Pull up the following revisions (via patch) requested by mrg in ticket #1699: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c 1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c 1.26 libexec/httpd/testsuite/Makefile 1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile 1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>: - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later.diff -r1.19.2.5.2.2 -r1.19.2.5.2.3 src/libexec/httpd/CHANGES
(martin)
--- src/libexec/httpd/CHANGES 2018/11/28 19:56:09 1.19.2.5.2.2
+++ src/libexec/httpd/CHANGES 2019/06/15 15:56:21 1.19.2.5.2.3
@@ -1,14 +1,34 @@ | @@ -1,14 +1,34 @@ | |||
1 | $NetBSD: CHANGES,v 1.19.2.5.2.2 2018/11/28 19:56:09 martin Exp $ | 1 | $NetBSD: CHANGES,v 1.19.2.5.2.3 2019/06/15 15:56:21 martin Exp $ | |
2 | ||||
3 | changes in bozohttpd 20190228: | |||
4 | o extend timeout facility to ssl and stop servers hanging forever | |||
5 | if the client never sends anything. reported by Steffen in netbsd | |||
6 | PR#50655. | |||
7 | o don't display special files in the directory index. they aren't | |||
8 | served, but links to them are generated. | |||
9 | o fix CGI '+' parameter handling, some error checking, and a double | |||
10 | free. from rajeev_v_pillai@yahoo.com | |||
11 | o more directory indexing clean up. from rajeev_v_pillai@yahoo.com | |||
12 | ||||
13 | changes in bozohttpd 20181215: | |||
14 | o fix .htpasswd bypass for authenticated users. reported by JP, | |||
15 | from leot@netbsd.org | |||
16 | o avoid possible null dereference when receiving a big request that | |||
17 | timeout. reported by maya@netbsd.org, from leot@netbsd.org | |||
18 | o fix handling of -T option, from leot@netbsd.org | |||
19 | o cleanups and portability improvements, from maya@netbsd.org | |||
20 | o change directory indexing to use html tables, from | |||
21 | rajeev_v_pillai@yahoo.com | |||
2 | 22 | |||
3 | changes in bozohttpd 20181125: | 23 | changes in bozohttpd 20181125: | |
4 | o fixes for option parsing introduced in bozohttpd 20181123 | 24 | o fixes for option parsing introduced in bozohttpd 20181123 | |
5 | 25 | |||
6 | changes in bozohttpd 20181121: | 26 | changes in bozohttpd 20181121: | |
7 | o add url remap support via .bzremap file, from martin@netbsd.org | 27 | o add url remap support via .bzremap file, from martin@netbsd.org | |
8 | o handle redirections for any protocol, not just http: | 28 | o handle redirections for any protocol, not just http: | |
9 | o fix a denial of service attack against header contents, which | 29 | o fix a denial of service attack against header contents, which | |
10 | is now bounded at 16KiB. reported by JP | 30 | is now bounded at 16KiB. reported by JP | |
11 | o reduce default timeouts, and add expand timeouts to handle the | 31 | o reduce default timeouts, and add expand timeouts to handle the | |
12 | initial line, each header, and the total time spent | 32 | initial line, each header, and the total time spent | |
13 | o add -T option to expose new timeout settings | 33 | o add -T option to expose new timeout settings | |
14 | o minor RFC fixes related to timeout handling | 34 | o minor RFC fixes related to timeout handling | |
@@ -283,27 +303,27 @@ changes in bozohttpd 5.09 (20010922): | @@ -283,27 +303,27 @@ changes in bozohttpd 5.09 (20010922): | |||
283 | changes in bozohttpd 5.08 (20010812): | 303 | changes in bozohttpd 5.08 (20010812): | |
284 | - add directory index generation support (-X) from ad@netbsd.org | 304 | - add directory index generation support (-X) from ad@netbsd.org | |
285 | - add .pa as an alias for .pac | 305 | - add .pa as an alias for .pac | |
286 | - make server software version configurable (RFC) | 306 | - make server software version configurable (RFC) | |
287 | 307 | |||
288 | changes in bozohttpd 5.07 (20010610): | 308 | changes in bozohttpd 5.07 (20010610): | |
289 | - add .png support | 309 | - add .png support | |
290 | - new "-x index.html" flag to change default file | 310 | - new "-x index.html" flag to change default file | |
291 | - new "-p public_html" flag to change default ~user directory | 311 | - new "-p public_html" flag to change default ~user directory | |
292 | - fixes cgi-bin support and more from chuck@research.att.com | 312 | - fixes cgi-bin support and more from chuck@research.att.com | |
293 | - add many new content-types, now support most common ones | 313 | - add many new content-types, now support most common ones | |
294 | 314 | |||
295 | changes in bozohttpd 5.06 (20000825): | 315 | changes in bozohttpd 5.06 (20000825): | |
296 | - add IPv6 suppor from itojun@iijlab.net | 316 | - add IPv6 support from itojun@iijlab.net | |
297 | - man page fixes from jlam@netbsd.org | 317 | - man page fixes from jlam@netbsd.org | |
298 | 318 | |||
299 | changes in bozohttpd 5.05 (20000815): | 319 | changes in bozohttpd 5.05 (20000815): | |
300 | - fix a virtual host bug, from kleink@netbsd.org | 320 | - fix a virtual host bug, from kleink@netbsd.org | |
301 | 321 | |||
302 | changes in bozohttpd 5.04 (20000427): | 322 | changes in bozohttpd 5.04 (20000427): | |
303 | - fix virtual host support; URI takes precedence over Host: | 323 | - fix virtual host support; URI takes precedence over Host: | |
304 | 324 | |||
305 | changes in bozohttpd 5.03 (20000427): | 325 | changes in bozohttpd 5.03 (20000427): | |
306 | - fix a bug with chdir() | 326 | - fix a bug with chdir() | |
307 | 327 | |||
308 | changes in bozohttpd 5.02 (20000426): | 328 | changes in bozohttpd 5.02 (20000426): | |
309 | - .pac spport from simonb | 329 | - .pac spport from simonb |
--- src/libexec/httpd/Makefile 2018/11/24 17:23:20 1.22.2.2.4.1
+++ src/libexec/httpd/Makefile 2019/06/15 15:56:21 1.22.2.2.4.2
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile,v 1.22.2.2.4.1 2018/11/24 17:23:20 martin Exp $ | 1 | # $NetBSD: Makefile,v 1.22.2.2.4.2 2019/06/15 15:56:21 martin Exp $ | |
2 | # | 2 | # | |
3 | # $eterna: Makefile,v 1.30 2010/07/11 00:34:27 mrg Exp $ | 3 | # $eterna: Makefile,v 1.30 2010/07/11 00:34:27 mrg Exp $ | |
4 | # | 4 | # | |
5 | # berkeley (netbsd) makefile. see Makefile.boot for other systems. | 5 | # berkeley (netbsd) makefile. see Makefile.boot for other systems. | |
6 | 6 | |||
7 | # compile-time options are: | 7 | # compile-time options are: | |
8 | # NO_DEBUG /* don't include debugging support */ | 8 | # NO_DEBUG /* don't include debugging support */ | |
9 | # NO_USER_SUPPORT /* don't support /~user requests */ | 9 | # NO_USER_SUPPORT /* don't support /~user requests */ | |
10 | # NO_CGIBIN_SUPPORT /* don't support cgi-bin requests */ | 10 | # NO_CGIBIN_SUPPORT /* don't support cgi-bin requests */ | |
11 | # NO_DIRINDEX_SUPPORT /* don't support directory indexing */ | 11 | # NO_DIRINDEX_SUPPORT /* don't support directory indexing */ | |
12 | # NO_DAEMON_MODE /* don't support daemon mode */ | 12 | # NO_DAEMON_MODE /* don't support daemon mode */ | |
13 | # NO_DYNAMIC_CONTENT /* don't support dynamic content updates */ | 13 | # NO_DYNAMIC_CONTENT /* don't support dynamic content updates */ | |
14 | # NO_SSL_SUPPORT /* don't support ssl (https) */ | 14 | # NO_SSL_SUPPORT /* don't support ssl (https) */ | |
@@ -67,26 +67,29 @@ HTMLFROB= sed \ | @@ -67,26 +67,29 @@ HTMLFROB= sed \ | |||
67 | -e 's/""/\“/' \ | 67 | -e 's/""/\“/' \ | |
68 | -e 's/<a href="\.\.\/html[^>]*>\(.*\)<\/a>/\1/' | 68 | -e 's/<a href="\.\.\/html[^>]*>\(.*\)<\/a>/\1/' | |
69 | 69 | |||
70 | TXTFROB= col -b | 70 | TXTFROB= col -b | |
71 | 71 | |||
72 | bozohttpd.8.html: bozohttpd.8 | 72 | bozohttpd.8.html: bozohttpd.8 | |
73 | $(PREHTMLFROB) $> | $(NROFF) -mdoc2html | $(HTMLFROB) > $@ | 73 | $(PREHTMLFROB) $> | $(NROFF) -mdoc2html | $(HTMLFROB) > $@ | |
74 | 74 | |||
75 | bozohttpd.8.txt: bozohttpd.8 | 75 | bozohttpd.8.txt: bozohttpd.8 | |
76 | $(NROFF) -mdoc -Tascii $> | $(TXTFROB) > $@ | 76 | $(NROFF) -mdoc -Tascii $> | $(TXTFROB) > $@ | |
77 | 77 | |||
78 | CLEANFILES+= bozohttpd.8.html bozohttpd.8.txt | 78 | CLEANFILES+= bozohttpd.8.html bozohttpd.8.txt | |
79 | 79 | |||
80 | check: | |||
81 | cd ${.CURDIR}/testsuite && ${MAKE} check | |||
82 | ||||
80 | # Create a distfile: uses /tmp | 83 | # Create a distfile: uses /tmp | |
81 | BASE=bozohttpd-${BOZOVER} | 84 | BASE=bozohttpd-${BOZOVER} | |
82 | TAR=${BASE}.tar | 85 | TAR=${BASE}.tar | |
83 | export-distfile: | 86 | export-distfile: | |
84 | dir=`mktemp -d /tmp/bozo-export-XXXXXX`; \ | 87 | dir=`mktemp -d /tmp/bozo-export-XXXXXX`; \ | |
85 | cd "$${dir}" || exit; \ | 88 | cd "$${dir}" || exit; \ | |
86 | mkdir ${BASE}; \ | 89 | mkdir ${BASE}; \ | |
87 | ( cd ${BASE} || exit; \ | 90 | ( cd ${BASE} || exit; \ | |
88 | cp -r "${.CURDIR}/." "."; \ | 91 | cp -r "${.CURDIR}/." "."; \ | |
89 | find . -name .CVS | xargs rm -r; \ | 92 | find . -name .CVS | xargs rm -r; \ | |
90 | ); \ | 93 | ); \ | |
91 | pax -wf ${TAR} ${BASE}; \ | 94 | pax -wf ${TAR} ${BASE}; \ | |
92 | gzip -nc9 ${TAR} > ${TAR}.gz; \ | 95 | gzip -nc9 ${TAR} > ${TAR}.gz; \ |
--- src/libexec/httpd/auth-bozo.c 2018/11/24 17:23:20 1.13.2.2.4.1
+++ src/libexec/httpd/auth-bozo.c 2019/06/15 15:56:21 1.13.2.2.4.2
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: auth-bozo.c,v 1.13.2.2.4.1 2018/11/24 17:23:20 martin Exp $ */ | 1 | /* $NetBSD: auth-bozo.c,v 1.13.2.2.4.2 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -54,27 +54,27 @@ bozo_auth_check(bozo_httpreq_t *request, | @@ -54,27 +54,27 @@ bozo_auth_check(bozo_httpreq_t *request, | |||
54 | bozohttpd_t *httpd = request->hr_httpd; | 54 | bozohttpd_t *httpd = request->hr_httpd; | |
55 | struct stat sb; | 55 | struct stat sb; | |
56 | char dir[MAXPATHLEN], authfile[MAXPATHLEN], *basename; | 56 | char dir[MAXPATHLEN], authfile[MAXPATHLEN], *basename; | |
57 | char user[BUFSIZ], *pass; | 57 | char user[BUFSIZ], *pass; | |
58 | FILE *fp; | 58 | FILE *fp; | |
59 | int len; | 59 | int len; | |
60 | 60 | |||
61 | /* get dir=dirname(file) */ | 61 | /* get dir=dirname(file) */ | |
62 | snprintf(dir, sizeof(dir), "%s", file); | 62 | snprintf(dir, sizeof(dir), "%s", file); | |
63 | if ((basename = strrchr(dir, '/')) == NULL) | 63 | if ((basename = strrchr(dir, '/')) == NULL) | |
64 | strcpy(dir, "."); | 64 | strcpy(dir, "."); | |
65 | else { | 65 | else { | |
66 | *basename++ = '\0'; | 66 | *basename++ = '\0'; | |
67 | if (bozo_check_special_files(request, basename)) | 67 | if (bozo_check_special_files(request, basename, true)) | |
68 | return 1; | 68 | return 1; | |
69 | } | 69 | } | |
70 | request->hr_authrealm = bozostrdup(httpd, request, dir); | 70 | request->hr_authrealm = bozostrdup(httpd, request, dir); | |
71 | 71 | |||
72 | if ((size_t)snprintf(authfile, sizeof(authfile), "%s/%s", dir, | 72 | if ((size_t)snprintf(authfile, sizeof(authfile), "%s/%s", dir, | |
73 | AUTH_FILE) >= sizeof(authfile)) { | 73 | AUTH_FILE) >= sizeof(authfile)) { | |
74 | return bozo_http_error(httpd, 404, request, | 74 | return bozo_http_error(httpd, 404, request, | |
75 | "authfile path too long"); | 75 | "authfile path too long"); | |
76 | } | 76 | } | |
77 | if (stat(authfile, &sb) < 0) { | 77 | if (stat(authfile, &sb) < 0) { | |
78 | debug((httpd, DEBUG_NORMAL, | 78 | debug((httpd, DEBUG_NORMAL, | |
79 | "bozo_auth_check realm `%s' dir `%s' authfile `%s' missing", | 79 | "bozo_auth_check realm `%s' dir `%s' authfile `%s' missing", | |
80 | dir, file, authfile)); | 80 | dir, file, authfile)); |
--- src/libexec/httpd/bozohttpd.8 2018/11/24 17:23:20 1.46.4.8.2.1
+++ src/libexec/httpd/bozohttpd.8 2019/06/15 15:56:21 1.46.4.8.2.2
@@ -1,42 +1,42 @@ | @@ -1,42 +1,42 @@ | |||
1 | .\" $NetBSD: bozohttpd.8,v 1.46.4.8.2.1 2018/11/24 17:23:20 martin Exp $ | 1 | .\" $NetBSD: bozohttpd.8,v 1.46.4.8.2.2 2019/06/15 15:56:21 martin Exp $ | |
2 | .\" | 2 | .\" | |
3 | .\" $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $ | 3 | .\" $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $ | |
4 | .\" | 4 | .\" | |
5 | .\" Copyright (c) 1997-2018 Matthew R. Green | 5 | .\" Copyright (c) 1997-2019 Matthew R. Green | |
6 | .\" All rights reserved. | 6 | .\" All rights reserved. | |
7 | .\" | 7 | .\" | |
8 | .\" Redistribution and use in source and binary forms, with or without | 8 | .\" Redistribution and use in source and binary forms, with or without | |
9 | .\" modification, are permitted provided that the following conditions | 9 | .\" modification, are permitted provided that the following conditions | |
10 | .\" are met: | 10 | .\" are met: | |
11 | .\" 1. Redistributions of source code must retain the above copyright | 11 | .\" 1. Redistributions of source code must retain the above copyright | |
12 | .\" notice, this list of conditions and the following disclaimer. | 12 | .\" notice, this list of conditions and the following disclaimer. | |
13 | .\" 2. Redistributions in binary form must reproduce the above copyright | 13 | .\" 2. Redistributions in binary form must reproduce the above copyright | |
14 | .\" notice, this list of conditions and the following disclaimer in the | 14 | .\" notice, this list of conditions and the following disclaimer in the | |
15 | .\" documentation and/or other materials provided with the distribution. | 15 | .\" documentation and/or other materials provided with the distribution. | |
16 | .\" | 16 | .\" | |
17 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 17 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
18 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | 18 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
19 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | 19 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
20 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | 20 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
21 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | 21 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
22 | .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 22 | .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
23 | .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | 23 | .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
24 | .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | 24 | .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
25 | .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 25 | .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | .\" SUCH DAMAGE. | 27 | .\" SUCH DAMAGE. | |
28 | .\" | 28 | .\" | |
29 | .Dd November 19, 2018 | 29 | .Dd February 27, 2019 | |
30 | .Dt BOZOHTTPD 8 | 30 | .Dt BOZOHTTPD 8 | |
31 | .Os | 31 | .Os | |
32 | .Sh NAME | 32 | .Sh NAME | |
33 | .Nm bozohttpd | 33 | .Nm bozohttpd | |
34 | .Nd hyper text transfer protocol version 1.1 daemon | 34 | .Nd hyper text transfer protocol version 1.1 daemon | |
35 | .Sh SYNOPSIS | 35 | .Sh SYNOPSIS | |
36 | .Nm | 36 | .Nm | |
37 | .Op Fl EGHVXefhnsu | 37 | .Op Fl EGHVXefhnsu | |
38 | .Op Fl C Ar suffix cgihandler | 38 | .Op Fl C Ar suffix cgihandler | |
39 | .Op Fl I Ar port | 39 | .Op Fl I Ar port | |
40 | .Op Fl L Ar prefix script | 40 | .Op Fl L Ar prefix script | |
41 | .Op Fl M Ar suffix type encoding encoding11 | 41 | .Op Fl M Ar suffix type encoding encoding11 | |
42 | .Op Fl P Ar pidfile | 42 | .Op Fl P Ar pidfile | |
@@ -235,31 +235,33 @@ to | @@ -235,31 +235,33 @@ to | |||
235 | .It Fl S Ar server_software | 235 | .It Fl S Ar server_software | |
236 | Sets the internal server version to | 236 | Sets the internal server version to | |
237 | .Ar server_software . | 237 | .Ar server_software . | |
238 | .It Fl s | 238 | .It Fl s | |
239 | Forces logging to be set to stderr always. | 239 | Forces logging to be set to stderr always. | |
