Jo-Philipp Wich
bcd8d530d1
Fixed: [PATCH 2/3] uhttpd URL-codec enhancements.
...
My apologies, the 2nd of those patches had a syntax error -- that's what
I get for making a last-minute edit, even to the comments, without
testing! :-p
Here is the corrected patch.
-- David
From d259cff104d2084455476b82e92a3a27524f4263 Mon Sep 17 00:00:00 2001
From: David Favro <openwrt@meta-dynamic.com>
Date: Fri, 27 Apr 2012 14:17:52 -0400
Subject: [PATCH] uhttpd URL-codec enhancements.
* uh_urlencode() and uh_urldecode() now return an error condition for
buffer-overflow and malformed-encoding rather than normal return with corrupt
or truncated data. As HTTP request processing is currently implemented, this
causes a 404 HTTP status returned to the client, while 400 is more
appropriate.
* Exposed urlencode() to Lua.
* Lua's uhttpd.urlencode() and .urldecode() now raise an error condition for
buffer-overflow and malformed-encoding rather than normal return with
incorrect data.
SVN-Revision: 31570
2016-03-20 20:05:13 +01:00
Jo-Philipp Wich
2bfb1e012a
uhttpd URL-codec bug fixes.
...
* Fixed output-buffer-overflow bug in uh_urlencode() and uh_urldecode() [tested
input-buffer index against output-buffer length]. In reality, this would not
typically cause an overflow on decode, where the output string would be
expected to be shorter than the input string; and uh_urlencode() seems to have
been unreferenced in the source.
* Fixed bug: uh_urlencode() and uh_urldecode() both read one extra byte from the
input-string. While this could manifest in C code, the result was most
egregious when called from Lua, where it caused an extra null byte to be
embedded at the end of the output string.
* uh_urlencode() cleanup: removed redundant bitwise-and.
Signed-off-by: David Favro <openwrt@meta-dynamic.com>
SVN-Revision: 31569
2012-05-03 17:19:16 +00:00
Jo-Philipp Wich
80307216f2
uhttpd: reorder compiler flags to fix native build on Ubuntu 11.x
...
SVN-Revision: 30936
2012-03-13 20:41:31 +00:00
Jo-Philipp Wich
8533636d2d
uhttpd: cope with variable number of spaces in header lines ( #11079 )
...
SVN-Revision: 30806
2012-03-04 15:53:51 +00:00
Jo-Philipp Wich
215239a470
uhttpd: prevent linking uhttpd binary against crypto libraries
...
SVN-Revision: 29152
2011-11-15 10:17:59 +00:00
Jo-Philipp Wich
44da6400cd
uhttpd: cope with DES crypted passwd entries by not relying on a leading dollar sign to indicate a cipher
...
SVN-Revision: 28886
2011-11-09 18:55:28 +00:00
Nicolas Thill
75e186832a
package/uhttpd: use new service wrapper
...
SVN-Revision: 28841
2011-11-07 22:59:06 +00:00
Jo-Philipp Wich
8189bd9260
uhttpd: provide rpath-link flag, thanks mazilo
...
SVN-Revision: 28792
2011-11-07 00:10:52 +00:00
Jo-Philipp Wich
6037187a80
uhttpd: Fix wrong certificate options with multiple words
...
For instance two word city names will result in weird certificates.
Therefore adding the missing quotations.
Signed-off-by: Linus Lüssing <linus.luessing@web.de>
SVN-Revision: 28776
2011-11-06 15:44:42 +00:00
Jo-Philipp Wich
fcea88e3b5
uhttpd: fix Makefiles and linking of tls plugin
...
SVN-Revision: 28769
2011-11-05 17:36:47 +00:00
Jo-Philipp Wich
3c96dee342
uhttpd: bump version
...
SVN-Revision: 28762
2011-11-05 03:19:29 +00:00
Jo-Philipp Wich
3d035a6f6a
uhttpd: rework CyaSSL and OpenSSL integration; move protected recv() and send() operations below the ssl layer - fixes hangs when accessing via https
...
SVN-Revision: 28761
2011-11-05 03:19:07 +00:00
Jo-Philipp Wich
32ae896d00
uhttpd: fix bad pointer use in previous commit
...
