head 1.2; access; symbols netbsd-11-0-RC5:1.2 netbsd-11-0-RC4:1.2 bozohttpd-20260503:1.2 bozohttpd-20240428:1.2 netbsd-11-0-RC3:1.2 netbsd-11-0-RC2:1.2 netbsd-11-0-RC1:1.2 perseant-exfatfs-base-20250801:1.2 netbsd-11:1.2.0.16 netbsd-11-base:1.2 netbsd-10-1-RELEASE:1.2 perseant-exfatfs-base-20240630:1.2 perseant-exfatfs:1.2.0.14 perseant-exfatfs-base:1.2 netbsd-8-3-RELEASE:1.1.1.1.44.1 netbsd-9-4-RELEASE:1.2 netbsd-10-0-RELEASE:1.2 netbsd-10-0-RC6:1.2 netbsd-10-0-RC5:1.2 netbsd-10-0-RC4:1.2 bozohttpd-20240126:1.2 netbsd-10-0-RC3:1.2 netbsd-10-0-RC2:1.2 netbsd-10-0-RC1:1.2 netbsd-10:1.2.0.12 netbsd-10-base:1.2 netbsd-9-3-RELEASE:1.2 bozohttpd-20220517:1.2 cjep_sun2x-base1:1.2 cjep_sun2x:1.2.0.10 cjep_sun2x-base:1.2 cjep_staticlib_x-base1:1.2 netbsd-9-2-RELEASE:1.2 cjep_staticlib_x:1.2.0.8 cjep_staticlib_x-base:1.2 bozohttpd-20210227:1.2 netbsd-9-1-RELEASE:1.2 bozohttpd-20201014:1.2 bozohttpd-20200820:1.2 bozohttpd-20190228:1.2 phil-wifi-20200421:1.2 phil-wifi-20200411:1.2 is-mlppp:1.2.0.6 is-mlppp-base:1.2 phil-wifi-20200406:1.2 netbsd-8-2-RELEASE:1.1.1.1.44.1 netbsd-9-0-RELEASE:1.2 netbsd-9-0-RC2:1.2 netbsd-9-0-RC1:1.2 phil-wifi-20191119:1.2 netbsd-9:1.2.0.4 netbsd-9-base:1.2 phil-wifi-20190609:1.2 netbsd-8-1-RELEASE:1.1.1.1.44.1 netbsd-8-1-RC1:1.1.1.1.44.1 pgoyette-compat-merge-20190127:1.1.1.1.50.1 pgoyette-compat-20190127:1.2 pgoyette-compat-20190118:1.2 pgoyette-compat-1226:1.2 pgoyette-compat-1126:1.2 bozohttpd-20181125:1.2 bozohttpd-20181123:1.2 bozohttpd-20181121:1.2 bozohttpd-20181118:1.2 pgoyette-compat-1020:1.2 pgoyette-compat-0930:1.2 pgoyette-compat-0906:1.2 netbsd-7-2-RELEASE:1.1.1.1 pgoyette-compat-0728:1.2 netbsd-8-0-RELEASE:1.1.1.1 phil-wifi:1.2.0.2 phil-wifi-base:1.2 pgoyette-compat-0625:1.2 netbsd-8-0-RC2:1.1.1.1 pgoyette-compat-0521:1.2 pgoyette-compat-0502:1.2 pgoyette-compat-0422:1.1.1.1 netbsd-8-0-RC1:1.1.1.1 pgoyette-compat-0415:1.1.1.1 pgoyette-compat-0407:1.1.1.1 pgoyette-compat-0330:1.1.1.1 pgoyette-compat-0322:1.1.1.1 pgoyette-compat-0315:1.1.1.1 netbsd-7-1-2-RELEASE:1.1.1.1 pgoyette-compat:1.1.1.1.0.50 pgoyette-compat-base:1.1.1.1 netbsd-7-1-1-RELEASE:1.1.1.1 matt-nb8-mediatek:1.1.1.1.0.48 matt-nb8-mediatek-base:1.1.1.1 perseant-stdc-iso10646:1.1.1.1.0.46 perseant-stdc-iso10646-base:1.1.1.1 netbsd-8:1.1.1.1.0.44 netbsd-8-base:1.1.1.1 prg-localcount2-base3:1.1.1.1 prg-localcount2-base2:1.1.1.1 prg-localcount2-base1:1.1.1.1 prg-localcount2:1.1.1.1.0.42 prg-localcount2-base:1.1.1.1 pgoyette-localcount-20170426:1.1.1.1 bouyer-socketcan-base1:1.1.1.1 pgoyette-localcount-20170320:1.1.1.1 netbsd-7-1:1.1.1.1.0.40 netbsd-7-1-RELEASE:1.1.1.1 netbsd-7-1-RC2:1.1.1.1 netbsd-7-nhusb-base-20170116:1.1.1.1 bouyer-socketcan:1.1.1.1.0.38 bouyer-socketcan-base:1.1.1.1 pgoyette-localcount-20170107:1.1.1.1 netbsd-7-1-RC1:1.1.1.1 pgoyette-localcount-20161104:1.1.1.1 netbsd-7-0-2-RELEASE:1.1.1.1 localcount-20160914:1.1.1.1 netbsd-7-nhusb:1.1.1.1.0.36 netbsd-7-nhusb-base:1.1.1.1 pgoyette-localcount-20160806:1.1.1.1 pgoyette-localcount-20160726:1.1.1.1 pgoyette-localcount:1.1.1.1.0.34 pgoyette-localcount-base:1.1.1.1 netbsd-7-0-1-RELEASE:1.1.1.1 netbsd-7-0:1.1.1.1.0.32 netbsd-7-0-RELEASE:1.1.1.1 netbsd-7-0-RC3:1.1.1.1 netbsd-7-0-RC2:1.1.1.1 netbsd-7-0-RC1:1.1.1.1 bozohttpd-20150320:1.1.1.1 bozohttpd-20141225:1.1.1.1 netbsd-5-2-3-RELEASE:1.1.1.1.26.2 netbsd-5-1-5-RELEASE:1.1.1.1.28.2 netbsd-6-0-6-RELEASE:1.1.1.1 netbsd-6-1-5-RELEASE:1.1.1.1 netbsd-7:1.1.1.1.0.30 netbsd-7-base:1.1.1.1 netbsd-5-1:1.1.1.1.0.28 netbsd-5-2:1.1.1.1.0.26 netbsd-5:1.1.1.1.0.24 yamt-pagecache-base9:1.1.1.1 yamt-pagecache-tag8:1.1.1.1 netbsd-6-1-4-RELEASE:1.1.1.1 netbsd-6-0-5-RELEASE:1.1.1.1 tls-earlyentropy:1.1.1.1.0.22 tls-earlyentropy-base:1.1.1.1 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.1.1.1 riastradh-drm2-base3:1.1.1.1 netbsd-6-1-3-RELEASE:1.1.1.1 netbsd-6-0-4-RELEASE:1.1.1.1 bozohttpd-20140102:1.1.1.1 netbsd-6-1-2-RELEASE:1.1.1.1 netbsd-6-0-3-RELEASE:1.1.1.1 netbsd-6-1-1-RELEASE:1.1.1.1 riastradh-drm2-base2:1.1.1.1 riastradh-drm2-base1:1.1.1.1 riastradh-drm2:1.1.1.1.0.16 riastradh-drm2-base:1.1.1.1 bozohttpd-20130711:1.1.1.1 netbsd-6-1:1.1.1.1.0.20 netbsd-6-0-2-RELEASE:1.1.1.1 netbsd-6-1-RELEASE:1.1.1.1 netbsd-6-1-RC4:1.1.1.1 netbsd-6-1-RC3:1.1.1.1 agc-symver:1.1.1.1.0.18 agc-symver-base:1.1.1.1 netbsd-6-1-RC2:1.1.1.1 netbsd-6-1-RC1:1.1.1.1 yamt-pagecache-base8:1.1.1.1 netbsd-6-0-1-RELEASE:1.1.1.1 yamt-pagecache-base7:1.1.1.1 matt-nb6-plus-nbase:1.1.1.1 yamt-pagecache-base6:1.1.1.1 netbsd-6-0:1.1.1.1.0.14 netbsd-6-0-RELEASE:1.1.1.1 netbsd-6-0-RC2:1.1.1.1 tls-maxphys:1.1.1.1.0.12 tls-maxphys-base:1.1.1.1 matt-nb6-plus:1.1.1.1.0.10 matt-nb6-plus-base:1.1.1.1 netbsd-6-0-RC1:1.1.1.1 yamt-pagecache-base5:1.1.1.1 yamt-pagecache-base4:1.1.1.1 netbsd-6:1.1.1.1.0.8 netbsd-6-base:1.1.1.1 bozohttpd-20111118:1.1.1.1 yamt-pagecache-base3:1.1.1.1 yamt-pagecache-base2:1.1.1.1 yamt-pagecache:1.1.1.1.0.6 yamt-pagecache-base:1.1.1.1 cherry-xenmp:1.1.1.1.0.4 cherry-xenmp-base:1.1.1.1 bouyer-quota2-nbase:1.1.1.1 bouyer-quota2:1.1.1.1.0.2 bouyer-quota2-base:1.1.1.1 matt-mips64-premerge-20101231:1.1.1.1 bozohttpd-20100920:1.1.1.1 bozohttpd-20100621:1.1.1.1 bozohttpd-20100617:1.1.1.1 bozohttpd-20100512:1.1.1.1 bozohttpd-20100510:1.1.1.1 bozohttpd-20100509:1.1.1.1 bozohttpd:1.1.1; locks; strict; comment @# @; 1.2 date 2018.05.02.00.03.27; author sevan; state Exp; branches; next 1.1; commitid FvbAHPjCvrfHzEAA; 1.1 date 2010.05.10.03.30.04; author mrg; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2010.05.10.03.30.04; author mrg; state Exp; branches 1.1.1.1.24.1 1.1.1.1.26.1 1.1.1.1.28.1 1.1.1.1.30.1 1.1.1.1.32.1 1.1.1.1.40.1 1.1.1.1.44.1 1.1.1.1.50.1; next ; 1.1.1.1.24.1 date 2010.05.10.03.30.04; author msaitoh; state dead; branches; next 1.1.1.1.24.2; commitid 6P3UulRicc5jrIHx; 1.1.1.1.24.2 date 2014.07.09.15.21.21; author msaitoh; state Exp; branches; next ; commitid 6P3UulRicc5jrIHx; 1.1.1.1.26.1 date 2010.05.10.03.30.04; author msaitoh; state dead; branches; next 1.1.1.1.26.2; commitid vGNE3klASBlIFIHx; 1.1.1.1.26.2 date 2014.07.09.16.04.13; author msaitoh; state Exp; branches; next ; commitid vGNE3klASBlIFIHx; 1.1.1.1.28.1 date 2010.05.10.03.30.04; author msaitoh; state dead; branches; next 1.1.1.1.28.2; commitid NgScSkUrfSmYHIHx; 1.1.1.1.28.2 date 2014.07.09.16.09.39; author msaitoh; state Exp; branches; next ; commitid NgScSkUrfSmYHIHx; 1.1.1.1.30.1 date 2018.11.24.17.22.58; author martin; state Exp; branches; next ; commitid 9CQaC30uxHyxId1B; 1.1.1.1.32.1 date 2018.11.24.17.23.48; author martin; state Exp; branches; next ; commitid ynOo4QuCZaJNId1B; 1.1.1.1.40.1 date 2018.11.24.17.23.21; author martin; state Exp; branches; next ; commitid IwFcHr2C6ZuGId1B; 1.1.1.1.44.1 date 2018.11.24.17.13.51; author martin; state Exp; branches; next ; commitid uWLCjvlvfCBpFd1B; 1.1.1.1.50.1 date 2018.05.02.07.20.01; author pgoyette; state Exp; branches; next ; commitid o3kRuNRzl9360HAA; desc @@ 1.2 log @Unbreak script for Lua 5.3. This change breaks support for older releases of Lua. @ text @-- Lua command line option parser. -- Interface based on Pythons optparse. -- http://docs.python.org/lib/module-optparse.html -- (c) 2008 David Manura, Licensed under the same terms as Lua (MIT license) -- -- To be used like this: -- t={usage="", version=""} -- op=OptionParser(t) -- op=add_option{"", action=, dest=, help=""} -- -- with : -- the option string to be used (can be anything, if one letter opt, then should be -x val, more letters: -xy=val ) -- one of -- - store: store in options as key, val -- - store_true: stores key, true -- - store_false: stores key, false -- is the key under which the option is saved -- -- options,args = op.parse_args() -- -- now options is the table of options (key, val) and args is the table with non-option arguments. -- You can use op.fail(message) for failing and op.print_help() for printing the usage as you like. function OptionParser(t) local usage = t.usage local version = t.version local o = {} local option_descriptions = {} local option_of = {} function o.fail(s) -- extension io.stderr:write(s .. '\n') os.exit(1) end function o.add_option(optdesc) option_descriptions[#option_descriptions+1] = optdesc for _,v in ipairs(optdesc) do option_of[v] = optdesc end end function o.parse_args() -- expand options (e.g. "--input=file" -> "--input", "file") local arg = {table.unpack(arg)} for i=#arg,1,-1 do local v = arg[i] local flag, val = v:match('^(%-%-%w+)=(.