240 | .It Fl T Ar type timeout | 240 | .It Fl T Ar type timeout | |
241 | Set the timeout for | 241 | Set the timeout for | |
242 | .Ar type | 242 | .Ar type | |
243 | to | 243 | to | |
244 | .Ar timeout . | 244 | .Ar timeout . | |
245 | The valid values of | 245 | The valid values of | |
246 | .Ar type | 246 | .Ar type | |
247 | are | 247 | are | |
248 | .Dq ssl timeout , | |||
248 | .Dq initial timeout , | 249 | .Dq initial timeout , | |
249 | .Dq header timeout , | 250 | .Dq header timeout , | |
250 | and | 251 | and | |
251 | .Dq request timeout . | 252 | .Dq request timeout . | |
252 | The default values are 30 seconds, 10 seconds and 600 seconds, respectively. | 253 | The default values are 30 seconds, 30 seconds, 10 seconds and 600 seconds, | |
254 | respectively. | |||
253 | .It Fl t Ar chrootdir | 255 | .It Fl t Ar chrootdir | |
254 | Makes | 256 | Makes | |
255 | .Nm | 257 | .Nm | |
256 | chroot to the specified directory | 258 | chroot to the specified directory | |
257 | before answering requests. | 259 | before answering requests. | |
258 | Every other path should be specified relative | 260 | Every other path should be specified relative | |
259 | to the new root, if this option is used. | 261 | to the new root, if this option is used. | |
260 | Note that the current environment | 262 | Note that the current environment | |
261 | is normally replaced with an empty environment with this option, unless the | 263 | is normally replaced with an empty environment with this option, unless the | |
262 | .Fl e | 264 | .Fl e | |
263 | option is also used. | 265 | option is also used. | |
264 | .It Fl U Ar username | 266 | .It Fl U Ar username | |
265 | Causes | 267 | Causes | |
@@ -467,29 +469,27 @@ will serve the requested file postpended | @@ -467,29 +469,27 @@ will serve the requested file postpended | |||
467 | if it exists, it is readable, the client requested gzip compression, and | 469 | if it exists, it is readable, the client requested gzip compression, and | |
468 | the client did not make a ranged request. | 470 | the client did not make a ranged request. | |
469 | .Sh FILES | 471 | .Sh FILES | |
470 | .Nm | 472 | .Nm | |
471 | looks for a couple of special files in directories that allow certain features | 473 | looks for a couple of special files in directories that allow certain features | |
472 | to be provided on a per-directory basis. | 474 | to be provided on a per-directory basis. | |
473 | In addition to the | 475 | In addition to the | |
474 | .Pa .htpasswd | 476 | .Pa .htpasswd | |
475 | used by HTTP basic authorization, | 477 | used by HTTP basic authorization, | |
476 | if a | 478 | if a | |
477 | .Pa .bzdirect | 479 | .Pa .bzdirect | |
478 | file is found (contents are irrelevant) | 480 | file is found (contents are irrelevant) | |
479 | .Nm | 481 | .Nm | |
480 | will allow direct access even with the | 482 | will allow direct access. | |
481 | .Fl r | |||
482 | option. | |||
483 | If a | 483 | If a | |
484 | .Pa .bzredirect | 484 | .Pa .bzredirect | |
485 | symbolic link is found, | 485 | symbolic link is found, | |
486 | .Nm | 486 | .Nm | |
487 | will perform a smart redirect to the target of this symlink. | 487 | will perform a smart redirect to the target of this symlink. | |
488 | The target is assumed to live on the same server. | 488 | The target is assumed to live on the same server. | |
489 | If target starts with slash then absolute redirection is performed, | 489 | If target starts with slash then absolute redirection is performed, | |
490 | otherwise it's handled as relative. | 490 | otherwise it's handled as relative. | |
491 | If a | 491 | If a | |
492 | .Pa .bzabsredirect | 492 | .Pa .bzabsredirect | |
493 | symbolic link is found, | 493 | symbolic link is found, | |
494 | .Nm | 494 | .Nm | |
495 | will redirect to the absolute URL pointed to by this symlink. | 495 | will redirect to the absolute URL pointed to by this symlink. | |
@@ -589,79 +589,79 @@ exit 1 | @@ -589,79 +589,79 @@ exit 1 | |||
589 | .Nm | 589 | .Nm | |
590 | was first written in perl, based on another perl http server | 590 | was first written in perl, based on another perl http server | |
591 | called | 591 | called | |
592 | .Dq tinyhttpd . | 592 | .Dq tinyhttpd . | |
593 | It was then rewritten from scratch in perl, and then once again in C. | 593 | It was then rewritten from scratch in perl, and then once again in C. | |
594 | From | 594 | From | |
595 | .Dq bozohttpd | 595 | .Dq bozohttpd | |
596 | version 20060517, it has been integrated into | 596 | version 20060517, it has been integrated into | |
597 | .Nx . | 597 | .Nx . | |
598 | The focus has always been simplicity and security, with minimal features | 598 | The focus has always been simplicity and security, with minimal features | |
599 | and regular code audits. | 599 | and regular code audits. | |
600 | This manual documents | 600 | This manual documents | |
601 | .Nm | 601 | .Nm | |
602 | version 20181123. | 602 | version 20190116. | |
603 | .Sh AUTHORS | 603 | .Sh AUTHORS | |
604 | .An -nosplit | 604 | .An -nosplit | |
605 | .Nm | 605 | .Nm | |
606 | was written by | 606 | was written by | |
607 | .An Matthew R. Green | 607 | .An Matthew R. Green | |
608 | .Aq Mt mrg@eterna.com.au . | 608 | .Aq Mt mrg@eterna.com.au . | |
609 | .Pp | 609 | .Pp | |
610 | The large list of contributors includes: | 610 | The large list of contributors includes: | |
611 | .Bl -dash | 611 | .Bl -dash | |
612 | .It | 612 | .It | |
613 | .An Marc Balmer | |||
614 | .Aq Mt mbalmer@NetBSD.org | |||
615 | added Lua support for dynamic content creation | |||
616 | .It | |||
617 | .An Christoph Badura | 613 | .An Christoph Badura | |
618 | .Aq Mt bad@bsd.de | 614 | .Aq Mt bad@bsd.de | |
619 | provided Range: header support | 615 | provided Range: header support | |
620 | .It | 616 | .It | |
617 | .An Marc Balmer | |||
618 | .Aq Mt mbalmer@NetBSD.org | |||
619 | added Lua support for dynamic content creation | |||
620 | .It | |||
621 | .An Sean Boudreau | 621 | .An Sean Boudreau | |
622 | .Aq Mt seanb@NetBSD.org | 622 | .Aq Mt seanb@NetBSD.org | |
623 | provided a security fix for virtual hosting | 623 | provided a security fix for virtual hosting | |
624 | .It | 624 | .It | |
625 | .An Julian Coleman | 625 | .An Julian Coleman | |
626 | .Aq Mt jdc@coris.org.uk | 626 | .Aq Mt jdc@coris.org.uk | |
627 | provided an IPv6 bugfix | 627 | provided an IPv6 bugfix | |
628 | .It | 628 | .It | |
629 | .An Chuck Cranor | 629 | .An Chuck Cranor | |
630 | .Aq Mt chuck@research.att.com | 630 | .Aq Mt chuck@research.att.com | |
631 | provided cgi-bin support fixes, and more | 631 | provided cgi-bin support fixes, and more | |
632 | .It | 632 | .It | |
633 | .An Alistair G. Crooks | 633 | .An Alistair G. Crooks | |
634 | .Aq Mt agc@NetBSD.org | 634 | .Aq Mt agc@NetBSD.org | |
635 | cleaned up many internal interfaces, made | 635 | cleaned up many internal interfaces, made | |
636 | .Nm | 636 | .Nm | |
637 | linkable as a library and provided the Lua binding. | 637 | linkable as a library and provided the Lua binding | |
638 | .It | 638 | .It | |
639 | .An DEGROOTE Arnaud | 639 | .An DEGROOTE Arnaud | |
640 | .Aq Mt degroote@NetBSD.org | 640 | .Aq Mt degroote@NetBSD.org | |
641 | provided a fix for daemon mode | 641 | provided a fix for daemon mode | |
642 | .It | 642 | .It | |
643 | .An Andrew Doran | 643 | .An Andrew Doran | |
644 | .Aq Mt ad@NetBSD.org | 644 | .Aq Mt ad@NetBSD.org | |
645 | provided directory indexing support | 645 | provided directory indexing support | |
646 | .It | 646 | .It | |
647 | .An Per Ekman | |||
648 | .Aq Mt pek@pdc.kth.se | |||
649 | provided a fix for a minor (non-security) buffer overflow condition | |||
650 | .It | |||
651 | .An Roland Dowdeswell | 647 | .An Roland Dowdeswell | |
652 | .Aq Mt elric@NetBSD.org | 648 | .Aq Mt elric@NetBSD.org | |
653 | added support for serving gzipped files and better SSL handling | 649 | added support for serving gzipped files and better SSL handling | |
654 | .It | 650 | .It | |
651 | .An Per Ekman | |||
652 | .Aq Mt pek@pdc.kth.se | |||
653 | provided a fix for a minor (non-security) buffer overflow condition | |||
654 | .It | |||
655 | .An Jun-ichiro itojun Hagino, KAME | 655 | .An Jun-ichiro itojun Hagino, KAME | |
656 | .Aq Mt itojun@iijlab.net | 656 | .Aq Mt itojun@iijlab.net | |
657 | provided initial IPv6 support | 657 | provided initial IPv6 support | |
658 | .It | 658 | .It | |
659 | .An Martin Husemann | 659 | .An Martin Husemann | |
660 | .Aq Mt martin@NetBSD.org | 660 | .Aq Mt martin@NetBSD.org | |
661 | provided .bzabsredirect and .bzredir support, and fixed various | 661 | provided .bzabsredirect and .bzredir support, and fixed various | |
662 | redirection issues | 662 | redirection issues | |
663 | .It | 663 | .It | |
664 | .An Arto Huusko | 664 | .An Arto Huusko | |
665 | .Aq Mt arto.huusko@pp2.inet.fi | 665 | .Aq Mt arto.huusko@pp2.inet.fi | |
666 | provided fixes cgi-bin | 666 | provided fixes cgi-bin | |
667 | .It | 667 | .It | |
@@ -680,96 +680,97 @@ provided fixes for HTTP basic authorizat | @@ -680,96 +680,97 @@ provided fixes for HTTP basic authorizat | |||
680 | .An Antti Kantee | 680 | .An Antti Kantee | |
681 | .Aq Mt pooka@NetBSD.org | 681 | .Aq Mt pooka@NetBSD.org | |
682 | provided fixes for HTTP basic authorization support | 682 | provided fixes for HTTP basic authorization support | |
683 | .It | 683 | .It | |
684 | .An Thomas Klausner | 684 | .An Thomas Klausner | |
685 | .Aq Mt wiz@NetBSD.org | 685 | .Aq Mt wiz@NetBSD.org | |
686 | provided many fixes and enhancements for the man page | 686 | provided many fixes and enhancements for the man page | |
687 | .It | 687 | .It | |
688 | .An Mateusz Kocielski | 688 | .An Mateusz Kocielski | |
689 | .Aq Mt shm@NetBSD.org | 689 | .Aq Mt shm@NetBSD.org | |
690 | fixed memory leaks, various issues with userdir support, | 690 | fixed memory leaks, various issues with userdir support, | |
691 | information disclosure issues, added support for using CGI handlers | 691 | information disclosure issues, added support for using CGI handlers | |
692 | with directory indexing, found several security issues and provided | 692 | with directory indexing, found several security issues and provided | |
693 | various other fixes. | 693 | various other fixes | |
694 | .It | 694 | .It | |
695 | .An Arnaud Lacombe | 695 | .An Arnaud Lacombe | |
696 | .Aq Mt alc@NetBSD.org | 696 | .Aq Mt alc@NetBSD.org | |
697 | provided some clean up for memory leaks | 697 | provided some clean up for memory leaks | |
698 | .It | 698 | .It | |
699 | .An Johnny Lam | 699 | .An Johnny Lam | |
700 | .Aq Mt jlam@NetBSD.org | 700 | .Aq Mt jlam@NetBSD.org | |
701 | provided man page fixes | 701 | provided man page fixes | |
702 | .It | 702 | .It | |
703 | .An Dennis Lindroos | 703 | .An Dennis Lindroos | |
704 | .Aq Mt denafcm@gmail.com | 704 | .Aq Mt denafcm@gmail.com | |
705 | provided a cgi-bin fix | 705 | provided a cgi-bin fix | |
706 | .It | 706 | .It | |
707 | .An Julio Merino | 707 | .An Julio Merino | |
708 | .Aq Mt jmmv@NetBSD.org | 708 | .Aq Mt jmmv@NetBSD.org | |
709 | Added the | 709 | Added the | |
710 | .Fl P | 710 | .Fl P | |
711 | option (pidfile support) and provided some man page fixes. | 711 | option (pidfile support) and provided some man page fixes | |
712 | .It | 712 | .It | |
713 | .An Luke Mewburn | 713 | .An Luke Mewburn | |
714 | .Aq Mt lukem@NetBSD.org | 714 | .Aq Mt lukem@NetBSD.org | |
715 | provided many various fixes, including cgi-bin fixes and enhancements, | 715 | provided many various fixes, including cgi-bin fixes and enhancements, | |
716 | HTTP basic authorization support and much code clean up | 716 | HTTP basic authorization support and much code clean up | |
717 | .It | 717 | .It | |
718 | .An Rajeev V. Pillai | 718 | .An Rajeev V. Pillai | |
719 | .Aq Mt rajeev_v_pillai@yahoo.com | 719 | .Aq Mt rajeev_v_pillai@yahoo.com | |
720 | provided several fixes for virtual hosting | 720 | provided several fixes for virtual hosting and directory indexing and | |
721 | fixes for CGI | |||
721 | .It | 722 | .It | |
722 | .An Jeremy C. Reed | 723 | .An Jeremy C. Reed | |
723 | .Aq Mt reed@NetBSD.org | 724 | .Aq Mt reed@NetBSD.org | |
724 | provided several clean up fixes, and man page updates | 725 | provided several clean up fixes, and man page updates | |
725 | .It | 726 | .It | |
726 | .An Scott Reynolds | 727 | .An Scott Reynolds | |
727 | .Aq Mt scottr@NetBSD.org | 728 | .Aq Mt scottr@NetBSD.org | |
728 | provided various fixes | 729 | provided various fixes | |
729 | .It | 730 | .It | |
730 | .An Tyler Retzlaff | 731 | .An Tyler Retzlaff | |
731 | .Aq Mt rtr@eterna.com.au | 732 | .Aq Mt rtr@eterna.com.au | |
732 | provided SSL support, cgi-bin fixes and much other random other stuff | 733 | provided SSL support, cgi-bin fixes and much other random other stuff | |
733 | .It | 734 | .It | |
734 | .An rudolf | 735 | .An rudolf | |
735 | .Aq Mt netbsd@eq.cz | 736 | .Aq Mt netbsd@eq.cz | |
736 | provided minor compile fixes and a CGI content map fix | 737 | provided minor compile fixes and a CGI content map fix | |
737 | .It | 738 | .It | |
738 | .An Steve Rumble | 739 | .An Steve Rumble | |
739 | .Aq Mt rumble@ephemeral.org | 740 | .Aq Mt rumble@ephemeral.org | |
740 | provided the | 741 | provided the | |
741 | .Fl V | 742 | .Fl V | |
742 | option. | 743 | option | |
743 | .It | 744 | .It | |
744 | .An Thor Lancelot Simon | 745 | .An Thor Lancelot Simon | |
745 | .Aq Mt tls@NetBSD.org | 746 | .Aq Mt tls@NetBSD.org | |
746 | enhanced cgi-bin support. | 747 | enhanced cgi-bin support | |
747 | .It | 748 | .It | |
748 | .An Joerg Sonnenberger | 749 | .An Joerg Sonnenberger | |
749 | .Aq Mt joerg@NetBSD.org | 750 | .Aq Mt joerg@NetBSD.org | |
750 | implemented If-Modified-Since support | 751 | implemented If-Modified-Since support | |
751 | .It | 752 | .It | |
752 | .An ISIHARA Takanori | 753 | .An ISIHARA Takanori | |
753 | .Aq Mt ishit@oak.dti.ne.jp | 754 | .Aq Mt ishit@oak.dti.ne.jp | |
754 | provided a man page fix | 755 | provided a man page fix | |
755 | .It | 756 | .It | |
756 | .An Holger Weiss | 757 | .An Holger Weiss | |
757 | .Aq Mt holger@CIS.FU-Berlin.DE | 758 | .Aq Mt holger@CIS.FU-Berlin.DE | |
758 | provided http authorization fixes | 759 | provided http authorization fixes | |
759 | .It | 760 | .It | |
760 | .Aq Mt xs@kittenz.org | 761 | .Aq Mt xs@kittenz.org | |
761 | provided chroot and change-to-user support, and other various fixes | 762 | provided chroot and change-to-user support, and other various fixes | |
762 | .It | 763 | .It | |
763 | Coyote Point provided various CGI fixes. | 764 | Coyote Point provided various CGI fixes | |
764 | .El | 765 | .El | |
765 | .Pp | 766 | .Pp | |
766 | There are probably others I have forgotten (let me know if you care) | 767 | There are probably others I have forgotten (let me know if you care) | |
767 | .Pp | 768 | .Pp | |
768 | Please send all updates to | 769 | Please send all updates to | |
769 | .Nm | 770 | .Nm | |
770 | to | 771 | to | |
771 | .Aq Mt mrg@eterna.com.au | 772 | .Aq Mt mrg@eterna.com.au | |
772 | for inclusion in future releases. | 773 | for inclusion in future releases. | |
773 | .Sh BUGS | 774 | .Sh BUGS | |
774 | .Nm | 775 | .Nm | |
775 | does not handle HTTP/1.1 chunked input from the client yet. | 776 | does not handle HTTP/1.1 chunked input from the client yet. |
--- src/libexec/httpd/bozohttpd.c 2018/11/28 19:56:09 1.56.2.8.2.2
+++ src/libexec/httpd/bozohttpd.c 2019/06/15 15:56:21 1.56.2.8.2.3
