Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/libexec/httpd set -D_GNU_SOURCE in Makefile.boot. from hadr...



details:   https://anonhg.NetBSD.org/src/rev/346d6daf314c
branches:  trunk
changeset: 955862:346d6daf314c
user:      mrg <mrg%NetBSD.org@localhost>
date:      Thu Oct 15 02:19:23 2020 +0000

description:
set -D_GNU_SOURCE in Makefile.boot.  from hadrien.lacour%posteo.net@localhost.
also match %2F as well as %2f.  from leah%vuxu.org@localhost.
introduce defines for "80" and "443".  copyright maint.

diffstat:

 libexec/httpd/CHANGES          |   9 ++++++++-
 libexec/httpd/auth-bozo.c      |   4 ++--
 libexec/httpd/bozohttpd.8      |   8 ++++----
 libexec/httpd/bozohttpd.c      |  15 ++++++++-------
 libexec/httpd/bozohttpd.h      |   5 ++++-
 libexec/httpd/dir-index-bozo.c |   4 ++--
 libexec/httpd/main.c           |   4 ++--
 libexec/httpd/ssl-bozo.c       |   4 ++--
 8 files changed, 32 insertions(+), 21 deletions(-)

diffs (195 lines):

diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/CHANGES
--- a/libexec/httpd/CHANGES     Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/CHANGES     Thu Oct 15 02:19:23 2020 +0000
@@ -1,4 +1,11 @@
-$NetBSD: CHANGES,v 1.42 2020/09/12 12:39:28 rhialto Exp $
+$NetBSD: CHANGES,v 1.43 2020/10/15 02:19:23 mrg Exp $
+
+changes in bozohttpd 20201014:
+       o  also set -D_GNU_SOURCE in Makefile.boot.  from
+          hadrien.lacour%posteo.net@localhost.
+       o  fix array size botch (assertion, not exploitable.)  from
+          martin%netbsd.org@localhost.
+       o  also match %2F as well as %2f.  from leah%vuxu.org@localhost.
 
 changes in bozohttpd 20200912:
        o  add .m4a and .m4v file extensions.
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/auth-bozo.c
--- a/libexec/httpd/auth-bozo.c Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/auth-bozo.c Thu Oct 15 02:19:23 2020 +0000
@@ -1,9 +1,9 @@
-/*     $NetBSD: auth-bozo.c,v 1.25 2020/07/11 08:10:52 jruoho Exp $    */
+/*     $NetBSD: auth-bozo.c,v 1.26 2020/10/15 02:19:23 mrg Exp $       */
 
 /*     $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $       */
 
 /*
- * Copyright (c) 1997-2019 Matthew R. Green
+ * Copyright (c) 1997-2020 Matthew R. Green
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/bozohttpd.8
--- a/libexec/httpd/bozohttpd.8 Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/bozohttpd.8 Thu Oct 15 02:19:23 2020 +0000
@@ -1,8 +1,8 @@
-.\"    $NetBSD: bozohttpd.8,v 1.84 2020/08/20 07:55:10 mrg Exp $
+.\"    $NetBSD: bozohttpd.8,v 1.85 2020/10/15 02:19:23 mrg Exp $
 .\"
 .\"    $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $
 .\"
-.\" Copyright (c) 1997-2019 Matthew R. Green
+.\" Copyright (c) 1997-2020 Matthew R. Green
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -26,7 +26,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd July 11, 2020
+.Dd October 14, 2020
 .Dt BOZOHTTPD 8
 .Os
 .Sh NAME
@@ -642,7 +642,7 @@
 and regular code audits.
 This manual documents
 .Nm
-version 20190116.
+version 20201014.
 .Sh AUTHORS
 .An -nosplit
 .Nm
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/bozohttpd.c
--- a/libexec/httpd/bozohttpd.c Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/bozohttpd.c Thu Oct 15 02:19:23 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bozohttpd.c,v 1.121 2020/09/05 13:38:24 mrg Exp $      */
+/*     $NetBSD: bozohttpd.c,v 1.122 2020/10/15 02:19:23 mrg Exp $      */
 
 /*     $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $      */
 
@@ -109,7 +109,7 @@
 #define INDEX_HTML             "index.html"
 #endif
 #ifndef SERVER_SOFTWARE
-#define SERVER_SOFTWARE                "bozohttpd/20200820"
+#define SERVER_SOFTWARE                "bozohttpd/20201014"
 #endif
 #ifndef PUBLIC_HTML
 #define PUBLIC_HTML            "public_html"
@@ -651,7 +651,7 @@
         * if passed through a proxy that doesn't rewrite the port.
         */
        if (httpd->bindport) {
-               if (strcmp(httpd->bindport, "80") != 0)
+               if (strcmp(httpd->bindport, BOZO_HTTP_PORT) != 0)
                        port = httpd->bindport;
                else
                        port = NULL;
@@ -1099,7 +1099,7 @@
                hostname = "";
                portbuf[0] = '\0';
        } else {
-               const char *defport = httpd->sslinfo ? "443" : "80";
+               const char *defport = httpd->sslinfo ? BOZO_HTTPS_PORT : BOZO_HTTP_PORT;
 
