| History log of /src/libexec/httpd/testsuite |
| Revision | Date | Author | Comments |
| 1.14 | 11-Feb-2021 |
mrg | changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.13 | 27-Mar-2019 |
mrg | branches: 1.13.2;
add $NetBSD$
|
| 1.12 | 14-Dec-2018 |
maya | Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.
This makes the tests pass on my machine.
|
| 1.11 | 21-Nov-2018 |
mrg | - move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
|
| 1.10 | 20-Nov-2018 |
mrg | from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
|
| 1.9 | 19-Nov-2018 |
mrg | fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
|
| 1.8 | 24-Aug-2018 |
martin | Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.7 | 31-Jan-2017 |
mrg | branches: 1.7.4; 1.7.10; 1.7.12;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.6 | 23-Sep-2016 |
schmonz | branches: 1.6.2;
Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.
Reviewed by mrg@.
|
| 1.5 | 27-Dec-2015 |
mrg | branches: 1.5.2;
fix running the testsuite from the build tree
|
| 1.4 | 23-May-2009 |
mrg | branches: 1.4.8; 1.4.14; 1.4.20; 1.4.24; 1.4.26;
merge bozohttpd 20090522
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.4 | 23-May-2009 |
mrg | import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
|
| 1.1.1.3 | 18-Apr-2009 |
mrg | import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.2 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.4.26.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.4.26.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.26.3 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.4.26.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.4.26.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1141):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.4.24.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.4.24.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.24.3 | 12-Feb-2017 |
snj | branches: 1.4.24.3.2;
Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.4.24.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.4.24.1 | 10-Apr-2016 |
martin | branches: 1.4.24.1.2;
Catch up to -current (via patch), requested by mspo in #1141:
libexec/httpd/CHANGES up to 1.21
libexec/httpd/Makefile up to 1.26
libexec/httpd/auth-bozo.c up to 1.18
libexec/httpd/bozohttpd.8 up to 1.58
libexec/httpd/bozohttpd.c up to 1.79
libexec/httpd/bozohttpd.h up to 1.44
libexec/httpd/cgi-bozo.c up to 1.32
libexec/httpd/content-bozo.c up to 1.13
libexec/httpd/daemon-bozo.c up to 1.17
libexec/httpd/dir-index-bozo.c up to 1.25
libexec/httpd/lua-bozo.c up to 1.14
libexec/httpd/main.c up to 1.13
libexec/httpd/netbsd_queue.h up to 1.1
libexec/httpd/printenv.lua up to 1.3
libexec/httpd/ssl-bozo.c up to 1.22
libexec/httpd/tilde-luzah-bozo.c up to 1.14
libexec/httpd/testsuite/Makefile up to 1.5
libexec/httpd/testsuite/test-bigfile up to 1.2
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
|
| 1.4.24.3.2.2 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.4.24.3.2.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.24.1.2.2 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.4.24.1.2.1 | 18-Jan-2017 |
skrll | Sync with netbsd-5
|
| 1.4.20.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.20.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.4.14.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.14.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.4.8.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.8.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.5.2.2 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.5.2.1 | 04-Nov-2016 |
pgoyette | Sync with HEAD
|
| 1.6.2.1 | 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.7.12.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.7.10.3 | 26-Dec-2018 |
pgoyette | Sync with HEAD, resolve a few conflicts
|
| 1.7.10.2 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.7.10.1 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.7.4.3 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.7.4.2 | 12-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1281:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.7.4.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.13.2.1 | 05-Mar-2021 |
martin | Pull up the following (all via patch), requested by mrg in ticket #1221:
lib/lua/bozohttpd/Makefile (apply patch)
libexec/httpd/Makefile 1.30-1.31
libexec/httpd/Makefile.boot 1.7-1.9
libexec/httpd/auth-bozo.c 1.25-1.26
libexec/httpd/bozohttpd.8 1.80-1.87
libexec/httpd/bozohttpd.c 1.114-1.123,1.125-1.128
libexec/httpd/bozohttpd.h 1.61-1.68
libexec/httpd/cgi-bozo.c 1.49-1.53
libexec/httpd/content-bozo.c 1.17-1.20
libexec/httpd/daemon-bozo.c 1-.22
libexec/httpd/dir-index-bozo.c 1.33-1.34
libexec/httpd/main.c 1.23-1.27
libexec/httpd/printenv.lua 1.4-1.5
libexec/httpd/ssl-bozo.c 1.27-1.29
libexec/httpd/libbozohttpd/libbozohttpd.3 1.5-1.6
libexec/httpd/small/Makefile 1.4
libexec/httpd/testsuite/Makefile 1.14
libexec/httpd/testsuite/t16.in 1.1
libexec/httpd/testsuite/t16.out 1.1
libexec/httpd/testsuite/t17.in 1.1
libexec/httpd/testsuite/t17.out 1.1
libexec/httpd/testsuite/t18.in 1.1
libexec/httpd/testsuite/t18.out 1.1
Update to bozohttpd 20210227.
Apply lua build fix (no blocklist support on this branch).
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.6 | 21-Nov-2018 |
mrg | - move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
|
| 1.5 | 27-Dec-2016 |
schmonz | branches: 1.5.6; 1.5.12; 1.5.14;
When testing non-verbosely, show diff on failure. ok mrg@
|
| 1.4 | 18-Nov-2011 |
mrg | branches: 1.4.2; 1.4.8; 1.4.14; 1.4.18; 1.4.20; 1.4.22; 1.4.24;
merge bozohttpd 20111118
|
| 1.3 | 18-Apr-2009 |
mrg | branches: 1.3.6;
re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 18-Nov-2011 |
mrg | update to bozohttpd 20111118. nothing major is missing here but
the changes since the prior import were:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3.6.1 | 17-Apr-2012 |
yamt | sync with head
|
| 1.4.24.1 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.4.22.1 | 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.4.20.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.20.1 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.4.18.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.18.1 | 12-Feb-2017 |
snj | branches: 1.4.18.1.2;
Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.4.18.1.2.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.14.1 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.8.1 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.2.1 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.5.14.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.5.12.1 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.5.6.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1 | 18-Apr-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 18-Apr-2009 |
mrg | branches: 1.1.1.1.2; 1.1.1.1.26; 1.1.1.1.28; 1.1.1.1.30;
import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.30.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.30.1 | 18-Apr-2009 |
msaitoh | file t10.in was added on branch netbsd-5-1 on 2014-07-09 16:09:39 +0000
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 18-Apr-2009 |
msaitoh | file t10.in was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 18-Apr-2009 |
msaitoh | file t10.in was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.1.1.1.2.2 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.1.1.1.2.1 | 18-Apr-2009 |
jym | file t10.in was added on branch jym-xensuspend on 2009-05-13 19:18:38 +0000
|
| 1.3 | 05-May-2021 |
mrg | don't assume host BUFSIZ is sufficent. small BUFSIZ leads to
always happens errors in the testsuite. switch all these buffers
to be 4KiB sized. reported by embr <git@liclac.eu>
|
| 1.2 | 16-Jul-2014 |
mrg | make a minor output change match again.