*)') if flag then arg[i] = flag table.insert(arg, i+1, val) end end local options = {} local args = {} local i = 1 while i <= #arg do local v = arg[i] local optdesc = option_of[v] if optdesc then local action = optdesc.action local val if action == 'store' or action == nil then i = i + 1 val = arg[i] if not val then o.fail('option requires an argument ' .. v) end elseif action == 'store_true' then val = true elseif action == 'store_false' then val = false end options[optdesc.dest] = val else if v:match('^%-') then o.fail('invalid option ' .. v) end args[#args+1] = v end i = i + 1 end if options.help then o.print_help() os.exit() end if options.version then io.stdout:write(t.version .. "\n") os.exit() end return options, args end local function flags_str(optdesc) local sflags = {} local action = optdesc.action for _,flag in ipairs(optdesc) do local sflagend if action == nil or action == 'store' then local metavar = optdesc.metavar or optdesc.dest:upper() sflagend = #flag == 2 and ' ' .. metavar or '=' .. metavar else sflagend = '' end sflags[#sflags+1] = flag .. sflagend end return table.concat(sflags, ', ') end function o.print_help() io.stdout:write("Usage: " .. usage:gsub('%%prog', arg[0]) .. "\n") io.stdout:write("\n") io.stdout:write("Options:\n") for _,optdesc in ipairs(option_descriptions) do io.stdout:write(" " .. flags_str(optdesc) .. " " .. optdesc.help .. "\n") end end o.add_option{"--help", action="store_true", dest="help", help="show this help message and exit"} if t.version then o.add_option{"--version", action="store_true", dest="version", help="output version info."} end return o end @ 1.1 log @Initial revision @ text @d45 1 a45 1 local arg = {unpack(arg)} @ 1.1.1.1 log @import bozohttpd 20100509. it has these changes: o major rework and clean up of internal interfaces. move the main program into main.c, the remaining parts are useable as library. add bindings for lua. by Alistair G. Crooks o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325 special thanks to al for the majority of these changes. @ text @@ 1.1.1.1.32.1 log @Sync to HEAD (requested by mrg in ticket #1655): libexec/httpd/testsuite/data/.bzremap up to 1.1 libexec/httpd/testsuite/t12.out up to 1.1 libexec/httpd/testsuite/t12.in up to 1.1 libexec/httpd/testsuite/t13.out up to 1.1 libexec/httpd/testsuite/t13.in up to 1.1 libexec/httpd/testsuite/t14.out up to 1.1 libexec/httpd/testsuite/t14.in up to 1.1 libexec/httpd/testsuite/t15.out up to 1.1 libexec/httpd/testsuite/t15.in up to 1.1 libexec/httpd/CHANGES up to 1.28 libexec/httpd/Makefile up to 1.27 libexec/httpd/auth-bozo.c up to 1.22 libexec/httpd/bozohttpd.8 up to 1.74 libexec/httpd/bozohttpd.c up to 1.96 libexec/httpd/bozohttpd.h up to 1.56 libexec/httpd/cgi-bozo.c up to 1.44 libexec/httpd/content-bozo.c up to 1.16 libexec/httpd/daemon-bozo.c up to 1.19 libexec/httpd/dir-index-bozo.c up to 1.28 libexec/httpd/lua-bozo.c up to 1.15 libexec/httpd/main.c up to 1.21 libexec/httpd/ssl-bozo.c up to 1.25 libexec/httpd/tilde-luzah-bozo.c up to 1.16 libexec/httpd/libbozohttpd/Makefile up to 1.3 libexec/httpd/lua/bozo.lua up to 1.3 libexec/httpd/lua/glue.c up to 1.5 libexec/httpd/lua/optparse.lua up to 1.2 libexec/httpd/testsuite/Makefile up to 1.11 libexec/httpd/testsuite/html_cmp up to 1.6 libexec/httpd/testsuite/t3.out up to 1.4 libexec/httpd/testsuite/t5.out up to 1.4 libexec/httpd/testsuite/t6.out up to 1.4 libexec/httpd/testsuite/test-bigfile up to 1.5 libexec/httpd/testsuite/test-simple up to 1.5 Cosmetic changes to Lua binding in bozohttpd. - Don't use negative indicies to read arguments of Lua functions. - On error, return nil, "error string". - Use ssize_t for return values from bozo_read() and bozo_write(). - Prefer lstring especially when if saves you from appending NUL and doing len + 1 which can potentially wraparound. - Don't mix C allocations with Lua functions marked with "m" in the Lua manual. Those functions may throw (longjump) and leak data allocated by C function. In one case, I use luaL_Buffer, in the other case, I rearranged calls a bit. fix ordering of a couple of words. from Edgar Pettijohn in PR#52375. thanks! s/u_int/unsigned/. from Jan Danielsson. increases/fixes portability. PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism sometimes with EFAULT due to not NULL terminated environment. Document script handler issues with httpd(8). From martin@@, addressing PR 52194. While here, use American spelling consistently and upper-case some abbreviations. Bump date. fix output since protocol agnostic change went in. XXX: i thought someone hooked this into atf already, please do :) Add support for remapping requested paths via a .bzredirect file. Fixes PR 52772. Ok: mrg@@ Bump date Remove trailing whitespace. use __func__ in debug(). fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. avoid memory leak in sending multiple auth headers. mostly mitigated by previous patch to limit total header size, but still a real problem here. note the changes present in bozohttpd 20181118: o add url remap support via .bzremap file, from martin%netbsd.org@@localhost o handle redirections for any protocol, not just http: o fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. from CHANGES: o reduce default timeouts, and add expand timeouts to handle the initial line, each header, and the total time spent o add -T option to expose new timeout settings o minor RFC fixes related to timeout handling responses old timeouts: 60 seconds for initial request like, 60 seconds per header line, and no whole timeout (though the recent total header size changes do introduce one that would be about 11 hours.) new timeouts: 30 seconds for initial request like, 10 seconds per header line, and a total request time of 600 seconds. the new global timeout is implemented using CLOCK_MONOTONIC, with a fallback to CLOCK_REALTIME if monotonic time is unavailable. reject multiple Host: headers. besides being protocol standard, this closes one additional memory leak found by JP. add a simple test to check this. clean up option and usage handling some. move some #if support into bozohttpd.h. fix previous: have_debug was reversed. also fix have_dynamic_content from the previous previous. re-order the debug and dynamic content to match the same pattern as everything else so similar problems are less likely in the future. - move special files defines into bozohttpd.h, so we can ... - consolidate all the special file checks into