 @@ -1,16 +1,16 @@
-.\"	$NetBSD: bozohttpd.8,v 1.12 2009/04/18 12:35:51 wiz Exp $
+.\"	$NetBSD: bozohttpd.8,v 1.13 2009/04/18 21:22:03 mrg Exp $
 .\"
-.\"	$eterna: bozohttpd.8,v 1.84 2009/04/18 01:48:18 mrg Exp $
+.\"	$eterna: bozohttpd.8,v 1.87 2009/04/18 20:53:58 mrg Exp $
 .\"
 .\" Copyright (c) 1997-2009 Matthew R. Green
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
 .\"    documentation and/or other materials provided with the distribution.
 .\"
 @@ -131,26 +131,29 @@ The default is the
 .Dq http
 port.
 .It Fl i Ar address
 This option is only valid with the
 .Fl b
 option.
 It causes
 .Ar address
 to use used as the address to bind daemon mode.
 If otherwise unspecified, the address used to bind is derived from the
 .Ar myname ,
 which defaults to the name returned by
 .Xr gethostname 3 .
 Only the last
 .Fl i
 option is used.
 .It Fl M Ar suffix type encoding encoding11
 This option adds a new entry to the table that converts file suffixes to
 content type and encoding.
 This option takes four additional arguments containing
 the file prefix, its
 .Dq Content-Type ,
 .Dq Content-Encoding ,
 and
 .Dq Content-Encoding
 for HTTP/1.1 connections, respectively.
 If any of these are a single dash
 .Pq Dq - ,
 the empty string is used instead.
 @@ -440,27 +443,27 @@ program is actually called
 .Dq bozohttpd .
 It was first written in perl, based on another perl http server
 called
 .Dq tinyhttpd .
 It was then rewritten from scratch in perl, and then once again in C.
 From
 .Dq bozohttpd
 version 20060517, it has been integrated into
 .Nx .
 The focus has always been simplicity and security, with minimal features
 and regular code audits.
 This manual documents
 .Nm
-version 20090417.
+version 20090418.
 .Sh AUTHORS
 .Nm
 was written by Matthew R. Green
 .Aq mrg@eterna.com.au .
 .Pp
 The large list of contributors includes:
 .Bl -dash
 .It
 Arnaud Lacombe
 .Aq alc@netbsd.org
 provided some clean up for memory leaks
 .It
 Christoph Badura

 @@ -1,16 +1,16 @@
-/*	$NetBSD: bozohttpd.c,v 1.12 2009/04/18 07:28:24 mrg Exp $	*/
+/*	$NetBSD: bozohttpd.c,v 1.13 2009/04/18 21:22:03 mrg Exp $	*/
-/*	$eterna: bozohttpd.c,v 1.152 2009/04/18 05:36:04 mrg Exp $	*/
+/*	$eterna: bozohttpd.c,v 1.155 2009/04/18 20:53:58 mrg Exp $	*/
 /*
  * Copyright (c) 1997-2009 Matthew R. Green
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer and
  *    dedication in the documentation and/or other materials provided
 @@ -99,27 +99,27 @@
  *	- 14.9: we aren't a cache.
+ *
  *	- 14.15: content-md5 would be nice...
+ *
  *	- 14.24/14.26/14.27: be nice to support this...
+ *
  *	- 14.44: not sure about this Vary: header.  ignore it for now.
  */
 #ifndef INDEX_HTML
 #define INDEX_HTML		"index.html"
 #endif
 #ifndef SERVER_SOFTWARE
-#define SERVER_SOFTWARE		"bozohttpd/20090417"
+#define SERVER_SOFTWARE		"bozohttpd/20090418"
 #endif
 #ifndef DIRECT_ACCESS_FILE
 #define DIRECT_ACCESS_FILE	".bzdirect"
 #endif
 #ifndef REDIRECT_FILE
 #define REDIRECT_FILE		".bzredirect"
 #endif
 #ifndef ABSREDIRECT_FILE
 #define ABSREDIRECT_FILE	".bzabsredirect"
 #endif
 /*
  * And so it begins ..
 @@ -522,27 +522,27 @@ main(int argc, char **argv)
 		if (chdir("/") == -1)
 			error(1, "chdir /: %s", strerror(errno));
 	/*
 	 * read and process the HTTP request.
 	 */
 	do {
 		request = read_request();
 		if (request) {
 			process_request(request);
 			clean_request(request);
 			return (0);
+		}
-	} while (bflag);
+	} while (bflag && 0);
 	return (0);
+}
 char *
 http_date(void)
+{
 	static	char date[40];
 	struct	tm *tm;
 	time_t	now;
 	/* Sun, 06 Nov 1994 08:49:37 GMT */
 	now = time(NULL);
 @@ -1444,28 +1444,30 @@ transform_request(http_req *request, int
+	 *
 	 * XXX true security only comes from our parent using chroot(2)
 	 * before execve(2)'ing us.  or our own built in chroot(2) support.