|
| 1.1 | 18-Apr-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 18-Apr-2009 |
mrg | branches: 1.1.1.1.2; 1.1.1.1.10; 1.1.1.1.14; 1.1.1.1.16; 1.1.1.1.22; 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28; 1.1.1.1.30;
import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.30.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.30.1 | 18-Apr-2009 |
msaitoh | file t10.out was added on branch netbsd-5-1 on 2014-07-09 16:09:39 +0000
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 18-Apr-2009 |
msaitoh | file t10.out was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 18-Apr-2009 |
msaitoh | file t10.out was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.1.1.1.24.1 | 10-Aug-2014 |
tls | Rebase.
|
| 1.1.1.1.22.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.16.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.14.1 | 20-Aug-2014 |
tls | Rebase to HEAD as of a few days ago.
|
| 1.1.1.1.10.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.2.2 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.1.1.1.2.1 | 18-Apr-2009 |
jym | file t10.out was added on branch jym-xensuspend on 2009-05-13 19:18:38 +0000
|
| 1.1 | 31-Jan-2017 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14; 1.1.16;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.1.16.2 | 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.1.16.1 | 31-Jan-2017 |
bouyer | file t11.in was added on branch bouyer-socketcan on 2017-04-21 16:53:13 +0000
|
| 1.1.14.2 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.1.14.1 | 31-Jan-2017 |
pgoyette | file t11.in was added on branch pgoyette-localcount on 2017-03-20 06:57:01 +0000
|
| 1.1.12.2 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.1.12.1 | 31-Jan-2017 |
skrll | file t11.in was added on branch netbsd-7-nhusb on 2017-03-13 07:41:25 +0000
|
| 1.1.10.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.10.1 | 31-Jan-2017 |
snj | file t11.in was added on branch netbsd-6 on 2017-03-07 07:25:19 +0000
|
| 1.1.8.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.8.1 | 31-Jan-2017 |
snj | file t11.in was added on branch netbsd-6-1 on 2017-03-07 07:21:54 +0000
|
| 1.1.6.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.6.1 | 31-Jan-2017 |
snj | file t11.in was added on branch netbsd-6-0 on 2017-03-07 07:16:08 +0000
|
| 1.1.4.2 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.4.1 | 31-Jan-2017 |
snj | file t11.in was added on branch netbsd-7 on 2017-02-12 22:07:17 +0000
|
| 1.1.2.2 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.2.1 | 31-Jan-2017 |
snj | file t11.in was added on branch netbsd-7-0 on 2017-02-12 21:59:45 +0000
|
| 1.2 | 17-Jan-2019 |
mrg | add 'check' target to toplevel makefile.
fix the t11.out output now that CGI parsing works better.
|
| 1.1 | 31-Jan-2017 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14; 1.1.16; 1.1.20; 1.1.26; 1.1.28;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.1.28.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.26.1 | 18-Jan-2019 |
pgoyette | Synch with HEAD
|
| 1.1.20.1 | 12-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1281:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.16.2 | 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.1.16.1 | 31-Jan-2017 |
bouyer | file t11.out was added on branch bouyer-socketcan on 2017-04-21 16:53:13 +0000
|
| 1.1.14.2 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.1.14.1 | 31-Jan-2017 |
pgoyette | file t11.out was added on branch pgoyette-localcount on 2017-03-20 06:57:01 +0000
|
| 1.1.12.2 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.1.12.1 | 31-Jan-2017 |
skrll | file t11.out was added on branch netbsd-7-nhusb on 2017-03-13 07:41:25 +0000
|
| 1.1.10.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.10.1 | 31-Jan-2017 |
snj | file t11.out was added on branch netbsd-6 on 2017-03-07 07:25:19 +0000
|
| 1.1.8.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.8.1 | 31-Jan-2017 |
snj | file t11.out was added on branch netbsd-6-1 on 2017-03-07 07:21:54 +0000
|
| 1.1.6.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.6.1 | 31-Jan-2017 |
snj | file t11.out was added on branch netbsd-6-0 on 2017-03-07 07:16:08 +0000
|
| 1.1.4.3 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.4.2 | 12-Feb-2017 |
snj | branches: 1.1.4.2.2;
Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.4.1 | 31-Jan-2017 |
snj | file t11.out was added on branch netbsd-7 on 2017-02-12 22:07:17 +0000
|
| 1.1.4.2.2.1 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.2.3 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.2.2 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.2.1 | 31-Jan-2017 |
snj | file t11.out was added on branch netbsd-7-0 on 2017-02-12 21:59:45 +0000
|
| 1.1 | 24-Aug-2018 |
martin | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 24-Aug-2018 |
christos | file t12.in was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.10.1 | 24-Aug-2018 |
martin | file t12.in was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 24-Aug-2018 |
martin | file t12.in was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 24-Aug-2018 |
martin | file t12.in was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 24-Aug-2018 |
martin | file t12.in was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1.2.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.1.2.1 | 24-Aug-2018 |
pgoyette | file t12.in was added on branch pgoyette-compat on 2018-09-06 06:55:20 +0000
|
| 1.1 | 24-Aug-2018 |
martin | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 24-Aug-2018 |
christos | file t12.out was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.10.1 | 24-Aug-2018 |
martin | file t12.out was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 24-Aug-2018 |
martin | file t12.out was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 24-Aug-2018 |
martin | file t12.out was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 24-Aug-2018 |
martin | file t12.out was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1.2.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.1.2.1 | 24-Aug-2018 |
pgoyette | file t12.out was added on branch pgoyette-compat on 2018-09-06 06:55:20 +0000
|
| 1.1 | 24-Aug-2018 |
martin | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 24-Aug-2018 |
christos | file t13.in was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.10.1 | 24-Aug-2018 |
martin | file t13.in was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 24-Aug-2018 |
martin | file t13.in was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 24-Aug-2018 |
martin | file t13.in was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 24-Aug-2018 |
martin | file t13.in was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1.2.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.1.2.1 | 24-Aug-2018 |
pgoyette | file t13.in was added on branch pgoyette-compat on 2018-09-06 06:55:20 +0000
|
| 1.1 | 24-Aug-2018 |
martin | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 24-Aug-2018 |
christos | file t13.out was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.10.1 | 24-Aug-2018 |
martin | file t13.out was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 24-Aug-2018 |
martin | file t13.out was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 24-Aug-2018 |