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: bozohttpd.c,v 1.56.2.8.2.2 2018/11/28 19:56:09 martin Exp $ */ | 1 | /* $NetBSD: bozohttpd.c,v 1.56.2.8.2.3 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -99,27 +99,27 @@ | @@ -99,27 +99,27 @@ | |||
99 | * | 99 | * | |
100 | * - 14.15: content-md5 would be nice. | 100 | * - 14.15: content-md5 would be nice. | |
101 | * | 101 | * | |
102 | * - 14.24/14.26/14.27: if-match, if-none-match, if-range. be | 102 | * - 14.24/14.26/14.27: if-match, if-none-match, if-range. be | |
103 | * nice to support this. | 103 | * nice to support this. | |
104 | * | 104 | * | |
105 | * - 14.44: Vary: seems unneeded. ignore it for now. | 105 | * - 14.44: Vary: seems unneeded. ignore it for now. | |
106 | */ | 106 | */ | |
107 | 107 | |||
108 | #ifndef INDEX_HTML | 108 | #ifndef INDEX_HTML | |
109 | #define INDEX_HTML "index.html" | 109 | #define INDEX_HTML "index.html" | |
110 | #endif | 110 | #endif | |
111 | #ifndef SERVER_SOFTWARE | 111 | #ifndef SERVER_SOFTWARE | |
112 | #define SERVER_SOFTWARE "bozohttpd/20181125" | 112 | #define SERVER_SOFTWARE "bozohttpd/20190228" | |
113 | #endif | 113 | #endif | |
114 | #ifndef PUBLIC_HTML | 114 | #ifndef PUBLIC_HTML | |
115 | #define PUBLIC_HTML "public_html" | 115 | #define PUBLIC_HTML "public_html" | |
116 | #endif | 116 | #endif | |
117 | 117 | |||
118 | #ifndef USE_ARG | 118 | #ifndef USE_ARG | |
119 | #define USE_ARG(x) /*LINTED*/(void)&(x) | 119 | #define USE_ARG(x) /*LINTED*/(void)&(x) | |
120 | #endif | 120 | #endif | |
121 | 121 | |||
122 | /* | 122 | /* | |
123 | * And so it begins .. | 123 | * And so it begins .. | |
124 | */ | 124 | */ | |
125 | 125 | |||
@@ -127,37 +127,39 @@ | @@ -127,37 +127,39 @@ | |||
127 | #include <sys/socket.h> | 127 | #include <sys/socket.h> | |
128 | #include <sys/time.h> | 128 | #include <sys/time.h> | |
129 | #include <sys/mman.h> | 129 | #include <sys/mman.h> | |
130 | 130 | |||
131 | #include <arpa/inet.h> | 131 | #include <arpa/inet.h> | |
132 | 132 | |||
133 | #include <ctype.h> | 133 | #include <ctype.h> | |
134 | #include <dirent.h> | 134 | #include <dirent.h> | |
135 | #include <errno.h> | 135 | #include <errno.h> | |
136 | #include <fcntl.h> | 136 | #include <fcntl.h> | |
137 | #include <netdb.h> | 137 | #include <netdb.h> | |
138 | #include <pwd.h> | 138 | #include <pwd.h> | |
139 | #include <grp.h> | 139 | #include <grp.h> | |
140 | #include <signal.h> | |||
141 | #include <stdarg.h> | 140 | #include <stdarg.h> | |
142 | #include <stdlib.h> | 141 | #include <stdlib.h> | |
143 | #include <stdbool.h> | 142 | #include <strings.h> | |
144 | #include <string.h> | 143 | #include <string.h> | |
145 | #include <syslog.h> | 144 | #include <syslog.h> | |
146 | #include <time.h> | 145 | #include <time.h> | |
147 | #include <unistd.h> | 146 | #include <unistd.h> | |
148 | 147 | |||
149 | #include "bozohttpd.h" | 148 | #include "bozohttpd.h" | |
150 | 149 | |||
150 | #ifndef SSL_TIMEOUT | |||
151 | #define SSL_TIMEOUT "30" /* wait for 30 seconds for ssl handshake */ | |||
152 | #endif | |||
151 | #ifndef INITIAL_TIMEOUT | 153 | #ifndef INITIAL_TIMEOUT | |
152 | #define INITIAL_TIMEOUT "30" /* wait for 30 seconds initially */ | 154 | #define INITIAL_TIMEOUT "30" /* wait for 30 seconds initially */ | |
153 | #endif | 155 | #endif | |
154 | #ifndef HEADER_WAIT_TIME | 156 | #ifndef HEADER_WAIT_TIME | |
155 | #define HEADER_WAIT_TIME "10" /* need more headers every 10 seconds */ | 157 | #define HEADER_WAIT_TIME "10" /* need more headers every 10 seconds */ | |
156 | #endif | 158 | #endif | |
157 | #ifndef TOTAL_MAX_REQ_TIME | 159 | #ifndef TOTAL_MAX_REQ_TIME | |
158 | #define TOTAL_MAX_REQ_TIME "600" /* must have total request in 600 */ | 160 | #define TOTAL_MAX_REQ_TIME "600" /* must have total request in 600 */ | |
159 | #endif /* seconds */ | 161 | #endif /* seconds */ | |
160 | 162 | |||
161 | /* if monotonic time is not available try real time. */ | 163 | /* if monotonic time is not available try real time. */ | |
162 | #ifndef CLOCK_MONOTONIC | 164 | #ifndef CLOCK_MONOTONIC | |
163 | #define CLOCK_MONOTONIC CLOCK_REALTIME | 165 | #define CLOCK_MONOTONIC CLOCK_REALTIME | |
@@ -173,91 +175,76 @@ | @@ -173,91 +175,76 @@ | |||
173 | */ | 175 | */ | |
174 | struct { | 176 | struct { | |
175 | const char *file; | 177 | const char *file; | |
176 | const char *name; | 178 | const char *name; | |
177 | } specials[] = { | 179 | } specials[] = { | |
178 | { DIRECT_ACCESS_FILE, "rejected direct access request" }, | 180 | { DIRECT_ACCESS_FILE, "rejected direct access request" }, | |
179 | { REDIRECT_FILE, "rejected redirect request" }, | 181 | { REDIRECT_FILE, "rejected redirect request" }, | |
180 | { ABSREDIRECT_FILE, "rejected absredirect request" }, | 182 | { ABSREDIRECT_FILE, "rejected absredirect request" }, | |
181 | { REMAP_FILE, "rejected remap request" }, | 183 | { REMAP_FILE, "rejected remap request" }, | |
182 | { AUTH_FILE, "rejected authfile request" }, | 184 | { AUTH_FILE, "rejected authfile request" }, | |
183 | { NULL, NULL }, | 185 | { NULL, NULL }, | |
184 | }; | 186 | }; | |
185 | 187 | |||
186 | volatile sig_atomic_t timeout_hit; | 188 | volatile sig_atomic_t bozo_timeout_hit; | |
187 | 189 | |||
188 | /* | 190 | /* | |
189 | * check there's enough space in the prefs and names arrays. | 191 | * check there's enough space in the prefs and names arrays. | |
190 | */ | 192 | */ | |
191 | static int | 193 | static int | |
192 | size_arrays(bozoprefs_t *bozoprefs, size_t needed) | 194 | size_arrays(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, size_t needed) | |
193 | { | 195 | { | |
194 | char **temp; | 196 | size_t len = sizeof(char *) * needed; | |
195 | 197 | |||
196 | if (bozoprefs->size == 0) { | 198 | if (bozoprefs->size == 0) { | |
197 | /* only get here first time around */ | 199 | /* only get here first time around */ | |
198 | bozoprefs->name = calloc(sizeof(char *), needed); | 200 | bozoprefs->name = bozomalloc(httpd, len); | |
199 | if (bozoprefs->name == NULL) | 201 | bozoprefs->value = bozomalloc(httpd, len); | |
200 | return 0; | |||
201 | bozoprefs->value = calloc(sizeof(char *), needed); | |||
202 | if (bozoprefs->value == NULL) { | |||
203 | free(bozoprefs->name); | |||
204 | return 0; | |||
205 | } | |||
206 | bozoprefs->size = needed; | |||
207 | } else if (bozoprefs->count == bozoprefs->size) { | 202 | } else if (bozoprefs->count == bozoprefs->size) { | |
208 | /* only uses 'needed' when filled array */ | 203 | /* only uses 'needed' when filled array */ | |
209 | temp = realloc(bozoprefs->name, sizeof(char *) * needed); | 204 | bozoprefs->name = bozorealloc(httpd, bozoprefs->name, len); | |
210 | if (temp == NULL) | 205 | bozoprefs->value = bozorealloc(httpd, bozoprefs->value, len); | |
211 | return 0; | |||
212 | bozoprefs->name = temp; | |||
213 | temp = realloc(bozoprefs->value, sizeof(char *) * needed); | |||
214 | if (temp == NULL) | |||
215 | return 0; | |||
216 | bozoprefs->value = temp; | |||
217 | bozoprefs->size += needed; | |||
218 | } | 206 | } | |
207 | ||||
208 | bozoprefs->size = needed; | |||
219 | return 1; | 209 | return 1; | |
220 | } | 210 | } | |
221 | 211 | |||
222 | static ssize_t | 212 | static ssize_t | |
223 | findvar(bozoprefs_t *bozoprefs, const char *name) | 213 | findvar(bozoprefs_t *bozoprefs, const char *name) | |
224 | { | 214 | { | |
225 | size_t i; | 215 | size_t i; | |
226 | 216 | |||
227 | for (i = 0; i < bozoprefs->count; i++) | 217 | for (i = 0; i < bozoprefs->count; i++) | |
228 | if (strcmp(bozoprefs->name[i], name) == 0) | 218 | if (strcmp(bozoprefs->name[i], name) == 0) | |
229 | return (ssize_t)i; | 219 | return (ssize_t)i; | |
230 | return -1; | 220 | return -1; | |
231 | } | 221 | } | |
232 | 222 | |||
233 | int | 223 | int | |
234 | bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, | 224 | bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozoprefs, | |
235 | const char *name, const char *value) | 225 | const char *name, const char *value) | |
236 | { | 226 | { | |
237 | ssize_t i; | 227 | ssize_t i; | |
238 | 228 | |||
239 | if ((i = findvar(bozoprefs, name)) < 0) { | 229 | if ((i = findvar(bozoprefs, name)) < 0) { | |
240 | /* add the element to the array */ | 230 | /* add the element to the array */ | |
241 | if (!size_arrays(bozoprefs, bozoprefs->size + 15)) | 231 | if (!size_arrays(httpd, bozoprefs, bozoprefs->size + 15)) | |
242 | return 0; | 232 | return 0; | |
243 | i = bozoprefs->count++; | 233 | i = bozoprefs->count++; | |
244 | bozoprefs->name[i] = bozostrdup(httpd, NULL, name); | 234 | bozoprefs->name[i] = bozostrdup(httpd, NULL, name); | |
245 | } else { | 235 | } else { | |
246 | /* replace the element in the array */ | 236 | /* replace the element in the array */ | |
247 | if (bozoprefs->value[i]) { | 237 | free(bozoprefs->value[i]); | |
248 | free(bozoprefs->value[i]); | |||
249 | bozoprefs->value[i] = NULL; | |||
250 | } | |||
251 | } | 238 | } | |
252 | bozoprefs->value[i] = bozostrdup(httpd, NULL, value); | 239 | bozoprefs->value[i] = bozostrdup(httpd, NULL, value); | |
253 | return 1; | 240 | return 1; | |
254 | } | 241 | } | |
255 | 242 | |||
256 | /* | 243 | /* | |
257 | * get a variable's value, or NULL | 244 | * get a variable's value, or NULL | |
258 | */ | 245 | */ | |
259 | char * | 246 | char * | |
260 | bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) | 247 | bozo_get_pref(bozoprefs_t *bozoprefs, const char *name) | |
261 | { | 248 | { | |
262 | ssize_t i; | 249 | ssize_t i; | |
263 | 250 | |||
@@ -286,27 +273,27 @@ bozo_http_date(char *date, size_t datele | @@ -286,27 +273,27 @@ bozo_http_date(char *date, size_t datele | |||
286 | static void | 273 | static void | |
287 | parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, | 274 | parse_request(bozohttpd_t *httpd, char *in, char **method, char **file, | |
288 | char **query, char **proto) | 275 | char **query, char **proto) | |
289 | { | 276 | { | |
290 | ssize_t len; | 277 | ssize_t len; | |
291 | char *val; | 278 | char *val; | |
292 | 279 | |||
293 | USE_ARG(httpd); | 280 | USE_ARG(httpd); | |
294 | debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); | 281 | debug((httpd, DEBUG_EXPLODING, "parse in: %s", in)); | |
295 | *method = *file = *query = *proto = NULL; | 282 | *method = *file = *query = *proto = NULL; | |
296 | 283 | |||
297 | len = (ssize_t)strlen(in); | 284 | len = (ssize_t)strlen(in); | |
298 | val = bozostrnsep(&in, " \t\n\r", &len); | 285 | val = bozostrnsep(&in, " \t\n\r", &len); | |
299 | if (len < 1 || val == NULL) | 286 | if (len < 1 || val == NULL || in == NULL) | |
300 | return; | 287 | return; | |
301 | *method = val; | 288 | *method = val; | |
302 | 289 | |||
303 | while (*in == ' ' || *in == '\t') | 290 | while (*in == ' ' || *in == '\t') | |
304 | in++; | 291 | in++; | |
305 | val = bozostrnsep(&in, " \t\n\r", &len); | 292 | val = bozostrnsep(&in, " \t\n\r", &len); | |
306 | if (len < 1) { | 293 | if (len < 1) { | |
307 | if (len == 0) | 294 | if (len == 0) | |
308 | *file = val; | 295 | *file = val; | |
309 | else | 296 | else | |
310 | *file = in; | 297 | *file = in; | |
311 | } else { | 298 | } else { | |
312 | *file = val; | 299 | *file = val; | |
@@ -376,50 +363,51 @@ bozo_clean_request(bozo_httpreq_t *reque | @@ -376,50 +363,51 @@ bozo_clean_request(bozo_httpreq_t *reque | |||
376 | } | 363 | } | |
377 | free(ohdr); | 364 | free(ohdr); | |
378 | 365 | |||
379 | free(request); | 366 | free(request); | |
380 | } | 367 | } | |
381 | 368 | |||
382 | /* | 369 | /* | |
383 | * send a HTTP/1.1 408 response if we timeout. | 370 | * send a HTTP/1.1 408 response if we timeout. | |
384 | */ | 371 | */ | |
385 | /* ARGSUSED */ | 372 | /* ARGSUSED */ | |
386 | static void | 373 | static void | |
387 | alarmer(int sig) | 374 | alarmer(int sig) | |
388 | { | 375 | { | |
389 | timeout_hit = 1; | 376 | bozo_timeout_hit = 1; | |
390 | } | 377 | } | |
391 | 378 | |||
392 | 379 | |||
393 | /* | 380 | /* | |
394 | * set a timeout for "initial", "header", or "request". | 381 | * set a timeout for "ssl", "initial", "header", or "request". | |
395 | */ | 382 | */ | |
396 | int | 383 | int | |
397 | bozo_set_timeout(bozohttpd_t *httpd, bozoprefs_t *prefs, | 384 | bozo_set_timeout(bozohttpd_t *httpd, bozoprefs_t *prefs, | |
398 | const char *target, const char *val) | 385 | const char *target, const char *val) | |
399 | { | 386 | { | |
400 | const char *cur, *timeouts[] = { | 387 | const char **cur, *timeouts[] = { | |
388 | "ssl timeout", | |||
401 | "initial timeout", | 389 | "initial timeout", | |
402 | "header timeout", | 390 | "header timeout", | |
403 | "request timeout", | 391 | "request timeout", | |
404 | NULL, | 392 | NULL, | |
405 | }; | 393 | }; | |
406 | /* adjust minlen if more timeouts appear with conflicting names */ | 394 | /* adjust minlen if more timeouts appear with conflicting names */ | |
407 | const size_t minlen = 1; | 395 | const size_t minlen = 1; | |
408 | size_t len = strlen(target); | 396 | size_t len = strlen(target); | |
409 | 397 | |||
410 | for (cur = timeouts[0]; len >= minlen && *cur; cur++) { | 398 | for (cur = timeouts; len >= minlen && *cur; cur++) { | |
411 | if (strncmp(target, cur, len) == 0) { | 399 | if (strncmp(target, *cur, len) == 0) { | |
412 | bozo_set_pref(httpd, prefs, cur, val); | 400 | bozo_set_pref(httpd, prefs, *cur, val); | |
413 | return 0; | 401 | return 0; | |
414 | } | 402 | } | |
415 | } | 403 | } | |
416 | return 1; | 404 | return 1; | |
417 | } | 405 | } | |
418 | 406 | |||
419 | /* | 407 | /* | |
420 | * a list of header quirks: currently, a list of headers that | 408 | * a list of header quirks: currently, a list of headers that | |
421 | * can't be folded into a single line. | 409 | * can't be folded into a single line. | |
422 | */ | 410 | */ | |
423 | const char *header_quirks[] = { "WWW-Authenticate", NULL }; | 411 | const char *header_quirks[] = { "WWW-Authenticate", NULL }; | |
424 | 412 | |||
425 | /* | 413 | /* | |
@@ -575,64 +563,62 @@ process_method(bozo_httpreq_t *request, | @@ -575,64 +563,62 @@ process_method(bozo_httpreq_t *request, | |||
575 | if (strcasecmp(method, mmp->name) == 0) { | 563 | if (strcasecmp(method, mmp->name) == 0) { | |
576 | request->hr_method = mmp->type; | 564 | request->hr_method = mmp->type; | |
577 | request->hr_methodstr = mmp->name; | 565 | request->hr_methodstr = mmp->name; | |
578 | return 0; | 566 | return 0; | |
579 | } | 567 | } | |
580 | 568 | |||
581 | return bozo_http_error(httpd, 404, request, "unknown method"); | 569 | return bozo_http_error(httpd, 404, request, "unknown method"); | |
582 | } | 570 | } | |
583 | 571 | |||
584 | /* check header byte count */ | 572 | /* check header byte count */ | |
585 | static int | 573 | static int | |
586 | bozo_got_header_length(bozo_httpreq_t *request, size_t len) | 574 | bozo_got_header_length(bozo_httpreq_t *request, size_t len) | |
587 | { | 575 | { | |
576 | ||||
577 | if (len > BOZO_HEADERS_MAX_SIZE - request->hr_header_bytes) | |||
578 | return bozo_http_error(request->hr_httpd, 413, request, | |||
579 | "too many headers"); | |||
580 | ||||
588 | request->hr_header_bytes += len; | 581 | request->hr_header_bytes += len; | |
589 | if (request->hr_header_bytes < BOZO_HEADERS_MAX_SIZE) | |||
590 | return 0; | |||
591 | 582 | |||
592 | return bozo_http_error(request->hr_httpd, 413, request, | 583 | return 0; | |
593 | "too many headers"); | |||
594 | } | 584 | } | |
595 | 585 | |||
596 | /* | 586 | /* | |
597 | * This function reads a http request from stdin, returning a pointer to a | 587 | * This function reads a http request from stdin, returning a pointer to a | |
