head 1.20; access; symbols pkgsrc-2018Q3:1.19.0.70 pkgsrc-2018Q3-base:1.19 pkgsrc-2018Q2:1.19.0.68 pkgsrc-2018Q2-base:1.19 pkgsrc-2018Q1:1.19.0.66 pkgsrc-2018Q1-base:1.19 pkgsrc-2017Q4:1.19.0.64 pkgsrc-2017Q4-base:1.19 pkgsrc-2017Q3:1.19.0.62 pkgsrc-2017Q3-base:1.19 pkgsrc-2017Q2:1.19.0.58 pkgsrc-2017Q2-base:1.19 pkgsrc-2017Q1:1.19.0.56 pkgsrc-2017Q1-base:1.19 pkgsrc-2016Q4:1.19.0.54 pkgsrc-2016Q4-base:1.19 pkgsrc-2016Q3:1.19.0.52 pkgsrc-2016Q3-base:1.19 pkgsrc-2016Q2:1.19.0.50 pkgsrc-2016Q2-base:1.19 pkgsrc-2016Q1:1.19.0.48 pkgsrc-2016Q1-base:1.19 pkgsrc-2015Q4:1.19.0.46 pkgsrc-2015Q4-base:1.19 pkgsrc-2015Q3:1.19.0.44 pkgsrc-2015Q3-base:1.19 pkgsrc-2015Q2:1.19.0.42 pkgsrc-2015Q2-base:1.19 pkgsrc-2015Q1:1.19.0.40 pkgsrc-2015Q1-base:1.19 pkgsrc-2014Q4:1.19.0.38 pkgsrc-2014Q4-base:1.19 pkgsrc-2014Q3:1.19.0.36 pkgsrc-2014Q3-base:1.19 pkgsrc-2014Q2:1.19.0.34 pkgsrc-2014Q2-base:1.19 pkgsrc-2014Q1:1.19.0.32 pkgsrc-2014Q1-base:1.19 pkgsrc-2013Q4:1.19.0.30 pkgsrc-2013Q4-base:1.19 pkgsrc-2013Q3:1.19.0.28 pkgsrc-2013Q3-base:1.19 pkgsrc-2013Q2:1.19.0.26 pkgsrc-2013Q2-base:1.19 pkgsrc-2013Q1:1.19.0.24 pkgsrc-2013Q1-base:1.19 pkgsrc-2012Q4:1.19.0.22 pkgsrc-2012Q4-base:1.19 pkgsrc-2012Q3:1.19.0.20 pkgsrc-2012Q3-base:1.19 pkgsrc-2012Q2:1.19.0.18 pkgsrc-2012Q2-base:1.19 pkgsrc-2012Q1:1.19.0.16 pkgsrc-2012Q1-base:1.19 pkgsrc-2011Q4:1.19.0.14 pkgsrc-2011Q4-base:1.19 pkgsrc-2011Q3:1.19.0.12 pkgsrc-2011Q3-base:1.19 pkgsrc-2011Q2:1.19.0.10 pkgsrc-2011Q2-base:1.19 pkgsrc-2011Q1:1.19.0.8 pkgsrc-2011Q1-base:1.19 pkgsrc-2010Q4:1.19.0.6 pkgsrc-2010Q4-base:1.19 pkgsrc-2010Q3:1.19.0.4 pkgsrc-2010Q3-base:1.19 pkgsrc-2010Q2:1.19.0.2 pkgsrc-2010Q2-base:1.19 pkgsrc-2010Q1:1.18.0.8 pkgsrc-2010Q1-base:1.18 pkgsrc-2009Q4:1.18.0.6 pkgsrc-2009Q4-base:1.18 pkgsrc-2009Q3:1.18.0.4 pkgsrc-2009Q3-base:1.18 pkgsrc-2009Q2:1.18.0.2 pkgsrc-2009Q2-base:1.18 pkgsrc-2009Q1:1.17.0.18 pkgsrc-2009Q1-base:1.17 pkgsrc-2008Q4:1.17.0.16 pkgsrc-2008Q4-base:1.17 pkgsrc-2008Q3:1.17.0.14 pkgsrc-2008Q3-base:1.17 cube-native-xorg:1.17.0.12 cube-native-xorg-base:1.17 pkgsrc-2008Q2:1.17.0.10 pkgsrc-2008Q2-base:1.17 cwrapper:1.17.0.8 pkgsrc-2008Q1:1.17.0.6 pkgsrc-2008Q1-base:1.17 pkgsrc-2007Q4:1.17.0.4 pkgsrc-2007Q4-base:1.17 pkgsrc-2007Q3:1.17.0.2 pkgsrc-2007Q3-base:1.17 pkgsrc-2007Q2:1.16.0.24 pkgsrc-2007Q2-base:1.16 pkgsrc-2007Q1:1.16.0.22 pkgsrc-2007Q1-base:1.16 pkgsrc-2006Q4:1.16.0.20 pkgsrc-2006Q4-base:1.16 pkgsrc-2006Q3:1.16.0.18 pkgsrc-2006Q3-base:1.16 pkgsrc-2006Q2:1.16.0.16 pkgsrc-2006Q2-base:1.16 pkgsrc-2006Q1:1.16.0.14 pkgsrc-2006Q1-base:1.16 pkgsrc-2005Q4:1.16.0.12 pkgsrc-2005Q4-base:1.16 pkgsrc-2005Q3:1.16.0.10 pkgsrc-2005Q3-base:1.16 pkgsrc-2005Q2:1.16.0.8 pkgsrc-2005Q2-base:1.16 pkgsrc-2005Q1:1.16.0.6 pkgsrc-2005Q1-base:1.16 pkgsrc-2004Q4:1.16.0.4 pkgsrc-2004Q4-base:1.16 pkgsrc-2004Q3:1.16.0.2 pkgsrc-2004Q3-base:1.16 pkgsrc-2004Q2:1.14.0.2 pkgsrc-2004Q2-base:1.14 pkgsrc-2004Q1:1.12.0.2 pkgsrc-2004Q1-base:1.12 pkgsrc-2003Q4:1.10.0.2 pkgsrc-2003Q4-base:1.10 pkgviews:1.2.0.2 pkgviews-base:1.2 buildlink2:1.1.1.1.0.2 buildlink2-base:1.3 netbsd-1-5-PATCH003:1.1.1.1 