bozo_check_special_files() so that all builds check the same list of special files, regardless of build options. - convert "(void)bozo_http_error(...); return -1;" into plain "return bozo_http_error(...);" - fix the call to bozo_check_special_files() to be used on all input types. part of the fixes for failure to reject access to /.htpasswd as reported by JP on tech-security. - use warn_unused_result attribute on bozo_check_special_files(), and fix the failures to return failure. second part of the htpasswd access fix. - update testsuite to use a fixed fake hostname. call this bozohttpd 20181121. two fixes reported by mouse: - don't check contents of 'st' if stat(2) failed. - round up instead of truncate. now 10000 byte files say 10kB not 9kB. use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining: WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd) many clean ups: - keep a list of special files and their human names - remove (void) casts on bozo_http_error() - fix a few more misuses of bozo_http_error() - rename check_mapping() to check_remap() and perform some CSE - switch away from ``%s'' to '%s' - remove a bunch of #ifdef using new have_feature defines alpha sort the option switch. add an assert() check on array bounds. minor style fixes. simplify bozo_match_content_map(). @ text @d45 1 a45 1 local arg = {table.unpack(arg)} @ 1.1.1.1.40.1 log @Sync to HEAD (requested by mrg in ticket #1655): libexec/httpd/testsuite/data/.bzremap up to 1.1 libexec/httpd/testsuite/t12.out up to 1.1 libexec/httpd/testsuite/t12.in up to 1.1 libexec/httpd/testsuite/t13.out up to 1.1 libexec/httpd/testsuite/t13.in up to 1.1 libexec/httpd/testsuite/t14.out up to 1.1 libexec/httpd/testsuite/t14.in up to 1.1 libexec/httpd/testsuite/t15.out up to 1.1 libexec/httpd/testsuite/t15.in up to 1.1 libexec/httpd/CHANGES up to 1.28 libexec/httpd/Makefile up to 1.27 libexec/httpd/auth-bozo.c up to 1.22 libexec/httpd/bozohttpd.8 up to 1.74 libexec/httpd/bozohttpd.c up to 1.96 libexec/httpd/bozohttpd.h up to 1.56 libexec/httpd/cgi-bozo.c up to 1.44 libexec/httpd/content-bozo.c up to 1.16 libexec/httpd/daemon-bozo.c up to 1.19 libexec/httpd/dir-index-bozo.c up to 1.28 libexec/httpd/lua-bozo.c up to 1.15 libexec/httpd/main.c up to 1.21 libexec/httpd/ssl-bozo.c up to 1.25 libexec/httpd/tilde-luzah-bozo.c up to 1.16 libexec/httpd/libbozohttpd/Makefile up to 1.3 libexec/httpd/lua/bozo.lua up to 1.3 libexec/httpd/lua/glue.c up to 1.5 libexec/httpd/lua/optparse.lua up to 1.2 libexec/httpd/testsuite/Makefile up to 1.11 libexec/httpd/testsuite/html_cmp up to 1.6 libexec/httpd/testsuite/t3.out up to 1.4 libexec/httpd/testsuite/t5.out up to 1.4 libexec/httpd/testsuite/t6.out up to 1.4 libexec/httpd/testsuite/test-bigfile up to 1.5 libexec/httpd/testsuite/test-simple up to 1.5 Cosmetic changes to Lua binding in bozohttpd. - Don't use negative indicies to read arguments of Lua functions. - On error, return nil, "error string". - Use ssize_t for return values from bozo_read() and bozo_write(). - Prefer lstring especially when if saves you from appending NUL and doing len + 1 which can potentially wraparound. - Don't mix C allocations with Lua functions marked with "m" in the Lua manual. Those functions may throw (longjump) and leak data allocated by C function. In one case, I use luaL_Buffer, in the other case, I rearranged calls a bit. fix ordering of a couple of words. from Edgar Pettijohn in PR#52375. thanks! s/u_int/unsigned/. from Jan Danielsson. increases/fixes portability. PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism sometimes with EFAULT due to not NULL terminated environment. Document script handler issues with httpd(8). From martin@@, addressing PR 52194. While here, use American spelling consistently and upper-case some abbreviations. Bump date. fix output since protocol agnostic change went in. XXX: i thought someone hooked this into atf already, please do :) Add support for remapping requested paths via a .bzredirect file. Fixes PR 52772. Ok: mrg@@ Bump date Remove trailing whitespace. use __func__ in debug(). fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. avoid memory leak in sending multiple auth headers. mostly mitigated by previous patch to limit total header size, but still a real problem here. note the changes present in bozohttpd 20181118: o add url remap support via .bzremap file, from martin%netbsd.org@@localhost o handle redirections for any protocol, not just http: o fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. from CHANGES: o reduce default timeouts, and add expand timeouts to handle the initial line, each header, and the total time spent o add -T option to expose new timeout settings o minor RFC fixes related to timeout handling responses old timeouts: 60 seconds for initial request like, 60 seconds per header line, and no whole timeout (though the recent total header size changes do introduce one that would be about 11 hours.) new timeouts: 30 seconds for initial request like, 10 seconds per header line, and a total request time of 600 seconds. the new global timeout is implemented using CLOCK_MONOTONIC, with a fallback to CLOCK_REALTIME if monotonic time is unavailable. reject multiple Host: headers. besides being protocol standard, this closes one additional memory leak found by JP. add a simple test to check this. clean up option and usage handling some. move some #if support into bozohttpd.h. fix previous: have_debug was reversed. also fix have_dynamic_content from the previous previous. re-order the debug and dynamic content to match the same pattern as everything else so similar problems are less likely in the future. - move special files defines into bozohttpd.h, so we can ... - consolidate all the special file checks into bozo_check_special_files() so that all builds check the same list of special files, regardless of build options. - convert "(void)bozo_http_error(...); return -1;" into plain "return bozo_http_error(...);" - fix the call to bozo_check_special_files() to be used on all input types. part of the fixes for failure to reject access to /.htpasswd as reported by JP on tech-security. - use warn_unused_result attribute on bozo_check_special_files(), and fix the failures to return failure. second part of the htpasswd access fix. - update testsuite to use a fixed fake hostname. call this bozohttpd 20181121. two fixes reported by mouse: - don't check contents of 'st' if stat(2) failed. - round up instead of truncate. now 10000 byte files say 10kB not 9kB. use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining: WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd) many clean ups: - keep a list of special files and their human names - remove (void) casts on bozo_http_error() - fix a few more misuses of bozo_http_error() - rename check_mapping() to check_remap() and perform some CSE - switch away from ``%s'' to '%s' - remove a bunch of #ifdef using new have_feature defines alpha sort the option switch. add an assert() check on array bounds. minor style fixes. simplify bozo_match_content_map(). @ text @d45 1 a45 1 local arg = {table.unpack(arg)} @ 1.1.1.1.30.1 log @Sync to HEAD (requested by mrg in ticket #1655): libexec/httpd/testsuite/data/.bzremap up to 1.1 libexec/httpd/testsuite/t12.out up to 1.1 libexec/httpd/testsuite/t12.in up to 1.1 libexec/httpd/testsuite/t13.out up to 1.1 libexec/httpd/testsuite/t13.in up to 1.1 libexec/httpd/testsuite/t14.out up to 1.1 