598 | * bozo_httpreq_t structure, describing the request. | 588 | * bozo_httpreq_t structure, describing the request. | |
599 | */ | 589 | */ | |
600 | bozo_httpreq_t * | 590 | bozo_httpreq_t * | |
601 | bozo_read_request(bozohttpd_t *httpd) | 591 | bozo_read_request(bozohttpd_t *httpd) | |
602 | { | 592 | { | |
603 | struct sigaction sa; | 593 | struct sigaction sa; | |
604 | char *str, *val, *method, *file, *proto, *query; | 594 | char *str, *val, *method, *file, *proto, *query; | |
605 | char *host, *addr, *port; | 595 | char *host, *addr, *port; | |
606 | char bufport[10]; | 596 | char bufport[10]; | |
607 | char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; | 597 | char hbuf[NI_MAXHOST], abuf[NI_MAXHOST]; | |
608 | struct sockaddr_storage ss; | 598 | struct sockaddr_storage ss; | |
609 | ssize_t len; | 599 | ssize_t len; | |
610 | int line = 0; | 600 | int line = 0; | |
611 | socklen_t slen; | 601 | socklen_t slen; | |
612 | bozo_httpreq_t *request; | 602 | bozo_httpreq_t *request; | |
613 | struct timespec ots, ts; | 603 | struct timespec ots, ts; | |
614 | 604 | |||
615 | /* | 605 | /* | |
616 | * if we're in daemon mode, bozo_daemon_fork() will return here twice | 606 | * if we're in daemon mode, bozo_daemon_fork() will return here twice | |
617 | * for each call. once in the child, returning 0, and once in the | 607 | * for each call. once in the child, returning 0, and once in the | |
618 | * parent, returning 1. for each child, then we can setup SSL, and | 608 | * parent, returning 1 for each child. | |
619 | * the parent can signal the caller there was no request to process | |||
620 | * and it will wait for another. | |||
621 | */ | 609 | */ | |
622 | if (bozo_daemon_fork(httpd)) | 610 | if (bozo_daemon_fork(httpd)) | |
623 | return NULL; | 611 | return NULL; | |
624 | if (bozo_ssl_accept(httpd)) | |||
625 | return NULL; | |||
626 | 612 | |||
627 | request = bozomalloc(httpd, sizeof(*request)); | 613 | request = bozomalloc(httpd, sizeof(*request)); | |
628 | memset(request, 0, sizeof(*request)); | 614 | memset(request, 0, sizeof(*request)); | |
629 | request->hr_httpd = httpd; | 615 | request->hr_httpd = httpd; | |
630 | request->hr_allow = request->hr_host = NULL; | 616 | request->hr_allow = request->hr_host = NULL; | |
631 | request->hr_content_type = request->hr_content_length = NULL; | 617 | request->hr_content_type = request->hr_content_length = NULL; | |
632 | request->hr_range = NULL; | 618 | request->hr_range = NULL; | |
633 | request->hr_last_byte_pos = -1; | 619 | request->hr_last_byte_pos = -1; | |
634 | request->hr_if_modified_since = NULL; | 620 | request->hr_if_modified_since = NULL; | |
635 | request->hr_virthostname = NULL; | 621 | request->hr_virthostname = NULL; | |
636 | request->hr_file = NULL; | 622 | request->hr_file = NULL; | |
637 | request->hr_oldfile = NULL; | 623 | request->hr_oldfile = NULL; | |
638 | SIMPLEQ_INIT(&request->hr_replheaders); | 624 | SIMPLEQ_INIT(&request->hr_replheaders); | |
@@ -688,51 +674,59 @@ bozo_read_request(bozohttpd_t *httpd) | @@ -688,51 +674,59 @@ bozo_read_request(bozohttpd_t *httpd) | |||
688 | * setup a timer to make sure the request is not hung | 674 | * setup a timer to make sure the request is not hung | |
689 | */ | 675 | */ | |
690 | sa.sa_handler = alarmer; | 676 | sa.sa_handler = alarmer; | |
691 | sigemptyset(&sa.sa_mask); | 677 | sigemptyset(&sa.sa_mask); | |
692 | sigaddset(&sa.sa_mask, SIGALRM); | 678 | sigaddset(&sa.sa_mask, SIGALRM); | |
693 | sa.sa_flags = 0; | 679 | sa.sa_flags = 0; | |
694 | sigaction(SIGALRM, &sa, NULL); | 680 | sigaction(SIGALRM, &sa, NULL); | |
695 | 681 | |||
696 | if (clock_gettime(CLOCK_MONOTONIC, &ots) != 0) { | 682 | if (clock_gettime(CLOCK_MONOTONIC, &ots) != 0) { | |
697 | bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); | 683 | bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); | |
698 | goto cleanup; | 684 | goto cleanup; | |
699 | } | 685 | } | |
700 | 686 | |||
687 | /* | |||
688 | * now to try to setup SSL, and upon failure parent can signal the | |||
689 | * caller there was no request to process and it will wait for | |||
690 | * another. | |||
691 | */ | |||
692 | if (bozo_ssl_accept(httpd)) | |||
693 | return NULL; | |||
694 | ||||
701 | alarm(httpd->initial_timeout); | 695 | alarm(httpd->initial_timeout); | |
702 | while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { | 696 | while ((str = bozodgetln(httpd, STDIN_FILENO, &len, bozo_read)) != NULL) { | |
703 | alarm(0); | 697 | alarm(0); | |
704 | 698 | |||
705 | if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) { | 699 | if (clock_gettime(CLOCK_MONOTONIC, &ts) != 0) { | |
706 | bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); | 700 | bozo_http_error(httpd, 500, NULL, "clock_gettime failed"); | |
707 | goto cleanup; | 701 | goto cleanup; | |
708 | } | 702 | } | |
709 | /* | 703 | /* | |
710 | * don't timeout if old tv_sec is not more than current | 704 | * don't timeout if old tv_sec is not more than current | |
711 | * tv_sec, or if current tv_sec is less than the request | 705 | * tv_sec, or if current tv_sec is less than the request | |
712 | * timeout (these shouldn't happen, but the first could | 706 | * timeout (these shouldn't happen, but the first could | |
713 | * if monotonic time is not available.) | 707 | * if monotonic time is not available.) | |
714 | * | 708 | * | |
715 | * the other timeout and header size checks should ensure | 709 | * the other timeout and header size checks should ensure | |
716 | * that even if time it set backwards or forwards a very | 710 | * that even if time it set backwards or forwards a very | |
717 | * long way, timeout will eventually happen, even if this | 711 | * long way, timeout will eventually happen, even if this | |
718 | * one fails. | 712 | * one fails. | |
719 | */ | 713 | */ | |
720 | if (ts.tv_sec > ots.tv_sec && | 714 | if (ts.tv_sec > ots.tv_sec && | |
721 | ts.tv_sec > httpd->request_timeout && | 715 | ts.tv_sec > httpd->request_timeout && | |
722 | ts.tv_sec - httpd->request_timeout > ots.tv_sec) | 716 | ts.tv_sec - httpd->request_timeout > ots.tv_sec) | |
723 | timeout_hit = 1; | 717 | bozo_timeout_hit = 1; | |
724 | 718 | |||
725 | if (timeout_hit) { | 719 | if (bozo_timeout_hit) { | |
726 | bozo_http_error(httpd, 408, NULL, "request timed out"); | 720 | bozo_http_error(httpd, 408, NULL, "request timed out"); | |
727 | goto cleanup; | 721 | goto cleanup; | |
728 | } | 722 | } | |
729 | line++; | 723 | line++; | |
730 | 724 | |||
731 | if (line == 1) { | 725 | if (line == 1) { | |
732 | if (len < 1) { | 726 | if (len < 1) { | |
733 | bozo_http_error(httpd, 404, NULL, "null method"); | 727 | bozo_http_error(httpd, 404, NULL, "null method"); | |
734 | goto cleanup; | 728 | goto cleanup; | |
735 | } | 729 | } | |
736 | bozowarn(httpd, | 730 | bozowarn(httpd, | |
737 | "got request ``%s'' from host %s to port %s", | 731 | "got request ``%s'' from host %s to port %s", | |
738 | str, | 732 | str, | |
@@ -983,27 +977,27 @@ bozo_escape_rfc3986(bozohttpd_t *httpd, | @@ -983,27 +977,27 @@ bozo_escape_rfc3986(bozohttpd_t *httpd, | |||
983 | { | 977 | { | |
984 | static char *buf; | 978 | static char *buf; | |
985 | static size_t buflen = 0; | 979 | static size_t buflen = 0; | |
986 | size_t len; | 980 | size_t len; | |
987 | const char *s; | 981 | const char *s; | |
988 | char *d; | 982 | char *d; | |
989 | 983 | |||
990 | len = strlen(url); | 984 | len = strlen(url); | |
991 | if (buflen < len * 3 + 1) { | 985 | if (buflen < len * 3 + 1) { | |
992 | buflen = len * 3 + 1; | 986 | buflen = len * 3 + 1; | |
993 | buf = bozorealloc(httpd, buf, buflen); | 987 | buf = bozorealloc(httpd, buf, buflen); | |
994 | } | 988 | } | |
995 | 989 | |||
996 | for (len = 0, s = url, d = buf; *s;) { | 990 | for (s = url, d = buf; *s;) { | |
997 | if (*s & 0x80) | 991 | if (*s & 0x80) | |
998 | goto encode_it; | 992 | goto encode_it; | |
999 | switch (*s) { | 993 | switch (*s) { | |
1000 | case ':': | 994 | case ':': | |
1001 | case '?': | 995 | case '?': | |
1002 | case '#': | 996 | case '#': | |
1003 | case '[': | 997 | case '[': | |
1004 | case ']': | 998 | case ']': | |
1005 | case '@': | 999 | case '@': | |
1006 | case '!': | 1000 | case '!': | |
1007 | case '$': | 1001 | case '$': | |
1008 | case '&': | 1002 | case '&': | |
1009 | case '\'': | 1003 | case '\'': | |
@@ -1013,38 +1007,36 @@ bozo_escape_rfc3986(bozohttpd_t *httpd, | @@ -1013,38 +1007,36 @@ bozo_escape_rfc3986(bozohttpd_t *httpd, | |||
1013 | case '+': | 1007 | case '+': | |
1014 | case ',': | 1008 | case ',': | |
1015 | case ';': | 1009 | case ';': | |
1016 | case '=': | 1010 | case '=': | |
1017 | case '%': | 1011 | case '%': | |
1018 | case '"': | 1012 | case '"': | |
1019 | if (absolute) | 1013 | if (absolute) | |
1020 | goto leave_it; | 1014 | goto leave_it; | |
1021 | /*FALLTHROUGH*/ | 1015 | /*FALLTHROUGH*/ | |
1022 | case '\n': | 1016 | case '\n': | |
1023 | case '\r': | 1017 | case '\r': | |
1024 | case ' ': | 1018 | case ' ': | |
1025 | encode_it: | 1019 | encode_it: | |
1026 | snprintf(d, 4, "%%%02X", *s++); | 1020 | snprintf(d, 4, "%%%02X", (unsigned char)*s++); | |
1027 | d += 3; | 1021 | d += 3; | |
1028 | len += 3; | |||
1029 | break; | 1022 | break; | |
1030 | default: | 1023 | default: | |
1031 | leave_it: | 1024 | leave_it: | |
1032 | *d++ = *s++; | 1025 | *d++ = *s++; | |
1033 | len++; | |||
1034 | break; | 1026 | break; | |
1035 | } | 1027 | } | |
1036 | } | 1028 | } | |
1037 | buf[len] = 0; | 1029 | *d = 0; | |
1038 | 1030 | |||
1039 | return buf; | 1031 | return buf; | |
1040 | } | 1032 | } | |
1041 | 1033 | |||
1042 | /* | 1034 | /* | |
1043 | * do automatic redirection -- if there are query parameters or userdir for | 1035 | * do automatic redirection -- if there are query parameters or userdir for | |
1044 | * the URL we will tack these on to the new (redirected) URL. | 1036 | * the URL we will tack these on to the new (redirected) URL. | |
1045 | */ | 1037 | */ | |
1046 | static void | 1038 | static void | |
1047 | handle_redirect(bozo_httpreq_t *request, const char *url, int absolute) | 1039 | handle_redirect(bozo_httpreq_t *request, const char *url, int absolute) | |
1048 | { | 1040 | { | |
1049 | bozohttpd_t *httpd = request->hr_httpd; | 1041 | bozohttpd_t *httpd = request->hr_httpd; | |
1050 | char *finalurl, *urlbuf; | 1042 | char *finalurl, *urlbuf; | |
@@ -1182,27 +1174,27 @@ esccmp(const char *s_plain, const char * | @@ -1182,27 +1174,27 @@ esccmp(const char *s_plain, const char * | |||
1182 | 1174 | |||
1183 | /* | 1175 | /* | |
1184 | * Check if the request refers to a uri that is mapped via a .bzremap. | 1176 | * Check if the request refers to a uri that is mapped via a .bzremap. | |
1185 | * We have /requested/path:/re/mapped/to/this.html lines in there, | 1177 | * We have /requested/path:/re/mapped/to/this.html lines in there, | |
1186 | * and the : separator may be use in the left hand side escaped with | 1178 | * and the : separator may be use in the left hand side escaped with | |
1187 | * \ to encode a path containig a : character. | 1179 | * \ to encode a path containig a : character. | |
1188 | */ | 1180 | */ | |
1189 | static void | 1181 | static void | |
1190 | check_remap(bozo_httpreq_t *request) | 1182 | check_remap(bozo_httpreq_t *request) | |
1191 | { | 1183 | { | |
1192 | bozohttpd_t *httpd = request->hr_httpd; | 1184 | bozohttpd_t *httpd = request->hr_httpd; | |
1193 | char *file = request->hr_file, *newfile; | 1185 | char *file = request->hr_file, *newfile; | |
1194 | void *fmap; | 1186 | void *fmap; | |
1195 | const char *replace, *map_to, *p; | 1187 | const char *replace = NULL, *map_to = NULL, *p; | |
1196 | struct stat st; | 1188 | struct stat st; | |
1197 | int mapfile; | 1189 | int mapfile; | |
1198 | size_t avail, len, rlen, reqlen, num_esc = 0; | 1190 | size_t avail, len, rlen, reqlen, num_esc = 0; | |
1199 | bool escaped = false; | 1191 | bool escaped = false; | |
1200 | 1192 | |||
1201 | mapfile = open(REMAP_FILE, O_RDONLY, 0); | 1193 | mapfile = open(REMAP_FILE, O_RDONLY, 0); | |
1202 | if (mapfile == -1) | 1194 | if (mapfile == -1) | |
1203 | return; | 1195 | return; | |
1204 | debug((httpd, DEBUG_FAT, "remap file found")); | 1196 | debug((httpd, DEBUG_FAT, "remap file found")); | |
1205 | if (fstat(mapfile, &st) == -1) { | 1197 | if (fstat(mapfile, &st) == -1) { | |
1206 | bozowarn(httpd, "could not stat " REMAP_FILE ", errno: %d", | 1198 | bozowarn(httpd, "could not stat " REMAP_FILE ", errno: %d", | |
1207 | errno); | 1199 | errno); | |
1208 | goto out; | 1200 | goto out; | |
@@ -1311,60 +1303,66 @@ out: | @@ -1311,60 +1303,66 @@ out: | |||
1311 | static int | 1303 | static int | |
1312 | check_virtual(bozo_httpreq_t *request) | 1304 | check_virtual(bozo_httpreq_t *request) | |
1313 | { | 1305 | { | |
1314 | bozohttpd_t *httpd = request->hr_httpd; | 1306 | bozohttpd_t *httpd = request->hr_httpd; | |
1315 | char *file = request->hr_file, *s; | 1307 | char *file = request->hr_file, *s; | |
1316 | size_t len; | 1308 | size_t len; | |
1317 | 1309 | |||
1318 | /* | 1310 | /* | |
1319 | * convert http://virtual.host/ to request->hr_host | 1311 | * convert http://virtual.host/ to request->hr_host | |
1320 | */ | 1312 | */ | |
1321 | debug((httpd, DEBUG_OBESE, | 1313 | debug((httpd, DEBUG_OBESE, | |
1322 | "checking for http:// virtual host in '%s'", file)); | 1314 | "checking for http:// virtual host in '%s'", file)); | |
1323 | if (strncasecmp(file, "http://", 7) == 0) { | 1315 | if (strncasecmp(file, "http://", 7) == 0) { | |
1316 | /* bozostrdup() might access it. */ | |||
1317 | char *old_file = request->hr_file; | |||
1318 | ||||
1324 | /* we would do virtual hosting here? */ | 1319 | /* we would do virtual hosting here? */ | |
1325 | file += 7; | 1320 | file += 7; | |
1326 | /* RFC 2616 (HTTP/1.1), 5.2: URI takes precedence over Host: */ | 1321 | /* RFC 2616 (HTTP/1.1), 5.2: URI takes precedence over Host: */ | |
1327 | free(request->hr_host); | 1322 | free(request->hr_host); | |
1328 | request->hr_host = bozostrdup(httpd, request, file); | 1323 | request->hr_host = bozostrdup(httpd, request, file); | |
1329 | if ((s = strchr(request->hr_host, '/')) != NULL) | 1324 | if ((s = strchr(request->hr_host, '/')) != NULL) | |
1330 | *s = '\0'; | 1325 | *s = '\0'; | |
1331 | s = strchr(file, '/'); | 1326 | s = strchr(file, '/'); | |
1332 | free(request->hr_file); | |||
1333 | request->hr_file = bozostrdup(httpd, request, s ? s : "/"); | 1327 | request->hr_file = bozostrdup(httpd, request, s ? s : "/"); | |
1328 | free(old_file); | |||
1334 | debug((httpd, DEBUG_OBESE, "got host '%s' file is now '%s'", | 1329 | debug((httpd, DEBUG_OBESE, "got host '%s' file is now '%s'", | |
1335 | request->hr_host, request->hr_file)); | 1330 | request->hr_host, request->hr_file)); | |
1336 | } else if (!request->hr_host) | 1331 | } else if (!request->hr_host) | |
1337 | goto use_slashdir; | 1332 | goto use_slashdir; | |
1338 | 1333 | |||
1339 | /* | 1334 | /* | |
1340 | * canonicalise hr_host - that is, remove any :80. | 1335 | * canonicalise hr_host - that is, remove any :80. | |
1341 | */ | 1336 | */ | |
1342 | len = strlen(request->hr_host); | 1337 | len = strlen(request->hr_host); | |
1343 | if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) { | 1338 | if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) { | |
1344 | request->hr_host[len - 3] = '\0'; | 1339 | request->hr_host[len - 3] = '\0'; | |
1345 | len = strlen(request->hr_host); | 1340 | len = strlen(request->hr_host); | |
