summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.sbin/httpd/support/Makefile52
-rw-r--r--usr.sbin/httpd/support/Makefile.tmpl35
-rw-r--r--usr.sbin/httpd/support/cls.c165
-rw-r--r--usr.sbin/httpd/support/dbmmanage126
-rw-r--r--usr.sbin/httpd/support/dbmmanage.new140
-rw-r--r--usr.sbin/httpd/support/dbmmanage.readme7
-rw-r--r--usr.sbin/httpd/support/htdigest.c187
-rw-r--r--usr.sbin/httpd/support/htpasswd.188
-rw-r--r--usr.sbin/httpd/support/htpasswd.c198
-rw-r--r--usr.sbin/httpd/support/httpd.8125
-rw-r--r--usr.sbin/httpd/support/httpd_monitor.c307
-rw-r--r--usr.sbin/httpd/support/log_server_status110
-rw-r--r--usr.sbin/httpd/support/logresolve.c369
-rw-r--r--usr.sbin/httpd/support/phf_abuse_log.cgi21
-rw-r--r--usr.sbin/httpd/support/rotatelogs.c84
-rw-r--r--usr.sbin/httpd/support/suexec.c491
-rw-r--r--usr.sbin/httpd/support/suexec.h137
17 files changed, 0 insertions, 2642 deletions
diff --git a/usr.sbin/httpd/support/Makefile b/usr.sbin/httpd/support/Makefile
deleted file mode 100644
index 6270d87db1e..00000000000
--- a/usr.sbin/httpd/support/Makefile
+++ /dev/null
@@ -1,52 +0,0 @@
-###############
-# Platform: OpenBSD
-# Final Rules:
-# Rule WANTHSREGEX=no
-###############
-CC=gcc
-OPTIM=-O2
-CFLAGS1=
-INCLUDES1=
-LIBS1=
-LFLAGS1=
-BROKEN_BPRINTF_FLAGS=
-REGLIB=
-RANLIB=ranlib
-SHELL=/bin/sh
-
-#### End of Configure created section ####
-# Apache makefile template (well, suffix).
-
-# This is combined with the information in the "Configuration" file
-# by the configure script to make the actual Makefile.
-
-CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS)
-LIBS=$(EXTRA_LIBS) $(LIBS1)
-INCLUDES=-I../src -I../src/regex $(INCLUDES1) $(EXTRA_INCLUDES)
-LFLAGS=$(LFLAGS1) $(EXTRA_LFLAGS)
-
-.c.o:
- $(CC) -c $(CFLAGS) $(INCLUDES) $<
-
-TARGETS=htpasswd htdigest httpd_monitor rotatelogs logresolve
-
-all: $(TARGETS)
-
-htpasswd: htpasswd.c
- $(CC) $(CFLAGS) htpasswd.c -o htpasswd $(LIBS)
-
-htdigest: htdigest.c
- $(CC) $(CFLAGS) htdigest.c -o htdigest
-
-httpd_monitor: httpd_monitor.c
- $(CC) $(INCLUDES) $(CFLAGS) httpd_monitor.c -o httpd_monitor
-
-rotatelogs: rotatelogs.c
- $(CC) $(INCLUDES) $(CFLAGS) rotatelogs.c -o rotatelogs
-
-logresolve: logresolve.c
- $(CC) $(INCLUDES) $(CFLAGS) logresolve.c -o logresolve $(LIBS)
-
-clean:
- rm -f $(TARGETS)
-
diff --git a/usr.sbin/httpd/support/Makefile.tmpl b/usr.sbin/httpd/support/Makefile.tmpl
deleted file mode 100644
index 84aebc02014..00000000000
--- a/usr.sbin/httpd/support/Makefile.tmpl
+++ /dev/null
@@ -1,35 +0,0 @@
-# Apache makefile template (well, suffix).
-
-# This is combined with the information in the "Configuration" file
-# by the configure script to make the actual Makefile.
-
-CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS)
-LIBS=$(EXTRA_LIBS) $(LIBS1)
-INCLUDES=-I../src -I../src/regex $(INCLUDES1) $(EXTRA_INCLUDES)
-LFLAGS=$(LFLAGS1) $(EXTRA_LFLAGS)
-
-.c.o:
- $(CC) -c $(CFLAGS) $(INCLUDES) $<
-
-TARGETS=htpasswd htdigest httpd_monitor rotatelogs logresolve
-
-all: $(TARGETS)
-
-htpasswd: htpasswd.c
- $(CC) $(CFLAGS) htpasswd.c -o htpasswd $(LIBS)
-
-htdigest: htdigest.c
- $(CC) $(CFLAGS) htdigest.c -o htdigest
-
-httpd_monitor: httpd_monitor.c
- $(CC) $(INCLUDES) $(CFLAGS) httpd_monitor.c -o httpd_monitor
-
-rotatelogs: rotatelogs.c
- $(CC) $(INCLUDES) $(CFLAGS) rotatelogs.c -o rotatelogs
-
-logresolve: logresolve.c
- $(CC) $(INCLUDES) $(CFLAGS) logresolve.c -o logresolve $(LIBS)
-
-clean:
- rm -f $(TARGETS)
-
diff --git a/usr.sbin/httpd/support/cls.c b/usr.sbin/httpd/support/cls.c
deleted file mode 100644
index 2c553cec93d..00000000000
--- a/usr.sbin/httpd/support/cls.c
+++ /dev/null
@@ -1,165 +0,0 @@
-#include <ctype.h>
-#include <dirent.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-
-/*
- * Compare a string to a mask
- * Mask characters:
- * @ - uppercase letter
- * # - lowercase letter
- * & - hex digit
- * # - digit
- * * - swallow remaining characters
- * <x> - exact match for any other character
- */
-static int
-checkmask(const char *data, const char *mask)
-{
- int i, ch, d;
-
- for (i=0; mask[i] != '\0' && mask[i] != '*'; i++)
- {
- ch = mask[i];
- d = data[i];
- if (ch == '@')
- {
- if (!isupper(d)) return 0;
- } else if (ch == '$')
- {
- if (!islower(d)) return 0;
- } else if (ch == '#')
- {
- if (!isdigit(d)) return 0;
- } else if (ch == '&')
- {
- if (!isxdigit(d)) return 0;
- } else if (ch != d) return 0;
- }
-
- if (mask[i] == '*') return 1;
- else return (data[i] == '\0');
-}
-
-/*
- * Converts 8 hex digits to a time integer
- */
-static int
-hex2sec(const char *x)
-{
- int i, ch;
- unsigned int j;
-
- for (i=0, j=0; i < 8; i++)
- {
- ch = x[i];
- j <<= 4;
- if (isdigit(ch)) j |= ch - '0';
- else if (isupper(ch)) j |= ch - ('A' - 10);
- else j |= ch - ('a' - 10);
- }
- if (j == 0xffffffff) return -1; /* so that it works with 8-byte ints */
- else return j;
-}
-
-int
-main(int argc, char **argv)
-{
- int i, ver;
- DIR *d;
- struct dirent *e;
- const char *s;
- FILE *fp;
- char path[FILENAME_MAX+1];
- char line[1035];
- time_t date, lmod, expire;
- unsigned int len;
- struct tm ts;
- char sdate[30], slmod[30], sexpire[30];
- const char time_format[]="%e %b %Y %R";
-
- if (argc != 2)
- {
- printf("Usage: cls directory\n");
- exit(0);
- }
-
- d = opendir(argv[1]);
- if (d == NULL)
- {
- perror("opendir");
- exit(1);
- }
-
- for (;;)
- {
- e = readdir(d);
- if (e == NULL) break;
- s = e->d_name;
- if (s[0] == '.' || s[0] == '#') continue;
- sprintf(path, "%s/%s", argv[1], s);
- fp = fopen(path, "r");
- if (fp == NULL)
- {
- perror("fopen");
- continue;
- }
- if (fgets(line, 1034, fp) == NULL)
- {
- perror("fgets");
- fclose(fp);
- continue;
- }
- if (!checkmask(line, "&&&&&&&& &&&&&&&& &&&&&&&& &&&&&&&& &&&&&&&&\n"))
- {
- fprintf(stderr, "Bad cache file\n");
- fclose(fp);
- continue;
- }
- date = hex2sec(line);
- lmod = hex2sec(line+9);
- expire = hex2sec(line+18);
- ver = hex2sec(line+27);
- len = hex2sec(line+35);
- if (fgets(line, 1034, fp) == NULL)
- {
- perror("fgets");
- fclose(fp);
- continue;
- }
- fclose(fp);
- i = strlen(line);
- if (strncmp(line, "X-URL: ", 7) != 0 || line[i-1] != '\n')
- {
- fprintf(stderr, "Bad cache file\n");
- continue;
- }
- line[i-1] = '\0';
- if (date != -1)
- {
- ts = *gmtime(&date);
- strftime(sdate, 30, time_format, &ts);
- } else
- strcpy(sdate, "-");
-
- if (lmod != -1)
- {
- ts = *gmtime(&lmod);
- strftime(slmod, 30, time_format, &ts);
- } else
- strcpy(slmod, "-");
-
- if (expire != -1)
- {
- ts = *gmtime(&expire);
- strftime(sexpire, 30, time_format, &ts);
- } else
- strcpy(sexpire, "-");
-
- printf("%s: %d; %s %s %s\n", line+7, ver, sdate, slmod, sexpire);
- }
-
- closedir(d);
- return 0;
-}
diff --git a/usr.sbin/httpd/support/dbmmanage b/usr.sbin/httpd/support/dbmmanage
deleted file mode 100644
index 8afc45f0045..00000000000
--- a/usr.sbin/httpd/support/dbmmanage
+++ /dev/null
@@ -1,126 +0,0 @@
-#!/usr/local/bin/perl
-
-# ====================================================================
-# Copyright (c) 1995-1997 The Apache Group. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-# software must display the following acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# 4. The names "Apache Server" and "Apache Group" must not be used to
-# endorse or promote products derived from this software without
-# prior written permission.
