| History log of /src/libexec/httpd/printenv.lua |
| Revision | | Date | Author | Comments |
| 1.5 |
| 28-Feb-2021 |
rillig | libexec/httpd: fix cross-site scripting in Lua example
curl \
--header 'NAME<x>: <y>' \
'http://127.0.0.1:8080/test/printenv?<b>=<i>'
|
| 1.4 |
| 25-Aug-2020 |
leot | Fix a typo in a comment
|
| 1.3 |
| 07-Dec-2015 |
kamil | branches: 1.3.8; 1.3.18;
Improve the httpd(8) printenv.lua Lua example
Stop using Lua builtin print function and replace them with http.* ones.
httpd.print and http.write wraps SSL support when needed.
Print http headers, without them browser may interpret page as raw text.
No need to hardcode prefix path in the form.
Add comments for a user with tips how to use this script.
Patch by Travis Paul
Closes PR misc/50502
|
| 1.2 |
| 02-Jan-2014 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.10; 1.2.12; 1.2.14; 1.2.16; 1.2.18; 1.2.20; 1.2.22;
- update CHANGES with recent changes
- update version to 20140102
- update copyrights
- use getcwd() over getwd()
- fix lean build (don't include lua)
|
| 1.1 |
| 12-Oct-2013 |
mbalmer | add Lua scripting support to bozohttpd, see httpd(8) for details
|
| 1.2.22.1 |
| 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1141):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.2.20.2 |
| 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.2.20.1 |
| 02-Jan-2014 |
tls | file printenv.lua was added on branch tls-maxphys on 2014-08-20 00:02:22 +0000
|
| 1.2.18.1 |
| 10-Apr-2016 |
martin | Catch up to -current (via patch), requested by mspo in #1141:
libexec/httpd/CHANGES up to 1.21
libexec/httpd/Makefile up to 1.26
libexec/httpd/auth-bozo.c up to 1.18
libexec/httpd/bozohttpd.8 up to 1.58
libexec/httpd/bozohttpd.c up to 1.79
libexec/httpd/bozohttpd.h up to 1.44
libexec/httpd/cgi-bozo.c up to 1.32
libexec/httpd/content-bozo.c up to 1.13
libexec/httpd/daemon-bozo.c up to 1.17
libexec/httpd/dir-index-bozo.c up to 1.25
libexec/httpd/lua-bozo.c up to 1.14
libexec/httpd/main.c up to 1.13
libexec/httpd/netbsd_queue.h up to 1.1
libexec/httpd/printenv.lua up to 1.3
libexec/httpd/ssl-bozo.c up to 1.22
libexec/httpd/tilde-luzah-bozo.c up to 1.14
libexec/httpd/testsuite/Makefile up to 1.5
libexec/httpd/testsuite/test-bigfile up to 1.2
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
|
| 1.2.16.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-5-1 on 2014-07-09 16:09:39 +0000
|
| 1.2.14.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.14.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.2.12.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.2.10.3 |
| 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.2.10.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES 1.12-1.18
libexec/httpd/Makefile 1.13-1.22
libexec/httpd/Makefile.boot 1.6
libexec/httpd/auth-bozo.c 1.11-1.13
libexec/httpd/bozohttpd.8 1.33-1.46
libexec/httpd/bozohttpd.c 1.31-1.54
libexec/httpd/bozohttpd.h 1.21-1.32
libexec/httpd/cgi-bozo.c 1.21-1.25
libexec/httpd/content-bozo.c 1.8-1.10
libexec/httpd/daemon-bozo.c 1.16-1.16
libexec/httpd/dir-index-bozo.c 1.15-1.19
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.6-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/ssl-bozo.c 1.14-1.16
libexec/httpd/tilde-luzah-bozo.c 1.10
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.2-1.3
libexec/httpd/small/Makefile 1.2
Update bozohttpd from 20111118 to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
|
