summaryrefslogtreecommitdiffstats
path: root/usr.sbin/httpd/server.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Check the return value of tls_config_set_protocols(), now that it returnsjsing2016-11-171-4/+7
| | | | an int.
* Move OCSP loading into a separate function - it is not part of the keypairjsing2016-11-171-16/+23
| | | | | | and this way we can give a separate specific error message. ok beck@ reyk@
* Fix tcp ip ttl / minttl on IPv6 sockets.jca2016-11-101-7/+25
| | | | ok florian@
* conditionalize ocsp load properlybeck2016-11-061-8/+10
| | | | ok jsing@
* Add OCSP stapling support to httpdbeck2016-11-061-1/+32
| | | | ok jsing@ bcook@
* Kill (remove) the ps_pid from privsep struct since it is not being usedrzalamena2016-08-301-5/+3
| | | | | | anymore. Also fix the process initialization prototypes. ok reyk@
* Kill p_instance from proc.c and remove static proc_id unused variables.rzalamena2016-08-271-9/+1
| | | | | | | | | To keep the debug functionality intact and correct we'll use the pid field in the imsg header to pass the instance number. Remember to always pass 'ps_instance + 1' otherwise libutil will fill imsg header pid field with the imsgbuf pid (which is the current process pid). ok reyk@
* Replace the static env variables with a single global variable.rzalamena2016-08-261-23/+21
| | | | ok reyk@
* Enable SNI support in httpd(8).jsing2016-08-221-6/+27
| | | | ok reyk@
* stop including sys/param.h for nitems. define locally as needed.tedu2016-08-161-2/+1
| | | | ok natano reyk
* Turn "TLS handshake failed -" log message into a debug message - itreyk2016-08-161-2/+2
| | | | | | happens way too often and does not provide much information. OK jung@
* Rename server_handshake_tls() to server_tls_handshake() to align withreyk2016-08-161-6/+6
| | | | | the other server_tls_* functions (and I like the prefix notation better). No functional change.
* Move server_match() from parse.y to server.c; use env instead of conf,jsing2016-08-151-1/+28
| | | | which is actually the same thing (cluebat from reyk@).
* Use lowercase 'tls' in debug and log messages for consistency.jsing2016-08-151-6/+6
| | | | Requested by reyk@
* Make httpd stricter with respect to TLS configuration - in particular, dojsing2016-08-151-1/+25
| | | | | | | | | | | | not allow TLS and non-TLS to be configured on the same port, do not allow TLS options to be specified without a TLS listener and ensure that the TLS options are the same when a server is specified on the same address/port. Currently, these configurations are permitted but do not work as intended. Also factor out and reuse the server matching code, which was previously duplicated. ok reyk@
* Include the TLS configuration errors in log messages. Also set thejsing2016-04-281-11/+11
| | | | certificate and private key at the same time.
* Use log_warnx() instead of log_warn() when the failure will not havejsing2016-04-191-10/+10
| | | | | | resulted in errno being set. ok reyk@
* sync with relayd, use proc_compose()reyk2015-12-021-3/+2
|
* Retire socket_set_blockmode() in favor of the SOCK_NONBLOCK type flag.reyk2015-11-231-7/+3
| | | | | | As done in iked and snmpd. OK jung@
* pledge(2) for httpd.florian2015-11-051-1/+4
| | | | | | | | | | | | | | | | | | | | 1) The main process listens on sockets and accepts connections. It creates and opens log files, creates and kills child processes. On start up and on receiving a HUP signal it parses the configuration. It passes on file descriptors for logging or requests to it's children. 2) The logger process writes log messages to a file descriptor passed in from the main process. 3) The server process reads the request from a file descriptor passed in from the main process. It reads a file or creates a directory index to send a response. Additionally this process handles fastcgi requests. It connects to AF_UNIX, AF_INET or AF_INET6 sockets. A re-factoring might make it possible to drop the additional fastcgi privileges when only static files are served. with deraadt@ some time ago prodding & OK deraadt@ tweaks and OK reyk@
* Fix server_handshake_tls() - we should only call server_input() in the casejsing2015-09-111-8/+6
| | | | | | where the handshake has successfully completed. ok beck@
* fix return type for tls_read/writebeck2015-09-101-3/+3
| | | | jointly with jsing@
* fix after libtls api changesbeck2015-09-101-12/+12
| | | | ok jsing@
* Update httpd to call tls_handshake() after tls_accept_socket().jsing2015-09-101-12/+16
| | | | ok beck@
* Fix a regression that was introduced with server.c r1.64: Do NOT freereyk2015-09-071-2/+1
| | | | | | | | | | srv_conf->auth in serverconfig_free() because it was not allocated in config_getserver() but assigned as a reference by id from a global list that is maintained independently. This fixes a potential double-free. This fix also makes srv_conf->auth "const" to emphasize that the read-only auth pointer was not allocated here. OK jsing@
* Change httpd(8) to use C99-style fixed-width integers (uintN_t insteadreyk2015-08-201-3/+3
| | | | | | | | | | | | | | | | of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this style; it also helps us to get used to it, portability, and standardization. Theoretically no binary change, except one in practice: httpd.o has a different checksum because gcc with -O2 pads/optimizes "struct privsep" differently when using "unsigned int" instead "u_int" for the affected members. "u_int" is just a typedef of "unsigned int", -O0 doesn't build the difference and clang with -O2 doesn't do it either - it is just another curiosity from gcc-land. OK semarie@