 	 */
 	if (*newfile == '/' || strcmp(newfile, "..") == 0 ||
 	    strstr(newfile, "/..") || strstr(newfile, "../")) {
 		(void)http_error(403, request, "illegal request");
 		goto bad_done;
+	}
 	if (auth_check(request, newfile))
 		goto bad_done;
-	if (strlen(newfile))
+	if (strlen(newfile)) {
 		free(request->hr_file);
 		request->hr_file = newfile;
+	}
 	if (process_cgi(request))
 		return 0;
 	debug((DEBUG_FAT, "transform_request set: %s", newfile));
 	return 1;
 bad_done:
 	debug((DEBUG_FAT, "transform_request returning: 0"));
 	if (newfile)
 		free(newfile);
 	return 0;
+}

 @@ -1,16 +1,16 @@
-/*	$NetBSD: cgi-bozo.c,v 1.12 2009/04/18 07:28:24 mrg Exp $	*/
+/*	$NetBSD: cgi-bozo.c,v 1.13 2009/04/18 21:22:03 mrg Exp $	*/
-/*	$eterna: cgi-bozo.c,v 1.28 2009/04/18 05:36:04 mrg Exp $	*/
+/*	$eterna: cgi-bozo.c,v 1.30 2009/04/18 12:39:28 mrg Exp $	*/
 /*
  * Copyright (c) 1997-2009 Matthew R. Green
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer and
  *    dedication in the documentation and/or other materials provided
 @@ -33,26 +33,27 @@
 /* this code implements CGI/1.2 for bozohttpd */
 #ifndef NO_CGIBIN_SUPPORT
 #include <sys/param.h>
 #include <sys/socket.h>
 #include <ctype.h>
 #include <errno.h>
 #include <paths.h>
 #include <signal.h>
 #include <stdlib.h>
 #include <string.h>
 #include <syslog.h>
 #include <unistd.h>
 #include <netinet/in.h>
 #include "bozohttpd.h"
 #define CGIBIN_PREFIX		"cgi-bin/"
 #define CGIBIN_PREFIX_LEN	(sizeof(CGIBIN_PREFIX)-1)
 static	char	*cgibin;	/* cgi-bin directory */
 static	int	Cflag;		/* added a cgi handler, always process_cgi() */
 static	const char *	content_cgihandler(http_req *, const char *);
 @@ -111,26 +112,27 @@ process_cgi(http_req *request)
 	else
 		query = NULL;
 	asprintf(&url, "%s%s%s", file, query ? "?" : "", query ? query : "");
 	if (url == NULL)
 		goto out;
 	debug((DEBUG_NORMAL, "process_cgi: url `%s'", url));
 	path = NULL;
 	envp = NULL;
 	cgihandler = NULL;
 	command = NULL;
 	info = NULL;
 	len = strlen(url);
 	if (auth_check(request, url + 1))
 		goto out;
 	if (!cgibin || strncmp(url + 1, CGIBIN_PREFIX, CGIBIN_PREFIX_LEN) != 0) {
 		cgihandler = content_cgihandler(request, file + 1);
 		if (cgihandler == NULL) {
 			debug((DEBUG_FAT, "process_cgi: no handler, returning"));
 			goto out;
+		}
 		if (len == 0 || file[len - 1] == '/')
 			append_index_html(&file);
 @@ -170,56 +172,53 @@ process_cgi(http_req *request)
 	type = request->hr_content_type;
 	clen = request->hr_content_length;
 	envpsize = 13 + request->hr_nheaders +
 	    (info && *info ? 1 : 0) +
 	    (query && *query ? 1 : 0) +
 	    (type && *type ? 1 : 0) +
 	    (clen && *clen ? 1 : 0) +
 	    (request->hr_remotehost && *request->hr_remotehost ? 1 : 0) +
 	    (request->hr_remoteaddr && *request->hr_remoteaddr ? 1 : 0) +
 	    auth_cgi_count(request) +
 	    (request->hr_serverport && *request->hr_serverport ? 1 : 0);
 	debug((DEBUG_FAT,
 	       "process_cgi: envpsize `%d'", envpsize));
 	envp = bozomalloc(sizeof(*envp) * envpsize);
