Module Name: src
Committed By: mrg
Date: Thu Jul 11 07:44:19 UTC 2013
Modified Files:
src/libexec/httpd: CHANGES bozohttpd.8 bozohttpd.c bozohttpd.h
content-bozo.c dir-index-bozo.c
Log Message:
- update CHANGES with recent changes
- export esacpe_html() and use it in directory indexing
- update manual to include recent contributors
To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 src/libexec/httpd/CHANGES
cvs rdiff -u -r1.36 -r1.37 src/libexec/httpd/bozohttpd.8
cvs rdiff -u -r1.39 -r1.40 src/libexec/httpd/bozohttpd.c
cvs rdiff -u -r1.24 -r1.25 src/libexec/httpd/bozohttpd.h
cvs rdiff -u -r1.7 -r1.8 src/libexec/httpd/content-bozo.c
cvs rdiff -u -r1.15 -r1.16 src/libexec/httpd/dir-index-bozo.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/CHANGES
diff -u src/libexec/httpd/CHANGES:1.12 src/libexec/httpd/CHANGES:1.13
--- src/libexec/httpd/CHANGES:1.12 Thu Jul 19 09:53:06 2012
+++ src/libexec/httpd/CHANGES Thu Jul 11 07:44:19 2013
@@ -1,6 +1,10 @@
$eterna: CHANGES,v 1.78 2011/11/18 01:25:11 mrg Exp $
changes since bozohttpd 20111118:
+ o properly escape generated HTML
+ o add authentication for redirections, from [email protected]
+ o handle chained ssl certifications, from [email protected]
+ o add basic support for gzipped files, from [email protected]
o properly escape generated URIs
changes since bozohttpd 20100920:
Index: src/libexec/httpd/bozohttpd.8
diff -u src/libexec/httpd/bozohttpd.8:1.36 src/libexec/httpd/bozohttpd.8:1.37
--- src/libexec/httpd/bozohttpd.8:1.36 Sat Mar 2 16:45:31 2013
+++ src/libexec/httpd/bozohttpd.8 Thu Jul 11 07:44:19 2013
@@ -1,8 +1,8 @@
-.\" $NetBSD: bozohttpd.8,v 1.36 2013/03/02 16:45:31 ryoon Exp $
+.\" $NetBSD: bozohttpd.8,v 1.37 2013/07/11 07:44:19 mrg Exp $
.\"
.\" $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $
.\"
-.\" Copyright (c) 1997-2010 Matthew R. Green
+.\" Copyright (c) 1997-2013 Matthew R. Green
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd February 20, 2012
+.Dd June 11, 2013
.Dt HTTPD 8
.Os
.Sh NAME
@@ -485,7 +485,7 @@ The focus has always been simplicity and
and regular code audits.
This manual documents
.Nm
-version 20100920.
+version 20130711.
.Sh AUTHORS
.Nm
was written by Matthew R. Green
@@ -531,13 +531,17 @@ Alistair G. Crooks
cleaned up many internal interfaces, made bozohttpd linkable as a
library and provided the lua binding.
.It
+Roland Dowdeswell
+.Aq [email protected]
+added support for serving gzipped files and better SSL handling
+.It
Jun-ichiro itojun Hagino, KAME
.Aq [email protected]
provided initial IPv6 support
.It
Martin Husemann
.Aq [email protected]
-provided .bzabsredirect support
+provided .bzabsredirect support, and fixed various redirection issues
.It
Arto Huusko
.Aq [email protected]
@@ -555,6 +559,10 @@ Nicolas Jombart
.Aq [email protected]
provided fixes for HTTP basic authorisation support
.It
+Antti Kantee
+.Aq [email protected]
+provided fixes for HTTP basic authorisation support
+.It
Thomas Klausner
.Aq [email protected]
provided many fixes and enhancements for the man page
@@ -563,6 +571,12 @@ Johnny Lam
.Aq [email protected]
provided man page fixes
.It
+Julio Merino
+.Aq [email protected]
+Added the
+.Fl P
+option.
+.It
Luke Mewburn
.Aq [email protected]
provided many various fixes, including cgi-bin fixes and enhancements,
@@ -590,6 +604,10 @@ provided the
.Fl V
option.
.It
+Thor Lancelot Simon
+.Aq [email protected]
+enhanced cgi-bin support.
