Add mini_httpd package

SVN-Revision: 1267
This commit is contained in:
Nicolas Thill 2005-06-17 06:22:46 +00:00
parent 3d9b378c36
commit 4779c70fe8
13 changed files with 797 additions and 0 deletions

View file

@ -48,6 +48,7 @@ source "package/kismet/Config.in"
source "package/l2tpd/Config.in"
source "package/lighttpd/Config.in"
source "package/maradns/Config.in"
source "package/mini_httpd/Config.in"
source "package/ndisc/Config.in"
source "package/net-snmp/Config.in"
source "package/nfs-server/Config.in"

View file

@ -62,6 +62,7 @@ package-$(BR2_PACKAGE_MARADNS) += maradns
package-$(BR2_PACKAGE_MATRIXSSL) += matrixssl
package-$(BR2_PACKAGE_MICROCOM) += microcom
package-$(BR2_PACKAGE_MICROPERL) += microperl
package-$(BR2_PACKAGE_MINI_HTTPD) += mini_httpd
package-$(BR2_PACKAGE_MONIT) += monit
package-$(BR2_PACKAGE_MYSQL) += mysql
package-$(BR2_PACKAGE_NCURSES) += ncurses
@ -149,6 +150,7 @@ libgd-compile: libpng-compile
libnet-compile: libpcap-compile
libnids-compile: libnet-compile
lighttpd-compile: openssl-compile pcre-compile
mini_httpd-compile: matrixssl-compile
mysql-compile: ncurses-compile zlib-compile
net-snmp-compile: libelf-compile
nfs-server-compile: portmap-compile

View file

@ -0,0 +1,24 @@
config BR2_PACKAGE_MINI_HTTPD
tristate "mini-httpd - A small web server"
default m if CONFIG_DEVEL
help
mini_httpd is a small HTTP server. Its performance is not great, but for
low or medium traffic sites it's quite adequate. It implements all the
basic features of an HTTP server, including:
* GET, HEAD, and POST methods.
* CGI.
* Basic authentication.
* Security against ".." filename snooping.
* The common MIME types.
* Trailing-slash redirection.
* index.html, index.htm, index.cgi
* Directory listings.
* Multihoming / virtual hosting.
* Standard logging.
* Custom error pages.
It can also be configured to do SSL/HTTPS and IPv6.
http://www.acme.com/software/mini_httpd/

View file

@ -0,0 +1,45 @@
# $Id$
include $(TOPDIR)/rules.mk
PKG_NAME:=mini-httpd
PKG_VERSION:=1.19
PKG_RELEASE:=1
PKG_MD5SUM:=792a529dfe974355aad8ba6c80e54e7a
PKG_SOURCE_URL:=http://www.acme.com/software/mini_httpd/
PKG_SOURCE:=mini_httpd-$(PKG_VERSION).tar.gz
PKG_CAT:=zcat
PKG_BUILD_DIR:=$(BUILD_DIR)/mini_httpd-$(PKG_VERSION)
include $(TOPDIR)/package/rules.mk
$(eval $(call PKG_template,MINI_HTTPD,mini-httpd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
$(PKG_BUILD_DIR)/.configured:
cp -f ./files/matrixssl_helper.{c,h} $(PKG_BUILD_DIR)/
touch $@
$(PKG_BUILD_DIR)/.built:
$(MAKE) -C $(PKG_BUILD_DIR) \
CC=$(TARGET_CC) \
OFLAGS="$(TARGET_CFLAGS)" \
SSL_INC="-I$(STAGING_DIR)/usr/include" \
SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lmatrixssl" \
all
touch $@
$(IPKG_MINI_HTTPD):
install -d -m0755 $(IDIR_MINI_HTTPD)/etc
install -m0644 ./files/mini_httpd.conf $(IDIR_MINI_HTTPD)/etc/
install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD)/etc/
install -d -m0755 $(IDIR_MINI_HTTPD)/etc/default
install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD)/etc/default/mini_httpd
install -d -m0755 $(IDIR_MINI_HTTPD)/etc/init.d
install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD)/etc/init.d/mini_httpd
install -d -m0755 $(IDIR_MINI_HTTPD)/usr/sbin
install -m0755 $(PKG_BUILD_DIR)/mini_httpd $(IDIR_MINI_HTTPD)/usr/sbin/
$(RSTRIP) $(IDIR_MINI_HTTPD)
$(IPKG_BUILD) $(IDIR_MINI_HTTPD) $(PACKAGE_DIR)