1346 | } | 1341 | } | |
1347 | 1342 | |||
1348 | if (!httpd->virtbase) { | 1343 | if (!httpd->virtbase) { | |
1349 | /* | 1344 | /* | |
1350 | * if we don't use vhost support, then set virthostname if | 1345 | * if we don't use vhost support, then set virthostname if | |
1351 | * user supplied Host header. It will be used for possible | 1346 | * user supplied Host header. It will be used for possible | |
1352 | * redirections | 1347 | * redirections | |
1353 | */ | 1348 | */ | |
1354 | if (request->hr_host) { | 1349 | if (request->hr_host) { | |
1355 | s = strrchr(request->hr_host, ':'); | 1350 | s = strrchr(request->hr_host, ':'); | |
1356 | if (s != NULL) | 1351 | if (s != NULL) | |
1357 | /* truncate Host: as we want to copy it without port part */ | 1352 | /* | |
1353 | * truncate Host: as we want to copy it | |||
1354 | * without port part | |||
1355 | */ | |||
1358 | *s = '\0'; | 1356 | *s = '\0'; | |
1359 | request->hr_virthostname = bozostrdup(httpd, request, | 1357 | request->hr_virthostname = bozostrdup(httpd, request, | |
1360 | request->hr_host); | 1358 | request->hr_host); | |
1361 | if (s != NULL) | 1359 | if (s != NULL) | |
1362 | /* fix Host: again, if we truncated it */ | 1360 | /* fix Host: again, if we truncated it */ | |
1363 | *s = ':'; | 1361 | *s = ':'; | |
1364 | } | 1362 | } | |
1365 | goto use_slashdir; | 1363 | goto use_slashdir; | |
1366 | } | 1364 | } | |
1367 | 1365 | |||
1368 | /* | 1366 | /* | |
1369 | * ok, we have a virtual host, use opendir(3) to find a case | 1367 | * ok, we have a virtual host, use opendir(3) to find a case | |
1370 | * insensitive match for the virtual host we are asked for. | 1368 | * insensitive match for the virtual host we are asked for. | |
@@ -1431,55 +1429,55 @@ use_slashdir: | @@ -1431,55 +1429,55 @@ use_slashdir: | |||
1431 | } | 1429 | } | |
1432 | 1430 | |||
1433 | /* | 1431 | /* | |
1434 | * checks to see if this request has a valid .bzredirect file. returns | 1432 | * checks to see if this request has a valid .bzredirect file. returns | |
1435 | * 0 when no redirection happend, or 1 when handle_redirect() has been | 1433 | * 0 when no redirection happend, or 1 when handle_redirect() has been | |
1436 | * called, -1 on error. | 1434 | * called, -1 on error. | |
1437 | */ | 1435 | */ | |
1438 | static int | 1436 | static int | |
1439 | check_bzredirect(bozo_httpreq_t *request) | 1437 | check_bzredirect(bozo_httpreq_t *request) | |
1440 | { | 1438 | { | |
1441 | bozohttpd_t *httpd = request->hr_httpd; | 1439 | bozohttpd_t *httpd = request->hr_httpd; | |
1442 | struct stat sb; | 1440 | struct stat sb; | |
1443 | char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1], | 1441 | char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN + 1], | |
1444 | path[MAXPATHLEN]; | 1442 | path[MAXPATHLEN + 1]; | |
1445 | char *basename, *finalredir; | 1443 | char *basename, *finalredir; | |
1446 | int rv, absolute; | 1444 | int rv, absolute; | |
1447 | 1445 | |||
1448 | /* | 1446 | /* | |
1449 | * if this pathname is really a directory, but doesn't end in /, | 1447 | * if this pathname is really a directory, but doesn't end in /, | |
1450 | * use it as the directory to look for the redir file. | 1448 | * use it as the directory to look for the redir file. | |
1451 | */ | 1449 | */ | |
1452 | if ((size_t)snprintf(dir, sizeof(dir), "%s", request->hr_file + 1) >= | 1450 | if ((size_t)snprintf(dir, sizeof(dir), "%s", request->hr_file + 1) >= | |
1453 | sizeof(dir)) { | 1451 | sizeof(dir)) { | |
1454 | bozo_http_error(httpd, 404, request, "file path too long"); | 1452 | bozo_http_error(httpd, 404, request, "file path too long"); | |
1455 | return -1; | 1453 | return -1; | |
1456 | } | 1454 | } | |
1457 | debug((httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); | 1455 | debug((httpd, DEBUG_FAT, "check_bzredirect: dir %s", dir)); | |
1458 | basename = strrchr(dir, '/'); | 1456 | basename = strrchr(dir, '/'); | |
1459 | 1457 | |||
1460 | if ((!basename || basename[1] != '\0') && | 1458 | if ((!basename || basename[1] != '\0') && | |
1461 | lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) { | 1459 | lstat(dir, &sb) == 0 && S_ISDIR(sb.st_mode)) { | |
1462 | strcpy(path, dir); | 1460 | strcpy(path, dir); | |
1463 | basename = dir; | 1461 | basename = dir; | |
1464 | } else if (basename == NULL) { | 1462 | } else if (basename == NULL) { | |
1465 | strcpy(path, "."); | 1463 | strcpy(path, "."); | |
1466 | strcpy(dir, ""); | 1464 | strcpy(dir, ""); | |
1467 | basename = dir; | 1465 | basename = request->hr_file + 1; | |
1468 | } else { | 1466 | } else { | |
1469 | *basename++ = '\0'; | 1467 | *basename++ = '\0'; | |
1470 | strcpy(path, dir); | 1468 | strcpy(path, dir); | |
1471 | } | 1469 | } | |
1472 | if (bozo_check_special_files(request, basename)) | 1470 | if (bozo_check_special_files(request, basename, true)) | |
1473 | return -1; | 1471 | return -1; | |
1474 | 1472 | |||
1475 | debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path)); | 1473 | debug((httpd, DEBUG_FAT, "check_bzredirect: path %s", path)); | |
1476 | 1474 | |||
1477 | if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, | 1475 | if ((size_t)snprintf(redir, sizeof(redir), "%s/%s", path, | |
1478 | REDIRECT_FILE) >= sizeof(redir)) { | 1476 | REDIRECT_FILE) >= sizeof(redir)) { | |
1479 | return bozo_http_error(httpd, 404, request, | 1477 | return bozo_http_error(httpd, 404, request, | |
1480 | "redirectfile path too long"); | 1478 | "redirectfile path too long"); | |
1481 | } | 1479 | } | |
1482 | if (lstat(redir, &sb) == 0) { | 1480 | if (lstat(redir, &sb) == 0) { | |
1483 | if (!S_ISLNK(sb.st_mode)) | 1481 | if (!S_ISLNK(sb.st_mode)) | |
1484 | return 0; | 1482 | return 0; | |
1485 | absolute = 0; | 1483 | absolute = 0; | |
@@ -1911,37 +1909,44 @@ bozo_process_request(bozo_httpreq_t *req | @@ -1911,37 +1909,44 @@ bozo_process_request(bozo_httpreq_t *req | |||
1911 | szleft -= sz; | 1909 | szleft -= sz; | |
1912 | } | 1910 | } | |
1913 | } | 1911 | } | |
1914 | cleanup: | 1912 | cleanup: | |
1915 | close(fd); | 1913 | close(fd); | |
1916 | cleanup_nofd: | 1914 | cleanup_nofd: | |
1917 | close(STDIN_FILENO); | 1915 | close(STDIN_FILENO); | |
1918 | close(STDOUT_FILENO); | 1916 | close(STDOUT_FILENO); | |
1919 | /*close(STDERR_FILENO);*/ | 1917 | /*close(STDERR_FILENO);*/ | |
1920 | } | 1918 | } | |
1921 | 1919 | |||
1922 | /* make sure we're not trying to access special files */ | 1920 | /* make sure we're not trying to access special files */ | |
1923 | int | 1921 | int | |
1924 | bozo_check_special_files(bozo_httpreq_t *request, const char *name) | 1922 | bozo_check_special_files(bozo_httpreq_t *request, const char *name, bool doerror) | |
1925 | { | 1923 | { | |
1926 | bozohttpd_t *httpd = request->hr_httpd; | 1924 | bozohttpd_t *httpd = request->hr_httpd; | |
1927 | size_t i; | 1925 | size_t i; | |
1926 | int error = 0; | |||
1928 | 1927 | |||
1929 | for (i = 0; specials[i].file; i++) | 1928 | for (i = 0; specials[i].file; i++) { | |
1930 | if (strcmp(name, specials[i].file) == 0) | 1929 | if (strcmp(name, specials[i].file) == 0) { | |
1931 | return bozo_http_error(httpd, 403, request, | 1930 | if (doerror) { | |
1931 | error = bozo_http_error(httpd, 403, request, | |||
1932 | specials[i].name); | 1932 | specials[i].name); | |
1933 | } else { | |||
1934 | error = -1; | |||
1935 | } | |||
1936 | } | |||
1937 | } | |||
1933 | 1938 | |||
1934 | return 0; | 1939 | return error; | |
1935 | } | 1940 | } | |
1936 | 1941 | |||
1937 | /* generic header printing routine */ | 1942 | /* generic header printing routine */ | |
1938 | void | 1943 | void | |
1939 | bozo_print_header(bozo_httpreq_t *request, | 1944 | bozo_print_header(bozo_httpreq_t *request, | |
1940 | struct stat *sbp, const char *type, const char *encoding) | 1945 | struct stat *sbp, const char *type, const char *encoding) | |
1941 | { | 1946 | { | |
1942 | bozohttpd_t *httpd = request->hr_httpd; | 1947 | bozohttpd_t *httpd = request->hr_httpd; | |
1943 | off_t len; | 1948 | off_t len; | |
1944 | char date[40]; | 1949 | char date[40]; | |
1945 | bozoheaders_t *hdr; | 1950 | bozoheaders_t *hdr; | |
1946 | 1951 | |||
1947 | SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { | 1952 | SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { | |
@@ -2066,26 +2071,29 @@ bozo_escape_html(bozohttpd_t *httpd, con | @@ -2066,26 +2071,29 @@ bozo_escape_html(bozohttpd_t *httpd, con | |||
2066 | int i, j; | 2071 | int i, j; | |
2067 | char *tmp; | 2072 | char *tmp; | |
2068 | size_t len; | 2073 | size_t len; | |
2069 | 2074 | |||
2070 | for (i = 0, j = 0; url[i]; i++) { | 2075 | for (i = 0, j = 0; url[i]; i++) { | |
2071 | switch (url[i]) { | 2076 | switch (url[i]) { | |
2072 | case '<': | 2077 | case '<': | |
2073 | case '>': | 2078 | case '>': | |
2074 | j += 4; | 2079 | j += 4; | |
2075 | break; | 2080 | break; | |
2076 | case '&': | 2081 | case '&': | |
2077 | j += 5; | 2082 | j += 5; | |
2078 | break; | 2083 | break; | |
2084 | case '"': | |||
2085 | j += 6; | |||
2086 | break; | |||
2079 | } | 2087 | } | |
2080 | } | 2088 | } | |
2081 | 2089 | |||
2082 | if (j == 0) | 2090 | if (j == 0) | |
2083 | return NULL; | 2091 | return NULL; | |
2084 | 2092 | |||
2085 | /* | 2093 | /* | |
2086 | * we need to handle being called from different | 2094 | * we need to handle being called from different | |
2087 | * pathnames. | 2095 | * pathnames. | |
2088 | */ | 2096 | */ | |
2089 | len = strlen(url) + j; | 2097 | len = strlen(url) + j; | |
2090 | if (httpd) | 2098 | if (httpd) | |
2091 | tmp = bozomalloc(httpd, len); | 2099 | tmp = bozomalloc(httpd, len); | |
@@ -2096,26 +2104,30 @@ bozo_escape_html(bozohttpd_t *httpd, con | @@ -2096,26 +2104,30 @@ bozo_escape_html(bozohttpd_t *httpd, con | |||
2096 | switch (url[i]) { | 2104 | switch (url[i]) { | |
2097 | case '<': | 2105 | case '<': | |
2098 | memcpy(tmp + j, "<", 4); | 2106 | memcpy(tmp + j, "<", 4); | |
2099 | j += 4; | 2107 | j += 4; | |
2100 | break; | 2108 | break; | |
2101 | case '>': | 2109 | case '>': | |
2102 | memcpy(tmp + j, ">", 4); | 2110 | memcpy(tmp + j, ">", 4); | |
2103 | j += 4; | 2111 | j += 4; | |
2104 | break; | 2112 | break; | |
2105 | case '&': | 2113 | case '&': | |
2106 | memcpy(tmp + j, "&", 5); | 2114 | memcpy(tmp + j, "&", 5); | |
2107 | j += 5; | 2115 | j += 5; | |
2108 | break; | 2116 | break; | |
2117 | case '"': | |||
2118 | memcpy(tmp + j, """, 6); | |||
2119 | j += 6; | |||
2120 | break; | |||
2109 | default: | 2121 | default: | |
2110 | tmp[j++] = url[i]; | 2122 | tmp[j++] = url[i]; | |
2111 | } | 2123 | } | |
2112 | } | 2124 | } | |
2113 | tmp[j] = 0; | 2125 | tmp[j] = 0; | |
2114 | 2126 | |||
2115 | return tmp; | 2127 | return tmp; | |
2116 | } | 2128 | } | |
2117 | 2129 | |||
2118 | /* short map between error code, and short/long messages */ | 2130 | /* short map between error code, and short/long messages */ | |
2119 | static struct errors_map { | 2131 | static struct errors_map { | |
2120 | int code; /* HTTP return code */ | 2132 | int code; /* HTTP return code */ | |
2121 | const char *shortmsg; /* short version of message */ | 2133 | const char *shortmsg; /* short version of message */ | |
@@ -2240,27 +2252,28 @@ bozo_http_error(bozohttpd_t *httpd, int | @@ -2240,27 +2252,28 @@ bozo_http_error(bozohttpd_t *httpd, int | |||
2240 | bozo_auth_check_401(request, code); | 2252 | bozo_auth_check_401(request, code); | |
2241 | SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { | 2253 | SIMPLEQ_FOREACH(hdr, &request->hr_replheaders, h_next) { | |
2242 | bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, | 2254 | bozo_printf(httpd, "%s: %s\r\n", hdr->h_header, | |
2243 | hdr->h_value); | 2255 | hdr->h_value); | |
2244 | } | 2256 | } | |
2245 | } | 2257 | } | |
2246 | 2258 | |||
2247 | bozo_printf(httpd, "Content-Type: text/html\r\n"); | 2259 | bozo_printf(httpd, "Content-Type: text/html\r\n"); | |
2248 | bozo_printf(httpd, "Content-Length: %d\r\n", size); | 2260 | bozo_printf(httpd, "Content-Length: %d\r\n", size); | |
2249 | bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); | 2261 | bozo_printf(httpd, "Server: %s\r\n", httpd->server_software); | |
2250 | if (request && request->hr_allow) | 2262 | if (request && request->hr_allow) | |
2251 | bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); | 2263 | bozo_printf(httpd, "Allow: %s\r\n", request->hr_allow); | |
2252 | /* RFC 7231 (HTTP/1.1) 6.5.7 */ | 2264 | /* RFC 7231 (HTTP/1.1) 6.5.7 */ | |
2253 | if (code == 408 && request->hr_proto == httpd->consts.http_11) | 2265 | if (code == 408 && request && | |
2266 | request->hr_proto == httpd->consts.http_11) | |||
2254 | bozo_printf(httpd, "Connection: close\r\n"); | 2267 | bozo_printf(httpd, "Connection: close\r\n"); | |
2255 | bozo_printf(httpd, "\r\n"); | 2268 | bozo_printf(httpd, "\r\n"); | |
2256 | /* According to the RFC 2616 sec. 9.4 HEAD method MUST NOT return a | 2269 | /* According to the RFC 2616 sec. 9.4 HEAD method MUST NOT return a | |
2257 | * message-body in the response */ | 2270 | * message-body in the response */ | |
2258 | if (size && request && request->hr_method != HTTP_HEAD) | 2271 | if (size && request && request->hr_method != HTTP_HEAD) | |
2259 | bozo_printf(httpd, "%s", httpd->errorbuf); | 2272 | bozo_printf(httpd, "%s", httpd->errorbuf); | |
2260 | bozo_flush(httpd, stdout); | 2273 | bozo_flush(httpd, stdout); | |
2261 | 2274 | |||
2262 | return code; | 2275 | return code; | |
2263 | } | 2276 | } | |
2264 | 2277 | |||
2265 | /* Below are various modified libc functions */ | 2278 | /* Below are various modified libc functions */ | |
2266 | 2279 | |||
@@ -2448,26 +2461,28 @@ bozo_init_prefs(bozohttpd_t *httpd, bozo | @@ -2448,26 +2461,28 @@ bozo_init_prefs(bozohttpd_t *httpd, bozo | |||
2448 | { | 2461 | { | |
2449 | int rv = 0; | 2462 | int rv = 0; | |
2450 | 2463 | |||
2451 | /* make sure everything is clean */ | 2464 | /* make sure everything is clean */ | |
2452 | (void) memset(prefs, 0x0, sizeof(*prefs)); | 2465 | (void) memset(prefs, 0x0, sizeof(*prefs)); | |
2453 | 2466 | |||
2454 | /* set up default values */ | 2467 | /* set up default values */ | |
2455 | if (!bozo_set_pref(httpd, prefs, "server software", SERVER_SOFTWARE)) | 2468 | if (!bozo_set_pref(httpd, prefs, "server software", SERVER_SOFTWARE)) | |
2456 | rv = 1; | 2469 | rv = 1; | |
2457 | if (!bozo_set_pref(httpd, prefs, "index.html", INDEX_HTML)) | 2470 | if (!bozo_set_pref(httpd, prefs, "index.html", INDEX_HTML)) | |
2458 | rv = 1; | 2471 | rv = 1; | |
2459 | if (!bozo_set_pref(httpd, prefs, "public_html", PUBLIC_HTML)) | 2472 | if (!bozo_set_pref(httpd, prefs, "public_html", PUBLIC_HTML)) | |
2460 | rv = 1; | 2473 | rv = 1; | |
2474 | if (!bozo_set_pref(httpd, prefs, "ssl timeout", SSL_TIMEOUT)) | |||
2475 | rv = 1; | |||
2461 | if (!bozo_set_pref(httpd, prefs, "initial timeout", INITIAL_TIMEOUT)) | 2476 | if (!bozo_set_pref(httpd, prefs, "initial timeout", INITIAL_TIMEOUT)) | |
2462 | rv = 1; | 2477 | rv = 1; | |
2463 | if (!bozo_set_pref(httpd, prefs, "header timeout", HEADER_WAIT_TIME)) | 2478 | if (!bozo_set_pref(httpd, prefs, "header timeout", HEADER_WAIT_TIME)) | |
2464 | rv = 1; | 2479 | rv = 1; | |
2465 | if (!bozo_set_pref(httpd, prefs, "request timeout", TOTAL_MAX_REQ_TIME)) | 2480 | if (!bozo_set_pref(httpd, prefs, "request timeout", TOTAL_MAX_REQ_TIME)) | |
2466 | rv = 1; | 2481 | rv = 1; | |
2467 | 2482 | |||
2468 | return rv; | 2483 | return rv; | |
2469 | } | 2484 | } | |
2470 | 2485 | |||
2471 | /* set default values */ | 2486 | /* set default values */ | |
