![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / httpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.128 / (download) - annotate - [select for diffs], Sun Feb 27 20:30:30 2022 UTC (2 years, 3 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.127: +12 -2 lines
Diff to previous 1.127 (colored)
Add gzip-static option to httpd. This allows to deliver precompressed files with content-encoding gzip. from prx at si3t dot ch; OK tracey@
Revision 1.127 / (download) - annotate - [select for diffs], Sun Oct 24 16:01:04 2021 UTC (2 years, 7 months ago) by ian
Branch: MAIN
Changes since 1.126: +42 -1 lines
Diff to previous 1.126 (colored)
Add httpd custom error page facility. Adapted by me from https://github.com/mpfr/httpd-plus. Improvements from & (earlier version) reads fine to tracey@; improvements & OK this version benno@, florian@. Thanks.
Revision 1.126 / (download) - annotate - [select for diffs], Fri Oct 15 15:01:28 2021 UTC (2 years, 7 months ago) by naddy
Branch: MAIN
Changes since 1.125: +8 -8 lines
Diff to previous 1.125 (colored)
Don't declare variables as "unsigned char *" that are passed to functions that take "char *" arguments. Where such chars are assigned to int or passed to ctype functions, explicitly cast them to unsigned char. For OpenBSD's clang, -Wpointer-sign has been disabled by default, but when the parse.y code was built elsewhere, the compiler would complain. With help from millert@ ok benno@ deraadt@
Revision 1.125 / (download) - annotate - [select for diffs], Sat Apr 10 10:10:07 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.124: +3 -2 lines
Diff to previous 1.124 (colored)
Do not compare TLS config params for non-TLS servers. This allows to mix 'listen * port 80' and 'listen * tls port 443' in one server block. Also the last argument of server_tls_cmp - match_keypair - is always 0 so remove this code. OK florian@ tb@ some long time ago
Revision 1.124 / (download) - annotate - [select for diffs], Fri Jan 22 13:07:17 2021 UTC (3 years, 4 months ago) by benno
Branch: MAIN
Changes since 1.123: +2 -1 lines
Diff to previous 1.123 (colored)
fix a memory leak, found by rob@ in relayd. ok tb@
Revision 1.123 / (download) - annotate - [select for diffs], Mon Jan 18 18:47:49 2021 UTC (3 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.122: +19 -1 lines
Diff to previous 1.122 (colored)
Fix httpd example config
A server configuration yields multiple struct server_config in the
env->sc_servers queue: an actual server ("parent") and one for each
location directive in httpd.conf. In parent_configure(), the parents
are configured first, then the corresponding locations.
parse.y r1.118 kills the parent if an error is encountered on loading
the TLS keypairs but leaves the locations in the sc_servers queue.
When running the default config without TLS keys already in place, this
then leads to the self-explanatory "invalid location" error message. Its
intention is to indicates the unexpected situation that config_setserver()
encounters a location without an associated server.
Fix this by not only destroying the parent but also removing all of its
locations.
ok jsing
Revision 1.122 / (download) - annotate - [select for diffs], Wed Dec 30 18:40:22 2020 UTC (3 years, 5 months ago) by benno
Branch: MAIN
Changes since 1.121: +3 -2 lines
Diff to previous 1.121 (colored)
getifaddrs() can return entries where ifa_addr is NULL. Check for this before accessing anything in ifa_addr. ok claudio@
Revision 1.121 / (download) - annotate - [select for diffs], Fri Nov 20 20:39:31 2020 UTC (3 years, 6 months ago) by jung
Branch: MAIN
Changes since 1.120: +1 -5 lines
Diff to previous 1.120 (colored)
remove an unused struct from Edgar Pettijohn ok kn
Revision 1.120 / (download) - annotate - [select for diffs], Thu Oct 29 12:30:52 2020 UTC (3 years, 7 months ago) by denis
Branch: MAIN
Changes since 1.119: +36 -12 lines
Diff to previous 1.119 (colored)
Add location (found|not found) option to test for resource path existence. Diff by Matthias Pressfreund <mpfr @ fn de>. Thanks.
Revision 1.119 / (download) - annotate - [select for diffs], Mon Oct 26 19:31:22 2020 UTC (3 years, 7 months ago) by denis
Branch: MAIN
Changes since 1.118: +5 -2 lines
Diff to previous 1.118 (colored)
Do not allow duplicate "location" directive. Found and fix by Matthias Pressfreund <mpfr @ fn de>. Thanks.