View file

@ -0,0 +1,455 @@
/*
* MatrixSSL helper functions
*
* Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* Portions borrowed from MatrixSSL example code
*
*/
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include "matrixssl_helper.h"
#define SSL_SOCKET_EOF 0x0001
#define SSL_SOCKET_CLOSE_NOTIFY 0x0002
#define min(a, b) ( (a) < (b) ) ? (a) : (b)
static int _ssl_read(SSL *ssl, char *buf, int len);
static int _ssl_write(SSL *ssl, char *buf, int len);
static void _ssl_setSocketBlock(int fd);
static void _ssl_setSocketNonblock(int fd);
static void _ssl_closeSocket(int fd);
SSL * SSL_new(sslKeys_t *keys)
{
SSL * ssl;
ssl = (SSL *)malloc(sizeof(SSL));
if (!ssl) return 0;
ssl->keys = keys;
if ( matrixSslNewSession(&(ssl->ssl), ssl->keys, NULL, SSL_FLAGS_SERVER) < 0 ) {
}
ssl->insock.size = 1024;
ssl->insock.buf = ssl->insock.start = ssl->insock.end =
(unsigned char *)malloc(ssl->insock.size);
ssl->outsock.size = 1024;
ssl->outsock.buf = ssl->outsock.start = ssl->outsock.end =
(unsigned char *)malloc(ssl->outsock.size);
ssl->inbuf.size = 0;
ssl->inbuf.buf = ssl->inbuf.start = ssl->inbuf.end = NULL;
return ssl;
}
int SSL_accept(SSL *ssl) {
unsigned char buf[1024];
int status, rc;
readMore:
rc = _ssl_read(ssl, buf, sizeof(buf));
if (rc == 0) {
if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
SSL_free(ssl);
return -1;
}
if (matrixSslHandshakeIsComplete(ssl->ssl) == 0) {
goto readMore;
}
} else if (rc > 0) {
return 0;
} else {
SSL_free(ssl);
return -1;
}
return 1;
}
void SSL_set_fd(SSL *ssl, int fd) {
ssl->fd = fd;
}
int SSL_read(SSL *ssl, char *buf, int len) {
int rc;
readMore:
rc = _ssl_read(ssl, buf, len);
if (rc <= 0) {
if (rc < 0 || ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
_ssl_closeSocket(ssl->fd);
return rc;
}
goto readMore;
}
return rc;
}
int SSL_write(SSL *ssl, char *buf, int len) {
int rc;
writeMore:
rc = _ssl_write(ssl, buf, len);
if (rc <= 0) {
if (rc < 0) {
return rc;
}
goto writeMore;
}
return rc;
}
void SSL_free(SSL * ssl)
{
matrixSslDeleteSession(ssl->ssl);
if (ssl->insock.buf) {
free(ssl->insock.buf);
}
if (ssl->outsock.buf) {
free(ssl->outsock.buf);
}
if (ssl->inbuf.buf) {
free(ssl->inbuf.buf);
}
free(ssl);
}
static void _ssl_setSocketBlock(int fd)
{
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK);
fcntl(fd, F_SETFD, FD_CLOEXEC);
}
static void _ssl_setSocketNonblock(int fd)
{
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
}
static void _ssl_closeSocket(int fd)
{
char buf[32];
if (fd != -1) {
_ssl_setSocketNonblock(fd);
if (shutdown(fd, 1) >= 0) {
while (recv(fd, buf, sizeof(buf), 0) > 0);
}
close(fd);
}
}
static int _ssl_read(SSL *ssl, char *buf, int len)
{
int bytes, rc, remaining;
unsigned char error, alertLevel, alertDescription, performRead;
ssl->status = 0;
if (ssl->ssl == NULL || len <= 0) {
return -1;
}
/*
If inbuf is valid, then we have previously decoded data that must be
returned, return as much as possible. Once all buffered data is
returned, free the inbuf.
*/
if (ssl->inbuf.buf) {
if (ssl->inbuf.start < ssl->inbuf.end) {
remaining = (int)(ssl->inbuf.end - ssl->inbuf.start);
bytes = (int)min(len, remaining);
memcpy(buf, ssl->inbuf.start, bytes);
ssl->inbuf.start += bytes;
return bytes;
}
free(ssl->inbuf.buf);
ssl->inbuf.buf = NULL;
}
/*
Pack the buffered socket data (if any) so that start is at zero.
*/
if (ssl->insock.buf < ssl->insock.start) {