* Fix rev 1.70 of server.c by only re-enabling the bufferevent if weflorian2015-08-031-4/+8
| | | | | | | | previously disabled it because we were reading to fast (from disk). Problem noted and tracked down to that commit by weerd@ and independently by stsp@. Tested by weerd@, stsp@, reyk@ OK bluhm@, reyk@
* backout the previous: it broke wordpress somehow.reyk2015-07-291-3/+1
| | | | | | we need more care to find a proper fix for the fastcgi headers. acknowledged by deraadt@
* Read fcgi response records until we have the whole http header and canflorian2015-07-291-1/+3
| | | | | | parse it. Otherwise http headers can leak into the body. Pointed out by Jean-Philippe Ouellet on bugs@ Thanks! OK reyk, commit ASAP deraadt@
* libtls has been changed to set SSL_MODE_ENABLE_PARTIAL_WRITE andreyk2015-07-181-24/+5
| | | | | | | | | | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER by default. This gives tls_write() a similar short write semantics as write(2) and a workaround in httpd to cope with the previous differences can be removed. Specifically, httpd can stop copying data into a local buffer that was used to keep it around for repeated writes. OK bluhm@
* If we can read faster from disk than send data to the client stopflorian2015-07-161-2/+11
| | | | | | | | | | reading from disk when we hold a certain amount of data in RAM. Re-enable reading once we send enough data to the client. Otherwise we might end up with the whole file (which can be huge) in RAM. Reported by Matthew Martin ( matt.a.martin AT gmail ) on bugs@, thanks! OK reyk@, benno@
* Escape the message in server_log() as well.reyk2015-07-151-5/+7
| | | | OK benno@
* Close connections that fail to complete a TLS handshake.jsing2015-07-151-1/+2
| | | | | | Based on a diff from Jack Burton <jack at saosce dot com dot au>. ok reyk@
* Fix typo in comment.jsing2015-07-151-2/+2
|
* Send the TLS certificate and key via separate imsgs, rather thanjsing2015-07-151-1/+4
| | | | | | | | | including them in the IMSG_CFG_SERVER imsg. This allows the certificate and key to each be almost 16KB (the maximum size for an imsg), rather than having a combined total of less than 16KB (which can be reached with large keys, certificate bundles or by including text versions of certificates). ok reyk@
* Explicitly check for and handle EOF on a TLS connection.jsing2015-07-151-1/+6
| | | | ok reyk@
* Fix memory leaks that can occur when config_getserver() fails.jsing2015-07-151-6/+17
| | | | | | | | | | config.c r1.34 and r1.30 introduced potential memory leaks for auth and return_uri when config_getserver fails. Fix this by switching to serverconfig_free() and adding the missing free for srv_conf->auth. While here, make serverconfig_free() a little more bulletproof by explicit_bzero()ing key material. ok reyk@
* We cannot log errors with server_close() before allocatingflorian2015-04-231-8/+6
| | | | | | | clt_log evbuffer. server_close() calls server_log() which uses ctl_log. Crash reported by Daniel Jakots <vigdis AT chown DOT me>, thanks! OK benno
* Always check the return value of proc_composev_imsg() and handle failuresjsing2015-04-111-2/+6
| | | | | | | | | appropriately. Otherwise imsg construction can silently fail, resulting in non-obvious problems. Found the hard way by Theodore Wynnychenko. ok doug@ florian@
* Prevent use after free.florian2015-03-151-4/+4
| | | | | | | | While here unconditionally free clt and move declaration of server_inflight_dec() into server.c Found while investigating if (foo != NULL) free(foo) patterns pointed out by Markus Elfring. OK reyk
* Add return_uri to serverconfig_reset() to avoid using garbage from thereyk2015-02-231-1/+2
| | | | | | imsg buffer. Debugging & OK halex@
* Allow TLS protocols to be specified via a "tls protocols" configurationjsing2015-02-121-2/+3
| | | | | | option. ok reyk@
* Change TLS_PROTOCOLS_DEFAULT to be TLSv1.2 only. Add a TLS_PROTOCOLS_ALLjsing2015-02-121-1/+3
| | | | | | | | that includes all currently supported protocols (TLSv1.0, TLSv1.1 and TLSv1.2). Change all users of libtls to use TLS_PROTOCOLS_ALL so that they maintain existing behaviour. Discussed with tedu@ and reyk@.
* Remove server_load_file() in favor of tls_load_file(3)reyk2015-02-071-37/+10
|
* Add httpd configuration options to allow the specification of DHEjsing2015-02-071-1/+12
| | | | | | | parameters and the ECDHE curve. This primarily allows for DHE cipher suites to be enabled. ok reyk@
* Add support for blocking, dropping, and redirecting requests.reyk2015-02-071-1/+2
| | | | OK florian@
* httpd is based on relayd and had included many headers that are onlyreyk2015-01-211-9/+7
| | | | | | | | | needed by its ancestor. jsg@, include-what-you-use, and some manual review helped to cleanup the headers (take iwyu with a grain of salt). Based on common practice, httpd.h now also includes the necessary headers for itself. OK florian@
* Decouple auth parameters from struct server_config into struct auth.reyk2015-01-191-1/+5
| | | | OK florian@
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-3/+6
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* bump copyright yearreyk2015-01-131-2/+2
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.