Commit graph

51 commits

Author SHA1 Message Date
Jo-Philipp Wich
00f1b1d62a uhttpd: various changes
- remove unused variables
	- simply ignore command line args which belong to not enabled features
	- resolve peer address at accept() time, should solve (#11850)
	- remove floating point operations where possible

SVN-Revision: 32704
2012-07-13 17:10:56 +00:00
Jo-Philipp Wich
0000ce2271 uhttpd: retry parsing the CGI header until the buffer space is exhausted
SVN-Revision: 32662
2012-07-11 09:59:05 +00:00
Jo-Philipp Wich
86de034767 uhttpd: various fixes
- avoid closing descriptors before removing them from uloop (#11755, #11830)
    - do not auto-initialize ubus if no prefix is set (#11832)
    - remove extraneous client context pointer from cgi and lua states
    - code cleanups and debug message changes

SVN-Revision: 32651
2012-07-09 00:08:20 +00:00
Jo-Philipp Wich
92e2e3f567 uhttpd: do not dispatch pipe error events, fixes use after free for cgi and lua scripts
SVN-Revision: 32644
2012-07-07 16:43:27 +00:00
Jo-Philipp Wich
1f2d5da887 uhttpd: do not subscribe to epoll write events Watch child read pipe end for data instead of relying on socket write notification to process cgi data, should lower cpu consumption during requests on weaker devices.
SVN-Revision: 32640
2012-07-06 17:29:25 +00:00
Jo-Philipp Wich
c73b39fd30 uhttpd: finish inherited uloop in forked childs, fixes misdispatched events leading to race conditions and bad memory accesses
SVN-Revision: 32419
2012-06-18 00:41:43 +00:00
Jo-Philipp Wich
23eaea57ad uhttpd: remove some dead code
SVN-Revision: 32028
2012-06-02 15:08:54 +00:00
Jo-Philipp Wich
2cf72776d8 uhttpd: add explicit stdin eof notification for Lua and CGI childs
SVN-Revision: 32027
2012-06-02 14:56:24 +00:00
Jo-Philipp Wich
5aefe3b277 uhttpd: fix wrongly applied sizeof() leading to writing beyound end of buffer and subsequent data corruption (#11557)
SVN-Revision: 32005
2012-05-30 15:30:07 +00:00
Jo-Philipp Wich
022fa36b40 uhttpd: - rewrite large parts of the server, use uloop event driven structure - support concurrent requests and make the upper limit configurable - implement initial version of HTTP-to-ubus JSON proxy and session.* namespace - add compile time support for debug information - code style changes - bump package revision
SVN-Revision: 31931
2012-05-28 00:52:24 +00:00
Jo-Philipp Wich
8e9d914343 uhttpd: display errors in init script, code formatting changes, bump package version
SVN-Revision: 31572
2012-05-03 17:19:22 +00:00
Jo-Philipp Wich
54b34ccbc5 uhttpd: added uhttpd.docroot
Passes the document-root to the Lua handler by placing it in uhttpd.docroot.

It could alternatively be placed in env.DOCUMENT_ROOT which would more closely
resemble the CGI protocol; but would mean that it is not available at the time
when the handler-chunk is loaded but rather not until the handler is called,
without any code savings.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31571
2012-05-03 17:19:20 +00:00
Jo-Philipp Wich
bcd8d530d1 Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p

Here is the corrected patch.

-- David

From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.

* uh_urlencode() and uh_urldecode() now return an error condition for
  buffer-overflow and malformed-encoding rather than normal return with corrupt
  or truncated data.  As HTTP request processing is currently implemented, this
  causes a 404 HTTP status returned to the client, while 400 is more
  appropriate.

* Exposed urlencode() to Lua.

* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
  buffer-overflow and malformed-encoding rather than normal return with
  incorrect data.

SVN-Revision: 31570
2016-03-20 20:05:13 +01:00
Jo-Philipp Wich
2bfb1e012a uhttpd URL-codec bug fixes.
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
  input-buffer index against output-buffer length].  In reality, this would not
  typically cause an overflow on decode, where the output string would be
  expected to be shorter than the input string; and uh_urlencode() seems to have
  been unreferenced in the source.

* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
  input-string.  While this could manifest in C code, the result was most
  egregious when called from Lua, where it caused an extra null byte to be
  embedded at the end of the output string.

* uh_urlencode() cleanup: removed redundant bitwise-and.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich
80307216f2 uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich
8533636d2d uhttpd: cope with variable number of spaces in header lines (#11079)
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich
44da6400cd uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Jo-Philipp Wich
fcea88e3b5 uhttpd: fix Makefiles and linking of tls plugin
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich
3d035a6f6a uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich
32ae896d00 uhttpd: fix bad pointer use in previous commit
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich
12bbe8b2af uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich
a6c02f8912 uhttpd: properly match mimetype entries which cover the whole filename (#8236)
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich
7fce085a97 uhttpd: add "application/x-ns-proxy-autoconfig" mime type (#8236)
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich
6576d110d2 uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich
53a5beaca8 uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Jo-Philipp Wich
3b3e5b7a49 uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich
f38a320e69 uhttpd: protect tcp receive operations with select, make tcp keep-alive optional (#8272)
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich
f5b3f741ce uhttpd: allow lowercase http header fields (#8513)
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich
5931a158a4 uhttpd: redirect to same location with trailing slash appended if directories are requested
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich
fa644368ed uhttpd: make it work without shadow password support
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich
817566a5be uhttpd: revert unrelated change in previous commit
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich
88db961cf0 uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich
70dff7070e uhttpd: break tight loop when receiving eof during header reading (#7904)
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich
93c38f2b86 uhttpd: fix segfault triggered by Basic Auth checking
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich
cbdeb30a1b uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich
f2b534d341 uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich
4847198093 uhttpd: fix segmentation fault triggered by invalid header line
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich
2d175dcdce uhttpd: - abort file serving if client connection is lost (#7742) - don't send bad request headers twice
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich
3d99f03082 uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich
b688fcaa5c uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich
585ffa4941 uhttpd: - fix incorrect parsing of multiple listen options (#7458) - support PEM certificates for SSL
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00
Jo-Philipp Wich
3df8df720a uhttpd: - ignore authentication realms that refer to user accounts with no password set yet (X-Wrt compatibility) - fix off-by-one in CGI header parsing, fixes cgi programs that emit bad header lines (AsteriskGUI compatibility) - bump version
SVN-Revision: 21121
2010-04-24 11:07:41 +00:00
Jo-Philipp Wich
14428874ae uhttpd: fix bug in path canonization introduced by r20883
SVN-Revision: 20885
2010-04-15 20:08:56 +00:00
Jo-Philipp Wich
20ef055c2f uhttpd: - make network timeout configurable, increase default to 30 seconds (#7067) - follow symlinks in docroot and add option to disable that - fix mimetype detection for files with combined extensions (.tar.gz, ...)
SVN-Revision: 20883
2010-04-15 19:46:35 +00:00
Jo-Philipp Wich
a0a6400034 uhttpd: - cope with options instead of lists in uci config - fix compilation without tls (#7050) - bump to rev 7
SVN-Revision: 20668
2010-04-03 13:09:10 +00:00
Jo-Philipp Wich
b95360d5bc uhttpd: fix a signal related race condition exposed by LuCI on fast machines
SVN-Revision: 20573
2010-03-29 09:26:02 +00:00
Jo-Philipp Wich
4bc74807e4 uhttpd: fix parameter parsing issue on avr32 and most likely ixp4xx
SVN-Revision: 20532
2010-03-28 02:35:45 +00:00
Jo-Philipp Wich
4172149f89 uhttpd: block SIGCHLD until it is expected (#6957)
SVN-Revision: 20513
2010-03-27 14:31:35 +00:00
Jo-Philipp Wich
161325ac4f uhttpd: clear script timeout as soon as data is received from the child
SVN-Revision: 20501
2010-03-27 01:47:36 +00:00
Jo-Philipp Wich
8c9b818a24 uhttpd: - make script timeout configurable - catch SIGCHLD to properly interrupt select() - flag listen and client sockets as close-on-exec
SVN-Revision: 20500
2010-03-27 00:00:33 +00:00