summaryrefslogtreecommitdiffstats
path: root/usr.sbin/httpd/httpd.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* these programs (with common ancestry) had a -fno-common problem relatedderaadt2021-01-271-1/+3
| | | | | to privsep_procid. ok mortimer
* remove unused functionsbenno2020-08-031-61/+1
| | | | | from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks ok claudio@
* Remove the unused function canonicalize_host(), it was copied from relayd.benno2020-07-301-54/+1
| | | | Found by Ross L Richardson, Thanks.
* During the fork+exec implementation, daemon(3) was moved afterbluhm2018-09-091-2/+2
| | | | | | | proc_init(). As a consequence httpd(8) and relayd(8) child processes did not detach from the terminal anymore. Dup /dev/null to the stdio file descriptors in the children. OK benno@
* use __func__ in log messages.benno2017-05-281-3/+3
| | | | | From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
* Do not purge the CONFIG_SERVERS config in the parent. The ticket code usesclaudio2017-04-041-2/+2
| | | | | | the servers config for its rekeying handling. Without this no rekeying happens and httpd stops working. Learned the hard way by me and beck@ OK reyk@
* Implement TLS ticket support in httpd. Off by default. Useclaudio2017-03-251-1/+43
| | | | | | | tls ticket lifetime default to turn it on with a 2h ticket lifetime. Rekeying happens after a quarter of that time. OK reky@ and bob@
* Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyderaadt2017-01-231-3/+2
| | | | upon "inet". Adjust the 4 programs that care about this.
* Stop accessing verbose and debug variables from log.c directly.reyk2017-01-091-2/+2
| | | | | | | | This replaces log_verbose() and "extern int verbose" with the two functions log_setverbose() and log_getverbose(). Pointed out by benno@ OK krw@ eric@ gilles@ (OK gilles@ for the snmpd bits as well)
* sync proc.c from switchd, includes minor cast qual fix and removal of p_env.reyk2016-09-281-3/+5
|
* proc.c tweaks: Rename proc_listento() to proc_accept() as it is thereyk2016-09-021-21/+5
| | | | | | | | receiving side of proc_connect(). Move some code from main into proc_init(), the function is now called by parent and children, not just the parent and it is less copy + paste for other daemons. OK florian@
* Teach httpd/proc.c how to fork+exec.rzalamena2016-09-011-9/+46
| | | | | | | | This commit implemented the basic functions to proc.c to make it not rely on global variables, malloc()ed memory and CLOEXEC pipes. Fix child proc titles from reyk@ ok reyk@, florian@
* Terminate daemon using the socket status instead of watching SIGCHLD orrzalamena2016-08-301-51/+3
| | | | | | | kill()ing child process. "Looks good to me" millert@ ok benno@
* Kill the ps_ninstances from proc.c.rzalamena2016-08-261-2/+1
| | | | | | | We got the same information in ps_instances[proc] (more accurate) and we avoid allocating unnecessary memory for pipe storage. ok reyk@
* stop including sys/param.h for nitems. define locally as needed.tedu2016-08-161-2/+1
| | | | ok natano reyk
* & expands to the maximum amount of needed space; fix comment.florian2016-06-101-2/+2
| | | | Pointed out by Frank Schoep, thanks!
* fix unbalanced va_start and va_end macrosjung2016-05-221-5/+9
| | | | | | from Hiltjo Posthuma "do." deraadt
* Remove setproctitle() for the parent process. Because rc.d(8) uses processsthen2016-02-021-3/+1
| | | | | | titles (including flags) to distinguish between daemons, this makes it possible to manage multiple copies of a daemon using the normal infrastructure by symlinking rc.d scripts to a new name. ok jung@ ajacoutot@, smtpd ok gilles@
* Remove unnecessary NULL checks before free().reyk2015-12-031-3/+3
| | | | From Jan Schreiber
* the grammar can prompt DNS lookups, so pledge "dns" also.deraadt2015-12-031-2/+2
| | | | from Gregor Best, discussed with florian
* sync with relayd, use proc_compose()reyk2015-12-021-7/+4
|
* Retire socket_set_blockmode() in favor of the SOCK_NONBLOCK type flag.reyk2015-11-231-2/+2
| | | | | | As done in iked and snmpd. OK jung@
* Update log.c: change fatal() and fatalx() into variadic functions,reyk2015-11-221-3/+6
| | | | | | | include the process name, and replace all calls of fatal*(NULL) with fatal(__func__) for better debugging. OK benno@
* Move local logging functions into httpd.c, and sync log.c with relayd -reyk2015-11-211-1/+77
| | | | both daemons are now sharing the same file. No functional changes.
