| Age | Commit message (Collapse) | Author |
|---|
|
Thanks Nick Owens
OK florian@
|
|
incoming socket, so userspace doesn't need to set it unless it has its
own reasons for tracking the size along with the sockaddr.
ok phessler@ deraadt@ florian@
|
|
break out of the loop, or a pointer to ':'. Thus the extra check for
':' is unnecessary and can be removed.
ok jung@
|
|
Unfortunately in that case the line was not freed. This lead to a
memleak on each request. Thus, save the return value prior to
returning, free the line and return the saved value.
ok jung@
|
|
its own struct. Requested by and OK reyk@
|
|
|
|
fastcgi stdout record. Keep processing stdout records until we found
the header / body separator and only then generate the header
response.
Problem reported by many.
OK jung@
|
|
According to the RFC it is empty when no query string was found.
From Tim Baumgard <openbsd@bmgrd.com>o
ok florian@
|
|
As done in iked and snmpd.
OK jung@
|
|
ok reyk@
|
|
|
|
of u_intN_t) and replace u_int with unsigned int. Mixing both
variants is a bad style and most contributors seem to prefer this
style; it also helps us to get used to it, portability, and
standardization.
Theoretically no binary change, except one in practice: httpd.o has a
different checksum because gcc with -O2 pads/optimizes "struct
privsep" differently when using "unsigned int" instead "u_int" for the
affected members. "u_int" is just a typedef of "unsigned int", -O0
doesn't build the difference and clang with -O2 doesn't do it either -
it is just another curiosity from gcc-land.
OK semarie@
|
|
previously disabled it because we were reading to fast (from disk).
Problem noted and tracked down to that commit by weerd@ and
independently by stsp@.
Tested by weerd@, stsp@, reyk@
OK bluhm@, reyk@
|
|
Strict-Transport-Security headers. Add __format__ attribute to
kv_set() and kv_setkey() to make it easier to spot such problems.
Found by and fix from Donovan Watteau <tsoomi -AT- gmail -DOT- com>,
thanks for your help.
ok deraadt@
|
|
we need more care to find a proper fix for the fastcgi headers.
acknowledged by deraadt@
|
|
parse it. Otherwise http headers can leak into the body.
Pointed out by Jean-Philippe Ouellet on bugs@ Thanks!
OK reyk, commit ASAP deraadt@
|
|
OK reyk
|
|
ok florian@
|
|
ok florian@
|
|
ok florian@
|
|
be empty (""). It was not set at all when there is nothing to set
which caused problems with some FastCGI applications (like
Flask/Python through uWSGI).
From hrkfdn via github
|
|
ok claudio deraadt florian
|
|
7230 and RFC 3875.
sthen@ suggested to add a comment to explain where the list of
characters is coming from.
Found the hard way and initial diff from Tim van der Molen (tbvdm at
xs4all), thanks! Some more allowed characters added by me.
OK sthen@
|
|
OK florian@
|
|
Pointed out by florian@
|
|
needed by its ancestor. jsg@, include-what-you-use, and some manual
review helped to cleanup the headers (take iwyu with a grain of salt).
Based on common practice, httpd.h now also includes the necessary
headers for itself.
OK florian@
|
|
OK reyk@
|
|
OK florian@
|
|
Currently the htpasswd file needs to be in the chroot; will hopefully
improved soonish.
Based on a diff from Oscar Linderholm many months ago but turned into
a complete rewrite.
input/OK reyk@
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
after the response.
Found by Erik Lax
ok florian@
|
|
strip number
Strip number path components from the beginning of the
request URI before looking up the stripped-down URI at
the document root.
reviewed with much patience and OK by reyk@
|
|
*Do* pull it in when in_{port,addr}_h is needed and <netinet/in.h> isn't.
ok reyk@
|
|
reflect reality.
OK benno@
|
|
from Max Fillinger
|
|
ok millert@
|
|
|
|
for persistent connections with FastCGI by implementing chunked
Transfer-Encoding. This only works with HTTP/1.1.
With input and help from florian@ who found some FastCGI edge cases.
OK florian@
|
|
OK florian@
|
|
parse and write the headers using the http response descriptor. This
allows to add other tweaks, like support for chunked encoding, later.
OK florian@
|
|
OK chrisz@
|
|
OK reyk@
|
|
PATH_INFO.
Therefore put a lower bound of strlen(root) on scriptlen.
This makes perfect sense for virtual FastCGI scripts which run chrooted
in another directory from httpd.
ok reyk@
|
|
need a temporary path variable. Based on an initial diff from
chrisz@.
"Commit any failsafe version and I'm ok with it" chrisz@
|
|
|
|
has been appended. This allows to use a fastcgi target as the default
index, for example index.php.
OK florian@
|
|
Problem noticed by naddy@, OK reyk@
|
|
response from the fcgi daemon and use that code as HTTP response
code. If it doesn't work out fall back to code 200.
This might fix naddy@'s issue with redirects in cvsweb.
To be revisited after unlock.
Discussed with & grudgingly OK reyk@
|
|
OK florian@
|
|
didn't send anything back. This is an internal server error.
OK reyk@
|
