Felix Fietkau [Sun, 8 Nov 2015 19:23:31 +0000 (20:23 +0100)]
file: on redirect, only send content-length header when not using chunked transfer
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 8 Nov 2015 19:22:18 +0000 (20:22 +0100)]
handler: only send content-length header when not using chunked transfer
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 8 Nov 2015 19:21:07 +0000 (20:21 +0100)]
handler: add support for overriding redirect status code + message
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 8 Nov 2015 19:10:02 +0000 (20:10 +0100)]
handler: rename set_uri to rewrite
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 8 Nov 2015 10:41:42 +0000 (11:41 +0100)]
add support for handling redirects via a script
In a json_script file you can specify rules for rewriting the URL or
redirecting the browser either unconditionally, or as a fallback where
it would otherwise print a 404 error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 6 Nov 2015 15:50:13 +0000 (16:50 +0100)]
main: sort getopt characters
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
John Crispin [Tue, 20 Oct 2015 18:12:24 +0000 (20:12 +0200)]
fix the alias support
the path compare return code was not honoured properly
Signed-off-by: John Crispin <blogic@openwrt.org>
John Crispin [Wed, 7 Oct 2015 14:21:10 +0000 (16:21 +0200)]
add a -y parameter for cgi-bin redirects
this allows an alias entry inside the root folder point at a cgi-bin script
-y foo=bar will redirect /foo to /cgi-bin/bar
Signed-off-by: John Crispin <blogic@openwrt.org>
Jo-Philipp Wich [Wed, 7 Oct 2015 21:57:55 +0000 (23:57 +0200)]
fix chunked transfer encoding in keepalive mode
The two commits
5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291
"allow request handlers to disable chunked reponses"
and
618493e378e2239f0d30902e47adfa134e649fdc
"file: disable chunked encoding for file responses"
broke the chunked transfer encoding handling for proc responses in keep-alive
connections that followed a file response with http status 204 or 304.
The effect of this bug is that cgi responses following a 204 or 304 one where
sent neither in chunked encoding nor with a content-length header, causing
browsers to stall until the keep alive timeout was reached.
Fix the logic flaw by inverting the chunk prevention flag in the client state
and by testing the chunked encoding preconditions every time instead of
once upon client (re-)initialization.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Andrej Krpic [Wed, 23 Sep 2015 21:33:57 +0000 (23:33 +0200)]
uhttpd: fix wrong header file inclusion for PRI* constant definitions
Signed-off-by: Andrej Krpic <ak77@tnode.com>
Felix Fietkau [Mon, 7 Sep 2015 19:18:26 +0000 (21:18 +0200)]
file: fix processing POST data for deferred requests
Fixes https://dev.openwrt.org/ticket/20458
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Karl Palsson [Mon, 17 Aug 2015 15:19:48 +0000 (15:19 +0000)]
cgi: Support passing X-HTTP-Method-Override header.
As uhttpd doesn't currently support PUT/DELETE/PATCH, allow passing the
commonly used X-HTTP-Method-Override header to CGI scripts.
This is an optional "protocol specific metadata" variable as per rfc
3875 section 4.1.18.
Signed-off-by: Karl Palsson <karlp@remake.is>
Jo-Philipp Wich [Sat, 30 May 2015 21:13:08 +0000 (23:13 +0200)]
client: use 307 instead of 302 for HTTPS redirects
Use the 307 code to force agents to retain the original request method.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sat, 30 May 2015 20:48:03 +0000 (22:48 +0200)]
proc: add HTTPS environment variable
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sat, 30 May 2015 16:25:39 +0000 (18:25 +0200)]
add support for enforcing HTTPS
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sat, 30 May 2015 13:58:24 +0000 (15:58 +0200)]
file: disable chunked encoding for file responses
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sat, 30 May 2015 13:48:42 +0000 (15:48 +0200)]
allow request handlers to disable chunked reponses
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
John Crispin [Sat, 28 Mar 2015 16:25:40 +0000 (17:25 +0100)]
properly handle return codes
Signed-off-by: John Crispin <blogic@openwrt.org>
John Crispin [Wed, 11 Mar 2015 08:32:37 +0000 (09:32 +0100)]
fixes for json 0.12
Signed-off-by: John Crispin <blogic@openwrt.org>
Jo-Philipp Wich [Sun, 25 Jan 2015 20:36:42 +0000 (21:36 +0100)]
lua: don't make uhttpd_plugin symbol constant
uhttpd modifies the list_head member of the uhttpd_plugin struct when
loading a plugin, therefore we cannot make it const, otherwise we
trigger a security violation if uhttpd is built with RelRO support.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sun, 25 Jan 2015 17:57:31 +0000 (18:57 +0100)]
file: explicitely cast st_mtime to uint64_t when generating ETag
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sun, 25 Jan 2015 17:13:03 +0000 (18:13 +0100)]
ubus: don't make uhttpd_plugin symbol constant
uhttpd modifies the list_head member of the uhttpd_plugin struct when
loading a plugin, therefore we cannot make it const, otherwise we
trigger a security violation if uhttpd is built with RelRO support.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Sun, 18 Jan 2015 15:07:04 +0000 (16:07 +0100)]
Build with largefile support
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Andrej Krpic [Mon, 22 Dec 2014 17:55:11 +0000 (18:55 +0100)]
uhttpd: Fix possible memory leaks when generating directory listing
scandir() call requires free() of each returned dirent structure
and parent list. Code constructing HTML response of directory
listing is missing a call to free in some cases.