SVN-Revision: 28257
2011-09-18 23:34:25 +00:00
Jo-Philipp Wich
12bbe8b2af
uhttpd: fix possible CGI header line parsing beyound the empty line, thanks Linus Luessing for spotting it
...
SVN-Revision: 28254
2011-09-18 22:30:20 +00:00
Jo-Philipp Wich
a6c02f8912
uhttpd: properly match mimetype entries which cover the whole filename ( #8236 )
...
SVN-Revision: 28160
2011-09-04 10:21:05 +00:00
Jo-Philipp Wich
7fce085a97
uhttpd: add "application/x-ns-proxy-autoconfig" mime type ( #8236 )
...
SVN-Revision: 28149
2011-09-02 13:28:29 +00:00
Jo-Philipp Wich
9c606eb4c5
uhttpd: pass feature flags ( #9742 )
...
SVN-Revision: 27689
2011-07-19 06:59:47 +00:00
Jo-Philipp Wich
6576d110d2
uhttpd: support building against openssl instead of cyassl, minor cleanups ( #7827 )
...
SVN-Revision: 27686
2011-07-18 14:18:31 +00:00
Jo-Philipp Wich
53a5beaca8
uhttpd: unblock signals in CGI childs, solves hanging ssh logout after server restart from within LuCI and similar problems
...
SVN-Revision: 27628
2011-07-17 07:18:59 +00:00
Daniel Dickinson
9e4843d0e3
uhttpd: Moved uhttpd to Network|Web Servers/Proxies submenu, just like all the other web serves and proxies from the packages feed
...
SVN-Revision: 26062
2011-03-12 04:47:02 +00:00
Jo-Philipp Wich
3b3e5b7a49
uhttpd: substitute "+" with space when using the -d flag, lazyload tls support
...
SVN-Revision: 25220
2011-01-28 19:50:33 +00:00
Jo-Philipp Wich
f38a320e69
uhttpd: protect tcp receive operations with select, make tcp keep-alive optional ( #8272 )
...
SVN-Revision: 24952
2011-01-09 23:35:45 +00:00
Jo-Philipp Wich
f5b3f741ce
uhttpd: allow lowercase http header fields ( #8513 )
...
SVN-Revision: 24823
2010-12-24 22:03:34 +00:00
Jo-Philipp Wich
5931a158a4
uhttpd: redirect to same location with trailing slash appended if directories are requested
...
SVN-Revision: 23952
2010-11-10 20:52:30 +00:00
Jo-Philipp Wich
fa644368ed
uhttpd: make it work without shadow password support
...
SVN-Revision: 23897
2010-11-06 16:19:04 +00:00
Jo-Philipp Wich
817566a5be
uhttpd: revert unrelated change in previous commit
...
SVN-Revision: 23261
2010-10-05 19:35:38 +00:00
Jo-Philipp Wich
88db961cf0
uhttpd: add /etc/uhttpd.key and /etc/uhttpd.crt to conffile hints
...
SVN-Revision: 23260
2010-10-05 19:34:22 +00:00
Jo-Philipp Wich
1cb2abca8e
add maintainer information
...
SVN-Revision: 23159
2010-09-30 10:48:37 +00:00
Jo-Philipp Wich
70dff7070e
uhttpd: break tight loop when receiving eof during header reading ( #7904 )
...
SVN-Revision: 22988
2010-09-09 20:15:02 +00:00
Jo-Philipp Wich
93c38f2b86
uhttpd: fix segfault triggered by Basic Auth checking
...
SVN-Revision: 22805
2010-08-25 21:38:48 +00:00
Jo-Philipp Wich
cbdeb30a1b
uhttpd: - fix parsing of interpreter entries in the config file, fixes serving of static files as .cgi with X-Wrt - better cope with connection aborts, especially during header transfer - fix return value checking of TLS reads and writes, solves some blocking issues
...
SVN-Revision: 22692
2010-08-18 00:04:52 +00:00
Jo-Philipp Wich
f2b534d341
uhttpd: - more robust handling of network failures on static file serving - support unlimited amount of authentication realms, listener and client sockets - support for interpreters (.php => /usr/bin/php-cgi)
...
