openwrt/upstream - upstream openwrt

	Commit message (Collapse)	Author	Age	Files	Lines
*	uhttpd: Add Basic Auth config	Daniel Dickinson	2016-10-31	1	-1/+28
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	We add an 'httpauth' section type that contains the options: prefix: What virtual or real URL is being protected username: The username for the Basic Auth dialogue password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue httpauth section names are given included as list items to the instances to which they are to be applied. Further any existing httpd.conf file (really whatever is configured in the instance, but default of /etc/httpd.conf) is appended to the per-instance httpd.conf Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
*	uhttpd: create self-signed certificates with unique subjects	Hannu Nyman	2016-10-26	1	-1/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add a partially random O= item to the certificate subject in order to make the automatically generated certificates' subjects unique. Firefox has problems when several self-signed certificates with CA:true attribute and identical subjects have been seen (and stored) by the browser. Reference to upstream bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1147544 https://bugzilla.mozilla.org/show_bug.cgi?id=1056341 https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34 Certificates created by the OpenSSL one-liner fall into that category. Avoid identical certificate subjects by including a new 'O=' item with CommonName + a random part (8 chars). Example: /CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ That ensures that the browser properly sees the accumulating certificates as separate items and does not spend time trying to form a trust chain from them. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
*	uhttpd: prefer px5g for certificate creation	Hannu Nyman	2016-10-26	1	-2/+2
\| \| \| \| \| \| \|	Prefer the old default 'px5g' for certificate creation as Firefox seems to dislike OpenSSL-created certs. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
*	uhttpd: support using OpenSSL for certificate generation	Hannu Nyman	2016-10-05	1	-2/+7
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Support the usage of the OpenSSL command-line tool for generating the SSL certificate for uhttpd. Traditionally 'px5g' based on PolarSSL (or mbedTLS in LEDE), has been used for the creation. uhttpd init script is enhanced by adding detection of an installed openssl command-line binary (provided by 'openssl-util' package), and if found, the tool is used for certificate generation. Note: After this patch the script prefers to use the OpenSSL tool if both it and px5g are installed. This enables creating a truly OpenSSL-only version of LuCI without dependency to PolarSSL/mbedTLS based px5g. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
*	branding: add LEDE branding	John Crispin	2016-03-24	1	-1/+1
\| \| \| \|	Signed-off-by: John Crispin <blogic@openwrt.org>
*	package/uhttpd: generate 2048 bit RSA key	Felix Fietkau	2016-01-25	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> SVN-Revision: 48494
*	uhttpd: add support for configuration option ubus_cors	Luka Perkov	2015-11-10	1	-0/+1
\| \| \| \| \| \|	Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 47448
*	uhttpd: update to the latest version, adds support for redirect helper scripts	Felix Fietkau	2015-11-08	1	-0/+4
\| \| \| \| \| \|	Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 47419
*	uhttpd: update to latest git revision	John Crispin	2015-10-19	1	-0/+5
\| \| \| \| \| \| \| \|	adds URL alias support Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 47206
*	uhttpd: fix keep-alive bug (#20607, #20661)	Jo-Philipp Wich	2015-10-07	1	-5/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The two commits 5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291 "allow request handlers to disable chunked reponses" and 618493e378e2239f0d30902e47adfa134e649fdc "file: disable chunked encoding for file responses" broke the chunked transfer encoding handling for proc responses in keep-alive connections that followed a file response with http status 204 or 304. The effect of this bug is that cgi responses following a 204 or 304 one where sent neither in chunked encoding nor with a content-length header, causing browsers to stall until the keep alive timeout was reached. Fix the logic flaw by inverting the chunk prevention flag in the client state and by testing the chunked encoding preconditions every time instead of once upon client (re-)initialization. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 47161
*	uhttpd: add support for enforcing https	Jo-Philipp Wich	2015-05-30	1	-0/+2
\| \| \| \| \| \| \| \|	Also set HTTPS environment variable for CGI programs on SSL connections. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45852
*	uhttpd: make generating SSL keys more reliable against interrupted boots	Felix Fietkau	2015-03-15	1	-2/+5
\| \| \| \| \| \|	Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44772
*	uhttpd: relay stderr to syslog	Jo-Philipp Wich	2015-02-26	1	-0/+1
\| \| \| \| \| \|	Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44548
*	uhttpd: do not configure TLS parameters if libustream-ssl is not present	Jo-Philipp Wich	2014-08-25	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	A quite frequent problem after sysupgrading from an older, SSL enabled build is that ustream-ssl is not installed so uhttpd fails to come up again due to https listening directives in the preserved configuration. Skip key/cert and ssl listen options when libustream-ssl.so is not present. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 42284
*	uhttpd: do not attempt to configure Lua handler if referenced file does not ↵	Jo-Philipp Wich	2014-04-11	1	-3/+5
\| \| \| \| \| \| \| \|	exist Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 40457
*	uhttpd: don't process ubus_* and lua_* options if corresponding plugin is ↵	Jo-Philipp Wich	2013-12-15	1	-4/+8
\| \| \| \| \| \|	not installed (#14618) SVN-Revision: 39057
*	uhttp: make the service auto respawn if it crashes	John Crispin	2013-11-11	1	-0/+1
\| \| \| \| \| \|	Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 38724
*	uhttpd: fix appending https ports to cmdline	Felix Fietkau	2013-09-25	1	-1/+1
\| \| \| \| \| \| \| \|	Otherwise it is started only on non-secure ports. Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik@neratec.com> SVN-Revision: 38171
*	procd: convert various packages to procd style init.d scripts	John Crispin	2013-09-17	1	-23/+15
\| \| \| \| \| \|	Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 38023
*	uhttpd: expose missing options to uci	Jo-Philipp Wich	2013-06-13	1	-0/+5
\| \| \| \|	SVN-Revision: 36932
*	uhttpd: update to latest git head - introduces support for multiple index ↵	Jo-Philipp Wich	2012-10-15	1	-2/+6
\| \| \| \| \| \|	files - fixes build with only the TLS module selected SVN-Revision: 33778
*	packages: sort network related packages into package/network/	Felix Fietkau	2012-10-10	1	-0/+135
	SVN-Revision: 33688