-#
-# 5. Redistributions of any form whatsoever must retain the following
-# acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-#
-# This software consists of voluntary contributions made by many
-# individuals on behalf of the Apache Group and was originally based
-# on public domain software written at the National Center for
-# Supercomputing Applications, University of Illinois, Urbana-Champaign.
-# For more information on the Apache Group and the Apache HTTP server
-# project, please see <http://www.apache.org/>.
-
-
-# usage: dbmmanage <DBMfile> <command> <key> <value> <group>
-#
-# commands: add, delete, view, adduser
-#
-# no values needed for delete, no keys or values needed for view.
-# to change a value, simply use "add".
-# adduser encrypts the password:
-# dbmmanage <dbm file> adduser <person> <password>
-#
-# <group> is optional, and may also be supplied to add the user
-# to a specified group:
-# dbmmanage <dbm file> adduser <person> <password> <group>
-
-if (scalar(@ARGV) < 2) {
- print "Too few arguments.\n";
- exit;
-}
-
-$file=$ARGV[0];
-$command=$ARGV[1];
-$key=$ARGV[2];
-$value=$ARGV[3];
-$group=$ARGV[4];
-
-# create a random salt
-@range=('0'..'9','a'..'z','A'..'Z');
-srand($$|time);
-$salt=$range[rand(int($#range)+1)] . $range[rand(int($#range)+1)];
-
-if ($command eq "add") {
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- $value .= ":$group" if $group ne "";
- $DB{$key} = $value;
- dbmclose(%DB);
- print "Entry $key added with value $value.\n";
- exit;
-}
-
-if ($command eq "adduser") {
- $hash = crypt($value, "$salt");
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- $hash .= ":$group" if $group ne "";
- $value .= ":$group" if $group ne "";
- $DB{$key} = $hash;
- dbmclose(%DB);
- print "User $key added with password $value, encrypted to $hash\n";
- exit;
-}
-
-if ($command eq "delete") {
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- delete($DB{$key});
- dbmclose(%DB);
- exit;
-}
-
-if ($command eq "view") {
- dbmopen(%DB, $file, undef) || die "Error: $!\n";
- $return_status = 1;
- unless ($key) {
- while (($nkey,$val) = each %DB) {
- print "$nkey = $val\n";
- }
- } else {
- $return_status = 0 if defined $DB{$key};
- print "$key = $DB{$key}\n";
- }
- dbmclose(%DB);
- exit($return_status);
-}
-
-print "Command unrecognized - must be one of: view, add, adduser, delete.\n";
-
diff --git a/usr.sbin/httpd/support/dbmmanage.new b/usr.sbin/httpd/support/dbmmanage.new
deleted file mode 100644
index 48d9f26d7ee..00000000000
--- a/usr.sbin/httpd/support/dbmmanage.new
+++ /dev/null
@@ -1,140 +0,0 @@
-#!/usr/local/bin/perl
-
-# ====================================================================
-# Copyright (c) 1995-1997 The Apache Group. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-# software must display the following acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# 4. The names "Apache Server" and "Apache Group" must not be used to
-# endorse or promote products derived from this software without
-# prior written permission.
-#
-# 5. Redistributions of any form whatsoever must retain the following
-# acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-#
-# This software consists of voluntary contributions made by many
-# individuals on behalf of the Apache Group and was originally based
-# on public domain software written at the National Center for
-# Supercomputing Applications, University of Illinois, Urbana-Champaign.
-# For more information on the Apache Group and the Apache HTTP server
-# project, please see <http://www.apache.org/>.
-
-
-# usage: dbmmanage <DBMfile> <command> <key> <value>
-#
-# commands: add, delete, view, adduser
-#
-# no values needed for delete, no keys or values needed for view.
-# to change a value, simply use "add".
-# adduser encrypts the password:
-# dbmmanage <dbm file> adduser <person> <password>
-
-if (@ARGV < 2) {
- die "Too few arguments.\
- Usage: dbmmanage <DBMfile> <command> [<key> [<value>]]\
- where command is add, delete, view or adduser.\
- No value required for \"delete\", no key or value for \"view\".\
- To change a value, simply use \"add\".\
- \"adduser\" encrypts the value and uses it as the user's password\n";
-}
-
-($file,$command,$key,$value) = @ARGV;
-
-$file =~ s/\.db.?$//; # remove ".db" or ".dbX" extension if any
-$file =~ s/\.pag$//; # remove ".pag" and ".dir" as well.
-$file =~ s/\.dir$//; # these are all common DBM extensions.
-
-if ($command eq "add") {
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- $DB{$key} = $value;
- dbmclose(%DB);
- print "Entry $key added with value $value.\n";
-} elsif ($command eq "adduser") {
- srand; # needs to be done only once.
- $salt = &compute_salt(0); # change to compute_salt(1) for new crypt()
- $hash = crypt($value, $salt);
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- $DB{$key} = $hash;
- dbmclose(%DB);
- print "User $key added with password ``$value'', encrypted to $hash\n";
-} elsif ($command eq "delete") {
- dbmopen(%DB, $file, 0664) || die "Error: $!\n";
- delete($DB{$key});
- dbmclose(%DB);
-} elsif ($command eq "view") {
- dbmopen(%DB, $file, undef) || die "Error: $!\n";
- unless ($key) {
- while (($nkey,$val) = each %DB) {
- print "$nkey = $val\n";
- }
- } else {
- print "$key = $DB{$key}\n";
- }
- dbmclose(%DB);
-} else {
- print "Command unrecognized - must be one of: view, add, adduser, delete.\n";
-}
-
-exit(0);
-
-# if $newstyle is 1, then use new style salt (starts with '_' and contains
-# four bytes of iteration count and four bytes of salt). Otherwise, just use
-# the traditional two-byte salt.
-# see the man page on your system to decide if you have a newer crypt() lib.
-# I believe that 4.4BSD derived systems do (at least BSD/OS 2.0 does).
-# The new style crypt() allows up to 20 characters of the password to be
-# significant rather than only 8.
-sub compute_salt {
- local($newstyle) = @_;
- local($salt);
- if ($newstyle) {
- $salt = "_" . &randchar(1) . "a.." . &randchar(4);
- } else {
- $salt = &randchar(2);
- }
- $salt;
-}
-
-# return $count random characters
-sub randchar {
- local($count) = @_;
- local($str) = "";
- local($enc) =
- "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
- while ($count--) {
- # 64 = length($enc) in call to rand() below
- $str .= substr($enc,int(rand(64)),1);
- }
- $str;
-}
diff --git a/usr.sbin/httpd/support/dbmmanage.readme b/usr.sbin/httpd/support/dbmmanage.readme
deleted file mode 100644
index 8ef9e688864..00000000000
--- a/usr.sbin/httpd/support/dbmmanage.readme
+++ /dev/null
@@ -1,7 +0,0 @@
-
-Two versions of the dbmmanage script are included with this release.
-One is the old faithful version, which should continue to work if you've
-been using it; the other is a newer cut, which can be easily modified to
-support the newer extended crypt routines which are present on some
-systems (including 4.4BSD derivatives); this newer version is, for the
-nonce, experimental...