martin | file t13.out was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 24-Aug-2018 |
martin | file t13.out was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1.2.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.1.2.1 | 24-Aug-2018 |
pgoyette | file t13.out was added on branch pgoyette-compat on 2018-09-06 06:55:20 +0000
|
| 1.1 | 19-Nov-2018 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 19-Nov-2018 |
christos | file t14.in was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.1.10.1 | 19-Nov-2018 |
pgoyette | file t14.in was added on branch pgoyette-compat on 2018-11-26 01:52:13 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 19-Nov-2018 |
martin | file t14.in was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 19-Nov-2018 |
martin | file t14.in was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 19-Nov-2018 |
martin | file t14.in was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.2.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.2.1 | 19-Nov-2018 |
martin | file t14.in was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1 | 19-Nov-2018 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 19-Nov-2018 |
christos | file t14.out was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.1.10.1 | 19-Nov-2018 |
pgoyette | file t14.out was added on branch pgoyette-compat on 2018-11-26 01:52:13 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 19-Nov-2018 |
martin | file t14.out was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 19-Nov-2018 |
martin | file t14.out was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 19-Nov-2018 |
martin | file t14.out was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.2.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.2.1 | 19-Nov-2018 |
martin | file t14.out was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1 | 20-Nov-2018 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 20-Nov-2018 |
christos | file t15.in was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.1.10.1 | 20-Nov-2018 |
pgoyette | file t15.in was added on branch pgoyette-compat on 2018-11-26 01:52:13 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 20-Nov-2018 |
martin | file t15.in was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 20-Nov-2018 |
martin | file t15.in was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 20-Nov-2018 |
martin | file t15.in was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.2.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.2.1 | 20-Nov-2018 |
martin | file t15.in was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1 | 20-Nov-2018 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 20-Nov-2018 |
christos | file t15.out was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.1.10.1 | 20-Nov-2018 |
pgoyette | file t15.out was added on branch pgoyette-compat on 2018-11-26 01:52:13 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 20-Nov-2018 |
martin | file t15.out was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 20-Nov-2018 |
martin | file t15.out was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 20-Nov-2018 |
martin | file t15.out was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.2.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.2.1 | 20-Nov-2018 |
martin | file t15.out was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.2.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t16.in was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.4.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.4.1 | 11-Feb-2021 |
martin | file t16.out was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1.2.2 | 05-Mar-2021 |
martin | Pull up the following (all via patch), requested by mrg in ticket #1221:
lib/lua/bozohttpd/Makefile (apply patch)
libexec/httpd/Makefile 1.30-1.31
libexec/httpd/Makefile.boot 1.7-1.9
libexec/httpd/auth-bozo.c 1.25-1.26
libexec/httpd/bozohttpd.8 1.80-1.87
libexec/httpd/bozohttpd.c 1.114-1.123,1.125-1.128
libexec/httpd/bozohttpd.h 1.61-1.68
libexec/httpd/cgi-bozo.c 1.49-1.53
libexec/httpd/content-bozo.c 1.17-1.20
libexec/httpd/daemon-bozo.c 1-.22
libexec/httpd/dir-index-bozo.c 1.33-1.34
libexec/httpd/main.c 1.23-1.27
libexec/httpd/printenv.lua 1.4-1.5
libexec/httpd/ssl-bozo.c 1.27-1.29
libexec/httpd/libbozohttpd/libbozohttpd.3 1.5-1.6
libexec/httpd/small/Makefile 1.4
libexec/httpd/testsuite/Makefile 1.14
libexec/httpd/testsuite/t16.in 1.1
libexec/httpd/testsuite/t16.out 1.1
libexec/httpd/testsuite/t17.in 1.1
libexec/httpd/testsuite/t17.out 1.1
libexec/httpd/testsuite/t18.in 1.1
libexec/httpd/testsuite/t18.out 1.1
Update to bozohttpd 20210227.
Apply lua build fix (no blocklist support on this branch).
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t16.out was added on branch netbsd-9 on 2021-03-05 13:34:19 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.2.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t17.in was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.4.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.4.1 | 11-Feb-2021 |
martin | file t17.out was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1.2.2 | 05-Mar-2021 |
martin | Pull up the following (all via patch), requested by mrg in ticket #1221:
lib/lua/bozohttpd/Makefile (apply patch)
libexec/httpd/Makefile 1.30-1.31
libexec/httpd/Makefile.boot 1.7-1.9
libexec/httpd/auth-bozo.c 1.25-1.26
libexec/httpd/bozohttpd.8 1.80-1.87
libexec/httpd/bozohttpd.c 1.114-1.123,1.125-1.128
libexec/httpd/bozohttpd.h 1.61-1.68
libexec/httpd/cgi-bozo.c 1.49-1.53
libexec/httpd/content-bozo.c 1.17-1.20
libexec/httpd/daemon-bozo.c 1-.22
libexec/httpd/dir-index-bozo.c 1.33-1.34
libexec/httpd/main.c 1.23-1.27
libexec/httpd/printenv.lua 1.4-1.5
libexec/httpd/ssl-bozo.c 1.27-1.29
libexec/httpd/libbozohttpd/libbozohttpd.3 1.5-1.6
libexec/httpd/small/Makefile 1.4
libexec/httpd/testsuite/Makefile 1.14
libexec/httpd/testsuite/t16.in 1.1
libexec/httpd/testsuite/t16.out 1.1
libexec/httpd/testsuite/t17.in 1.1
libexec/httpd/testsuite/t17.out 1.1
libexec/httpd/testsuite/t18.in 1.1
libexec/httpd/testsuite/t18.out 1.1
Update to bozohttpd 20210227.
Apply lua build fix (no blocklist support on this branch).
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t17.out was added on branch netbsd-9 on 2021-03-05 13:34:19 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.2.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t18.in was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1 | 11-Feb-2021 |
mrg | branches: 1.1.2; 1.1.4;
changes in bozohttpd 20210210:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
|
| 1.1.4.2 | 27-Mar-2021 |
martin | Pull up the following via patch, requested by mrg in ticket #1668:
Makefile 1.30-1.31
Makefile.boot 1.7-1.9
auth-bozo.c 1.25-1.26
bozohttpd.8 1.80-1.87
bozohttpd.c 1.114-1.123,1.125-1.128
bozohttpd.h 1.61-1.68
cgi-bozo.c 1.49-1.53
content-bozo.c 1.17-1.20
daemon-bozo.c 1-.22
dir-index-bozo.c 1.33-1.34
main.c 1.23-1.27
printenv.lua 1.4-1.5
ssl-bozo.c 1.27-1.29
libbozohttpd/libbozohttpd.3 1.5-1.6
small/Makefile 1.4
testsuite/Makefile 1.14
testsuite/t16.in 1.1
testsuite/t16.out 1.1
testsuite/t17.in 1.1
testsuite/t17.out 1.1
testsuite/t18.in 1.1
testsuite/t18.out 1.1
Update to bozohttpd 20210227.