 	for (ix = 0; ix < envpsize; ix++)
 		envp[ix] = NULL;
 	curenvp = envp;
 	SIMPLEQ_FOREACH(headp, &request->hr_headers, h_next) {
 		const char *s2;
 		env = bozomalloc(6 + strlen(headp->h_header) + 1 +
 		    strlen(headp->h_value));
 		t = env;
 		strcpy(t, "HTTP_");
 		t += strlen(t);
 		for (s2 = headp->h_header; *s2; t++, s2++)
 			if (islower((u_int)*s2))
 				*t = toupper((u_int)*s2);
 			else if (*s2 == '-')
 				*t = '_';
 			else
 				*t = *s2;
 		*t = '\0';
 		debug((DEBUG_OBESE, "setting header %s as %s = %s",
 		    headp->h_header, env, headp->h_value));
 		spsetenv(env, headp->h_value, curenvp++);
 		free(env);
+	}
 #ifndef _PATH_DEFPATH
 #define _PATH_DEFPATH "/usr/bin:/bin"
 #endif
 	spsetenv("PATH", _PATH_DEFPATH, curenvp++);
 	spsetenv("IFS", " \t\n", curenvp++);
 	spsetenv("SERVER_NAME", myname, curenvp++);
 	spsetenv("GATEWAY_INTERFACE", "CGI/1.1", curenvp++);
 	spsetenv("SERVER_PROTOCOL", request->hr_proto, curenvp++);
 	spsetenv("REQUEST_METHOD", request->hr_methodstr, curenvp++);
 	spsetenv("SCRIPT_NAME", file, curenvp++);
 	spsetenv("SCRIPT_FILENAME", file + 1, curenvp++);
 	spsetenv("SERVER_SOFTWARE", server_software, curenvp++);
 @@ -253,32 +252,33 @@ process_cgi(http_req *request)
 	/*
 	 * We create 2 procs: one to become the CGI, one read from
 	 * the CGI and output to the network, and this parent will
 	 * continue reading from the network and writing to the
 	 * CGI procsss.
 	 */
 	switch (fork()) {
 	case -1: /* eep, failure */
 		error(1, "child fork failed: %s", strerror(errno));
 	case 0:
 		close(sv[0]);
 		dup2(sv[1], STDIN_FILENO);
 		dup2(sv[1], STDOUT_FILENO);
 		close(2);
-		debug((DEBUG_FAT, "process_cgi: going exec %s, %s %s %s",
+		close(sv[1]);
-		       path, argv[0], strornull(argv[1]), strornull(argv[2])));
+		closelog();
 		if (-1 == execve(path, argv, envp))
-			error(1, "child exec failed: %s", path);
+			error(1, "child exec failed: %s: %s",
 			      path, strerror(errno));
 		/* NOT REACHED */
 		error(1, "child execve returned?!");
+	}
 	close(sv[1]);
 	/* parent: read from stdin (bozoread()) write to sv[0] */
 	/* child: read from sv[0] (bozowrite()) write to stdout */
 	pid = fork();
 	if (pid == -1)
 		error(1, "io child fork failed: %s", strerror(errno));
 	else if (pid == 0) {
 		/* child reader/writer */

 @@ -1,16 +1,16 @@
-/*	$NetBSD: daemon-bozo.c,v 1.5 2009/04/18 07:28:24 mrg Exp $	*/
+/*	$NetBSD: daemon-bozo.c,v 1.6 2009/04/18 21:22:03 mrg Exp $	*/
-/*	$eterna: daemon-bozo.c,v 1.13 2009/04/17 22:52:20 mrg Exp $	*/
+/*	$eterna: daemon-bozo.c,v 1.16 2009/04/18 13:06:45 mrg Exp $	*/
 /*
  * Copyright (c) 1997-2009 Matthew R. Green
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer and
  *    dedication in the documentation and/or other materials provided
 @@ -110,92 +110,129 @@ daemon_init()
 	freeaddrinfo(r0);
 	signal(SIGCHLD, sigchild);
+}
 /*
  * the parent never returns from this function, only children that
  * are ready to run... XXXMRG - still true in fork-lesser bozo?
