![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / httpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.95.6.2 / (download) - annotate - [select for diffs], Mon Nov 20 18:17:46 2023 UTC (6 months, 2 weeks ago) by bluhm
Branch: OPENBSD_7_3
Changes since 1.95.6.1: +7 -8 lines
Diff to previous 1.95.6.1 (colored) to branchpoint 1.95 (colored) next main 1.96 (colored)
Avoid a NULL dereference when handling a malformed fastcgi request. Rework the hack to avoid a use-after-free in the fastcgi code. Since server_fcgi() can be called by server_read_httpcontent() we can't set clt_fcgi_error to NULL. Instead, we implement a simple reference count to track when a fastcgi session is in progress to avoid closing the http session prematurely on fastcgi error. Based on a diff from and OK by tb@. Reported by Ben Kallus. from millert@ this is errata/7.3/020_httpd.patch.sig
Revision 1.96.2.1 / (download) - annotate - [select for diffs], Mon Nov 20 18:14:52 2023 UTC (6 months, 2 weeks ago) by bluhm
Branch: OPENBSD_7_4
Changes since 1.96: +7 -8 lines
Diff to previous 1.96 (colored) next main 1.97 (colored)
Avoid a NULL dereference when handling a malformed fastcgi request. Rework the hack to avoid a use-after-free in the fastcgi code. Since server_fcgi() can be called by server_read_httpcontent() we can't set clt_fcgi_error to NULL. Instead, we implement a simple reference count to track when a fastcgi session is in progress to avoid closing the http session prematurely on fastcgi error. Based on a diff from and OK by tb@. Reported by Ben Kallus. from millert@ this is errata/7.4/006_httpd.patch.sig
Revision 1.97 / (download) - annotate - [select for diffs], Wed Nov 8 19:19:10 2023 UTC (7 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.96: +7 -8 lines
Diff to previous 1.96 (colored)
Avoid a NULL dereference when handling a malformed fastcgi request. Rework the hack to avoid a use-after-free in the fastcgi code. Since server_fcgi() can be called by server_read_httpcontent() we can't set clt_fcgi_error to NULL. Instead, we implement a simple reference count to track when a fastcgi session is in progress to avoid closing the http session prematurely on fastcgi error. Based on a diff from and OK by tb@. Reported by Ben Kallus.
Revision 1.95.2.1 / (download) - annotate - [select for diffs], Wed Jul 12 12:46:33 2023 UTC (10 months, 4 weeks ago) by tb
Branch: OPENBSD_7_2
Changes since 1.95: +12 -1 lines
Diff to previous 1.95 (colored) next main 1.96 (colored)
Work around use after free in httpd(8) A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. Reported by Jesper Wallin <jesper () ifconfig.se> "this will do the trick for now" claudio ok beck deraadt This is errata/7.2/029_httpd.patch.sig
Revision 1.95.6.1 / (download) - annotate - [select for diffs], Wed Jul 12 12:46:01 2023 UTC (10 months, 4 weeks ago) by tb
Branch: OPENBSD_7_3
Changes since 1.95: +12 -1 lines
Diff to previous 1.95 (colored)
Work around use after free in httpd(8) A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. Reported by Jesper Wallin <jesper () ifconfig.se> "this will do the trick for now" claudio ok beck deraadt
Revision 1.96 / (download) - annotate - [select for diffs], Wed Jul 12 12:37:28 2023 UTC (10 months, 4 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE
Branch point for: OPENBSD_7_4
Changes since 1.95: +12 -1 lines
Diff to previous 1.95 (colored)
Work around use after free in httpd(8) A malformed HTTP request can cause httpd in fastcgi mode to crash due to a use-after-free. This is an awful hack, but it's good enough until someone figures out the correct way of dealing with server_close() here. "this will do the trick for now" claudio ok beck deraadt
Revision 1.95 / (download) - annotate - [select for diffs], Mon Aug 15 12:29:17 2022 UTC (21 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_2_BASE
Branch point for: OPENBSD_7_3,
OPENBSD_7_2
Changes since 1.94: +2 -3 lines
Diff to previous 1.94 (colored)
Neither clt_descreq nor clt_descresp in struct client need to be void *. They both are only used as struct http_descriptor. OK tb@
Revision 1.94 / (download) - annotate - [select for diffs], Mon Aug 15 10:29:03 2022 UTC (21 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.93: +15 -3 lines
Diff to previous 1.93 (colored)
For FCGI_END_REQUEST reset the clt struct similar to what is done in the file and other cases. Especially when the session uses keep-alive it is important to set TOREAD_HTTP_HEADER so that the state machine knows what's next. OK op@