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.4.1 | 11-Feb-2021 |
martin | file t18.out was added on branch netbsd-8 on 2021-03-27 13:38:52 +0000
|
| 1.1.2.2 | 05-Mar-2021 |
martin | Pull up the following (all via patch), requested by mrg in ticket #1221:
lib/lua/bozohttpd/Makefile (apply patch)
libexec/httpd/Makefile 1.30-1.31
libexec/httpd/Makefile.boot 1.7-1.9
libexec/httpd/auth-bozo.c 1.25-1.26
libexec/httpd/bozohttpd.8 1.80-1.87
libexec/httpd/bozohttpd.c 1.114-1.123,1.125-1.128
libexec/httpd/bozohttpd.h 1.61-1.68
libexec/httpd/cgi-bozo.c 1.49-1.53
libexec/httpd/content-bozo.c 1.17-1.20
libexec/httpd/daemon-bozo.c 1-.22
libexec/httpd/dir-index-bozo.c 1.33-1.34
libexec/httpd/main.c 1.23-1.27
libexec/httpd/printenv.lua 1.4-1.5
libexec/httpd/ssl-bozo.c 1.27-1.29
libexec/httpd/libbozohttpd/libbozohttpd.3 1.5-1.6
libexec/httpd/small/Makefile 1.4
libexec/httpd/testsuite/Makefile 1.14
libexec/httpd/testsuite/t16.in 1.1
libexec/httpd/testsuite/t16.out 1.1
libexec/httpd/testsuite/t17.in 1.1
libexec/httpd/testsuite/t17.out 1.1
libexec/httpd/testsuite/t18.in 1.1
libexec/httpd/testsuite/t18.out 1.1
Update to bozohttpd 20210227.
Apply lua build fix (no blocklist support on this branch).
changes in bozohttpd 20210227:
o new support for content types: .tar.bz2, .tar.xz, .tar.lz,
.tar.zst, .tbz2, .txz, .tlz, .zipx, .xz, .zst, .sz, .lz, .lzma,
.lzo, .7z, .lzo, .cab, .dmg, .jar, and .rar. should fix
netbsd PR#56026:
MIME type of .tar.xz file on ny{cdn,ftp}.NetBSD.org is invalid
changes in bozohttpd 20210211:
o fix various NULL derefs from malformed headers. mostly from
<emily@ingalls.rocks>.
o fix memory leaks in library interface: add bozo_cleanup().
changes in bozohttpd 20201014:
o also set -D_GNU_SOURCE in Makefile.boot. from
hadrien.lacour@posteo.net.
o fix array size botch (assertion, not exploitable.) from
martin@netbsd.org.
o also match %2F as well as %2f. from leah@vuxu.org.
o many manual and help fixes. clean ups for higher lint levels,
consistency/style clean ups. various option fixes including made
-f imply -b. from <henrik@gulbra.net> for freebsd.
changes in bozohttpd 20200912:
o add .m4a and .m4v file extensions.
changes in bozohttpd 20200820:
o make this work on sun2 by reducing mmap window there.
o fix SSL shutdown sequence. from spz@netbsd.org.
o add readme support to directory indexing. from jmcneill@netbsd.org
o add blocklist(8) support. from jruoho@netbsd.org.
|
| 1.1.2.1 | 11-Feb-2021 |
martin | file t18.out was added on branch netbsd-9 on 2021-03-05 13:34:19 +0000
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.4 | 24-Aug-2018 |
mrg | fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
|
| 1.3 | 18-Apr-2009 |
mrg | branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 18-Apr-2009 |
mrg | import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3.46.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.3.44.1 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.3.38.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.34.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.26.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.24.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.4 | 24-Aug-2018 |
mrg | fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
|
| 1.3 | 18-Apr-2009 |
mrg | branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 18-Apr-2009 |
mrg | import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3.46.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.3.44.1 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.3.38.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.34.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.26.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.24.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.4 | 24-Aug-2018 |
mrg | fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
|
| 1.3 | 18-Apr-2009 |
mrg | branches: 1.3.24; 1.3.26; 1.3.34; 1.3.38; 1.3.44; 1.3.46;
re-add a lot of the distribution files
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.12; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.2 | 18-Apr-2009 |
mrg | import latest bozohttpd sources. changes include:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.12.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3.46.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.3.44.1 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.3.38.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.34.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.26.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3.24.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 18-Apr-2009 |
mrg | re-add a lot of the distribution files
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.8; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.8.1 | 13-May-2009 |
jym | Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.6 | 14-Dec-2018 |
maya | Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.
This makes the tests pass on my machine.
|
| 1.5 | 21-Nov-2018 |
mrg | - move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
|
| 1.4 | 31-Jan-2017 |
mrg | branches: 1.4.4; 1.4.10; 1.4.12;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.3 | 23-Sep-2016 |
schmonz | branches: 1.3.2;
Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.
Reviewed by mrg@.
|
| 1.2 | 27-Dec-2015 |
mrg | branches: 1.2.2;
fix running the testsuite from the build tree
|
| 1.1 | 23-May-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 23-May-2009 |
mrg | branches: 1.1.1.1.8; 1.1.1.1.14; 1.1.1.1.20; 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28; 1.1.1.1.30; 1.1.1.1.32;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
|
| 1.1.1.1.32.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.1.1.32.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.1.1.32.3 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.1.1.32.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.1.1.1.32.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1141):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.30.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.1.1.30.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.1.1.30.3 | 12-Feb-2017 |
snj | branches: 1.1.1.1.30.3.2;
Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.1.1.30.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.1.1.1.30.1 | 10-Apr-2016 |
martin | branches: 1.1.1.1.30.1.2;
Catch up to -current (via patch), requested by mspo in #1141:
libexec/httpd/CHANGES up to 1.21
libexec/httpd/Makefile up to 1.26
libexec/httpd/auth-bozo.c up to 1.18
libexec/httpd/bozohttpd.8 up to 1.58
libexec/httpd/bozohttpd.c up to 1.79
libexec/httpd/bozohttpd.h up to 1.44
libexec/httpd/cgi-bozo.c up to 1.32
libexec/httpd/content-bozo.c up to 1.13
libexec/httpd/daemon-bozo.c up to 1.17
libexec/httpd/dir-index-bozo.c up to 1.25
libexec/httpd/lua-bozo.c up to 1.14
libexec/httpd/main.c up to 1.13
libexec/httpd/netbsd_queue.h up to 1.1
libexec/httpd/printenv.lua up to 1.3
libexec/httpd/ssl-bozo.c up to 1.22
libexec/httpd/tilde-luzah-bozo.c up to 1.14
libexec/httpd/testsuite/Makefile up to 1.5