libexec/httpd/testsuite/t14.in up to 1.1 libexec/httpd/testsuite/t15.out up to 1.1 libexec/httpd/testsuite/t15.in up to 1.1 libexec/httpd/CHANGES up to 1.28 libexec/httpd/Makefile up to 1.27 libexec/httpd/auth-bozo.c up to 1.22 libexec/httpd/bozohttpd.8 up to 1.74 libexec/httpd/bozohttpd.c up to 1.96 libexec/httpd/bozohttpd.h up to 1.56 libexec/httpd/cgi-bozo.c up to 1.44 libexec/httpd/content-bozo.c up to 1.16 libexec/httpd/daemon-bozo.c up to 1.19 libexec/httpd/dir-index-bozo.c up to 1.28 libexec/httpd/lua-bozo.c up to 1.15 libexec/httpd/main.c up to 1.21 libexec/httpd/ssl-bozo.c up to 1.25 libexec/httpd/tilde-luzah-bozo.c up to 1.16 libexec/httpd/libbozohttpd/Makefile up to 1.3 libexec/httpd/lua/bozo.lua up to 1.3 libexec/httpd/lua/glue.c up to 1.5 libexec/httpd/lua/optparse.lua up to 1.2 libexec/httpd/testsuite/Makefile up to 1.11 libexec/httpd/testsuite/html_cmp up to 1.6 libexec/httpd/testsuite/t3.out up to 1.4 libexec/httpd/testsuite/t5.out up to 1.4 libexec/httpd/testsuite/t6.out up to 1.4 libexec/httpd/testsuite/test-bigfile up to 1.5 libexec/httpd/testsuite/test-simple up to 1.5 Cosmetic changes to Lua binding in bozohttpd. - Don't use negative indicies to read arguments of Lua functions. - On error, return nil, "error string". - Use ssize_t for return values from bozo_read() and bozo_write(). - Prefer lstring especially when if saves you from appending NUL and doing len + 1 which can potentially wraparound. - Don't mix C allocations with Lua functions marked with "m" in the Lua manual. Those functions may throw (longjump) and leak data allocated by C function. In one case, I use luaL_Buffer, in the other case, I rearranged calls a bit. fix ordering of a couple of words. from Edgar Pettijohn in PR#52375. thanks! s/u_int/unsigned/. from Jan Danielsson. increases/fixes portability. PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism sometimes with EFAULT due to not NULL terminated environment. Document script handler issues with httpd(8). From martin@@, addressing PR 52194. While here, use American spelling consistently and upper-case some abbreviations. Bump date. fix output since protocol agnostic change went in. XXX: i thought someone hooked this into atf already, please do :) Add support for remapping requested paths via a .bzredirect file. Fixes PR 52772. Ok: mrg@@ Bump date Remove trailing whitespace. use __func__ in debug(). fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. avoid memory leak in sending multiple auth headers. mostly mitigated by previous patch to limit total header size, but still a real problem here. note the changes present in bozohttpd 20181118: o add url remap support via .bzremap file, from martin%netbsd.org@@localhost o handle redirections for any protocol, not just http: o fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. from CHANGES: o reduce default timeouts, and add expand timeouts to handle the initial line, each header, and the total time spent o add -T option to expose new timeout settings o minor RFC fixes related to timeout handling responses old timeouts: 60 seconds for initial request like, 60 seconds per header line, and no whole timeout (though the recent total header size changes do introduce one that would be about 11 hours.) new timeouts: 30 seconds for initial request like, 10 seconds per header line, and a total request time of 600 seconds. the new global timeout is implemented using CLOCK_MONOTONIC, with a fallback to CLOCK_REALTIME if monotonic time is unavailable. reject multiple Host: headers. besides being protocol standard, this closes one additional memory leak found by JP. add a simple test to check this. clean up option and usage handling some. move some #if support into bozohttpd.h. fix previous: have_debug was reversed. also fix have_dynamic_content from the previous previous. re-order the debug and dynamic content to match the same pattern as everything else so similar problems are less likely in the future. - move special files defines into bozohttpd.h, so we can ... - consolidate all the special file checks into bozo_check_special_files() so that all builds check the same list of special files, regardless of build options. - convert "(void)bozo_http_error(...); return -1;" into plain "return bozo_http_error(...);" - fix the call to bozo_check_special_files() to be used on all input types. part of the fixes for failure to reject access to /.htpasswd as reported by JP on tech-security. - use warn_unused_result attribute on bozo_check_special_files(), and fix the failures to return failure. second part of the htpasswd access fix. - update testsuite to use a fixed fake hostname. call this bozohttpd 20181121. two fixes reported by mouse: - don't check contents of 'st' if stat(2) failed. - round up instead of truncate. now 10000 byte files say 10kB not 9kB. use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining: WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd) many clean ups: - keep a list of special files and their human names - remove (void) casts on bozo_http_error() - fix a few more misuses of bozo_http_error() - rename check_mapping() to check_remap() and perform some CSE - switch away from ``%s'' to '%s' - remove a bunch of #ifdef using new have_feature defines alpha sort the option switch. add an assert() check on array bounds. minor style fixes. simplify bozo_match_content_map(). @ text @d45 1 a45 1 local arg = {table.unpack(arg)} @ 1.1.1.1.44.1 log @Sync to HEAD (requested by mrg in ticket #1104) libexec/httpd/testsuite/data/.bzremap up to 1.1 libexec/httpd/testsuite/t12.out up to 1.1 libexec/httpd/testsuite/t12.in up to 1.1 libexec/httpd/testsuite/t13.out up to 1.1 libexec/httpd/testsuite/t13.in up to 1.1 libexec/httpd/testsuite/t14.out up to 1.1 libexec/httpd/testsuite/t14.in up to 1.1 libexec/httpd/testsuite/t15.out up to 1.1 libexec/httpd/testsuite/t15.in up to 1.1 libexec/httpd/CHANGES up to 1.28 libexec/httpd/auth-bozo.c up to 1.22 libexec/httpd/bozohttpd.8 up to 1.74 libexec/httpd/bozohttpd.c up to 1.96 libexec/httpd/bozohttpd.h up to 1.56 libexec/httpd/cgi-bozo.c up to 1.44 libexec/httpd/content-bozo.c up to 1.16 libexec/httpd/daemon-bozo.c up to 1.19 libexec/httpd/dir-index-bozo.c up to 1.28 libexec/httpd/main.c up to 1.21 libexec/httpd/ssl-bozo.c up to 1.25 libexec/httpd/tilde-luzah-bozo.c up to 1.16 libexec/httpd/lua/bozo.lua up to 1.3 libexec/httpd/lua/glue.c up to 1.5 libexec/httpd/lua/optparse.lua up to 1.2 libexec/httpd/testsuite/Makefile up to 1.11 libexec/httpd/testsuite/html_cmp up to 1.6 libexec/httpd/testsuite/t3.out up to 1.4 libexec/httpd/testsuite/t5.out up to 1.4 libexec/httpd/testsuite/t6.out up to 1.4 libexec/httpd/testsuite/test-bigfile up to 1.5 libexec/httpd/testsuite/test-simple up to 1.5 Cosmetic changes to Lua binding in bozohttpd. - Don't use negative indicies to read arguments of Lua functions. - On error, return nil, "error string". - Use ssize_t for return values from bozo_read() and bozo_write(). - Prefer lstring especially when if saves you from appending NUL and doing len + 1 which can potentially wraparound. - Don't mix C allocations with Lua functions marked with "m" in the Lua manual. Those functions may throw (longjump) and leak data allocated by C function. In one case, I use luaL_Buffer, in the other case, I rearranged calls a bit. fix ordering of a couple of words. from Edgar Pettijohn in PR#52375. thanks! s/u_int/unsigned/. from Jan