2472 | int | 2487 | int | |
2473 | bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) | 2488 | bozo_set_defaults(bozohttpd_t *httpd, bozoprefs_t *prefs) | |
@@ -2548,26 +2563,29 @@ bozo_setup(bozohttpd_t *httpd, bozoprefs | @@ -2548,26 +2563,29 @@ bozo_setup(bozohttpd_t *httpd, bozoprefs | |||
2548 | dirtyenv = 1; | 2563 | dirtyenv = 1; | |
2549 | } | 2564 | } | |
2550 | if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && | 2565 | if ((cp = bozo_get_pref(prefs, "hide dots")) != NULL && | |
2551 | strcmp(cp, "true") == 0) { | 2566 | strcmp(cp, "true") == 0) { | |
2552 | httpd->hide_dots = 1; | 2567 | httpd->hide_dots = 1; | |
2553 | } | 2568 | } | |
2554 | if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && | 2569 | if ((cp = bozo_get_pref(prefs, "directory indexing")) != NULL && | |
2555 | strcmp(cp, "true") == 0) { | 2570 | strcmp(cp, "true") == 0) { | |
2556 | httpd->dir_indexing = 1; | 2571 | httpd->dir_indexing = 1; | |
2557 | } | 2572 | } | |
2558 | if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { | 2573 | if ((cp = bozo_get_pref(prefs, "public_html")) != NULL) { | |
2559 | httpd->public_html = bozostrdup(httpd, NULL, cp); | 2574 | httpd->public_html = bozostrdup(httpd, NULL, cp); | |
2560 | } | 2575 | } | |
2576 | if ((cp = bozo_get_pref(prefs, "ssl timeout")) != NULL) { | |||
2577 | httpd->ssl_timeout = atoi(cp); | |||
2578 | } | |||
2561 | if ((cp = bozo_get_pref(prefs, "initial timeout")) != NULL) { | 2579 | if ((cp = bozo_get_pref(prefs, "initial timeout")) != NULL) { | |
2562 | httpd->initial_timeout = atoi(cp); | 2580 | httpd->initial_timeout = atoi(cp); | |
2563 | } | 2581 | } | |
2564 | if ((cp = bozo_get_pref(prefs, "header timeout")) != NULL) { | 2582 | if ((cp = bozo_get_pref(prefs, "header timeout")) != NULL) { | |
2565 | httpd->header_timeout = atoi(cp); | 2583 | httpd->header_timeout = atoi(cp); | |
2566 | } | 2584 | } | |
2567 | if ((cp = bozo_get_pref(prefs, "request timeout")) != NULL) { | 2585 | if ((cp = bozo_get_pref(prefs, "request timeout")) != NULL) { | |
2568 | httpd->request_timeout = atoi(cp); | 2586 | httpd->request_timeout = atoi(cp); | |
2569 | } | 2587 | } | |
2570 | httpd->server_software = | 2588 | httpd->server_software = | |
2571 | bozostrdup(httpd, NULL, bozo_get_pref(prefs, "server software")); | 2589 | bozostrdup(httpd, NULL, bozo_get_pref(prefs, "server software")); | |
2572 | httpd->index_html = | 2590 | httpd->index_html = | |
2573 | bozostrdup(httpd, NULL, bozo_get_pref(prefs, "index.html")); | 2591 | bozostrdup(httpd, NULL, bozo_get_pref(prefs, "index.html")); |
--- src/libexec/httpd/bozohttpd.h 2018/11/28 19:56:09 1.33.2.6.2.2
+++ src/libexec/httpd/bozohttpd.h 2019/06/15 15:56:21 1.33.2.6.2.3
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: bozohttpd.h,v 1.33.2.6.2.2 2018/11/28 19:56:09 martin Exp $ */ | 1 | /* $NetBSD: bozohttpd.h,v 1.33.2.6.2.3 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -24,26 +24,29 @@ | @@ -24,26 +24,29 @@ | |||
24 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | 24 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
25 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | 25 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
26 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | 26 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
27 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | 27 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | 28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
29 | * SUCH DAMAGE. | 29 | * SUCH DAMAGE. | |
30 | * | 30 | * | |
31 | */ | 31 | */ | |
32 | #ifndef BOZOHTTOPD_H_ | 32 | #ifndef BOZOHTTOPD_H_ | |
33 | #define BOZOHTTOPD_H_ 1 | 33 | #define BOZOHTTOPD_H_ 1 | |
34 | 34 | |||
35 | #include "netbsd_queue.h" | 35 | #include "netbsd_queue.h" | |
36 | 36 | |||
37 | #include <stdbool.h> | |||
38 | #include <signal.h> | |||
39 | ||||
37 | #include <sys/stat.h> | 40 | #include <sys/stat.h> | |
38 | 41 | |||
39 | #ifndef NO_LUA_SUPPORT | 42 | #ifndef NO_LUA_SUPPORT | |
40 | #include <lua.h> | 43 | #include <lua.h> | |
41 | #endif | 44 | #endif | |
42 | #include <stdio.h> | 45 | #include <stdio.h> | |
43 | 46 | |||
44 | /* QNX provides a lot of NetBSD things in nbutil.h */ | 47 | /* QNX provides a lot of NetBSD things in nbutil.h */ | |
45 | #ifdef HAVE_NBUTIL_H | 48 | #ifdef HAVE_NBUTIL_H | |
46 | #include <nbutil.h> | 49 | #include <nbutil.h> | |
47 | #endif | 50 | #endif | |
48 | 51 | |||
49 | /* lots of "const" but gets free()'ed etc at times, sigh */ | 52 | /* lots of "const" but gets free()'ed etc at times, sigh */ | |
@@ -107,26 +110,27 @@ typedef struct bozohttpd_t { | @@ -107,26 +110,27 @@ typedef struct bozohttpd_t { | |||
107 | const char *server_software;/* our brand :-) */ | 110 | const char *server_software;/* our brand :-) */ | |
108 | const char *index_html; /* our home page */ | 111 | const char *index_html; /* our home page */ | |
109 | const char *public_html; /* ~user/public_html page */ | 112 | const char *public_html; /* ~user/public_html page */ | |
110 | int enable_users; /* enable public_html */ | 113 | int enable_users; /* enable public_html */ | |
111 | int enable_cgi_users; /* use the cgi handler */ | 114 | int enable_cgi_users; /* use the cgi handler */ | |
112 | int *sock; /* bound sockets */ | 115 | int *sock; /* bound sockets */ | |
113 | int nsock; /* number of above */ | 116 | int nsock; /* number of above */ | |
114 | struct pollfd *fds; /* current poll fd set */ | 117 | struct pollfd *fds; /* current poll fd set */ | |
115 | int request_times; /* # times a request was processed */ | 118 | int request_times; /* # times a request was processed */ | |
116 | int dir_indexing; /* handle directories */ | 119 | int dir_indexing; /* handle directories */ | |
117 | int hide_dots; /* hide .* */ | 120 | int hide_dots; /* hide .* */ | |
118 | int process_cgi; /* use the cgi handler */ | 121 | int process_cgi; /* use the cgi handler */ | |
119 | char *cgibin; /* cgi-bin directory */ | 122 | char *cgibin; /* cgi-bin directory */ | |
123 | unsigned ssl_timeout; /* ssl timeout */ | |||
120 | unsigned initial_timeout;/* first line timeout */ | 124 | unsigned initial_timeout;/* first line timeout */ | |
121 | unsigned header_timeout; /* header lines timeout */ | 125 | unsigned header_timeout; /* header lines timeout */ | |
122 | unsigned request_timeout;/* total session timeout */ | 126 | unsigned request_timeout;/* total session timeout */ | |
123 | #ifndef NO_LUA_SUPPORT | 127 | #ifndef NO_LUA_SUPPORT | |
124 | int process_lua; /* use the Lua handler */ | 128 | int process_lua; /* use the Lua handler */ | |
125 | SIMPLEQ_HEAD(, lua_state_map) lua_states; | 129 | SIMPLEQ_HEAD(, lua_state_map) lua_states; | |
126 | #endif | 130 | #endif | |
127 | void *sslinfo; /* pointer to ssl struct */ | 131 | void *sslinfo; /* pointer to ssl struct */ | |
128 | int dynamic_content_map_size;/* size of dyn cont map */ | 132 | int dynamic_content_map_size;/* size of dyn cont map */ | |
129 | bozo_content_map_t *dynamic_content_map;/* dynamic content map */ | 133 | bozo_content_map_t *dynamic_content_map;/* dynamic content map */ | |
130 | size_t mmapsz; /* size of region to mmap */ | 134 | size_t mmapsz; /* size of region to mmap */ | |
131 | char *getln_buffer; /* space for getln buffer */ | 135 | char *getln_buffer; /* space for getln buffer */ | |
132 | ssize_t getln_buflen; /* length of allocated space */ | 136 | ssize_t getln_buflen; /* length of allocated space */ | |
@@ -185,26 +189,36 @@ typedef struct bozo_httpreq_t { | @@ -185,26 +189,36 @@ typedef struct bozo_httpreq_t { | |||
185 | /* helper to access the "active" host name from a httpd/request pair */ | 189 | /* helper to access the "active" host name from a httpd/request pair */ | |
186 | #define BOZOHOST(HTTPD,REQUEST) ((REQUEST)->hr_virthostname ? \ | 190 | #define BOZOHOST(HTTPD,REQUEST) ((REQUEST)->hr_virthostname ? \ | |
187 | (REQUEST)->hr_virthostname : \ | 191 | (REQUEST)->hr_virthostname : \ | |
188 | (HTTPD)->virthostname) | 192 | (HTTPD)->virthostname) | |
189 | 193 | |||
190 | /* structure to hold string based (name, value) pairs with preferences */ | 194 | /* structure to hold string based (name, value) pairs with preferences */ | |
191 | typedef struct bozoprefs_t { | 195 | typedef struct bozoprefs_t { | |
192 | size_t size; /* size of the two arrays */ | 196 | size_t size; /* size of the two arrays */ | |
193 | size_t count; /* # of entries in arrays */ | 197 | size_t count; /* # of entries in arrays */ | |
194 | char **name; /* names of each entry */ | 198 | char **name; /* names of each entry */ | |
195 | char **value; /* values for the name entries */ | 199 | char **value; /* values for the name entries */ | |
196 | } bozoprefs_t; | 200 | } bozoprefs_t; | |
197 | 201 | |||
202 | /* sun2 has a tiny VA range */ | |||
203 | #ifdef __mc68010__ | |||
204 | #ifndef BOZO_WRSZ | |||
205 | #define BOZO_WRSZ (16 * 1024) | |||
206 | #endif | |||
207 | #ifndef BOZO_MMAPSZ | |||
208 | #define BOZO_MMAPSZ (BOZO_WRSZ * 4) | |||
209 | #endif | |||
210 | #endif | |||
211 | ||||
198 | /* by default write in upto 64KiB chunks, and mmap in upto 64MiB chunks */ | 212 | /* by default write in upto 64KiB chunks, and mmap in upto 64MiB chunks */ | |
199 | #ifndef BOZO_WRSZ | 213 | #ifndef BOZO_WRSZ | |
200 | #define BOZO_WRSZ (64 * 1024) | 214 | #define BOZO_WRSZ (64 * 1024) | |
201 | #endif | 215 | #endif | |
202 | #ifndef BOZO_MMAPSZ | 216 | #ifndef BOZO_MMAPSZ | |
203 | #define BOZO_MMAPSZ (BOZO_WRSZ * 1024) | 217 | #define BOZO_MMAPSZ (BOZO_WRSZ * 1024) | |
204 | #endif | 218 | #endif | |
205 | 219 | |||
206 | /* only allow this many total headers bytes */ | 220 | /* only allow this many total headers bytes */ | |
207 | #define BOZO_HEADERS_MAX_SIZE (16 * 1024) | 221 | #define BOZO_HEADERS_MAX_SIZE (16 * 1024) | |
208 | 222 | |||
209 | /* debug flags */ | 223 | /* debug flags */ | |
210 | #define DEBUG_NORMAL 1 | 224 | #define DEBUG_NORMAL 1 | |
@@ -249,27 +263,27 @@ void debug__(bozohttpd_t *, int, const c | @@ -249,27 +263,27 @@ void debug__(bozohttpd_t *, int, const c | |||
249 | #ifndef ABSREDIRECT_FILE | 263 | #ifndef ABSREDIRECT_FILE | |
250 | #define ABSREDIRECT_FILE ".bzabsredirect" | 264 | #define ABSREDIRECT_FILE ".bzabsredirect" | |
251 | #endif | 265 | #endif | |
252 | #ifndef REMAP_FILE | 266 | #ifndef REMAP_FILE | |
253 | #define REMAP_FILE ".bzremap" | 267 | #define REMAP_FILE ".bzremap" | |
254 | #endif | 268 | #endif | |
255 | #ifndef AUTH_FILE | 269 | #ifndef AUTH_FILE | |
256 | #define AUTH_FILE ".htpasswd" | 270 | #define AUTH_FILE ".htpasswd" | |
257 | #endif | 271 | #endif | |
258 | 272 | |||
259 | /* be sure to always return this error up */ | 273 | /* be sure to always return this error up */ | |
260 | int bozo_http_error(bozohttpd_t *, int, bozo_httpreq_t *, const char *); | 274 | int bozo_http_error(bozohttpd_t *, int, bozo_httpreq_t *, const char *); | |
261 | 275 | |||
262 | int bozo_check_special_files(bozo_httpreq_t *, const char *) BOZO_CHECKRET; | 276 | int bozo_check_special_files(bozo_httpreq_t *, const char *, bool) BOZO_CHECKRET; | |
263 | char *bozo_http_date(char *, size_t); | 277 | char *bozo_http_date(char *, size_t); | |
264 | void bozo_print_header(bozo_httpreq_t *, struct stat *, const char *, | 278 | void bozo_print_header(bozo_httpreq_t *, struct stat *, const char *, | |
265 | const char *); | 279 | const char *); | |
266 | char *bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url, int absolute); | 280 | char *bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url, int absolute); | |
267 | char *bozo_escape_html(bozohttpd_t *httpd, const char *url); | 281 | char *bozo_escape_html(bozohttpd_t *httpd, const char *url); | |
268 | int bozo_decode_url_percent(bozo_httpreq_t *, char *); | 282 | int bozo_decode_url_percent(bozo_httpreq_t *, char *); | |
269 | 283 | |||
270 | /* these are similar to libc functions, no underscore here */ | 284 | /* these are similar to libc functions, no underscore here */ | |
271 | void bozowarn(bozohttpd_t *, const char *, ...) | 285 | void bozowarn(bozohttpd_t *, const char *, ...) | |
272 | BOZO_PRINTFLIKE(2, 3); | 286 | BOZO_PRINTFLIKE(2, 3); | |
273 | void bozoerr(bozohttpd_t *, int, const char *, ...) | 287 | void bozoerr(bozohttpd_t *, int, const char *, ...) | |
274 | BOZO_PRINTFLIKE(3, 4) | 288 | BOZO_PRINTFLIKE(3, 4) | |
275 | BOZO_DEAD; | 289 | BOZO_DEAD; | |
@@ -422,14 +436,16 @@ void bozo_process_request(bozo_httpreq_t | @@ -422,14 +436,16 @@ void bozo_process_request(bozo_httpreq_t | |||
422 | void bozo_clean_request(bozo_httpreq_t *); | 436 | void bozo_clean_request(bozo_httpreq_t *); | |
423 | int bozo_set_timeout(bozohttpd_t *, bozoprefs_t *, const char *, const char *); | 437 | int bozo_set_timeout(bozohttpd_t *, bozoprefs_t *, const char *, const char *); | |
424 | bozoheaders_t *addmerge_reqheader(bozo_httpreq_t *, const char *, | 438 | bozoheaders_t *addmerge_reqheader(bozo_httpreq_t *, const char *, | |
425 | const char *, ssize_t); | 439 | const char *, ssize_t); | |
426 | bozoheaders_t *addmerge_replheader(bozo_httpreq_t *, const char *, | 440 | bozoheaders_t *addmerge_replheader(bozo_httpreq_t *, const char *, | |
427 | const char *, ssize_t); | 441 | const char *, ssize_t); | |
428 | 442 | |||
429 | /* variables */ | 443 | /* variables */ | |
430 | int bozo_set_pref(bozohttpd_t *, bozoprefs_t *, const char *, const char *); | 444 | int bozo_set_pref(bozohttpd_t *, bozoprefs_t *, const char *, const char *); | |
431 | char *bozo_get_pref(bozoprefs_t *, const char *); | 445 | char *bozo_get_pref(bozoprefs_t *, const char *); | |
432 | 446 | |||
433 | int bozo_get_version(char */*buf*/, size_t /*size*/); | 447 | int bozo_get_version(char */*buf*/, size_t /*size*/); | |
434 | 448 | |||
449 | extern volatile sig_atomic_t bozo_timeout_hit; | |||
450 | ||||
435 | #endif /* BOZOHTTOPD_H_ */ | 451 | #endif /* BOZOHTTOPD_H_ */ |
--- src/libexec/httpd/cgi-bozo.c 2018/11/28 19:56:09 1.25.2.7.2.3
+++ src/libexec/httpd/cgi-bozo.c 2019/06/15 15:56:21 1.25.2.7.2.4
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: cgi-bozo.c,v 1.25.2.7.2.3 2018/11/28 19:56:09 martin Exp $ */ | 1 | /* $NetBSD: cgi-bozo.c,v 1.25.2.7.2.4 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -231,30 +231,30 @@ parse_search_string(bozo_httpreq_t *requ | @@ -231,30 +231,30 @@ parse_search_string(bozo_httpreq_t *requ | |||
231 | /* | 231 | /* | |
232 | * there's no more arguments than '+' chars in the query string as it's | 232 | * there's no more arguments than '+' chars in the query string as it's | |
233 | * the separator | 233 | * the separator | |
234 | */ | 234 | */ | |
235 | *args_len = 1; | 235 | *args_len = 1; | |
236 | /* count '+' in str */ | 236 | /* count '+' in str */ | |
237 | for (s = str; (s = strchr(s, '+')) != NULL; (*args_len)++) | 237 | for (s = str; (s = strchr(s, '+')) != NULL; (*args_len)++) | |
238 | s++; | 238 | s++; | |
239 | 239 | |||
240 | args = bozomalloc(httpd, sizeof(*args) * (*args_len + 1)); | 240 | args = bozomalloc(httpd, sizeof(*args) * (*args_len + 1)); | |
241 | 241 | |||
242 | args[0] = str; | 242 | args[0] = str; | |
243 | args[*args_len] = NULL; | 243 | args[*args_len] = NULL; | |
244 | for (s = str, i = 0; (s = strchr(s, '+')) != NULL;) { | 244 | for (s = str, i = 1; (s = strchr(s, '+')) != NULL; i++) { | |
245 | *s = '\0'; | 245 | *s = '\0'; | |
246 | s++; | 246 | s++; | |
247 | args[i++] = s; | 247 | args[i] = s; | |
248 | } | 248 | } | |
249 | 249 | |||
250 | /* | 250 | /* | |
251 | * check if search-strings are valid: | 251 | * check if search-strings are valid: | |