diff --git a/usr.sbin/httpd/support/htdigest.c b/usr.sbin/httpd/support/htdigest.c
deleted file mode 100644
index 9d35b44a948..00000000000
--- a/usr.sbin/httpd/support/htdigest.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * htdigest.c: simple program for manipulating digest passwd file for Apache
- *
- * by Alexei Kosut, based on htpasswd.c, by Rob McCool
- */
-
-#include <sys/types.h>
-#include <stdio.h>
-#include <string.h>
-#ifdef MPE
-#include <signal.h>
-#else
-#include <sys/signal.h>
-#endif
-#include <stdlib.h>
-#include <time.h>
-#include <unistd.h>
-
-/* This is probably the easiest way to do it */
-#include "../src/md5c.c"
-
-#define LF 10
-#define CR 13
-
-#define MAX_STRING_LEN 256
-
-char *tn;
-
-char *strd(char *s) {
- char *d;
-
- d=(char *)malloc(strlen(s) + 1);
- strcpy(d,s);
- return(d);
-}
-
-void getword(char *word, char *line, char stop) {
- int x = 0,y;
-
- for(x=0;((line[x]) && (line[x] != stop));x++)
- word[x] = line[x];
-
- word[x] = '\0';
- if(line[x]) ++x;
- y=0;
-
- while((line[y++] = line[x++]));
-}
-
-int getline(char *s, int n, FILE *f) {
- register int i=0;
-
- while(1) {
- s[i] = (char)fgetc(f);
-
- if(s[i] == CR)
- s[i] = fgetc(f);
-
- if((s[i] == 0x4) || (s[i] == LF) || (i == (n-1))) {
- s[i] = '\0';
- return (feof(f) ? 1 : 0);
- }
- ++i;
- }
-}
-
-void putline(FILE *f,char *l) {
- int x;
-
- for(x=0;l[x];x++) fputc(l[x],f);
- fputc('\n',f);
-}
-
-
-void add_password(char *user, char *realm, FILE *f) {
- char *pw;
- MD5_CTX context;
- unsigned char digest[16];
- char string[MAX_STRING_LEN];
- unsigned int i;
-
- pw = strd((char *) getpass("New password:"));
- if(strcmp(pw,(char *) getpass("Re-type new password:"))) {
- fprintf(stderr,"They don't match, sorry.\n");
- if(tn)
- unlink(tn);
- exit(1);
- }
- fprintf(f,"%s:%s:",user,realm);
-
- /* Do MD5 stuff */
- sprintf(string, "%s:%s:%s", user, realm, pw);
-
- MD5Init (&context);
- MD5Update (&context, (unsigned char *) string, strlen(string));
- MD5Final (digest, &context);
-
- for (i = 0; i < 16; i++)
- fprintf(f, "%02x", digest[i]);
-
- fprintf(f, "\n");
-}
-
-void usage() {
- fprintf(stderr,"Usage: htdigest [-c] passwordfile realm username\n");
- fprintf(stderr,"The -c flag creates a new file.\n");
- exit(1);
-}
-
-void interrupted() {
- fprintf(stderr,"Interrupted.\n");
- if(tn) unlink(tn);
- exit(1);
-}
-
-void main(int argc, char *argv[]) {
- FILE *tfp,*f;
- char user[MAX_STRING_LEN];
- char realm[MAX_STRING_LEN];
- char line[MAX_STRING_LEN];
- char l[MAX_STRING_LEN];
- char w[MAX_STRING_LEN];
- char x[MAX_STRING_LEN];
- char command[MAX_STRING_LEN];
- int found;
-
- tn = NULL;
- signal(SIGINT,(void (*)())interrupted);
- if(argc == 5) {
- if(strcmp(argv[1],"-c"))
- usage();
- if(!(tfp = fopen(argv[2],"w"))) {
- fprintf(stderr,"Could not open passwd file %s for writing.\n",
- argv[2]);
- perror("fopen");
- exit(1);
- }
- printf("Adding password for %s in realm %s.\n",argv[4], argv[3]);
- add_password(argv[4],argv[3],tfp);
- fclose(tfp);
- exit(0);
- } else if(argc != 4) usage();
-
- tn = tmpnam(NULL);
- if(!(tfp = fopen(tn,"w"))) {
- fprintf(stderr,"Could not open temp file.\n");
- exit(1);
- }
-
- if(!(f = fopen(argv[1],"r"))) {
- fprintf(stderr,
- "Could not open passwd file %s for reading.\n",argv[1]);
- fprintf(stderr,"Use -c option to create new one.\n");
- exit(1);
- }
- strcpy(user,argv[3]);
- strcpy(realm,argv[2]);
-
- found = 0;
- while(!(getline(line,MAX_STRING_LEN,f))) {
- if(found || (line[0] == '#') || (!line[0])) {
- putline(tfp,line);
- continue;
- }
- strcpy(l,line);
- getword(w,l,':');
- getword(x,l,':');
- if(strcmp(user,w) || strcmp(realm,x)) {
- putline(tfp,line);
- continue;
- }
- else {
- printf("Changing password for user %s in realm %s\n",user,realm);
- add_password(user,realm,tfp);
- found = 1;
- }
- }
- if(!found) {
- printf("Adding user %s in realm %s\n",user,realm);
- add_password(user,realm,tfp);
- }
- fclose(f);
- fclose(tfp);
- sprintf(command,"cp %s %s",tn,argv[1]);
- system(command);
- unlink(tn);
-}
diff --git a/usr.sbin/httpd/support/htpasswd.1 b/usr.sbin/httpd/support/htpasswd.1
deleted file mode 100644
index a3819ca17c2..00000000000
--- a/usr.sbin/httpd/support/htpasswd.1
+++ /dev/null
@@ -1,88 +0,0 @@
-.TH htpasswd 1 "February 1997"
-.\" Copyright (c) 1997 The Apache Group. All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in
-.\" the documentation and/or other materials provided with the
-.\" distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\" software must display the following acknowledgment:
-.\" "This product includes software developed by the Apache Group
-.\" for use in the Apache HTTP server project (http://www.apache.org/)."
-.\"
-.\" 4. The names "Apache Server" and "Apache Group" must not be used to
-.\" endorse or promote products derived from this software without
-.\" prior written permission.
-.\"
-.\" 5. Redistributions of any form whatsoever must retain the following
-.\" acknowledgment:
-.\" "This product includes software developed by the Apache Group
-.\" for use in the Apache HTTP server project (http://www.apache.org/)."
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\" ====================================================================
-.\"
-.\" This software consists of voluntary contributions made by many
-.\" individuals on behalf of the Apache Group and was originally based
-.\" on public domain software written at the National Center for
-.\" Supercomputing Applications, University of Illinois, Urbana-Champaign.
-.\" For more information on the Apache Group and the Apache HTTP server
-.\" project, please see <http://www.apache.org/>.
-.SH NAME
-htpasswd \- Create and update user authentication files
-.SH SYNOPSIS
-.B htpasswd
-[
-.B \-c
-]
-.I passwdfile
-.I username
-.SH DESCRIPTION
-.B htpasswd
-is used to create and update the flat-files used to store
-usernames and password for basic authentication of HTTP users.
-Resources available from the
-.B httpd
-Apache web server can be restricted to just the users listed
-in the files created by htpasswd. This program can only be used
-when the usernames are stored in a flat-file. To use a
-DBM database see
-\fBdbmmanage\fP and \fBdbmmanage.new\fP.
-.PP
-This manual page only lists the command line arguments. For details of
-the directives necessary to configure user authentication in httpd see
-the Apache manual, which is part of the Apache distribution or can be
-found at http://www.apache.org/.
-.SH OPTIONS
-.IP \-c
-Create the \fIpasswdfile\fP. If \fIpasswdfile\fP already exists, it
-is deleted first.
-.IP \fB\fIpasswdfile\fP
-Name of the file to contain the user name and password. If \-c
-is given, this file is created if it does not already exist,
-or deleted and recreated if it does exist.
-.IP \fB\fIusername\fP
-The username to create or update in \fBpasswdfile\fP. If
-\fIusername\fP does not exist is this file, an entry is added. If it
-does exist, the password is changed.
-.SH SEE ALSO
-httpd(8)
diff --git a/usr.sbin/httpd/support/htpasswd.c b/usr.sbin/httpd/support/htpasswd.c
deleted file mode 100644
index 17efe5b004a..00000000000
--- a/usr.sbin/httpd/support/htpasswd.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * htpasswd.c: simple program for manipulating password file for NCSA httpd
- *
- * Rob McCool
- */
-
-#include <sys/types.h>
-#include <stdio.h>
-#include <string.h>
-#ifdef MPE
-#include <signal.h>
-#else
-#include <sys/signal.h>
-#endif
-#include <stdlib.h>
-#include <time.h>
-#include <unistd.h>
-
-#define LF 10
-#define CR 13
-
-#define MAX_STRING_LEN 256
-
-char *tn;
-
-char *strd(char *s) {
- char *d;
-
- d=(char *)malloc(strlen(s) + 1);
- strcpy(d,s);
- return(d);
-}
-
-void getword(char *word, char *line, char stop) {
- int x = 0,y;
-
- for(x=0;((line[x]) && (line[x] != stop));x++)
- word[x] = line[x];
-
- word[x] = '\0';
- if(line[x]) ++x;
- y=0;
-
- while((line[y++] = line[x++]));
-}
-
-int getline(char *s, int n, FILE *f) {
- register int i=0;
-
- while(1) {
- s[i] = (char)fgetc(f);
-
- if(s[i] == CR)
- s[i] = fgetc(f);
-
- if((s[i] == 0x4) || (s[i] == LF) || (i == (n-1))) {
- s[i] = '\0';
- return (feof(f) ? 1 : 0);
- }
- ++i;
- }
-}
-
-void putline(FILE *f,char *l) {
- int x;
-
- for(x=0;l[x];x++) fputc(l[x],f);
- fputc('\n',f);
-}
-
-
-/* From local_passwd.c (C) Regents of Univ. of California blah blah */
-static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
- "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
-void to64(register char *s, register long v, register int n) {
- while (--n >= 0) {
- *s++ = itoa64[v&0x3f];
- v >>= 6;
- }
-}
-
-#ifdef MPE
-/* MPE lacks getpass() and a way to suppress stdin echo. So for now, just
-issue the prompt and read the results with echo. (Ugh). */
-
-char *getpass(const char *prompt) {
-
-static char password[81];
-
-fputs(prompt,stderr);
-gets((char *)&password);
-
-if (strlen((char *)&password) > 8) {
- password[8]='\0';
-}
-
-return (char *)&password;
-}
-#endif
-
-void add_password(char *user, FILE *f) {
- char *pw, *cpw, salt[3];
-
- pw = strd((char *) getpass("New password:"));
- if(strcmp(pw,(char *) getpass("Re-type new password:"))) {
- fprintf(stderr,"They don't match, sorry.\n");
- if(tn)
- unlink(tn);
- exit(1);
- }
- (void)srand((int)time((time_t *)NULL));
- to64(&salt[0],rand(),2);
- cpw = crypt(pw,salt);
- free(pw);
- fprintf(f,"%s:%s\n",user,cpw);
-}
-
-void usage() {
- fprintf(stderr,"Usage: htpasswd [-c] passwordfile username\n");
- fprintf(stderr,"The -c flag creates a new file.\n");
- exit(1);
-}
-
-void interrupted() {
- fprintf(stderr,"Interrupted.\n");
- if(tn) unlink(tn);
- exit(1);
-}
-
-void main(int argc, char *argv[]) {
- FILE *tfp,*f;
- char user[MAX_STRING_LEN];
- char line[MAX_STRING_LEN];
- char l[MAX_STRING_LEN];
- char w[MAX_STRING_LEN];
- char command[MAX_STRING_LEN];
- int found;
-
- tn = NULL;
- signal(SIGINT,(void (*)())interrupted);
- if(argc == 4) {
- if(strcmp(argv[1],"-c"))
- usage();
- if(!(tfp = fopen(argv[2],"w"))) {
- fprintf(stderr,"Could not open passwd file %s for writing.\n",
- argv[2]);
- perror("fopen");
- exit(1);
- }
- printf("Adding password for %s.\n",argv[3]);
- add_password(argv[3],tfp);
- fclose(tfp);
- exit(0);
- } else if(argc != 3) usage();
-
- tn = tmpnam(NULL);
- if(!(tfp = fopen(tn,"w"))) {
- fprintf(stderr,"Could not open temp file.\n");
- exit(1);
- }
-
- if(!(f = fopen(argv[1],"r"))) {
- fprintf(stderr,
- "Could not open passwd file %s for reading.\n",argv[1]);
- fprintf(stderr,"Use -c option to create new one.\n");
- exit(1);
- }
- strcpy(user,argv[2]);
-
- found = 0;
- while(!(getline(line,MAX_STRING_LEN,f))) {
- if(found || (line[0] == '#') || (!line[0])) {
- putline(tfp,line);
- continue;
- }
- strcpy(l,line);
- getword(w,l,':');
- if(strcmp(user,w)) {
- putline(tfp,line);
- continue;
- }
- else {
- printf("Changing password for user %s\n",user);
- add_password(user,tfp);
- found = 1;
- }
- }
- if(!found) {
- printf("Adding user %s\n",user);
- add_password(user,tfp);
- }
- fclose(f);
- fclose(tfp);
- sprintf(command,"cp %s %s",tn,argv[1]);
- system(command);
- unlink(tn);
-}
diff --git a/usr.sbin/httpd/support/httpd.8 b/usr.sbin/httpd/support/httpd.8
deleted file mode 100644
index d456e38b101..00000000000
--- a/usr.sbin/httpd/support/httpd.8
+++ /dev/null
@@ -1,125 +0,0 @@
-.TH httpd 8 "February 1997"
-.\" Copyright (c) 1995-1997 David Robinson. All rights reserved.