Revision 1.93 / (download) - annotate - [select for diffs], Fri Aug 12 08:40:25 2022 UTC (21 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)
Use break instead of return so that a HEAD request still consumes all data. OK op@
Revision 1.92 / (download) - annotate - [select for diffs], Fri Aug 12 06:41:41 2022 UTC (21 months, 4 weeks ago) by op
Branch: MAIN
Changes since 1.91: +4 -2 lines
Diff to previous 1.91 (colored)
fix regression introduced in previous commit. HEAD replies don't have a body so server_fcgi_error shouldn't print the end marker. OK claudio@
Revision 1.91 / (download) - annotate - [select for diffs], Thu Aug 11 14:25:22 2022 UTC (21 months, 4 weeks ago) by op
Branch: MAIN
Changes since 1.90: +20 -2 lines
Diff to previous 1.90 (colored)
correctly handle an abnormal fastcgi termination. httpd handles the disconnection from the fastcgi application via server_file_error which assumes that the reply was completey done. However, if the fastcgi reply wasn't complete (e.g. because slowcgi hit the timeout) the HTTP client are left "hanging" and waiting for a reply until they give up. This adds a server_fcgi_error callback to handle the "no headers" and "incomplete data" cases and properly close the reply before falling back to server_file_error. OK claudio@
Revision 1.90 / (download) - annotate - [select for diffs], Wed Mar 2 11:10:43 2022 UTC (2 years, 3 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.89: +1 -4 lines
Diff to previous 1.89 (colored)
Nothing uses kv_flags. John (j AT bitminer.ca) pointed out that we didn't correctly initialize struct kv and might use slower KV_FLAG_GLOBBING path in kv_find depending on stack garbage. Instead of fixing the initialization just delete kv_flags from struct kv. OK claudio, tb
Revision 1.89 / (download) - annotate - [select for diffs], Sat Oct 23 15:52:44 2021 UTC (2 years, 7 months ago) by benno
Branch: MAIN
Changes since 1.88: +29 -19 lines
Diff to previous 1.88 (colored)
* stop sending the content for head requests, even when its supplied by the fcgi. Required by RFC 7231 and RFC 3875 section 4.3.2. * If the client sends an empty body without a Content-Lenght: do not add the Content-Lenght if it's a HEAD request. If it's a HEAD request, the Content-Lenght should show the size of the equivalent GET request, but we don't know how much that will be so don't lie. found by and fix suggested by Ross L Richardson, Thanks! Additionally: * when the fcgi supplies a Content-Length header, do not remove it and set Transfer-Encoding: chunked. Instead, leave the Content-Lenght header in place, as obviously the fcgi knows how much data will come. ok claudio@
Revision 1.88 / (download) - annotate - [select for diffs], Thu May 20 15:12:10 2021 UTC (3 years ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.87: +9 -8 lines
Diff to previous 1.87 (colored)
Fix previous. Only set Content-Length when we no the body is empty and we disable chunked encoding. Otherwise we break the nextcloud app again :/ Pointed out by Matthias Pressfreund, thanks!
Revision 1.87 / (download) - annotate - [select for diffs], Wed May 19 19:42:53 2021 UTC (3 years ago) by florian
Branch: MAIN
Changes since 1.86: +8 -1 lines
Diff to previous 1.86 (colored)
When we disable "Transfer-Encoding: chunked" in the fastcgi backend because we are going to send an empty body we have to provide "Content-Length: 0" otherwise some browsers (Firefox, Safari) just hang until httpd(8) closes the connection. Problem reported by Matthias Pressfreund, debugged with weerd@ who pointed out that the problem is browser dependent. OK tracey
Revision 1.86 / (download) - annotate - [select for diffs], Mon May 17 09:26:52 2021 UTC (3 years ago) by florian
Branch: MAIN
Changes since 1.85: +19 -12 lines
Diff to previous 1.85 (colored)
Do not try to chunk encode an empty http body coming from an fcgi upstream. Found the hard way by Chris Narkiewicz who tracked failing uploads in the nextcloud mobile app down to httpd(8) trying to chunk encode a "204 No Content" resonse. Testing by Steve Williams Testing & OK stsp
Revision 1.85 / (download) - annotate - [select for diffs], Sat May 15 15:08:31 2021 UTC (3 years ago) by florian
Branch: MAIN
Changes since 1.84: +1 -2 lines
Diff to previous 1.84 (colored)
Remove outdated comment. We got all httpd headers from the fcgi server at this point.