Danielsson. increases/fixes portability. PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism sometimes with EFAULT due to not NULL terminated environment. Document script handler issues with httpd(8). From martin@@, addressing PR 52194. While here, use American spelling consistently and upper-case some abbreviations. Bump date. fix output since protocol agnostic change went in. XXX: i thought someone hooked this into atf already, please do :) Add support for remapping requested paths via a .bzredirect file. Fixes PR 52772. Ok: mrg@@ Bump date Remove trailing whitespace. use __func__ in debug(). fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. avoid memory leak in sending multiple auth headers. mostly mitigated by previous patch to limit total header size, but still a real problem here. note the changes present in bozohttpd 20181118: o add url remap support via .bzremap file, from martin%netbsd.org@@localhost o handle redirections for any protocol, not just http: o fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP. from CHANGES: o reduce default timeouts, and add expand timeouts to handle the initial line, each header, and the total time spent o add -T option to expose new timeout settings o minor RFC fixes related to timeout handling responses old timeouts: 60 seconds for initial request like, 60 seconds per header line, and no whole timeout (though the recent total header size changes do introduce one that would be about 11 hours.) new timeouts: 30 seconds for initial request like, 10 seconds per header line, and a total request time of 600 seconds. the new global timeout is implemented using CLOCK_MONOTONIC, with a fallback to CLOCK_REALTIME if monotonic time is unavailable. reject multiple Host: headers. besides being protocol standard, this closes one additional memory leak found by JP. add a simple test to check this. clean up option and usage handling some. move some #if support into bozohttpd.h. fix previous: have_debug was reversed. also fix have_dynamic_content from the previous previous. re-order the debug and dynamic content to match the same pattern as everything else so similar problems are less likely in the future. - move special files defines into bozohttpd.h, so we can ... - consolidate all the special file checks into bozo_check_special_files() so that all builds check the same list of special files, regardless of build options. - convert "(void)bozo_http_error(...); return -1;" into plain "return bozo_http_error(...);" - fix the call to bozo_check_special_files() to be used on all input types. part of the fixes for failure to reject access to /.htpasswd as reported by JP on tech-security. - use warn_unused_result attribute on bozo_check_special_files(), and fix the failures to return failure. second part of the htpasswd access fix. - update testsuite to use a fixed fake hostname. call this bozohttpd 20181121. two fixes reported by mouse: - don't check contents of 'st' if stat(2) failed. - round up instead of truncate. now 10000 byte files say 10kB not 9kB. use MAP_SHARED for the bzremap file. avoids netbsd kernel complaining: WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd) many clean ups: - keep a list of special files and their human names - remove (void) casts on bozo_http_error() - fix a few more misuses of bozo_http_error() - rename check_mapping() to check_remap() and perform some CSE - switch away from ``%s'' to '%s' - remove a bunch of #ifdef using new have_feature defines alpha sort the option switch. add an assert() check on array bounds. minor style fixes. simplify bozo_match_content_map(). @ text @d45 1 a45 1 local arg = {table.unpack(arg)} @ 1.1.1.1.50.1 log @Synch with HEAD @ text @d45 1 a45 1 local arg = {table.unpack(arg)} @ 1.1.1.1.28.1 log @file optparse.lua was added on branch netbsd-5-1 on 2014-07-09 16:09:39 +0000 @ text @d1 123 @ 1.1.1.1.28.2 log @Pull up following revision(s) (requested by mrg in ticket #1913): libexec/httpd/CHANGES 1.3-1.18 libexec/httpd/Makefile 1.8-1.22 via patch libexec/httpd/Makefile.boot 1.3-1.6 libexec/httpd/auth-bozo.c 1.5-1.13 libexec/httpd/bozohttpd.8 1.6-1.46 libexec/httpd/bozohttpd.c 1.8,1.12-1.54 libexec/httpd/bozohttpd.h 1.8-1.32 libexec/httpd/cgi-bozo.c 1.11-1.25 libexec/httpd/content-bozo.c 1.4-1.10 libexec/httpd/daemon-bozo.c 1.5-1.16 libexec/httpd/dir-index-bozo.c 1.6-1.19 libexec/httpd/ssl-bozo.c 1.5-1.16 libexec/httpd/tilde-luzah-bozo.c 1.5-1.10 libexec/httpd/lua-bozo.c 1.1-1.9 libexec/httpd/main.c 1.1-1.7 libexec/httpd/netbsd_queue.h 1.1 libexec/httpd/printenv.lua 1.1-1.2 libexec/httpd/debug/Makefile 1.1 libexec/httpd/libbozohttpd/Makefile 1.2 libexec/httpd/libbozohttpd/libbozohttpd.3 1.3 libexec/httpd/libbozohttpd/shlib_version 1.1 libexec/httpd/lua/Makefile 1.1 libexec/httpd/lua/bozo.lua 1.1 libexec/httpd/lua/glue.c 1.1 libexec/httpd/lua/optparse.lua 1.1 libexec/httpd/lua/shlib_version 1.1 libexec/httpd/small/Makefile 1.1-1.2 libexec/httpd/testsuite/Makefile 1.4 libexec/httpd/testsuite/html_cmp 1.4 libexec/httpd/testsuite/t1.in 1.3 libexec/httpd/testsuite/t1.out 1.3 libexec/httpd/testsuite/t10.in 1.1 libexec/httpd/testsuite/t10.out 1.1 libexec/httpd/testsuite/t2.in 1.3 libexec/httpd/testsuite/t2.out 1.3 libexec/httpd/testsuite/t3.in 1.3 libexec/httpd/testsuite/t3.out 1.3 libexec/httpd/testsuite/t4.in 1.3 libexec/httpd/testsuite/t4.out 1.3 libexec/httpd/testsuite/t5.in 1.3 libexec/httpd/testsuite/t5.out 1.3 libexec/httpd/testsuite/t6.in 1.3 libexec/httpd/testsuite/t6.out 1.3 libexec/httpd/testsuite/t7.in 1.3 libexec/httpd/testsuite/t7.out 1.3 libexec/httpd/testsuite/t8.in 1.3 libexec/httpd/testsuite/t8.out 1.3 libexec/httpd/testsuite/t9.in 1.3 libexec/httpd/testsuite/t9.out 1.3 libexec/httpd/testsuite/test-bigfile 1.1 libexec/httpd/testsuite/data/bigfile 1.1 libexec/httpd/testsuite/data/bigfile.partial4000 1.1 libexec/httpd/testsuite/data/bigfile.partial8000 1.1 libexec/httpd/testsuite/data/file 1.3 libexec/httpd/testsuite/data/index.html 1.3 Update bozohttpd from 20080303+patches to 20140708. changes in bozohttpd 20140708: o fixes for virtual host support, from rajeev_v_pillai@@yahoo.com o avoid printing double errors, from shm@@netbsd.org o fix a security issue in basic HTTP authentication which would allow authentication to be bypassed, from shm@@netbsd.org changes in bozohttpd 20140201: o support .svg files o fix a core dump when requests timeout changes in bozohttpd 20140102: o update a few content types o add support for directly calling lua scripts to handle processes, from mbalmer@@netbsd.org o properly escape generated HTML o add authentication for redirections, from martin@@netbsd.org o handle chained ssl certifications, from elric@@netbsd.org o add basic support for gzipped files, from elric@@netbsd.org o properly escape generated URIs changes in bozohttpd 20111118: o add -P option, from jmmv@@netbsd.org o avoid crashes with http basic auth, from pooka@@netbsd.org o add support for REDIRECT_STATUS variable, from tls@@netbsd.org o support .mp4 files in the default map o directory indexes with files with : are now displayed properly, from reed@@netbsd.org o allow -I option to be useful in non-inetd mode as well changes in bozohttpd 20100920: o properly fully disable multi-file mode for now o fix the -t and -U options when used without the -e option, broken since the library-ifcation o be explicit that logs go to the FTP facility in syslog o use scandir() with alphasort() for sorted directory