summaryrefslogtreecommitdiffstats
path: root/usr.sbin/httpd/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add RSA blinding for private keys. markus@ ok.ho2003-03-141-1/+15
|
* open the etag-state file writeonly. open it O_TRUNC in case it was too big.henning2003-02-211-2/+6
| | | | | | | chmod/chown to root.www 0640, just in case a etag file from the initial version is around. ok cloder theo
* $OpenBSD$henning2003-02-211-0/+1
|
* fix restarts.henning2003-02-211-35/+52
| | | | | | | | the etag-state file wasn't readable after chroot and privilege drop. therefore, make it root.www 640. split the read and write portions to their own functions, and in init_etag, try to write the etag-state; in case of any problem with that, create a new one and read that.
* intial -> initial;jmc2003-02-181-1/+1
| | | | | | | the great intial witch hunt, as prompted by tdeval@ os-aix-dso.c: ok henning@ ab.C: ok drahn@
* Add hyphens to boundary ID to make it not pure base64. This means thatcloder2003-02-171-1/+3
| | | | | | the boundary could never ever be accidentally matched inside base64 data. Based on conversation with markus@, deraadt@, henning@. OK deraadt@, henning@
* Don't leak the inode numbers of served files via thecloder2003-02-162-2/+143
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ETag (entity tag) header value. Instead of including the file modification date, inode, file size, etc. directly in the ETag header, return a SHA1 hash of these values instead. This SHA1 hash is initialized with a pseudorandom secret, so that it's harder to brute force inode numbers. This initialization secret is saved in a file called "etag-state" in the httpd chroot logs/ directory, so that the ETag header values are consistent across httpd restarts (if the secret were different each time httpd started, ETags would change unnecessarily and thereby cause caches to refresh unnecessarily). An additional change is introduced: we add the dev number to the hash when (and only when) we add the inode number to the hash. Before: HTTP/1.1 200 OK Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7-beta3 ETag: "b10d3-1e59-3e49cbe4" In this case, we can tell the inode number of index.html is is b10d3 hex. After: HTTP/1.1 200 OK Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7-beta3 ETag: "3f3b3cb2ce2e278087960b3be6a6e9844166e371" Idea and solution by deraadt@. OK deraadt@, henning@. Any bugs are my fault :)
* My last commit uses base64 for the multipart MIME boundary id. Sincecloder2003-02-161-1/+6
| | | | | | | | | | | | | | | the base64 alphabet includes the characters '/', '+', and '=', it may violate section 4 of RFC 1341, which says that these kinds of characters must be quoted in order to be used as a header parameter. Pointed out by Wouter Clarie (rimshot AT pandora DOT be). My solution is not to quote the parameter (I'm afraid that will break simple browsers) but to replace special characters with alphabetic characters so that the resulting string is entirely alphanumeric. We don't want to use hex here, the alphabet is too small. "not too ugly for me" deraadt@, "a bit ugly but good enough" henning@, "that might be better than quoting" wouter
* Don't leak httpd child PIDs via multipart MIME boundary separators.cloder2003-02-151-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | Instead, generate a random MIME boundary separator that is also much longer, which makes it less likely to occur in the data. Before: HTTP/1.1 206 Partial Content Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7-beta3 Content-Type: multipart/byteranges; boundary=3e4e7d648e6 where the first 6 hex digits of the boundary is the request time and the last 4 hex digits of the boundary (48e6) is the PID of the httpd process that served the request. After: HTTP/1.1 206 Partial Content Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7-beta3 Content-Type: multipart/byteranges; boundary=lqmQDSxeaFSosnx+R46M94slY7G5BKGVPIhCc4ffoW852Vz0RbOaLJfMCAHHTfvR The boundary now consists of 48 pseudorandom bytes encoded into 64 base64 characters. This is in accordance with RFC 1341 section 7.2.1. Based on conversations with deraadt@. OK deraadt@
* typos;jmc2003-01-291-17/+17
| | | | | | | many tweaks by millert@ (thanks) thanks mpech@ for help with adduser(8) ok millert@
* typos; alan@alanday.comderaadt2003-01-201-4/+4
|
* fix buffer overflow in the FIX_PRECISION macrohenning2002-12-111-1/+2
| | | | | not exploiteable; would need more programming errors to cause harm from jim@apache
* typos in comments; David Krausehenning2002-12-111-2/+2
|
* From Andrushock, s/sucess/success/gmillert2002-12-091-1/+1
|
* typo, henning okavsm2002-12-071-1/+1
|
* typo in error message; Tor Houghtonhenning2002-12-051-2/+2
|
* kill unused #define which was a workaround with old OpenSSL versionshenning2002-11-181-4/+0
| | | | from David Krause, Thanks!