-.\" Copyright (c) 1997 The Apache Group. All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in
-.\" the documentation and/or other materials provided with the
-.\" distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\" software must display the following acknowledgment:
-.\" "This product includes software developed by the Apache Group
-.\" for use in the Apache HTTP server project (http://www.apache.org/)."
-.\"
-.\" 4. The names "Apache Server" and "Apache Group" must not be used to
-.\" endorse or promote products derived from this software without
-.\" prior written permission.
-.\"
-.\" 5. Redistributions of any form whatsoever must retain the following
-.\" acknowledgment:
-.\" "This product includes software developed by the Apache Group
-.\" for use in the Apache HTTP server project (http://www.apache.org/)."
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\" ====================================================================
-.\"
-.\" This software consists of voluntary contributions made by many
-.\" individuals on behalf of the Apache Group and was originally based
-.\" on public domain software written at the National Center for
-.\" Supercomputing Applications, University of Illinois, Urbana-Champaign.
-.\" For more information on the Apache Group and the Apache HTTP server
-.\" project, please see <http://www.apache.org/>.
-.SH NAME
-httpd \- Apache hypertext transfer protocol server
-.SH SYNOPSIS
-.B httpd
-[
-.B \-hlvX?
-] [
-.BI \-d " serverroot"
-] [
-.BI \-f " config"
-]
-.SH DESCRIPTION
-.B httpd
-is the Apache HyperText Transfer Protocol (HTTP) server program. It is
-designed to be run as a standalone daemon process. When used like this
-is will create a pool of child processes to handle requests. To stop
-it, send a TERM signal to the initial (parent) process. The PID of
-this process is written to a file as given in the configuration file.
-Alternatively
-.B httpd
-may be invoked by the Internet daemon inetd(8) each
-time a connection to the HTTP service is made.
-.PP
-This manual page only lists the command line arguments. For details
-of the directives necessary to configure httpd see the Apache manual,
-which is part of the Apache distribution or can be found at
-http://www.apache.org/. Paths in this manual may not reflect those
-compiled into httpd.
-.SH OPTIONS
-.TP 12
-.BI \-d " serverroot"
-Set the initial value for the ServerRoot directive to \fIserverroot\fP. This
-can be overridden by the ServerRoot command in the configuration file. The
-default is \fB/usr/local/etc/httpd\fP.
-.TP
-.BI \-f " config"
-Execute the commands in the file \fIconfig\fP on startup. If \fIconfig\fP
-does not begin with a /, then it is taken to be a path relative to
-the ServerRoot. The default is \fBconf/httpd.conf\fP.
-.TP
-.B \-h
-Output a list of directives together with expected arguments and
-places where the directive is valid.
-.TP
-.B \-l
-Output a list of modules compiled into the server.
-.TP
-.B \-X
-Run in single-process mode, for internal debugging purposes only; the daemon
-does not detach from the terminal or fork any children. Do NOT use this mode
-to provide ordinary web service.
-.TP
-.B \-v
-Print the version of httpd, and then exit.
-.TP
-.B \-?
-Print a list of the httpd options, and then exit.
-.SH FILES
-.PD 0
-.B /usr/local/etc/httpd/conf/httpd.conf
-.br
-.B /usr/local/etc/httpd/conf/srm.conf
-.br
-.B /usr/local/etc/httpd/conf/access.conf
-.br
-.B /usr/local/etc/httpd/conf/mime.types
-.br
-.B /usr/local/etc/httpd/logs/error_log
-.br
-.B /usr/local/etc/httpd/logs/access_log
-.br
-.B /usr/local/etc/httpd/logs/httpd.pid
-.PD
-.SH SEE ALSO
-.BR inetd (8).
diff --git a/usr.sbin/httpd/support/httpd_monitor.c b/usr.sbin/httpd/support/httpd_monitor.c
deleted file mode 100644
index f580a464824..00000000000
--- a/usr.sbin/httpd/support/httpd_monitor.c
+++ /dev/null
@@ -1,307 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1995-1997 The Apache Group. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * 4. The names "Apache Server" and "Apache Group" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission.
- *
- * 5. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
- * IT'S CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Group and was originally based
- * on public domain software written at the National Center for
- * Supercomputing Applications, University of Illinois, Urbana-Champaign.
- * For more information on the Apache Group and the Apache HTTP server
- * project, please see <http://www.apache.org/>.
-
-
- * simple script to monitor the child Apache processes
- * Usage:
- * httpd_monitor [ -d serverdir | -f conffile ] [ -s sleep_time ]
- * -d/-f options specify server dir or config files, as per
- * httpd.
- * -s specifies how long to pause between screen updates
- * If you choose 0, it might chew up lots of CPU time.
- *
- * Output explanation..
- *
- * s = sleeping but "ready to go" child (this is '_' in mod_status)
- * R = active child - writing to client
- * W = active child - reading from client
- * K = active child - waiting for additional request on kept-alive connection
- * D = active child - doing DNS lookup
- * L = active child - logging
- * _ = dead child (no longer needed) (this is '.' in mod_status)
- * t = just starting (this is 'S' in mod_status)
- *
- *
- * Jim Jagielski <jim@jaguNET.com>
- * v1.0 Notes:
- * This code is much more ugly and complicated than it
- * needs to be.
- *
- * v1.1:
- * Minor fixes
- *
- * v1.2:
- * Handles Apache 1.1.* scoreboard format (W/K/D/L states) -- PCS 09Jul96
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include "../src/httpd.h"
-#include "../src/scoreboard.h"
-
-#define DEFAULT_SLEEPTIME 2
-#define ASIZE 1024
-#define MAX_PROC HARD_SERVER_LIMIT
-
-int
-main(argc, argv)
-int argc;
-char **argv;
-{
- short_score scoreboard_image;
- FILE *afile;
- char conf_name[ASIZE];
- char pid_name[ASIZE];
- char score_name[ASIZE];
- char tbuf[ASIZE];
- char *ptmp;
- static char kid_stat[] = { '_', 's', 'R', 't', 'W', 'K', 'L', 'D' };
- int achar;
- long thepid;
- int score_fd;
- int sleep_time = DEFAULT_SLEEPTIME;
- int last_len = 0;
- int kiddies;
- int running, dead, total, loop;
- short got_config = 0;
- struct stat statbuf;
- time_t last_time = 0;
- extern char *optarg;
- extern int optind, opterr;
- void lookfor();
-
- int usage();
-
- /*
- * Handle the options. Using getopt() is most probably overkill,
- * but let's think about the future!
- */
- strcpy(conf_name, HTTPD_ROOT);
- while((achar = getopt(argc,argv,"s:d:f:")) != -1) {
- switch(achar) {
- case 'd':
- strcpy(conf_name, optarg);
- break;
- case 'f':
- strcpy(conf_name, optarg);
- got_config = 1;
- break;
- case 's':
- sleep_time = atoi(optarg);
- break;
- case '?':
- usage(argv[0]);
- }
- }
-
- /*
- * Now build the name of the httpd.conf file
- */
- if (!got_config) {
- strcat(conf_name, "/");
- strcat(conf_name, SERVER_CONFIG_FILE);
- }
-
- /*
- * Make sure we have the right file... Barf if not
- */
- if (!(afile = fopen(conf_name, "r"))) {
- perror("httpd_monitor");
- fprintf(stderr, "Can't open config file: %s\n", conf_name);
- exit(1);
- }
- /*
- * now scan thru the ConfigFile to look for the items that
- * interest us
- */
- lookfor(pid_name, score_name, afile);
- fclose(afile);
-
- /*
- * now open the PidFile and then the ScoreBoardFile
- */
- if (!(afile = fopen(pid_name, "r"))) {
- perror("httpd_monitor");
- fprintf(stderr, "Can't open PIDfile: %s\n", pid_name);
- exit(1);
- }
- fscanf(afile, "%ld", &thepid);
- fclose(afile);
-
- /*
- * Enough taters, time for the MEAT!