| 1.2.10.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-6-0 on 2014-07-09 09:47:11 +0000
|
| 1.2.8.3 |
| 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.2.8.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES 1.12-1.18
libexec/httpd/Makefile 1.13-1.22
libexec/httpd/Makefile.boot 1.6
libexec/httpd/auth-bozo.c 1.11-1.13
libexec/httpd/bozohttpd.8 1.33-1.46
libexec/httpd/bozohttpd.c 1.31-1.54
libexec/httpd/bozohttpd.h 1.21-1.32
libexec/httpd/cgi-bozo.c 1.21-1.25
libexec/httpd/content-bozo.c 1.8-1.10
libexec/httpd/daemon-bozo.c 1.16-1.16
libexec/httpd/dir-index-bozo.c 1.15-1.19
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.6-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/ssl-bozo.c 1.14-1.16
libexec/httpd/tilde-luzah-bozo.c 1.10
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.2-1.3
libexec/httpd/small/Makefile 1.2
Update bozohttpd from 20111118 to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
|
| 1.2.8.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-6-1 on 2014-07-09 09:44:56 +0000
|
| 1.2.6.3 |
| 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.2.6.2 |
| 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1095):
libexec/httpd/CHANGES 1.12-1.18
libexec/httpd/Makefile 1.13-1.22
libexec/httpd/Makefile.boot 1.6
libexec/httpd/auth-bozo.c 1.11-1.13
libexec/httpd/bozohttpd.8 1.33-1.46
libexec/httpd/bozohttpd.c 1.31-1.54
libexec/httpd/bozohttpd.h 1.21-1.32
libexec/httpd/cgi-bozo.c 1.21-1.25
libexec/httpd/content-bozo.c 1.8-1.10
libexec/httpd/daemon-bozo.c 1.16-1.16
libexec/httpd/dir-index-bozo.c 1.15-1.19
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.6-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/ssl-bozo.c 1.14-1.16
libexec/httpd/tilde-luzah-bozo.c 1.10
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.2-1.3
libexec/httpd/small/Makefile 1.2
Update bozohttpd from 20111118 to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
|
| 1.2.6.1 |
| 02-Jan-2014 |
msaitoh | file printenv.lua was added on branch netbsd-6 on 2014-07-09 09:42:39 +0000
|
| 1.2.4.2 |
| 22-May-2014 |
yamt | sync with head.
for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
|
| 1.2.4.1 |
| 02-Jan-2014 |
yamt | file printenv.lua was added on branch yamt-pagecache on 2014-05-22 11:37:13 +0000
|
| 1.3.18.1 |
| 05-Mar-2021 |
martin | Pull up the following (all via patch), requested by mrg in ticket #1221:
lib/lua/bozohttpd/Makefile (apply patch)
libexec/httpd/Makefile 1.30-1.31
libexec/httpd/Makefile.boot 1.7-1.9
libexec/httpd/auth-bozo.c 1.25-1.26
libexec/httpd/bozohttpd.8 1.80-1.87
libexec/httpd/bozohttpd.c 1.114-1.123,1.125-1.128
libexec/httpd/bozohttpd.h 1.61-1.68
libexec/httpd/cgi-bozo.c 1.49-1.53
libexec/httpd/content-bozo.c 1.17-1.20
libexec/httpd/daemon-bozo.c 1-.22
libexec/httpd/dir-index-bozo.c 1.33-1.34
libexec/httpd/main.c 1.23-1.27
libexec/httpd/printenv.lua 1.4-1.5
libexec/httpd/ssl-bozo.c 1.27-1.29
libexec/httpd/libbozohttpd/libbozohttpd.3 1.5-1.6
libexec/httpd/small/Makefile 1.4
libexec/httpd/testsuite/Makefile 1.14
libexec/httpd/testsuite/t16.in 1.1
libexec/httpd/testsuite/t16.out 1.1
libexec/httpd/testsuite/t17.in 1.1
libexec/httpd/testsuite/t17.out 1.1
libexec/httpd/testsuite/t18.in 1.1
libexec/httpd/testsuite/t18.out 1.1
Update to bozohttpd 20210227.
Apply lua build fix (no blocklist support on this branch).
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.3.8.1 |
| 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