  */
 void
 daemon_fork()
+{
 	struct pollfd *fds = NULL;
 	int i, j;
 	while (bflag) {
 		struct	sockaddr_storage ss;
 		socklen_t slen;
 		int fd;
 		int i;
 #ifndef POLLRDNORM
 #define POLLRDNORM 0
 #endif
 #ifndef POLLRDBAND
 #define POLLRDBAND 0
 #endif
 #ifndef INFTIM
 #define INFTIM -1
 #endif
 		if (fds == NULL) {
-			fds = bozomalloc(nsock * sizeof *fds);
+	fds = bozomalloc(nsock * sizeof *fds);
-			for (i = 0; i < nsock; i++) {
+	for (i = 0; i < nsock; i++) {
-				fds[i].events = POLLIN | POLLPRI | POLLRDNORM |
+		if (sock[i] == -1)
-						POLLRDBAND | POLLERR;
+			continue;
-				fds[i].fd = sock[i];
+		fds[i].events = POLLIN | POLLPRI | POLLRDNORM |
 				POLLRDBAND | POLLERR;
 		fds[i].fd = sock[i];
+	}
 	while (bflag) {
 		struct	sockaddr_storage ss;
 		socklen_t slen;
 		int fd;
 		if (nsock == 0)
 			exit(0);
 		/*
 		 * wait for a connection, then fork() and return NULL in
 		 * the parent, who will come back here waiting for another
 		 * connection.  read the request in in the child, and return
 		 * it, for processing.
 		 */
 again:
 		if (poll(fds, nsock, INFTIM) == -1) {
-			if (errno != EINTR)
+			/* fail on programmer errors */
 			if (errno == EFAULT ||
 			    errno == EINVAL)
 				error(1, "poll: %s", strerror(errno));
 			/* sleep on some temporary kernel failures */
 			if (errno == ENOMEM ||
 			    errno == EAGAIN)
 				sleep(1);
 			goto again;
+		}
 		for (i = 0; i < nsock; i++) {
 			if (fds[i].revents & (POLLNVAL|POLLERR|POLLHUP)) {
-				warning("poll on fd %d: %s", fds[i].fd,
+				warning("poll on fd %d pid %d revents %d: %s",
-				    strerror(errno));
+				    fds[i].fd, getpid(), fds[i].revents, strerror(errno));
-				continue;
+				warning("nsock = %d", nsock);
 				close(sock[i]);
 				nsock--;
 				warning("nsock now = %d", nsock);
 				/* no sockets left */
 				if (nsock == 0)
 					exit(0);
 				/* last socket; easy case */
 				if (nsock == i)
 					break;
 				memmove(&fds[i], &fds[i+i],
 					(nsock - i) * sizeof(*fds));
 				memmove(&sock[i], &sock[i+i],
 					(nsock - i) * sizeof(*sock));
 				break;
+			}
 			if (fds[i].revents == 0)
 				continue;
 			slen = sizeof(ss);
-			fd = accept(sock[i], (struct sockaddr *)&ss, &slen);
+			fd = accept(fds[i].fd, (struct sockaddr *)&ss, &slen);
 			if (fd == -1) {
-				if (errno != EAGAIN)
+				if (errno == EFAULT ||
 				    errno == EINVAL)
 					error(1, "accept: %s", strerror(errno));
 				if (errno == ENOMEM ||
 				    errno == EAGAIN)
 					sleep(1);
 				continue;
+			}
 			switch (fork()) {
 			case -1: /* eep, failure */
 				warning("fork() failed, sleeping for 10 seconds: %s",
 				    strerror(errno));
 				close(fd);
 				sleep(10);
 				continue;
 			case 0: /* child */
 				/* setup stdin/stdout/stderr */
 				dup2(fd, 0);
 				dup2(fd, 1);
 				/*dup2(fd, 2);*/
 				free(fds);
 				free(sock);
 				close(fd);
 				for (j = 0; j < nsock; j++)
 					close(sock[j]);
 				return;
 			default: /* parent */
 				close(fd);
 				continue;
+			}
+		}
+	}
 	free(fds);
+}
 #endif /* NO_DAEMON_MODE */

 @@ -1,14 +1,20 @@
-$eterna: CHANGES,v 1.65 2009/04/18 05:36:04 mrg Exp $
+$eterna: CHANGES,v 1.67 2009/04/18 11:42:39 mrg Exp $
 changes since bozohttpd 20090417:
 	o  avoid dying in daemon mode for some uncommon, but recoverable, errors
 	o  close leaking file descriptors for CGI and daemon mode
 	o  handle poll errors properly
 	o  don't try to handle more than one request per process yet
 changes since bozohttpd 20080303:
 	o  make bozohttpd internally more modular, preparing the way
 	   to handle more than one request per process
 	o  fix http-auth, set $REMOTE_USER not $REMOTEUSER.  also fix
 	   cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
 	o  fix an uninitialised variable use in daemon mode
 	o  fix ssl mode with newer OpenSSL
 	o  mmap large files in manageable sizes so we can serve any size file
 	o  refactor url processing to handle query strings correctly for CGI
 	   from Sergey Katsev at Coyote Point
 	o  add If-Modified-Since support, from Joerg Sonnenberger
 	   <joerg@netbsd.org>