	}
-
-	error_page 404 /;
-
-	error_page 500 502 503 504 /50x.html;
-	location = /50x.html {
-		root /usr/share/nginx/html;
-	}
+    error_page 404 /;
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+    }
 }
diff --git a/lib/config.php b/lib/config.php
index f86f946..0106c13 100644
--- a/lib/config.php
+++ b/lib/config.php
@@ -58,12 +58,18 @@ $config['main']['tftproot'] = (!empty($config['main']['tftproot'])) ? $base_path
 switch($config['main']['log_type']) {
 	case 'SYSLOG':
 		$logger = new Logger_Syslog($config['main']['log_level']);
+		break;
 	case 'FILE':
-		$logger = new Logger_Filename($config['main']['log_level'], $config['main']['log_file']);
+		if (!isempty($config['main']['log_file'])) {
+			$logger = new Logger_Filename($config['main']['log_level'], $config['main']['log_file']);
+		}
+		break;
 	case 'STDOUT':
 		$logger = new Logger_Stdout($config['main']['log_level']);
+		break;
 	case 'STDERR':
 		$logger = new Logger_Stderr($config['main']['log_level']);
+		break;
 	default:
 		$logger = new Logger_Null($config['main']['log_level']);
 }
diff --git a/lib/resolver.php b/lib/resolver.php
old mode 100755
new mode 100644
index e02ad6e..579b10b
--- a/lib/resolver.php
+++ b/lib/resolver.php
@@ -1,4 +1,3 @@
-#!/usr/bin/php
 <?php
 include_once("config.php");
 include_once("utils.php");
@@ -97,6 +96,9 @@ class Resolver {
 		/* make sure request does not startwith or contain: "/", "../" or "/./" */
 		/* make sure request only starts with filename or one of $config[$subdir]['locale'] or $config[$subdir]['wallpaper'] */
 		/* check uri/url decode */
+		if (!is_string($request)) {
+			$this->log_error_and_throw("Request is not a string");
+		}
 		$this->log_debug($request . ":" . escapeshellarg($request) . ":" . utf8_urldecode($request) . "\n");
 		$escaped_request = escapeshellarg(utf8_urldecode($request));
 		if ($escaped_request !== "'" . $request . "'") {
@@ -123,43 +125,44 @@ class Resolver {
 		}
 		return $path;
 	}
-	/* temporairy */
+	/* temporary */
 	function printCache() {
 		print_r($this->cache);
 	}
 }
 
-//$resolver = new Resolver($config);
-$resolver = new Resolver($config);
+// Testing
+if(defined('STDIN') ) {
+	$resolver = new Resolver($config);
 
-// Tests
-$test_cases = Array(
-	Array('request' => 'jar70sccp.9-4-2ES26.sbn', 'expected' => '/tftpboot/firmware/7970/jar70sccp.9-4-2ES26.sbn', 'throws' => FALSE),
-	Array('request' => 'Russian_Russian_Federation/be-sccp.jar', 'expected' => '/tftpboot/locales/languages/Russian_Russian_Federation/be-sccp.jar', 'throws' => FALSE),
-	Array('request' => 'Spain/g3-tones.xml', 'expected' => '/tftpboot/locales/countries/Spain/g3-tones.xml', 'throws' => FALSE),
-	Array('request' => '320x196x4/Chan-SCCP-b.png', 'expected' => '/tftpboot/wallpapers/320x196x4/Chan-SCCP-b.png', 'throws' => FALSE),
-	Array('request' => 'XMLDefault.cnf.xml', 'expected' => '/tftpboot/settings/bak/XMLDefault.cnf.xml', 'throws' => FALSE),
-	Array('request' => '../XMLDefault.cnf.xml', 'expected' => '', 'throws' => TRUE),
-	Array('request' => 'XMLDefault.cnf.xml/../../text.xml', 'expected' => '', 'throws' => TRUE),
-	
-);
-foreach($test_cases as $test) {
-	try {
-		$result = $resolver->resolve($test['request']);
-		if ($result !== $base_path . $test['expected']) {
-			print("Error: expected result does not match what we got\n");
-			print("request:'".$test['request']."', result:'" . $base_path . $test['expected'] . "'\n");
-		} else {
-			print("'" . $test['request'] . "' => '" . $result . "'\n");
-		}
-	} catch (Exception $e) {
-		if (!$test['throws']) {
-			print("Error: request was expected to throw: $e\n");
-		} else {
-			print("'" . $test['request'] . "' => throws error as expected\n");
+	$test_cases = Array(
+		Array('request' => 'jar70sccp.9-4-2ES26.sbn', 'expected' => '/tftpboot/firmware/7970/jar70sccp.9-4-2ES26.sbn', 'throws' => FALSE),
+		Array('request' => 'Russian_Russian_Federation/be-sccp.jar', 'expected' => '/tftpboot/locales/languages/Russian_Russian_Federation/be-sccp.jar', 'throws' => FALSE),
+		Array('request' => 'Spain/g3-tones.xml', 'expected' => '/tftpboot/locales/countries/Spain/g3-tones.xml', 'throws' => FALSE),
+		Array('request' => '320x196x4/Chan-SCCP-b.png', 'expected' => '/tftpboot/wallpapers/320x196x4/Chan-SCCP-b.png', 'throws' => FALSE),
