aboutsummaryrefslogtreecommitdiff
path: root/networking/httpd.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'busybox' into mergeRon Yorston2023-04-091-37/+39
|\
| * libbb: consolidate NOMMU fix of restoring high bit in argv[0][0]Denys Vlasenko2023-04-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | function old new delta fork_or_rexec 46 56 +10 bootchartd_main 1087 1079 -8 cpio_main 674 661 -13 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/2 up/down: 10/-21) Total: -11 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: do not mangle cgi-bin/SCRIPT/params URLsDenys Vlasenko2023-03-281-36/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | If cgi-bin/ prefix is seen, do not test the rest for existence, whether it's a dir, and such. function old new delta handle_incoming_and_exit 2200 2212 +12 Reported here: https://lists.zx2c4.com/pipermail/cgit/2023-March/004825.html Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | win32: add fake HUP and QUIT signalsRon Yorston2023-04-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | It's fairly common for shell scripts to trap this set of signals: EXIT HUP INT QUIT TERM (or the numeric equivalent: 0 1 2 3 15) Add definitions for SIGHUP and SIGQUIT. We don't take any action if traps are defined for them, but at least scripts won't fail. (GitHub issue #303)
* | Merge busybox into mergeRon Yorston2022-02-091-2/+1
|\| | | | | | | | | | | | | | | Fix conflicts in reset and ash. Redefine the new safe_read_key() as a reference to read_key(). Disable SHA256_HWACCEL.
| * libbb: introduce and use chdir_or_warn()Denys Vlasenko2022-01-131-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | function old new delta chdir_or_warn - 37 +37 send_cgi_and_exit 720 711 -9 xchdir 27 15 -12 setup_environment 233 217 -16 fork_job 449 433 -16 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/4 up/down: 37/-53) Total: -16 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge busybox into mergeRon Yorston2022-01-061-1/+1
|\| | | | | | | | | | | Fix merge conflict in miscutils/less.c. Use exit_SUCCESS() where possible.
* | Merge busybox into mergeRon Yorston2021-12-271-1/+6
|\| | | | | | | Fix merge conflict in coreutils/timeout.c.
| * httpd: fix compile failure if !FEATURE_HTTPD_RANGESDenys Vlasenko2021-12-261-0/+4
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: do not send Last-Modified / ETag / Content-Length for error pagesDenys Vlasenko2021-12-171-20/+14
| | | | | | | | | | | | | | | | function old new delta send_headers 713 701 -12 send_headers_and_exit 20 34 +14 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: don't send Content-Length in error pages headerDenys Vlasenko2021-12-171-14/+21
| | | | | | | | | | | | | | function old new delta send_headers 701 713 +12 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-10-131-3/+6
|\|
| * httpd: if range is not specified, correctly fall back to read/write loopDenys Vlasenko2021-10-081-2/+5
| | | | | | | | | | | | | | | | | | | | | | range_start was staying -1, and comparison meant to detect "is it the first sendfile that failed, or not the first?" was making incorrect decision. The result: nothing is sent. function old new delta send_file_and_exit 865 877 +12 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * help: s/Don't daemonize/Run in foreground/gDenys Vlasenko2021-10-081-1/+1
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-09-101-2/+11
|\|
| * httpd: fix config depsDenys Vlasenko2021-09-101-0/+1
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd,telnetd: make default port configurableSergey Ponomarev2021-09-091-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BusyBox on Termux can't use ports less than 1024 it's patched to change default port for httpd to 8080 and telnetd to 8023. https://github.com/termux/termux-packages/blob/master/packages/busybox/0011-networking-telnetd-default-port.patch https://github.com/termux/termux-packages/blob/master/packages/busybox/0010-networking-httpd-default-port.patch To avoid such patches we can make port configurable. function old new delta packed_usage 33920 33914 -6 Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | win32: code shrink using is_prefixed_with()Ron Yorston2021-07-281-0/+5
| | | | | | | | | | | | | | Use is_prefixed_with() rather than strncmp() in a few places, and the case-insensitive analogues. Saves 96 bytes in 64-bit build, 192 bytes in 32-bit.