SVN-Revision: 22630
2010-08-14 00:54:24 +00:00
Jo-Philipp Wich
4847198093
uhttpd: fix segmentation fault triggered by invalid header line
...
SVN-Revision: 22607
2010-08-12 10:56:41 +00:00
Jo-Philipp Wich
2d175dcdce
uhttpd: - abort file serving if client connection is lost ( #7742 ) - don't send bad request headers twice
...
SVN-Revision: 22602
2010-08-11 23:44:30 +00:00
Jo-Philipp Wich
5bc74fcb6f
uhttpd: make init script less verbose
...
SVN-Revision: 22593
2010-08-11 13:30:47 +00:00
Jo-Philipp Wich
3d99f03082
uhttpd: add option to reject requests from RFC1918 IPs to public server IPs (DNS rebinding countermeasure)
...
SVN-Revision: 22589
2010-08-11 00:05:34 +00:00
Jo-Philipp Wich
39e013d003
uhttpd: fix build dependencies ( #7674 )
...
SVN-Revision: 22404
2010-07-27 21:19:28 +00:00
Jo-Philipp Wich
b688fcaa5c
uhttpd: - fix a compile warning - support custom index file names - support custom error pages (or cgi handler) - add option to disable directory listings - add REDIRECT_STATUS for CGI requests, fixes php-cgi
...
SVN-Revision: 22366
2010-07-23 13:15:22 +00:00
Jo-Philipp Wich
585ffa4941
uhttpd: - fix incorrect parsing of multiple listen options ( #7458 ) - support PEM certificates for SSL
...
SVN-Revision: 21762
2010-06-12 12:58:11 +00:00
Nicolas Thill
338f1af5f3
bump release number for packages ahead of backfire in trunk
...
SVN-Revision: 21556
2010-05-23 21:55:40 +00:00
Jo-Philipp Wich
51cae701b6
uhttpd: use uci_get() wrapper ( #7312 )
...
SVN-Revision: 21492
2010-05-17 19:35:15 +00:00
Jo-Philipp Wich
3df8df720a
uhttpd: - ignore authentication realms that refer to user accounts with no password set yet (X-Wrt compatibility) - fix off-by-one in CGI header parsing, fixes cgi programs that emit bad header lines (AsteriskGUI compatibility) - bump version
...
SVN-Revision: 21121
2010-04-24 11:07:41 +00:00
Jo-Philipp Wich
14428874ae
uhttpd: fix bug in path canonization introduced by r20883
...
SVN-Revision: 20885
2010-04-15 20:08:56 +00:00
Jo-Philipp Wich
20ef055c2f
uhttpd: - make network timeout configurable, increase default to 30 seconds ( #7067 ) - follow symlinks in docroot and add option to disable that - fix mimetype detection for files with combined extensions (.tar.gz, ...)
...
SVN-Revision: 20883
2010-04-15 19:46:35 +00:00
Jo-Philipp Wich
a0a6400034
uhttpd: - cope with options instead of lists in uci config - fix compilation without tls ( #7050 ) - bump to rev 7
...
SVN-Revision: 20668
2010-04-03 13:09:10 +00:00
Jo-Philipp Wich
b95360d5bc
uhttpd: fix a signal related race condition exposed by LuCI on fast machines
...
SVN-Revision: 20573
2010-03-29 09:26:02 +00:00
Jo-Philipp Wich
4bc74807e4
uhttpd: fix parameter parsing issue on avr32 and most likely ixp4xx
...
SVN-Revision: 20532
2010-03-28 02:35:45 +00:00
Jo-Philipp Wich
4172149f89
uhttpd: block SIGCHLD until it is expected ( #6957 )
...
SVN-Revision: 20513
2010-03-27 14:31:35 +00:00
Jo-Philipp Wich
161325ac4f
uhttpd: clear script timeout as soon as data is received from the child
...
SVN-Revision: 20501
2010-03-27 01:47:36 +00:00
Jo-Philipp Wich
8c9b818a24
uhttpd: - make script timeout configurable - catch SIGCHLD to properly interrupt select() - flag listen and client sockets as close-on-exec
...
SVN-Revision: 20500
2010-03-27 00:00:33 +00:00