Signed-off-by: Andrej Krpic <ak77@tnode.com>
Karl Palsson [Thu, 23 Oct 2014 13:00:29 +0000 (13:00 +0000)]
mimetypes: add json and jsonp (distinct from js)
.js files are being transferred as text/javascript, which, although
obsolete by RFC 4329 is most backward compatible.
.json and .jsonp are both transferred as application/octet-stream
however, causing warnings on the console for some browsers, even though
it works just fine.
Add the mimetypes for .json as per RFC 4627 and .jsonp as per RFC4329
(As jsonp _is_ javascript)
Signed-off-by: Karl Palsson <karlp@remake.is>
Jo-Philipp Wich [Mon, 27 Oct 2014 10:19:07 +0000 (11:19 +0100)]
file: do not emit Content-Length header for 304/412 responses
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Mon, 27 Oct 2014 10:18:10 +0000 (11:18 +0100)]
utils: do not emit eof chunk for 204/304 responses
According to RFC2616 10.2.5 and 10.3.5, 204 and 304 responses MUST NOT contain any
message body, therfore do not emit an EOF chunk for such responses.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Mon, 27 Oct 2014 10:15:35 +0000 (11:15 +0100)]
client: store http code of last emitted response
Certain response types (notably 204 and 304) require a slightly different
handling like emitting the response body entirely, therfore record the last
code to act on it in the appropriate places.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Wed, 3 Sep 2014 13:19:53 +0000 (15:19 +0200)]
lua: fix error reporting when Lua handler cannot be compiled
Reported-by: Sebastian Apel <sebastian.apel@gmx.de>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Wed, 3 Sep 2014 13:18:49 +0000 (15:18 +0200)]
main: use proper variable when warning about unsupported features
Reported-by: Sebastian Apel <sebastian.apel@gmx.de>
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Thu, 13 Feb 2014 19:43:43 +0000 (19:43 +0000)]
file: invoke error handler in 403 case as well
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Jo-Philipp Wich [Tue, 27 May 2014 12:40:58 +0000 (14:40 +0200)]
ubus: add CORS header support
In order to support cross-domain AJAX requests to the /ubus endpoint
we need to implement the Cross-Origin Resource Sharing (CORS) spec
in the ubus plugin.
- Implement a new option "-X" to enable CORS support in ubus
- Implement rudimentary support for "OPTIONS" HTTP requests
- Implement essential CORS headers the ubus plugin
The current CORS response headers merely reflect the request headers
sent by the client, this way any requesting origin is automatically
allowed. Cross-domain cookies (Access-Control-Allow-Credentials) are
unconditionally enabled.