+.It
Joerg Sonnenberger
.Aq [email protected]
implemented If-Modified-Since support
Index: src/libexec/httpd/bozohttpd.c
diff -u src/libexec/httpd/bozohttpd.c:1.39 src/libexec/httpd/bozohttpd.c:1.40
--- src/libexec/httpd/bozohttpd.c:1.39 Thu Jun 27 13:11:11 2013
+++ src/libexec/httpd/bozohttpd.c Thu Jul 11 07:44:19 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.c,v 1.39 2013/06/27 13:11:11 martin Exp $ */
+/* $NetBSD: bozohttpd.c,v 1.40 2013/07/11 07:44:19 mrg Exp $ */
/* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */
@@ -109,7 +109,7 @@
#define INDEX_HTML "index.html"
#endif
#ifndef SERVER_SOFTWARE
-#define SERVER_SOFTWARE "bozohttpd/20111118"
+#define SERVER_SOFTWARE "bozohttpd/20130711"
#endif
#ifndef DIRECT_ACCESS_FILE
#define DIRECT_ACCESS_FILE ".bzdirect"
@@ -854,7 +854,7 @@ parse_http_date(const char *val, time_t
* to be updated for any sort of parallel processing.
*/
char *
-escape_rfc3986(bozohttpd_t *httpd, const char *url)
+bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url)
{
static char *buf;
static size_t buflen = 0;
@@ -965,7 +965,7 @@ handle_redirect(bozo_httpreq_t *request,
url = urlbuf;
} else
urlbuf = NULL;
- url = escape_rfc3986(request->hr_httpd, url);
+ url = bozo_escape_rfc3986(request->hr_httpd, url);
if (request->hr_query && strlen(request->hr_query))
query = 1;
@@ -1083,7 +1083,7 @@ check_virtual(bozo_httpreq_t *request)
/* found it, punch it */
debug((httpd, DEBUG_OBESE, "found it punch it"));
request->hr_virthostname =
- bozostrdup(httpd,d->d_name);
+ bozostrdup(httpd, d->d_name);
if (asprintf(&s, "%s/%s", httpd->virtbase,
request->hr_virthostname) < 0)
bozo_err(httpd, 1, "asprintf");
@@ -1739,12 +1739,20 @@ bozo_err(bozohttpd_t *httpd, int code, c
exit(code);
}
-/* this escape HTML tags */
-static void
-escape_html(bozo_httpreq_t *request)
+/*
+ * this escapes HTML tags. returns allocated escaped
+ * string if needed, or NULL on allocation failure or
+ * lack of escape need.
+ * call with NULL httpd in error paths, to avoid recursive
+ * malloc failure. call with valid httpd in normal paths
+ * to get automatic allocation failure handling.
+ */
+char *
+bozo_escape_html(bozohttpd_t *httpd, const char *url)
{
int i, j;
- char *url = request->hr_file, *tmp;
+ char *tmp;
+ size_t len;
for (i = 0, j = 0; url[i]; i++) {
switch (url[i]) {
@@ -1759,16 +1767,17 @@ escape_html(bozo_httpreq_t *request)
}
if (j == 0)
- return;
+ return NULL;
- if ((tmp = (char *) malloc(strlen(url) + j)) == 0)
- /*
- * ouch, but we are only called from an error context, and
- * most paths here come from malloc(3) failures anyway...
- * we could completely punt and just exit, but isn't returning
- * an not-quite-correct error better than nothing at all?
- */
- return;
+ /*
+ * we need to handle being called from different
+ * pathnames.
+ */
+ len = strlen(url) + j;
+ if (httpd)
+ tmp = bozomalloc(httpd, len);
+ else if ((tmp = malloc(len)) == 0)
+ return NULL;
for (i = 0, j = 0; url[i]; i++) {
switch (url[i]) {
@@ -1790,8 +1799,7 @@ escape_html(bozo_httpreq_t *request)
}
tmp[j] = 0;
- free(request->hr_file);
- request->hr_file = tmp;
+ return tmp;
}
/* short map between error code, and short/long messages */
@@ -1865,14 +1873,19 @@ bozo_http_error(bozohttpd_t *httpd, int
portbuf[0] = '\0';
if (request && request->hr_file) {
- escape_html(request);
+ char *file = NULL;
+
+ /* bozo_escape_html() failure here is just too bad. */
+ file = bozo_escape_html(NULL, request->hr_file);
+ if (file == NULL)
+ file = request->hr_file;
size = snprintf(httpd->errorbuf, BUFSIZ,
"<html><head><title>%s</title></head>\n"
"<body><h1>%s</h1>\n"
"%s: <pre>%s</pre>\n"
"<hr><address><a href=\"http://%s%s/\";>%s%s</a></address>\n"
"</body></html>\n",
- header, header, request->hr_file, reason,
+ header, header, file, reason,
