The NetBSD Project

CVS log for src/libexec/httpd/Makefile

[BACK] Up to [cvs.NetBSD.org] / src / libexec / httpd

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.29 / (download) - annotate - [select for diffs], Sat Jul 11 08:10:52 2020 UTC (6 months, 1 week ago) by jruoho
Branch: MAIN
CVS Tags: bozohttpd-20201014, bozohttpd-20200820, HEAD
Changes since 1.28: +4 -3 lines
Diff to previous 1.28 (colored)

Add blocklistd(8) support.

Revision 1.22.2.1.2.3 / (download) - annotate - [select for diffs], Sat Jun 15 15:57:32 2019 UTC (19 months ago) by martin
Branch: netbsd-7-0
Changes since 1.22.2.1.2.2: +4 -1 lines
Diff to previous 1.22.2.1.2.2 (colored) to branchpoint 1.22.2.1 (colored) next main 1.22.2.2 (colored)

Pull up the following revisions (via patch) requested by mrg in ticket #1699:

	libexec/httpd/CHANGES			1.31-1.40
	libexec/httpd/Makefile			1.28
	libexec/httpd/auth-bozo.c		1.23-1.24
	libexec/httpd/bozohttpd.8		1.75-1.79
	libexec/httpd/bozohttpd.c		1.100-1.113
	libexec/httpd/bozohttpd.h		1.58-1.60
	libexec/httpd/cgi-bozo.c		1.46-1.48
	libexec/httpd/daemon-bozo.c		1.20-1.21
	libexec/httpd/dir-index-bozo.c		1.29-1.32
	libexec/httpd/ssl-bozo.c		1.26
	libexec/httpd/testsuite/Makefile	1.12-1.13
	libexec/httpd/testsuite/t11.out 	1.2
	libexec/httpd/testsuite/test-bigfile	1.6
	libexec/httpd/testsuite/test-simple	1.6

Don't display special files in the directory index.  They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
  being added to the prior total.)
  however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s).  If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.

Revision 1.22.2.2.4.2 / (download) - annotate - [select for diffs], Sat Jun 15 15:56:21 2019 UTC (19 months ago) by martin
Branch: netbsd-7-1
Changes since 1.22.2.2.4.1: +4 -1 lines
Diff to previous 1.22.2.2.4.1 (colored) to branchpoint 1.22.2.2 (colored) next main 1.22.2.3 (colored)

Pull up the following revisions (via patch) requested by mrg in ticket #1699:

	libexec/httpd/CHANGES			1.31-1.40
	libexec/httpd/Makefile			1.28
	libexec/httpd/auth-bozo.c		1.23-1.24
	libexec/httpd/bozohttpd.8		1.75-1.79
	libexec/httpd/bozohttpd.c		1.100-1.113
	libexec/httpd/bozohttpd.h		1.58-1.60
	libexec/httpd/cgi-bozo.c		1.46-1.48
	libexec/httpd/daemon-bozo.c		1.20-1.21
	libexec/httpd/dir-index-bozo.c		1.29-1.32
	libexec/httpd/ssl-bozo.c		1.26
	libexec/httpd/testsuite/Makefile	1.12-1.13
	libexec/httpd/testsuite/t11.out 	1.2
	libexec/httpd/testsuite/test-bigfile	1.6
	libexec/httpd/testsuite/test-simple	1.6

Don't display special files in the directory index.  They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
  being added to the prior total.)
  however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s).  If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.

Revision 1.22.2.4 / (download) - annotate - [select for diffs], Sat Jun 15 15:54:58 2019 UTC (19 months ago) by martin
Branch: netbsd-7
Changes since 1.22.2.3: +4 -1 lines
Diff to previous 1.22.2.3 (colored) to branchpoint 1.22 (colored) next main 1.23 (colored)

Pull up the following revisions (via patch) requested by mrg in ticket #1699:

	libexec/httpd/CHANGES			1.31-1.40
	libexec/httpd/Makefile			1.28
	libexec/httpd/auth-bozo.c		1.23-1.24
	libexec/httpd/bozohttpd.8		1.75-1.79
	libexec/httpd/bozohttpd.c		1.100-1.113
	libexec/httpd/bozohttpd.h		1.58-1.60
	libexec/httpd/cgi-bozo.c		1.46-1.48
	libexec/httpd/daemon-bozo.c		1.20-1.21
	libexec/httpd/dir-index-bozo.c		1.29-1.32
	libexec/httpd/ssl-bozo.c		1.26
	libexec/httpd/testsuite/Makefile	1.12-1.13
	libexec/httpd/testsuite/t11.out 	1.2
	libexec/httpd/testsuite/test-bigfile	1.6
	libexec/httpd/testsuite/test-simple	1.6

Don't display special files in the directory index.  They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
  being added to the prior total.)
  however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s).  If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.

Revision 1.27.2.1 / (download) - annotate - [select for diffs], Wed Jun 12 10:32:00 2019 UTC (19 months, 1 week ago) by martin
Branch: netbsd-8
CVS Tags: netbsd-8-2-RELEASE
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored) next main 1.28 (colored)

Pull up the following revisions (via patch) requested by mrg in ticket #1281:

	libexec/httpd/CHANGES			1.31-1.40
	libexec/httpd/Makefile			1.28
	libexec/httpd/auth-bozo.c		1.23-1.24
	libexec/httpd/bozohttpd.8		1.75-1.79
	libexec/httpd/bozohttpd.c		1.100-1.113
	libexec/httpd/bozohttpd.h		1.58-1.60
	libexec/httpd/cgi-bozo.c		1.46-1.48
	libexec/httpd/daemon-bozo.c		1.20-1.21
	libexec/httpd/dir-index-bozo.c		1.29-1.32
	libexec/httpd/ssl-bozo.c		1.26
	libexec/httpd/testsuite/Makefile	1.12-1.13
	libexec/httpd/testsuite/t11.out		1.2
	libexec/httpd/testsuite/test-bigfile	1.6
	libexec/httpd/testsuite/test-simple	1.6


Don't display special files in the directory index.  They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
  being added to the prior total.)
  however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s).  If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.

Revision 1.27.10.1 / (download) - annotate - [select for diffs], Mon Jun 10 22:05:29 2019 UTC (19 months, 1 week ago) by christos
Branch: phil-wifi
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored) next main 1.28 (colored)

Sync with HEAD

Revision 1.27.8.1 / (download) - annotate - [select for diffs], Fri Jan 18 08:50:11 2019 UTC (2 years ago) by pgoyette
Branch: pgoyette-compat
CVS Tags: pgoyette-compat-merge-20190127
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored) next main 1.28 (colored)

Synch with HEAD

Revision 1.28 / (download) - annotate - [select for diffs], Thu Jan 17 07:39:00 2019 UTC (2 years ago) by mrg
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, phil-wifi-20190609, pgoyette-compat-20190127, pgoyette-compat-20190118, netbsd-9-base, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-9, is-mlppp-base, is-mlppp, bozohttpd-20190228
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored)

add 'check' target to toplevel makefile.

fix the t11.out output now that CGI parsing works better.

Revision 1.22.2.1.2.2 / (download) - annotate - [select for diffs], Sat Nov 24 17:23:47 2018 UTC (2 years, 1 month ago) by martin
Branch: netbsd-7-0
Changes since 1.22.2.1.2.1: +1 -11 lines
Diff to previous 1.22.2.1.2.1 (colored) to branchpoint 1.22.2.1 (colored)

Sync to HEAD (requested by mrg in ticket #1655):

	libexec/httpd/testsuite/data/.bzremap           up to 1.1
	libexec/httpd/testsuite/t12.out                 up to 1.1
	libexec/httpd/testsuite/t12.in                  up to 1.1
	libexec/httpd/testsuite/t13.out                 up to 1.1
	libexec/httpd/testsuite/t13.in                  up to 1.1
	libexec/httpd/testsuite/t14.out                 up to 1.1
	libexec/httpd/testsuite/t14.in                  up to 1.1
	libexec/httpd/testsuite/t15.out                 up to 1.1
	libexec/httpd/testsuite/t15.in                  up to 1.1
	libexec/httpd/CHANGES                           up to 1.28
	libexec/httpd/Makefile                          up to 1.27
	libexec/httpd/auth-bozo.c                       up to 1.22
	libexec/httpd/bozohttpd.8                       up to 1.74
	libexec/httpd/bozohttpd.c                       up to 1.96
	libexec/httpd/bozohttpd.h                       up to 1.56
	libexec/httpd/cgi-bozo.c                        up to 1.44
	libexec/httpd/content-bozo.c                    up to 1.16
	libexec/httpd/daemon-bozo.c                     up to 1.19
	libexec/httpd/dir-index-bozo.c                  up to 1.28
	libexec/httpd/lua-bozo.c                        up to 1.15
	libexec/httpd/main.c                            up to 1.21
	libexec/httpd/ssl-bozo.c                        up to 1.25
	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
	libexec/httpd/libbozohttpd/Makefile             up to 1.3
	libexec/httpd/lua/bozo.lua                      up to 1.3
	libexec/httpd/lua/glue.c                        up to 1.5
	libexec/httpd/lua/optparse.lua                  up to 1.2
	libexec/httpd/testsuite/Makefile                up to 1.11
	libexec/httpd/testsuite/html_cmp                up to 1.6
	libexec/httpd/testsuite/t3.out                  up to 1.4
	libexec/httpd/testsuite/t5.out                  up to 1.4
	libexec/httpd/testsuite/t6.out                  up to 1.4
	libexec/httpd/testsuite/test-bigfile            up to 1.5
	libexec/httpd/testsuite/test-simple             up to 1.5

Cosmetic changes to Lua binding in bozohttpd.

- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
  doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
  manual. Those functions may throw (longjump) and leak data allocated
  by C function. In one case, I use luaL_Buffer, in the other case,
  I rearranged calls a bit.


fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
thanks!


s/u_int/unsigned/.

from Jan Danielsson.  increases/fixes portability.


PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.


Document script handler issues with httpd(8).
From martin@, addressing PR 52194.

While here, use American spelling consistently and upper-case some
abbreviations.

Bump date.


fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)


Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@


Bump date


Remove trailing whitespace.


use __func__ in debug().


fix a denial of service attack against header contents, which
is now bounded at 16KiB.  reported by JP.


avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.


note the changes present in bozohttpd 20181118:

o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
o  handle redirections for any protocol, not just http:
o  fix a denial of service attack against header contents, which
   is now bounded at 16KiB.  reported by JP.


from CHANGES:

o  reduce default timeouts, and add expand timeouts to handle the
   initial line, each header, and the total time spent
o  add -T option to expose new timeout settings
o  minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.

the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.

reject multiple Host: headers.  besides being protocol standard,
this closes one additional memory leak found by JP.  add a simple
test to check this.

clean up option and usage handling some.


move some #if support into bozohttpd.h.


fix previous: have_debug was reversed.


also fix have_dynamic_content from the previous previous.  re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.


- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
  bozo_check_special_files() so that all builds check the same
  list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
  "return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
  input types.  part of the fixes for failure to reject access
  to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
  and fix the failures to return failure.  second part of the
  htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.


two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate.  now 10000 byte files say 10kB not 9kB.


use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)


many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines


alpha sort the option switch.


add an assert() check on array bounds.


minor style fixes.  simplify bozo_match_content_map().

Revision 1.22.2.2.4.1 / (download) - annotate - [select for diffs], Sat Nov 24 17:23:20 2018 UTC (2 years, 1 month ago) by martin
Branch: netbsd-7-1
Changes since 1.22.2.2: +1 -11 lines
Diff to previous 1.22.2.2 (colored)

Sync to HEAD (requested by mrg in ticket #1655):

	libexec/httpd/testsuite/data/.bzremap           up to 1.1
	libexec/httpd/testsuite/t12.out                 up to 1.1
	libexec/httpd/testsuite/t12.in                  up to 1.1
	libexec/httpd/testsuite/t13.out                 up to 1.1
	libexec/httpd/testsuite/t13.in                  up to 1.1
	libexec/httpd/testsuite/t14.out                 up to 1.1
	libexec/httpd/testsuite/t14.in                  up to 1.1
	libexec/httpd/testsuite/t15.out                 up to 1.1
	libexec/httpd/testsuite/t15.in                  up to 1.1
	libexec/httpd/CHANGES                           up to 1.28
	libexec/httpd/Makefile                          up to 1.27
	libexec/httpd/auth-bozo.c                       up to 1.22
	libexec/httpd/bozohttpd.8                       up to 1.74
	libexec/httpd/bozohttpd.c                       up to 1.96
	libexec/httpd/bozohttpd.h                       up to 1.56
	libexec/httpd/cgi-bozo.c                        up to 1.44
	libexec/httpd/content-bozo.c                    up to 1.16
	libexec/httpd/daemon-bozo.c                     up to 1.19
	libexec/httpd/dir-index-bozo.c                  up to 1.28
	libexec/httpd/lua-bozo.c                        up to 1.15
	libexec/httpd/main.c                            up to 1.21
	libexec/httpd/ssl-bozo.c                        up to 1.25
	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
	libexec/httpd/libbozohttpd/Makefile             up to 1.3
	libexec/httpd/lua/bozo.lua                      up to 1.3
	libexec/httpd/lua/glue.c                        up to 1.5
	libexec/httpd/lua/optparse.lua                  up to 1.2
	libexec/httpd/testsuite/Makefile                up to 1.11
	libexec/httpd/testsuite/html_cmp                up to 1.6
	libexec/httpd/testsuite/t3.out                  up to 1.4
	libexec/httpd/testsuite/t5.out                  up to 1.4
	libexec/httpd/testsuite/t6.out                  up to 1.4
	libexec/httpd/testsuite/test-bigfile            up to 1.5
	libexec/httpd/testsuite/test-simple             up to 1.5

Cosmetic changes to Lua binding in bozohttpd.

- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
  doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
  manual. Those functions may throw (longjump) and leak data allocated
  by C function. In one case, I use luaL_Buffer, in the other case,
  I rearranged calls a bit.


fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
thanks!


s/u_int/unsigned/.

from Jan Danielsson.  increases/fixes portability.


PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.


Document script handler issues with httpd(8).
From martin@, addressing PR 52194.

While here, use American spelling consistently and upper-case some
abbreviations.

Bump date.


fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)


Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@


Bump date


Remove trailing whitespace.


use __func__ in debug().


fix a denial of service attack against header contents, which
is now bounded at 16KiB.  reported by JP.


avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.


note the changes present in bozohttpd 20181118:

o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
o  handle redirections for any protocol, not just http:
o  fix a denial of service attack against header contents, which
   is now bounded at 16KiB.  reported by JP.


from CHANGES:

o  reduce default timeouts, and add expand timeouts to handle the
   initial line, each header, and the total time spent
o  add -T option to expose new timeout settings
o  minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.

the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.

reject multiple Host: headers.  besides being protocol standard,
this closes one additional memory leak found by JP.  add a simple
test to check this.

clean up option and usage handling some.


move some #if support into bozohttpd.h.


fix previous: have_debug was reversed.


also fix have_dynamic_content from the previous previous.  re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.


- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
  bozo_check_special_files() so that all builds check the same
  list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
  "return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
  input types.  part of the fixes for failure to reject access
  to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
  and fix the failures to return failure.  second part of the
  htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.


two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate.  now 10000 byte files say 10kB not 9kB.


use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)


many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines


alpha sort the option switch.


add an assert() check on array bounds.


minor style fixes.  simplify bozo_match_content_map().

Revision 1.22.2.3 / (download) - annotate - [select for diffs], Sat Nov 24 17:22:57 2018 UTC (2 years, 1 month ago) by martin
Branch: netbsd-7
Changes since 1.22.2.2: +1 -11 lines
Diff to previous 1.22.2.2 (colored) to branchpoint 1.22 (colored)

Sync to HEAD (requested by mrg in ticket #1655):

	libexec/httpd/testsuite/data/.bzremap           up to 1.1
	libexec/httpd/testsuite/t12.out                 up to 1.1
	libexec/httpd/testsuite/t12.in                  up to 1.1
	libexec/httpd/testsuite/t13.out                 up to 1.1
	libexec/httpd/testsuite/t13.in                  up to 1.1
	libexec/httpd/testsuite/t14.out                 up to 1.1
	libexec/httpd/testsuite/t14.in                  up to 1.1
	libexec/httpd/testsuite/t15.out                 up to 1.1
	libexec/httpd/testsuite/t15.in                  up to 1.1
	libexec/httpd/CHANGES                           up to 1.28
	libexec/httpd/Makefile                          up to 1.27
	libexec/httpd/auth-bozo.c                       up to 1.22
	libexec/httpd/bozohttpd.8                       up to 1.74
	libexec/httpd/bozohttpd.c                       up to 1.96
	libexec/httpd/bozohttpd.h                       up to 1.56
	libexec/httpd/cgi-bozo.c                        up to 1.44
	libexec/httpd/content-bozo.c                    up to 1.16
	libexec/httpd/daemon-bozo.c                     up to 1.19
	libexec/httpd/dir-index-bozo.c                  up to 1.28
	libexec/httpd/lua-bozo.c                        up to 1.15
	libexec/httpd/main.c                            up to 1.21
	libexec/httpd/ssl-bozo.c                        up to 1.25
	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
	libexec/httpd/libbozohttpd/Makefile             up to 1.3
	libexec/httpd/lua/bozo.lua                      up to 1.3
	libexec/httpd/lua/glue.c                        up to 1.5
	libexec/httpd/lua/optparse.lua                  up to 1.2
	libexec/httpd/testsuite/Makefile                up to 1.11
	libexec/httpd/testsuite/html_cmp                up to 1.6
	libexec/httpd/testsuite/t3.out                  up to 1.4
	libexec/httpd/testsuite/t5.out                  up to 1.4
	libexec/httpd/testsuite/t6.out                  up to 1.4
	libexec/httpd/testsuite/test-bigfile            up to 1.5
	libexec/httpd/testsuite/test-simple             up to 1.5

Cosmetic changes to Lua binding in bozohttpd.

- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
  doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
  manual. Those functions may throw (longjump) and leak data allocated
  by C function. In one case, I use luaL_Buffer, in the other case,
  I rearranged calls a bit.


fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
thanks!


s/u_int/unsigned/.

from Jan Danielsson.  increases/fixes portability.


PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.


Document script handler issues with httpd(8).
From martin@, addressing PR 52194.

While here, use American spelling consistently and upper-case some
abbreviations.

Bump date.


fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)


Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@


Bump date


Remove trailing whitespace.


use __func__ in debug().


fix a denial of service attack against header contents, which
is now bounded at 16KiB.  reported by JP.


avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.


note the changes present in bozohttpd 20181118:

o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
o  handle redirections for any protocol, not just http:
o  fix a denial of service attack against header contents, which
   is now bounded at 16KiB.  reported by JP.


from CHANGES:

o  reduce default timeouts, and add expand timeouts to handle the
   initial line, each header, and the total time spent
o  add -T option to expose new timeout settings
o  minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.

the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.

reject multiple Host: headers.  besides being protocol standard,
this closes one additional memory leak found by JP.  add a simple
test to check this.

clean up option and usage handling some.


move some #if support into bozohttpd.h.


fix previous: have_debug was reversed.


also fix have_dynamic_content from the previous previous.  re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.


- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
  bozo_check_special_files() so that all builds check the same
  list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
  "return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
  input types.  part of the fixes for failure to reject access
  to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
  and fix the failures to return failure.  second part of the
  htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.


two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate.  now 10000 byte files say 10kB not 9kB.


use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)


many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines


alpha sort the option switch.


add an assert() check on array bounds.


minor style fixes.  simplify bozo_match_content_map().

Revision 1.27 / (download) - annotate - [select for diffs], Sun May 21 15:28:41 2017 UTC (3 years, 7 months ago) by riastradh
Branch: MAIN
CVS Tags: phil-wifi-base, pgoyette-compat-base, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-8-base, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, matt-nb8-mediatek-base, matt-nb8-mediatek, bozohttpd-20181125, bozohttpd-20181123, bozohttpd-20181121, bozohttpd-20181118
Branch point for: phil-wifi, pgoyette-compat, netbsd-8
Changes since 1.26: +1 -11 lines
Diff to previous 1.26 (colored)

Remove MKCRYPTO option.

Originally, MKCRYPTO was introduced because the United States
classified cryptography as a munition and restricted its export.  The
export controls were substantially relaxed fifteen years ago, and are
essentially irrelevant for software with published source code.

In the intervening time, nobody bothered to remove the option after
its motivation -- the US export restriction -- was eliminated.  I'm
not aware of any other operating system that has a similar option; I
expect it is mainly out of apathy for churn that we still have it.
Today, cryptography is an essential part of modern computing -- you
can't use the internet responsibly without cryptography.

The position of the TNF board of directors is that TNF makes no
representation that MKCRYPTO=no satisfies any country's cryptography
regulations.

My personal position is that the availability of cryptography is a
basic human right; that any local laws restricting it to a privileged
few are fundamentally immoral; and that it is wrong for developers to
spend effort crippling cryptography to work around such laws.

As proposed on tech-crypto, tech-security, and tech-userlevel to no
objections:

https://mail-index.netbsd.org/tech-crypto/2017/05/06/msg000719.html
https://mail-index.netbsd.org/tech-security/2017/05/06/msg000928.html
https://mail-index.netbsd.org/tech-userlevel/2017/05/06/msg010547.html

P.S.  Reviewing all the uses of MKCRYPTO in src revealed a lot of
*bad* crypto that was conditional on it, e.g. DES in telnet...  That
should probably be removed too, but on the grounds that it is bad,
not on the grounds that it is (nominally) crypto.

Revision 1.12.14.2 / (download) - annotate - [select for diffs], Fri Apr 15 19:38:13 2016 UTC (4 years, 9 months ago) by snj
Branch: netbsd-6-0
Changes since 1.12.14.1: +16 -1 lines
Diff to previous 1.12.14.1 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)

Pull up following revision(s) (requested by mrg in ticket #1377):
	libexec/httpd/CHANGES: up to 1.22
	libexec/httpd/Makefile: up to 1.26 via patch
	libexec/httpd/auth-bozo.c: up to 1.18
	libexec/httpd/bozohttpd.8: up to 1.59
	libexec/httpd/bozohttpd.c: up to 1.80 via patch
	libexec/httpd/bozohttpd.h: up to 1.45
	libexec/httpd/cgi-bozo.c: up to 1.33
	libexec/httpd/content-bozo.c: up to 1.13
	libexec/httpd/daemon-bozo.c: up to 1.17
	libexec/httpd/dir-index-bozo.c: up to 1.25
	libexec/httpd/lua-bozo.c: up to 1.14
	libexec/httpd/lua/bozo.lua: up to 1.2
	libexec/httpd/lua/glue.c: up to 1.2
	libexec/httpd/main.c: up to 1.13
	libexec/httpd/printenv.lua: up to 1.3
	libexec/httpd/ssl-bozo.c: up to 1.22
	libexec/httpd/testsuite/Makefile: up to 1.5
	libexec/httpd/testsuite/t10.out: up to 1.2
	libexec/httpd/testsuite/test-bigfile: up to 1.2
	libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o  add CGI support for ~user translation (-E switch)
o  add redirects to ~user translation
o  fix bugs around ~user translation
o  add schema detection for absolute redirects
o  fixed few memory leaks
o  bunch of minor tweaks
o  removed -r support
o  smarter redirects
--
Changes in 20150320:
o  fix redirection handling
o  support transport stream (.ts) and video object (.vob) files
o  directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o  add search-word support for CGI
o  fix a security issue in CGI suffix handler support which would
   allow remote code execution, from shm@netbsd.org
o  -C option supports now CGI scripts only

Revision 1.12.20.2 / (download) - annotate - [select for diffs], Fri Apr 15 19:37:27 2016 UTC (4 years, 9 months ago) by snj
Branch: netbsd-6-1
Changes since 1.12.20.1: +16 -1 lines
Diff to previous 1.12.20.1 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)

Pull up following revision(s) (requested by mrg in ticket #1377):
	libexec/httpd/CHANGES: up to 1.22
	libexec/httpd/Makefile: up to 1.26 via patch
	libexec/httpd/auth-bozo.c: up to 1.18
	libexec/httpd/bozohttpd.8: up to 1.59
	libexec/httpd/bozohttpd.c: up to 1.80 via patch
	libexec/httpd/bozohttpd.h: up to 1.45
	libexec/httpd/cgi-bozo.c: up to 1.33
	libexec/httpd/content-bozo.c: up to 1.13
	libexec/httpd/daemon-bozo.c: up to 1.17
	libexec/httpd/dir-index-bozo.c: up to 1.25
	libexec/httpd/lua-bozo.c: up to 1.14
	libexec/httpd/lua/bozo.lua: up to 1.2
	libexec/httpd/lua/glue.c: up to 1.2
	libexec/httpd/main.c: up to 1.13
	libexec/httpd/printenv.lua: up to 1.3
	libexec/httpd/ssl-bozo.c: up to 1.22
	libexec/httpd/testsuite/Makefile: up to 1.5
	libexec/httpd/testsuite/t10.out: up to 1.2
	libexec/httpd/testsuite/test-bigfile: up to 1.2
	libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o  add CGI support for ~user translation (-E switch)
o  add redirects to ~user translation
o  fix bugs around ~user translation
o  add schema detection for absolute redirects
o  fixed few memory leaks
o  bunch of minor tweaks
o  removed -r support
o  smarter redirects
--
Changes in 20150320:
o  fix redirection handling
o  support transport stream (.ts) and video object (.vob) files
o  directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o  add search-word support for CGI
o  fix a security issue in CGI suffix handler support which would
   allow remote code execution, from shm@netbsd.org
o  -C option supports now CGI scripts only