Revision 1.84 / (download) - annotate - [select for diffs], Sat Sep 12 07:34:17 2020 UTC (3 years, 8 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.83: +3 -3 lines
Diff to previous 1.83 (colored)
Use the original requested URI for REQUEST_URI. ok millert florian
Revision 1.83 / (download) - annotate - [select for diffs], Mon Aug 24 15:49:11 2020 UTC (3 years, 9 months ago) by tracey
Branch: MAIN
Changes since 1.82: +8 -37 lines
Diff to previous 1.82 (colored)
Add support for non-localhost fastcgi sockets. Lots of review time kn@ Lots of review time, tweaks, and ok florian@
Revision 1.82 / (download) - annotate - [select for diffs], Mon Aug 3 10:58:38 2020 UTC (3 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)
remove unused assignment from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks ok claudio@
Revision 1.81 / (download) - annotate - [select for diffs], Sun Feb 9 09:44:04 2020 UTC (4 years, 4 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.80: +5 -4 lines
Diff to previous 1.80 (colored)
Implement "strip" option for fastcgi to be able to have multiple chroots under /var/www for FastCGI servers. From Nazar Zhuk (nazar AT zhuk DOT online), thanks! Ok benno
Revision 1.80 / (download) - annotate - [select for diffs], Wed May 8 21:41:06 2019 UTC (5 years, 1 month ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.79: +8 -4 lines
Diff to previous 1.79 (colored)
Set the REQUEST_URI CGI variable to the requested URI and query string instead of the rewritten path and query string. Patch from Tim Baumgard, reminded by Mischa Peters. ok benno, reyk
Revision 1.79 / (download) - annotate - [select for diffs], Wed May 8 19:57:45 2019 UTC (5 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.78: +4 -3 lines
Diff to previous 1.78 (colored)
spacing
Revision 1.78 / (download) - annotate - [select for diffs], Tue Feb 19 11:37:26 2019 UTC (5 years, 3 months ago) by pirofti
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.77: +9 -1 lines
Diff to previous 1.77 (colored)
httpd(8): add support for setting custom FastCGI parameters. This commit extends the existing grammar by adding the param option to the fastcgi directive: fastcgi param name value. Example usage: fastcgi param VAR1 hello fastcgi param VAR2 world With help and OK florian@ Rogue manpage bits, feel free to modify them.
Revision 1.77 / (download) - annotate - [select for diffs], Mon Oct 15 08:16:17 2018 UTC (5 years, 7 months ago) by bentley
Branch: MAIN
Changes since 1.76: +3 -2 lines
Diff to previous 1.76 (colored)
Omit HSTS headers over unencrypted connections, per RFC 6797. ok florian@
Revision 1.76 / (download) - annotate - [select for diffs], Sat May 19 13:56:56 2018 UTC (6 years ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.75: +9 -2 lines
Diff to previous 1.75 (colored)
Add support for client certificate authentication to httpd. From Jack Burton <jack at saosce dot com dot au> - thanks! Also tested by Jan Klemkow <j.klemkow at wemelug dot de>. ok beck@ reyk@
Revision 1.75 / (download) - annotate - [select for diffs], Mon Jul 31 08:02:49 2017 UTC (6 years, 10 months ago) by ians
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.74: +5 -3 lines
Diff to previous 1.74 (colored)
Don't set HTTP date header if already set. Thanks Nick Owens OK florian@
Revision 1.74 / (download) - annotate - [select for diffs], Sat Jan 21 11:32:04 2017 UTC (7 years, 4 months ago) by guenther
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.73: +4 -7 lines
Diff to previous 1.73 (colored)
The POSIX APIs that that sockaddrs all ignore the s*_len field in the incoming socket, so userspace doesn't need to set it unless it has its own reasons for tracking the size along with the sockaddr. ok phessler@ deraadt@ florian@
Revision 1.73 / (download) - annotate - [select for diffs], Fri Oct 7 07:37:29 2016 UTC (7 years, 8 months ago) by patrick
Branch: MAIN
Changes since 1.72: +4 -7 lines
Diff to previous 1.72 (colored)
The strchr() call either returns a NULL pointer, on which the code will break out of the loop, or a pointer to ':'. Thus the extra check for ':' is unnecessary and can be removed. ok jung@
Revision 1.72 / (download) - annotate - [select for diffs], Fri Oct 7 07:33:54 2016 UTC (7 years, 8 months ago) by patrick
Branch: MAIN
Changes since 1.71: +6 -3 lines
Diff to previous 1.71 (colored)
Empty lines cause server_fcgi_getheaders() to immediately return. Unfortunately in that case the line was not freed. This lead to a memleak on each request. Thus, save the return value prior to returning, free the line and return the saved value. ok jung@
Revision 1.71 / (download) - annotate - [select for diffs], Thu Sep 1 11:13:18 2016 UTC (7 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.70: +38 -38 lines
