Module Name: src Committed By: martin Date: Wed Jun 12 10:32:00 UTC 2019
Modified Files: src/libexec/httpd [netbsd-8]: CHANGES Makefile auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c daemon-bozo.c dir-index-bozo.c ssl-bozo.c src/libexec/httpd/testsuite [netbsd-8]: Makefile t11.out test-bigfile test-simple Log Message: Pull up the following revisions (via patch) requested by mrg in ticket #1281: libexec/httpd/CHANGES 1.31-1.40 libexec/httpd/Makefile 1.28 libexec/httpd/auth-bozo.c 1.23-1.24 libexec/httpd/bozohttpd.8 1.75-1.79 libexec/httpd/bozohttpd.c 1.100-1.113 libexec/httpd/bozohttpd.h 1.58-1.60 libexec/httpd/cgi-bozo.c 1.46-1.48 libexec/httpd/daemon-bozo.c 1.20-1.21 libexec/httpd/dir-index-bozo.c 1.29-1.32 libexec/httpd/ssl-bozo.c 1.26 libexec/httpd/testsuite/Makefile 1.12-1.13 libexec/httpd/testsuite/t11.out 1.2 libexec/httpd/testsuite/test-bigfile 1.6 libexec/httpd/testsuite/test-simple 1.6 Don't display special files in the directory index. They aren't served, but links to them are generated. --- All from "Rajeev V. Pillai" <rajeev_v_pil...@yahoo.com>: - use html tables for directory index. - don't include "index.html" in html headers - additional escaping of names - re-add top/bottom borders - adds an aquamarine table header - Zebra-stripes table rows using CSS instead of code - fix CGI '+' param and error handling. - remove unused parameter to daemon_poll_err(). - avoid sign extension in % handling fix a few problems pointed out by clang static analyzer: - bozostrnsep() may return with "in = NULL", so check for it. - nul terminating in bozo_escape_rfc3986() can be simpler - don't use uniinit variables in check_remap() - don't use re-used freed data in check_virtual(). - fix bozoprefs->size setting when increasing the size (new total was being added to the prior total.) however, bozostrdup() may reference request->hr_file. --- Add ssl specific timeout value (30s). If SSL_accept() doesn't work with in this timeout value, ssl setup now fails. --- Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing) --- Avoid .htpasswd exposure to authenticated users when .htpasswd is in the slashdir too. --- Avoid possible NULL dereference when sending a big request that timeout. --- Use strings.h for strcasecmp (on linux) --- Account for cgihandler being set when counting the number of CGI environment headers we are about to set. Avoids an assertion failure (and overruninng the array) later. To generate a diff of this commit: cvs rdiff -u -r1.25.4.2 -r1.25.4.3 src/libexec/httpd/CHANGES cvs rdiff -u -r1.27 -r1.27.2.1 src/libexec/httpd/Makefile cvs rdiff -u -r1.18.8.1 -r1.18.8.2 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.65.4.1 -r1.65.4.2 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.86.4.3 -r1.86.4.4 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.47.4.2 -r1.47.4.3 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.37.4.3 -r1.37.4.4 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.17.8.1 -r1.17.8.2 src/libexec/httpd/daemon-bozo.c cvs rdiff -u -r1.25.8.1 -r1.25.8.2 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.22.8.1 -r1.22.8.2 src/libexec/httpd/ssl-bozo.c cvs rdiff -u -r1.7.4.1 -r1.7.4.2 src/libexec/httpd/testsuite/Makefile cvs rdiff -u -r1.1 -r1.1.20.1 src/libexec/httpd/testsuite/t11.out cvs rdiff -u -r1.4.4.1 -r1.4.4.2 src/libexec/httpd/testsuite/test-bigfile cvs rdiff -u -r1.4.10.1 -r1.4.10.2 src/libexec/httpd/testsuite/test-simple Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.