* | Merge branch 'busybox' into mergeRon Yorston2021-05-141-150/+155
|\|
| * httpd: add comment about faster rejection of denied IPsDenys Vlasenko2021-05-051-0/+7
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: if no request was given at all, close the socket without generating ↵Denys Vlasenko2021-05-051-21/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | error page For one, an attacker can try to overload us by just opening and immediately closing tons of connections - reduce our work to the minimum for this case. function old new delta handle_incoming_and_exit 2172 2200 +28 .rodata 103225 103246 +21 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 49/0) Total: 49 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: no need to strcpy() when we only need to copy one byteDenys Vlasenko2021-05-051-9/+14
| | | | | | | | | | | | | | function old new delta handle_incoming_and_exit 2161 2172 +11 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: avoid extra stat() calls for "GET /dirname/" caseDenys Vlasenko2021-05-041-10/+8
| | | | | | | | | | | | | | | | | | | | function old new delta parse_conf 1325 1332 +7 handle_incoming_and_exit 2173 2161 -12 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 7/-12) Total: -5 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: avoid one stat() call for "GET /dirname" caseDenys Vlasenko2021-05-041-16/+14
| | | | | | | | | | | | | | function old new delta handle_incoming_and_exit 2172 2173 +1 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: support HEAD requests even in !CGI configDenys Vlasenko2021-05-041-13/+10
| | | | | | | | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: move proxy check before URL duplication and request type checkDenys Vlasenko2021-05-041-56/+52
| | | | | | | | | | | | | | | | | | This makes proxy work for any type of requests. function old new delta handle_incoming_and_exit 2240 2172 -68 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: cgi-bin support for DELETE, PUT, OPTIONS etc methodsAlexander Sack2021-05-041-45/+40
| | | | | | | | | | | | | | | | | | | | | | function old new delta handle_incoming_and_exit 2217 2240 +23 static.request_POST - 5 +5 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 1/0 up/down: 28/0) Total: 28 bytes Signed-off-by: Alexander Sack <asac@pantacor.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-02-051-2/+2
|\|
| * libbb: introduce and use fputs_stdoutRon Yorston2021-02-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | function old new delta fputs_stdout - 12 +12 zxc_vm_process 7237 7230 -7 yes_main 85 78 -7 write_block 380 373 -7 wrapf 305 298 -7 strings_main 437 430 -7 show_bridge 353 346 -7 rev_main 384 377 -7 put_prompt_custom 58 51 -7 put_cur_glyph_and_inc_cursor 168 161 -7 print_numbered_lines 152 145 -7 print_named_ascii 130 123 -7 print_name 135 128 -7 print_login_issue 386 379 -7 print_ascii 208 201 -7 powertop_main 1249 1242 -7 od_main 1789 1782 -7 logread_main 518 511 -7 head_main 804 797 -7 display_process_list 1319 1312 -7 cut_main 1002 995 -7 bb_dump_dump 1550 1543 -7 bb_ask_noecho 393 386 -7 baseNUM_main 702 695 -7 expand_main 755 745 -10 dumpleases_main 497 487 -10 write1 12 - -12 putcsi 37 23 -14 print_login_prompt 55 41 -14 paste_main 525 511 -14 cat_main 440 426 -14 print_it 245 230 -15 print_addrinfo 1188 1171 -17 print_rule 770 750 -20 print_linkinfo 842 822 -20 httpd_main 791 771 -20 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 0/34 up/down: 12/-341) Total: -329 bytes Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2021-01-141-44/+10
|\|
| * Fix httpd compilation on the FreeBSDAlex Samorukov2021-01-041-0/+5
| | | | | | | | | | | | | | FreeBSD is not exporting s6_addr32 by default, but has it. Signed-off-by: Alex Samorukov <samm@os2.kiev.ua> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: fix offset for sendfileMaxim Storchak2020-12-291-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the Range: header is not present it the request, the offset passed to sendfile is wrong, and httpd falls back to the read-write loop. function old new delta send_file_and_exit 857 865 +8 handle_incoming_and_exit 2239 2230 -9 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-9) Total: -1 bytes Signed-off-by: Maxim Storchak <m.storchak@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * libbb: change decode_base32/64 API to return the end of _dst_, not _src_.Denys Vlasenko2020-11-281-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | function old new delta decode_base64 173 178 +5 read_base64 222 220 -2 decode_base32 186 182 -4 handle_incoming_and_exit 2263 2239 -24 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/3 up/down: 5/-30) Total: -25 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * libbb: smaller and faster decode_base64()Denys Vlasenko2020-11-271-37/+0
| | | | | | | | | | | | | | function old new delta decode_base64 195 180 -15 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeRon Yorston2020-11-121-0/+7
|\|
| * httpd: code shrinkXabier Oneca2020-10-061-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | Use decode_base64() from uuencode.c when uudecode/base64 applets are included. That function is bigger than httpd's decodeBase64(), so we use the old one when those applets are disabled. Bloat-o-meter when one of those is enabled: function old new delta handle_incoming_and_exit 2371 2265 -106 Signed-off-by: Xabier Oneca <xoneca@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | httpd: silence compiler warnings about %llx formatRon Yorston2020-08-231-1/+1