Diff to previous 1.70 (colored)
struct client starts to become the kitchen sink. Move fastcgi data to its own struct. Requested by and OK reyk@
Revision 1.70 / (download) - annotate - [select for diffs], Thu Sep 1 10:59:38 2016 UTC (7 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)
spacing
Revision 1.69 / (download) - annotate - [select for diffs], Tue Aug 30 10:54:42 2016 UTC (7 years, 9 months ago) by florian
Branch: MAIN
Changes since 1.68: +20 -10 lines
Diff to previous 1.68 (colored)
Do not assume that the full http response header is in the first fastcgi stdout record. Keep processing stdout records until we found the header / body separator and only then generate the header response. Problem reported by many. OK jung@
Revision 1.68 / (download) - annotate - [select for diffs], Sun Apr 24 20:09:45 2016 UTC (8 years, 1 month ago) by chrisz
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.67: +6 -2 lines
Diff to previous 1.67 (colored)
Always pass QUERY_STRING variable. According to the RFC it is empty when no query string was found. From Tim Baumgard <openbsd@bmgrd.com>o ok florian@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Nov 23 20:56:15 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.66: +3 -4 lines
Diff to previous 1.66 (colored)
Retire socket_set_blockmode() in favor of the SOCK_NONBLOCK type flag. As done in iked and snmpd. OK jung@
Revision 1.66 / (download) - annotate - [select for diffs], Thu Oct 8 09:40:32 2015 UTC (8 years, 8 months ago) by jsg
Branch: MAIN
Changes since 1.65: +3 -1 lines
Diff to previous 1.65 (colored)
fix an fd leak if socket connection fails; from Carlin Bingham ok reyk@
Revision 1.65 / (download) - annotate - [select for diffs], Thu Oct 8 09:32:13 2015 UTC (8 years, 8 months ago) by jsg
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)
fix a typo; from Carlin Bingham
Revision 1.64 / (download) - annotate - [select for diffs], Thu Aug 20 13:00:23 2015 UTC (8 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.63: +3 -3 lines
Diff to previous 1.63 (colored)
Change httpd(8) to use C99-style fixed-width integers (uintN_t instead of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this style; it also helps us to get used to it, portability, and standardization. Theoretically no binary change, except one in practice: httpd.o has a different checksum because gcc with -O2 pads/optimizes "struct privsep" differently when using "unsigned int" instead "u_int" for the affected members. "u_int" is just a typedef of "unsigned int", -O0 doesn't build the difference and clang with -O2 doesn't do it either - it is just another curiosity from gcc-land. OK semarie@
Revision 1.63 / (download) - annotate - [select for diffs], Mon Aug 3 11:45:17 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored)
Fix rev 1.70 of server.c by only re-enabling the bufferevent if we previously disabled it because we were reading to fast (from disk). Problem noted and tracked down to that commit by weerd@ and independently by stsp@. Tested by weerd@, stsp@, reyk@ OK bluhm@, reyk@
Revision 1.62 / (download) - annotate - [select for diffs], Fri Jul 31 00:10:51 2015 UTC (8 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.61: +3 -3 lines
Diff to previous 1.61 (colored)
repair hsts header output, wrong format strings caused broken Strict-Transport-Security headers. Add __format__ attribute to kv_set() and kv_setkey() to make it easier to spot such problems. Found by and fix from Donovan Watteau <tsoomi -AT- gmail -DOT- com>, thanks for your help. ok deraadt@
Revision 1.61 / (download) - annotate - [select for diffs], Wed Jul 29 22:03:41 2015 UTC (8 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.60: +4 -61 lines
Diff to previous 1.60 (colored)
backout the previous: it broke wordpress somehow. we need more care to find a proper fix for the fastcgi headers. acknowledged by deraadt@
Revision 1.60 / (download) - annotate - [select for diffs], Wed Jul 29 20:03:14 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.59: +61 -4 lines
Diff to previous 1.59 (colored)
Read fcgi response records until we have the whole http header and can parse it. Otherwise http headers can leak into the body. Pointed out by Jean-Philippe Ouellet on bugs@ Thanks! OK reyk, commit ASAP deraadt@
Revision 1.59 / (download) - annotate - [select for diffs], Tue Jul 28 10:13:42 2015 UTC (8 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.58: +16 -2 lines
Diff to previous 1.58 (colored)
add HSTS to fcgi responses OK reyk
Revision 1.58 / (download) - annotate - [select for diffs], Sun Jul 19 16:34:35 2015 UTC (8 years, 10 months ago) by blambert
Branch: MAIN
Changes since 1.57: +19 -9 lines
Diff to previous 1.57 (colored)