libexec/httpd/testsuite/test-bigfile up to 1.2
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
|
| 1.1.1.1.30.3.2.2 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.1.1.1.30.3.2.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.1.1.30.1.2.2 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.1.1.1.30.1.2.1 | 18-Jan-2017 |
skrll | Sync with netbsd-5
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 23-May-2009 |
msaitoh | file test-bigfile was added on branch netbsd-5-1 on 2014-07-09 16:09:40 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 23-May-2009 |
msaitoh | file test-bigfile was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.24.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.24.1 | 23-May-2009 |
msaitoh | file test-bigfile was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.1.1.1.20.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.1.1.20.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.14.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.1.1.14.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.1.1.1.8.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.1.1.8.1 | 15-Apr-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1377):
libexec/httpd/CHANGES: up to 1.22
libexec/httpd/Makefile: up to 1.26 via patch
libexec/httpd/auth-bozo.c: up to 1.18
libexec/httpd/bozohttpd.8: up to 1.59
libexec/httpd/bozohttpd.c: up to 1.80 via patch
libexec/httpd/bozohttpd.h: up to 1.45
libexec/httpd/cgi-bozo.c: up to 1.33
libexec/httpd/content-bozo.c: up to 1.13
libexec/httpd/daemon-bozo.c: up to 1.17
libexec/httpd/dir-index-bozo.c: up to 1.25
libexec/httpd/lua-bozo.c: up to 1.14
libexec/httpd/lua/bozo.lua: up to 1.2
libexec/httpd/lua/glue.c: up to 1.2
libexec/httpd/main.c: up to 1.13
libexec/httpd/printenv.lua: up to 1.3
libexec/httpd/ssl-bozo.c: up to 1.22
libexec/httpd/testsuite/Makefile: up to 1.5
libexec/httpd/testsuite/t10.out: up to 1.2
libexec/httpd/testsuite/test-bigfile: up to 1.2
libexec/httpd/tilde-luzah-bozo.c: up to 1.14
Import bozohttpd 20151028:
o add CGI support for ~user translation (-E switch)
o add redirects to ~user translation
o fix bugs around ~user translation
o add schema detection for absolute redirects
o fixed few memory leaks
o bunch of minor tweaks
o removed -r support
o smarter redirects
--
Changes in 20150320:
o fix redirection handling
o support transport stream (.ts) and video object (.vob) files
o directory listings show correct file sizes for large files
--
updates and bozohttpd 20160415:
o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
|
| 1.2.2.2 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.2.2.1 | 04-Nov-2016 |
pgoyette | Sync with HEAD
|
| 1.3.2.1 | 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.4.12.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.4.10.2 | 26-Dec-2018 |
pgoyette | Sync with HEAD, resolve a few conflicts
|
| 1.4.10.1 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.4.4.2 | 12-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1281:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.4.4.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.6 | 14-Dec-2018 |
maya | Don't pass ${HOST} to test scripts.
htnl_cmp compares against the output of `hostname`.
This makes the tests pass on my machine.
|
| 1.5 | 21-Nov-2018 |
mrg | - move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
|
| 1.4 | 31-Jan-2017 |
mrg | branches: 1.4.2; 1.4.4; 1.4.6; 1.4.10; 1.4.16; 1.4.18;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.3 | 27-Dec-2016 |
schmonz | branches: 1.3.2; 1.3.4;
When testing non-verbosely, show diff on failure. ok mrg@
|
| 1.2 | 26-Sep-2016 |
schmonz | branches: 1.2.2; 1.2.4; 1.2.6;
Missed in previous: exit 1 if html_cmp says no match.
|
| 1.1 | 23-Sep-2016 |
schmonz | Add a VERBOSE knob to the testsuite ("yes" by default, producing
basically the same output as before). When turned off, tests run
silently except when there's a failure.
Reviewed by mrg@.
|
| 1.2.6.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.2.6.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.2.6.3 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.2.6.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.2.6.1 | 26-Sep-2016 |
snj | file test-simple was added on branch netbsd-7-0 on 2016-12-23 07:47:40 +0000
|
| 1.2.4.5 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.2.4.4 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.2.4.3 | 12-Feb-2017 |
snj | branches: 1.2.4.3.2;
Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.2.4.2 | 23-Dec-2016 |
snj | Pull up following revision(s) (requested by mrg in ticket #1309):
libexec/httpd/CHANGES: revisions 1.23, 1.24
libexec/httpd/bozohttpd.8: revisions 1.60-1.62
libexec/httpd/bozohttpd.c: revisions 1.81-1.84
libexec/httpd/bozohttpd.h: revision 1.46
libexec/httpd/cgi-bozo.c: revision 1.35
libexec/httpd/content-bozo.c: revision 1.14
libexec/httpd/main.c: revisions 1.14-1.16
libexec/httpd/testsuite/Makefile: revision 1.6
libexec/httpd/testsuite/test-bigfile: revision 1.3
libexec/httpd/testsuite/test-simple: revisions 1.1, 1.2
update bozohttpd to 2016072:
- fix memory leak
- addd -G option to display version
- fix some content type issues
- fix issues in testsuite
|
| 1.2.4.1 | 26-Sep-2016 |
snj | file test-simple was added on branch netbsd-7 on 2016-12-23 07:42:09 +0000
|
| 1.2.4.3.2.2 | 15-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1699:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.2.4.3.2.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.2.2.4 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.2.2.3 | 07-Jan-2017 |
pgoyette | Sync with HEAD. (Note that most of these changes are simply $NetBSD$
tag issues.)
|
| 1.2.2.2 | 04-Nov-2016 |
pgoyette | Sync with HEAD
|
| 1.2.2.1 | 26-Sep-2016 |
pgoyette | file test-simple was added on branch pgoyette-localcount on 2016-11-04 14:48:55 +0000
|
| 1.3.4.3 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.3.4.2 | 18-Jan-2017 |
skrll | Sync with netbsd-5
|
| 1.3.4.1 | 27-Dec-2016 |
skrll | file test-simple was added on branch netbsd-7-nhusb on 2017-01-18 08:46:23 +0000
|
| 1.3.2.1 | 21-Apr-2017 |
bouyer | Sync with HEAD
|
| 1.4.18.1 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.4.16.2 | 26-Dec-2018 |
pgoyette | Sync with HEAD, resolve a few conflicts
|
| 1.4.16.1 | 26-Nov-2018 |
pgoyette | Sync with HEAD, resolve a couple of conflicts
|
| 1.4.10.2 | 12-Jun-2019 |
martin | Pull up the following revisions (via patch) requested by mrg in ticket #1281:
libexec/httpd/CHANGES 1.31-1.40
libexec/httpd/Makefile 1.28
libexec/httpd/auth-bozo.c 1.23-1.24
libexec/httpd/bozohttpd.8 1.75-1.79
libexec/httpd/bozohttpd.c 1.100-1.113
libexec/httpd/bozohttpd.h 1.58-1.60
libexec/httpd/cgi-bozo.c 1.46-1.48
libexec/httpd/daemon-bozo.c 1.20-1.21
libexec/httpd/dir-index-bozo.c 1.29-1.32
libexec/httpd/ssl-bozo.c 1.26
libexec/httpd/testsuite/Makefile 1.12-1.13
libexec/httpd/testsuite/t11.out 1.2
libexec/httpd/testsuite/test-bigfile 1.6
libexec/httpd/testsuite/test-simple 1.6
Don't display special files in the directory index. They aren't
served, but links to them are generated.