if (ssl->insock.start == ssl->insock.end) {
ssl->insock.start = ssl->insock.end = ssl->insock.buf;
} else {
memmove(ssl->insock.buf, ssl->insock.start, ssl->insock.end - ssl->insock.start);
ssl->insock.end -= (ssl->insock.start - ssl->insock.buf);
ssl->insock.start = ssl->insock.buf;
}
}
/*
Read up to as many bytes as there are remaining in the buffer. We could
Have encrypted data already cached in conn->insock, but might as well read more
if we can.
*/
performRead = 0;
readMore:
if (ssl->insock.end == ssl->insock.start || performRead) {
performRead = 1;
bytes = recv(ssl->fd, (char *)ssl->insock.end,
(int)((ssl->insock.buf + ssl->insock.size) - ssl->insock.end), MSG_NOSIGNAL);
if (bytes == -1) {
ssl->status = errno;
return -1;
}
if (bytes == 0) {
ssl->status = SSL_SOCKET_EOF;
return 0;
}
ssl->insock.end += bytes;
}
/*
Define a temporary sslBuf
*/
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = (unsigned char *)malloc(len);
ssl->inbuf.size = len;
/*
Decode the data we just read from the socket
*/
decodeMore:
error = 0;
alertLevel = 0;
alertDescription = 0;
rc = matrixSslDecode(ssl->ssl, &ssl->insock, &ssl->inbuf, &error, &alertLevel,
&alertDescription);
switch (rc) {
/*
Successfully decoded a record that did not return data or require a response.
*/
case SSL_SUCCESS:
return 0;
/*
Successfully decoded an application data record, and placed in tmp buf
*/
case SSL_PROCESS_DATA:
/*
Copy as much as we can from the temp buffer into the caller's buffer
and leave the remainder in conn->inbuf until the next call to read
It is possible that len > data in buffer if the encoded record
was longer than len, but the decoded record isn't!
*/
rc = (int)(ssl->inbuf.end - ssl->inbuf.start);
rc = min(rc, len);
memcpy(buf, ssl->inbuf.start, rc);
ssl->inbuf.start += rc;
return rc;
/*
We've decoded a record that requires a response into tmp
If there is no data to be flushed in the out buffer, we can write out
the contents of the tmp buffer. Otherwise, we need to append the data
to the outgoing data buffer and flush it out.
*/
case SSL_SEND_RESPONSE:
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
if (bytes == -1) {
ssl->status = errno;
if (ssl->status != EAGAIN) {
goto readError;
}
ssl->status = 0;
}
ssl->inbuf.start += bytes;
if (ssl->inbuf.start < ssl->inbuf.end) {
/*
This must be a non-blocking socket since it didn't all get sent
out and there was no error. We want to finish the send here
simply because we are likely in the SSL handshake.
*/
_ssl_setSocketBlock(ssl->fd);
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
if (bytes == -1) {
ssl->status = errno;
goto readError;
}
ssl->inbuf.start += bytes;
/*
Can safely set back to non-blocking because we wouldn't
have got here if this socket wasn't non-blocking to begin with.
*/
_ssl_setSocketNonblock(ssl->fd);
}
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf;
return 0;
/*
There was an error decoding the data, or encoding the out buffer.
There may be a response data in the out buffer, so try to send.
We try a single hail-mary send of the data, and then close the socket.
Since we're closing on error, we don't worry too much about a clean flush.
*/
case SSL_ERROR:
if (ssl->inbuf.start < ssl->inbuf.end) {
_ssl_setSocketNonblock(ssl->fd);
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
}
goto readError;
/*
We've decoded an alert. The level and description passed into