handle error returns from bufferevent_write() ok florian@
Revision 1.57 / (download) - annotate - [select for diffs], Sat Jul 18 22:42:24 2015 UTC (8 years, 10 months ago) by blambert
Branch: MAIN
Changes since 1.56: +5 -3 lines
Diff to previous 1.56 (colored)
remove XXX and handle error return from evbuffer_add() ok florian@
Revision 1.56 / (download) - annotate - [select for diffs], Sat Jul 18 16:42:39 2015 UTC (8 years, 10 months ago) by blambert
Branch: MAIN
Changes since 1.55: +7 -3 lines
Diff to previous 1.55 (colored)
treat asprintf failure in REQUEST_URI case as a fatal error ok florian@
Revision 1.55 / (download) - annotate - [select for diffs], Fri Jul 17 20:44:57 2015 UTC (8 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.54: +7 -1 lines
Diff to previous 1.54 (colored)
According to RFC 3875 PATH_INFO should either contain a full path or
be empty (""). It was not set at all when there is nothing to set
which caused problems with some FastCGI applications (like
Flask/Python through uWSGI).
From hrkfdn via github
Revision 1.54 / (download) - annotate - [select for diffs], Tue Jun 9 08:50:52 2015 UTC (9 years ago) by jung
Branch: MAIN
Changes since 1.53: +4 -1 lines
Diff to previous 1.53 (colored)
plug fd leak found by Todd Mortimer ok claudio deraadt florian
Revision 1.53 / (download) - annotate - [select for diffs], Thu Mar 26 09:01:51 2015 UTC (9 years, 2 months ago) by florian
Branch: MAIN
Changes since 1.52: +13 -2 lines
Diff to previous 1.52 (colored)
Allow more characters in CGI environment variables as specified by RFC 7230 and RFC 3875. sthen@ suggested to add a comment to explain where the list of characters is coming from. Found the hard way and initial diff from Tim van der Molen (tbvdm at xs4all), thanks! Some more allowed characters added by me. OK sthen@
Revision 1.52 / (download) - annotate - [select for diffs], Mon Feb 23 19:22:43 2015 UTC (9 years, 3 months ago) by chrisz
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)
Use the rewritten (index file appended) uri as DOCUMENT_URI. OK florian@
Revision 1.51 / (download) - annotate - [select for diffs], Wed Jan 21 22:23:24 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.50: +1 -2 lines
Diff to previous 1.50 (colored)
Ooops, no need to include sys/cdefs.h. Pointed out by florian@
Revision 1.50 / (download) - annotate - [select for diffs], Wed Jan 21 22:21:05 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.49: +5 -10 lines
Diff to previous 1.49 (colored)
httpd is based on relayd and had included many headers that are only needed by its ancestor. jsg@, include-what-you-use, and some manual review helped to cleanup the headers (take iwyu with a grain of salt). Based on common practice, httpd.h now also includes the necessary headers for itself. OK florian@
Revision 1.49 / (download) - annotate - [select for diffs], Mon Jan 19 20:00:07 2015 UTC (9 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)
s/clt_fcgi_remote_user/clt_remote_user/ OK reyk@
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jan 19 19:37:50 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
Decouple auth parameters from struct server_config into struct auth. OK florian@
Revision 1.47 / (download) - annotate - [select for diffs], Sun Jan 18 14:01:17 2015 UTC (9 years, 4 months ago) by florian
Branch: MAIN
Changes since 1.46: +9 -1 lines
Diff to previous 1.46 (colored)
First stab at implementing basic auth. Currently the htpasswd file needs to be in the chroot; will hopefully improved soonish. Based on a diff from Oscar Linderholm many months ago but turned into a complete rewrite. input/OK reyk@
Revision 1.46 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:17 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.45 / (download) - annotate - [select for diffs], Tue Jan 13 08:54:01 2015 UTC (9 years, 4 months ago) by reyk
Branch: MAIN
Changes since 1.44: +5 -6 lines
Diff to previous 1.44 (colored)
Abort if fcgi_chunked is not true to avoid sending additional garbage after the response. Found by Erik Lax ok florian@
Revision 1.44 / (download) - annotate - [select for diffs], Sun Jan 4 22:23:58 2015 UTC (9 years, 5 months ago) by chrisz
Branch: MAIN
Changes since 1.43: +21 -8 lines
Diff to previous 1.43 (colored)
add new url stripping option: strip number Strip number path components from the beginning of the request URI before looking up the stripped-down URI at the document root. reviewed with much patience and OK by reyk@
Revision 1.43 / (download) - annotate - [select for diffs], Sun Dec 21 00:54:49 2014 UTC (9 years, 5 months ago) by guenther
Branch: MAIN
Changes since 1.42: +1 -2 lines
Diff to previous 1.42 (colored)
Stop pulling in <arpa/inet.h> or <arpa/nameser.h> when unnecessary.