252 | * | 252 | * | |
253 | * RFC3875, section 4.4: | 253 | * RFC3875, section 4.4: | |
254 | * | 254 | * | |
255 | * search-string = search-word *( "+" search-word ) | 255 | * search-string = search-word *( "+" search-word ) | |
256 | * search-word = 1*schar | 256 | * search-word = 1*schar | |
257 | * schar = unreserved | escaped | xreserved | 257 | * schar = unreserved | escaped | xreserved | |
258 | * xreserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "," | | 258 | * xreserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "," | | |
259 | * "$" | 259 | * "$" | |
260 | * | 260 | * | |
@@ -323,28 +323,27 @@ parse_search_string(bozo_httpreq_t *requ | @@ -323,28 +323,27 @@ parse_search_string(bozo_httpreq_t *requ | |||
323 | if (bozo_decode_url_percent(request, args[i])) | 323 | if (bozo_decode_url_percent(request, args[i])) | |
324 | goto parse_err; | 324 | goto parse_err; | |
325 | } | 325 | } | |
326 | 326 | |||
327 | /* allocate each arg separately */ | 327 | /* allocate each arg separately */ | |
328 | for (i = 0; i < *args_len; i++) | 328 | for (i = 0; i < *args_len; i++) | |
329 | args[i] = bozostrdup(httpd, request, args[i]); | 329 | args[i] = bozostrdup(httpd, request, args[i]); | |
330 | free(str); | 330 | free(str); | |
331 | 331 | |||
332 | return args; | 332 | return args; | |
333 | 333 | |||
334 | parse_err: | 334 | parse_err: | |
335 | 335 | |||
336 | free (str); | 336 | free(str); | |
337 | free (*args); | |||
338 | free(args); | 337 | free(args); | |
339 | *args_len = 0; | 338 | *args_len = 0; | |
340 | 339 | |||
341 | return NULL; | 340 | return NULL; | |
342 | 341 | |||
343 | } | 342 | } | |
344 | 343 | |||
345 | void | 344 | void | |
346 | bozo_cgi_setbin(bozohttpd_t *httpd, const char *path) | 345 | bozo_cgi_setbin(bozohttpd_t *httpd, const char *path) | |
347 | { | 346 | { | |
348 | httpd->cgibin = bozostrdup(httpd, NULL, path); | 347 | httpd->cgibin = bozostrdup(httpd, NULL, path); | |
349 | debug((httpd, DEBUG_OBESE, "cgibin (cgi-bin directory) is %s", | 348 | debug((httpd, DEBUG_OBESE, "cgibin (cgi-bin directory) is %s", | |
350 | httpd->cgibin)); | 349 | httpd->cgibin)); | |
@@ -484,26 +483,27 @@ bozo_process_cgi(bozo_httpreq_t *request | @@ -484,26 +483,27 @@ bozo_process_cgi(bozo_httpreq_t *request | |||
484 | argv[ix++] = NULL; | 483 | argv[ix++] = NULL; | |
485 | nph = strncmp(command, "nph-", 4) == 0; | 484 | nph = strncmp(command, "nph-", 4) == 0; | |
486 | 485 | |||
487 | type = request->hr_content_type; | 486 | type = request->hr_content_type; | |
488 | clen = request->hr_content_length; | 487 | clen = request->hr_content_length; | |
489 | 488 | |||
490 | envpsize = 13 + request->hr_nheaders + | 489 | envpsize = 13 + request->hr_nheaders + | |
491 | (info && *info ? 1 : 0) + | 490 | (info && *info ? 1 : 0) + | |
492 | (query && *query ? 1 : 0) + | 491 | (query && *query ? 1 : 0) + | |
493 | (type && *type ? 1 : 0) + | 492 | (type && *type ? 1 : 0) + | |
494 | (clen && *clen ? 1 : 0) + | 493 | (clen && *clen ? 1 : 0) + | |
495 | (request->hr_remotehost && *request->hr_remotehost ? 1 : 0) + | 494 | (request->hr_remotehost && *request->hr_remotehost ? 1 : 0) + | |
496 | (request->hr_remoteaddr && *request->hr_remoteaddr ? 1 : 0) + | 495 | (request->hr_remoteaddr && *request->hr_remoteaddr ? 1 : 0) + | |
496 | (cgihandler ? 1 : 0) + | |||
497 | bozo_auth_cgi_count(request) + | 497 | bozo_auth_cgi_count(request) + | |
498 | (request->hr_serverport && *request->hr_serverport ? 1 : 0); | 498 | (request->hr_serverport && *request->hr_serverport ? 1 : 0); | |
499 | 499 | |||
500 | debug((httpd, DEBUG_FAT, | 500 | debug((httpd, DEBUG_FAT, | |
501 | "%s: path `%s', cmd `%s', info `%s', " | 501 | "%s: path `%s', cmd `%s', info `%s', " | |
502 | "query `%s', nph `%d', envpsize `%d'", __func__, | 502 | "query `%s', nph `%d', envpsize `%d'", __func__, | |
503 | path, command, strornull(info), | 503 | path, command, strornull(info), | |
504 | strornull(query), nph, envpsize)); | 504 | strornull(query), nph, envpsize)); | |
505 | 505 | |||
506 | envp = bozomalloc(httpd, sizeof(*envp) * envpsize); | 506 | envp = bozomalloc(httpd, sizeof(*envp) * envpsize); | |
507 | for (ix = 0; ix < envpsize; ix++) | 507 | for (ix = 0; ix < envpsize; ix++) | |
508 | envp[ix] = NULL; | 508 | envp[ix] = NULL; | |
509 | curenvp = envp; | 509 | curenvp = envp; | |
@@ -600,29 +600,32 @@ bozo_process_cgi(bozo_httpreq_t *request | @@ -600,29 +600,32 @@ bozo_process_cgi(bozo_httpreq_t *request | |||
600 | switch (fork()) { | 600 | switch (fork()) { | |
601 | case -1: /* eep, failure */ | 601 | case -1: /* eep, failure */ | |
602 | bozoerr(httpd, 1, "child fork failed: %s", strerror(errno)); | 602 | bozoerr(httpd, 1, "child fork failed: %s", strerror(errno)); | |
603 | /*NOTREACHED*/ | 603 | /*NOTREACHED*/ | |
604 | case 0: | 604 | case 0: | |
605 | close(sv[0]); | 605 | close(sv[0]); | |
606 | dup2(sv[1], STDIN_FILENO); | 606 | dup2(sv[1], STDIN_FILENO); | |
607 | dup2(sv[1], STDOUT_FILENO); | 607 | dup2(sv[1], STDOUT_FILENO); | |
608 | close(2); | 608 | close(2); | |
609 | close(sv[1]); | 609 | close(sv[1]); | |
610 | closelog(); | 610 | closelog(); | |
611 | bozo_daemon_closefds(httpd); | 611 | bozo_daemon_closefds(httpd); | |
612 | 612 | |||
613 | if (-1 == execve(path, argv, envp)) | 613 | if (-1 == execve(path, argv, envp)) { | |
614 | bozo_http_error(httpd, 404, request, | |||
615 | "Cannot execute CGI"); | |||
614 | bozoerr(httpd, 1, "child exec failed: %s: %s", | 616 | bozoerr(httpd, 1, "child exec failed: %s: %s", | |
615 | path, strerror(errno)); | 617 | path, strerror(errno)); | |
618 | } | |||
616 | /* NOT REACHED */ | 619 | /* NOT REACHED */ | |
617 | bozoerr(httpd, 1, "child execve returned?!"); | 620 | bozoerr(httpd, 1, "child execve returned?!"); | |
618 | } | 621 | } | |
619 | 622 | |||
620 | free(query); | 623 | free(query); | |
621 | free(file); | 624 | free(file); | |
622 | free(url); | 625 | free(url); | |
623 | for (i = 0; i < search_string_argc; i++) | 626 | for (i = 0; i < search_string_argc; i++) | |
624 | free(search_string_argv[i]); | 627 | free(search_string_argv[i]); | |
625 | free(search_string_argv); | 628 | free(search_string_argv); | |
626 | 629 | |||
627 | close(sv[1]); | 630 | close(sv[1]); | |
628 | 631 |
--- src/libexec/httpd/daemon-bozo.c 2018/11/24 17:23:20 1.16.4.1.4.1
+++ src/libexec/httpd/daemon-bozo.c 2019/06/15 15:56:21 1.16.4.1.4.2
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: daemon-bozo.c,v 1.16.4.1.4.1 2018/11/24 17:23:20 martin Exp $ */ | 1 | /* $NetBSD: daemon-bozo.c,v 1.16.4.1.4.2 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: daemon-bozo.c,v 1.24 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: daemon-bozo.c,v 1.24 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -195,27 +195,27 @@ bozo_daemon_closefds(bozohttpd_t *httpd) | @@ -195,27 +195,27 @@ bozo_daemon_closefds(bozohttpd_t *httpd) | |||
195 | static void | 195 | static void | |
196 | daemon_runchild(bozohttpd_t *httpd, int fd) | 196 | daemon_runchild(bozohttpd_t *httpd, int fd) | |
197 | { | 197 | { | |
198 | httpd->request_times++; | 198 | httpd->request_times++; | |
199 | 199 | |||
200 | /* setup stdin/stdout/stderr */ | 200 | /* setup stdin/stdout/stderr */ | |
201 | dup2(fd, 0); | 201 | dup2(fd, 0); | |
202 | dup2(fd, 1); | 202 | dup2(fd, 1); | |
203 | /*dup2(fd, 2);*/ | 203 | /*dup2(fd, 2);*/ | |
204 | close(fd); | 204 | close(fd); | |
205 | } | 205 | } | |
206 | 206 | |||
207 | static int | 207 | static int | |
208 | daemon_poll_err(bozohttpd_t *httpd, int fd, int idx) | 208 | daemon_poll_err(bozohttpd_t *httpd, int idx) | |
209 | { | 209 | { | |
210 | if ((httpd->fds[idx].revents & (POLLNVAL|POLLERR|POLLHUP)) == 0) | 210 | if ((httpd->fds[idx].revents & (POLLNVAL|POLLERR|POLLHUP)) == 0) | |
211 | return 0; | 211 | return 0; | |
212 | 212 | |||
213 | bozowarn(httpd, "poll on fd %d pid %d revents %d: %s", | 213 | bozowarn(httpd, "poll on fd %d pid %d revents %d: %s", | |
214 | httpd->fds[idx].fd, getpid(), httpd->fds[idx].revents, | 214 | httpd->fds[idx].fd, getpid(), httpd->fds[idx].revents, | |
215 | strerror(errno)); | 215 | strerror(errno)); | |
216 | bozowarn(httpd, "nsock = %d", httpd->nsock); | 216 | bozowarn(httpd, "nsock = %d", httpd->nsock); | |
217 | close(httpd->sock[idx]); | 217 | close(httpd->sock[idx]); | |
218 | httpd->nsock--; | 218 | httpd->nsock--; | |
219 | bozowarn(httpd, "nsock now = %d", httpd->nsock); | 219 | bozowarn(httpd, "nsock now = %d", httpd->nsock); | |
220 | /* no sockets left */ | 220 | /* no sockets left */ | |
221 | if (httpd->nsock == 0) | 221 | if (httpd->nsock == 0) | |
@@ -274,27 +274,27 @@ again: | @@ -274,27 +274,27 @@ again: | |||
274 | errno == EINVAL) | 274 | errno == EINVAL) | |
275 | bozoerr(httpd, 1, "poll: %s", | 275 | bozoerr(httpd, 1, "poll: %s", | |
276 | strerror(errno)); | 276 | strerror(errno)); | |
277 | 277 | |||
278 | /* sleep on some temporary kernel failures */ | 278 | /* sleep on some temporary kernel failures */ | |
279 | if (errno == ENOMEM || | 279 | if (errno == ENOMEM || | |
280 | errno == EAGAIN) | 280 | errno == EAGAIN) | |
281 | sleep(1); | 281 | sleep(1); | |
282 | 282 | |||
283 | goto again; | 283 | goto again; | |
284 | } | 284 | } | |
285 | 285 | |||
286 | for (i = 0; i < httpd->nsock; i++) { | 286 | for (i = 0; i < httpd->nsock; i++) { | |
287 | if (daemon_poll_err(httpd, fd, i)) | 287 | if (daemon_poll_err(httpd, i)) | |
288 | break; | 288 | break; | |
289 | if (httpd->fds[i].revents == 0) | 289 | if (httpd->fds[i].revents == 0) | |
290 | continue; | 290 | continue; | |
291 | 291 | |||
292 | slen = sizeof(ss); | 292 | slen = sizeof(ss); | |
293 | fd = accept(httpd->fds[i].fd, | 293 | fd = accept(httpd->fds[i].fd, | |
294 | (struct sockaddr *)(void *)&ss, &slen); | 294 | (struct sockaddr *)(void *)&ss, &slen); | |
295 | if (fd == -1) { | 295 | if (fd == -1) { | |
296 | if (errno == EFAULT || | 296 | if (errno == EFAULT || | |
297 | errno == EINVAL) | 297 | errno == EINVAL) | |
298 | bozoerr(httpd, 1, "accept: %s", | 298 | bozoerr(httpd, 1, "accept: %s", | |
299 | strerror(errno)); | 299 | strerror(errno)); | |
300 | 300 |
--- src/libexec/httpd/dir-index-bozo.c 2018/11/24 17:23:20 1.19.4.2.4.1
+++ src/libexec/httpd/dir-index-bozo.c 2019/06/15 15:56:21 1.19.4.2.4.2
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: dir-index-bozo.c,v 1.19.4.2.4.1 2018/11/24 17:23:20 martin Exp $ */ | 1 | /* $NetBSD: dir-index-bozo.c,v 1.19.4.2.4.2 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -35,49 +35,39 @@ | @@ -35,49 +35,39 @@ | |||
35 | #ifndef NO_DIRINDEX_SUPPORT | 35 | #ifndef NO_DIRINDEX_SUPPORT | |
36 | 36 | |||
37 | #include <sys/param.h> | 37 | #include <sys/param.h> | |
38 | 38 | |||
39 | #include <dirent.h> | 39 | #include <dirent.h> | |
40 | #include <errno.h> | 40 | #include <errno.h> | |
41 | #include <string.h> | 41 | #include <string.h> | |
42 | #include <stdlib.h> | 42 | #include <stdlib.h> | |
43 | #include <time.h> | 43 | #include <time.h> | |
44 | #include <assert.h> | 44 | #include <assert.h> | |
45 | 45 | |||
46 | #include "bozohttpd.h" | 46 | #include "bozohttpd.h" | |
47 | 47 | |||
48 | static void | |||
49 | directory_hr(bozohttpd_t *httpd) | |||
50 | { | |||
51 | ||||
52 | bozo_printf(httpd, | |||
53 | "<hr noshade align=\"left\" width=\"80%%\">\r\n\r\n"); | |||
54 | } | |||
55 | ||||
56 | /* | 48 | /* | |
57 | * output a directory index. return 1 if it actually did something.. | 49 | * output a directory index. return 1 if it actually did something.. | |
58 | */ | 50 | */ | |
59 | int | 51 | int | |
60 | bozo_dir_index(bozo_httpreq_t *request, const char *dirpath, int isindex) | 52 | bozo_dir_index(bozo_httpreq_t *request, const char *dirpath, int isindex) | |
61 | { | 53 | { | |
62 | bozohttpd_t *httpd = request->hr_httpd; | 54 | bozohttpd_t *httpd = request->hr_httpd; | |
63 | struct stat sb; | 55 | struct stat sb; | |
64 | struct dirent **de, **deo; | 56 | struct dirent **de, **deo; | |
65 | struct tm *tm; | |||
66 | DIR *dp; | 57 | DIR *dp; | |
67 | char buf[MAXPATHLEN]; | 58 | char buf[MAXPATHLEN]; | |
68 | char spacebuf[48]; | 59 | char *file = NULL, *printname = NULL, *p; | |
69 | char *file = NULL, *printname = NULL; | 60 | int k, j; | |
70 | int l, k, j, i; | |||
71 | 61 | |||
72 | if (!isindex || !httpd->dir_indexing) | 62 | if (!isindex || !httpd->dir_indexing) | |
73 | return 0; | 63 | return 0; | |
74 | 64 | |||
75 | if (strlen(dirpath) <= strlen(httpd->index_html)) | 65 | if (strlen(dirpath) <= strlen(httpd->index_html)) | |
76 | dirpath = "."; | 66 | dirpath = "."; | |
77 | else { | 67 | else { | |
78 | file = bozostrdup(httpd, request, dirpath); | 68 | file = bozostrdup(httpd, request, dirpath); | |
79 | 69 | |||
80 | file[strlen(file) - strlen(httpd->index_html)] = '\0'; | 70 | file[strlen(file) - strlen(httpd->index_html)] = '\0'; | |
81 | dirpath = file; | 71 | dirpath = file; | |
82 | } | 72 | } | |
83 | debug((httpd, DEBUG_FAT, "bozo_dir_index: dirpath '%s'", dirpath)); | 73 | debug((httpd, DEBUG_FAT, "bozo_dir_index: dirpath '%s'", dirpath)); | |
@@ -106,120 +96,113 @@ bozo_dir_index(bozo_httpreq_t *request, | @@ -106,120 +96,113 @@ bozo_dir_index(bozo_httpreq_t *request, | |||
106 | closedir(dp); | 96 | closedir(dp); | |
107 | goto done; | 97 | goto done; | |
108 | } | 98 | } | |
109 | 99 | |||
110 | #ifndef NO_USER_SUPPORT | 100 | #ifndef NO_USER_SUPPORT | |
111 | if (request->hr_user) { | 101 | if (request->hr_user) { | |
112 | bozoasprintf(httpd, &printname, "~%s/%s", | 102 | bozoasprintf(httpd, &printname, "~%s/%s", | |
113 | request->hr_user, request->hr_file); | 103 | request->hr_user, request->hr_file); | |
114 | } else | 104 | } else | |
115 | printname = bozostrdup(httpd, request, request->hr_file); | 105 | printname = bozostrdup(httpd, request, request->hr_file); | |
116 | #else | 106 | #else | |
117 | printname = bozostrdup(httpd, request, request->hr_file); | 107 | printname = bozostrdup(httpd, request, request->hr_file); | |
118 | #endif /* !NO_USER_SUPPORT */ | 108 | #endif /* !NO_USER_SUPPORT */ | |
109 | if ((p = strstr(printname, httpd->index_html)) != NULL) { | |||
110 | if (strcmp(printname, httpd->index_html) == 0) | |||
111 | strcpy(printname, "/"); /* is ``slashdir'' */ | |||
112 | else | |||
113 | *p = '\0'; /* strip unwanted ``index_html'' */ | |||
114 | } | |||
115 | if ((p = bozo_escape_html(httpd, printname)) != NULL) { | |||
116 | free(printname); | |||
117 | printname = p; | |||
118 | } | |||
119 | 119 | |||
120 | bozo_printf(httpd, | 120 | bozo_printf(httpd, | |
121 | "<html><head><title>Index of %s</title></head>\r\n", | 121 | "<!DOCTYPE html>\r\n" | |
122 | "<html><head><meta charset=\"utf-8\"/>\r\n" | |||
123 | "<style type=\"text/css\">\r\n" | |||
124 | "table {\r\n" | |||
125 | "\tborder-top: 1px solid black;\r\n" | |||
126 | "\tborder-bottom: 1px solid black;\r\n" | |||
127 | "}\r\n" | |||
128 | "th { background: aquamarine; }\r\n" | |||
129 | "tr:nth-child(even) { background: lavender; }\r\n" | |||
130 | "</style>\r\n"); | |||
131 | bozo_printf(httpd, "<title>Index of %s</title></head>\r\n", | |||
122 | printname); | 132 | printname); | |
123 | bozo_printf(httpd, "<body><h1>Index of %s</h1>\r\n", | 133 | bozo_printf(httpd, "<body><h1>Index of %s</h1>\r\n", | |
124 | printname); | 134 | printname); | |
125 | bozo_printf(httpd, "<pre>\r\n"); | 135 | bozo_printf(httpd, | |
126 | #define NAMELEN 40 | 136 | "<table cols=3>\r\n<thead>\r\n" | |
127 | #define LMODLEN 19 | 137 | "<tr><th>Name<th>Last modified<th align=right>Size\r\n" | |
128 | bozo_printf(httpd, "Name " | 138 | "<tbody>\r\n"); | |