+		Array('request' => 'XMLDefault.cnf.xml', 'expected' => '/tftpboot/settings/bak/XMLDefault.cnf.xml', 'throws' => FALSE),
+		Array('request' => '../XMLDefault.cnf.xml', 'expected' => '', 'throws' => TRUE),
+		Array('request' => 'XMLDefault.cnf.xml/../../text.xml', 'expected' => '', 'throws' => TRUE),
+		
+	);
+	foreach($test_cases as $test) {
+		try {
+			$result = $resolver->resolve($test['request']);
+			if ($result !== $base_path . $test['expected']) {
+				print("Error: expected result does not match what we got\n");
+				print("request:'".$test['request']."', result:'" . $base_path . $test['expected'] . "'\n");
+			} else {
+				print("'" . $test['request'] . "' => '" . $result . "'\n");
+			}
+		} catch (Exception $e) {
+			if (!$test['throws']) {
+				print("Error: request was expected to throw: $e\n");
+			} else {
+				print("'" . $test['request'] . "' => throws error as expected\n");
+			}
 		}
 	}
+	unset($resolver);
+	#unlink($CACHEFILE_NAME);
 }
-unset($resolver);
-#unlink($CACHEFILE_NAME);
 ?>
diff --git a/tftpboot/index.php b/tftpboot/index.php
index c343867..c7024b3 100644
--- a/tftpboot/index.php
+++ b/tftpboot/index.php
@@ -1,277 +1,67 @@
 <?php
-//
-// Written by Alex / github.com/PhantomVI
-//
 include_once("../lib/config.php");
+include_once("../lib/resolver.php");
+$request = $_REQUEST ?? null;
 
-# Parse request
-$request = $_REQUEST;
-$req_file = !empty($request['id']) ? $request['id'] : '';
-
-# directory content extensions map
-$fw_suffix = array('.bin', '.loads', '.sbn', '.sb2', '.sbin', '.zz', '.zup', '.loads');
-
-//$settings_suffix = array('cnf.xml');
-
-$ringtones_list = array('distinctive.xml', 'ringlist.xml','distinctiveringlist.xml');
-$ringtones_suffix = array('.raw', '.pcm', '.rwb');
-
-$locale_list = array('-dictionary.', 'dictionary-ext.', '-dictionary.utf-8.', '-kate.xml', '-font.xml', '-font.dat','-tones.xml',
-                     'be-sccp.jar', 'tc-sccp.jar', 'td-sccp.jar', 'ipc-sccp.jar', 'mk-sccp.jar', '_locale.loads', 'i-button-help.xml',
-                     'tc-sip.jar', 'td-sipp.jar');
-
-# Show debug output
-if ($print_debug == 'on') {
-    print_r("<br> Config:<pre>");
-    print_r($config);
-    print("</pre>");
-    print_r("<br> Request:<br><pre>");
-    print_r($request);
-    print("</pre>");
+function send_fallback_html($message) {
+	while (ob_get_level()) {ob_end_clean();}
+	if (ob_get_length() === false) {
+		ob_start();
+		header('Content-Description: README');
+		header('Content-Type: text/html');
+		header('Expires: 0');
+		header('Cache-Control: must-revalidate');
+		header('Pragma: public');
+	}
+	$content="
+		<html>
+		<header>
+		</header>
+		<body>
+			<h1>provision_sccp</h1>
+			<p>Request:" . json_encode($request) . "</p>
+			<p>Message:" . $message . "</p>
+		</body>
+		</html>
+	";
+	print ($content);
+	ob_flush();
+	flush();
 }
 
-# Start parsing the request
-$req_file_full_path = '' ;
+function sendfile($file) {
+	if (file_exists($file)) {
+		while (ob_get_level()) {ob_end_clean();}
+		header('Content-Description: File Transfer');
+		header('Content-Type: application/octet-stream');
+		header('Content-Disposition: attachment; filename=' . basename($file));
+		header('Content-Transfer-Encoding: binary');
+		header('Expires: 0');
+		header('Cache-Control: must-revalidate');
+		header('Pragma: public');
+		header('Content-Length: ' . filesize($file));
 
-if (!empty($req_file)) {
-    $signed = FALSE;
-    $req_data_ar = explode('/', $req_file);
-    $req_data_len = count($req_data_ar) - 1;
-
-    $orig_req_file_name = end($req_data_ar);
-    $req_file_name = $orig_req_file_name;
-    
-    if (strpos('.sgn;', strtolower($orig_req_file_name).';') !== FALSE) {		// handle signed files
-        $signed = TRUE;
-        $req_file_name = basename($orig_req_file_name, '.sgn');				// strip signed part
-    }
-
-        
-    if (file_exists($config['main']['tftproot'].'/'.$req_file_name))				// prevent "/../...//" browsing - (eliminate back door)
-    {
-        $req_file_full_path = $config['main']['tftproot'].'/'.$req_file_name;
-    } 
-    else 
-    { 
-        $tmp_file = explode('.', $req_file_name);
-        
-        if (strpos_array($req_file_name, $fw_suffix,'any') !== FALSE) {			// Firmware file was requested
-            $firmware_list = find_all_files($config['subdirs']['firmware']);