*Do* pull it in when in_{port,addr}_h is needed and <netinet/in.h> isn't.
ok reyk@
Revision 1.42 / (download) - annotate - [select for diffs], Fri Dec 12 14:45:59 2014 UTC (9 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
Like previously done in relayd, change the keyword "ssl" to "tls" to reflect reality. OK benno@
Revision 1.41 / (download) - annotate - [select for diffs], Thu Dec 4 02:44:42 2014 UTC (9 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.40: +1 -2 lines
Diff to previous 1.40 (colored)
stop viral header propagation. none of this code uses sys/hash.h from Max Fillinger
Revision 1.29.2.1 / (download) - annotate - [select for diffs], Thu Nov 20 07:48:45 2014 UTC (9 years, 6 months ago) by jasper
Branch: OPENBSD_5_6
Changes since 1.29: +139 -59 lines
Diff to previous 1.29 (colored) next main 1.30 (colored)
httpd was developed very rapidly in the weeks before 5.6 release, and it has a few flaws. It would be nice to get these flaws fully remediated before the next release, and that requires the community to want to use it. Therefore here is a "jumbo" patch that brings in the most important fixes. committing on behalf of reyk@
Revision 1.40 / (download) - annotate - [select for diffs], Sat Oct 25 03:23:49 2014 UTC (9 years, 7 months ago) by lteo
Branch: MAIN
Changes since 1.39: +1 -2 lines
Diff to previous 1.39 (colored)
Remove unnecessary netinet/in_systm.h include. ok millert@
Revision 1.39 / (download) - annotate - [select for diffs], Mon Sep 29 19:30:47 2014 UTC (9 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.38: +4 -4 lines
Diff to previous 1.38 (colored)
whitespace spotted while studying the code
Revision 1.38 / (download) - annotate - [select for diffs], Tue Sep 2 16:20:41 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.37: +81 -19 lines
Diff to previous 1.37 (colored)
FastCGI did not support persistent connections. Add initial support for persistent connections with FastCGI by implementing chunked Transfer-Encoding. This only works with HTTP/1.1. With input and help from florian@ who found some FastCGI edge cases. OK florian@
Revision 1.37 / (download) - annotate - [select for diffs], Mon Sep 1 12:28:11 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.36: +3 -3 lines
Diff to previous 1.36 (colored)
Don't pass the local buffer array by reference. OK florian@
Revision 1.36 / (download) - annotate - [select for diffs], Mon Sep 1 09:32:43 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.35: +37 -23 lines
Diff to previous 1.35 (colored)
Replace the code to get the FastCGI Status header with a proper way to parse and write the headers using the http response descriptor. This allows to add other tweaks, like support for chunked encoding, later. OK florian@
Revision 1.35 / (download) - annotate - [select for diffs], Fri Aug 29 13:01:46 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.34: +12 -13 lines
Diff to previous 1.34 (colored)
Use two instead of one http descriptor for request and response. OK chrisz@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Aug 21 19:23:10 2014 UTC (9 years, 9 months ago) by chrisz
Branch: MAIN
Changes since 1.33: +4 -4 lines
Diff to previous 1.33 (colored)
Add Last-Modified: HTTP header. OK reyk@
Revision 1.33 / (download) - annotate - [select for diffs], Wed Aug 13 18:00:54 2014 UTC (9 years, 9 months ago) by chrisz
Branch: MAIN
Changes since 1.32: +12 -4 lines
Diff to previous 1.32 (colored)
For a non-existent root we don't want the root prefix to show up in PATH_INFO. Therefore put a lower bound of strlen(root) on scriptlen. This makes perfect sense for virtual FastCGI scripts which run chrooted in another directory from httpd. ok reyk@
