changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.13.2;
add $NetBSD$

Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.

This makes the tests pass on my machine.

- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.

from CHANGES:

o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.


the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.


reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.


clean up option and usage handling some.

fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.

Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.7.4; 1.7.10; 1.7.12;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

branches: 1.6.2;
Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.

Reviewed by mrg@.

branches: 1.5.2;
fix running the testsuite from the build tree

branches: 1.4.8; 1.4.14; 1.4.20; 1.4.24; 1.4.26;
merge bozohttpd 20090522

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.

branches: 1.5.6; 1.5.12; 1.5.14;
When testing non-verbosely, show diff on failure. ok mrg@

branches: 1.4.2; 1.4.8; 1.4.14; 1.4.18; 1.4.20; 1.4.22; 1.4.24;
merge bozohttpd 20111118

branches: 1.3.6;
re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

branches: 1.1.1.1.2; 1.1.1.1.26; 1.1.1.1.28; 1.1.1.1.30;
import latest bozohttpd sources. changes include:

o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD

don't assume host BUFSIZ is sufficent. small BUFSIZ leads to
always happens errors in the testsuite. switch all these buffers
to be 4KiB sized. reported by embr <git@liclac.eu>

make a minor output change match again.

branches: 1.1.1;
Initial revision

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14; 1.1.16;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

add 'check' target to toplevel makefile.

fix the t11.out output now that CGI parsing works better.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14; 1.1.16; 1.1.20; 1.1.26; 1.1.28;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
from CHANGES:

o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.


the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.


reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.


clean up option and usage handling some.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
from CHANGES:

o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses

old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.


the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.


reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.


clean up option and usage handling some.

branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)

branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)

branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

fix output since protocol agnostic change went in.

XXX: i thought someone hooked this into atf already, please do :)

branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files

branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

re-add a lot of the distribution files

branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.

This makes the tests pass on my machine.

- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.

branches: 1.4.4; 1.4.10; 1.4.12;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

branches: 1.3.2;
Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.

Reviewed by mrg@.

branches: 1.2.2;
fix running the testsuite from the build tree

branches: 1.1.1;
Initial revision

Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.

This makes the tests pass on my machine.

- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.

call this bozohttpd 20181121.

branches: 1.4.2; 1.4.4; 1.4.6; 1.4.10; 1.4.16; 1.4.18;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

branches: 1.3.2; 1.3.4;
When testing non-verbosely, show diff on failure. ok mrg@

branches: 1.2.2; 1.2.4; 1.2.6;
Missed in previous: exit 1 if html_cmp says no match.

Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.

Reviewed by mrg@.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.

branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@

branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child

branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child

branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child

Re-add two files necessary for the testsuite to run properly.

branches: 1.2.4; 1.2.6; 1.2.12;
merge bozohttpd 20080303

branches: 1.1.1;
Initial revision

Re-add two files necessary for the testsuite to run properly.

branches: 1.2.10; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.

branches: 1.1.1;
Initial revision