---
All from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>:
- use html tables for directory index.
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
- avoid sign extension in % handling
fix a few problems pointed out by clang static analyzer:
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual().
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.)
however, bozostrdup() may reference request->hr_file.
---
Add ssl specific timeout value (30s). If SSL_accept() doesn't
work with in this timeout value, ssl setup now fails.
---
Fix handling of bozo_set_timeout() timeouts (and `-T' option parsing)
---
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
---
Avoid possible NULL dereference when sending a big request that timeout.
---
Use strings.h for strcasecmp (on linux)
---
Account for cgihandler being set when counting the number of CGI environment
headers we are about to set. Avoids an assertion failure (and overruninng
the array) later.
|
| 1.4.10.1 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.4.6.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.6.1 | 31-Jan-2017 |
snj | file test-simple was added on branch netbsd-6 on 2017-03-07 07:25:19 +0000
|
| 1.4.4.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.4.1 | 31-Jan-2017 |
snj | file test-simple was added on branch netbsd-6-1 on 2017-03-07 07:21:54 +0000
|
| 1.4.2.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.4.2.1 | 31-Jan-2017 |
snj | file test-simple was added on branch netbsd-6-0 on 2017-03-07 07:16:08 +0000
|
| 1.1 | 31-Jan-2017 |
mrg | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12; 1.1.14;
- fix a bug in cgi processing. from Dennis Lindroos.
- add a testcase for this, and expand test-simple to handle additional
args to bozohttpd for eg, cgi-bin setting.
- fix objdir bugs in the testsuite.
|
| 1.1.14.2 | 20-Mar-2017 |
pgoyette | Sync with HEAD
|
| 1.1.14.1 | 31-Jan-2017 |
pgoyette | file empty was added on branch pgoyette-localcount on 2017-03-20 06:57:01 +0000
|
| 1.1.12.2 | 13-Mar-2017 |
skrll | Sync with netbsd-7-1-RELEASE
|
| 1.1.12.1 | 31-Jan-2017 |
skrll | file empty was added on branch netbsd-7-nhusb on 2017-03-13 07:41:26 +0000
|
| 1.1.10.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.10.1 | 31-Jan-2017 |
snj | file empty was added on branch netbsd-6 on 2017-03-07 07:25:19 +0000
|
| 1.1.8.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437:
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.8.1 | 31-Jan-2017 |
snj | file empty was added on branch netbsd-6-1 on 2017-03-07 07:21:54 +0000
|
| 1.1.6.2 | 07-Mar-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1437):
libexec/httpd/CHANGES: up to 1.25
libexec/httpd/bozohttpd.8: up to 1.65
libexec/httpd/bozohttpd.c: up to 1.86
libexec/httpd/bozohttpd.h: up to 1.47
libexec/httpd/cgi-bozo.c: up to 1.37
libexec/httpd/content-bozo.c: up to 1.14
libexec/httpd/libbozohttpd/libbozohttpd.3: up to 1.4
libexec/httpd/main.c: up to 1.16
libexec/httpd/small/Makefile: up to 1.3
libexec/httpd/testsuite/Makefile: up to 1.7
libexec/httpd/testsuite/cgi-bin/empty: up to 1.1
libexec/httpd/testsuite/html_cmp: up to 1.5
libexec/httpd/testsuite/t11.in: up to 1.1
libexec/httpd/testsuite/t11.out: up to 1.1
libexec/httpd/testsuite/test-bigfile: up to 1.4
libexec/httpd/testsuite/test-simple: up to 1.4
Update bozohttpd to 20170201. Changes:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
- add a bozo_get_version() function which returns the version number
|
| 1.1.6.1 | 31-Jan-2017 |
snj | file empty was added on branch netbsd-6-0 on 2017-03-07 07:16:08 +0000
|
| 1.1.4.2 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.4.1 | 31-Jan-2017 |
snj | file empty was added on branch netbsd-7 on 2017-02-12 22:07:17 +0000
|
| 1.1.2.2 | 12-Feb-2017 |
snj | Pull up following revision(s) (requested by mrg in ticket #1357):
libexec/httpd/CHANGES: revision 1.25
libexec/httpd/bozohttpd.8: revisions 1.63-1.65
libexec/httpd/bozohttpd.c: revisions 1.85, 1.86
libexec/httpd/bozohttpd.h: revision 1.47
libexec/httpd/cgi-bozo.c: revisions 1.36, 1.37
libexec/httpd/libbozohttpd/libbozohttpd.3: revision 1.4
libexec/httpd/testsuite/Makefile: revision 1.7
libexec/httpd/testsuite/html_cmp: revision 1.5
libexec/httpd/testsuite/test-bigfile: revision 1.4
libexec/httpd/testsuite/test-simple: revisions 1.3, 1.4
libexec/httpd/testsuite/t11.in: revision 1.1
libexec/httpd/testsuite/t11.out: revision 1.1
libexec/httpd/testsuite/cgi-bin/empty: revision 1.1
Update bozohttpd to 20170201:
- fix an infinite loop in cgi processing
- fixes and clean up for the testsuite
- no longer sends encoding header for compressed formats
|
| 1.1.2.1 | 31-Jan-2017 |
snj | file empty was added on branch netbsd-7-0 on 2017-02-12 21:59:45 +0000
|
| 1.1 | 24-Aug-2018 |
martin | branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10; 1.1.12;
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
|
| 1.1.12.2 | 10-Jun-2019 |
christos | Sync with HEAD
|
| 1.1.12.1 | 24-Aug-2018 |
christos | file .bzremap was added on branch phil-wifi on 2019-06-10 22:05:29 +0000
|
| 1.1.10.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.10.1 | 24-Aug-2018 |
martin | file .bzremap was added on branch netbsd-7-0 on 2018-11-24 17:23:48 +0000
|
| 1.1.8.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.8.1 | 24-Aug-2018 |
martin | file .bzremap was added on branch netbsd-7-1 on 2018-11-24 17:23:21 +0000
|
| 1.1.6.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1655):
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/Makefile up to 1.27
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/lua-bozo.c up to 1.15
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/libbozohttpd/Makefile up to 1.3
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.6.1 | 24-Aug-2018 |
martin | file .bzremap was added on branch netbsd-7 on 2018-11-24 17:22:58 +0000
|
| 1.1.4.2 | 24-Nov-2018 |
martin | Sync to HEAD (requested by mrg in ticket #1104)
libexec/httpd/testsuite/data/.bzremap up to 1.1
libexec/httpd/testsuite/t12.out up to 1.1
libexec/httpd/testsuite/t12.in up to 1.1
libexec/httpd/testsuite/t13.out up to 1.1
libexec/httpd/testsuite/t13.in up to 1.1
libexec/httpd/testsuite/t14.out up to 1.1
libexec/httpd/testsuite/t14.in up to 1.1
libexec/httpd/testsuite/t15.out up to 1.1
libexec/httpd/testsuite/t15.in up to 1.1
libexec/httpd/CHANGES up to 1.28
libexec/httpd/auth-bozo.c up to 1.22
libexec/httpd/bozohttpd.8 up to 1.74
libexec/httpd/bozohttpd.c up to 1.96
libexec/httpd/bozohttpd.h up to 1.56
libexec/httpd/cgi-bozo.c up to 1.44
libexec/httpd/content-bozo.c up to 1.16
libexec/httpd/daemon-bozo.c up to 1.19
libexec/httpd/dir-index-bozo.c up to 1.28
libexec/httpd/main.c up to 1.21
libexec/httpd/ssl-bozo.c up to 1.25
libexec/httpd/tilde-luzah-bozo.c up to 1.16
libexec/httpd/lua/bozo.lua up to 1.3
libexec/httpd/lua/glue.c up to 1.5
libexec/httpd/lua/optparse.lua up to 1.2
libexec/httpd/testsuite/Makefile up to 1.11
libexec/httpd/testsuite/html_cmp up to 1.6
libexec/httpd/testsuite/t3.out up to 1.4
libexec/httpd/testsuite/t5.out up to 1.4
libexec/httpd/testsuite/t6.out up to 1.4
libexec/httpd/testsuite/test-bigfile up to 1.5
libexec/httpd/testsuite/test-simple up to 1.5
Cosmetic changes to Lua binding in bozohttpd.