Revision 1.118 / (download) - annotate - [select for diffs], Sun Oct 11 03:21:44 2020 UTC (3 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.117: +9 -2 lines
Diff to previous 1.117 (colored)
Handle absence of TLS certs while parsing the config There is a soft fail mechanism to handle missing certs for seamless interaction with acme-client. Move this to the config parser. This is simpler than server.c r1.117 and avoids a crash due to listening on port 443 without having set up the TLS context first. More precisely, the crash happens if a server with missing certificate is visited via https in a configuration where there is a second server with valid certificate and key. From Joshua Sing (joshua at hypera dot dev) ok benno
Revision 1.117 / (download) - annotate - [select for diffs], Wed Aug 26 06:50:20 2020 UTC (3 years, 9 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.116: +17 -6 lines
Diff to previous 1.116 (colored)
Set fastcgi socket default on server and location. This allows "fastcgi" directly inside of a server directive without giving specifying socket. OK tracey
Revision 1.116 / (download) - annotate - [select for diffs], Tue Aug 25 13:50:40 2020 UTC (3 years, 9 months ago) by tracey
Branch: MAIN
Changes since 1.115: +11 -5 lines
Diff to previous 1.115 (colored)
check that fcgiport string value is within range remove redundant error message tweaks and ok florian@
Revision 1.115 / (download) - annotate - [select for diffs], Mon Aug 24 15:49:11 2020 UTC (3 years, 9 months ago) by tracey
Branch: MAIN
Changes since 1.114: +69 -6 lines
Diff to previous 1.114 (colored)
Add support for non-localhost fastcgi sockets. Lots of review time kn@ Lots of review time, tweaks, and ok florian@
Revision 1.114 / (download) - annotate - [select for diffs], Sun Feb 9 09:44:04 2020 UTC (4 years, 3 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.113: +8 -1 lines
Diff to previous 1.113 (colored)
Implement "strip" option for fastcgi to be able to have multiple chroots under /var/www for FastCGI servers. From Nazar Zhuk (nazar AT zhuk DOT online), thanks! Ok benno
Revision 1.113 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:47 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.112 / (download) - annotate - [select for diffs], Wed May 8 19:57:45 2019 UTC (5 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.111: +3 -3 lines
Diff to previous 1.111 (colored)
spacing
Revision 1.111 / (download) - annotate - [select for diffs], Fri May 3 17:16:27 2019 UTC (5 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.110: +8 -2 lines
Diff to previous 1.110 (colored)
Add a "forwarded" log format that extends the "combined" log format by including the contents of the X-Forwarded-For and X-Forwarded-Port headers. If httpd(8) runs behind a proxy like relayd(8), this allows tracking the origin of the requests. The format is compatible with log analyzers such as GoAccess and Webalizer. Patch from Bruno Flueckiger ok benno, reyk
Revision 1.110 / (download) - annotate - [select for diffs], Tue Feb 19 11:37:26 2019 UTC (5 years, 3 months ago) by pirofti
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.109: +34 -2 lines
Diff to previous 1.109 (colored)
httpd(8): add support for setting custom FastCGI parameters. This commit extends the existing grammar by adding the param option to the fastcgi directive: fastcgi param name value. Example usage: fastcgi param VAR1 hello fastcgi param VAR2 world With help and OK florian@ Rogue manpage bits, feel free to modify them.
Revision 1.109 / (download) - annotate - [select for diffs], Wed Feb 13 22:57:08 2019 UTC (5 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.108: +3 -3 lines
Diff to previous 1.108 (colored)
(unsigned) means (unsigned int) which on ptrdiff_t or size_t or other larger types really is a range reduction... Almost any cast to (unsigned) is a bug. ok millert tb benno
Revision 1.108 / (download) - annotate - [select for diffs], Tue Jan 8 18:35:27 2019 UTC (5 years, 5 months ago) by florian
Branch: MAIN
Changes since 1.107: +10 -16 lines
Diff to previous 1.107 (colored)
Allow httpd(8) to start when TLS is configured but a cert is not yet available. Assuming a httpd.conf based on /etc/examples/httpd.conf, httpd(8) will only listen on port 80 and serve the acme-challenge directory for acme-client(1). The workflow to get a certificate then becomes acme-client -vAD example.com && rcctl reload httpd Without the need to edit the httpd.conf yet again. Once the cert is in place and httpd is reloaded it starts to serve on port 443. Idea, tweaks & OK deraadt, OK benno
Revision 1.107 / (download) - annotate - [select for diffs], Thu Nov 1 00:18:44 2018 UTC (5 years, 7 months ago) by sashan
Branch: MAIN
Changes since 1.106: +3 -2 lines
Diff to previous 1.106 (colored)
- odd condition/test in PF lexer
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
Revision 1.106 / (download) - annotate - [select for diffs], Fri Sep 7 07:35:30 2018 UTC (5 years, 9 months ago) by miko
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.105: +4 -9 lines
Diff to previous 1.105 (colored)
replace malloc()+strlcpy() with strndup() in cmdline_symset(). "looks good" gilles@ halex@
Revision 1.105 / (download) - annotate - [select for diffs], Wed Jul 11 07:39:22 2018 UTC (5 years, 10 months ago) by krw
Branch: MAIN
Changes since 1.104: +4 -4 lines
Diff to previous 1.104 (colored)
Do for most running out of memory err() what was done for most running
out of memory log_warn(). i.e. ("%s", __func__) instead of manual
function names and redundant verbiage about which wrapper detected the
out of memory condition.
ok henning@
Revision 1.104 / (download) - annotate - [select for diffs], Mon Jul 9 12:05:11 2018 UTC (5 years, 11 months ago) by krw
Branch: MAIN
Changes since 1.103: +4 -4 lines
Diff to previous 1.103 (colored)
No need to mention which memory allocation entry point failed (malloc, calloc or strdup), we just need to log that we ran out of memory in a particular function. Recommended by florian@ and deraadt@ ok benno@ henning@ tb@
Revision 1.103 / (download) - annotate - [select for diffs], Wed Jun 20 16:43:05 2018 UTC (5 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.102: +20 -3 lines
Diff to previous 1.102 (colored)
Add support for simple one-off internal rewrites.