lists, from moof o fix a serious error in vhost handling; "Host:.." would allow access to the next level directory from the virtual root directory, from seanb o fix some various non standard compile time errors, from rudolf o fix dynamic CGI content maps, from rudolf changes in bozohttpd 20100617: o fix some compile issues o fix SSL mode. from rtr o fix some cgi-bin issues, as seen with cvsweb o disable multi-file daemon mode for now, it breaks o return 404's instead of 403's when chdir of ~user dirs fail o remove "noreturn" attribute from bozo_http_error() that was causing incorrect runtime behaviour changes in bozohttpd 20100509: o major rework and clean up of internal interfaces. move the main program into main.c, the remaining parts are useable as library. add bindings for lua. by Alistair G. Crooks o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325 changes in bozohttpd 20090522: o avoid dying in daemon mode for some uncommon, but recoverable, errors o close leaking file descriptors for CGI and daemon mode o handle poll errors properly o don't try to handle more than one request per process yet o add subdirs for build "debug" and "small" versions o clean up a bad merge / duplicate code o make mmap() usage portable, fixes linux & ranges: support o document the -f option o daemon mode now serves 6 files per child changes in bozohttpd 20090417: o make bozohttpd internally more modular, preparing the way to handle more than one request per process o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix cgi-bin with cvsweb, from Holger Weiss o fix an uninitialised variable use in daemon mode o fix ssl mode with newer OpenSSL o mmap large files in manageable sizes so we can serve any size file o refactor url processing to handle query strings correctly for CGI from Sergey Katsev at Coyote Point o add If-Modified-Since support, from Joerg Sonnenberger o many more manual fixes, from NetBSD @ text @a0 123 -- Lua command line option parser. -- Interface based on Pythons optparse. -- http://docs.python.org/lib/module-optparse.html -- (c) 2008 David Manura, Licensed under the same terms as Lua (MIT license) -- -- To be used like this: -- t={usage="", version=""} -- op=OptionParser(t) -- op=add_option{"", action=, dest=, help=""} -- -- with : -- the option string to be used (can be anything, if one letter opt, then should be -x val, more letters: -xy=val ) -- one of -- - store: store in options as key, val -- - store_true: stores key, true -- - store_false: stores key, false -- is the key under which the option is saved -- -- options,args = op.parse_args() -- -- now options is the table of options (key, val) and args is the table with non-option arguments. -- You can use op.fail(message) for failing and op.print_help() for printing the usage as you like. function OptionParser(t) local usage = t.usage local version = t.version local o = {} local option_descriptions = {} local option_of = {} function o.fail(s) -- extension io.stderr:write(s .. '\n') os.exit(1) end function o.add_option(optdesc) option_descriptions[#option_descriptions+1] = optdesc for _,v in ipairs(optdesc) do option_of[v] = optdesc end end function o.parse_args() -- expand options (e.g. "--input=file" -> "--input", "file") local arg = {unpack(arg)} for i=#arg,1,-1 do local v = arg[i] local flag, val = v:match('^(%-%-%w+)=(.*)') if flag then arg[i] = flag table.insert(arg, i+1, val) end end local options = {} local args = {} local i = 1 while i <= #arg do local v = arg[i] local optdesc = option_of[v] if optdesc then local action = optdesc.action local val if action == 'store' or action == nil then i = i + 1 val = arg[i] if not val then o.fail('option requires an argument ' .. v) end elseif action == 'store_true' then val = true elseif action == 'store_false' then val = false end options[optdesc.dest] = val else if v:match('^%-') then o.fail('invalid option ' .. v) end args[#args+1] = v end i = i + 1 end if options.help then o.print_help() os.exit() end if options.version then io.stdout:write(t.version .. "\n") os.exit() end return options, args end local function flags_str(optdesc) local sflags = {} local action = optdesc.action for _,flag in ipairs(optdesc) do local sflagend if action == nil or action == 'store' then local metavar = optdesc.metavar or optdesc.dest:upper() sflagend = #flag == 2 and ' ' .. metavar or '=' .. metavar else sflagend = '' end sflags[#sflags+1] = flag .. sflagend end return table.concat(sflags, ', ') end function o.print_help() io.stdout:write("Usage: " .. usage:gsub('%%prog', arg[0]) .. "\n") io.stdout:write("\n") io.stdout:write("Options:\n") for _,optdesc in ipairs(option_descriptions) do io.stdout:write(" " .. flags_str(optdesc) .. " " .. optdesc.help .. "\n") end end o.add_option{"--help", action="store_true", dest="help", help="show this help message and exit"} if t.version then o.add_option{"--version", action="store_true", dest="version", help="output version info."} end return o end @ 1.1.1.1.26.1 log @file optparse.lua was added on branch netbsd-5-2 on 2014-07-09 16:04:13 +0000 @ text @d1 123 @ 1.1.1.1.26.2 log @Pull up following revision(s) (requested by mrg in ticket #1913): libexec/httpd/CHANGES 1.3-1.18 libexec/httpd/Makefile 1.8-1.22 via patch libexec/httpd/Makefile.boot 1.3-1.6 libexec/httpd/auth-bozo.c 1.5-1.13 libexec/httpd/bozohttpd.8 1.6-1.46 libexec/httpd/bozohttpd.c 1.8,1.12-1.54 libexec/httpd/bozohttpd.h 1.8-1.32 libexec/httpd/cgi-bozo.c 1.11-1.25 libexec/httpd/content-bozo.c 1.4-1.10 libexec/httpd/daemon-bozo.c 1.5-1.16 libexec/httpd/dir-index-bozo.c 1.6-1.19 libexec/httpd/ssl-bozo.c 1.5-1.16 libexec/httpd/tilde-luzah-bozo.c 1.5-1.10 libexec/httpd/lua-bozo.c 1.1-1.9 libexec/httpd/main.c 1.1-1.7 libexec/httpd/netbsd_queue.h 1.1 libexec/httpd/printenv.lua 1.1-1.2 libexec/httpd/debug/Makefile 1.1 libexec/httpd/libbozohttpd/Makefile 1.2 libexec/httpd/libbozohttpd/libbozohttpd.3 1.3 libexec/httpd/libbozohttpd/shlib_version 1.1 libexec/httpd/lua/Makefile 1.1 libexec/httpd/lua/bozo.lua 1.1 libexec/httpd/lua/glue.c 1.1 libexec/httpd/lua/optparse.lua 1.1 libexec/httpd/lua/shlib_version 1.1 libexec/httpd/small/Makefile 1.1-1.2 libexec/httpd/testsuite/Makefile 1.4 libexec/httpd/testsuite/html_cmp 1.4 libexec/httpd/testsuite/t1.in 1.3 libexec/httpd/testsuite/t1.out 1.3 libexec/httpd/testsuite/t10.in 1.1 libexec/httpd/testsuite/t10.out 1.1 libexec/httpd/testsuite/t2.in 1.3 libexec/httpd/testsuite/t2.out 1.3 libexec/httpd/testsuite/t3.in 1.3 libexec/httpd/testsuite/t3.out 1.3 libexec/httpd/testsuite/t4.in 1.3 libexec/httpd/testsuite/t4.out 1.3 libexec/httpd/testsuite/t5.in 1.3 libexec/httpd/testsuite/t5.out 1.3 libexec/httpd/testsuite/t6.in 1.3 libexec/httpd/testsuite/t6.out 1.3 libexec/httpd/testsuite/t7.in 1.3 libexec/httpd/testsuite/t7.out 1.3 libexec/httpd/testsuite/t8.in 1.3 libexec/httpd/testsuite/t8.out 1.3 libexec/httpd/testsuite/t9.in 1.3 libexec/httpd/testsuite/t9.out 1.3 libexec/httpd/testsuite/test-bigfile 1.1 libexec/httpd/testsuite/data/bigfile 1.1 libexec/httpd/testsuite/data/bigfile.partial4000 1.1 libexec/httpd/testsuite/data/bigfile.partial8000 1.1 libexec/httpd/testsuite/data/file 1.3 libexec/httpd/testsuite/data/index.html 1.3 Update bozohttpd from 20080303+patches to 20140708. changes in bozohttpd 20140708: o fixes for virtual host support, from rajeev_v_pillai@@yahoo.com o avoid printing double errors, from shm@@netbsd.org o fix a security issue in basic HTTP authentication which