Commit Graph

62 Commits (45d55161a671e58a0e86ab3b53a13ee958b76bc9)

Author SHA1 Message Date
Jo-Philipp Wich 0000ce2271 uhttpd: retry parsing the CGI header until the buffer space is exhausted
SVN-Revision: 32662
2012-07-11 09:59:05 +00:00
Jo-Philipp Wich 86de034767 uhttpd: various fixes
- avoid closing descriptors before removing them from uloop (#11755, #11830)
    - do not auto-initialize ubus if no prefix is set (#11832)
    - remove extraneous client context pointer from cgi and lua states
    - code cleanups and debug message changes

SVN-Revision: 32651
2012-07-09 00:08:20 +00:00
Jo-Philipp Wich 92e2e3f567 uhttpd: do not dispatch pipe error events, fixes use after free for cgi and lua scripts
SVN-Revision: 32644
2012-07-07 16:43:27 +00:00
Jo-Philipp Wich 1f2d5da887 uhttpd: do not subscribe to epoll write events Watch child read pipe end for data instead of relying on socket write notification to process cgi data, should lower cpu consumption during requests on weaker devices.
SVN-Revision: 32640
2012-07-06 17:29:25 +00:00
Jo-Philipp Wich c73b39fd30 uhttpd: finish inherited uloop in forked childs, fixes misdispatched events leading to race conditions and bad memory accesses
SVN-Revision: 32419
2012-06-18 00:41:43 +00:00
Jo-Philipp Wich 23eaea57ad uhttpd: remove some dead code
SVN-Revision: 32028
2012-06-02 15:08:54 +00:00
Jo-Philipp Wich 2cf72776d8 uhttpd: add explicit stdin eof notification for Lua and CGI childs
SVN-Revision: 32027
2012-06-02 14:56:24 +00:00
Jo-Philipp Wich 5aefe3b277 uhttpd: fix wrongly applied sizeof() leading to writing beyound end of buffer and subsequent data corruption (#11557)
SVN-Revision: 32005
2012-05-30 15:30:07 +00:00
Jo-Philipp Wich 022fa36b40 uhttpd: - rewrite large parts of the server, use uloop event driven structure - support concurrent requests and make the upper limit configurable - implement initial version of HTTP-to-ubus JSON proxy and session.* namespace - add compile time support for debug information - code style changes - bump package revision
SVN-Revision: 31931
2012-05-28 00:52:24 +00:00
Jo-Philipp Wich 8e9d914343 uhttpd: display errors in init script, code formatting changes, bump package version
SVN-Revision: 31572
2012-05-03 17:19:22 +00:00
Jo-Philipp Wich 54b34ccbc5 uhttpd: added uhttpd.docroot
Passes the document-root to the Lua handler by placing it in uhttpd.docroot.

It could alternatively be placed in env.DOCUMENT_ROOT which would more closely
resemble the CGI protocol; but would mean that it is not available at the time
when the handler-chunk is loaded but rather not until the handler is called,
without any code savings.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31571
2012-05-03 17:19:20 +00:00
Jo-Philipp Wich bcd8d530d1 Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p

Here is the corrected patch.

-- David

From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.

* uh_urlencode() and uh_urldecode() now return an error condition for
  buffer-overflow and malformed-encoding rather than normal return with corrupt
  or truncated data.  As HTTP request processing is currently implemented, this
  causes a 404 HTTP status returned to the client, while 400 is more
  appropriate.

* Exposed urlencode() to Lua.

* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
  buffer-overflow and malformed-encoding rather than normal return with
  incorrect data.

SVN-Revision: 31570
2016-03-20 20:05:13 +01:00
Jo-Philipp Wich 2bfb1e012a uhttpd URL-codec bug fixes.
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
  input-buffer index against output-buffer length].  In reality, this would not
  typically cause an overflow on decode, where the output string would be
  expected to be shorter than the input string; and uh_urlencode() seems to have
  been unreferenced in the source.

* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
  input-string.  While this could manifest in C code, the result was most
  egregious when called from Lua, where it caused an extra null byte to be
  embedded at the end of the output string.

* uh_urlencode() cleanup: removed redundant bitwise-and.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich 80307216f2 uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich 8533636d2d uhttpd: cope with variable number of spaces in header lines (#11079)
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich 215239a470 uhttpd: prevent linking uhttpd binary against crypto libraries
SVN-Revision: 29152
2011-11-15 10:17:59 +00:00
Jo-Philipp Wich 44da6400cd uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Nicolas Thill 75e186832a package/uhttpd: use new service wrapper
SVN-Revision: 28841
2011-11-07 22:59:06 +00:00
Jo-Philipp Wich 8189bd9260 uhttpd: provide rpath-link flag, thanks mazilo
SVN-Revision: 28792
2011-11-07 00:10:52 +00:00
Jo-Philipp Wich 6037187a80 uhttpd: Fix wrong certificate options with multiple words
For instance two word city names will result in weird certificates.
Therefore adding the missing quotations.

Signed-off-by: Linus Lüssing <linus.luessing@web.de>

SVN-Revision: 28776
2011-11-06 15:44:42 +00:00
Jo-Philipp Wich fcea88e3b5 uhttpd: fix Makefiles and linking of tls plugin
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich 3c96dee342 uhttpd: bump version
SVN-Revision: 28762
2011-11-05 03:19:29 +00:00
Jo-Philipp Wich 3d035a6f6a uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich 32ae896d00 uhttpd: fix bad pointer use in previous commit
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich 12bbe8b2af uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich a6c02f8912 uhttpd: properly match mimetype entries which cover the whole filename (#8236)
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich 7fce085a97 uhttpd: add "application/x-ns-proxy-autoconfig" mime type (#8236)
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich 9c606eb4c5 uhttpd: pass feature flags (#9742)
SVN-Revision: 27689
2011-07-19 06:59:47 +00:00
Jo-Philipp Wich 6576d110d2 uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich 53a5beaca8 uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Daniel Dickinson 9e4843d0e3 uhttpd: Moved uhttpd to Network|Web Servers/Proxies submenu, just like all the other web serves and proxies from the packages feed
SVN-Revision: 26062
2011-03-12 04:47:02 +00:00
Jo-Philipp Wich 3b3e5b7a49 uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich f38a320e69 uhttpd: protect tcp receive operations with select, make tcp keep-alive optional (#8272)
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich f5b3f741ce uhttpd: allow lowercase http header fields (#8513)
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich 5931a158a4 uhttpd: redirect to same location with trailing slash appended if directories are requested
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich fa644368ed uhttpd: make it work without shadow password support
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich 817566a5be uhttpd: revert unrelated change in previous commit
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich 88db961cf0 uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich 1cb2abca8e add maintainer information
SVN-Revision: 23159
2010-09-30 10:48:37 +00:00
Jo-Philipp Wich 70dff7070e uhttpd: break tight loop when receiving eof during header reading (#7904)
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich 93c38f2b86 uhttpd: fix segfault triggered by Basic Auth checking
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich cbdeb30a1b uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich f2b534d341 uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich 4847198093 uhttpd: fix segmentation fault triggered by invalid header line
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich 2d175dcdce uhttpd: - abort file serving if client connection is lost (#7742) - don't send bad request headers twice
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich 5bc74fcb6f uhttpd: make init script less verbose
SVN-Revision: 22593
2010-08-11 13:30:47 +00:00
Jo-Philipp Wich 3d99f03082 uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich 39e013d003 uhttpd: fix build dependencies (#7674)
SVN-Revision: 22404
2010-07-27 21:19:28 +00:00
Jo-Philipp Wich b688fcaa5c uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich 585ffa4941 uhttpd: - fix incorrect parsing of multiple listen options (#7458) - support PEM certificates for SSL
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00