129 | "Last modified " | |||
130 | "Size\n"); | |||
131 | bozo_printf(httpd, "</pre>"); | |||
132 | directory_hr(httpd); | |||
133 | bozo_printf(httpd, "<pre>"); | |||
134 | 139 | |||
135 | for (j = k = scandir(dirpath, &de, NULL, alphasort), deo = de; | 140 | for (j = k = scandir(dirpath, &de, NULL, alphasort), deo = de; | |
136 | j--; de++) { | 141 | j--; de++) { | |
137 | int nostat = 0; | 142 | int nostat = 0; | |
138 | char *name = (*de)->d_name; | 143 | char *name = (*de)->d_name; | |
139 | char *urlname, *htmlname; | 144 | char *urlname, *htmlname; | |
140 | 145 | |||
141 | if (strcmp(name, ".") == 0 || | 146 | if (strcmp(name, ".") == 0 || | |
142 | (strcmp(name, "..") != 0 && | 147 | (strcmp(name, "..") != 0 && | |
143 | httpd->hide_dots && name[0] == '.')) | 148 | httpd->hide_dots && name[0] == '.')) | |
144 | continue; | 149 | continue; | |
145 | 150 | |||
151 | if (bozo_check_special_files(request, name, false)) | |||
152 | continue; | |||
153 | ||||
146 | snprintf(buf, sizeof buf, "%s/%s", dirpath, name); | 154 | snprintf(buf, sizeof buf, "%s/%s", dirpath, name); | |
147 | if (stat(buf, &sb)) | 155 | if (stat(buf, &sb)) | |
148 | nostat = 1; | 156 | nostat = 1; | |
149 | 157 | |||
150 | l = 0; | |||
151 | ||||
152 | urlname = bozo_escape_rfc3986(httpd, name, 0); | 158 | urlname = bozo_escape_rfc3986(httpd, name, 0); | |
153 | htmlname = bozo_escape_html(httpd, name); | 159 | htmlname = bozo_escape_html(httpd, name); | |
154 | if (htmlname == NULL) | 160 | if (htmlname == NULL) | |
155 | htmlname = name; | 161 | htmlname = name; | |
162 | bozo_printf(httpd, "<tr><td>"); | |||
156 | if (strcmp(name, "..") == 0) { | 163 | if (strcmp(name, "..") == 0) { | |
157 | bozo_printf(httpd, "<a href=\"../\">"); | 164 | bozo_printf(httpd, "<a href=\"../\">"); | |
158 | l += bozo_printf(httpd, "Parent Directory"); | 165 | bozo_printf(httpd, "Parent Directory"); | |
159 | } else if (!nostat && S_ISDIR(sb.st_mode)) { | 166 | } else if (!nostat && S_ISDIR(sb.st_mode)) { | |
160 | bozo_printf(httpd, "<a href=\"%s/\">", urlname); | 167 | bozo_printf(httpd, "<a href=\"%s/\">", urlname); | |
161 | l += bozo_printf(httpd, "%s/", htmlname); | 168 | bozo_printf(httpd, "%s/", htmlname); | |
162 | } else if (strchr(name, ':') != NULL) { | 169 | } else if (strchr(name, ':') != NULL) { | |
163 | /* RFC 3986 4.2 */ | 170 | /* RFC 3986 4.2 */ | |
164 | bozo_printf(httpd, "<a href=\"./%s\">", urlname); | 171 | bozo_printf(httpd, "<a href=\"./%s\">", urlname); | |
165 | l += bozo_printf(httpd, "%s", htmlname); | 172 | bozo_printf(httpd, "%s", htmlname); | |
166 | } else { | 173 | } else { | |
167 | bozo_printf(httpd, "<a href=\"%s\">", urlname); | 174 | bozo_printf(httpd, "<a href=\"%s\">", urlname); | |
168 | l += bozo_printf(httpd, "%s", htmlname); | 175 | bozo_printf(httpd, "%s", htmlname); | |
169 | } | 176 | } | |
170 | if (htmlname != name) | 177 | if (htmlname != name) | |
171 | free(htmlname); | 178 | free(htmlname); | |
172 | bozo_printf(httpd, "</a>"); | 179 | bozo_printf(httpd, "</a>"); | |
173 | 180 | |||
174 | /* NAMELEN spaces */ | |||
175 | /*LINTED*/ | |||
176 | assert(/*CONSTCOND*/sizeof(spacebuf) > NAMELEN); | |||
177 | i = (l < NAMELEN) ? (NAMELEN - l) : 0; | |||
178 | i++; | |||
179 | memset(spacebuf, ' ', (size_t)i); | |||
180 | spacebuf[i] = '\0'; | |||
181 | bozo_printf(httpd, "%s", spacebuf); | |||
182 | l += i; | |||
183 | ||||
184 | if (nostat) | 181 | if (nostat) | |
185 | bozo_printf(httpd, "? ?"); | 182 | bozo_printf(httpd, "<td>?<td>?\r\n"); | |
186 | else { | 183 | else { | |
187 | unsigned long long len; | 184 | unsigned long long len; | |
188 | 185 | |||
189 | len = ((unsigned long long)sb.st_size + 1023) / 1024; | 186 | strftime(buf, sizeof buf, "%d-%b-%Y %R", gmtime(&sb.st_mtime)); | |
190 | 187 | bozo_printf(httpd, "<td>%s", buf); | ||
191 | tm = gmtime(&sb.st_mtime); | |||
192 | strftime(buf, sizeof buf, "%d-%b-%Y %R", tm); | |||
193 | l += bozo_printf(httpd, "%s", buf); | |||
194 | ||||
195 | /* LMODLEN spaces */ | |||
196 | /*LINTED*/ | |||
197 | assert(/*CONSTCOND*/sizeof(spacebuf) > LMODLEN); | |||
198 | i = (l < (LMODLEN+NAMELEN+1)) ? | |||
199 | ((LMODLEN+NAMELEN+1) - l) : 0; | |||
200 | i++; | |||
201 | memset(spacebuf, ' ', (size_t)i); | |||
202 | spacebuf[i] = '\0'; | |||
203 | bozo_printf(httpd, "%s", spacebuf); | |||
204 | 188 | |||
205 | bozo_printf(httpd, "%12llukB", len); | 189 | len = ((unsigned long long)sb.st_size + 1023) / 1024; | |
190 | bozo_printf(httpd, "<td align=right>%llukB", len); | |||
206 | } | 191 | } | |
207 | bozo_printf(httpd, "\r\n"); | 192 | bozo_printf(httpd, "\r\n"); | |
208 | } | 193 | } | |
209 | 194 | |||
210 | closedir(dp); | 195 | closedir(dp); | |
211 | while (k--) | 196 | while (k--) | |
212 | free(deo[k]); | 197 | free(deo[k]); | |
213 | free(deo); | 198 | free(deo); | |
214 | bozo_printf(httpd, "</pre>"); | 199 | bozo_printf(httpd, "</table>\r\n"); | |
215 | directory_hr(httpd); | |||
216 | bozo_printf(httpd, "</body></html>\r\n\r\n"); | 200 | bozo_printf(httpd, "</body></html>\r\n\r\n"); | |
217 | bozo_flush(httpd, stdout); | 201 | bozo_flush(httpd, stdout); | |
218 | 202 | |||
219 | done: | 203 | done: | |
220 | free(file); | 204 | free(file); | |
221 | free(printname); | 205 | free(printname); | |
222 | return 1; | 206 | return 1; | |
223 | } | 207 | } | |
224 | #endif /* NO_DIRINDEX_SUPPORT */ | 208 | #endif /* NO_DIRINDEX_SUPPORT */ | |
225 |
--- src/libexec/httpd/ssl-bozo.c 2018/11/24 17:23:20 1.18.2.1.4.1
+++ src/libexec/httpd/ssl-bozo.c 2019/06/15 15:56:21 1.18.2.1.4.2
@@ -1,19 +1,19 @@ | @@ -1,19 +1,19 @@ | |||
1 | /* $NetBSD: ssl-bozo.c,v 1.18.2.1.4.1 2018/11/24 17:23:20 martin Exp $ */ | 1 | /* $NetBSD: ssl-bozo.c,v 1.18.2.1.4.2 2019/06/15 15:56:21 martin Exp $ */ | |
2 | 2 | |||
3 | /* $eterna: ssl-bozo.c,v 1.15 2011/11/18 09:21:15 mrg Exp $ */ | 3 | /* $eterna: ssl-bozo.c,v 1.15 2011/11/18 09:21:15 mrg Exp $ */ | |
4 | 4 | |||
5 | /* | 5 | /* | |
6 | * Copyright (c) 1997-2018 Matthew R. Green | 6 | * Copyright (c) 1997-2019 Matthew R. Green | |
7 | * All rights reserved. | 7 | * All rights reserved. | |
8 | * | 8 | * | |
9 | * Redistribution and use in source and binary forms, with or without | 9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | 10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | 11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | 12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | 13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | 14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer and | 15 | * notice, this list of conditions and the following disclaimer and | |
16 | * dedication in the documentation and/or other materials provided | 16 | * dedication in the documentation and/or other materials provided | |
17 | * with the distribution. | 17 | * with the distribution. | |
18 | * | 18 | * | |
19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | 19 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
@@ -253,36 +253,46 @@ bozo_ssl_init(bozohttpd_t *httpd) | @@ -253,36 +253,46 @@ bozo_ssl_init(bozohttpd_t *httpd) | |||
253 | } | 253 | } | |
254 | 254 | |||
255 | /* | 255 | /* | |
256 | * returns non-zero for failure | 256 | * returns non-zero for failure | |
257 | */ | 257 | */ | |
258 | int | 258 | int | |
259 | bozo_ssl_accept(bozohttpd_t *httpd) | 259 | bozo_ssl_accept(bozohttpd_t *httpd) | |
260 | { | 260 | { | |
261 | sslinfo_t *sslinfo = httpd->sslinfo; | 261 | sslinfo_t *sslinfo = httpd->sslinfo; | |
262 | 262 | |||
263 | if (sslinfo == NULL || !sslinfo->ssl_context) | 263 | if (sslinfo == NULL || !sslinfo->ssl_context) | |
264 | return 0; | 264 | return 0; | |
265 | 265 | |||
266 | alarm(httpd->ssl_timeout); | |||
267 | ||||
266 | sslinfo->bozossl = SSL_new(sslinfo->ssl_context); | 268 | sslinfo->bozossl = SSL_new(sslinfo->ssl_context); | |
267 | if (sslinfo->bozossl == NULL) | 269 | if (sslinfo->bozossl == NULL) | |
268 | bozoerr(httpd, 1, "SSL_new failed"); | 270 | bozoerr(httpd, 1, "SSL_new failed"); | |
269 | 271 | |||
270 | SSL_set_rfd(sslinfo->bozossl, 0); | 272 | SSL_set_rfd(sslinfo->bozossl, 0); | |
271 | SSL_set_wfd(sslinfo->bozossl, 1); | 273 | SSL_set_wfd(sslinfo->bozossl, 1); | |
272 | 274 | |||
273 | const int ret = SSL_accept(sslinfo->bozossl); | 275 | const int ret = SSL_accept(sslinfo->bozossl); | |
274 | bozo_check_error_queue(httpd, "accept", ret); | 276 | bozo_check_error_queue(httpd, "accept", ret); | |
275 | 277 | |||
278 | alarm(0); | |||
279 | ||||
280 | if (bozo_timeout_hit) { | |||
281 | SSL_free(sslinfo->bozossl); | |||
282 | sslinfo->bozossl = NULL; | |||
283 | return 1; | |||
284 | } | |||
285 | ||||
276 | return ret != 1; | 286 | return ret != 1; | |
277 | } | 287 | } | |
278 | 288 | |||
279 | void | 289 | void | |
280 | bozo_ssl_destroy(bozohttpd_t *httpd) | 290 | bozo_ssl_destroy(bozohttpd_t *httpd) | |
281 | { | 291 | { | |
282 | const sslinfo_t *sslinfo = httpd->sslinfo; | 292 | const sslinfo_t *sslinfo = httpd->sslinfo; | |
283 | 293 | |||
284 | if (sslinfo && sslinfo->bozossl) | 294 | if (sslinfo && sslinfo->bozossl) | |
285 | SSL_free(sslinfo->bozossl); | 295 | SSL_free(sslinfo->bozossl); | |
286 | } | 296 | } | |
287 | 297 | |||
288 | static sslinfo_t * | 298 | static sslinfo_t * |
--- src/libexec/httpd/testsuite/Makefile 2018/11/24 17:23:21 1.4.24.3.2.1
+++ src/libexec/httpd/testsuite/Makefile 2019/06/15 15:56:22 1.4.24.3.2.2
@@ -1,44 +1,44 @@ | @@ -1,44 +1,44 @@ | |||
1 | # $NetBSD: Makefile,v 1.4.24.3.2.2 2019/06/15 15:56:22 martin Exp $ | |||
1 | # $eterna: Makefile,v 1.14 2009/05/22 21:51:39 mrg Exp $ | 2 | # $eterna: Makefile,v 1.14 2009/05/22 21:51:39 mrg Exp $ | |
2 | 3 | |||
3 | SIMPLETESTS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t12 t13 t14 t15 | 4 | SIMPLETESTS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t12 t13 t14 t15 | |
4 | CGITESTS= t11 | 5 | CGITESTS= t11 | |
5 | BIGFILETESTS= partial4000 partial8000 | 6 | BIGFILETESTS= partial4000 partial8000 | |
6 | 7 | |||
7 | BOZOHTTPD?= ../bozohttpd | 8 | BOZOHTTPD?= ../bozohttpd | |
8 | BOZOHTTPD?= ../debug/bozohttpd-debug | 9 | BOZOHTTPD?= ../debug/bozohttpd-debug | |
9 | WGET?= wget | 10 | WGET?= wget | |
10 | DATA?= $(.CURDIR)/data | 11 | DATA?= $(.CURDIR)/data | |
11 | VERBOSE?= yes | 12 | VERBOSE?= yes | |
12 | HOST?= test.eterna | |||
13 | 13 | |||
14 | .if ${VERBOSE} != "yes" | 14 | .if ${VERBOSE} != "yes" | |
15 | SILENT= @ | 15 | SILENT= @ | |
16 | .else | 16 | .else | |
17 | SILENT= | 17 | SILENT= | |
18 | .endif | 18 | .endif | |
19 | 19 | |||
20 | all: | 20 | all: | |
21 | 21 | |||
22 | clean: | 22 | clean: | |
23 | for a in $(SIMPLETESTS) $(BIGFILETESTS); do \ | 23 | for a in $(SIMPLETESTS) $(BIGFILETESTS); do \ | |
24 | rm -f tmp.$$a.out tmp.$$a.err; \ | 24 | rm -f tmp.$$a.out tmp.$$a.err; \ | |
25 | done | 25 | done | |
26 | 26 | |||
27 | check: check-simple check-cgi check-bigfile | 27 | check: check-simple check-cgi check-bigfile | |
28 | 28 | |||
29 | check-simple: | 29 | check-simple: | |
30 | .for a in $(SIMPLETESTS) | 30 | .for a in $(SIMPLETESTS) | |
31 | ${SILENT}$(.CURDIR)/test-simple "$a" "${BOZOHTTPD}" "${DATA}" "${.CURDIR}" "${VERBOSE}" "${HOST}" | 31 | ${SILENT}$(.CURDIR)/test-simple "$a" "${BOZOHTTPD}" "${DATA}" "${.CURDIR}" "${VERBOSE}" | |
32 | .endfor | 32 | .endfor | |
33 | 33 | |||
34 | check-cgi: | 34 | check-cgi: | |
35 | .for a in $(CGITESTS) | 35 | .for a in $(CGITESTS) | |
36 | ${SILENT}$(.CURDIR)/test-simple "$a" "${BOZOHTTPD}" "${DATA}" "${.CURDIR}" "${VERBOSE}" "${HOST}" -c "${.CURDIR}/cgi-bin" | 36 | ${SILENT}$(.CURDIR)/test-simple "$a" "${BOZOHTTPD}" "${DATA}" "${.CURDIR}" "${VERBOSE}" -c "${.CURDIR}/cgi-bin" | |
37 | .endfor | 37 | .endfor | |
38 | 38 | |||
39 | check-bigfile: | 39 | check-bigfile: | |
40 | .for a in $(BIGFILETESTS) | 40 | .for a in $(BIGFILETESTS) | |
41 | ${SILENT}$(.CURDIR)/test-bigfile "$a" "${BOZOHTTPD}" "${WGET}" "${DATA}" "${VERBOSE}" "${HOST}" | 41 | ${SILENT}$(.CURDIR)/test-bigfile "$a" "${BOZOHTTPD}" "${WGET}" "${DATA}" "${VERBOSE}" | |
42 | .endfor | 42 | .endfor | |
43 | 43 | |||
44 | .include <bsd.obj.mk> | 44 | .include <bsd.obj.mk> |
--- src/libexec/httpd/testsuite/t11.out 2017/02/12 22:07:17 1.1.4.2
+++ src/libexec/httpd/testsuite/t11.out 2019/06/15 15:56:22 1.1.4.2.2.1
--- src/libexec/httpd/testsuite/test-bigfile 2018/11/24 17:23:21 1.1.1.1.30.3.2.1
+++ src/libexec/httpd/testsuite/test-bigfile 2019/06/15 15:56:22 1.1.1.1.30.3.2.2
@@ -1,22 +1,21 @@ | @@ -1,22 +1,21 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh | |
2 | # $NetBSD: test-bigfile,v 1.1.1.1.30.3.2.1 2018/11/24 17:23:21 martin Exp $ | 2 | # $NetBSD: test-bigfile,v 1.1.1.1.30.3.2.2 2019/06/15 15:56:22 martin Exp $ | |
3 | 3 | |||
4 | test="$1"; shift # partial4000 or partial8000 | 4 | test="$1"; shift # partial4000 or partial8000 | |
5 | bozohttpd="$1"; shift | 5 | bozohttpd="$1"; shift | |
6 | wget="$1"; shift | 6 | wget="$1"; shift | |
7 | datadir="$1"; shift | 7 | datadir="$1"; shift | |
8 | verbose="$1"; shift | 8 | verbose="$1"; shift | |
9 | host="$1"; shift | |||
10 | 9 | |||
11 | tmperr="tmp.$test.err" | 10 | tmperr="tmp.$test.err" | |
12 | 11 | |||
13 | if [ "yes" = "$verbose" ]; then | 12 | if [ "yes" = "$verbose" ]; then | |
14 | echo "Running test $test" | 13 | echo "Running test $test" | |
15 | else | 14 | else | |
16 | exec 2>"$tmperr" | 15 | exec 2>"$tmperr" | |
17 | fi | 16 | fi | |
18 | 17 | |||
19 | bozotestport=11111 | 18 | bozotestport=11111 | |
20 | 19 | |||
21 | # copy beginning file | 20 | # copy beginning file | |
22 | cp "${datadir}/bigfile.${test}" ./bigfile | 21 | cp "${datadir}/bigfile.${test}" ./bigfile |
--- src/libexec/httpd/testsuite/test-simple 2018/11/24 17:23:21 1.2.4.3.2.1
+++ src/libexec/httpd/testsuite/test-simple 2019/06/15 15:56:22 1.2.4.3.2.2
@@ -1,34 +1,33 @@ | @@ -1,34 +1,33 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh | |
2 | # $NetBSD: test-simple,v 1.2.4.3.2.1 2018/11/24 17:23:21 martin Exp $ | 2 | # $NetBSD: test-simple,v 1.2.4.3.2.2 2019/06/15 15:56:22 martin Exp $ | |
3 | 3 | |||
4 | test="$1"; shift | 4 | test="$1"; shift | |
5 | bozohttpd="$1"; shift | 5 | bozohttpd="$1"; shift | |
6 | datadir="$1"; shift | 6 | datadir="$1"; shift | |
7 | curdir="$1"; shift | 7 | curdir="$1"; shift | |
8 | verbose="$1"; shift | 8 | verbose="$1"; shift | |
9 | host="$1"; shift | |||
10 | 9 | |||
11 | in="$curdir/$test.in" | 10 | in="$curdir/$test.in" | |
12 | out="$curdir/$test.out" | 11 | out="$curdir/$test.out" | |
13 | tmpout="tmp.$test.out" | 12 | tmpout="tmp.$test.out" | |
14 | tmperr="tmp.$test.err" | 13 | tmperr="tmp.$test.err" | |
15 | 14 | |||
16 | if [ "yes" = "$verbose" ]; then | 15 | if [ "yes" = "$verbose" ]; then | |
17 | echo "Running test $test" | 16 | echo "Running test $test" | |
18 | else | 17 | else | |
19 | exec 2>"$tmperr" | 18 | exec 2>"$tmperr" | |
20 | fi | 19 | fi | |
21 | 20 | |||
22 | bozotestport=11111 | 21 | bozotestport=11111 | |
23 | 22 | |||
24 | ${bozohttpd} "$@" "${datadir}" "${host}" < "$in" > "$tmpout" | 23 | ${bozohttpd} "$@" "${datadir}" < "$in" > "$tmpout" | |
25 | if "$curdir/html_cmp" cmp "$out" "$tmpout"; then | 24 | if "$curdir/html_cmp" cmp "$out" "$tmpout"; then | |
26 | exit 0 | 25 | exit 0 | |
27 | else | 26 | else | |
28 | if [ "yes" = "$verbose" ]; then | 27 | if [ "yes" = "$verbose" ]; then | |
29 | echo "Failed test $test:" | 28 | echo "Failed test $test:" | |
30 | cat "$tmperr" | 29 | cat "$tmperr" | |
31 | $curdir/html_cmp diff "$out" "$tmpout" | 30 | $curdir/html_cmp diff "$out" "$tmpout" | |
32 | fi | 31 | fi | |
33 | exit 1 | 32 | exit 1 | |
34 | fi | 33 | fi |