For example:
location match "/page/(%d+)/.*" {
request rewrite "/static/index.php?id=%1&$QUERY_STRING"
}
Requested by many.
Ok benno@
Revision 1.102 / (download) - annotate - [select for diffs], Wed Jun 13 15:08:24 2018 UTC (5 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.101: +13 -2 lines
Diff to previous 1.101 (colored)
Rename httpd.conf "root strip" option to "request strip". "root strip" was semantically incorrect and did cause some confusion as it never stripped the root but the client's request path. Discussed with many. Heads up: this is a grammar change that also affects acme-client(1) configurations (see current.html). OK claudio@
Revision 1.101 / (download) - annotate - [select for diffs], Mon Jun 11 10:04:12 2018 UTC (5 years, 11 months ago) by denis
Branch: MAIN
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)
Sorry, forgot a whitespace. Spotted by benno@
Revision 1.100 / (download) - annotate - [select for diffs], Mon Jun 11 10:01:55 2018 UTC (5 years, 11 months ago) by denis
Branch: MAIN
Changes since 1.99: +80 -48 lines
Diff to previous 1.99 (colored)
Fix an off-by-one line count when using include statements. Thanks to otto@ for the initial diff. OK benno@
Revision 1.99 / (download) - annotate - [select for diffs], Wed May 23 19:11:48 2018 UTC (6 years ago) by bluhm
Branch: MAIN
Changes since 1.98: +3 -1 lines
Diff to previous 1.98 (colored)
Set the port.op value when parsing the httpd.conf port value. Otherwise the default port for http or https may used depending on uninitialized memory. Fixes regress on i386. OK reyk@
Revision 1.98 / (download) - annotate - [select for diffs], Sat May 19 13:56:56 2018 UTC (6 years ago) by jsing
Branch: MAIN
Changes since 1.97: +57 -1 lines
Diff to previous 1.97 (colored)
Add support for client certificate authentication to httpd. From Jack Burton <jack at saosce dot com dot au> - thanks! Also tested by Jan Klemkow <j.klemkow at wemelug dot de>. ok beck@ reyk@
Revision 1.97 / (download) - annotate - [select for diffs], Fri May 18 15:20:46 2018 UTC (6 years ago) by reyk
Branch: MAIN
Changes since 1.96: +74 -64 lines
Diff to previous 1.96 (colored)
Move LISTEN ON {} code into a function listen_on().
No functional change, but it makes it easier to deal with the grammar.
Revision 1.96 / (download) - annotate - [select for diffs], Fri May 18 14:24:26 2018 UTC (6 years ago) by reyk
Branch: MAIN
Changes since 1.95: +5 -16 lines
Diff to previous 1.95 (colored)
Revert previous: it introduced a shift/reduce conflict in the grammar.
Revision 1.95 / (download) - annotate - [select for diffs], Fri May 18 14:07:46 2018 UTC (6 years ago) by reyk
Branch: MAIN
Changes since 1.94: +16 -5 lines
Diff to previous 1.94 (colored)
Allow to omit the listen port configuration. Default to port 80, tls port 443. OK florian@ jmc@
Revision 1.94 / (download) - annotate - [select for diffs], Thu Apr 26 14:12:19 2018 UTC (6 years, 1 month ago) by krw
Branch: MAIN
Changes since 1.93: +3 -1 lines
Diff to previous 1.93 (colored)
Plug leak in error case of the common 'varset' implementations. ok benno@
Revision 1.93 / (download) - annotate - [select for diffs], Wed Apr 11 15:50:46 2018 UTC (6 years, 1 month ago) by florian
Branch: MAIN
Changes since 1.92: +53 -46 lines
Diff to previous 1.92 (colored)
Make httpd listen on all IPv4 and IPv6 addresses for "listen on * port 80". While here accept up to 16 addresses from DNS or interface groups. requested by & "lovely" deraadt@ OK kn@
Revision 1.92 / (download) - annotate - [select for diffs], Mon Aug 28 06:00:05 2017 UTC (6 years, 9 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored)
65535 is a valid port to listen on. Off-by-one pointed out by and diff from Kris Katterjohn katterjohn AT gmail, thanks! chris@ pointed out that more than httpd(8) is effected. OK gilles@
Revision 1.91 / (download) - annotate - [select for diffs], Fri Aug 11 18:48:56 2017 UTC (6 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.90: +7 -7 lines
Diff to previous 1.90 (colored)
Convert httpd to tls_config_set_ecdhecurves(), allowing a list of curves to be specified, rather than a single curve. ok beck@
Revision 1.90 / (download) - annotate - [select for diffs], Sat Mar 25 17:25:34 2017 UTC (7 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.89: +24 -5 lines
Diff to previous 1.89 (colored)
Implement TLS ticket support in httpd. Off by default. Use tls ticket lifetime default to turn it on with a 2h ticket lifetime. Rekeying happens after a quarter of that time. OK reky@ and bob@
Revision 1.89 / (download) - annotate - [select for diffs], Tue Feb 7 12:27:42 2017 UTC (7 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.88: +7 -1 lines
Diff to previous 1.88 (colored)
/tmp/cvsspEkok
Revision 1.88 / (download) - annotate - [select for diffs], Fri Jan 27 07:03:27 2017 UTC (7 years, 4 months ago) by tom
Branch: MAIN
Changes since 1.87: +3 -3 lines
Diff to previous 1.87 (colored)
More s/OSCP/OCSP/ typos ok jmc@
Revision 1.87 / (download) - annotate - [select for diffs], Thu Jan 5 13:53:09 2017 UTC (7 years, 5 months ago) by krw
Branch: MAIN
Changes since 1.86: +2 -3 lines
Diff to previous 1.86 (colored)
Replace hand-rolled for(;;) emptying of 'symhead' TAILQ with more modern TAILQ_FOREACH_SAFE(). No intentional functional change. ok millert@ bluhm@ gilles@
Revision 1.86 / (download) - annotate - [select for diffs], Thu Jan 5 12:42:18 2017 UTC (7 years, 5 months ago) by krw
Branch: MAIN
Changes since 1.85: +7 -5 lines
Diff to previous 1.85 (colored)
Replace symset()'s hand-rolled for(;;) traversal of 'symhead' TAILQ
with more modern TAILQ_FOREACH(). This what symget() was already
doing.