hostname, portbuf, hostname, portbuf);
if (size >= (int)BUFSIZ) {
bozo_warn(httpd,
Index: src/libexec/httpd/bozohttpd.h
diff -u src/libexec/httpd/bozohttpd.h:1.24 src/libexec/httpd/bozohttpd.h:1.25
--- src/libexec/httpd/bozohttpd.h:1.24 Thu Jun 27 10:01:31 2013
+++ src/libexec/httpd/bozohttpd.h Thu Jul 11 07:44:19 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.h,v 1.24 2013/06/27 10:01:31 martin Exp $ */
+/* $NetBSD: bozohttpd.h,v 1.25 2013/07/11 07:44:19 mrg Exp $ */
/* $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $ */
@@ -193,7 +193,8 @@ int bozo_http_error(bozohttpd_t *, int,
int bozo_check_special_files(bozo_httpreq_t *, const char *);
char *bozo_http_date(char *, size_t);
void bozo_print_header(bozo_httpreq_t *, struct stat *, const char *, const char *);
-char *escape_rfc3986(bozohttpd_t *httpd, const char *url);
+char *bozo_escape_rfc3986(bozohttpd_t *httpd, const char *url);
+char *bozo_escape_html(bozohttpd_t *httpd, const char *url);
char *bozodgetln(bozohttpd_t *, int, ssize_t *, ssize_t (*)(bozohttpd_t *, int, void *, size_t));
char *bozostrnsep(char **, const char *, ssize_t *);
Index: src/libexec/httpd/content-bozo.c
diff -u src/libexec/httpd/content-bozo.c:1.7 src/libexec/httpd/content-bozo.c:1.8
--- src/libexec/httpd/content-bozo.c:1.7 Fri Nov 18 09:51:31 2011
+++ src/libexec/httpd/content-bozo.c Thu Jul 11 07:44:19 2013
@@ -1,9 +1,9 @@
-/* $NetBSD: content-bozo.c,v 1.7 2011/11/18 09:51:31 mrg Exp $ */
+/* $NetBSD: content-bozo.c,v 1.8 2013/07/11 07:44:19 mrg Exp $ */
/* $eterna: content-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */
/*
- * Copyright (c) 1997-2011 Matthew R. Green
+ * Copyright (c) 1997-2013 Matthew R. Green
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -73,6 +73,7 @@ static bozo_content_map_t static_content
{ ".z", 2, "unknown", "x-pack", "x-pack", NULL },
{ ".bz2", 4, "application/x-bzip2", "x-bzip2", "x-bzip2", NULL },
{ ".ogg", 4, "application/x-ogg", "", "", NULL },
+ { ".mkv", 4, "video/x-matroska", "", "", NULL },
{ ".xbel", 5, "text/xml", "", "", NULL },
{ ".xml", 4, "text/xml", "", "", NULL },
{ ".xsl", 4, "text/xml", "", "", NULL },
Index: src/libexec/httpd/dir-index-bozo.c
diff -u src/libexec/httpd/dir-index-bozo.c:1.15 src/libexec/httpd/dir-index-bozo.c:1.16
--- src/libexec/httpd/dir-index-bozo.c:1.15 Thu Jul 19 09:53:06 2012
+++ src/libexec/httpd/dir-index-bozo.c Thu Jul 11 07:44:19 2013
@@ -1,4 +1,4 @@
-/* $NetBSD: dir-index-bozo.c,v 1.15 2012/07/19 09:53:06 mrg Exp $ */
+/* $NetBSD: dir-index-bozo.c,v 1.16 2013/07/11 07:44:19 mrg Exp $ */
/* $eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $ */
@@ -127,7 +127,7 @@ bozo_dir_index(bozo_httpreq_t *request,
j--; de++) {
int nostat = 0;
char *name = (*de)->d_name;
- char *urlname;
+ char *urlname, *htmlname;
if (strcmp(name, ".") == 0 ||
(strcmp(name, "..") != 0 &&
@@ -140,21 +140,26 @@ bozo_dir_index(bozo_httpreq_t *request,
l = 0;
- urlname = escape_rfc3986(httpd, name);
+ urlname = bozo_escape_rfc3986(httpd, name);
+ htmlname = bozo_escape_html(httpd, name);
+ if (htmlname == NULL)
+ htmlname = name;
if (strcmp(name, "..") == 0) {
bozo_printf(httpd, "<a href=\"../\">");
l += bozo_printf(httpd, "Parent Directory");
} else if (S_ISDIR(sb.st_mode)) {
bozo_printf(httpd, "<a href=\"%s/\">", urlname);
- l += bozo_printf(httpd, "%s/", name);
+ l += bozo_printf(httpd, "%s/", htmlname);
} else if (strchr(name, ':') != NULL) {
/* RFC 3986 4.2 */
bozo_printf(httpd, "<a href=\"./%s\">", urlname);
- l += bozo_printf(httpd, "%s", name);
+ l += bozo_printf(httpd, "%s", htmlname);
} else {
bozo_printf(httpd, "<a href=\"%s\">", urlname);
- l += bozo_printf(httpd, "%s", name);
+ l += bozo_printf(httpd, "%s", htmlname);
}
+ if (htmlname != name)
+ free(htmlname);
bozo_printf(httpd, "</a>");
/* NAMELEN spaces */