* kill duplicate int retry; from David Krause, Thanks!henning2002-11-181-2/+2
|
* mention restart issues with 3rd party moduleshenning2002-11-071-0/+7
| | | | PR 2902, Francesco Toscan, Thanks!
* merge mod-ssl 2.8.12henning2002-10-284-4/+11
| | | | | fixes a cross site scripting bug fixes 2 off-by-ones
* Replace tmpnam() with mkstemp() to avoid possible /tmp race.millert2002-10-232-23/+15
| | | | Problem found by David Wagner (among others).
* drain the bitbuckethenning2002-10-073-254/+0
|
* merge apache 1.3.27 and mod_ssl 2.8.11henning2002-10-0731-154/+582
|
* import apache 1.3.27 and mod_ssl 2.8.11henning2002-10-072-5/+88
|
* make restarts work again with missing srm.conf (sigh)henning2002-10-071-4/+4
| | | | pointed out by nicolas at untz dot net, thanks!
* fix a cross-site scripting vuln:henning2002-10-041-3/+6
| | | | | | | | *) SECURITY: CAN-2002-0840 (cve.mitre.org) Prevent a cross-site scripting vulnerability in the default error page. The issue could only be exploited if the directive UseCanonicalName is set to Off and a server is being run at a domain that allows wildcard DNS. [Matthew Murphy]
* format usage nicer, and add startssl to summary usage. also order thehenning2002-09-281-3/+5
| | | | | | | parameters a bit more logical. missing startssl pointed out by jsyn@, what made me look at it ;-) ok deraadt@
* only use socklen_t for OpenBSD >= 2.6henning2002-09-101-1/+4
| | | | requested by the apache guys (Jeff Trawick)
* move OpenSSL include uphenning2002-09-091-5/+4
|
* missing include for evp.h; ok henning@markus2002-09-081-1/+5
|
* socklen_t, not int.henning2002-09-061-1/+2
|
* remove some unnecessary casts and adjust format stringshenning2002-09-041-10/+10
| | | | looked over by dhartmei@
* $OpenBSD$ for modules with local changeshenning2002-08-159-2/+20
|
* $OpenBSD$henning2002-08-151-0/+2
|
* 2 missing #includeshenning2002-08-021-2/+4
|
* #ifdef MOD_SSL for OpenSSL initializationhenning2002-07-311-1/+3
| | | | | pointed out buy Stephane Engel Thankski!
* use fdcache for RewriteLog.henning2002-07-312-4/+11
| | | | | pointed out by Stephane Engel sengel at melshake dot com, who also tested this Thank you very much!
* strip_chroot here as well.henning2002-07-301-0/+1
| | | | pointed out by sengel at melshake dot com
* two more strip_chroothenning2002-07-301-0/+7
| | | | | found by Steph <sengel@melshake.com>, who also tested this. I'm very happy with the way you help here. Thanks a lot.
* fix -u description in httpd -h: we don't chroot into DocumentRoot buthenning2002-07-291-2/+2
| | | | | ServerRoot. noticed by "Aaron Yourk" <ayourk@srt.com>
* don't try to recheck the pathes to server.crt and .key once chrootedhenning2002-07-221-2/+2
| | | | makes graceful restarts work when running SSL.
* don't attempt to chroot if we are already chrooted ;-)henning2002-07-221-2/+2
| | | | (happens on SIGHUP aka apachectl restart)
* short -u description in httpd -hhenning2002-07-201-1/+2
| | | | pointed out by Sam Smith
* don't try to find a "suitable" bourne shell for subcommands, just use ourhenning2002-07-191-8/+1
| | | | | | /bin/sh, it is fine. Sam Smith <S@mSmith.net> reported a breakage in case bash in installed, and dhartmei@ analyzed, as far as I can see from the old mail sam forwarded me.
* mergehenning2002-07-1955-1646/+2378
|
* import apache 1.3.26 + mod_ssl 2.8.10henning2002-07-193-0/+215
|
* un-KNF to match apache source code style. requested by theo.henning2002-07-171-40/+39
|
* correctly free() all list members in _closeall.henning2002-07-171-8/+9
| | | | 10x markus
* KNFhenning2002-07-171-6/+4
| | | | | I slacked again. 10x markus.
* we have both SYSVSEM_SERIALIZED_ACCEPT and FLOCK_SERIALIZED_ACCEPT. allowhenning2002-07-171-2/+4
| | | | | both and default to SYSVSEM. pointed out by Jeff Trawick <trawick@attglobal.net> on dev@httpd.apache.org
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.