- */
- for(;;sleep(sleep_time)) {
- if (stat(score_name, &statbuf)) {
- perror("httpd_monitor");
- fprintf(stderr, "Can't stat scoreboard file: %s\n", score_name);
- exit(1);
- }
- if (last_time == statbuf.st_mtime)
- continue; /* tricky ;) */
- last_time = statbuf.st_mtime; /* for next time */
- if ((score_fd = open(score_name, 0)) == -1 ) {
- perror("httpd_monitor");
- fprintf(stderr, "Can't open scoreboard file: %s\n", score_name);
- exit(1);
- }
- /*
- * all that for _this_
- */
- running = dead = total = 0;
- ptmp = tbuf;
- *ptmp = '\0';
- for(kiddies=0;kiddies<MAX_PROC; kiddies++) {
- read(score_fd, (char *)&scoreboard_image, sizeof(short_score));
- achar = kid_stat[(int)scoreboard_image.status];
- if (scoreboard_image.pid != 0 && scoreboard_image.pid != thepid) {
- total++;
- if (scoreboard_image.status != SERVER_DEAD &&
- scoreboard_image.status != SERVER_READY)
- running++;
- *ptmp = achar;
- *++ptmp = '\0';
- }
- }
- close(score_fd);
- sprintf(ptmp, " (%d/%d)", running, total);
- for(loop=1;loop<=last_len;loop++)
- putchar('\010');
- if (last_len > strlen(tbuf)) {
- for(loop=1;loop<=last_len;loop++)
- putchar(' ');
- for(loop=1;loop<=last_len;loop++)
- putchar('\010');
- }
- printf("%s", tbuf);
- fflush(stdout);
- last_len = strlen(tbuf);
- } /* for */
-}
-
-int
-usage(arg)
-char *arg;
-{
- printf("httpd_monitor: Usage\n");
- printf(" httpd_monitor [ -d config-dir] [ -s sleep-time ]\n");
- printf(" Defaults: config-dir = %s\n", HTTPD_ROOT);
- printf(" sleep-time = %d seconds\n", DEFAULT_SLEEPTIME);
- exit(0);
-}
-
-/*
- * This function uses some hard-wired knowledge about the
- * Apache httpd.conf file setup (basically names of the 3
- * parameters we are interested in)
- *
- * We basically scan thru the file and grab the 3 values we
- * need. This could be done better...
- */
-void
-lookfor(pidname, scorename, thefile)
-char *pidname, *scorename;
-FILE *thefile;
-{
- char line[ASIZE], param[ASIZE], value[ASIZE];
- char sroot[ASIZE], pidfile[ASIZE], scorefile[ASIZE];
-
- *sroot = *pidfile = *scorefile = '\0';
- while (!(feof(thefile))) {
- fgets(line, ASIZE-1, thefile);
- *value = '\0'; /* protect braindead sscanf() */
- sscanf(line, "%1023s %1023s", param, value);
- if (strcmp(param, "PidFile")==0 && *value)
- strcpy(pidfile, value);
- if (strcmp(param, "ScoreBoardFile")==0 && *value)
- strcpy(scorefile, value);
- if (strcmp(param, "ServerRoot")==0 && *value)
- strcpy(sroot, value);
- }
-
- /*
- * We've reached EOF... we should have encountered the
- * ServerRoot line... if not, we bail out
- */
- if (!*sroot) {
- fprintf(stderr, "Can't find ServerRoot!\n");
- exit(1);
- }
-
- /*
- * Not finding PidFile or ScoreBoardFile is OK, since
- * we have defaults for them
- */
- if (!*pidfile)
- strcpy(pidfile, DEFAULT_PIDLOG);
- if (!*scorefile)
- strcpy(scorefile, DEFAULT_SCOREBOARD);
-
- /*
- * Relative or absolute? Handle both
- */
- if (*pidfile == '/')
- strcpy(pidname, pidfile);
- else {
- strcpy(pidname, sroot);
- strcat(pidname, "/");
- strcat(pidname, pidfile);
- }
- if (*scorefile == '/')
- strcpy(scorename, scorefile);
- else {
- strcpy(scorename, sroot);
- strcat(scorename, "/");
- strcat(scorename, scorefile);
- }
-}
-
diff --git a/usr.sbin/httpd/support/log_server_status b/usr.sbin/httpd/support/log_server_status
deleted file mode 100644
index 4f972591cff..00000000000
--- a/usr.sbin/httpd/support/log_server_status
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/usr/local/bin/perl
-
-# ====================================================================
-# Copyright (c) 1995-1997 The Apache Group. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-# software must display the following acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# 4. The names "Apache Server" and "Apache Group" must not be used to
-# endorse or promote products derived from this software without
-# prior written permission.
-#
-# 5. Redistributions of any form whatsoever must retain the following
-# acknowledgment:
-# "This product includes software developed by the Apache Group
-# for use in the Apache HTTP server project (http://www.apache.org/)."
-#
-# THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-#
-# This software consists of voluntary contributions made by many
-# individuals on behalf of the Apache Group and was originally based
-# on public domain software written at the National Center for
-# Supercomputing Applications, University of Illinois, Urbana-Champaign.
-# For more information on the Apache Group and the Apache HTTP server
-# project, please see <http://www.apache.org/>.
-
-
-# Log Server Status
-# Mark J Cox, UK Web Ltd 1996, mark@ukweb.com
-#
-# This script is designed to be run at a frequent interval by something
-# like cron. It connects to the server and downloads the status
-# information. It reformats the information to a single line and logs
-# it to a file. Make sure the directory $wherelog is writable by the
-# user who runs this script.
-#
-require 'sys/socket.ph';
-
-$wherelog = "/var/log/graph/"; # Logs will be like "/var/log/graph/960312"
-$server = "localhost"; # Name of server, could be "www.foo.com"
-$port = "80"; # Port on server
-$request = "/status/?auto"; # Request to send
-
-sub tcp_connect
-{
- local($host,$port) =@_;
- $sockaddr='S n a4 x8';
- chop($hostname=`hostname`);
- $port=(getservbyname($port, 'tcp'))[2] unless $port =~ /^\d+$/;
- $me=pack($sockaddr,&AF_INET,0,(gethostbyname($hostname))[4]);
- $them=pack($sockaddr,&AF_INET,$port,(gethostbyname($host))[4]);
- socket(S,&PF_INET,&SOCK_STREAM,(getprotobyname('tcp'))[2]) ||
- die "socket: $!";
- bind(S,$me) || return "bind: $!";
- connect(S,$them) || return "connect: $!";
- select(S);
- $| = 1;
- select(stdout);
- return "";
-}
-
-### Main
-
-{
- $date=`date +%y%m%d:%H%M%S`;
- chop($date);
- ($day,$time)=split(/:/,$date);
- $res=&tcp_connect($server,$port);
- open(OUT,">>$wherelog$day");
- if ($res) {
- print OUT "$time:-1:-1:-1:-1:$res\n";
- exit 1;
- }
- print S "GET $request\n";
- while (<S>) {
- $requests=$1 if ( m|^BusyServers:\ (\S+)|);
- $idle=$1 if ( m|^IdleServers:\ (\S+)|);
- $number=$1 if ( m|sses:\ (\S+)|);
- $cpu=$1 if (m|^CPULoad:\ (\S+)|);
- }
- print OUT "$time:$requests:$idle:$number:$cpu\n";
-}
-
-
diff --git a/usr.sbin/httpd/support/logresolve.c b/usr.sbin/httpd/support/logresolve.c
deleted file mode 100644
index 86f979947a0..00000000000
--- a/usr.sbin/httpd/support/logresolve.c
+++ /dev/null
@@ -1,369 +0,0 @@
-/*** ***\
- logresolve 1.1
-
- Tom Rathborne - tomr@uunet.ca - http://www.uunet.ca/~tomr/
- UUNET Canada, April 16, 1995
-
- Rewritten by David Robinson. (drtr@ast.cam.ac.uk)
-
- Usage: logresolve [-s filename] [-c] < access_log > new_log
-
- Arguments:
- -s filename name of a file to record statistics
- -c check the DNS for a matching A record for the host.
-
- Notes:
-
- To generate meaningful statistics from an HTTPD log file, it's good
- to have the domain name of each machine that accessed your site, but
- doing this on the fly can slow HTTPD down.
-
- Compiling NCSA HTTPD with the -DMINIMAL_DNS flag turns IP#->hostname
- resolution off. Before running your stats program, just run your log
- file through this program (logresolve) and all of your IP numbers will
- be resolved into hostnames (where possible).
-
- logresolve takes an HTTPD access log (in the COMMON log file format,
- or any other format that has the IP number/domain name as the first
- field for that matter), and outputs the same file with all of the
- domain names looked up. Where no domain name can be found, the IP
- number is left in.
-
- To minimize impact on your nameserver, logresolve has its very own
- internal hash-table cache. This means that each IP number will only
- be looked up the first time it is found in the log file.
-
- The -c option causes logresolve to apply the same check as httpd
- compiled with -DMAXIMUM_DNS; after finding the hostname from the IP
- address, it looks up the IP addresses for the hostname and checks
- that one of these matches the original address.