netbsd-1-5-PATCH001:1.1.1.1 netbsd-1-5-RELEASE:1.1.1.1 netbsd-1-4-PATCH003:1.1.1.1 netbsd-1-4-PATCH002:1.1.1.1 comdex-fall-1999:1.1.1.1 netbsd-1-4-PATCH001:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.20 date 2018.11.23.21.30.27; author mrg; state dead; branches; next 1.19; commitid Aruk85O3ztG3771B; 1.19 date 2010.05.10.03.42.18; author mrg; state Exp; branches; next 1.18; 1.18 date 2009.04.18.21.06.15; author mrg; state Exp; branches; next 1.17; 1.17 date 2007.09.07.23.01.59; author jlam; state Exp; branches; next 1.16; 1.16 date 2004.08.20.03.06.38; author mrg; state dead; branches; next 1.15; 1.15 date 2004.06.21.01.45.22; author lukem; state Exp; branches; next 1.14; 1.14 date 2004.04.29.12.12.31; author lukem; state Exp; branches; next 1.13; 1.13 date 2004.03.28.20.52.00; author martin; state Exp; branches; next 1.12; 1.12 date 2004.03.02.17.25.36; author wiz; state Exp; branches; next 1.11; 1.11 date 2004.02.24.13.39.57; author wiz; state Exp; branches; next 1.10; 1.10 date 2003.10.06.01.18.28; author mrg; state dead; branches; next 1.9; 1.9 date 2003.09.27.15.37.43; author wiz; state Exp; branches; next 1.8; 1.8 date 2003.09.22.08.38.59; author wiz; state Exp; branches; next 1.7; 1.7 date 2002.11.06.11.03.29; author mrg; state dead; branches; next 1.6; 1.6 date 2002.10.26.20.01.46; author wiz; state Exp; branches; next 1.5; 1.5 date 2002.09.13.09.30.07; author mrg; state dead; branches; next 1.4; 1.4 date 2002.09.12.21.20.32; author wiz; state Exp; branches; next 1.3; 1.3 date 2002.08.04.23.19.59; author wiz; state dead; branches; next 1.2; 1.2 date 2002.07.10.10.48.04; author mrg; state Exp; branches; next 1.1; 1.1 date 99.05.19.12.02.20; author bad; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 99.05.19.12.02.20; author bad; state Exp; branches 1.1.1.1.2.1; next ; 1.1.1.1.2.1 date 2002.08.25.21.22.17; author jlam; state dead; branches; next ; desc @@ 1.20 log @update to bozohttpd 20181123. changes include: o add url remap support via .bzremap file, from martin@@netbsd.org o handle redirections for any protocol, not just http: o fix a denial of service attack against header contents, which is now bounded at 16KiB. reported by JP o reduce default timeouts, and add expand timeouts to handle the initial line, each header, and the total time spent o add -T option to expose new timeout settings o minor RFC fixes related to timeout handling o fix special file (.htpasswd, .bz*) bypass. reported by JP. anyone using .htpasswd files should update ASAP. @ text @$NetBSD: patch-aa,v 1.19 2010/05/10 03:42:18 mrg Exp $ --- auth-bozo.c.orig 2010-05-09 19:51:28.000000000 -0700 +++ auth-bozo.c 2010-05-09 20:13:45.000000000 -0700 @@@@ -38,6 +38,10 @@@@ #include #include +#ifndef NO_SSL_SUPPORT +#include +#endif + #include "bozohttpd.h" #ifndef AUTH_FILE @@@@ -99,7 +103,7 @@@@ request->hr_authpass)); if (strcmp(request->hr_authuser, user) != 0) continue; - if (strcmp(crypt(request->hr_authpass, pass), + if (strcmp(DES_crypt(request->hr_authpass, pass), pass) != 0) break; fclose(fp); @ 1.19 log @import bozohttpd 20100509. it has these changes: o major rework and clean up of internal interfaces. move the main program into main.c, the remaining parts are useable as library. add bindings for lua. by Alistair G. Crooks o fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566325 special thanks to al for the majority of these changes. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.18 2009/04/18 21:06:15 mrg Exp $ @ 1.18 log @update to bozohttpd 20090418. changes include: o avoid dying in daemon mode for some uncommon, but recoverable, errors o close leaking file descriptors for CGI and daemon mode o handle poll errors properly o don't try to handle more than one request per process yet @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.17 2007/09/07 23:01:59 jlam Exp $ d3 2 a4 2 --- auth-bozo.c.orig 2009-04-18 00:38:56.000000000 -0700 +++ auth-bozo.c 2009-04-18 14:03:57.000000000 -0700 d16 1 a16 1 @@@@ -98,7 +102,7 @@@@ d20 3 a22 2 - if (strcmp(crypt(request->hr_authpass, pass), pass)) + if (strcmp(DES_crypt(request->hr_authpass, pass), pass)) a24 1 return 0; @ 1.17 log @auth-bozo.c cheats and assumes that libcrypto.so is linked against libcrypt.so and so just include is enough to use crypt(). This doesn't work when the assumption fails. Since we always build with SSL support in pkgsrc, just use the DES_crypt() from the OpenSSL libraries. @ text @d1 1 a1 1 $NetBSD$ d3 5 a7 4 --- auth-bozo.c.orig Wed May 17 08:19:10 2006 +++ auth-bozo.c @@@@ -37,7 +37,12 @@@@ #include a8 2 #include + a10 2 +#else #include d12 1 a12 1 d15 2 a16 1 @@@@ -97,7 +102,7 @@@@ auth_check(http_req *request, const char d24 1 a24 1 return; @ 1.16 log @update to bozohttpd 20040808. changes since previous version (many already in pkgsrc) include: o CGI status is now properly handled (-a flag has been removed) o CGI file upload support works o %xy translations are no longer ever applied after the first '?', ala RFC2396. from lukem o daemon mode (-b) should no longer hang spinning forever if it sees no children. from lukem o new .bzabsredirect file support. from o return a 404 error if we see %00 or %2f (/) o don't print 2 "200" headers for CGI o support .torrent files @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.15 2004/06/21 01:45:22 lukem Exp $ d3 4 a6 5 --- bozohttpd.c.orig 2004-02-19 00:11:57.000000000 +1100 +++ bozohttpd.c @@@@ -118,6 +118,9 @@@@ #undef NO_SSL_SUPPORT /* don't support ssl (https) */ #endif d8 1 a8 2 +/* XXXPKGSRC: change in sync with PKGREVISION */ +#define SERVER_SOFTWARE "bozohttpd/20040218nb6" d10 4 a13 9 #ifndef INDEX_HTML #define INDEX_HTML "index.html" #endif @@@@ -136,6 +139,9 @@@@ #ifndef REDIRECT_FILE #define REDIRECT_FILE ".bzredirect" #endif +#ifndef ABSREDIRECT_FILE +#define ABSREDIRECT_FILE ".bzabsredirect" d16 1 a16 10 /* * And so it begins .. @@@@ -329,7 +335,7 @@@@ static void process_request(http_req *); static void check_special_files(http_req *, const char *); static int check_direct_access(http_req *request); static char *transform_request(http_req *, int *); -static void