Revision 1.12.8.2 / (download) - annotate - [select for diffs], Fri Apr 15 19:36:08 2016 UTC (4 years, 9 months ago) by snj
Branch: netbsd-6
Changes since 1.12.8.1: +16 -1 lines
Diff to previous 1.12.8.1 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)

Pull up following revision(s) (requested by mrg in ticket #1377):
	libexec/httpd/CHANGES: up to 1.22
	libexec/httpd/Makefile: up to 1.26 via patch
	libexec/httpd/auth-bozo.c: up to 1.18
	libexec/httpd/bozohttpd.8: up to 1.59
	libexec/httpd/bozohttpd.c: up to 1.80 via patch
	libexec/httpd/bozohttpd.h: up to 1.45
	libexec/httpd/cgi-bozo.c: up to 1.33
	libexec/httpd/content-bozo.c: up to 1.13
	libexec/httpd/daemon-bozo.c: up to 1.17
	libexec/httpd/dir-index-bozo.c: up to 1.25
	libexec/httpd/lua-bozo.c: up to 1.14
	libexec/httpd/lua/bozo.lua: up to 1.2
	libexec/httpd/lua/glue.c: up to 1.2
	libexec/httpd/main.c: up to 1.13
	libexec/httpd/printenv.lua: up to 1.3
	libexec/httpd/ssl-bozo.c: up to 1.22
	libexec/httpd/testsuite/Makefile: up to 1.5
	libexec/httpd/testsuite/t10.out: up to 1.2
	libexec/httpd/testsuite/test-bigfile: up to 1.2
	libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o  add CGI support for ~user translation (-E switch)
o  add redirects to ~user translation
o  fix bugs around ~user translation
o  add schema detection for absolute redirects
o  fixed few memory leaks
o  bunch of minor tweaks
o  removed -r support
o  smarter redirects
--
Changes in 20150320:
o  fix redirection handling
o  support transport stream (.ts) and video object (.vob) files
o  directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o  add search-word support for CGI
o  fix a security issue in CGI suffix handler support which would
   allow remote code execution, from shm@netbsd.org
o  -C option supports now CGI scripts only

Revision 1.22.2.1.2.1 / (download) - annotate - [select for diffs], Fri Apr 15 18:55:49 2016 UTC (4 years, 9 months ago) by snj
Branch: netbsd-7-0
CVS Tags: netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE
Changes since 1.22.2.1: +16 -1 lines
Diff to previous 1.22.2.1 (colored)

Pull up following revision(s) (requested by mrg in ticket #1141):
	libexec/httpd/CHANGES: up to 1.22
	libexec/httpd/Makefile: up to 1.26
	libexec/httpd/auth-bozo.c: up to 1.18
	libexec/httpd/bozohttpd.8: up to 1.59
	libexec/httpd/bozohttpd.c: up to 1.80
	libexec/httpd/bozohttpd.h: up to 1.45
	libexec/httpd/cgi-bozo.c: up to 1.33
	libexec/httpd/content-bozo.c: up to 1.13
	libexec/httpd/daemon-bozo.c: up to 1.17
	libexec/httpd/dir-index-bozo.c: up to 1.25
	libexec/httpd/lua-bozo.c: up to 1.14
	libexec/httpd/lua/bozo.lua: up to 1.2
	libexec/httpd/lua/glue.c: up to 1.2
	libexec/httpd/main.c: up to 1.13
	libexec/httpd/printenv.lua: up to 1.3
	libexec/httpd/ssl-bozo.c: up to 1.22
	libexec/httpd/testsuite/Makefile: up to 1.5
	libexec/httpd/testsuite/test-bigfile: up to 1.2
	libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o  add CGI support for ~user translation (-E switch)
o  add redirects to ~user translation
o  fix bugs around ~user translation
o  add schema detection for absolute redirects
o  fixed few memory leaks
o  bunch of minor tweaks
o  removed -r support
o  smarter redirects
Changes in 20150320:
o  fix redirection handling
o  support transport stream (.ts) and video object (.vob) files
o  directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o  add search-word support for CGI
o  fix a security issue in CGI suffix handler support which would
   allow remote code execution, from shm@netbsd.org
o  -C option supports now CGI scripts only

Revision 1.22.2.2 / (download) - annotate - [select for diffs], Sun Apr 10 10:33:11 2016 UTC (4 years, 9 months ago) by martin
Branch: netbsd-7
CVS Tags: netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE
Branch point for: netbsd-7-1
Changes since 1.22.2.1: +16 -1 lines
Diff to previous 1.22.2.1 (colored) to branchpoint 1.22 (colored)

Catch up to -current (via patch), requested by mspo in #1141:

	libexec/httpd/CHANGES                          	 up to 1.21
	libexec/httpd/Makefile                         	 up to 1.26
	libexec/httpd/auth-bozo.c                      	 up to 1.18
	libexec/httpd/bozohttpd.8                      	 up to 1.58
	libexec/httpd/bozohttpd.c                      	 up to 1.79
	libexec/httpd/bozohttpd.h                      	 up to 1.44
	libexec/httpd/cgi-bozo.c                       	 up to 1.32
	libexec/httpd/content-bozo.c                   	 up to 1.13
	libexec/httpd/daemon-bozo.c                    	 up to 1.17
	libexec/httpd/dir-index-bozo.c                 	 up to 1.25
	libexec/httpd/lua-bozo.c                       	 up to 1.14
	libexec/httpd/main.c                           	 up to 1.13
	libexec/httpd/netbsd_queue.h                   	 up to 1.1
	libexec/httpd/printenv.lua                     	 up to 1.3
	libexec/httpd/ssl-bozo.c                       	 up to 1.22
	libexec/httpd/tilde-luzah-bozo.c               	 up to 1.14
	libexec/httpd/testsuite/Makefile               	 up to 1.5
	libexec/httpd/testsuite/test-bigfile           	 up to 1.2

Import bozohttpd 20151028:
o  add CGI support for ~user translation (-E switch)
o  add redirects to ~user translation
o  fix bugs around ~user translation
o  add schema detection for absolute redirects
o  fixed few memory leaks
o  bunch of minor tweaks
o  removed -r support
o  smarter redirects
Changes in 20150320:
o  fix redirection handling
o  support transport stream (.ts) and video object (.vob) files
o  directory listings show correct file sizes for large files

Revision 1.26 / (download) - annotate - [select for diffs], Fri Oct 30 23:21:05 2015 UTC (5 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, pgoyette-localcount, localcount-20160914, bouyer-socketcan-base1, bouyer-socketcan-base, bouyer-socketcan
Changes since 1.25: +1 -4 lines
Diff to previous 1.25 (colored)

- don't use alloca and then check if alloca returns null and then try to
  free it. Allocating from the stack does not return null, and freeing it
  will have unpredictable results. use malloc instead.
- now we are using malloc remove -Wno-stack-protector kludge

Revision 1.25 / (download) - annotate - [select for diffs], Fri Oct 30 18:53:26 2015 UTC (5 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.24: +4 -1 lines
Diff to previous 1.24 (colored)

Fix build with "USE_SSP" set to "yes".

Revision 1.24 / (download) - annotate - [select for diffs], Wed Aug 5 06:50:44 2015 UTC (5 years, 5 months ago) by mrg
Branch: MAIN
Changes since 1.23: +16 -1 lines
Diff to previous 1.23 (colored)

on QNX, use nbutil.h.

Revision 1.22.2.1 / (download) - annotate - [select for diffs], Thu Apr 23 19:38:11 2015 UTC (5 years, 8 months ago) by snj
Branch: netbsd-7
CVS Tags: netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1
Branch point for: netbsd-7-0
Changes since 1.22: +5 -4 lines
Diff to previous 1.22 (colored)

Pull up following revision(s) (requested by mrg in ticket #715):
	distrib/sets/lists/base/mi: revision 1.1100
	distrib/sets/lists/man/mi: revision 1.1499 via patch
	libexec/httpd/Makefile: revision 1.23
	libexec/httpd/bozohttpd.8: revision 1.50
	libexec/httpd/cgi-bozo.c: revision 1.26
install as bozohttpd/bozohttpd.8 as well as httpd.
--
Fix deref "command" after "free(file)", from KIYOHARA Takashi

Revision 1.23 / (download) - annotate - [select for diffs], Thu Apr 16 02:32:33 2015 UTC (5 years, 9 months ago) by mrg
Branch: MAIN
Changes since 1.22: +5 -4 lines
Diff to previous 1.22 (colored)

install as bozohttpd/bozohttpd.8 as well as httpd.

Revision 1.12.12.1 / (download) - annotate - [select for diffs], Wed Aug 20 00:02:22 2014 UTC (6 years, 5 months ago) by tls
Branch: tls-maxphys
Changes since 1.12: +49 -4 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)

Rebase to HEAD as of a few days ago.