Add paranoia '{}' around body of symget()'s TAILQ_FOREACH().
No intentional functional change.
ok bluhm@ otto@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Nov 17 14:52:48 2016 UTC (7 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.84: +17 -5 lines
Diff to previous 1.84 (colored)
Move OCSP loading into a separate function - it is not part of the keypair and this way we can give a separate specific error message. ok beck@ reyk@
Revision 1.84 / (download) - annotate - [select for diffs], Sun Nov 6 15:50:47 2016 UTC (7 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.83: +6 -4 lines
Diff to previous 1.83 (colored)
since ocsp stapling is optional, make sure we guard if we do not have it. ok jsing@
Revision 1.83 / (download) - annotate - [select for diffs], Sun Nov 6 10:49:38 2016 UTC (7 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.82: +15 -4 lines
Diff to previous 1.82 (colored)
Add OCSP stapling support to httpd ok jsing@ bcook@
Revision 1.82 / (download) - annotate - [select for diffs], Sat Sep 3 14:44:21 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)
Replace [RELAY|SERVER]_MAXPROC with the new PROC_MAX_INSTANCES variable and limit it from 128 to 32 instances (the old value). While here, move a few PROC_ defines around. OK rzalamena@
Revision 1.81 / (download) - annotate - [select for diffs], Mon Aug 22 15:02:18 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)
Enable SNI support in httpd(8). ok reyk@
Revision 1.80 / (download) - annotate - [select for diffs], Mon Aug 15 16:12:34 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.79: +1 -29 lines
Diff to previous 1.79 (colored)
Move server_match() from parse.y to server.c; use env instead of conf, which is actually the same thing (cluebat from reyk@).
Revision 1.79 / (download) - annotate - [select for diffs], Mon Aug 15 13:48:24 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.78: +74 -35 lines
Diff to previous 1.78 (colored)
Make httpd stricter with respect to TLS configuration - in particular, do not allow TLS and non-TLS to be configured on the same port, do not allow TLS options to be specified without a TLS listener and ensure that the TLS options are the same when a server is specified on the same address/port. Currently, these configurations are permitted but do not work as intended. Also factor out and reuse the server matching code, which was previously duplicated. ok reyk@
Revision 1.78 / (download) - annotate - [select for diffs], Tue Jun 21 21:35:24 2016 UTC (7 years, 11 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.77: +9 -1 lines
Diff to previous 1.77 (colored)
do not allow whitespace in macro names, i.e. "this is" = "a variable". change this in all config parsers in our tree that support macros. problem reported by sven falempin. feedback from henning@, stsp@, deraadt@ ok florian@ mikeb@
Revision 1.77 / (download) - annotate - [select for diffs], Sun Nov 22 13:27:13 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.76: +4 -4 lines
Diff to previous 1.76 (colored)
Update log.c: change fatal() and fatalx() into variadic functions, include the process name, and replace all calls of fatal*(NULL) with fatal(__func__) for better debugging. OK benno@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Aug 20 22:39:29 2015 UTC (8 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.75: +3 -4 lines
Diff to previous 1.75 (colored)
stdlib.h is in scope; do not cast malloc/calloc/realloc* ok millert krw
Revision 1.75 / (download) - annotate - [select for diffs], Thu Aug 20 13:00:23 2015 UTC (8 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.74: +10 -10 lines
Diff to previous 1.74 (colored)
Change httpd(8) to use C99-style fixed-width integers (uintN_t instead of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this style; it also helps us to get used to it, portability, and standardization. Theoretically no binary change, except one in practice: httpd.o has a different checksum because gcc with -O2 pads/optimizes "struct privsep" differently when using "unsigned int" instead "u_int" for the affected members. "u_int" is just a typedef of "unsigned int", -O0 doesn't build the difference and clang with -O2 doesn't do it either - it is just another curiosity from gcc-land. OK semarie@
Revision 1.74 / (download) - annotate - [select for diffs], Wed Aug 19 21:26:21 2015 UTC (8 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)
spacing
Revision 1.73 / (download) - annotate - [select for diffs], Sun Jul 19 05:17:27 2015 UTC (8 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.72: +7 -3 lines
Diff to previous 1.72 (colored)
For the completeness of HSTS, add the non-standard preload option. OK florian@
Revision 1.72 / (download) - annotate - [select for diffs], Sat Jul 18 06:00:43 2015 UTC (8 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.71: +24 -6 lines
Diff to previous 1.71 (colored)
Allow to change the default media type globally or per-location, eg. default type text/html. OK florian@
Revision 1.71 / (download) - annotate - [select for diffs], Sat Jul 18 05:41:18 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.70: +35 -2 lines
Diff to previous 1.70 (colored)
Implement HTTP Strict Transport Security (HSTS). Input & OK reyk
Revision 1.70 / (download) - annotate - [select for diffs], Thu Jul 16 19:05:28 2015 UTC (8 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.69: +3 -2 lines
Diff to previous 1.69 (colored)
spacing
Revision 1.69 / (download) - annotate - [select for diffs], Wed Jul 15 17:14:50 2015 UTC (8 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.68: +3 -2 lines
Diff to previous 1.68 (colored)