matrixSslDecode are filled in with the specifics.
*/
case SSL_ALERT:
if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) {
ssl->status = SSL_SOCKET_CLOSE_NOTIFY;
goto readZero;
}
goto readError;
/*
We have a partial record, we need to read more data off the socket.
If we have a completely full conn->insock buffer, we'll need to grow it
here so that we CAN read more data when called the next time.
*/
case SSL_PARTIAL:
if (ssl->insock.start == ssl->insock.buf && ssl->insock.end ==
(ssl->insock.buf + ssl->insock.size)) {
if (ssl->insock.size > SSL_MAX_BUF_SIZE) {
goto readError;
}
ssl->insock.size *= 2;
ssl->insock.start = ssl->insock.buf =
(unsigned char *)realloc(ssl->insock.buf, ssl->insock.size);
ssl->insock.end = ssl->insock.buf + (ssl->insock.size / 2);
}
if (!performRead) {
performRead = 1;
free(ssl->inbuf.buf);
ssl->inbuf.buf = NULL;
goto readMore;
} else {
goto readZero;
}
/*
The out buffer is too small to fit the decoded or response
data. Increase the size of the buffer and call decode again
*/
case SSL_FULL:
ssl->inbuf.size *= 2;
if (ssl->inbuf.buf != (unsigned char*)buf) {
free(ssl->inbuf.buf);
ssl->inbuf.buf = NULL;
}
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf =
(unsigned char *)malloc(ssl->inbuf.size);
goto decodeMore;
}
/*
We consolidated some of the returns here because we must ensure
that conn->inbuf is cleared if pointing at caller's buffer, otherwise
it will be freed later on.
*/
readZero:
if (ssl->inbuf.buf == (unsigned char*)buf) {
ssl->inbuf.buf = NULL;
}
return 0;
readError:
if (ssl->inbuf.buf == (unsigned char*)buf) {
ssl->inbuf.buf = NULL;
}
return -1;
}
int _ssl_write(SSL *ssl, char *buf, int len)
{
int rc;
ssl->status = 0;
/*
Pack the buffered socket data (if any) so that start is at zero.
*/
if (ssl->outsock.buf < ssl->outsock.start) {
if (ssl->outsock.start == ssl->outsock.end) {
ssl->outsock.start = ssl->outsock.end = ssl->outsock.buf;
} else {
memmove(ssl->outsock.buf, ssl->outsock.start, ssl->outsock.end - ssl->outsock.start);
ssl->outsock.end -= (ssl->outsock.start - ssl->outsock.buf);
ssl->outsock.start = ssl->outsock.buf;
}
}
/*
If there is buffered output data, the caller must be trying to
send the same amount of data as last time. We don't support
sending additional data until the original buffered request has
been completely sent.
*/
if (ssl->outBufferCount > 0 && len != ssl->outBufferCount) {
return -1;
}
/*
If we don't have buffered data, encode the caller's data
*/
if (ssl->outBufferCount == 0) {
retryEncode:
rc = matrixSslEncode(ssl->ssl, (unsigned char *)buf, len, &ssl->outsock);
switch (rc) {
case SSL_ERROR:
return -1;
case SSL_FULL:
if (ssl->outsock.size > SSL_MAX_BUF_SIZE) {
return -1;
}
ssl->outsock.size *= 2;
ssl->outsock.buf =
(unsigned char *)realloc(ssl->outsock.buf, ssl->outsock.size);
ssl->outsock.end = ssl->outsock.buf + (ssl->outsock.end - ssl->outsock.start);
ssl->outsock.start = ssl->outsock.buf;
goto retryEncode;
}
}
/*
We've got data to send.
*/
rc = send(ssl->fd, (char *)ssl->outsock.start,
(int)(ssl->outsock.end - ssl->outsock.start), MSG_NOSIGNAL);
if (rc == -1) {
ssl->status = errno;
return -1;
}
ssl->outsock.start += rc;
/*
If we wrote it all return the length, otherwise remember the number of
bytes passed in, and return 0 to be called again later.
*/
if (ssl->outsock.start == ssl->outsock.end) {
ssl->outBufferCount = 0;
return len;
}
ssl->outBufferCount = len;
return 0;
}