Revision 1.21.2.1 / (download) - annotate - [select for diffs], Sun Aug 10 06:52:40 2014 UTC (6 years, 5 months ago) by tls
Branch: tls-earlyentropy
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored) next main 1.22 (colored)

Rebase.

Revision 1.7.14.1 / (download) - annotate - [select for diffs], Wed Jul 9 16:09:39 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-5-1
CVS Tags: netbsd-5-1-5-RELEASE
Changes since 1.7: +59 -6 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)

Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES				1.3-1.18
libexec/httpd/Makefile				1.8-1.22 via patch
libexec/httpd/Makefile.boot			1.3-1.6
libexec/httpd/auth-bozo.c			1.5-1.13
libexec/httpd/bozohttpd.8			1.6-1.46
libexec/httpd/bozohttpd.c			1.8,1.12-1.54
libexec/httpd/bozohttpd.h			1.8-1.32
libexec/httpd/cgi-bozo.c			1.11-1.25
libexec/httpd/content-bozo.c			1.4-1.10
libexec/httpd/daemon-bozo.c			1.5-1.16
libexec/httpd/dir-index-bozo.c			1.6-1.19
libexec/httpd/ssl-bozo.c			1.5-1.16
libexec/httpd/tilde-luzah-bozo.c		1.5-1.10
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.1-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/debug/Makefile			1.1
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.3
libexec/httpd/libbozohttpd/shlib_version	1.1
libexec/httpd/lua/Makefile			1.1
libexec/httpd/lua/bozo.lua			1.1
libexec/httpd/lua/glue.c			1.1
libexec/httpd/lua/optparse.lua			1.1
libexec/httpd/lua/shlib_version			1.1
libexec/httpd/small/Makefile			1.1-1.2
libexec/httpd/testsuite/Makefile		1.4
libexec/httpd/testsuite/html_cmp		1.4
libexec/httpd/testsuite/t1.in			1.3
libexec/httpd/testsuite/t1.out			1.3
libexec/httpd/testsuite/t10.in			1.1
libexec/httpd/testsuite/t10.out			1.1
libexec/httpd/testsuite/t2.in			1.3
libexec/httpd/testsuite/t2.out			1.3
libexec/httpd/testsuite/t3.in			1.3
libexec/httpd/testsuite/t3.out			1.3
libexec/httpd/testsuite/t4.in			1.3
libexec/httpd/testsuite/t4.out			1.3
libexec/httpd/testsuite/t5.in			1.3
libexec/httpd/testsuite/t5.out			1.3
libexec/httpd/testsuite/t6.in			1.3
libexec/httpd/testsuite/t6.out			1.3
libexec/httpd/testsuite/t7.in			1.3
libexec/httpd/testsuite/t7.out			1.3
libexec/httpd/testsuite/t8.in			1.3
libexec/httpd/testsuite/t8.out			1.3
libexec/httpd/testsuite/t9.in			1.3
libexec/httpd/testsuite/t9.out			1.3
libexec/httpd/testsuite/test-bigfile		1.1
libexec/httpd/testsuite/data/bigfile		1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file		1.3
libexec/httpd/testsuite/data/index.html		1.3

	Update bozohttpd from 20080303+patches to 20140708.

changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

changes in bozohttpd 20111118:
	o  add -P <pidfile> option, from jmmv@netbsd.org
	o  avoid crashes with http basic auth, from pooka@netbsd.org
	o  add support for REDIRECT_STATUS variable, from tls@netbsd.org
	o  support .mp4 files in the default map
	o  directory indexes with files with : are now displayed properly, from
	   reed@netbsd.org
	o  allow -I option to be useful in non-inetd mode as well

changes in bozohttpd 20100920:
	o  properly fully disable multi-file mode for now
	o  fix the -t and -U options when used without the -e option, broken since
	   the library-ifcation
	o  be explicit that logs go to the FTP facility in syslog
	o  use scandir() with alphasort() for sorted directory lists, from moof
	o  fix a serious error in vhost handling; "Host:.." would allow access to
	   the next level directory from the virtual root directory, from seanb
	o  fix some various non standard compile time errors, from rudolf
	o  fix dynamic CGI content maps, from rudolf

changes in bozohttpd 20100617:
	o  fix some compile issues
	o  fix SSL mode.  from rtr
	o  fix some cgi-bin issues, as seen with cvsweb
	o  disable multi-file daemon mode for now, it breaks
	o  return 404's instead of 403's when chdir of ~user dirs fail
	o  remove "noreturn" attribute from bozo_http_error() that was
	   causing incorrect runtime behaviour

changes in bozohttpd 20100509:
	o  major rework and clean up of internal interfaces.  move the main
	   program into main.c, the remaining parts are useable as library.
	   add bindings for lua.  by Alistair G. Crooks <agc@netbsd.org>
	o  fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325

changes in bozohttpd 20090522:
	o  avoid dying in daemon mode for some uncommon, but recoverable, errors
	o  close leaking file descriptors for CGI and daemon mode
	o  handle poll errors properly
	o  don't try to handle more than one request per process yet
	o  add subdirs for build "debug" and "small" versions
	o  clean up a bad merge / duplicate code
	o  make mmap() usage portable, fixes linux & ranges: support
	o  document the -f option
	o  daemon mode now serves 6 files per child

changes in bozohttpd 20090417:
	o  make bozohttpd internally more modular, preparing the way
	   to handle more than one request per process
	o  fix http-auth, set $REMOTE_USER not $REMOTEUSER.  also fix
	   cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
	o  fix an uninitialised variable use in daemon mode
	o  fix ssl mode with newer OpenSSL
	o  mmap large files in manageable sizes so we can serve any size file
	o  refactor url processing to handle query strings correctly for CGI
	   from Sergey Katsev at Coyote Point
	o  add If-Modified-Since support, from Joerg Sonnenberger
	   <joerg@netbsd.org>
	o  many more manual fixes, from NetBSD

Revision 1.7.4.1 / (download) - annotate - [select for diffs], Wed Jul 9 16:04:13 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-5-2
CVS Tags: netbsd-5-2-3-RELEASE
Changes since 1.7: +59 -6 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)

Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES				1.3-1.18
libexec/httpd/Makefile				1.8-1.22 via patch
libexec/httpd/Makefile.boot			1.3-1.6
libexec/httpd/auth-bozo.c			1.5-1.13
libexec/httpd/bozohttpd.8			1.6-1.46
libexec/httpd/bozohttpd.c			1.8,1.12-1.54
libexec/httpd/bozohttpd.h			1.8-1.32
libexec/httpd/cgi-bozo.c			1.11-1.25
libexec/httpd/content-bozo.c			1.4-1.10
libexec/httpd/daemon-bozo.c			1.5-1.16
libexec/httpd/dir-index-bozo.c			1.6-1.19
libexec/httpd/ssl-bozo.c			1.5-1.16
libexec/httpd/tilde-luzah-bozo.c		1.5-1.10
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.1-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/debug/Makefile			1.1
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.3
libexec/httpd/libbozohttpd/shlib_version	1.1
libexec/httpd/lua/Makefile			1.1
libexec/httpd/lua/bozo.lua			1.1
libexec/httpd/lua/glue.c			1.1
libexec/httpd/lua/optparse.lua			1.1
libexec/httpd/lua/shlib_version			1.1
libexec/httpd/small/Makefile			1.1-1.2
libexec/httpd/testsuite/Makefile		1.4
libexec/httpd/testsuite/html_cmp		1.4
libexec/httpd/testsuite/t1.in			1.3
libexec/httpd/testsuite/t1.out			1.3
libexec/httpd/testsuite/t10.in			1.1
libexec/httpd/testsuite/t10.out			1.1
libexec/httpd/testsuite/t2.in			1.3
libexec/httpd/testsuite/t2.out			1.3
libexec/httpd/testsuite/t3.in			1.3
libexec/httpd/testsuite/t3.out			1.3
libexec/httpd/testsuite/t4.in			1.3
libexec/httpd/testsuite/t4.out			1.3
libexec/httpd/testsuite/t5.in			1.3
libexec/httpd/testsuite/t5.out			1.3
libexec/httpd/testsuite/t6.in			1.3
libexec/httpd/testsuite/t6.out			1.3
libexec/httpd/testsuite/t7.in			1.3
libexec/httpd/testsuite/t7.out			1.3
libexec/httpd/testsuite/t8.in			1.3
libexec/httpd/testsuite/t8.out			1.3
libexec/httpd/testsuite/t9.in			1.3
libexec/httpd/testsuite/t9.out			1.3
libexec/httpd/testsuite/test-bigfile		1.1
libexec/httpd/testsuite/data/bigfile		1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file		1.3
libexec/httpd/testsuite/data/index.html		1.3