-            $pos2 = strpos_array($firmware_list, $req_file_name, 'any'); 		// case unsensitive
-            if ($pos2 !== FALSE) { 							// Request Firmware 
-                $req_file_full_path = $firmware_list[$pos2];
-            }
-            if ($print_debug == 'on'){ print_r('<br>Requested Firmware: '. $req_file_full_path. '<br>');}
-        }
-        else 
-        {
-            $tmp_file = '';
-
-            //if (strpos_array($req_file_name, $settings_suffix, 'any') !==  FALSE) { 	// Request Settings
-            if (strpos(strtolower($req_file_name), '.cnf.xml') !==  FALSE) {		// Request Settings
-                $tmp_file = $config['subdirs']['settings'].'/'.$req_file_name;
-            }
-            else if (strpos(strtolower($req_file), 'desktops/') !== FALSE) { 		// Request Wallpapers
-                $tmp_file = $config['subdirs']['wallpapers'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
-            }
-            else if (strpos_array($ringtones_list, $req_file_name, 'any') !== FALSE) {	// Request RingTones
-                $tmp_file = $config['subdirs']['ringtones'].'/'.$req_file_name;
-                if (!file_exists($tmp_file)) {
-                    $tmp_file = $config['subdirs']['ringtones'].'/ringlist.xml';
-                }
-            } 
-            else if(strpos_array($req_file_name, $ringtones_suffix,'any') !== FALSE) {			// Firmware file was requested
-                $tmp_file = $config['subdirs']['ringtones'].'/'.$req_file_name;
-            }
-            else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { 		// Request Languages
-                if (!empty($req_data_ar[$req_data_len-1])) {
-                    $tmp_file = $config['subdirs']['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_file_name;
-                } else {
-                    $tmp_file = $config['main']['default_language'].'/'. $req_file_name;
-                }
-            }
-            
-/*
-            else if (strpos(strtolower($req_file), '-tones.xml') !== FALSE) { 		// Request Countries
-                $tmp_file = $config['subdirs']['countries'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
-            }
- 
-            else if (strpos(strtolower($req_file), '-dictionary.') !== FALSE) { 		// Request Countries
-                $tmp_file = $config['subdirs']['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
-            }
-
-            else if (strpos_array($req_file, $locale_list, 'any') !== FALSE) { 		// Request Languages
-                $tmp_file = $config['subdirs']['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
-            }
-
-            else if (strpos(strtolower($req_file), '-dictionary.jar') !== FALSE) { 	// Request Countries
-                $tmp_file = $config['subdirs']['languages'].'/'. $req_data_ar[$req_data_len-1].'/'. $req_data_ar[$req_data_len];
-            }
-*/
-            if ($print_debug == 'on'){ print_r('<br>File : '. $orig_req_file_name. ' not found.<br>');}
-            if (empty($tmp_file)) { 
-                if (!empty($config['main']['log'])) { to_log(array('GET ('.$req_file.'):'.$orig_req_file_name, 'no match found'),'E',$config['log']); }
-                header("HTTP/1.0 404 Not Found");
-                die('ERROR: no match found.');
-            }
-            $req_file_full_path = $tmp_file;
-        }
-    }
-    if (!empty($config['main']['log'])) { to_log(array('GET ('.$req_file.') :'.$orig_req_file_name, 'Remap :'.$req_file_full_path),'i',$config['main']['log']); }
-    
-    if (!empty($req_file_full_path)) { 
-        if ($signed) {
-            $req_file_full_path .= '.sgn';
-        }
-        if (!file_exists($req_file_full_path)) { 
-            header("HTTP/1.0 404 Not Found");
-            die('Could not find:'. $req_file_full_path);
-        }
-        if ($print_debug == 'on'){ print_r('<br>Returning: '. $req_file_full_path. '<br>');}
-        file_force_download($req_file_full_path);
-    } 
-} 
-
-/*
- * Helper functiosn 
- */
-function file_force_download($file) {
-  if (file_exists($file)) {
-
-    if (ob_get_level()) {
-      ob_end_clean();
-    }
-
-    header('Content-Description: File Transfer');
-    header('Content-Type: application/octet-stream');
-    header('Content-Disposition: attachment; filename=' . basename($file));
-    header('Content-Transfer-Encoding: binary');