Revision 1.32 / (download) - annotate - [select for diffs], Wed Aug 13 16:04:28 2014 UTC (9 years, 9 months ago) by reyk
Branch: MAIN
Changes since 1.31: +5 -6 lines
Diff to previous 1.31 (colored)
Provide a failsafe version of the path_info() function that doesn't need a temporary path variable. Based on an initial diff from chrisz@. "Commit any failsafe version and I'm ok with it" chrisz@
Revision 1.31 / (download) - annotate - [select for diffs], Mon Aug 11 15:26:33 2014 UTC (9 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +9 -7 lines
Diff to previous 1.30 (colored)
make a few variables more local
Revision 1.30 / (download) - annotate - [select for diffs], Fri Aug 8 18:29:42 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.29: +3 -2 lines
Diff to previous 1.29 (colored)
When opening directories, re-match the location after the index file has been appended. This allows to use a fastcgi target as the default index, for example index.php. OK florian@
Revision 1.29 / (download) - annotate - [select for diffs], Thu Aug 7 12:43:22 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE
Branch point for: OPENBSD_5_6
Changes since 1.28: +3 -2 lines
Diff to previous 1.28 (colored)
Don't try to ouput FCGI_STDERR into error.log if there is no data. Problem noticed by naddy@, OK reyk@
Revision 1.28 / (download) - annotate - [select for diffs], Thu Aug 7 10:52:34 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.27: +29 -2 lines
Diff to previous 1.27 (colored)
Opportunistically try to parse "Status: $code" in the very first response from the fcgi daemon and use that code as HTTP response code. If it doesn't work out fall back to code 200. This might fix naddy@'s issue with redirects in cvsweb. To be revisited after unlock. Discussed with & grudgingly OK reyk@
Revision 1.27 / (download) - annotate - [select for diffs], Wed Aug 6 21:08:47 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.26: +12 -1 lines
Diff to previous 1.26 (colored)
Write STDERR from the CGI to the web server error log as intended. OK florian@
Revision 1.26 / (download) - annotate - [select for diffs], Wed Aug 6 20:56:23 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.25: +6 -1 lines
Diff to previous 1.25 (colored)
If the very first fcgi STDOUT record has length 0 the cgi script didn't send anything back. This is an internal server error. OK reyk@
Revision 1.25 / (download) - annotate - [select for diffs], Wed Aug 6 18:40:15 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)
Always zero-out the fcgi record header for STDIN data. OK florian@
Revision 1.24 / (download) - annotate - [select for diffs], Wed Aug 6 18:38:11 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
Use memset(buf instead of memset(&buf. Pointed out by deraadt@
Revision 1.23 / (download) - annotate - [select for diffs], Wed Aug 6 15:08:04 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.22: +32 -8 lines
Diff to previous 1.22 (colored)
http POST support with & OK reyk@
Revision 1.22 / (download) - annotate - [select for diffs], Wed Aug 6 13:40:18 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.21: +9 -3 lines
Diff to previous 1.21 (colored)
Content-Length and Content-Type are transmitted as CONTENT_LENGTH and CONTENT_TYPE environment variables to cgi scripts, without the HTTP_ prefix. OK reyk@
Revision 1.21 / (download) - annotate - [select for diffs], Mon Aug 4 18:00:06 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.20: +7 -1 lines
Diff to previous 1.20 (colored)
Add HTTPS = on CGI variable.
