Mike Barnes
5a9b2518be
Allow dropping privs on platforms without setresuid()
2022-01-29 16:14:37 +11:00
Mike Barnes
47e075383f
Set facility with openlog, fix message priorites.
2022-01-29 16:01:29 +11:00
15d09d2c01
fix user chroot issue + style
2021-10-21 11:41:22 +02:00
f8aff7fe05
fix cgi error (file not found) and useless 'unveil' pledge promise
2021-04-30 09:38:12 +02:00
4972df5999
Fix virtualhost support changing the way request is parsed
2021-03-22 21:44:23 +01:00
de52acecfc
Merge branch 'master' of tildegit.org:solene/vger
2021-03-09 20:37:46 +01:00
ee8569c6e6
simplify cgi function
...
Don't fork+execlp the script. There's no need to do so since on exec
the new process will inherit our file descriptor table (and hence our
stdout), so copying from its stdout to ours is just a waste of time.
This allows to drop the ``proc'' pledge(2) promise and to (slightly)
improve performance.
2021-03-09 19:14:42 +01:00
16a5ed7b30
drop unnecessary unveil(NULL, NULL)
...
the next line is a call to pledge, that alone is will block further
calls to unveil(2) since ``unveil'' isn't in the set of pledges.
2021-03-09 19:14:42 +01:00
cbcf4ec9b6
fix redirect when vhost support is enabled
2021-03-09 19:14:42 +01:00
7431d3eeec
Use the correct error codes and meaningful explanations
...
Introduce status_error: it's like status or status_redirect but for
errors, thus it doesn't add ``;lang=$lang'' at the end.
2021-03-09 19:14:42 +01:00
e9be1b73a7
percent-decode uri
2021-03-02 10:06:09 +01:00
e87b36c991
check request length for empty and too long
2021-03-02 10:04:04 +01:00
e3b5fb2ab3
Revert "deal with too small/long requests"
...
This reverts commit efa1f639fc
2021-03-01 19:35:41 +01:00
9525d66afb
Revert "follow spec, fread() get nmemb-1"
...
This reverts commit fbacb35170
2021-03-01 19:35:37 +01:00
d086262d1a
Revert "empty request should works all the time, not only when in virtualhost"
...
This broke vger from inetd but it passed the tests.
This reverts commit 7b0686bdfa
2021-03-01 19:35:17 +01:00
7b0686bdfa
empty request should works all the time, not only when in virtualhost
2021-02-27 19:59:28 +01:00
fbacb35170
follow spec, fread() get nmemb-1
2021-02-25 20:30:30 +01:00
efa1f639fc
deal with too small/long requests
2021-02-25 18:37:48 +01:00
458592594e
Repair chroot, the only feature that isn't covered by tests
2021-02-23 23:24:12 +01:00
55042768e5
restore parent link in autoindex and add comments
2021-01-31 22:05:48 +01:00
de7cd12f9f
ignore after ? and make cgi+virtualhost work (sort of)
2021-01-31 21:21:15 +01:00
3510035711
fix unacceptable ../ in autoidx and code formatting
2021-01-31 13:59:24 +01:00
2cc63136f8
alphasort autoindex + add proper error code fir cgi
2021-01-14 14:30:11 +01:00
470e47a018
Add simple cgi support +:
...
* read file byte after byte
* format code (syslog + err)
* move functions in utils.c
2021-01-14 13:31:51 +01:00
f60ea88c8d
add mimetype and autoindex option + minor changes
...
* follow style(9) for prototypes
* move first most used extension for more effeciciency when looking for mime
* add opts.h to deal with options
* remove lang=en by default
* add option to set default mimetype
* add option to autoindex if no index.gmi found
* redirect if ending "/" is missing
* send appropriate status code if request too long
* edit manpage and README for new options
2021-01-10 09:30:35 +01:00
4a1b0c8ce2
fix issue if missing ending '/' and add appropriate test
2021-01-06 21:37:38 +01:00
b2ccab7448
Error code = 51 (not found) and redirection is now 30 following specifications Appendix https://gemini.circumlunar.space/docs/specification.html
2021-01-03 17:50:45 +01:00
f0f05b83aa
Add support to redirection
2021-01-01 21:00:40 +01:00
ef93e01091
Remove the port part of the hostname + according test suite
...
patch from prx
2021-01-01 16:09:43 +01:00
d5cf84928e
fix tests, initialize all, remove useless var
2020-12-13 11:11:38 +01:00
f9dc956824
errcheck strlcat
2020-12-13 11:11:36 +01:00
8aa3acd2d4
add errors checks on strlcpy, fgets, use faster memmove to don't need buffer
2020-12-13 11:11:25 +01:00
e3448992bc
use macro
2020-12-13 11:09:22 +01:00
e3cb05af6d
init all
2020-12-13 11:08:26 +01:00
7381464bf7
initialize option
2020-12-13 11:08:23 +01:00
44a767f577
initialize pos
2020-12-13 11:08:21 +01:00
395eeeccea
path is supposed to be const. format unveil in a fuction
2020-12-09 21:31:35 +01:00
4e82f1e44c
remove unused extension and fix warnings
2020-12-09 21:29:15 +01:00
fa328268e2
No need to copy path to a local buffer, use it directly.
...
Since path is a pointer to a constant string we can make it
point to a different constant string ("/").
2020-12-06 13:18:58 +01:00
5a238e8666
Use BUFSIZ for the amount of data to copy through stdio.
...
According to the book of armaments(posix):
BUFSIZ
Size of <stdio.h> buffers. This shall expand to a positive value.
There is also no need for the buflen variable since the size never
changes during runtime and the compiler can infer the size via
sizeof().
2020-12-06 13:18:58 +01:00
bfd1f66350
Return a constant string from the mimes database.
...
We are not modifying it so there is no need to copy memory around.
This also prevents file_mime getting out of sync as had already
happend. It had a size of 50 while the mime types database type used
to have a size of 70.
2020-12-05 18:05:17 +01:00
16657e070c
Fix file path after chroot()
2020-12-05 17:51:15 +01:00
f28f906b6a
stat(2) can fail, rearange error handling to handle this
2020-12-05 09:39:12 +01:00
75cf996cec
safely drop privs
2020-12-05 09:39:12 +01:00
8d69d84784
errno is not set here
2020-12-05 09:39:12 +01:00
27bc29da7a
sys/ includes go at the front
2020-12-05 09:39:12 +01:00
3d18122b7e
main does not need a prototype
2020-12-05 09:39:12 +01:00
5b3dc1dd02
Do not include c sources
2020-12-05 09:39:12 +01:00
345215fa9b
Code refactoring: get_file_mime got into mime.c and all security code moved into a procedure
2020-12-04 19:08:36 +01:00
e9c3945ede
Add syslog messages
2020-12-04 18:55:31 +01:00
Mike Barnes
prx
Omar Polo
Solene Rapenne
Florian Obser