- Don't use negative indicies to read arguments of Lua functions.
- On error, return nil, "error string".
- Use ssize_t for return values from bozo_read() and bozo_write().
- Prefer lstring especially when if saves you from appending NUL and
doing len + 1 which can potentially wraparound.
- Don't mix C allocations with Lua functions marked with "m" in the Lua
manual. Those functions may throw (longjump) and leak data allocated
by C function. In one case, I use luaL_Buffer, in the other case,
I rearranged calls a bit.
fix ordering of a couple of words. from Edgar Pettijohn in PR#52375.
thanks!
s/u_int/unsigned/.
from Jan Danielsson. increases/fixes portability.
PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
sometimes with EFAULT due to not NULL terminated environment.
Document script handler issues with httpd(8).
From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
fix output since protocol agnostic change went in.
XXX: i thought someone hooked this into atf already, please do :)
Add support for remapping requested paths via a .bzredirect file.
Fixes PR 52772. Ok: mrg@
Bump date
Remove trailing whitespace.
use __func__ in debug().
fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
avoid memory leak in sending multiple auth headers.
mostly mitigated by previous patch to limit total header size,
but still a real problem here.
note the changes present in bozohttpd 20181118:
o add url remap support via .bzremap file, from martin%netbsd.org@localhost
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
from CHANGES:
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
move some #if support into bozohttpd.h.
fix previous: have_debug was reversed.
also fix have_dynamic_content from the previous previous. re-order
the debug and dynamic content to match the same pattern as everything
else so similar problems are less likely in the future.
- move special files defines into bozohttpd.h, so we can ...
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
two fixes reported by mouse:
- don't check contents of 'st' if stat(2) failed.
- round up instead of truncate. now 10000 byte files say 10kB not 9kB.
use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining:
WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)
many clean ups:
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
alpha sort the option switch.
add an assert() check on array bounds.
minor style fixes. simplify bozo_match_content_map().
|
| 1.1.4.1 | 24-Aug-2018 |
martin | file .bzremap was added on branch netbsd-8 on 2018-11-24 17:13:51 +0000
|
| 1.1.2.2 | 06-Sep-2018 |
pgoyette | Sync with HEAD
Resolve a couple of conflicts (result of the uimin/uimax changes)
|
| 1.1.2.1 | 24-Aug-2018 |
pgoyette | file .bzremap was added on branch pgoyette-compat on 2018-09-06 06:55:20 +0000
|
| 1.1 | 23-May-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 23-May-2009 |
mrg | branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 23-May-2009 |
msaitoh | file bigfile was added on branch netbsd-5-1 on 2014-07-09 16:09:40 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 23-May-2009 |
msaitoh | file bigfile was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.24.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.24.1 | 23-May-2009 |
msaitoh | file bigfile was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.1 | 23-May-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 23-May-2009 |
mrg | branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 23-May-2009 |
msaitoh | file bigfile.partial4000 was added on branch netbsd-5-1 on 2014-07-09 16:09:40 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 23-May-2009 |
msaitoh | file bigfile.partial4000 was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.24.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.24.1 | 23-May-2009 |
msaitoh | file bigfile.partial4000 was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.1 | 23-May-2009 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 23-May-2009 |
mrg | branches: 1.1.1.1.24; 1.1.1.1.26; 1.1.1.1.28;
import bozohttpd 20090522, which has these changes:
o close more leaking file descriptors for CGI and daemon mode
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
|
| 1.1.1.1.28.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.28.1 | 23-May-2009 |
msaitoh | file bigfile.partial8000 was added on branch netbsd-5-1 on 2014-07-09 16:09:40 +0000
|
| 1.1.1.1.26.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.26.1 | 23-May-2009 |
msaitoh | file bigfile.partial8000 was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000
|
| 1.1.1.1.24.2 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.1.1.1.24.1 | 23-May-2009 |
msaitoh | file bigfile.partial8000 was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000
|
| 1.3 | 05-Nov-2009 |
agc | Re-add two files necessary for the testsuite to run properly.
|
| 1.2 | 03-Mar-2008 |
mrg | branches: 1.2.4; 1.2.6; 1.2.12;
merge bozohttpd 20080303
|
| 1.1 | 03-Mar-2008 |
mrg | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 03-Mar-2008 |
mrg | import latest bozohttpd. changes include:
o fix some cgi header processing, from <thelsdj@gmail.com>
o add simple Range: header processing, from <bad@bsd.de>
o man page fixes, from NetBSD
o clean up various parts, from NetBSD
o prefix some function names with "bozo"
o align directory indexing <hr> markers
o clean up some code GCC4 grumbled about
|
| 1.2.12.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.6.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.4.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.3 | 05-Nov-2009 |
agc | Re-add two files necessary for the testsuite to run properly.
|
| 1.2 | 16-Oct-2007 |
tls | branches: 1.2.10; 1.2.16; 1.2.20;
Get httpd ready for inclusion in build.