| |
* | Merge branch 'busybox' into mergeRon Yorston2020-08-231-41/+151
|\|
| * httpd: Make Deny/Allow by IP config support optionalSergey Ponomarev2020-08-161-18/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When disabled: function old new delta if_ip_denied_send_HTTP_FORBIDDEN_and_exit 52 - -52 handle_incoming_and_exit 2201 2097 -104 scan_ip 170 - -170 parse_conf 1365 1065 -300 ------------------------------------------------------------------------------ (add/remove: 0/2 grow/shrink: 0/2 up/down: 0/-626) Total: -626 bytes Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: Support caching via ETag headerSergey Ponomarev2020-08-151-3/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If server responds with ETag then next time client can resend it via If-None-Match header. Then httpd will check if file wasn't modified and if not return 304 Not Modified status code. The ETag value is constructed from file's last modification date in unix epoch and it's size: "hex(last_mod)-hex(file_size)" e.g. "5e132e20-417" (with quotes). That means that it's not completely reliable as hash functions but fair enough. The same form of ETag is used by Nginx so load balancing of static content is safe. function old new delta handle_incoming_and_exit 2135 2201 +66 http_response 88 96 +8 send_headers 676 683 +7 parse_conf 1362 1365 +3 http_response_type 22 24 +2 send_file_and_exit 847 841 -6 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 5/1 up/down: 86/-6) Total: 80 bytes Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: Don't add Last-Modified header to responseSergey Ponomarev2020-08-151-6/+25
| | | | | | | | | | | | | | | | | | | | | | | | The Last-Modified header is used for caching. The client (browser) will send back the received date to server via If-Modified-Since request header. But both headers MUST be an RFC 1123 formatted string. And the formatting consumes resources on request parsing and response generation. Instead we can use ETag header. This simplifies logic and the only downside is that in JavaScript the document.lastModified will return null. Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: Don't add Date header to responseSergey Ponomarev2020-08-151-2/+16
| | | | | | | | | | | | | | | | | | RFC 2616 sec. 14.18 says that server MUST send Date header. But in fact the header make sense only for Cache-Control and can be omitted. In the same time the Date eats power, CPU and network resources which are critical for embedded systems. Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| * httpd: Update to HTTP/1.1Sergey Ponomarev2020-08-151-8/+8
| | | | | | | | | | | | | | | | | | HTTP v1.1 was released in 1999 year and it's time to update BB HTTPD. Browsers may behave badly with HTTP/1.0 E.g. Chrome does not send the If-None-Match header with ETag. Signed-off-by: Sergey Ponomarev <stokito@gmail.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | httpd: code shrinkRon Yorston2020-08-131-3/+2
| | | | | | | | Use the new need_system_drive() function in httpd. Saves 16 bytes.
* | win32: use a static buffer in get_system_drive()Ron Yorston2020-08-131-1/+1
| | | | | | | | | | | | | | Allocate static storage for the system drive string instead of making a new allocation on every call. This is easier to manage. Adds 16 bytes.
* | Merge branch 'busybox' into mergeRon Yorston2020-07-091-2/+3
|\|
| * httpd: allow '-h' to work when daemonized with NOMMU enabledRon Yorston2020-06-091-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit d1b75e184 (httpd: permit non-default home directory with NOMMU enabled) only works when used with the '-f' (foreground) option. When '-f' isn't specified and NOMMU is enabled bb_daemonize_or_rexec() is called to daemonize the server. Since the server process has been re-execed the previous patch results in the xchdir() not being called. Fix this by resetting the re_execed variable in this case. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | Merge branch 'busybox' into mergeFRP-3466-g53c09d0e1Ron Yorston2020-05-291-0/+6
|\|
| * httpd: permit non-default home directory with NOMMU enabledRon Yorston2020-04-301-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When BusyBox is compiled with NOMMU enabled running httpd with the '-h' option fails even if the specified directory exists: $ ls -d www www $ busybox httpd -fvvvp 8080 -h www ... ... try to access http://localhost:8080/www ... httpd: can't change directory to 'www': No such file or directory The parent process executes xchdir("www"). When a connection is accepted it's handled by re-executing httpd in inetd mode. The child process inherits the current directory "www" and tries to change directory again to "www", which fails. Omit the call to xchdir() when httpd is re-executed. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
* | httpd: allow use of MD5-encrypted passwordsRon Yorston2020-04-091-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | Allow use of MD5-encrypted passwords in HTTP authentication. However: - Since it adds 4K to the size of the binary it isn't enabled by default. Unencrypted password are allowed in the default build. - The use of '*' wildcards for user/password in the configuration file isn't allowed. - Enabling this feature requires enabling 'Use internal crypt functions' (USE_BB_CRYPT) in the 'Login/Password Management Utilities' section.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 17:34:28 +0000