Unbreak configurations that have a non-TLS listen statement followed by a TLS listen statement. A bug was introduced in r1.68 of parse.y, which results in flags being directly copied from the parent, meaning that the TLS flag for the second server gets lost. ok reyk@
Revision 1.68 / (download) - annotate - [select for diffs], Tue Jun 23 15:23:14 2015 UTC (8 years, 11 months ago) by reyk
Branch: MAIN
Changes since 1.67: +46 -27 lines
Diff to previous 1.67 (colored)
Add initial support for pattern matching using Lua's pattern matching code. With important help on the pattern matcher from semarie@ OK semarie@
Revision 1.67 / (download) - annotate - [select for diffs], Wed Apr 1 04:51:15 2015 UTC (9 years, 2 months ago) by jsg
Branch: MAIN
Changes since 1.66: +3 -1 lines
Diff to previous 1.66 (colored)
Zero the tls cert/key length variables when inheriting a server configuration for multiple listen statements in a server block. Otherwise httpd will crash when a listen statement with tls is followed by a listen statement without tls. Problem reported by Kent Fritz on misc. ok jsing@ looks good deraadt@
Revision 1.66 / (download) - annotate - [select for diffs], Mon Mar 9 15:46:45 2015 UTC (9 years, 3 months ago) by reyk
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)
Make httpd TLSv1.2-only by default. Some older browsers, like IE 10, will be incompatible with this change. We do this early in the release cycle, so there is a good chance to get more experience with the impact of it and the upcoming restricted cipher modes. OK jsing@ deraadt@ benno@ bmercer@ krw@ florian@
Revision 1.65 / (download) - annotate - [select for diffs], Thu Feb 12 04:40:23 2015 UTC (9 years, 3 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.64: +22 -3 lines
Diff to previous 1.64 (colored)
Allow TLS protocols to be specified via a "tls protocols" configuration option. ok reyk@
Revision 1.64 / (download) - annotate - [select for diffs], Sun Feb 8 04:50:32 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.63: +2 -1 lines
Diff to previous 1.63 (colored)
Use AI_ADDRCONFIG when resolv hosts on startup. OK henning@
Revision 1.63 / (download) - annotate - [select for diffs], Sun Feb 8 00:00:59 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
spacing
Revision 1.62 / (download) - annotate - [select for diffs], Sat Feb 7 06:26:28 2015 UTC (9 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.61: +34 -5 lines
Diff to previous 1.61 (colored)
Add httpd configuration options to allow the specification of DHE parameters and the ECDHE curve. This primarily allows for DHE cipher suites to be enabled. ok reyk@
Revision 1.61 / (download) - annotate - [select for diffs], Sat Feb 7 01:23:12 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.60: +57 -3 lines
Diff to previous 1.60 (colored)
Add support for blocking, dropping, and redirecting requests. OK florian@
Revision 1.60 / (download) - annotate - [select for diffs], Fri Feb 6 13:05:20 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.59: +8 -4 lines
Diff to previous 1.59 (colored)
Fix log options in locations. Reported and tested by Markus Bergkvist OK florian@
Revision 1.59 / (download) - annotate - [select for diffs], Thu Jan 29 08:52:52 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.58: +13 -1 lines
Diff to previous 1.58 (colored)
Fix a regression that removed support for using service names instead of ports. It is now possible to use "listen on * port www" again. Found by ajacoutot@ OK ajacoutot@ blambert@
Revision 1.58 / (download) - annotate - [select for diffs], Wed Jan 21 22:21:05 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.57: +4 -3 lines
Diff to previous 1.57 (colored)
httpd is based on relayd and had included many headers that are only needed by its ancestor. jsg@, include-what-you-use, and some manual review helped to cleanup the headers (take iwyu with a grain of salt). Based on common practice, httpd.h now also includes the necessary headers for itself. OK florian@
Revision 1.57 / (download) - annotate - [select for diffs], Mon Jan 19 21:07:33 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.56: +2 -35 lines
Diff to previous 1.56 (colored)
No need to include pfvar.h, another leftover from relayd. It was also used for portrange operators which weren't used in httpd. OK florian@
Revision 1.56 / (download) - annotate - [select for diffs], Mon Jan 19 19:37:50 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.55: +47 -18 lines
Diff to previous 1.55 (colored)
Decouple auth parameters from struct server_config into struct auth. OK florian@
Revision 1.55 / (download) - annotate - [select for diffs], Sun Jan 18 14:01:17 2015 UTC (9 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.54: +37 -3 lines
Diff to previous 1.54 (colored)
First stab at implementing basic auth. Currently the htpasswd file needs to be in the chroot; will hopefully improved soonish. Based on a diff from Oscar Linderholm many months ago but turned into a complete rewrite. input/OK reyk@
Revision 1.54 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:17 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.53 / (download) - annotate - [select for diffs], Tue Jan 13 09:21:15 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)
bump copyright year
Revision 1.52 / (download) - annotate - [select for diffs], Wed Jan 7 11:04:29 2015 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.51: +43 -39 lines
Diff to previous 1.51 (colored)
Relax configuration list parsing to allow multi-line blocks for tls, root, tcp etc. Based on a diff from Nathanael Rensen. OK florian@
Revision 1.51 / (download) - annotate - [select for diffs], Tue Jan 6 14:07:48 2015 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.50: +6 -1 lines