-    header('Expires: 0');
-    header('Cache-Control: must-revalidate');
-    header('Pragma: public');
-    header('Content-Length: ' . filesize($file));
-
-    if ($fd = fopen($file, 'rb')) {
-      while (!feof($fd)) {
-        print fread($fd, 1024);
-      }
-      fclose($fd);
-    }
-    exit;
-  }
+		/* want to stream out, so don't use file_get_contents() in this case */
+		if ($fd = fopen($file, 'rb')) {
+			while (!feof($fd)) {
+				print fread($fd, 1024);
+			}
+			fclose($fd);
+		}
+	}
 }
-
-/*
- *  Founds any string from array in array 
- */
-function strpos_array($haystack, $needles, $mode='any') {
-    if (is_array($needles)) {
-        foreach ($needles as $str) {
-            $pos = strpos_array($haystack, $str, $mode);
-            if ($pos !== FALSE) {
-                return $pos;
-            }
-        }
-    } else {
-        if (is_array($haystack)) {
-            foreach ($haystack as $key => $subtr) {
-                $pos = strpos_array($subtr, $needles, $mode);
-                if ($pos !== FALSE) {
-                    return $key;
-                }
-            }
-            return FALSE;
-        } else {
-            if ($mode == 'any') {
-                return strpos(strtolower($haystack), strtolower($needles));
-            } else {
-                if ($mode == 'full') {
-                    if ($haystack == $needles) {
-                        return 0;
-                    } else {
-                        return FALSE;
-                    }
-                } else {
-                    return strpos($haystack, $needles);
-                }
-                    
-            }
-        }
-    }
-    return FALSE;
+if (!$request || empty($request) || !array_key_exists('filename',$request) || empty($request['filename'])) {
+	send_fallback_html("Empty request sent");
+	exit();
 }
-
-function to_log($text, $level='i', $file) {
-    switch (strtolower($level)) {
-        case 'e':
-        case 'error':
-            $level='ERROR';
-            break;
-        case 'i':
-        case 'info':
-            $level='INFO';
-            break;
-        case 'd':
-        case 'debug':
-            $level='DEBUG';
-            break;
-        default:
-            $level='INFO';
-    }
-    if (is_array($text)) {
-        $to_log = '';
-        foreach ($text as $value) {
-           $to_log .= $value."\t";
-        }
-    } else {
-        $to_log .= $text;
-    }
-    $_txt = date('d.m.Y h:i:s')."\t[".$level."]\t ".$to_log."\n"; 
-    if (empty($file)) {
-        error_log($_txt, 0);
-    } else {
-        error_log($_txt, 3, $file);    
-    }
+try {
+	$req_filename=$request['filename'];
+	$resolver = new Resolver($config);
+	if (($filename = $resolver->resolve($req_filename))) {
+		sendfile($filename);
+	}
+	unset($resolver);
+} catch(Exception $e) {
+	send_fallback_html($e->getMessage());
 }
-
-function find_all_files($dir, $file_mask=null, $mode='full'){
-
-    $result = NULL;
-    if (empty($dir) || (!file_exists($dir))) {
-        return $result;
-    }
-
-    $root = scandir($dir);
-    foreach($root as $value) {
-        if($value === '.' || $value === '..') {continue;}
-        if(is_file("$dir/$value")) {
-            $filter = FALSE;
-            if (!empty($file_mask)) {
-                if (is_array($file_mask)) {
-                    foreach ($file_mask as $k){
-                        if (strpos(strtolower($value), strtolower($k)) !== FALSE) {$filter = true;}
-                    }
-                } else {
-                    if (strpos(strtolower($value), strtolower($file_mask)) !== FALSE) {$filter = true;}
-                }
-              } else {$filter = true;}
-            if ($filter) {
-                if ($mode=='fileonly'){
-                    $result[]="$value";
-                } else {
-                    $result[]="$dir/$value";
-                }
-            } else {$result[]=null;}
-            continue;
-        }
-        $sub_fiend = find_all_files("$dir/$value", $file_mask, $mode);
-        if (!empty($sub_fiend)) {
-            foreach($sub_fiend as $sub_value) {
-                if (!empty($sub_value)) {
-                    $result[]=$sub_value;
-                }
-            }
-        }
-    }
-    return $result;
-} 
+?>
\ No newline at end of file