handle_redirect(http_req *, const char *); +static void handle_redirect(http_req *, const char *, int absolute); static void print_header(http_req *, struct stat *, const char *, const char *); d18 9 a26 208 @@@@ -1186,7 +1192,7 @@@@ process_request(request) if (fstat(fd, &sb) < 0) http_error(500, request, "can't fstat"); if (S_ISDIR(sb.st_mode)) - handle_redirect(request, NULL); + handle_redirect(request, NULL, 0); /* NOTREACHED */ /* XXX RFC1945 10.9 If-Modified-Since (http code 304) */ @@@@ -1346,9 +1352,8 @@@@ static void sigchild(signo) int signo; { - int status; - while (waitpid(-1, &status, WNOHANG) != -1) + while (waitpid(-1, NULL, WNOHANG) > 0) ; } #endif /* NO_DAEMON_MODE */ @@@@ -1438,6 +1443,9 @@@@ check_special_files(http_req *request, c if (strcmp(name, REDIRECT_FILE) == 0) http_error(403, request, "no permission to open redirect file"); + if (strcmp(name, ABSREDIRECT_FILE) == 0) + http_error(403, request, + "no permission to open redirect file"); #ifdef DO_HTPASSWD if (strcmp(name, AUTH_FILE) == 0) http_error(403, request, @@@@ -1454,8 +1462,8 @@@@ check_bzredirect(http_req *request) { struct stat sb; char dir[MAXPATHLEN], redir[MAXPATHLEN], redirpath[MAXPATHLEN]; - char *basename; - int rv; + char *basename, *finalredir; + int rv, absolute; /* @@@@ -1477,19 +1485,35 @@@@ check_bzredirect(http_req *request) } snprintf(redir, sizeof(redir), "%s/%s", dir, REDIRECT_FILE); - if (lstat(redir, &sb) < 0 || S_ISLNK(sb.st_mode) == 0) - return; + if (lstat(redir, &sb) == 0) { + if (S_ISLNK(sb.st_mode) == 0) + return; + absolute = 0; + } else { + snprintf(redir, sizeof(redir), "%s/%s", dir, ABSREDIRECT_FILE); + if (lstat(redir, &sb) < 0 || S_ISLNK(sb.st_mode) == 0) + return; + absolute = 1; + } debug((DEBUG_FAT, "check_bzredirect: calling readlink")); rv = readlink(redir, redirpath, sizeof redirpath); - if (rv == -1) + if (rv == -1) { + debug((DEBUG_FAT, "readlink failed")); return; + } if (rv - 1 < sizeof redirpath) redirpath[rv] = '\0'; + debug((DEBUG_FAT, "readlink returned \"%s\"", redirpath)); /* now we have the link pointer, redirect to the real place */ - snprintf(redir, sizeof(redir), "/%s/%s", dir, redirpath); - debug((DEBUG_FAT, "check_bzredirect: new redir %s", redir)); - handle_redirect(request, redir); + if (absolute) { + finalredir = redirpath; + } else { + snprintf(redir, sizeof(redir), "/%s/%s", dir, redirpath); + finalredir = redir; + } + debug((DEBUG_FAT, "check_bzredirect: new redir %s", finalredir)); + handle_redirect(request, finalredir, absolute); } /* @@@@ -1602,7 +1626,7 @@@@ transform_request(request, isindex) if (asprintf(&slashindexhtml, "/%s", index_html) < 0) error(1, "asprintf"); debug((DEBUG_FAT, "rflag: redirecting %s to %s", url, slashindexhtml)); - handle_redirect(request, slashindexhtml); + handle_redirect(request, slashindexhtml, 0); /* NOTREACHED */ } } @@@@ -1619,7 +1643,7 @@@@ transform_request(request, isindex) if (url[2] == '\0') http_error(404, request, "missing username"); if (strchr(url + 2, '/') == NULL) - handle_redirect(request, NULL); + handle_redirect(request, NULL, 