-
-\*** ***/
-
-#include <sys/types.h>
-
-#include <ctype.h>
-#include <netdb.h>
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <sys/socket.h>
-
-#include <netinet/in.h>
-#ifndef MPE
-#include <arpa/inet.h>
-#endif
-
-static void cgethost(struct in_addr ipnum, char *string, int check);
-static int getline(char *s, int n);
-static void stats(FILE *output);
-
-
-/* maximum line length */
-#define MAXLINE 1024
-
-/* maximum length of a domain name */
-#ifndef MAXDNAME
-#define MAXDNAME 256
-#endif
-
-/* number of buckets in cache hash table */
-#define BUCKETS 256
-
-#ifdef MPE
-char *strdup (const char *str)
-{
- char *dup;
-
- if(!(dup = (char *)malloc (strlen (str) + 1)))
- return NULL;
- dup = strcpy (dup, str);
-
- return dup;
-}
-#endif
-
-/*
- * struct nsrec - record of nameservice for cache linked list
- *
- * ipnum - IP number hostname - hostname noname - nonzero if IP number has no
- * hostname, i.e. hostname=IP number
- */
-
-struct nsrec {
- struct in_addr ipnum;
- char *hostname;
- int noname;
- struct nsrec *next;
-} *nscache[BUCKETS];
-
-/*
- * statistics - obvious
- */
-
-/* largeste value for h_errno */
-#define MAX_ERR (NO_ADDRESS)
-#define UNKNOWN_ERR (MAX_ERR+1)
-#define NO_REVERSE (MAX_ERR+2)
-
-static int cachehits = 0;
-static int cachesize = 0;
-static int entries = 0;
-static int resolves = 0;
-static int withname = 0;
-static int errors[MAX_ERR+3];
-
-/*
- * cgethost - gets hostname by IP address, caching, and adding unresolvable
- * IP numbers with their IP number as hostname, setting noname flag
- */
-
-static void
-cgethost(ipnum, string, check)
-struct in_addr ipnum;
-char *string;
-int check;
-{
- struct nsrec **current, *new;
- struct hostent *hostdata;
- char *name;
- extern int h_errno; /* some machines don't have this in their headers */
-
- current = &nscache[((ipnum.s_addr + (ipnum.s_addr >> 8) +
- (ipnum.s_addr >> 16) + (ipnum.s_addr >> 24)) % BUCKETS)];
-
- while (*current != NULL && ipnum.s_addr != (*current)->ipnum.s_addr)
- current = & (*current)->next;
-
- if (*current == NULL)
- {
- cachesize++;
- new = (struct nsrec *) malloc(sizeof(struct nsrec));
- if (new == NULL)
- {
- perror("malloc");
- fprintf(stderr, "Insufficient memory\n");
- exit(1);
- }
- *current = new;
- new->next = NULL;
-
- new->ipnum = ipnum;
-
- hostdata = gethostbyaddr((const char *) &ipnum, sizeof(struct in_addr),
- AF_INET);
- if (hostdata == NULL)
- {
- if (h_errno > MAX_ERR) errors[UNKNOWN_ERR]++;
- else errors[h_errno]++;
- new->noname = h_errno;
- name = strdup(inet_ntoa(ipnum));
- } else
- {
- new->noname = 0;
- name = strdup(hostdata->h_name);
- if (check)
- {
- if (name == NULL)
- {
- perror("strdup");
- fprintf(stderr, "Insufficient memory\n");
- exit(1);
- }
- hostdata = gethostbyname(name);
- if (hostdata != NULL)
- {
- char **hptr;
-
- for (hptr=hostdata->h_addr_list; *hptr != NULL; hptr++)
- if(((struct in_addr *)(*hptr))->s_addr == ipnum.s_addr)
- break;
- if (*hptr == NULL) hostdata = NULL;
- }
- if (hostdata == NULL)
- {
- fprintf(stderr, "Bad host: %s != %s\n", name,
- inet_ntoa(ipnum));
- new->noname = NO_REVERSE;
- free(name);
- name = strdup(inet_ntoa(ipnum));
- errors[NO_REVERSE]++;
- }
- }
- }
- new->hostname = name;
- if (new->hostname == NULL)
- {
- perror("strdup");
- fprintf(stderr, "Insufficient memory\n");
- exit(1);
- }
- } else
- cachehits++;
-
- /* size of string == MAXDNAME +1 */
- strncpy(string, (*current)->hostname, MAXDNAME);
- string[MAXDNAME] = '\0';
-}
-
-/*
- * prints various statistics to output
- */
-
-static void
-stats(output)
-FILE *output;
-{
- int i;
- char *ipstring;
- struct nsrec *current;
- char *errstring[MAX_ERR+3];
-
- for (i=0; i < MAX_ERR+3; i++) errstring[i] = "Unknown error";
- errstring[HOST_NOT_FOUND] = "Host not found";
- errstring[TRY_AGAIN] = "Try again";
- errstring[NO_RECOVERY] = "Non recoverable error";
- errstring[NO_DATA] = "No data record";
- errstring[NO_ADDRESS] = "No address";
- errstring[NO_REVERSE] = "No reverse entry";
-
- fprintf(output, "logresolve Statistics:\n");
-
- fprintf(output, "Entries: %d\n", entries);
- fprintf(output, " With name : %d\n", withname);
- fprintf(output, " Resolves : %d\n", resolves);
- if (errors[HOST_NOT_FOUND])
- fprintf(output, " - Not found : %d\n", errors[HOST_NOT_FOUND]);
- if (errors[TRY_AGAIN])
- fprintf(output, " - Try again : %d\n", errors[TRY_AGAIN]);
- if (errors[NO_DATA])
- fprintf(output, " - No data : %d\n", errors[NO_DATA]);
- if (errors[NO_ADDRESS])
- fprintf(output, " - No address: %d\n", errors[NO_ADDRESS]);
- if (errors[NO_REVERSE])
- fprintf(output, " - No reverse: %d\n", errors[NO_REVERSE]);
- fprintf(output, "Cache hits : %d\n", cachehits);
- fprintf(output, "Cache size : %d\n", cachesize);
- fprintf(output, "Cache buckets : IP number * hostname\n");
-
- for (i = 0; i < BUCKETS; i++)
- for (current = nscache[i]; current != NULL; current = current->next)
- {
- ipstring = inet_ntoa(current->ipnum);
- if (current->noname == 0)
- fprintf(output, " %3d %15s - %s\n", i, ipstring,
- current->hostname);
- else
- {
- if (current->noname > MAX_ERR+2)
- fprintf(output, " %3d %15s : Unknown error\n", i,
- ipstring);
- else
- fprintf(output, " %3d %15s : %s\n", i, ipstring,
- errstring[current->noname]);
- }
- }
-}
-
-
-/*
- * gets a line from stdin
- */
-
-static int
-getline(s, n)
-char *s;
-int n;
-{
- char *cp;
-
- if (!fgets(s, n, stdin))
- return (0);
- cp = strchr(s, '\n');
- if (cp)
- *cp = '\0';
- return (1);
-}
-
-int
-main(argc, argv)
-int argc;
-char *argv[];
-{
- struct in_addr ipnum;
- char *bar, hoststring[MAXDNAME+1], line[MAXLINE], *statfile;
- int i, check;
-
- check = 0;
- statfile = NULL;
- for (i=1; i < argc; i++)
- {
- if (strcmp(argv[i], "-c") == 0) check = 1;
- else if (strcmp(argv[i], "-s") == 0)
- {
- if (i == argc-1)
- {
- fprintf(stderr, "logresolve: missing filename to -s\n");
- exit(1);
- }
- i++;
- statfile = argv[i];
- }
- else
- {
- fprintf(stderr, "Usage: logresolve [-s statfile] [-c] < input > output");
- exit(0);
- }
- }
-
-
- for (i = 0; i < BUCKETS; i++) nscache[i] = NULL;
- for (i=0; i < MAX_ERR+2; i++) errors[i] = 0;
-
- while (getline(line, MAXLINE))
- {
- if (line[0] == '\0') continue;
- entries++;
- if (!isdigit(line[0]))
- { /* short cut */
- puts(line);
- withname++;
- continue;
- }
- bar = strchr(line, ' ');
- if (bar != NULL) *bar = '\0';
- ipnum.s_addr = inet_addr(line);
- if (ipnum.s_addr == 0xffffffffu)
- {
- if (bar != NULL) *bar = ' ';
- puts(line);
- withname++;
- continue;
- }
-
- resolves++;
-
- cgethost(ipnum, hoststring, check);
- if (bar != NULL)
- printf("%s %s\n", hoststring, bar+1);
- else
- puts(hoststring);
- }
-
- if (statfile != NULL)
- {
- FILE *fp;
- fp = fopen(statfile, "w");
- if (fp == NULL)
- {
- fprintf(stderr, "logresolve: could not open statistics file '%s'\n"
- , statfile);
- exit(1);
- }
- stats(fp);
- fclose(fp);
- }
-
- return (0);
-}
diff --git a/usr.sbin/httpd/support/phf_abuse_log.cgi b/usr.sbin/httpd/support/phf_abuse_log.cgi
deleted file mode 100644
index 9ce2749c571..00000000000
--- a/usr.sbin/httpd/support/phf_abuse_log.cgi
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/local/bin/perl
-
-# This script can be used to detect people trying to abuse the security hole which
-# existed in A CGI script direstributed with Apache 1.0.3 and earlier versions.
-# You can redirect them to here using the "<Location /cgi-bin/phf*>" suggestion in
-# httpd.conf.
-#
-# The format logged to is "[date] remote_addr remote_host [date] referrer user_agent".
-
-$LOG = "/var/log/phf_log";
-
-require "ctime.pl";
-$when = &ctime(time);
-$when =~ s/\n//go;
-$ENV{HTTP_USER_AGENT} .= " via $ENV{HTTP_VIA}" if($ENV{HTTP_VIA});
-
-open(LOG, ">>$LOG") || die "boo hoo, phf_log $!";
-print LOG "[$when] $ENV{REMOTE_ADDR} $ENV{REMOTE_HOST} $ENV{$HTTP_REFERER} $ENV{HTTP_USER_AGENT}\n";
-close(LOG);
-
-print "Content-type: text/html\r\n\r\n<BLINK>Smile, you're on Candid Camera.</BLINK>\n";
diff --git a/usr.sbin/httpd/support/rotatelogs.c b/usr.sbin/httpd/support/rotatelogs.c
deleted file mode 100644
index 08066923854..00000000000
--- a/usr.sbin/httpd/support/rotatelogs.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
-
-Simple program to rotate Apache logs without having to kill the server.