Revision 1.20 / (download) - annotate - [select for diffs], Mon Aug 4 14:49:24 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.19: +28 -10 lines
Diff to previous 1.19 (colored)
Implement PATH_INFO and add DOCUMENT_ROOT. PATH_INFO was requested by naddy@ who successfully tested it with "cvsweb". ok naddy@
Revision 1.19 / (download) - annotate - [select for diffs], Mon Aug 4 11:09:25 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.18: +1 -3 lines
Diff to previous 1.18 (colored)
httpd doesn't support SSL/TLS yet, remove the remaining bits. The secrect plan is to add it later using the ressl wrapper library.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Aug 3 22:06:51 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
c-type functions / makros need a cast to unsigned char, not int "feel free to commit" reyk@
Revision 1.17 / (download) - annotate - [select for diffs], Sun Aug 3 20:43:03 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
spacing
Revision 1.16 / (download) - annotate - [select for diffs], Sun Aug 3 20:39:40 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.15: +93 -110 lines
Diff to previous 1.15 (colored)
Dynamically pass HTTP request headers as protocol-specific HTTP_* CGI meta-variables. ok florian@
Revision 1.15 / (download) - annotate - [select for diffs], Sun Aug 3 12:26:19 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
Add function to iterate all headers. No functional change.
Revision 1.14 / (download) - annotate - [select for diffs], Sun Aug 3 11:16:10 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.13: +21 -10 lines
Diff to previous 1.13 (colored)
Split fastcgi socket path and document root option and add the SCRIPT_FILENAME CGI param with a prepended root. This fixes php-fpm that expects SCRIPT_FILENAME and also works with slowcgi if you configure the root correctly. For example, if SCRIPT_NAME and REQUEST_URI are /php/index.php, root is /htdocs, SCRIPT_FILENAME will be /htdocs/php/index.php. As tested and discussed with florian@
Revision 1.13 / (download) - annotate - [select for diffs], Sun Aug 3 10:38:42 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.12: +4 -1 lines
Diff to previous 1.12 (colored)
Add missing log call for FastCGI requests.
Revision 1.12 / (download) - annotate - [select for diffs], Sat Aug 2 17:42:24 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)
don't leak fcgi fd
Revision 1.11 / (download) - annotate - [select for diffs], Sat Aug 2 17:05:18 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.10: +19 -3 lines
Diff to previous 1.10 (colored)
Padding of fcgi records is optional, but if we receive padding data we should read it.
Revision 1.10 / (download) - annotate - [select for diffs], Sat Aug 2 11:59:04 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.9: +41 -39 lines
Diff to previous 1.9 (colored)
We need to read from the fcgi bufferevent until it's empty because the event handler will not be called again if no new data arrives. Debugged with and OK reyk@
Revision 1.9 / (download) - annotate - [select for diffs], Sat Aug 2 11:52:01 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.8: +40 -17 lines
Diff to previous 1.8 (colored)
Allow to specify a FastCGI TCP socket on localhost (eg. :9000). Used for debugging, you should prefer local UNIX sockets, but it helped to find an issue that will be fixed with the next commit. OK florian@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Aug 2 09:54:13 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.7: +8 -8 lines
Diff to previous 1.7 (colored)
spacing
Revision 1.7 / (download) - annotate - [select for diffs], Fri Aug 1 18:26:32 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.6: +213 -32 lines
Diff to previous 1.6 (colored)
Rewrite fcgi_add_param and hand over a lot more http headers etc. to the cgi script. OK reyk@ "blanket OK" for changes in httpd for the time beeing from deraadt@
Revision 1.6 / (download) - annotate - [select for diffs], Fri Aug 1 08:34:46 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Changes since 1.5: +52 -18 lines
Diff to previous 1.5 (colored)
Correctly parse fcgi records if we don't get the whole record in one bufferevent_read(). Input/OK reyk@
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 31 18:07:11 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.4: +3 -2 lines
Diff to previous 1.4 (colored)
Only write the HTTP header for the first fastcgi chunk.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Jul 31 17:55:09 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.3: +77 -26 lines
Diff to previous 1.3 (colored)
some fastcgi improvements: - DPRINTF instead of log_info for internal debugging. - submit QUERY_STRING, if it exists - use a proper function to create an HTTP header. - use server_file_error() to detect EOF and fastcgi stream errors. - disable keep-alive/persist for now until we have a reliable way to get the content length from the cgi response or support chunked encoding. "Cool, jep" florian@
Revision 1.3 / (download) - annotate - [select for diffs], Thu Jul 31 14:25:14 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.2: +13 -13 lines
Diff to previous 1.2 (colored)
One bufferevent can be shared by file and fcgi.
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 31 14:18:38 2014 UTC (9 years, 10 months ago) by reyk
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
Allow to specify a non-default fastcgi socket.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 31 09:23:53 2014 UTC (9 years, 10 months ago) by florian
Branch: MAIN
Put in first stab at fastcgi. Very early work in progress. Putting it in now so that we can quickly work on it in tree. Requested by reyk@. deraadt@ is OK with this according to reyk@.