Diff to previous 1.50 (colored)
Only open a socket once for each unique "listen on" statement. This prevents running out of file descriptors when loading a configuration with many aliases. OK florian@
Revision 1.50 / (download) - annotate - [select for diffs], Sun Jan 4 22:23:58 2015 UTC (9 years, 5 months ago) by chrisz
Branch: MAIN
Changes since 1.49: +29 -13 lines
Diff to previous 1.49 (colored)
add new url stripping option: strip number Strip number path components from the beginning of the request URI before looking up the stripped-down URI at the document root. reviewed with much patience and OK by reyk@
Revision 1.49 / (download) - annotate - [select for diffs], Sat Jan 3 23:54:25 2015 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.48: +2 -0 lines
Diff to previous 1.48 (colored)
Reset tls key and cert to NULL when duplicating a server - avoids a possible double free in the error path of the parser. Found by + OK doug@
Revision 1.48 / (download) - annotate - [select for diffs], Sat Jan 3 16:20:31 2015 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)
Tweak previous - add a missing free in the error path.
Revision 1.47 / (download) - annotate - [select for diffs], Sat Jan 3 15:49:18 2015 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.46: +184 -14 lines
Diff to previous 1.46 (colored)
Support alias names and multiple listen statements per server block. The implementation is done in the parser by expanding each alias/listen into an independent server configuration; this makes it easier to handle internally without adding additional loops or conditions. OK florian@
Revision 1.46 / (download) - annotate - [select for diffs], Sun Dec 21 00:54:49 2014 UTC (9 years, 5 months ago) by guenther
Branch: MAIN
Changes since 1.45: +1 -2 lines
Diff to previous 1.45 (colored)
Stop pulling in <arpa/inet.h> or <arpa/nameser.h> when unnecessary.
*Do* pull it in when in_{port,addr}_h is needed and <netinet/in.h> isn't.
ok reyk@
Revision 1.45 / (download) - annotate - [select for diffs], Thu Dec 18 10:10:11 2014 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.44: +5 -2 lines
Diff to previous 1.44 (colored)
Accept * as an alias for the default ipv4 listen address. OK jsg@
Revision 1.44 / (download) - annotate - [select for diffs], Fri Dec 12 14:45:59 2014 UTC (9 years, 5 months ago) by reyk
Branch: MAIN
Changes since 1.43: +30 -30 lines
Diff to previous 1.43 (colored)
Like previously done in relayd, change the keyword "ssl" to "tls" to reflect reality. OK benno@
Revision 1.43 / (download) - annotate - [select for diffs], Thu Dec 4 02:44:42 2014 UTC (9 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.42: +1 -2 lines
Diff to previous 1.42 (colored)
stop viral header propagation. none of this code uses sys/hash.h from Max Fillinger
Revision 1.34.2.1 / (download) - annotate - [select for diffs], Thu Nov 20 07:48:45 2014 UTC (9 years, 6 months ago) by jasper
Branch: OPENBSD_5_6
Changes since 1.34: +65 -35 lines
Diff to previous 1.34 (colored) next main 1.35 (colored)
httpd was developed very rapidly in the weeks before 5.6 release, and it has a few flaws. It would be nice to get these flaws fully remediated before the next release, and that requires the community to want to use it. Therefore here is a "jumbo" patch that brings in the most important fixes. committing on behalf of reyk@
Revision 1.42 / (download) - annotate - [select for diffs], Thu Nov 20 05:51:20 2014 UTC (9 years, 6 months ago) by jsg
Branch: MAIN
Changes since 1.41: +4 -1 lines
Diff to previous 1.41 (colored)
Don't allow embedded nul characters in strings. Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@
Revision 1.41 / (download) - annotate - [select for diffs], Tue Nov 11 15:54:45 2014 UTC (9 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.40: +7 -3 lines
Diff to previous 1.40 (colored)
Allow the log directory to be configurable in the config file, rather than fixed as /logs within the chroot. As this httpd is properly privesp'ed this has the nice property of allowing us to put the logs outside the chroot if we want to. ok reyk@
Revision 1.40 / (download) - annotate - [select for diffs], Mon Nov 3 18:43:24 2014 UTC (9 years, 7 months ago) by bluhm
Branch: MAIN
Changes since 1.39: +6 -6 lines
Diff to previous 1.39 (colored)
Convert the logic in yyerror(). Instead of creating a temporary format string, create a temporary message. OK deraadt@
Revision 1.39 / (download) - annotate - [select for diffs], Mon Nov 3 03:46:44 2014 UTC (9 years, 7 months ago) by doug
Branch: MAIN
Changes since 1.38: +10 -8 lines
Diff to previous 1.38 (colored)
Add gcc format attributes to yyerror() in httpd. Fix a few format characters as well. ok bluhm@
Revision 1.38 / (download) - annotate - [select for diffs], Fri Sep 5 10:04:20 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.37: +57 -24 lines
Diff to previous 1.37 (colored)
Remove a limitation that only allowed to specify a server name once. The key has been changed to server name + address + port and now it is possible to use the same server name for multiple servers with different addresses, eg. http://www.example.com and https://www.example.com/. OK doug@ florian@
Revision 1.37 / (download) - annotate - [select for diffs], Thu Sep 4 13:45:17 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored)
One line change adding the 'include' directive to the valid server options. This allows to include external configuration files from within server and location sections, not just from global context, for example to share common configuration within multiple servers (or virtual hosts).