* Simplify all instances of get_string() and get_data() using malloc() andmmcc2015-11-191-8/+3
| | | | | | strndup(). ok millert@
* pledge(2) for httpd.florian2015-11-051-1/+5
| | | | | | | | | | | | | | | | | | | | 1) The main process listens on sockets and accepts connections. It creates and opens log files, creates and kills child processes. On start up and on receiving a HUP signal it parses the configuration. It passes on file descriptors for logging or requests to it's children. 2) The logger process writes log messages to a file descriptor passed in from the main process. 3) The server process reads the request from a file descriptor passed in from the main process. It reads a file or creates a directory index to send a response. Additionally this process handles fastcgi requests. It connects to AF_UNIX, AF_INET or AF_INET6 sockets. A re-factoring might make it possible to drop the additional fastcgi privileges when only static files are served. with deraadt@ some time ago prodding & OK deraadt@ tweaks and OK reyk@
* revert -r1.42 as it breaks slowcgi and php-fpm setups as reported by jturnerjung2015-10-311-2/+2
|
* Remove a few more NULL-checks before free.mmcc2015-10-281-11/+5
|
* While I'm in here, drop a NULL-check before free.mmcc2015-10-281-3/+2
|
* fix PATH_INFO for / requestsjung2015-10-261-2/+2
| | | | | | diff from Denis Fondras ok reyk
* Two more char -> unsigned char in ctype functions.reyk2015-10-141-2/+3
|
* Pass unsigned chars to ctype functions.reyk2015-10-131-3/+4
| | | | From Michael McConville
* Change httpd(8) to use C99-style fixed-width integers (uintN_t insteadreyk2015-08-201-17/+17
| | | | | | | | | | | | | | | | of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this style; it also helps us to get used to it, portability, and standardization. Theoretically no binary change, except one in practice: httpd.o has a different checksum because gcc with -O2 pads/optimizes "struct privsep" differently when using "unsigned int" instead "u_int" for the affected members. "u_int" is just a typedef of "unsigned int", -O0 doesn't build the difference and clang with -O2 doesn't do it either - it is just another curiosity from gcc-land. OK semarie@
* Allow to change the default media type globally or per-location,reyk2015-07-181-2/+17
| | | | | | eg. default type text/html. OK florian@
* Do not assume that asprintf() clears the pointer on failure, whichmillert2015-06-031-4/+10
| | | | | is non-portable. Also add missing asprintf() return value checks. OK deraadt@ guenther@ doug@
* Do not try to unlink the control socket in an unprivileged childflorian2015-05-281-2/+4
| | | | | | process on shutdown. Found while working on tame(2). OK benno@
* Allow to specify CGI variables as macros in redirection strings, eg.reyk2015-02-231-1/+34
| | | | | | block return 301 "http://www.example.com/$REQUEST_URI" OK tedu@ florian@
* Rename escape_uri() to url_encode() because it is the opposite ofreyk2015-02-121-4/+4
| | | | url_decode(). No functional change.
* Encode directory listings.florian2015-02-101-1/+57
| | | | | Problem pointed out by remco AT d-compu.dyndns.org some time ago. Input / OK reyk@
* spacingreyk2015-02-081-2/+2
|
* httpd is based on relayd and had included many headers that are onlyreyk2015-01-211-5/+4
| | | | | | | | | needed by its ancestor. jsg@, include-what-you-use, and some manual review helped to cleanup the headers (take iwyu with a grain of salt). Based on common practice, httpd.h now also includes the necessary headers for itself. OK florian@
* Decouple auth parameters from struct server_config into struct auth.reyk2015-01-191-1/+46
| | | | OK florian@
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-2/+6
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* When scanning backwards for the last dot in a filename,schwarze2014-12-111-5/+7
| | | | | | stop at the '/' marking the beginning of the filename. This allows to configure a Content-Type for a filename without a dot. OK reyk@
* stop viral header propagation. none of this code uses sys/hash.htedu2014-12-041-4/+1
| | | | from Max Fillinger
* use size_t where appropriate. ok deraadt reyktedu2014-11-221-3/+3
|
* white space begonederaadt2014-11-211-2/+2
|
* Allow the log directory to be configurable in the config file, rather thanbeck2014-11-111-1/+7
| | | | | | | fixed as /logs within the chroot. As this httpd is properly privesp'ed this has the nice property of allowing us to put the logs outside the chroot if we want to. ok reyk@
* URL-decode the request path.reyk2014-10-221-1/+41
| | | | | Tested by ajacoutot@ and others OK doug@
* whitespace spotted while studying the codederaadt2014-09-291-2/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.