Commit Graph

57 Commits (031990cf952c2c4703852029b70acaf4d0c123e0)

Author SHA1 Message Date
Jo-Philipp Wich 23eaea57ad uhttpd: remove some dead code
SVN-Revision: 32028
2012-06-02 15:08:54 +00:00
Jo-Philipp Wich 2cf72776d8 uhttpd: add explicit stdin eof notification for Lua and CGI childs
SVN-Revision: 32027
2012-06-02 14:56:24 +00:00
Jo-Philipp Wich 5aefe3b277 uhttpd: fix wrongly applied sizeof() leading to writing beyound end of buffer and subsequent data corruption (#11557)
SVN-Revision: 32005
2012-05-30 15:30:07 +00:00
Jo-Philipp Wich 022fa36b40 uhttpd: - rewrite large parts of the server, use uloop event driven structure - support concurrent requests and make the upper limit configurable - implement initial version of HTTP-to-ubus JSON proxy and session.* namespace - add compile time support for debug information - code style changes - bump package revision
SVN-Revision: 31931
2012-05-28 00:52:24 +00:00
Jo-Philipp Wich 8e9d914343 uhttpd: display errors in init script, code formatting changes, bump package version
SVN-Revision: 31572
2012-05-03 17:19:22 +00:00
Jo-Philipp Wich 54b34ccbc5 uhttpd: added uhttpd.docroot
Passes the document-root to the Lua handler by placing it in uhttpd.docroot.

It could alternatively be placed in env.DOCUMENT_ROOT which would more closely
resemble the CGI protocol; but would mean that it is not available at the time
when the handler-chunk is loaded but rather not until the handler is called,
without any code savings.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31571
2012-05-03 17:19:20 +00:00
Jo-Philipp Wich bcd8d530d1 Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p

Here is the corrected patch.

-- David

From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.

* uh_urlencode() and uh_urldecode() now return an error condition for
  buffer-overflow and malformed-encoding rather than normal return with corrupt
  or truncated data.  As HTTP request processing is currently implemented, this
  causes a 404 HTTP status returned to the client, while 400 is more
  appropriate.

* Exposed urlencode() to Lua.

* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
  buffer-overflow and malformed-encoding rather than normal return with
  incorrect data.

SVN-Revision: 31570
2016-03-20 20:05:13 +01:00
Jo-Philipp Wich 2bfb1e012a uhttpd URL-codec bug fixes.
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
  input-buffer index against output-buffer length].  In reality, this would not
  typically cause an overflow on decode, where the output string would be
  expected to be shorter than the input string; and uh_urlencode() seems to have
  been unreferenced in the source.

* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
  input-string.  While this could manifest in C code, the result was most
  egregious when called from Lua, where it caused an extra null byte to be
  embedded at the end of the output string.

* uh_urlencode() cleanup: removed redundant bitwise-and.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich 80307216f2 uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich 8533636d2d uhttpd: cope with variable number of spaces in header lines (#11079)
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich 215239a470 uhttpd: prevent linking uhttpd binary against crypto libraries
SVN-Revision: 29152
2011-11-15 10:17:59 +00:00
Jo-Philipp Wich 44da6400cd uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Nicolas Thill 75e186832a package/uhttpd: use new service wrapper
SVN-Revision: 28841
2011-11-07 22:59:06 +00:00
Jo-Philipp Wich 8189bd9260 uhttpd: provide rpath-link flag, thanks mazilo
SVN-Revision: 28792
2011-11-07 00:10:52 +00:00
Jo-Philipp Wich 6037187a80 uhttpd: Fix wrong certificate options with multiple words
For instance two word city names will result in weird certificates.
Therefore adding the missing quotations.

Signed-off-by: Linus Lüssing <linus.luessing@web.de>

SVN-Revision: 28776
2011-11-06 15:44:42 +00:00
Jo-Philipp Wich fcea88e3b5 uhttpd: fix Makefiles and linking of tls plugin
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich 3c96dee342 uhttpd: bump version
SVN-Revision: 28762
2011-11-05 03:19:29 +00:00
Jo-Philipp Wich 3d035a6f6a uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich 32ae896d00 uhttpd: fix bad pointer use in previous commit
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich 12bbe8b2af uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich a6c02f8912 uhttpd: properly match mimetype entries which cover the whole filename (#8236)
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich 7fce085a97 uhttpd: add "application/x-ns-proxy-autoconfig" mime type (#8236)
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich 9c606eb4c5 uhttpd: pass feature flags (#9742)
SVN-Revision: 27689
2011-07-19 06:59:47 +00:00
Jo-Philipp Wich 6576d110d2 uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich 53a5beaca8 uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Daniel Dickinson 9e4843d0e3 uhttpd: Moved uhttpd to Network|Web Servers/Proxies submenu, just like all the other web serves and proxies from the packages feed
SVN-Revision: 26062
2011-03-12 04:47:02 +00:00
Jo-Philipp Wich 3b3e5b7a49 uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich f38a320e69 uhttpd: protect tcp receive operations with select, make tcp keep-alive optional (#8272)
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich f5b3f741ce uhttpd: allow lowercase http header fields (#8513)
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich 5931a158a4 uhttpd: redirect to same location with trailing slash appended if directories are requested
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich fa644368ed uhttpd: make it work without shadow password support
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich 817566a5be uhttpd: revert unrelated change in previous commit
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich 88db961cf0 uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich 1cb2abca8e add maintainer information
SVN-Revision: 23159
2010-09-30 10:48:37 +00:00
Jo-Philipp Wich 70dff7070e uhttpd: break tight loop when receiving eof during header reading (#7904)
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich 93c38f2b86 uhttpd: fix segfault triggered by Basic Auth checking
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich cbdeb30a1b uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich f2b534d341 uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich 4847198093 uhttpd: fix segmentation fault triggered by invalid header line
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich 2d175dcdce uhttpd: - abort file serving if client connection is lost (#7742) - don't send bad request headers twice
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich 5bc74fcb6f uhttpd: make init script less verbose
SVN-Revision: 22593
2010-08-11 13:30:47 +00:00
Jo-Philipp Wich 3d99f03082 uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich 39e013d003 uhttpd: fix build dependencies (#7674)
SVN-Revision: 22404
2010-07-27 21:19:28 +00:00
Jo-Philipp Wich b688fcaa5c uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich 585ffa4941 uhttpd: - fix incorrect parsing of multiple listen options (#7458) - support PEM certificates for SSL
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00
Nicolas Thill 338f1af5f3 bump release number for packages ahead of backfire in trunk
SVN-Revision: 21556
2010-05-23 21:55:40 +00:00
Jo-Philipp Wich 51cae701b6 uhttpd: use uci_get() wrapper (#7312)
SVN-Revision: 21492
2010-05-17 19:35:15 +00:00
Jo-Philipp Wich 3df8df720a uhttpd: - ignore authentication realms that refer to user accounts with no password set yet (X-Wrt compatibility) - fix off-by-one in CGI header parsing, fixes cgi programs that emit bad header lines (AsteriskGUI compatibility) - bump version
SVN-Revision: 21121
2010-04-24 11:07:41 +00:00
Jo-Philipp Wich 14428874ae uhttpd: fix bug in path canonization introduced by r20883
SVN-Revision: 20885
2010-04-15 20:08:56 +00:00
Jo-Philipp Wich 20ef055c2f uhttpd: - make network timeout configurable, increase default to 30 seconds (#7067) - follow symlinks in docroot and add option to disable that - fix mimetype detection for files with combined extensions (.tar.gz, ...)
SVN-Revision: 20883
2010-04-15 19:46:35 +00:00