View file

@ -0,0 +1,39 @@
/*
* MatrixSSL helper functions
*
* Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#ifndef __MATRIXSSL_HELPER_H__
#define __MATRIXSSL_HELPER_H__
#include <matrixSsl/matrixSsl.h>
typedef struct __SSL {
int fd;
ssl_t *ssl;
sslKeys_t *keys;
sslBuf_t insock, outsock, inbuf;
int outBufferCount;
int partial;
int status;
} SSL;
SSL * SSL_new(sslKeys_t *keys);
void SSL_set_fd(SSL *ssl, int fd);
int SSL_accept(SSL *ssl);
int SSL_read(SSL *ssl, char *b, int len);
int SSL_write(SSL *ssl, char *buf, int len);
void SSL_free(SSL *ssl);
#endif /* __MATRIXSSL_HELPER_H__ */

View file

@ -0,0 +1,7 @@
cgipat=cgi-bin/*
dir=/www
nochroot
pidfile=/var/run/mini_httpd.pid
user=root
ssl
certfile=/etc/mini_httpd.pem

View file

@ -0,0 +1 @@
OPTIONS="-C /etc/mini_httpd.conf"

View file

@ -0,0 +1,21 @@
#!/bin/sh
DEFAULT=/etc/default/mini_httpd
RUN_D=/var/run
PID_F=$RUN_D/mini_httpd.pid
[ -f $DEFAULT ] && . $DEFAULT
case $1 in
start)
[ -d $RUN_D ] || mkdir -p $RUN_D
mini_httpd $OPTIONS
;;
stop)
[ -f $PID_F ] && kill $(cat $PID_F)
;;
*)
echo "usage: $0 (start|stop)"
exit 1
esac
exit $?

View file

@ -0,0 +1,29 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQC5rFJOQakwMmF9aoVnAXaQLOOPoYOEk19/ls9VZt1ZqfzQuTbG
GGrgMIDclB0kHMFvSbzeiVjMnrSdQTNe1gOQAGtHhHiqugrLqH9m3wqOerbf/Yir
hic9U6X9RaWC6BzNgcYU1QtPn1sDtbMNFAB6jzF3W76EIlHEobgMtfqtxwIDAQAB
AoGBAKJst9eToyDxgc1ICQlSA1kem7eDUF0C2xDvadLI2KxegzZIQD1NEPmsFJ5h
x5hWu3TSabG3LwJZd6D1b63vxE6QRMhcDG3idb7kXzhOOZyfnlnrBtJ3VJC/UH5H
O1pMMBxcu2fXrua+h7BW0gMoZhchvsArDoWaZPjNUNHiNRYBAkEA3Ngnge7njqlf
/UlLkQHHfxgorQ78GjOzrrUvz86pFtW8RKCjAv55HIqAhWrSgxWF4yXkPO2XOHC9
KTeVKccjAQJBANc63r3M3yP817cPzyo/8BJQD9nAzmolrsBf1YMxML20UmEbObax
QdmxoYu/a8tOD4gT6EZDkauJU0yS69HGeMcCQQCvRmbkuuXQ1iC29+sfpVfeSSBP
aaswaIRdTrQprA2LcAtCNHPsNmeM/WfPe96j5vsiMrqYmMECLIgVJGYgiEoBAkEA
kzg1e+ZTC667bwBlWCT79crFzNDRYFH+QqBKz74p9NkPMFULGSgOPvX95jU9aocu
oInda5J0Zb09OTeWDpuPqQJAUIeY36WUst7NaW40mZXkMjjR2QtWi7P4cmv7nLp0
WdPQzkUW1Bv4sSUQ7svQqpmZPaFiyhXL1VSa1M5MPd3tbA==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICOTCCAaKgAwIBAgIJANRuTbnzy8ObMA0GCSqGSIb3DQEBBAUAMFMxCzAJBgNV
BAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoT
B015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRlcjAeFw0wNTAxMTQwMjQzMjdaFw0w
NjAxMTQwMjQzMjdaMFMxCzAJBgNVBAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwG
A1UEBxMFUGFyaXMxEDAOBgNVBAoTB015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRl
cjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuaxSTkGpMDJhfWqFZwF2kCzj
j6GDhJNff5bPVWbdWan80Lk2xhhq4DCA3JQdJBzBb0m83olYzJ60nUEzXtYDkABr
R4R4qroKy6h/Zt8Kjnq23/2Iq4YnPVOl/UWlgugczYHGFNULT59bA7WzDRQAeo8x
d1u+hCJRxKG4DLX6rccCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqG
SIb3DQEBBAUAA4GBAErI3QmcZVzjxKcoPTO3z8cRJV87SVFp0qbIjbYCBDUWB1QY
/bMkQPr2zJyfJmUYLEs4iKgHrmlaUCMHy9NZKOg9ZxrW42BtQ5QnOtDm3UifwzJW
oCFC3uPWfTYsZn/FrUXlErds+xXXT63VJzBe6DdXwHcdcdxzl05oIyL9JIzI
-----END CERTIFICATE-----