0); /* NOTREACHED */ debug((DEBUG_FAT, "calling transform_user")); return (transform_user(request, isindex)); @@@@ -1733,9 +1757,10 @@@@ transform_user(request, isindex) * do automatic redirection */ static void -handle_redirect(request, url) +handle_redirect(request, url, absolute) http_req *request; const char *url; + int absolute; { char *urlbuf; char portbuf[20]; @@@@ -1755,16 +1780,24 @@@@ handle_redirect(request, url) (void)bozoprintf("%s 301 Document Moved\r\n", request->hr_proto); if (request->hr_proto != http_09) print_header(request, NULL, "text/html", NULL); - if (request->hr_proto != http_09) - (void)bozoprintf("Location: http://%s%s%s\r\n", myname, portbuf, - url); + if (request->hr_proto != http_09) { + if (absolute) + (void)bozoprintf("Location: http://%s\r\n", url); + else + (void)bozoprintf("Location: http://%s%s%s\r\n", myname, portbuf, + url); + } (void)bozoprintf("\r\n"); if (request->hr_method == HTTP_HEAD) goto head; (void)bozoprintf("Document Moved\n"); (void)bozoprintf("

Document Moved

\n"); - (void)bozoprintf("This document had moved here\n", - myname, portbuf, url); + if (absolute) + (void)bozoprintf("This document had moved here\n", + url); + else + (void)bozoprintf("This document had moved here\n", + myname, portbuf, url); (void)bozoprintf("\n"); head: fflush(stdout); @@@@ -1951,6 +1984,7 @@@@ process_cgi(request) spsetenv("SERVER_PROTOCOL", request->hr_proto, curenvp++); spsetenv("REQUEST_METHOD", request->hr_methodstr, curenvp++); spsetenv("SCRIPT_NAME", url, curenvp++); + spsetenv("SCRIPT_FILENAME", url+1, curenvp++); spsetenv("SERVER_SOFTWARE", server_software, curenvp++); spsetenv("REQUEST_URI", request->hr_url, curenvp++); spsetenv("DATE_GMT", date, curenvp++); @@@@ -1977,8 +2011,8 @@@@ process_cgi(request) /* may as well wait as long as possible */ print_cgi_header: - (void)bozoprintf("%s 200 Here it is\r\n", request->hr_proto); if (!aflag) { + (void)bozoprintf("%s 200 Here it is\r\n", request->hr_proto); debug((DEBUG_OBESE, "process_cgi: writing HTTP header ..")); if (request->hr_proto != http_09) print_header(NULL, NULL, NULL, NULL); @@@@ -1988,8 +2022,6 @@@@ print_cgi_header: } else debug((DEBUG_OBESE, "process_cgi: not-writing HTTP header ..")); - /* XXX we should be printing 200 here? */ - (void)bozoprintf("%s 200 Here it is\r\n", request->hr_proto); debug((DEBUG_FAT, "process_cgi: going exec %s, %s %s %s", path, argv[0], strornull(argv[1]), strornull(argv[2]))); @@@@ -2078,7 +2110,7 @@@@ escape_html(request) request->hr_url = tmp; } -/* this fixes the %HH hack that RFC1738 requires. */ +/* this fixes the %HH hack that RFC2396 requires. */ static void fix_url_percent(request) http_req *request; @@@@ -2089,19 +2121,7 @@@@ fix_url_percent(request) url = request->hr_url; /* make sure we don't translate *too* much */ -#ifndef NO_CGIBIN_SUPPORT - /* - * XXX somewhat duplicate cgibin check here, but this one lets - * and encoded "/cgi-bin" work, but not to stop everything past - * the '?' being not fixed. - * - * XXX cgihandlers support - */ - if (cgibin && strncmp(url + 1, CGIBIN_PREFIX, CGIBIN_PREFIX_LEN) == 0) { - end = strchr(request->hr_url + CGIBIN_PREFIX_LEN, '?'); - } else -#endif /* NO_CGIBIN_SUPPORT */ - end = 0; + end = strchr(request->hr_url, '?'); /* fast forward to the first % */ if ((s = strchr(url, '%')) == NULL) @@@@ -2291,6 +2311,7 @@@@ static struct content_map content_map[] { ".ppt", "application/powerpoint", "", "", NULL }, { ".rtf", "application/rtf", "", "", NULL }, { ".bcpio", "application/x-bcpio", "", "", NULL }, + { ".torrent", "application/x-bittorrent", "", "", NULL }, { ".vcd", "application/x-cdlink", "", "", NULL }, { ".cpio", "application/x-cpio", "", "", NULL }, { ".csh", "application/x-csh", "", "", NULL }, @ 1.15 log @* Fix SIGCHLD handler * Only decode %xx up to the first '?' in all requests, per RFC2396. * Crank PKGREVISION * Set SERVER_SOFTWARE to explicitly contain "nb6" (the PKGREVISION). (I would have done this with CPPFLAGS, except the make/shell/cpp quoting ended up too hairy & fragile) @ text @d1 1 a1 1 $NetBSD$ @ 1.14 log @Add SCRIPT_FILENAME to the environment variables provided to CGIs, as a copy of SCRIPT_NAME with the leading `/' removed. Note that SCRIPT_FILENAME is _not_ a CGI/1.1 environment variable per http://cgi-spec.golux.com/ If SCRIPT_FILENAME is not set set PHP 4.3.6 as a CGI fails with No input file specified. Apache sets this variable; it appears that many other CGI/1.1 compliant web servers do not and thus PHP 4.3.6 as a CGI doesn't function with them. "oh joy." @ text @d5 11 a15 1 @@@@ -136,6 +136,9 @@@@ d25 1 a25 1 @@@@ -329,7 +332,7 @@@@ static void process_request(http_req *); d34 1 a34 1 @@@@ -1186,7 +1189,7 @@@@ process_request(request) d43 12 a54 1 @@@@ -1438,6 +1441,9 @@@@ check_special_files(http_req *request, c d64 1 a64 1 @@@@ -1454,8 +1460,8 @@@@ check_bzredirect(http_req *request) d75 1 a75 1 @@@@ -1477,19 +1483,35 @@@@ check_bzredirect(http_req *request) d117 1 a117 1 @@@@ -1602,7 +1624,7 @@@@ transform_request(request, isindex) d126 1 a126 1 @@@@ -1619,7 +1641,7 @@@@ transform_request(request, isindex) d135 1 a135 1 @@@@ -1733,9 +1755,10 @@@@ transform_user(request, isindex) d147 1 a147 1 @@@@ -1755,16 +1778,24 @@@@ handle_redirect(request, url) d177 1 a177 1 @@@@ -1951,6 +1982,7 @@@@ process_cgi(request) d185 1 a185 1 @@@@ -1977,8 +2009,8 @@@@ process_cgi(request) d195 1 a195 1 @@@@ -1988,8 +2020,6 @@@@ print_cgi_header: d204 31 a234 1 @@@@ -2291,6 +2321,7 @@@@ static struct content_map content_map[] @ 1.13 log @Fix http headers for cgi scripts (from tyler). Add absolute redirects via .bzabsredirect symbolic links. @ text @d3 2 a4 2 --- bozohttpd.c.orig 2004-02-18 14:11:57.000000000 +0100 +++ bozohttpd.c 2004-03-28 22:46:29.000000000 +0200 d15 1 a15 1 @@@@ -329,7 +332,7 @@@@ d24 1 a24 1 @@@@ -1186,7 +1189,7 @@@@ d33 1 a33 1 @@@@ -1438,6 +1441,9 @@@@ d43 1 a43 1 @@@@ -1454,8 +1460,8 @@@@ d54 1 a54 1 @@@@ -1477,19 +1483,35 @@@@ d96 1 a96 1 @@@@ -1602,7 +1624,7 @@@@ d105 1 a105 1 @@@@ -1619,7 +1641,7 @@@@ d114 1 a114 1 @@@@ -1733,9 +1755,10 @@@@ d126 1 a126 1 @@@@ -1755,16 +1778,24 @@@@ d156 9 