                if (request->hr_serverport &&
                    strcmp(request->hr_serverport, defport) != 0)
@@ -1335,7 +1335,8 @@
         * canonicalise hr_host - that is, remove any :80.
         */
        len = strlen(request->hr_host);
-       if (len > 3 && strcmp(request->hr_host + len - 3, ":80") == 0) {
+       if (len > 3 &&
+           strcmp(request->hr_host + len - 3, ":" BOZO_HTTP_PORT) == 0) {
                request->hr_host[len - 3] = '\0';
                len = strlen(request->hr_host);
        }
@@ -1554,7 +1555,7 @@
                if (s[1] == '0' && s[2] == '0')
                        return bozo_http_error(httpd, 404, request,
                            "percent hack was %00");
-               if (s[1] == '2' && s[2] == 'f')
+               if (s[1] == '2' && (s[2] == 'f' || s[2] == 'F'))
                        return bozo_http_error(httpd, 404, request,
                            "percent hack was %2f (/)");
 
@@ -2213,7 +2214,7 @@
        }
 
        if (request && request->hr_serverport &&
-           strcmp(request->hr_serverport, "80") != 0)
+           strcmp(request->hr_serverport, BOZO_HTTP_PORT) != 0)
                snprintf(portbuf, sizeof(portbuf), ":%s",
                                request->hr_serverport);
        else
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/bozohttpd.h
--- a/libexec/httpd/bozohttpd.h Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/bozohttpd.h Thu Oct 15 02:19:23 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bozohttpd.h,v 1.63 2020/08/20 05:46:31 spz Exp $       */
+/*     $NetBSD: bozohttpd.h,v 1.64 2020/10/15 02:19:23 mrg Exp $       */
 
 /*     $eterna: bozohttpd.h,v 1.39 2011/11/18 09:21:15 mrg Exp $       */
 
@@ -253,6 +253,9 @@
 #define have_debug     (1)
 #endif /* NO_DEBUG */
 
+#define BOZO_HTTP_PORT "80"
+#define BOZO_HTTPS_PORT        "443"
+
 /*
  * bozohttpd special files.  avoid serving these out.
  *
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/dir-index-bozo.c
--- a/libexec/httpd/dir-index-bozo.c    Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/dir-index-bozo.c    Thu Oct 15 02:19:23 2020 +0000
@@ -1,9 +1,9 @@
-/*     $NetBSD: dir-index-bozo.c,v 1.33 2020/07/06 23:31:36 jmcneill Exp $     */
+/*     $NetBSD: dir-index-bozo.c,v 1.34 2020/10/15 02:19:23 mrg Exp $  */
 
 /*     $eterna: dir-index-bozo.c,v 1.20 2011/11/18 09:21:15 mrg Exp $  */
 
 /*
- * Copyright (c) 1997-2019 Matthew R. Green
+ * Copyright (c) 1997-2020 Matthew R. Green
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/main.c
--- a/libexec/httpd/main.c      Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/main.c      Thu Oct 15 02:19:23 2020 +0000
@@ -1,10 +1,10 @@
-/*     $NetBSD: main.c,v 1.23 2020/07/06 23:31:36 jmcneill Exp $       */
+/*     $NetBSD: main.c,v 1.24 2020/10/15 02:19:23 mrg Exp $    */
 
 /*     $eterna: main.c,v 1.6 2011/11/18 09:21:15 mrg Exp $     */
 /* from: eterna: bozohttpd.c,v 1.159 2009/05/23 02:14:30 mrg Exp       */
 
 /*
- * Copyright (c) 1997-2018 Matthew R. Green
+ * Copyright (c) 1997-2020 Matthew R. Green
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
diff -r acf83f2250ed -r 346d6daf314c libexec/httpd/ssl-bozo.c
--- a/libexec/httpd/ssl-bozo.c  Thu Oct 15 01:00:01 2020 +0000
+++ b/libexec/httpd/ssl-bozo.c  Thu Oct 15 02:19:23 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ssl-bozo.c,v 1.27 2020/08/20 05:46:31 spz Exp $        */
+/*     $NetBSD: ssl-bozo.c,v 1.28 2020/10/15 02:19:23 mrg Exp $        */
 
 /*     $eterna: ssl-bozo.c,v 1.15 2011/11/18 09:21:15 mrg Exp $        */
 
@@ -328,7 +328,7 @@
            sslinfo->certificate_file,
            sslinfo->privatekey_file));
        if (!httpd->bindport)
-               httpd->bindport = bozostrdup(httpd, NULL, "https");
+               httpd->bindport = bozostrdup(httpd, NULL, BOZO_HTTPS_PORT);
 }
 
 void



Home | Main Index | Thread Index | Old Index