View file

@ -0,0 +1,3 @@
/etc/default/mini_httpd
/etc/mini_httpd.conf
/etc/mini_httpd.pem

View file

@ -0,0 +1,9 @@
Package: mini-httpd
Priority: optional
Section: net
Version: [TBDL]
Architecture: [TBDL]
Maintainer: OpenWrt Developers Team <bugs@openwrt.org>
Source: http://openwrt.org/cgi-bin/viewcvs.cgi/openwrt/package/mini_httpd/
Description: A small HTTP server, built with SSL support using MatrixSSL.
Depends: libmatrixssl

View file

@ -0,0 +1,161 @@
diff -ruN mini_httpd-1.19-orig/Makefile mini_httpd-1.19-3/Makefile
--- mini_httpd-1.19-orig/Makefile 2002-11-02 00:02:57.000000000 +0100
+++ mini_httpd-1.19-3/Makefile 2005-03-09 08:52:21.000000000 +0100
@@ -14,17 +14,30 @@
# http://www.openssl.org/ Make sure the SSL_TREE definition points to the
# tree with your OpenSSL installation - depending on how you installed it,
# it may be in /usr/local instead of /usr/local/ssl.
+
+# OpenSSL
#SSL_TREE = /usr/local/ssl
#SSL_DEFS = -DUSE_SSL
#SSL_INC = -I${SSL_TREE}/include
#SSL_LIBS = -L${SSL_TREE}/lib -lssl -lcrypto
+#SSL_OBJS =
+
+# MatrixSSL
+SSL_TREE =
+SSL_DEFS = -DUSE_SSL -DHAVE_MATRIXSSL
+SSL_INC =
+SSL_LIBS = -lmatrixssl
+SSL_OBJS = matrixssl_helper.o
-BINDIR = /usr/local/sbin
-MANDIR = /usr/local/man
+DESTDIR =
+
+BINDIR = $(DESTDIR)/usr/sbin
+MANDIR = $(DESTDIR)/usr/share/man
CC = gcc
CDEFS = ${SSL_DEFS} ${SSL_INC}
-CFLAGS = -O ${CDEFS}
+OFLAGS = -O
+CFLAGS = ${OFLAGS} ${CDEFS}
#CFLAGS = -g ${CDEFS}
-LDFLAGS = -s
+LDFLAGS =
#LDFLAGS = -g
@@ -32,12 +45,15 @@
all: mini_httpd htpasswd
-mini_httpd: mini_httpd.o match.o tdate_parse.o
- ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${LDLIBS} -o mini_httpd
+mini_httpd: mini_httpd.o match.o tdate_parse.o ${SSL_OBJS}
+ ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${SSL_OBJS} ${LDLIBS} -o mini_httpd
mini_httpd.o: mini_httpd.c version.h port.h match.h tdate_parse.h mime_encodings.h mime_types.h
${CC} ${CFLAGS} -c mini_httpd.c
+matrixssl_helper.o: matrixssl_helper.c
+ ${CC} ${CFLAGS} -c matrixssl_helper.c
+
match.o: match.c match.h
${CC} ${CFLAGS} -c match.c
@@ -71,16 +87,18 @@
chmod 600 mini_httpd.pem
-install: all
- rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
+install: all uninstall
-mkdir -p ${BINDIR}
cp mini_httpd htpasswd ${BINDIR}
- rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