a164 1 @@@@ -1977,8 +2008,8 @@@@ d174 1 a174 1 @@@@ -1988,8 +2019,6 @@@@ d183 1 a183 1 @@@@ -2291,6 +2320,7 @@@@ @ 1.12 log @Add MIME type for bittorrent files. PKGREVISION=2. @ text @d3 164 a166 3 --- bozohttpd.c.orig Wed Feb 18 14:11:57 2004 +++ bozohttpd.c @@@@ -1988,8 +1988,6 @@@@ print_cgi_header: d175 1 a175 1 @@@@ -2291,6 +2289,7 @@@@ static struct content_map content_map[] @ 1.11 log @Add patch from mrg@@ that removes superfluous HTTP protocol lines at the end of CGI script output. Bump PKGREVISION to 1. @ text @d14 8 @ 1.10 log @update to bozohttpd 20031005. changes include: o fixes for basic authorisation. from o always display file size in directory index mode o add .xbel, .xml & .xsl -> text/xml mappings. from @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.9 2003/09/27 15:37:43 wiz Exp $ d3 1 a3 1 --- bozohttpd.c.orig 2003-07-09 17:53:47.000000000 +0200 d5 3 a7 9 @@@@ -2092,6 +2092,9 @@@@ static struct content_map content_map[] { ".ice", "x-conference/x-cooltalk", "", "", NULL }, { ".wrl", "x-world/x-vrml", "", "", NULL }, { ".vrml", "x-world/x-vrml", "", "", NULL }, + { ".xbel", "text/xml", "", "", NULL }, + { ".xml", "text/xml", "", "", NULL }, + { ".xsl", "text/xml", "", "", NULL }, { NULL, NULL, NULL, NULL, NULL, }, }; d9 4 a12 16 @@@@ -2332,10 +2335,10 @@@@ error(int code, const char *fmt, ...) /* the follow functions and variables are used in handling HTTP errors */ /* ARGSUSED */ static void -http_error(code, request, log) +http_error(code, request, logstr) int code; http_req *request; - const char *log; + const char *logstr; { static char buf[BUFSIZ]; /* static so we don't need to malloc? */ char portbuf[20]; @@@@ -2344,7 +2347,7 @@@@ http_error(code, request, log) const char *proto = (request && request->hr_proto) ? request->hr_proto : http_11; int size; a13 5 - debug((DEBUG_FAT, "http_error %d: %s", code, log)); + debug((DEBUG_FAT, "http_error %d: %s", code, logstr)); if (header == NULL || reason == NULL) error(1, "http_error() failed (short = %p, long = %p)", header, reason); @ 1.9 log @Fix build with gcc3 (hi mrg! :) ). @ text @d1 1 a1 1 $NetBSD$ @ 1.8 log @Teach bozohttpd some XML mime types (mozilla needs them). Bump PKGREVISION. @ text @d3 1 a3 1 --- bozohttpd.c.orig Wed Jul 9 17:53:47 2003 d15 22 @ 1.7 log @update to bozohttpd 20021106. changes: o add .bz2 support o properly escape <, > and & in error messages, partly from Nicolas Jombart o new -H flag to hide .* files in directory index mode o fix buffer reallocation when parsing a request, to avoid overflowing the buffer with carriage returns (\r) o do not decode "%XY"-style cgi-bin data beyond the "?" @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.6 2002/10/26 20:01:46 wiz Exp $ d3 1 a3 1 --- bozohttpd.c.orig Fri Sep 13 11:02:14 2002 d5 9 a13 11 @@@@ -1577,13 +1577,26 @@@@ fix_url_percent(request) http_req *request; { char *s, *t, buf[3]; + char *url, *end; /* if end is not-zero, we don't translate beyond that */ + + url = request->url; + if (strncmp(url + 1, CGIBIN_PREFIX, CGIBIN_PREFIX_LEN) == 0) { + end = strchr(request->url + CGIBIN_PREFIX_LEN, '?'); + } else + end = 0; a14 16 /* fast forward to the first % */ - if ((s = strchr(request->url, '%')) == NULL) + if ((s = strchr(url, '%')) == NULL) return; t = s; do { + if (end && s >= end) { + debug((DEBUG_OBESE, "fu_%%: past end, filling out..")); + while (*s) + *t++ = *s++; + break; + } debug((DEBUG_OBESE, "fu_%%: got s == %%, s[1]s[2] == %c%c", s[1], s[2])); if (s[1] == '\0' || s[2] == '\0') @ 1.6 log @Add a patch that fixes a problem with some quoted chars and cgibins. Patch provided by mrg -- thanks! Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.5 log @update to bozohttpd 5.15. changes are: o add .ogg support -> `application/x-ogg' o fix CGI requests with "/" in the query part @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.4 2002/09/12 21:20:32 wiz Exp $ d3 1 a3 1 --- bozohttpd.c.orig Fri Aug 23 07:43:44 2002 d5 11 a15 3 @@@@ -1434,6 +1434,12 @@@@ process_cgi(request) if (request->method == HTTP_HEAD) goto print_cgi_header; d17 4 a20 19 + if ((s = strchr(url, '?')) != NULL) { + *s++ = '\0'; + query = s; + } else + query = NULL; + if ((s = strchr(url + 1, '/')) != NULL) { command = malloc(s - url); if (command == NULL) @@@@ -1449,12 +1455,6 @@@@ process_cgi(request) if (*command == '/') command++; } - - if ((s = strchr(url, '?')) != NULL) { - *s++ = '\0'; - query = s; - } else - query = NULL; d22 11 a32 2 debug((DEBUG_FAT, "process_cgi: cmd %s info %s query %s", command, info, query ? query : "")); @ 1.4 log @Fix a problem with cgi-bin's and the GET method. Patch from mrg, due to be included in the next release, but who knows when that will be ;) Bump to 5.14nb1. @ text @d1 1 a1 1 $NetBSD$ @ 1.3 log @Update to 5.13, provided by the author and maintainer. changes since bozohttpd 5.12: o support .mp3 files (type audio/mpeg) o use stat() to find out if something is a directory, for -X mode changes since bozohttpd 5.11: o constification o fixes & enhancements for directory index mode (-X) @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.2 2002/07/10 10:48:04 mrg Exp $ d3 5 a7 3 --- Makefile.orig Wed Jul 10 20:07:09 2002 +++ Makefile Wed Jul 10 20:16:40 2002 @@@@ -5,6 +5,9 @@@@ d9 5 a13 4 WARNS= 2 +BINDIR=$(PREFIX)/libexec +MANDIR=$(PREFIX)/man d15 13 a27 1 .include d29 2 a30 1 check: @ 1.2 log @update to bozohttpd 5.10. changes include: - many man pages and updates - freebsd support - cgi-bin fixes - improved logging - builtin chroot support @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.1.1 1999/05/19 12:02:20 bad Exp $ @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 5 a7 5 --- Makefile.orig Wed May 19 21:45:11 1999 +++ Makefile Wed May 19 21:50:17 1999 @@@@ -3,4 +3,7 @@@@ PROG= bozohttpd MAN= bozohttpd.8 d13 2 @ 1.1.1.1 log @Initial import of Matthew R. Green's bozohttpd 5.0. ``Less is more.'' @ text @@ 1.1.1.1.2.1 log @Merge changes in the main trunk into the buildlink2 branch for those packages that have been converted to USE_BUILDLINK2. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.1.1 1999/05/19 12:02:20 bad Exp $ @