	Update bozohttpd from 20080303+patches to 20140708.

changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

changes in bozohttpd 20111118:
	o  add -P <pidfile> option, from jmmv@netbsd.org
	o  avoid crashes with http basic auth, from pooka@netbsd.org
	o  add support for REDIRECT_STATUS variable, from tls@netbsd.org
	o  support .mp4 files in the default map
	o  directory indexes with files with : are now displayed properly, from
	   reed@netbsd.org
	o  allow -I option to be useful in non-inetd mode as well

changes in bozohttpd 20100920:
	o  properly fully disable multi-file mode for now
	o  fix the -t and -U options when used without the -e option, broken since
	   the library-ifcation
	o  be explicit that logs go to the FTP facility in syslog
	o  use scandir() with alphasort() for sorted directory lists, from moof
	o  fix a serious error in vhost handling; "Host:.." would allow access to
	   the next level directory from the virtual root directory, from seanb
	o  fix some various non standard compile time errors, from rudolf
	o  fix dynamic CGI content maps, from rudolf

changes in bozohttpd 20100617:
	o  fix some compile issues
	o  fix SSL mode.  from rtr
	o  fix some cgi-bin issues, as seen with cvsweb
	o  disable multi-file daemon mode for now, it breaks
	o  return 404's instead of 403's when chdir of ~user dirs fail
	o  remove "noreturn" attribute from bozo_http_error() that was
	   causing incorrect runtime behaviour

changes in bozohttpd 20100509:
	o  major rework and clean up of internal interfaces.  move the main
	   program into main.c, the remaining parts are useable as library.
	   add bindings for lua.  by Alistair G. Crooks <agc@netbsd.org>
	o  fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325

changes in bozohttpd 20090522:
	o  avoid dying in daemon mode for some uncommon, but recoverable, errors
	o  close leaking file descriptors for CGI and daemon mode
	o  handle poll errors properly
	o  don't try to handle more than one request per process yet
	o  add subdirs for build "debug" and "small" versions
	o  clean up a bad merge / duplicate code
	o  make mmap() usage portable, fixes linux & ranges: support
	o  document the -f option
	o  daemon mode now serves 6 files per child

changes in bozohttpd 20090417:
	o  make bozohttpd internally more modular, preparing the way
	   to handle more than one request per process
	o  fix http-auth, set $REMOTE_USER not $REMOTEUSER.  also fix
	   cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
	o  fix an uninitialised variable use in daemon mode
	o  fix ssl mode with newer OpenSSL
	o  mmap large files in manageable sizes so we can serve any size file
	o  refactor url processing to handle query strings correctly for CGI
	   from Sergey Katsev at Coyote Point
	o  add If-Modified-Since support, from Joerg Sonnenberger
	   <joerg@netbsd.org>
	o  many more manual fixes, from NetBSD

Revision 1.7.6.1 / (download) - annotate - [select for diffs], Wed Jul 9 15:21:21 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-5
Changes since 1.7: +59 -6 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)

Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES				1.3-1.18
libexec/httpd/Makefile				1.8-1.22 via patch
libexec/httpd/Makefile.boot			1.3-1.6
libexec/httpd/auth-bozo.c			1.5-1.13
libexec/httpd/bozohttpd.8			1.6-1.46
libexec/httpd/bozohttpd.c			1.8,1.12-1.54
libexec/httpd/bozohttpd.h			1.8-1.32
libexec/httpd/cgi-bozo.c			1.11-1.25
libexec/httpd/content-bozo.c			1.4-1.10
libexec/httpd/daemon-bozo.c			1.5-1.16
libexec/httpd/dir-index-bozo.c			1.6-1.19
libexec/httpd/ssl-bozo.c			1.5-1.16
libexec/httpd/tilde-luzah-bozo.c		1.5-1.10
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.1-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/debug/Makefile			1.1
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.3
libexec/httpd/libbozohttpd/shlib_version	1.1
libexec/httpd/lua/Makefile			1.1
libexec/httpd/lua/bozo.lua			1.1
libexec/httpd/lua/glue.c			1.1
libexec/httpd/lua/optparse.lua			1.1
libexec/httpd/lua/shlib_version			1.1
libexec/httpd/small/Makefile			1.1-1.2
libexec/httpd/testsuite/Makefile		1.4
libexec/httpd/testsuite/html_cmp		1.4
libexec/httpd/testsuite/t1.in			1.3
libexec/httpd/testsuite/t1.out			1.3
libexec/httpd/testsuite/t10.in			1.1
libexec/httpd/testsuite/t10.out			1.1
libexec/httpd/testsuite/t2.in			1.3
libexec/httpd/testsuite/t2.out			1.3
libexec/httpd/testsuite/t3.in			1.3
libexec/httpd/testsuite/t3.out			1.3
libexec/httpd/testsuite/t4.in			1.3
libexec/httpd/testsuite/t4.out			1.3
libexec/httpd/testsuite/t5.in			1.3
libexec/httpd/testsuite/t5.out			1.3
libexec/httpd/testsuite/t6.in			1.3
libexec/httpd/testsuite/t6.out			1.3
libexec/httpd/testsuite/t7.in			1.3
libexec/httpd/testsuite/t7.out			1.3
libexec/httpd/testsuite/t8.in			1.3
libexec/httpd/testsuite/t8.out			1.3
libexec/httpd/testsuite/t9.in			1.3
libexec/httpd/testsuite/t9.out			1.3
libexec/httpd/testsuite/test-bigfile		1.1
libexec/httpd/testsuite/data/bigfile		1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file		1.3
libexec/httpd/testsuite/data/index.html		1.3

	Update bozohttpd from 20080303+patches to 20140708.

changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

changes in bozohttpd 20111118:
	o  add -P <pidfile> option, from jmmv@netbsd.org
	o  avoid crashes with http basic auth, from pooka@netbsd.org
	o  add support for REDIRECT_STATUS variable, from tls@netbsd.org
	o  support .mp4 files in the default map
	o  directory indexes with files with : are now displayed properly, from
	   reed@netbsd.org
	o  allow -I option to be useful in non-inetd mode as well

changes in bozohttpd 20100920:
	o  properly fully disable multi-file mode for now
	o  fix the -t and -U options when used without the -e option, broken since
	   the library-ifcation
	o  be explicit that logs go to the FTP facility in syslog
	o  use scandir() with alphasort() for sorted directory lists, from moof
	o  fix a serious error in vhost handling; "Host:.." would allow access to
	   the next level directory from the virtual root directory, from seanb
	o  fix some various non standard compile time errors, from rudolf
	o  fix dynamic CGI content maps, from rudolf

changes in bozohttpd 20100617:
	o  fix some compile issues
	o  fix SSL mode.  from rtr
	o  fix some cgi-bin issues, as seen with cvsweb
	o  disable multi-file daemon mode for now, it breaks
	o  return 404's instead of 403's when chdir of ~user dirs fail
	o  remove "noreturn" attribute from bozo_http_error() that was
	   causing incorrect runtime behaviour

changes in bozohttpd 20100509:
	o  major rework and clean up of internal interfaces.  move the main
	   program into main.c, the remaining parts are useable as library.
	   add bindings for lua.  by Alistair G. Crooks <agc@netbsd.org>
	o  fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325

changes in bozohttpd 20090522:
	o  avoid dying in daemon mode for some uncommon, but recoverable, errors
	o  close leaking file descriptors for CGI and daemon mode
	o  handle poll errors properly
	o  don't try to handle more than one request per process yet
	o  add subdirs for build "debug" and "small" versions
	o  clean up a bad merge / duplicate code
	o  make mmap() usage portable, fixes linux & ranges: support
	o  document the -f option
	o  daemon mode now serves 6 files per child

changes in bozohttpd 20090417:
	o  make bozohttpd internally more modular, preparing the way
	   to handle more than one request per process
	o  fix http-auth, set $REMOTE_USER not $REMOTEUSER.  also fix
	   cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
	o  fix an uninitialised variable use in daemon mode
	o  fix ssl mode with newer OpenSSL
	o  mmap large files in manageable sizes so we can serve any size file
	o  refactor url processing to handle query strings correctly for CGI
	   from Sergey Katsev at Coyote Point
	o  add If-Modified-Since support, from Joerg Sonnenberger
	   <joerg@netbsd.org>
	o  many more manual fixes, from NetBSD

Revision 1.12.14.1 / (download) - annotate - [select for diffs], Wed Jul 9 09:47:10 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-6-0
CVS Tags: netbsd-6-0-6-RELEASE
Changes since 1.12: +49 -4 lines
Diff to previous 1.12 (colored)

Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES				1.12-1.18
libexec/httpd/Makefile				1.13-1.22
libexec/httpd/Makefile.boot			1.6
libexec/httpd/auth-bozo.c			1.11-1.13
libexec/httpd/bozohttpd.8			1.33-1.46
libexec/httpd/bozohttpd.c			1.31-1.54
libexec/httpd/bozohttpd.h			1.21-1.32
libexec/httpd/cgi-bozo.c			1.21-1.25
libexec/httpd/content-bozo.c			1.8-1.10
libexec/httpd/daemon-bozo.c			1.16-1.16
libexec/httpd/dir-index-bozo.c			1.15-1.19
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.6-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/ssl-bozo.c			1.14-1.16
libexec/httpd/tilde-luzah-bozo.c		1.10
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.2-1.3
libexec/httpd/small/Makefile			1.2

	Update bozohttpd from 20111118 to 20140708.

	changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

	changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

	changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

Revision 1.12.20.1 / (download) - annotate - [select for diffs], Wed Jul 9 09:44:56 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-6-1
CVS Tags: netbsd-6-1-5-RELEASE
Changes since 1.12: +49 -4 lines
Diff to previous 1.12 (colored)

Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES				1.12-1.18
libexec/httpd/Makefile				1.13-1.22
libexec/httpd/Makefile.boot			1.6
libexec/httpd/auth-bozo.c			1.11-1.13
libexec/httpd/bozohttpd.8			1.33-1.46
libexec/httpd/bozohttpd.c			1.31-1.54
libexec/httpd/bozohttpd.h			1.21-1.32
libexec/httpd/cgi-bozo.c			1.21-1.25
libexec/httpd/content-bozo.c			1.8-1.10
libexec/httpd/daemon-bozo.c			1.16-1.16
libexec/httpd/dir-index-bozo.c			1.15-1.19
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.6-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/ssl-bozo.c			1.14-1.16
libexec/httpd/tilde-luzah-bozo.c		1.10
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.2-1.3
libexec/httpd/small/Makefile			1.2

	Update bozohttpd from 20111118 to 20140708.

	changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

	changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

	changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

Revision 1.12.8.1 / (download) - annotate - [select for diffs], Wed Jul 9 09:42:39 2014 UTC (6 years, 6 months ago) by msaitoh
Branch: netbsd-6
Changes since 1.12: +49 -4 lines
Diff to previous 1.12 (colored)

Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES				1.12-1.18
libexec/httpd/Makefile				1.13-1.22
libexec/httpd/Makefile.boot			1.6
libexec/httpd/auth-bozo.c			1.11-1.13
libexec/httpd/bozohttpd.8			1.33-1.46
libexec/httpd/bozohttpd.c			1.31-1.54
libexec/httpd/bozohttpd.h			1.21-1.32
libexec/httpd/cgi-bozo.c			1.21-1.25
libexec/httpd/content-bozo.c			1.8-1.10
libexec/httpd/daemon-bozo.c			1.16-1.16
libexec/httpd/dir-index-bozo.c			1.15-1.19
libexec/httpd/lua-bozo.c			1.1-1.9
libexec/httpd/main.c				1.6-1.7
libexec/httpd/netbsd_queue.h			1.1
libexec/httpd/printenv.lua			1.1-1.2
libexec/httpd/ssl-bozo.c			1.14-1.16
libexec/httpd/tilde-luzah-bozo.c		1.10
libexec/httpd/libbozohttpd/Makefile		1.2
libexec/httpd/libbozohttpd/libbozohttpd.3	1.2-1.3
libexec/httpd/small/Makefile			1.2

	Update bozohttpd from 20111118 to 20140708.

	changes in bozohttpd 20140708:
	o  fixes for virtual host support, from rajeev_v_pillai@yahoo.com
	o  avoid printing double errors, from shm@netbsd.org
	o  fix a security issue in basic HTTP authentication which would allow
	   authentication to be bypassed, from shm@netbsd.org

	changes in bozohttpd 20140201:
	o  support .svg files
	o  fix a core dump when requests timeout

	changes in bozohttpd 20140102:
	o  update a few content types
	o  add support for directly calling lua scripts to handle
	   processes, from mbalmer@netbsd.org
	o  properly escape generated HTML
	o  add authentication for redirections, from martin@netbsd.org
	o  handle chained ssl certifications, from elric@netbsd.org
	o  add basic support for gzipped files, from elric@netbsd.org
	o  properly escape generated URIs

Revision 1.22 / (download) - annotate - [select for diffs], Tue Jul 8 13:59:39 2014 UTC (6 years, 6 months ago) by mrg
Branch: MAIN
CVS Tags: tls-maxphys-base, tls-earlyentropy-base, netbsd-7-base, bozohttpd-20150320, bozohttpd-20141225
Branch point for: netbsd-7
Changes since 1.21: +5 -5 lines
Diff to previous 1.21 (colored)

make export-distfile target slightly more stable.

Revision 1.12.6.1 / (download) - annotate - [select for diffs], Thu May 22 11:37:13 2014 UTC (6 years, 7 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.12: +49 -4 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.21 / (download) - annotate - [select for diffs], Sun Feb 2 03:20:57 2014 UTC (6 years, 11 months ago) by mrg
Branch: MAIN
CVS Tags: yamt-pagecache-base9, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

display the tempdir for exported files as well.

Revision 1.20 / (download) - annotate - [select for diffs], Sun Feb 2 03:20:10 2014 UTC (6 years, 11 months ago) by mrg
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

call gzip directly for distfile export target; it's usually run outside
of the normal build.

Revision 1.19 / (download) - annotate - [select for diffs], Mon Jan 27 21:37:17 2014 UTC (6 years, 11 months ago) by apb
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

Pass the -n flag to gzip invocations.

This prevents it from embedding a timestamp in the output.  We pass
"-n" unconditionally, not conditional on MKREPRO, because many other
invocations of gzip already passed the -n flag unconditionally.

Revision 1.18 / (download) - annotate - [select for diffs], Mon Jan 27 08:18:08 2014 UTC (6 years, 11 months ago) by apb
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Use ${TOOL_GZIP} instead of just gzip in all Makefiles
outside */dist/* subdirectories.

When USE_PIGZGZIP=yes, bsd.own.mk sets TOOL_GZIP=${TOOL_PIGZ},
so there's no need to test USE_PIGZGZIP in these Makefiles.

Revision 1.17 / (download) - annotate - [select for diffs], Wed Oct 16 10:04:26 2013 UTC (7 years, 3 months ago) by he
Branch: MAIN
CVS Tags: bozohttpd-20140102
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored)

Also depend on LIBLUA, and add -lm to allow static linking.

Revision 1.16 / (download) - annotate - [select for diffs], Sat Oct 12 17:24:06 2013 UTC (7 years, 3 months ago) by mbalmer
Branch: MAIN
Changes since 1.15: +4 -3 lines
Diff to previous 1.15 (colored)

add Lua scripting support to bozohttpd, see httpd(8) for details

Revision 1.15 / (download) - annotate - [select for diffs], Sat Oct 12 07:49:40 2013 UTC (7 years, 3 months ago) by mbalmer
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored)

remove trailing whitespace

Revision 1.14 / (download) - annotate - [select for diffs], Thu Jul 11 08:51:09 2013 UTC (7 years, 6 months ago) by mrg
Branch: MAIN
CVS Tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, bozohttpd-20130711
Changes since 1.13: +19 -1 lines
Diff to previous 1.13 (colored)

add a target to export a bozohttpd distfile.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Jul 11 08:32:39 2013 UTC (7 years, 6 months ago) by mrg
Branch: MAIN
Changes since 1.12: +27 -1 lines
Diff to previous 1.12 (colored)

merge parts of the release Makefile back in; unused by the netbsd build.

Revision 1.12 / (download) - annotate - [select for diffs], Mon Sep 20 23:11:38 2010 UTC (10 years, 4 months ago) by mrg
Branch: MAIN
CVS Tags: yamt-pagecache-tag8, yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, matt-mips64-premerge-20101231, cherry-xenmp-base, cherry-xenmp, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2, agc-symver-base, agc-symver
Branch point for: yamt-pagecache, tls-maxphys, netbsd-6-1, netbsd-6-0, netbsd-6
Changes since 1.11: +8 -3 lines
Diff to previous 1.11 (colored)

merge bozohttpd 20100920

Revision 1.1.1.4 / (download) - annotate - [select for diffs] (vendor branch), Mon Sep 20 23:07:21 2010 UTC (10 years, 4 months ago) by mrg
Branch: bozohttpd
CVS Tags: bozohttpd-20111118, bozohttpd-20100920
Changes since 1.1.1.3: +3 -3 lines
Diff to previous 1.1.1.3 (colored)

initial import of bozohttpd 20100920.  the only change missing in here is:

        o  fix dynamic CGI content maps, from rudolf

Revision 1.11 / (download) - annotate - [select for diffs], Mon May 10 03:37:45 2010 UTC (10 years, 8 months ago) by mrg
Branch: MAIN
Changes since 1.10: +6 -1 lines
Diff to previous 1.10 (colored)

merge bozohttpd 20100509.

Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Mon May 10 03:30:04 2010 UTC (10 years, 8 months ago) by mrg
Branch: bozohttpd
CVS Tags: bozohttpd-20100621, bozohttpd-20100617, bozohttpd-20100512, bozohttpd-20100510, bozohttpd-20100509
Changes since 1.1.1.2: +3 -2 lines
Diff to previous 1.1.1.2 (colored)

import bozohttpd 20100509.  it has these changes:
o  major rework and clean up of internal interfaces.  move the main
   program into main.c, the remaining parts are useable as library.
   add bindings for lua.  by Alistair G. Crooks <agc@netbsd.org>
o  fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325


special thanks to al for the majority of these changes.

Revision 1.10 / (download) - annotate - [select for diffs], Sat May 23 06:45:28 2009 UTC (11 years, 7 months ago) by mrg
Branch: MAIN
CVS Tags: matt-premerge-20091211
Changes since 1.9: +3 -1 lines
Diff to previous 1.9 (colored)

fix a merge botch in previous

Revision 1.9 / (download) - annotate - [select for diffs], Sat May 23 02:26:03 2009 UTC (11 years, 7 months ago) by mrg
Branch: MAIN
Changes since 1.8: +2 -4 lines
Diff to previous 1.8 (colored)

merge bozohttpd 20090522

Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Sat May 23 02:21:19 2009 UTC (11 years, 7 months ago) by mrg
Branch: bozohttpd
CVS Tags: bozohttpd-20090522
Changes since 1.1.1.1: +6 -4 lines
Diff to previous 1.1.1.1 (colored)

import bozohttpd 20090522, which has these changes:
	o  close more leaking file descriptors for CGI and daemon mode
	o  add subdirs for build "debug" and "small" versions
	o  clean up a bad merge / duplicate code
	o  make mmap() usage portable, fixes linux & ranges: support
	o  document the -f option
	o  daemon mode now serves 6 files per child

Revision 1.7.8.1 / (download) - annotate - [select for diffs], Wed May 13 19:18:38 2009 UTC (11 years, 8 months ago) by jym
Branch: jym-xensuspend
Changes since 1.7: +1 -3 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)

Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html

Revision 1.8 / (download) - annotate - [select for diffs], Mon Mar 16 02:24:56 2009 UTC (11 years, 10 months ago) by lukem
Branch: MAIN
CVS Tags: mrg-merged-to-bozohttpd-20090417-post, jym-xensuspend-nbase, jym-xensuspend-base
Changes since 1.7: +1 -3 lines
Diff to previous 1.7 (colored)

Default to WARNS=4
Exceptions that need a lower level are:
	getty ld.elf_so lfs_cleanerd makewhatis telnetd tftpd
	hpropd ipropd-master ipropd-slave kadmind kpasswdd

Revision 1.6.2.1 / (download) - annotate - [select for diffs], Sun May 18 12:30:44 2008 UTC (12 years, 8 months ago) by yamt
Branch: yamt-pf42
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored) next main 1.7 (colored)

sync with head.

Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 25 17:34:38 2008 UTC (12 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pf42-base4, yamt-pf42-base3, yamt-pf42-base2, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2, wrstuden-revivesa-base-1, wrstuden-revivesa-base, wrstuden-revivesa, netbsd-5-base, netbsd-5-2-RELEASE, netbsd-5-2-RC1, netbsd-5-2-2-RELEASE, netbsd-5-2-1-RELEASE, netbsd-5-1-RELEASE, netbsd-5-1-RC4, netbsd-5-1-RC3, netbsd-5-1-RC2, netbsd-5-1-RC1, netbsd-5-1-4-RELEASE, netbsd-5-1-3-RELEASE, netbsd-5-1-2-RELEASE, netbsd-5-1-1-RELEASE, netbsd-5-0-RELEASE, netbsd-5-0-RC4, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, netbsd-5-0-2-RELEASE, netbsd-5-0-1-RELEASE, netbsd-5-0, matt-nb5-pq3-base, matt-nb5-pq3, matt-nb5-mips64-u2-k2-k4-k7-k8-k9, matt-nb5-mips64-u1-k1-k5, matt-nb5-mips64-premerge-20101231, matt-nb5-mips64-premerge-20091211, matt-nb5-mips64-k15, matt-nb5-mips64, matt-nb4-mips64-k7-u2a-k9b, matt-mips64-base2, hpcarm-cleanup-nbase
Branch point for: netbsd-5-2, netbsd-5-1, netbsd-5, jym-xensuspend
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

warns=4

Revision 1.5.2.1 / (download) - annotate - [select for diffs], Mon Mar 24 07:14:46 2008 UTC (12 years, 9 months ago) by keiichi
Branch: keiichi-mipv6
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)

sync with head.

Revision 1.4.2.3 / (download) - annotate - [select for diffs], Sun Mar 23 00:41:23 2008 UTC (12 years, 9 months ago) by matt
Branch: matt-armv6
Changes since 1.4.2.2: +16 -6 lines
Diff to previous 1.4.2.2 (colored) to branchpoint 1.4 (colored) next main 1.5 (colored)

sync with HEAD

Revision 1.6 / (download) - annotate - [select for diffs], Mon Mar 3 03:10:53 2008 UTC (12 years, 10 months ago) by mrg
Branch: MAIN
CVS Tags: yamt-pf42-baseX, yamt-pf42-base, mrg-merged-to-bozohttpd-20080303, matt-armv6-nbase, keiichi-mipv6-base
Branch point for: yamt-pf42
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)

use BUILDSYMLINKS to not have to rename bozohttpd.8 while still
having this manual installed as httpd.8.  now updates from my
repo to bozohttpd.8 will appear in this file.

Revision 1.5 / (download) - annotate - [select for diffs], Sun Feb 3 23:48:09 2008 UTC (12 years, 11 months ago) by mrg
Branch: MAIN
CVS Tags: hpcarm-cleanup-base
Branch point for: keiichi-mipv6
Changes since 1.4: +15 -6 lines
Diff to previous 1.4 (colored)

support MKCRYPTO=no:
- don't link -lssl -lcrypto
- -DNO_SSL_SUPPORT

Revision 1.4.2.2 / (download) - annotate - [select for diffs], Tue Nov 6 23:12:01 2007 UTC (13 years, 2 months ago) by matt
Branch: matt-armv6
CVS Tags: matt-armv6-prevmlocking
Changes since 1.4.2.1: +29 -0 lines
Diff to previous 1.4.2.1 (colored) to branchpoint 1.4 (colored)

sync with HEAD

Revision 1.4.2.1, Thu Oct 18 17:43:02 2007 UTC (13 years, 3 months ago) by matt
Branch: matt-armv6
Changes since 1.4: +0 -29 lines
FILE REMOVED

file Makefile was added on branch matt-armv6 on 2007-11-06 23:12:01 +0000

Revision 1.4 / (download) - annotate - [select for diffs], Thu Oct 18 17:43:02 2007 UTC (13 years, 3 months ago) by he
Branch: MAIN
CVS Tags: matt-armv6-base, cube-autoconf-base, cube-autoconf
Branch point for: matt-armv6
Changes since 1.3: +5 -5 lines
Diff to previous 1.3 (colored)

A build for sun2 reveals that we also need -lcrypt, as auth-bozo.c
otherwise gets an unsatisfied reference to crypt().

Revision 1.3 / (download) - annotate - [select for diffs], Wed Oct 17 13:27:19 2007 UTC (13 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

Fix typo on Makefile which causes HTTP Authentication support
to not be used.

Now fix auth-bozo.c to not have warnings "may be used uninitialized"
and pointer targets "differ in signedness".

Revision 1.2 / (download) - annotate - [select for diffs], Tue Oct 16 01:31:03 2007 UTC (13 years, 3 months ago) by tls
Branch: MAIN
Changes since 1.1: +8 -41 lines
Diff to previous 1.1 (colored)

Get httpd ready for inclusion in build.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Oct 16 01:14:01 2007 UTC (13 years, 3 months ago) by tls
Branch: bozohttpd
CVS Tags: bozohttpd-20090418, bozohttpd-20090417, bozohttpd-20080303, bozohttpd-20060517
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).

Revision 1.1 / (download) - annotate - [select for diffs], Tue Oct 16 01:14:01 2007 UTC (13 years, 3 months ago) by tls
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>