|
| 1.1 | 16-Oct-2007 |
tls | branches: 1.1.1;
Initial revision
|
| 1.1.1.1 | 16-Oct-2007 |
tls | Import of bozohttpd for its originally intended purpose: a small (~30k)
simple run-from-inetd httpd suitable for small systems (and some large
ones).
|
| 1.2.20.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.16.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
| 1.2.10.1 | 09-Jul-2014 |
msaitoh | Pull up following revision(s) (requested by mrg in ticket #1913):
libexec/httpd/CHANGES 1.3-1.18
libexec/httpd/Makefile 1.8-1.22 via patch
libexec/httpd/Makefile.boot 1.3-1.6
libexec/httpd/auth-bozo.c 1.5-1.13
libexec/httpd/bozohttpd.8 1.6-1.46
libexec/httpd/bozohttpd.c 1.8,1.12-1.54
libexec/httpd/bozohttpd.h 1.8-1.32
libexec/httpd/cgi-bozo.c 1.11-1.25
libexec/httpd/content-bozo.c 1.4-1.10
libexec/httpd/daemon-bozo.c 1.5-1.16
libexec/httpd/dir-index-bozo.c 1.6-1.19
libexec/httpd/ssl-bozo.c 1.5-1.16
libexec/httpd/tilde-luzah-bozo.c 1.5-1.10
libexec/httpd/lua-bozo.c 1.1-1.9
libexec/httpd/main.c 1.1-1.7
libexec/httpd/netbsd_queue.h 1.1
libexec/httpd/printenv.lua 1.1-1.2
libexec/httpd/debug/Makefile 1.1
libexec/httpd/libbozohttpd/Makefile 1.2
libexec/httpd/libbozohttpd/libbozohttpd.3 1.3
libexec/httpd/libbozohttpd/shlib_version 1.1
libexec/httpd/lua/Makefile 1.1
libexec/httpd/lua/bozo.lua 1.1
libexec/httpd/lua/glue.c 1.1
libexec/httpd/lua/optparse.lua 1.1
libexec/httpd/lua/shlib_version 1.1
libexec/httpd/small/Makefile 1.1-1.2
libexec/httpd/testsuite/Makefile 1.4
libexec/httpd/testsuite/html_cmp 1.4
libexec/httpd/testsuite/t1.in 1.3
libexec/httpd/testsuite/t1.out 1.3
libexec/httpd/testsuite/t10.in 1.1
libexec/httpd/testsuite/t10.out 1.1
libexec/httpd/testsuite/t2.in 1.3
libexec/httpd/testsuite/t2.out 1.3
libexec/httpd/testsuite/t3.in 1.3
libexec/httpd/testsuite/t3.out 1.3
libexec/httpd/testsuite/t4.in 1.3
libexec/httpd/testsuite/t4.out 1.3
libexec/httpd/testsuite/t5.in 1.3
libexec/httpd/testsuite/t5.out 1.3
libexec/httpd/testsuite/t6.in 1.3
libexec/httpd/testsuite/t6.out 1.3
libexec/httpd/testsuite/t7.in 1.3
libexec/httpd/testsuite/t7.out 1.3
libexec/httpd/testsuite/t8.in 1.3
libexec/httpd/testsuite/t8.out 1.3
libexec/httpd/testsuite/t9.in 1.3
libexec/httpd/testsuite/t9.out 1.3
libexec/httpd/testsuite/test-bigfile 1.1
libexec/httpd/testsuite/data/bigfile 1.1
libexec/httpd/testsuite/data/bigfile.partial4000 1.1
libexec/httpd/testsuite/data/bigfile.partial8000 1.1
libexec/httpd/testsuite/data/file 1.3
libexec/httpd/testsuite/data/index.html 1.3
Update bozohttpd from 20080303+patches to 20140708.
changes in bozohttpd 20140708:
o fixes for virtual host support, from rajeev_v_pillai@yahoo.com
o avoid printing double errors, from shm@netbsd.org
o fix a security issue in basic HTTP authentication which would allow
authentication to be bypassed, from shm@netbsd.org
changes in bozohttpd 20140201:
o support .svg files
o fix a core dump when requests timeout
changes in bozohttpd 20140102:
o update a few content types
o add support for directly calling lua scripts to handle
processes, from mbalmer@netbsd.org
o properly escape generated HTML
o add authentication for redirections, from martin@netbsd.org
o handle chained ssl certifications, from elric@netbsd.org
o add basic support for gzipped files, from elric@netbsd.org
o properly escape generated URIs
changes in bozohttpd 20111118:
o add -P <pidfile> option, from jmmv@netbsd.org
o avoid crashes with http basic auth, from pooka@netbsd.org
o add support for REDIRECT_STATUS variable, from tls@netbsd.org
o support .mp4 files in the default map
o directory indexes with files with : are now displayed properly, from
reed@netbsd.org
o allow -I option to be useful in non-inetd mode as well
changes in bozohttpd 20100920:
o properly fully disable multi-file mode for now
o fix the -t and -U options when used without the -e option, broken since
the library-ifcation
o be explicit that logs go to the FTP facility in syslog
o use scandir() with alphasort() for sorted directory lists, from moof
o fix a serious error in vhost handling; "Host:.." would allow access to
the next level directory from the virtual root directory, from seanb
o fix some various non standard compile time errors, from rudolf
o fix dynamic CGI content maps, from rudolf
changes in bozohttpd 20100617:
o fix some compile issues
o fix SSL mode. from rtr
o fix some cgi-bin issues, as seen with cvsweb
o disable multi-file daemon mode for now, it breaks
o return 404's instead of 403's when chdir of ~user dirs fail
o remove "noreturn" attribute from bozo_http_error() that was
causing incorrect runtime behaviour
changes in bozohttpd 20100509:
o major rework and clean up of internal interfaces. move the main
program into main.c, the remaining parts are useable as library.
add bindings for lua. by Alistair G. Crooks <agc@netbsd.org>
o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325
changes in bozohttpd 20090522:
o avoid dying in daemon mode for some uncommon, but recoverable, errors
o close leaking file descriptors for CGI and daemon mode
o handle poll errors properly
o don't try to handle more than one request per process yet
o add subdirs for build "debug" and "small" versions
o clean up a bad merge / duplicate code
o make mmap() usage portable, fixes linux & ranges: support
o document the -f option
o daemon mode now serves 6 files per child
changes in bozohttpd 20090417:
o make bozohttpd internally more modular, preparing the way
to handle more than one request per process
o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix
cgi-bin with cvsweb, from Holger Weiss <holger@CIS.FU-Berlin.DE>
o fix an uninitialised variable use in daemon mode
o fix ssl mode with newer OpenSSL
o mmap large files in manageable sizes so we can serve any size file
o refactor url processing to handle query strings correctly for CGI
from Sergey Katsev at Coyote Point
o add If-Modified-Since support, from Joerg Sonnenberger
<joerg@netbsd.org>
o many more manual fixes, from NetBSD
|