would allow authentication to be bypassed, from shm@@netbsd.org changes in bozohttpd 20140201: o support .svg files o fix a core dump when requests timeout changes in bozohttpd 20140102: o update a few content types o add support for directly calling lua scripts to handle processes, from mbalmer@@netbsd.org o properly escape generated HTML o add authentication for redirections, from martin@@netbsd.org o handle chained ssl certifications, from elric@@netbsd.org o add basic support for gzipped files, from elric@@netbsd.org o properly escape generated URIs changes in bozohttpd 20111118: o add -P option, from jmmv@@netbsd.org o avoid crashes with http basic auth, from pooka@@netbsd.org o add support for REDIRECT_STATUS variable, from tls@@netbsd.org o support .mp4 files in the default map o directory indexes with files with : are now displayed properly, from reed@@netbsd.org o allow -I option to be useful in non-inetd mode as well changes in bozohttpd 20100920: o properly fully disable multi-file mode for now o fix the -t and -U options when used without the -e option, broken since the library-ifcation o be explicit that logs go to the FTP facility in syslog o use scandir() with alphasort() for sorted directory lists, from moof o fix a serious error in vhost handling; "Host:.." would allow access to the next level directory from the virtual root directory, from seanb o fix some various non standard compile time errors, from rudolf o fix dynamic CGI content maps, from rudolf changes in bozohttpd 20100617: o fix some compile issues o fix SSL mode. from rtr o fix some cgi-bin issues, as seen with cvsweb o disable multi-file daemon mode for now, it breaks o return 404's instead of 403's when chdir of ~user dirs fail o remove "noreturn" attribute from bozo_http_error() that was causing incorrect runtime behaviour changes in bozohttpd 20100509: o major rework and clean up of internal interfaces. move the main program into main.c, the remaining parts are useable as library. add bindings for lua. by Alistair G. Crooks o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325 changes in bozohttpd 20090522: o avoid dying in daemon mode for some uncommon, but recoverable, errors o close leaking file descriptors for CGI and daemon mode o handle poll errors properly o don't try to handle more than one request per process yet o add subdirs for build "debug" and "small" versions o clean up a bad merge / duplicate code o make mmap() usage portable, fixes linux & ranges: support o document the -f option o daemon mode now serves 6 files per child changes in bozohttpd 20090417: o make bozohttpd internally more modular, preparing the way to handle more than one request per process o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix cgi-bin with cvsweb, from Holger Weiss o fix an uninitialised variable use in daemon mode o fix ssl mode with newer OpenSSL o mmap large files in manageable sizes so we can serve any size file o refactor url processing to handle query strings correctly for CGI from Sergey Katsev at Coyote Point o add If-Modified-Since support, from Joerg Sonnenberger o many more manual fixes, from NetBSD @ text @a0 123 -- Lua command line option parser. -- Interface based on Pythons optparse. -- http://docs.python.org/lib/module-optparse.html -- (c) 2008 David Manura, Licensed under the same terms as Lua (MIT license) -- -- To be used like this: -- t={usage="", version=""} -- op=OptionParser(t) -- op=add_option{"", action=, dest=, help=""} -- -- with : -- the option string to be used (can be anything, if one letter opt, then should be -x val, more letters: -xy=val ) -- one of -- - store: store in options as key, val -- - store_true: stores key, true -- - store_false: stores key, false -- is the key under which the option is saved -- -- options,args = op.parse_args() -- -- now options is the table of options (key, val) and args is the table with non-option arguments. -- You can use op.fail(message) for failing and op.print_help() for printing the usage as you like. function OptionParser(t) local usage = t.usage local version = t.version local o = {} local option_descriptions = {} local option_of = {} function o.fail(s) -- extension io.stderr:write(s .. '\n') os.exit(1) end function o.add_option(optdesc) option_descriptions[#option_descriptions+1] = optdesc for _,v in ipairs(optdesc) do option_of[v] = optdesc end end function o.parse_args() -- expand options (e.g. "--input=file" -> "--input", "file") local arg = {unpack(arg)} for i=#arg,1,-1 do local v = arg[i] local flag, val = v:match('^(%-%-%w+)=(.*)') if flag then arg[i] = flag table.insert(arg, i+1, val) end end local options = {} local args = {} local i = 1 while i <= #arg do local v = arg[i] local optdesc = option_of[v] if optdesc then local action = optdesc.action local val if action == 'store' or action == nil then i = i + 1 val = arg[i] if not val then o.fail('option requires an argument ' .. v) end elseif action == 'store_true' then val = true elseif action == 'store_false' then val = false end options[optdesc.dest] = val else if v:match('^%-') then o.fail('invalid option ' .. v) end args[#args+1] = v end i = i + 1 end if options.help then o.print_help() os.exit() end if options.version then io.stdout:write(t.version .. "\n") os.exit() end return options, args end local function flags_str(optdesc) local sflags = {} local action = optdesc.action for _,flag in ipairs(optdesc) do local sflagend if action == nil or action == 'store' then local metavar = optdesc.metavar or optdesc.dest:upper() sflagend = #flag == 2 and ' ' .. metavar or '=' .. metavar else sflagend = '' end sflags[#sflags+1] = flag .. sflagend end return table.concat(sflags, ', ') end function o.print_help() io.stdout:write("Usage: " .. usage:gsub('%%prog', arg[0]) .. "\n") io.stdout:write("\n") io.stdout:write("Options:\n") for _,optdesc in ipairs(option_descriptions) do io.stdout:write(" " .. flags_str(optdesc) .. " " .. optdesc.help .. "\n") end end o.add_option{"--help", action="store_true", dest="help", help="show this help message and exit"} if t.version then o.add_option{"--version", action="store_true", dest="version", help="output version info."} end return o end @ 1.1.1.1.24.1 log @file optparse.lua was added on branch netbsd-5 on 2014-07-09 15:21:21 +0000 @ text @d1 123 @ 1.1.1.1.24.2 log @Pull up following revision(s) (requested by mrg in ticket #1913): libexec/httpd/CHANGES 1.3-1.18 libexec/httpd/Makefile 1.8-1.22 via patch libexec/httpd/Makefile.boot 1.3-1.6 libexec/httpd/auth-bozo.c 1.5-1.13 libexec/httpd/bozohttpd.8 1.6-1.46 libexec/httpd/bozohttpd.c 1.8,1.12-1.54 libexec/httpd/bozohttpd.h 1.8-1.32 libexec/httpd/cgi-bozo.c 1.11-1.25 libexec/httpd/content-bozo.c 1.4-1.10 libexec/httpd/daemon-bozo.c 1.5-1.16 libexec/httpd/dir-index-bozo.c 1.6-1.19 libexec/httpd/ssl-bozo.c 1.5-1.16 libexec/httpd/tilde-luzah-bozo.c 1.5-1.10 libexec/httpd/lua-bozo.c 1.1-1.9 libexec/httpd/main.c 1.1-1.7 libexec/httpd/netbsd_queue.h 1.1 libexec/httpd/printenv.lua 1.1-1.2 libexec/httpd/debug/Makefile 1.1 libexec/httpd/libbozohttpd/Makefile 1.2 libexec/httpd/libbozohttpd/libbozohttpd.3 1.3 libexec/httpd/libbozohttpd/shlib_version 1.1 libexec/httpd/lua/Makefile 1.1 libexec/httpd/lua/bozo.lua 1.1 libexec/httpd/lua/glue.c 1.1 libexec/httpd/lua/optparse.lua 1.1 libexec/httpd/lua/shlib_version 1.1 libexec/httpd/small/Makefile 1.1-1.2 libexec/httpd/testsuite/Makefile 1.4 libexec/httpd/testsuite/html_cmp 