Commit Graph

38 Commits

Author SHA1 Message Date
Jo-Philipp Wich
2bfb1e012a uhttpd URL-codec bug fixes.
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
  input-buffer index against output-buffer length].  In reality, this would not
  typically cause an overflow on decode, where the output string would be
  expected to be shorter than the input string; and uh_urlencode() seems to have
  been unreferenced in the source.

* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
  input-string.  While this could manifest in C code, the result was most
  egregious when called from Lua, where it caused an extra null byte to be
  embedded at the end of the output string.

* uh_urlencode() cleanup: removed redundant bitwise-and.

Signed-off-by: David Favro <openwrt@meta-dynamic.com>

SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich
80307216f2 uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich
8533636d2d uhttpd: cope with variable number of spaces in header lines (#11079)
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich
44da6400cd uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Jo-Philipp Wich
fcea88e3b5 uhttpd: fix Makefiles and linking of tls plugin
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich
3d035a6f6a uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich
32ae896d00 uhttpd: fix bad pointer use in previous commit
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich
12bbe8b2af uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich
a6c02f8912 uhttpd: properly match mimetype entries which cover the whole filename (#8236)
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich
7fce085a97 uhttpd: add "application/x-ns-proxy-autoconfig" mime type (#8236)
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich
6576d110d2 uhttpd: support building against openssl instead of cyassl, minor cleanups (#7827)
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich
53a5beaca8 uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Jo-Philipp Wich
3b3e5b7a49 uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich
f38a320e69 uhttpd: protect tcp receive operations with select, make tcp keep-alive optional (#8272)
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich
f5b3f741ce uhttpd: allow lowercase http header fields (#8513)
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich
5931a158a4 uhttpd: redirect to same location with trailing slash appended if directories are requested
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich
fa644368ed uhttpd: make it work without shadow password support
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich
817566a5be uhttpd: revert unrelated change in previous commit
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich
88db961cf0 uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich
70dff7070e uhttpd: break tight loop when receiving eof during header reading (#7904)
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich
93c38f2b86 uhttpd: fix segfault triggered by Basic Auth checking
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich
cbdeb30a1b uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich
f2b534d341 uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich
4847198093 uhttpd: fix segmentation fault triggered by invalid header line
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich
2d175dcdce uhttpd: - abort file serving if client connection is lost (#7742) - don't send bad request headers twice
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich
3d99f03082 uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich
b688fcaa5c uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich
585ffa4941 uhttpd: - fix incorrect parsing of multiple listen options (#7458) - support PEM certificates for SSL
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00
Jo-Philipp Wich
3df8df720a uhttpd: - ignore authentication realms that refer to user accounts with no password set yet (X-Wrt compatibility) - fix off-by-one in CGI header parsing, fixes cgi programs that emit bad header lines (AsteriskGUI compatibility) - bump version
SVN-Revision: 21121
2010-04-24 11:07:41 +00:00
Jo-Philipp Wich
14428874ae uhttpd: fix bug in path canonization introduced by r20883
SVN-Revision: 20885
2010-04-15 20:08:56 +00:00
Jo-Philipp Wich
20ef055c2f uhttpd: - make network timeout configurable, increase default to 30 seconds (#7067) - follow symlinks in docroot and add option to disable that - fix mimetype detection for files with combined extensions (.tar.gz, ...)
SVN-Revision: 20883
2010-04-15 19:46:35 +00:00
Jo-Philipp Wich
a0a6400034 uhttpd: - cope with options instead of lists in uci config - fix compilation without tls (#7050) - bump to rev 7
SVN-Revision: 20668
2010-04-03 13:09:10 +00:00
Jo-Philipp Wich
b95360d5bc uhttpd: fix a signal related race condition exposed by LuCI on fast machines
SVN-Revision: 20573
2010-03-29 09:26:02 +00:00
Jo-Philipp Wich
4bc74807e4 uhttpd: fix parameter parsing issue on avr32 and most likely ixp4xx
SVN-Revision: 20532
2010-03-28 02:35:45 +00:00
Jo-Philipp Wich
4172149f89 uhttpd: block SIGCHLD until it is expected (#6957)
SVN-Revision: 20513
2010-03-27 14:31:35 +00:00
Jo-Philipp Wich
161325ac4f uhttpd: clear script timeout as soon as data is received from the child
SVN-Revision: 20501
2010-03-27 01:47:36 +00:00
Jo-Philipp Wich
8c9b818a24 uhttpd: - make script timeout configurable - catch SIGCHLD to properly interrupt select() - flag listen and client sockets as close-on-exec
SVN-Revision: 20500
2010-03-27 00:00:33 +00:00
Jo-Philipp Wich
169642253f add uhttpd (moved from LuCI trunk)
SVN-Revision: 20428
2010-03-25 15:46:16 +00:00