Commit Graph

51 Commits (e219c3ac3aea7cb16a25babaef2214378ca33f4b)

Author SHA1 Message Date
Jo-Philipp Wich 00f1b1d62a uhttpd: various changes
- remove unused variables
	- simply ignore command line args which belong to not enabled features
	- resolve peer address at accept() time, should solve (#11850)
	- remove floating point operations where possible

SVN-Revision: 32704
2012-07-13 17:10:56 +00:00
Jo-Philipp Wich 0000ce2271 uhttpd: retry parsing the CGI header until the buffer space is exhausted
SVN-Revision: 32662
2012-07-11 09:59:05 +00:00
Jo-Philipp Wich 86de034767 uhttpd: various fixes
- avoid closing descriptors before removing them from uloop (#11755, #11830)
    - do not auto-initialize ubus if no prefix is set (#11832)
    - remove extraneous client context pointer from cgi and lua states
    - code cleanups and debug message changes

SVN-Revision: 32651
2012-07-09 00:08:20 +00:00
Jo-Philipp Wich 92e2e3f567 uhttpd: do not dispatch pipe error events, fixes use after free for cgi and lua scripts
SVN-Revision: 32644
2012-07-07 16:43:27 +00:00
Jo-Philipp Wich 1f2d5da887 uhttpd: do not subscribe to epoll write events Watch child read pipe end for data instead of relying on socket write notification to process cgi data, should lower cpu consumption during requests on weaker devices.
SVN-Revision: 32640
2012-07-06 17:29:25 +00:00
Jo-Philipp Wich c73b39fd30 uhttpd: finish inherited uloop in forked childs, fixes misdispatched events leading to race conditions and bad memory accesses
SVN-Revision: 32419
2012-06-18 00:41:43 +00:00
Jo-Philipp Wich 23eaea57ad uhttpd: remove some dead code
SVN-Revision: 32028
2012-06-02 15:08:54 +00:00
Jo-Philipp Wich 2cf72776d8 uhttpd: add explicit stdin eof notification for Lua and CGI childs
SVN-Revision: 32027
2012-06-02 14:56:24 +00:00
Jo-Philipp Wich 5aefe3b277 uhttpd: fix wrongly applied sizeof() leading to writing beyound end of buffer and subsequent data corruption (#11557)
SVN-Revision: 32005
2012-05-30 15:30:07 +00:00
Jo-Philipp Wich 022fa36b40 uhttpd: - rewrite large parts of the server, use uloop event driven structure - support concurrent requests and make the upper limit configurable - implement initial version of HTTP-to-ubus JSON proxy and session.* namespace - add compile time support for debug information - code style changes - bump package revision
SVN-Revision: 31931
2012-05-28 00:52:24 +00:00
Jo-Philipp Wich 8e9d914343 uhttpd: display errors in init script, code formatting changes, bump package version
SVN-Revision: 31572
2012-05-03 17:19:22 +00:00
Jo-Philipp Wich 54b34ccbc5 uhttpd: added uhttpd.docroot
Passes the document-root to the Lua handler by placing it in uhttpd.docroot.

It could alternatively be placed in env.DOCUMENT_ROOT which would more closely
resemble the CGI protocol; but would mean that it is not available at the time
when the handler-chunk is loaded but rather not until the handler is called,
without any code savings.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31571
2012-05-03 17:19:20 +00:00
Jo-Philipp Wich bcd8d530d1 Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p

Here is the corrected patch.

-- David

From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.

* uh_urlencode() and uh_urldecode() now return an error condition for
  buffer-overflow and malformed-encoding rather than normal return with corrupt
  or truncated data.  As HTTP request processing is currently implemented, this
  causes a 404 HTTP status returned to the client, while 400 is more
  appropriate.

* Exposed urlencode() to Lua.

* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
  buffer-overflow and malformed-encoding rather than normal return with
  incorrect data.

SVN-Revision: 31570
2016-03-20 20:05:13 +01:00
Jo-Philipp Wich 2bfb1e012a uhttpd URL-codec bug fixes.
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
  input-buffer index against output-buffer length].  In reality, this would not
  typically cause an overflow on decode, where the output string would be
  expected to be shorter than the input string; and uh_urlencode() seems to have
  been unreferenced in the source.

* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
  input-string.  While this could manifest in C code, the result was most
  egregious when called from Lua, where it caused an extra null byte to be
  embedded at the end of the output string.

* uh_urlencode() cleanup: removed redundant bitwise-and.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich 80307216f2 uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich 8533636d2d uhttpd: cope with variable number of spaces in header lines (#11079)
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich 44da6400cd uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Jo-Philipp Wich fcea88e3b5 uhttpd: fix Makefiles and linking of tls plugin
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich 3d035a6f6a uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich 32ae896d00 uhttpd: fix bad pointer use in previous commit
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich 12bbe8b2af uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich a6c02f8912 uhttpd: properly match mimetype entries which cover the whole filename (#8236)
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich 7fce085a97 uhttpd: add "application/x-ns-proxy-autoconfig" mime type (#8236)
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich 6576d110d2 uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich 53a5beaca8 uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Jo-Philipp Wich 3b3e5b7a49 uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich f38a320e69 uhttpd: protect tcp receive operations with select, make tcp keep-alive optional (#8272)
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich f5b3f741ce uhttpd: allow lowercase http header fields (#8513)
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich 5931a158a4 uhttpd: redirect to same location with trailing slash appended if directories are requested
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich fa644368ed uhttpd: make it work without shadow password support
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich 817566a5be uhttpd: revert unrelated change in previous commit
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich 88db961cf0 uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich 70dff7070e uhttpd: break tight loop when receiving eof during header reading (#7904)
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich 93c38f2b86 uhttpd: fix segfault triggered by Basic Auth checking
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich cbdeb30a1b uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich f2b534d341 uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich 4847198093 uhttpd: fix segmentation fault triggered by invalid header line
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich 2d175dcdce uhttpd: - abort file serving if client connection is lost (#7742) - don't send bad request headers twice
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich 3d99f03082 uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich b688fcaa5c uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich 585ffa4941 uhttpd: - fix incorrect parsing of multiple listen options (#7458) - support PEM certificates for SSL
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00
Jo-Philipp Wich 3df8df720a uhttpd: - ignore authentication realms that refer to user accounts with no password set yet (X-Wrt compatibility) - fix off-by-one in CGI header parsing, fixes cgi programs that emit bad header lines (AsteriskGUI compatibility) - bump version
SVN-Revision: 21121
2010-04-24 11:07:41 +00:00
Jo-Philipp Wich 14428874ae uhttpd: fix bug in path canonization introduced by r20883
SVN-Revision: 20885
2010-04-15 20:08:56 +00:00
Jo-Philipp Wich 20ef055c2f uhttpd: - make network timeout configurable, increase default to 30 seconds (#7067) - follow symlinks in docroot and add option to disable that - fix mimetype detection for files with combined extensions (.tar.gz, ...)
SVN-Revision: 20883
2010-04-15 19:46:35 +00:00
Jo-Philipp Wich a0a6400034 uhttpd: - cope with options instead of lists in uci config - fix compilation without tls (#7050) - bump to rev 7
SVN-Revision: 20668
2010-04-03 13:09:10 +00:00
Jo-Philipp Wich b95360d5bc uhttpd: fix a signal related race condition exposed by LuCI on fast machines
SVN-Revision: 20573
2010-03-29 09:26:02 +00:00
Jo-Philipp Wich 4bc74807e4 uhttpd: fix parameter parsing issue on avr32 and most likely ixp4xx
SVN-Revision: 20532
2010-03-28 02:35:45 +00:00
Jo-Philipp Wich 4172149f89 uhttpd: block SIGCHLD until it is expected (#6957)
SVN-Revision: 20513
2010-03-27 14:31:35 +00:00
Jo-Philipp Wich 161325ac4f uhttpd: clear script timeout as soon as data is received from the child
SVN-Revision: 20501
2010-03-27 01:47:36 +00:00
Jo-Philipp Wich 8c9b818a24 uhttpd: - make script timeout configurable - catch SIGCHLD to properly interrupt select() - flag listen and client sockets as close-on-exec
SVN-Revision: 20500
2010-03-27 00:00:33 +00:00