1.4 libexec/httpd/testsuite/t1.in 1.3 libexec/httpd/testsuite/t1.out 1.3 libexec/httpd/testsuite/t10.in 1.1 libexec/httpd/testsuite/t10.out 1.1 libexec/httpd/testsuite/t2.in 1.3 libexec/httpd/testsuite/t2.out 1.3 libexec/httpd/testsuite/t3.in 1.3 libexec/httpd/testsuite/t3.out 1.3 libexec/httpd/testsuite/t4.in 1.3 libexec/httpd/testsuite/t4.out 1.3 libexec/httpd/testsuite/t5.in 1.3 libexec/httpd/testsuite/t5.out 1.3 libexec/httpd/testsuite/t6.in 1.3 libexec/httpd/testsuite/t6.out 1.3 libexec/httpd/testsuite/t7.in 1.3 libexec/httpd/testsuite/t7.out 1.3 libexec/httpd/testsuite/t8.in 1.3 libexec/httpd/testsuite/t8.out 1.3 libexec/httpd/testsuite/t9.in 1.3 libexec/httpd/testsuite/t9.out 1.3 libexec/httpd/testsuite/test-bigfile 1.1 libexec/httpd/testsuite/data/bigfile 1.1 libexec/httpd/testsuite/data/bigfile.partial4000 1.1 libexec/httpd/testsuite/data/bigfile.partial8000 1.1 libexec/httpd/testsuite/data/file 1.3 libexec/httpd/testsuite/data/index.html 1.3 Update bozohttpd from 20080303+patches to 20140708. changes in bozohttpd 20140708: o fixes for virtual host support, from rajeev_v_pillai@@yahoo.com o avoid printing double errors, from shm@@netbsd.org o fix a security issue in basic HTTP authentication which would allow authentication to be bypassed, from shm@@netbsd.org changes in bozohttpd 20140201: o support .svg files o fix a core dump when requests timeout changes in bozohttpd 20140102: o update a few content types o add support for directly calling lua scripts to handle processes, from mbalmer@@netbsd.org o properly escape generated HTML o add authentication for redirections, from martin@@netbsd.org o handle chained ssl certifications, from elric@@netbsd.org o add basic support for gzipped files, from elric@@netbsd.org o properly escape generated URIs changes in bozohttpd 20111118: o add -P option, from jmmv@@netbsd.org o avoid crashes with http basic auth, from pooka@@netbsd.org o add support for REDIRECT_STATUS variable, from tls@@netbsd.org o support .mp4 files in the default map o directory indexes with files with : are now displayed properly, from reed@@netbsd.org o allow -I option to be useful in non-inetd mode as well changes in bozohttpd 20100920: o properly fully disable multi-file mode for now o fix the -t and -U options when used without the -e option, broken since the library-ifcation o be explicit that logs go to the FTP facility in syslog o use scandir() with alphasort() for sorted directory lists, from moof o fix a serious error in vhost handling; "Host:.." would allow access to the next level directory from the virtual root directory, from seanb o fix some various non standard compile time errors, from rudolf o fix dynamic CGI content maps, from rudolf changes in bozohttpd 20100617: o fix some compile issues o fix SSL mode. from rtr o fix some cgi-bin issues, as seen with cvsweb o disable multi-file daemon mode for now, it breaks o return 404's instead of 403's when chdir of ~user dirs fail o remove "noreturn" attribute from bozo_http_error() that was causing incorrect runtime behaviour changes in bozohttpd 20100509: o major rework and clean up of internal interfaces. move the main program into main.c, the remaining parts are useable as library. add bindings for lua. by Alistair G. Crooks o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325 changes in bozohttpd 20090522: o avoid dying in daemon mode for some uncommon, but recoverable, errors o close leaking file descriptors for CGI and daemon mode o handle poll errors properly o don't try to handle more than one request per process yet o add subdirs for build "debug" and "small" versions o clean up a bad merge / duplicate code o make mmap() usage portable, fixes linux & ranges: support o document the -f option o daemon mode now serves 6 files per child changes in bozohttpd 20090417: o make bozohttpd internally more modular, preparing the way to handle more than one request per process o fix http-auth, set $REMOTE_USER not $REMOTEUSER. also fix cgi-bin with cvsweb, from Holger Weiss o fix an uninitialised variable use in daemon mode o fix ssl mode with newer OpenSSL o mmap large files in manageable sizes so we can serve any size file o refactor url processing to handle query strings correctly for CGI from Sergey Katsev at Coyote Point o add If-Modified-Since support, from Joerg Sonnenberger o many more manual fixes, from NetBSD @ text @a0 123 -- Lua command line option parser. -- Interface based on Pythons optparse. -- http://docs.python.org/lib/module-optparse.html -- (c) 2008 David Manura, Licensed under the same terms as Lua (MIT license) -- -- To be used like this: -- t={usage="", version=""} -- op=OptionParser(t) -- op=add_option{"", action=, dest=, help=""} -- -- with : -- the option string to be used (can be anything, if one letter opt, then should be -x val, more letters: -xy=val ) -- one of -- - store: store in options as key, val -- - store_true: stores key, true -- - store_false: stores key, false -- is the key under which the option is saved -- -- options,args = op.parse_args() -- -- now options is the table of options (key, val) and args is the table with non-option arguments. -- You can use op.fail(message) for failing and op.print_help() for printing the usage as you like. function OptionParser(t) local usage = t.usage local version = t.version local o = {} local option_descriptions = {} local option_of = {} function o.fail(s) -- extension io.stderr:write(s .. '\n') os.exit(1) end function o.add_option(optdesc) option_descriptions[#option_descriptions+1] = optdesc for _,v in ipairs(optdesc) do option_of[v] = optdesc end end function o.parse_args() -- expand options (e.g. "--input=file" -> "--input", "file") local arg = {unpack(arg)} for i=#arg,1,-1 do local v = arg[i] local flag, val = v:match('^(%-%-%w+)=(.*)') if flag then arg[i] = flag table.insert(arg, i+1, val) end end local options = {} local args = {} local i = 1 while i <= #arg do local v = arg[i] local optdesc = option_of[v] if optdesc then local action = optdesc.action local val if action == 'store' or action == nil then i = i + 1 val = arg[i] if not val then o.fail('option requires an argument ' .. v) end elseif action == 'store_true' then val = true elseif action == 'store_false' then val = false end options[optdesc.dest] = val else if v:match('^%-') then o.fail('invalid option ' .. v) end args[#args+1] = v end i = i + 1 end if options.help then o.print_help() os.exit() end if options.version then io.stdout:write(t.version .. "\n") os.exit() end return options, args end local function flags_str(optdesc) local sflags = {} local action = optdesc.action for _,flag in ipairs(optdesc) do local sflagend if action == nil or action == 'store' then local metavar = optdesc.metavar or optdesc.dest:upper() sflagend = #flag == 2 and ' ' .. metavar or '=' .. metavar else sflagend = '' end sflags[#sflags+1] = flag .. sflagend end return table.concat(sflags, ', ') end function o.print_help() io.stdout:write("Usage: " .. usage:gsub('%%prog', arg[0]) .. "\n") io.stdout:write("\n") io.stdout:write("Options:\n") for _,optdesc in ipairs(option_descriptions) do io.stdout:write(" " .. flags_str(optdesc) .. " " .. optdesc.help .. "\n") end end o.add_option{"--help", action="store_true", dest="help", help="show this help message and exit"} if t.version then o.add_option{"--version", action="store_true", dest="version", help="output version info."} end return o end @