Restricting permitted origins and toggle the credential accepting can
be made configurable in a future commit to allow more fine grained
control over permitted AJAX clients.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Felix Fietkau [Sun, 8 Jun 2014 11:50:53 +0000 (13:50 +0200)]
cgi: add _GNU_SOURCE define to fix build error on musl
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 7 Apr 2014 22:42:04 +0000 (00:42 +0200)]
fix handling of / as cgi prefix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 22 Mar 2014 19:28:17 +0000 (20:28 +0100)]
main: strdup command line arguments that are modified
This ensures that the process will show the correct command line in ps
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 22 Mar 2014 19:31:35 +0000 (20:31 +0100)]
cgi: compare the physical path instead of the url to detect quirky urls
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 21 Mar 2014 20:27:30 +0000 (21:27 +0100)]
relay: do forward data if the http request type was HEAD
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Wed, 27 Nov 2013 18:30:17 +0000 (18:30 +0000)]
ubus: remove indentation and whitespace from JSON responses to conserve a bit of bandwidth
Felix Fietkau [Thu, 21 Nov 2013 21:50:30 +0000 (22:50 +0100)]
uhttpd: fix crashes in the ubus plugin
The ubus plugin calls blocking ubus functions that loop back into
uloop_run. Protect the client data structure with refcounting to ensure
that the outer uloop_run call does not clean up the data that the inner
uloop_run call is still processing.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 29 Sep 2013 13:38:34 +0000 (15:38 +0200)]
lua: fix lua 5.2 compatibility
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Mon, 11 Nov 2013 20:12:12 +0000 (20:12 +0000)]
main: return after processing -d switch
Jo-Philipp Wich [Fri, 13 Sep 2013 13:01:52 +0000 (15:01 +0200)]
ubus: use "ubus_rpc_session" instead of "sid" attribute name when querying session.access
Jo-Philipp Wich [Fri, 13 Sep 2013 12:51:44 +0000 (14:51 +0200)]
ubus: fix session example script to conform to new rpc protocol
Jo-Philipp Wich [Fri, 13 Sep 2013 12:44:57 +0000 (14:44 +0200)]
ubus: deny requests with a "ubus_rpc_session" toplevel attribute to prevent injecting different SIDs
Jo-Philipp Wich [Thu, 8 Aug 2013 11:40:40 +0000 (13:40 +0200)]
ubus: pass current session id as ubus_rpc_session attribute to any called procedure
Jo-Philipp Wich [Wed, 7 Aug 2013 14:46:13 +0000 (16:46 +0200)]
ubus: move sid into the params array of the json-rpc request to avoid information leakage via the post url
Jo-Philipp Wich [Sat, 8 Jun 2013 17:39:19 +0000 (19:39 +0200)]
ubus: use per-request blob buffer to fetch list results, fixes global buffer corruption with concurrent requests
Felix Fietkau [Wed, 31 Jul 2013 16:29:03 +0000 (18:29 +0200)]
client: prevent further read calls after a client has been freed
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 30 Jul 2013 22:32:40 +0000 (00:32 +0200)]
proc: consume all data after the pipe dies, instead of looping with 100% cpu usage
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 26 Jul 2013 11:25:06 +0000 (13:25 +0200)]
detect chrome before safari, chrome includes Safari/ in the UA header
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 26 Jul 2013 09:36:45 +0000 (11:36 +0200)]
disable connection_close override if a keep-alive header is found
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 26 Jul 2013 09:36:18 +0000 (11:36 +0200)]
disable keep-alive for POST requests to improve compatibility
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Fri, 21 Jun 2013 09:25:29 +0000 (11:25 +0200)]
ubus: fix handling of empty JSON-RPC batches
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Sat, 8 Jun 2013 10:10:52 +0000 (12:10 +0200)]
ubus: duplicate request buffer to avoid memory corruption with multiple requests
Jo-Philipp Wich [Sat, 8 Jun 2013 07:48:35 +0000 (09:48 +0200)]
ubus: use half of the script timeout as timeout for acl lookup call
Jo-Philipp Wich [Tue, 4 Jun 2013 14:43:43 +0000 (16:43 +0200)]
ubus: implement list method to enumerate objects and signatures
Felix Fietkau [Sat, 1 Jun 2013 21:43:04 +0000 (23:43 +0200)]
relay: cancel the timeout on free
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 30 May 2013 13:05:00 +0000 (15:05 +0200)]
ubus: clear the right timeout on rpc connection teardowns
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 30 May 2013 10:38:25 +0000 (12:38 +0200)]
ubus: fix script timeout unit (seconds, not milliseconds)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 23 May 2013 10:50:08 +0000 (12:50 +0200)]
relay: do not process headers after the first error
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 23 May 2013 10:41:03 +0000 (12:41 +0200)]
relay: fix close handling
When the relay process has exited, close the connection as soon as no
data can immediately be read from the socket anymore, and the read
buffer has been emptied.