-mkdir -p ${MANDIR}/man8
cp mini_httpd.8 ${MANDIR}/man8
-mkdir -p ${MANDIR}/man1
cp htpasswd.1 ${MANDIR}/man1
+uninstall:
+ rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
+ rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
+
clean:
rm -f mini_httpd mime_encodings.h mime_types.h htpasswd mini_httpd.rnd *.o core core.* *.core
diff -ruN mini_httpd-1.19-orig/mini_httpd.c mini_httpd-1.19-3/mini_httpd.c
--- mini_httpd-1.19-orig/mini_httpd.c 2003-12-03 19:27:22.000000000 +0100
+++ mini_httpd-1.19-3/mini_httpd.c 2005-03-09 08:46:28.000000000 +0100
@@ -66,8 +66,14 @@
#endif /* HAVE_SENDFILE */
#ifdef USE_SSL
+# ifdef HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
+# else /* HAVE_OPENSSL */
+# ifdef HAVE_MATRIXSSL
+# include "matrixssl_helper.h"
+# endif /* HAVE_MATRIXSSL */
+# endif /* HAVE_OPENSSL */
#endif /* USE_SSL */
extern char* crypt( const char* key, const char* setting );
@@ -193,7 +199,13 @@
static int do_ssl;
static char* certfile;
static char* cipher;
+#ifdef HAVE_OPENSSL
static SSL_CTX* ssl_ctx;
+#else /* HAVE_OPENSSL */
+ #ifdef HAVE_MATRIXSSL
+static sslKeys_t* keys;
+ #endif /* HAVE_MATRIXSSL */
+#endif /* HAVE_OPENSSL */
#endif /* USE_SSL */
static char cwd[MAXPATHLEN];
static int got_hup;
@@ -540,6 +552,7 @@
#ifdef USE_SSL
if ( do_ssl )
{
+# ifdef HAVE_OPENSSL
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
ssl_ctx = SSL_CTX_new( SSLv23_server_method() );
@@ -559,6 +572,17 @@
exit( 1 );
}
}
+# else /* HAVE_OPENSSL */
+# ifdef HAVE_MATRIXSSL
+ matrixSslOpen();
+ if ( matrixSslReadKeys( &keys, certfile, certfile, NULL, NULL < 0) )
+ {
+ syslog( LOG_CRIT, "can't load certificate and/or private key\n");
+ (void) fprintf( stderr, "%s: can't load certificate and/or private key\n", argv0 );
+ exit( 1 );
+ }
+# endif /* HAVE_MATRIXSSL */
+# endif /* HAVE_OPENSSL */
}
#endif /* USE_SSL */
@@ -1174,6 +1198,7 @@
#ifdef USE_SSL
if ( do_ssl )
{
+# ifdef HAVE_OPENSSL
ssl = SSL_new( ssl_ctx );
SSL_set_fd( ssl, conn_fd );
if ( SSL_accept( ssl ) == 0 )
@@ -1181,6 +1206,16 @@
ERR_print_errors_fp( stderr );
exit( 1 );
}
+# else /* HAVE_OPENSSL */
+# ifdef HAVE_MATRIXSSL
+ ssl = SSL_new(keys);
+ SSL_set_fd( ssl, conn_fd );
+ if ( SSL_accept( ssl ) <= 0 )
+ {
+ perror( "SSL_accept" );
+ }
+# endif /* HAVE_MATRIXSSL */
+# endif /* HAVE_OPENSSL */
}
#endif /* USE_SSL */