Revision 1.36 / (download) - annotate - [select for diffs], Mon Aug 25 14:27:54 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.35: +21 -4 lines
Diff to previous 1.35 (colored)
Add a generic system-wide /usr/share/misc/mime.types file that can be included in httpd.conf. httpd(8) now supports both mime.types flavours with or without semicolon at the end of the line (nginx- or apache-style). Discussed with many, with input from halex@ OK halex@
Revision 1.35 / (download) - annotate - [select for diffs], Sat Aug 9 07:35:45 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.34: +4 -1 lines
Diff to previous 1.34 (colored)
Allow to inclue the types section anywhere in the configuration file. Found by chris@ OK doug@
Revision 1.34 / (download) - annotate - [select for diffs], Wed Aug 6 20:29:54 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE
Branch point for: OPENBSD_5_6
Changes since 1.33: +5 -5 lines
Diff to previous 1.33 (colored)
Change grammar to remove a shift/reduce conflict that was introduced with the ssl options. "listen on $ip port 443 ssl" turns into "listen on $ip ssl port 443". ok florian@
Revision 1.33 / (download) - annotate - [select for diffs], Wed Aug 6 18:21:14 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.32: +11 -5 lines
Diff to previous 1.32 (colored)
Limit the body size in client requests (eg. POST data) to 1M by default; add a configuration option to change the limit. ok florian@
Revision 1.32 / (download) - annotate - [select for diffs], Wed Aug 6 16:11:34 2014 UTC (9 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.31: +51 -6 lines
Diff to previous 1.31 (colored)
Provide configuration options that allow the SSL certificate, key and ciphers to be specified for each server. ok deraadt@ reyk@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Aug 6 16:09:02 2014 UTC (9 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.30: +3 -1 lines
Diff to previous 1.30 (colored)
Configure the default SSL ciphers as HIGH:!aNULL. ok deraadt@ reyk@
Revision 1.30 / (download) - annotate - [select for diffs], Wed Aug 6 12:56:58 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
spacing
Revision 1.29 / (download) - annotate - [select for diffs], Wed Aug 6 02:04:42 2014 UTC (9 years, 10 months ago) by jsing
Branch: MAIN
Changes since 1.28: +8 -1 lines
Diff to previous 1.28 (colored)
Load the SSL public/private keys in the parent process, then provide them to the privsep process via imsg. This allows the keys to be moved out of the chroot (now /etc/ssl/server.crt, /etc/ssl/private/server.key). ok reyk@
Revision 1.28 / (download) - annotate - [select for diffs], Tue Aug 5 18:01:10 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.27: +45 -7 lines
Diff to previous 1.27 (colored)
Add configuration options for the most-important connection limits: max requests (per connection) and timeout. We don't want to add too many button, and there are good defaults, but these ones are kind of mandatory.
Revision 1.27 / (download) - annotate - [select for diffs], Tue Aug 5 17:03:21 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.26: +69 -4 lines
Diff to previous 1.26 (colored)
Bring back the tcp/ip configuration options. This code was already there and is from relayd. We can decide later which options should be added or removed, but it shouldn't do any harm.
Revision 1.26 / (download) - annotate - [select for diffs], Tue Aug 5 16:46:35 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.25: +52 -47 lines
Diff to previous 1.25 (colored)
Add srv_conf helper variable to make the code more readable. No functional change.
Revision 1.25 / (download) - annotate - [select for diffs], Tue Aug 5 15:36:59 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.24: +32 -5 lines
Diff to previous 1.24 (colored)
Improve logging to allow per- server/location log files. The log files can also be owned by root now: they're opened by the parent and send to the logger process with fd passing. This also works with reload. ok deraadt@
Revision 1.24 / (download) - annotate - [select for diffs], Tue Aug 5 09:24:21 2014 UTC (9 years, 10 months ago) by jsg
Branch: MAIN
Changes since 1.23: +6 -2 lines
Diff to previous 1.23 (colored)
add a config option to specify the chroot directory ok reyk@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Aug 4 17:38:12 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.22: +14 -3 lines
Diff to previous 1.22 (colored)
Proxy commit for jsing@: "Add TLS/SSL support to httpd, based on the recent ressl commits." From jsing@ ok reyk@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Aug 4 16:07:59 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.21: +16 -11 lines
Diff to previous 1.21 (colored)
Change grammar from "log [style]" to "log style [style]".