-
-Contributed by Ben Laurie <ben@algroup.co.uk>
-
-12 Mar 1996
-
-*/
-
-#define BUFSIZE 65536
-#define MAX_PATH 1024
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <unistd.h>
-
-void main(int argc,char **argv)
- {
- char buf[BUFSIZE],buf2[MAX_PATH];
- time_t tLogEnd;
- time_t tRotation;
- int nLogFD=-1;
- int nRead;
- char *szLogRoot;
-
- if(argc != 3)
- {
- fprintf(stderr,"%s <logfile> <rotation time in seconds>\n\n",argv[0]);
-#ifdef __EMX__
- fprintf(stderr,"Add this:\n\nTransferLog \"|%s.exe /some/where 86400\"\n\n",argv[0]);
-#else
- fprintf(stderr,"Add this:\n\nTransferLog \"|%s /some/where 86400\"\n\n",argv[0]);
-#endif
- fprintf(stderr,"to httpd.conf. The generated name will be /some/where.nnnn where nnnn is the\n");
- fprintf(stderr,"system time at which the log nominally starts (N.B. this time will always be a\n");
- fprintf(stderr,"multiple of the rotation time, so you can synchronize cron scripts with it).\n");
- fprintf(stderr,"At the end of each rotation time a new log is started.\n");
- exit(1);
- }
-
- szLogRoot=argv[1];
- tRotation=atoi(argv[2]);
- if(tRotation <= 0)
- {
- fprintf(stderr,"Rotation time must be > 0\n");
- exit(6);
- }
-
- for( ; ; )
- {
- nRead=read(0,buf,sizeof buf);
- if(nRead == 0)
- exit(3);
- if(nRead < 0)
- if(errno != EINTR)
- exit(4);
- if(nLogFD >= 0 && (time(NULL) >= tLogEnd || nRead < 0))
- {
- close(nLogFD);
- nLogFD=-1;
- }
- if(nLogFD < 0)
- {
- time_t tLogStart=(time(NULL)/tRotation)*tRotation;
- sprintf(buf2,"%s.%010d",szLogRoot,(int)tLogStart);
- tLogEnd=tLogStart+tRotation;
- nLogFD=open(buf2,O_WRONLY|O_CREAT|O_APPEND,0666);
- if(nLogFD < 0)
- {
- perror(buf2);
- exit(2);
- }
- }
- if(write(nLogFD,buf,nRead) != nRead)
- {
- perror(buf2);
- exit(5);
- }
- }
- }
diff --git a/usr.sbin/httpd/support/suexec.c b/usr.sbin/httpd/support/suexec.c
deleted file mode 100644
index 3e04a095b88..00000000000
--- a/usr.sbin/httpd/support/suexec.c
+++ /dev/null
@@ -1,491 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1995-1997 The Apache Group. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * 4. The names "Apache Server" and "Apache Group" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission.
- *
- * 5. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Group and was originally based
- * on public domain software written at the National Center for
- * Supercomputing Applications, University of Illinois, Urbana-Champaign.
- * For more information on the Apache Group and the Apache HTTP server
- * project, please see <http://www.apache.org/>.
- *
- */
-
-/*
- * suexec.c -- "Wrapper" support program for suEXEC behaviour for Apache
- *
- ***********************************************************************
- *
- * NOTE! : DO NOT edit this code!!! Unless you know what you are doing,
- * editing this code might open up your system in unexpected
- * ways to would-be crackers. Every precaution has been taken
- * to make this code as safe as possible; alter it at your own
- * risk.
- *
- ***********************************************************************
- *
- *
- */
-
-
-#include "suexec.h"
-
-#include <sys/param.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <sys/types.h>
-#include <stdio.h>
-#include <stdarg.h>
-#include <string.h>
-#include <pwd.h>
-#include <grp.h>
-#include <time.h>
-#include <sys/stat.h>
-
-#if defined(PATH_MAX)
-#define AP_MAXPATH PATH_MAX
-#elif defined(MAXPATHLEN)
-#define AP_MAXPATH MAXPATHLEN
-#else
-#define AP_MAXPATH 8192
-#endif
-
-#define AP_ENVBUF 256
-
-extern char **environ;
-static FILE *log;
-
-char *safe_env_lst[] =
-{
- "AUTH_TYPE",
- "CONTENT_LENGTH",
- "CONTENT_TYPE",
- "DATE_GMT",
- "DATE_LOCAL",
- "DOCUMENT_NAME",
- "DOCUMENT_PATH_INFO",
- "DOCUMENT_ROOT",
- "DOCUMENT_URI",
- "FILEPATH_INFO",
- "GATEWAY_INTERFACE",
- "LAST_MODIFIED",
- "PATH_INFO",
- "PATH_TRANSLATED",
- "QUERY_STRING",
- "QUERY_STRING_UNESCAPED",
- "REMOTE_ADDR",
- "REMOTE_HOST",
- "REMOTE_IDENT",
- "REMOTE_PORT",
- "REMOTE_USER",
- "REDIRECT_QUERY_STRING",
- "REDIRECT_STATUS",
- "REDIRECT_URL",
- "REQUEST_METHOD",
- "SCRIPT_FILENAME",
- "SCRIPT_NAME",
- "SCRIPT_URI",
- "SCRIPT_URL",
- "SERVER_ADMIN",
- "SERVER_NAME",
- "SERVER_PORT",
- "SERVER_PROTOCOL",
- "SERVER_SOFTWARE",
- "USER_NAME",
- "TZ",
- NULL
-};
-
-
-static void err_output(const char *fmt, va_list ap)
-{
-#ifdef LOG_EXEC
- time_t timevar;
- struct tm *lt;
-
- if (!log)
- if ((log = fopen(LOG_EXEC, "a")) == NULL) {
- fprintf(stderr, "failed to open log file\n");
- perror("fopen");
- exit(1);
- }
-
- time(&timevar);
- lt = localtime(&timevar);
-
- fprintf(log, "[%.2d:%.2d:%.2d %.2d-%.2d-%.2d]: ", lt->tm_hour, lt->tm_min,
- lt->tm_sec, lt->tm_mday, (lt->tm_mon + 1), lt->tm_year);
-
- vfprintf(log, fmt, ap);
-
- fflush(log);
-#endif /* LOG_EXEC */
- return;
-}
-
-void log_err(const char *fmt, ...)
-{
-#ifdef LOG_EXEC
- va_list ap;
-
- va_start(ap, fmt);
- err_output(fmt, ap);
- va_end(ap);
-#endif /* LOG_EXEC */
- return;
-}
-
-void clean_env()
-{
- char pathbuf[512];
- char **cleanenv;
- char **ep;
- int cidx = 0;
- int idx;
-
-
- if ((cleanenv = (char **)calloc(AP_ENVBUF, sizeof(char *))) == NULL) {
- log_err("failed to malloc env mem\n");
- exit(120);
- }
-
- for (ep = environ; *ep && cidx < AP_ENVBUF; ep++) {
- if (!strncmp(*ep, "HTTP_", 5)) {
- cleanenv[cidx] = *ep;
- cidx++;
- }
- else {
- for (idx = 0; safe_env_lst[idx]; idx++) {
- if (!strncmp(*ep, safe_env_lst[idx], strlen(safe_env_lst[idx]))) {
- cleanenv[cidx] = *ep;
- cidx++;
- break;
- }
- }
- }
- }
-
- sprintf(pathbuf, "PATH=%s", SAFE_PATH);
- cleanenv[cidx] = strdup(pathbuf);
- cleanenv[++cidx] = NULL;
-
- environ = cleanenv;
-}
-
-int main(int argc, char *argv[])
-{
- int userdir = 0; /* ~userdir flag */
- uid_t uid; /* user information */
- gid_t gid; /* target group placeholder */
- char *target_uname; /* target user name */
- char *target_gname; /* target group name */
- char *target_homedir; /* target home directory */
- char *actual_uname; /* actual user name */
- char *actual_gname; /* actual group name */
- char *prog; /* name of this program */
- char *cmd; /* command to be executed */
- char cwd[AP_MAXPATH]; /* current working directory */
- char dwd[AP_MAXPATH]; /* docroot working directory */
- struct passwd *pw; /* password entry holder */
- struct group *gr; /* group entry holder */
- struct stat dir_info; /* directory info holder */
- struct stat prg_info; /* program info holder */
-
-
-
- /*
- * If there are a proper number of arguments, set
- * all of them to variables. Otherwise, error out.
- */
- prog = argv[0];
- if (argc < 4) {
- log_err("too few arguments\n");
- exit(101);
- }
- target_uname = argv[1];
- target_gname = argv[2];
- cmd = argv[3];
-
- /*
- * Check existence/validity of the UID of the user
- * running this program. Error out if invalid.
- */
- uid = getuid();
- if ((pw = getpwuid(uid)) == NULL) {
- log_err("invalid uid: (%ld)\n", uid);
- exit(102);
- }
-
- /*
- * Check to see if the user running this program
- * is the user allowed to do so as defined in
- * suexec.h. If not the allowed user, error out.
- */
- if (strcmp(HTTPD_USER, pw->pw_name)) {
- log_err("user mismatch (%s)\n", pw->pw_name);
- exit(103);
- }
-
- /*
- * Check for a leading '/' (absolute path) in the command to be executed,
- * or attempts to back up out of the current directory,
- * to protect against attacks. If any are
- * found, error out. Naughty naughty crackers.