This fixes timeouts with scripts that leave processes lingering around
without closing their fds.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 23 May 2013 10:35:44 +0000 (12:35 +0200)]
fix infinite loop when the initial two characters in a connection are \r\n
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Thu, 16 May 2013 11:17:10 +0000 (13:17 +0200)]
uhttpd: allow the config to override the default index file
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 14 May 2013 17:40:27 +0000 (19:40 +0200)]
uhttpd: mark a TLS connections internally to clean up their state
Fixes a per-SSL-connection memory leak
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Wed, 17 Apr 2013 11:30:19 +0000 (13:30 +0200)]
Accept square bracket notation for IPv6 addresses
Felix Fietkau [Mon, 15 Apr 2013 14:48:57 +0000 (16:48 +0200)]
tls: fix container_of use for casting the ssl ustream to client state
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Mon, 18 Mar 2013 14:35:09 +0000 (15:35 +0100)]
lua: fix query string handling, the QUERY_STRING environment variable must not contain the leading question mark
Jo-Philipp Wich [Mon, 18 Mar 2013 14:35:08 +0000 (15:35 +0100)]
Load plugins with RTLD_GLOBAL, fixes Lua library exports
Felix Fietkau [Fri, 15 Mar 2013 13:38:16 +0000 (14:38 +0100)]
relay: add a missing buffer availability check
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 12 Mar 2013 13:37:35 +0000 (14:37 +0100)]
detect the right library name for json-c
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Jo-Philipp Wich [Tue, 5 Mar 2013 15:40:45 +0000 (16:40 +0100)]
plugin.c: don't assume post_init callback to exist
Jo-Philipp Wich [Sat, 26 Jan 2013 14:14:55 +0000 (15:14 +0100)]
ubus: use a default sid if authentication is disabled
Jo-Philipp Wich [Sat, 26 Jan 2013 13:46:59 +0000 (14:46 +0100)]
set the docroot to the current working directory if none is specified, fixes random null pointer dereferencing
Jo-Philipp Wich [Fri, 25 Jan 2013 19:10:45 +0000 (20:10 +0100)]
ubus: pass json rpc arguments to called ubus functions
Jo-Philipp Wich [Fri, 25 Jan 2013 16:49:44 +0000 (17:49 +0100)]
ubus: add option to not authenticate ubus requests
Jo-Philipp Wich [Fri, 25 Jan 2013 14:35:10 +0000 (15:35 +0100)]
ubus: remove session api from plugin and check access via ubus call to let other services provide the session api
Jo-Philipp Wich [Wed, 23 Jan 2013 18:36:16 +0000 (19:36 +0100)]
ubus: rename uloop_timeout_pending() to uloop_timeout_remaining()
Jo-Philipp Wich [Wed, 23 Jan 2013 13:31:01 +0000 (14:31 +0100)]
make arguments of not compiled functionality non-fatal
Jo-Philipp Wich [Tue, 22 Jan 2013 14:55:29 +0000 (15:55 +0100)]
ubus: expose remaining session lifetime in ubus session.list call
Felix Fietkau [Tue, 22 Jan 2013 09:37:48 +0000 (10:37 +0100)]
proc: call read notify after more write space is available
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Tue, 22 Jan 2013 09:25:19 +0000 (10:25 +0100)]
do not reset .notify_write on request done
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Mon, 21 Jan 2013 12:21:34 +0000 (13:21 +0100)]
add missing check for unencrypted passwords
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 22:55:10 +0000 (23:55 +0100)]
do not relay empty chunks, they look like EOF in chunked encoding
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 18:06:25 +0000 (19:06 +0100)]
implement support for script timeout for cgi/lua
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 17:30:23 +0000 (18:30 +0100)]
add support for deferring script requests, limit maximum number of script calls to 3, maximum number of connections to 100
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 15:48:05 +0000 (16:48 +0100)]
ignore initial newlines in http requests
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 15:47:37 +0000 (16:47 +0100)]
fix container_of() on ustream callbacks
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 15:07:15 +0000 (16:07 +0100)]
poll read data after connect as well
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 15:00:34 +0000 (16:00 +0100)]
poll connection after request completion when using keepalive
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 14:53:33 +0000 (15:53 +0100)]
properly terminate headers of http responses without data, add Content-Length: 0
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 12:41:39 +0000 (13:41 +0100)]
fix file etag buffer length
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 12:39:47 +0000 (13:39 +0100)]
move listener unblocking to a separate stack context via uloop timer
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sat, 19 Jan 2013 12:10:53 +0000 (13:10 +0100)]
add user agent detection for working around keepalive issues and add support for the connection: close|keep-alive header
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 13 Jan 2013 15:16:10 +0000 (16:16 +0100)]
relicense to ISC
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Felix Fietkau [Sun, 13 Jan 2013 10:59:36 +0000 (11:59 +0100)]
fix cgi/lua header parsing
Felix Fietkau [Sun, 13 Jan 2013 10:50:50 +0000 (11:50 +0100)]
fix redirect status
Felix Fietkau [Sun, 13 Jan 2013 10:47:42 +0000 (11:47 +0100)]
fix local/remote port env vars
Felix Fietkau [Sun, 13 Jan 2013 10:30:15 +0000 (11:30 +0100)]
poll ustream after the process dies to fix eof detection
Felix Fietkau [Sun, 13 Jan 2013 10:17:35 +0000 (11:17 +0100)]
fix path lookup
Felix Fietkau [Sun, 13 Jan 2013 10:13:59 +0000 (11:13 +0100)]
add an option for configuring http keepalive