Revision 1.21 / (download) - annotate - [select for diffs], Mon Aug 4 15:49:28 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.20: +28 -9 lines
Diff to previous 1.20 (colored)
Add initial support for log files in /var/www/logs/. Logging with syslog is still supported but disabled by default. ok deraadt@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Aug 4 11:09:25 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.19: +1 -3 lines
Diff to previous 1.19 (colored)
httpd doesn't support SSL/TLS yet, remove the remaining bits. The secrect plan is to add it later using the ressl wrapper library.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Aug 3 20:43:03 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.18: +12 -12 lines
Diff to previous 1.18 (colored)
spacing
Revision 1.18 / (download) - annotate - [select for diffs], Sun Aug 3 11:16:10 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.17: +11 -16 lines
Diff to previous 1.17 (colored)
Split fastcgi socket path and document root option and add the SCRIPT_FILENAME CGI param with a prepended root. This fixes php-fpm that expects SCRIPT_FILENAME and also works with slowcgi if you configure the root correctly. For example, if SCRIPT_NAME and REQUEST_URI are /php/index.php, root is /htdocs, SCRIPT_FILENAME will be /htdocs/php/index.php. As tested and discussed with florian@
Revision 1.17 / (download) - annotate - [select for diffs], Sun Aug 3 10:26:43 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.16: +10 -4 lines
Diff to previous 1.16 (colored)
Add another log mode "connection" for a relayd(8)-style log entry after each connection, not every request. The code was already there and enabled on debug, I just turned it into an alternative log format.
Revision 1.16 / (download) - annotate - [select for diffs], Sat Aug 2 21:21:47 2014 UTC (9 years, 10 months ago) by doug
Branch: MAIN
Changes since 1.15: +9 -2 lines
Diff to previous 1.15 (colored)
Locations now inherit access log settings from the server. Add log to the server flags. input/"Looks ok" reyk@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Aug 1 21:59:56 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.14: +5 -17 lines
Diff to previous 1.14 (colored)
remove the global "log updates/all" option that came from relayd.
Revision 1.14 / (download) - annotate - [select for diffs], Fri Aug 1 21:51:02 2014 UTC (9 years, 10 months ago) by doug
Branch: MAIN
Changes since 1.13: +16 -2 lines
Diff to previous 1.13 (colored)
Add common and combined access logging to httpd. ok reyk@
Revision 1.13 / (download) - annotate - [select for diffs], Thu Jul 31 14:18:38 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.12: +44 -10 lines
Diff to previous 1.12 (colored)
Allow to specify a non-default fastcgi socket.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Jul 31 13:28:15 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.11: +7 -7 lines
Diff to previous 1.11 (colored)
Rename the "docroot" variable to "path" because it will be used for either files or the fastcgi socket (and there's no need to use a union yet).
Revision 1.11 / (download) - annotate - [select for diffs], Thu Jul 31 09:34:57 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.10: +12 -3 lines
Diff to previous 1.10 (colored)
Add a configuration variable "fastcgi" to enable it per server or location.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jul 30 13:49:48 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.9: +18 -2 lines
Diff to previous 1.9 (colored)
Make "location" work with name-based virtual servers.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jul 30 10:05:14 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.8: +77 -5 lines
Diff to previous 1.8 (colored)
Add "location" keyword to specify path-specific configuration in servers, for example auto index for a sub-directory only. Internally, a "location" is just a special type of a "virtual" server.
Revision 1.8 / (download) - annotate - [select for diffs], Tue Jul 29 16:17:28 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.7: +47 -3 lines
Diff to previous 1.7 (colored)
Add extended directory index options: "[no] index" and "[no] auto index". The option "directory auto index" implements basic directory listing and is turned off by default. ok deraadt@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Jul 25 17:04:47 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)
Add a single line to fix the address matching of multiple server blocks with non-virtual hosts. I had this line in a previous diff.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Jul 25 16:23:19 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.5: +12 -3 lines
Diff to previous 1.5 (colored)
Add support for "virtual hosts" aka. server blocks aka. multiple servers with the same or "overlapping" IP address but a different name. ok beck@
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jul 25 15:47:11 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.4: +13 -2 lines
Diff to previous 1.4 (colored)
Add and document 'root' configuration option for the docroot.
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 25 12:42:05 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
Move the docroot into the server block.
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jul 23 22:02:02 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
The media_encoding is not used in parse.y but stack garbage could lead to a double free; set it to NULL. This should fix a problem that was found by deraadt@
Revision 1.2 / (download) - annotate - [select for diffs], Sun Jul 13 14:17:37 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.1: +73 -8 lines
Diff to previous 1.1 (colored)
Add support for media types (aka. MIME types): the types section is compatible to nginx' mime.types file which can be included directly. If not present, use a few built-in defaults for html, css, txt, jpeg, gif, png, and js.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Jul 12 23:34:54 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Add httpd(8), an attempt to turn the relayd(8) codebase into a simple web server. It is not finished yet and I just started it today, but the goal is to provide an HTTP server that a) provides minimal features, b) serves static files, c) provides FastCGI support, and d) follows common coding practices of OpenBSD. It will neither support plugins, nor custom memory allocators, EBCDIC support, PCRE or any other things that can be found elsewhere. httpd(8) is not intended to provide a fully-featured replacement for nginx(8) or the Apache, but it will provide enough functionality that is needed in the OpenBSD base system. ok deraadt@