- */
- if (
- (cmd[0] == '/') ||
- (! strncmp (cmd, "../", 3)) ||
- (strstr (cmd, "/../") != NULL)
- ) {
- log_err("invalid command (%s)\n", cmd);
- exit(104);
- }
-
- /*
- * Check to see if this is a ~userdir request. If
- * so, set the flag, and remove the '~' from the
- * target username.
- */
- if (!strncmp("~", target_uname, 1)) {
- target_uname++;
- userdir = 1;
- }
-
- /*
- * Error out if the target username is invalid.
- */
- if ((pw = getpwnam(target_uname)) == NULL) {
- log_err("invalid target user name: (%s)\n", target_uname);
- exit(105);
- }
-
- /*
- * Error out if the target group name is invalid.
- */
- if (strspn(target_gname, "1234567890") != strlen(target_gname)) {
- if ((gr = getgrnam(target_gname)) == NULL) {
- log_err("invalid target group name: (%s)\n", target_gname);
- exit(106);
- }
- gid = gr->gr_gid;
- actual_gname = strdup(gr->gr_name);
- }
- else {
- gid = atoi(target_gname);
- actual_gname = strdup(target_gname);
- }
-
- /*
- * Save these for later since initgroups will hose the struct
- */
- uid = pw->pw_uid;
- actual_uname = strdup(pw->pw_name);
- target_homedir = strdup(pw->pw_dir);
-
- /*
- * Log the transaction here to be sure we have an open log
- * before we setuid().
- */
- log_err("uid: (%s/%s) gid: (%s/%s) %s\n",
- target_uname, actual_uname,
- target_gname, actual_gname,
- cmd);
-
- /*
- * Error out if attempt is made to execute as root or as
- * a UID less than UID_MIN. Tsk tsk.
- */
- if ((uid == 0) ||
- (uid < UID_MIN)) {
- log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
- exit(107);
- }
-
- /*
- * Error out if attempt is made to execute as root group
- * or as a GID less than GID_MIN. Tsk tsk.
- */
- if ((gid == 0) ||
- (gid < GID_MIN)) {
- log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd);
- exit(108);
- }
-
- /*
- * Change UID/GID here so that the following tests work over NFS.
- *
- * Initialize the group access list for the target user,
- * and setgid() to the target group. If unsuccessful, error out.
- */
- if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) {
- log_err("failed to setgid (%ld: %s)\n", gid, cmd);
- exit(109);
- }
-
- /*
- * setuid() to the target user. Error out on fail.
- */
- if ((setuid(uid)) != 0) {
- log_err("failed to setuid (%ld: %s)\n", uid, cmd);
- exit(110);
- }
-
- /*
- * Get the current working directory, as well as the proper
- * document root (dependant upon whether or not it is a
- * ~userdir request). Error out if we cannot get either one,
- * or if the current working directory is not in the docroot.
- * Use chdir()s and getcwd()s to avoid problems with symlinked
- * directories. Yuck.
- */
- if (getcwd(cwd, AP_MAXPATH) == NULL) {
- log_err("cannot get current working directory\n");
- exit(111);
- }
-
- if (userdir) {
- if (((chdir(target_homedir)) != 0) ||
- ((chdir(USERDIR_SUFFIX)) != 0) ||
- ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
- ((chdir(cwd)) != 0))
- {
- log_err("cannot get docroot information (%s)\n", target_homedir);
- exit(112);
- }
- }
- else {
- if (((chdir(DOC_ROOT)) != 0) ||
- ((getcwd(dwd, AP_MAXPATH)) == NULL) ||
- ((chdir(cwd)) != 0))
- {
- log_err("cannot get docroot information (%s)\n", DOC_ROOT);
- exit(113);
- }
- }
-
- if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
- log_err("command not in docroot (%s/%s)\n", cwd, cmd);
- exit(114);
- }
-
- /*
- * Stat the cwd and verify it is a directory, or error out.
- */
- if (((lstat(cwd, &dir_info)) != 0) || !(S_ISDIR(dir_info.st_mode))) {
- log_err("cannot stat directory: (%s)\n", cwd);
- exit(115);
- }
-
- /*
- * Error out if cwd is writable by others.
- */
- if ((dir_info.st_mode & S_IWOTH) || (dir_info.st_mode & S_IWGRP)) {
- log_err("directory is writable by others: (%s)\n", cwd);
- exit(116);
- }
-
- /*
- * Error out if we cannot stat the program.
- */
- if (((lstat(cmd, &prg_info)) != 0) || (S_ISLNK(prg_info.st_mode))) {
- log_err("cannot stat program: (%s)\n", cmd);
- exit(117);
- }
-
- /*
- * Error out if the program is writable by others.
- */
- if ((prg_info.st_mode & S_IWOTH) || (prg_info.st_mode & S_IWGRP)) {
- log_err("file is writable by others: (%s/%s)\n", cwd, cmd);
- exit(118);
- }
-
- /*
- * Error out if the file is setuid or setgid.
- */
- if ((prg_info.st_mode & S_ISUID) || (prg_info.st_mode & S_ISGID)) {
- log_err("file is either setuid or setgid: (%s/%s)\n",cwd,cmd);
- exit(119);
- }
-
- /*
- * Error out if the target name/group is different from
- * the name/group of the cwd or the program.
- */
- if ((uid != dir_info.st_uid) ||
- (gid != dir_info.st_gid) ||
- (uid != prg_info.st_uid) ||
- (gid != prg_info.st_gid))
- {
- log_err("target uid/gid (%ld/%ld) mismatch with directory (%ld/%ld) or program (%ld/%ld)\n",
- uid, gid,
- dir_info.st_uid, dir_info.st_gid,
- prg_info.st_uid, prg_info.st_gid);
- exit(120);
- }
-
- clean_env();
-
- /*
- * Be sure to close the log file so the CGI can't
- * mess with it. If the exec fails, it will be reopened
- * automatically when log_err is called.
- */
- fclose(log);
- log = NULL;
-
- /*
- * Execute the command, replacing our image with its own.
- */
- execv(cmd, &argv[3]);
-
- /*
- * (I can't help myself...sorry.)
- *
- * Uh oh. Still here. Where's the kaboom? There was supposed to be an
- * EARTH-shattering kaboom!
- *
- * Oh well, log the failure and error out.
- */
- log_err("exec failed (%s)\n", cmd);
- exit(255);
-}
diff --git a/usr.sbin/httpd/support/suexec.h b/usr.sbin/httpd/support/suexec.h
deleted file mode 100644
index 91cbc86950a..00000000000
--- a/usr.sbin/httpd/support/suexec.h
+++ /dev/null
@@ -1,137 +0,0 @@
-/* ====================================================================
- * Copyright (c) 1995-1997 The Apache Group. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * 4. The names "Apache Server" and "Apache Group" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission.
- *
- * 5. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the Apache Group
- * for use in the Apache HTTP server project (http://www.apache.org/)."
- *
- * THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Group and was originally based
- * on public domain software written at the National Center for
- * Supercomputing Applications, University of Illinois, Urbana-Champaign.
- * For more information on the Apache Group and the Apache HTTP server
- * project, please see <http://www.apache.org/>.
- *
- */
-
-/*
- * suexec.h -- user-definable variables for the suexec wrapper code.
- */
-
-
-#ifndef _SUEXEC_H
-#define _SUEXEC_H
-
-/*
- * HTTPD_USER -- Define as the username under which Apache normally
- * runs. This is the only user allowed to execute
- * this program.
- */
-#ifndef HTTPD_USER
-#define HTTPD_USER "www"
-#endif
-
-/*
- * UID_MIN -- Define this as the lowest UID allowed to be a target user
- * for suEXEC. For most systems, 500 or 100 is common.
- */
-#ifndef UID_MIN
-#define UID_MIN 100
-#endif
-
-/*
- * GID_MIN -- Define this as the lowest GID allowed to be a target group
- * for suEXEC. For most systems, 100 is common.
- */
-#ifndef GID_MIN
-#define GID_MIN 100
-#endif
-
-/*
- * USERDIR_SUFFIX -- Define to be the subdirectory under users'
- * home directories where suEXEC access should
- * be allowed. All executables under this directory
- * will be executable by suEXEC as the user so
- * they should be "safe" programs. If you are
- * using a "simple" UserDir directive (ie. one
- * without a "*" in it) this should be set to
- * the same value. suEXEC will not work properly
- * in cases where the UserDir directive points to
- * a location that is not the same as the user's
- * home directory as referenced in the passwd file.
- *
- * If you have VirtualHosts with a different
- * UserDir for each, you will need to define them to
- * all reside in one parent directory; then name that
- * parent directory here. IF THIS IS NOT DEFINED
- * PROPERLY, ~USERDIR CGI REQUESTS WILL NOT WORK!
- * See the suEXEC documentation for more detailed
- * information.
- */
-#ifndef USERDIR_SUFFIX
-#define USERDIR_SUFFIX "public_html"
-#endif
-
-/*
- * LOG_EXEC -- Define this as a filename if you want all suEXEC
- * transactions and errors logged for auditing and
- * debugging purposes.
- */
-#ifndef LOG_EXEC
-#define LOG_EXEC "/usr/local/etc/httpd/logs/cgi.log" /* Need me? */
-#endif
-
-/*
- * DOC_ROOT -- Define as the DocumentRoot set for Apache. This
- * will be the only hierarchy (aside from UserDirs)
- * that can be used for suEXEC behavior.
- */
-#ifndef DOC_ROOT
-#define DOC_ROOT "/usr/local/etc/httpd/htdocs"
-#endif
-
-/*
- * SAFE_PATH -- Define a safe PATH environment to pass to CGI executables.
- *
- */
-#ifndef SAFE_PATH
-#define SAFE_PATH "/usr/local/bin:/usr/bin:/bin"
-#endif
-
-#endif /* _SUEXEC_H */