aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/uhttpd
Commit message (Collapse)AuthorAgeFilesLines
* uhttpd: update to latest Git HEADJo-Philipp Wich2020-02-261-3/+3
| | | | | | | 2ee323c file: poke ustream after starting deferred program Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 04069fde19e86af7728111814afadf780bf08018)
* uhttpd: update to latest Git HEADJo-Philipp Wich2019-12-221-4/+4
| | | | | | | | | 5f9ae57 client: fix invalid data access through invalid content-length values 6b03f96 ubus: increase maximum ubus request size to 64KB 91fcac3 uhttpd: Fix multiple format string problems Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit f34f9a414dd32311bda950776eb77e63c0c772cb)
* Revert "uhttpd: disable concurrent requests by default"Jo-Philipp Wich2019-04-242-2/+2
| | | | | | | | | | | This reverts commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf. Further testing has revealed that we will need to allow concurrent requests after all, especially for situations where CGI processes initiate further HTTP requests to the local host. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit f00a4ae6e0b1f7b3d84e11e8dc4dd562088584e0)
* uhttpd: disable concurrent requests by defaultJo-Philipp Wich2019-01-302-2/+2
| | | | | | | | | In order to avoid straining CPU and memory resources on lower end devices, avoid running multiple CGI requests in parallel. Ref: https://forum.openwrt.org/t/high-load-fix-on-openwrt-luci/29006 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf)
* uhttpd: update to latest Git headJo-Philipp Wich2018-11-281-3/+3
| | | | | | | | | | | cdfc902 cgi: escape url in 403 error output 0bba1ce uhttpd: fix building without TLS and Lua support 2ed3341 help: document -A option fa5fd45 file: fix CPP syntax error 77b774b build: avoid redefining _DEFAULT_SOURCE Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 56378bc12da1aa4f9434bd1119ec770096d92cac)
* uhttpd: support multiple Lua prefixesJo-Philipp Wich2018-11-283-21/+32
| | | | | | | | | | | | | | | | | | | | Update to latest git HEAD in order to support configuring multiple concurrent Lua prefixes in a single uhttpd instance: b741dec lua: support multiple Lua prefixes Additionally rework the init script and update the default configuration example to treat the lua_prefix option as key=value uci list, similar to the interpreter extension mapping. Support for the old "option lua_prefix" plus "option lua_handler" notation is still present. Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling files belonging to other packages. Since Lua prefixes have precedence over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which will only become active if both luci-base and uhttpd-mod-lua is installed. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 214146c6f298e593695c29b8c04a418dac914040)
* uhttpd: update to latest Git headJo-Philipp Wich2018-11-281-3/+3
| | | | | | | | 952bf9d build: use _DEFAULT_SOURCE 30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 22681cdef21be45d4d2c3e21939209ea618b66e4)
* uhttpd: update to latest Git headJo-Philipp Wich2018-07-151-3/+3
| | | | | | | | | | | db86175 lua: honour size argument in recv() function d3b9560 utils: add uh_htmlescape() helper 8109b95 file: escape strings in HTML output 393b59e proc: expose HTTP Origin header in process environment 796d42b client: flush buffered SSL output when tearing down client ustream Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit b54bef205846e2b30da23c1316c4a9b941c5078d)
* treewide: replace LEDE_GIT with PROJECT_GITJo-Philipp Wich2018-01-101-1/+1
| | | | | | | Remove LEDE_GIT references in favor to the new name-agnostic PROJECT_GIT variable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: fix PKG_CONFIG_DEPENDS (FS#1189)Hans Dedecker2017-12-151-3/+1
| | | | | | | Remove PACKAGE_uhttpd_debug config as this is an unused leftover Add CONFIG_uhttpd_lua to PKG_CONFIG_DEPENDS Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* merge: uhttpd: update cert generation to match system defaultsZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* merge: packages: update branding in core packagesZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* uhttpd: fix query string handlingJo-Philipp Wich2017-11-071-3/+3
| | | | | | | | | | Update to latest Git in order to fix potential memory corruption and invalid memory access when handling query strings in conjunction with active basic authentication. a235636 2017-11-04 file: fix query string handling Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttp: update to latest versionAdrian Panella2017-09-211-4/+4
| | | | | | | | | | | | | | 3fd58e9 2017-08-19 uhttpd: add manifest support 88c0b4b 2017-07-09 file: fix basic auth regression 99957f6 2017-07-02 file: remove unused "auth" member from struct path_info c0a569d 2017-07-02 proc: expose HTTP_AUTH_USER and HTTP_AUTH_PASS ad93be7 2017-07-02 auth: store parsed username and password fa51d7f 2017-07-02 proc: do not declare empty process variables a8bf9c0 2017-01-26 uhttpd: Add TCP_FASTOPEN support e6cfc91 2016-10-25 lua: ensure that PATH_INFO starts with a slash Signed-off-by: Adrian Panella <ianchi74@outlook.com>
* uhttpd: Enable integrated Lua by defaultAnsuel Smith2017-05-162-4/+17
| | | | | | We enabled lua interpreter by default as it doesn't make any problem in the uhttpd config file and we modify the index page to use it. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* uhttpd: use sha256 when generating certificates with openssl (FS#512)Felix Fietkau2017-02-171-1/+1
| | | | | | Patch from attachment to FS#512 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: drop uhttpd-mod-tls, it has been useless for yearsFelix Fietkau2016-12-221-39/+0
| | | | | | | | | Before the rewrite, uhttpd-mod-tls used to contain a tls plugin. Afterwards it was left in for compatibility reasons, but given how much has changed, and that we're about to change the default SSL implementation again, it's better to just drop this now Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-221-5/+3
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: Add Basic Auth configDaniel Dickinson2016-10-312-1/+38
| | | | | | | | | | | | | | | | | We add an 'httpauth' section type that contains the options: prefix: What virtual or real URL is being protected username: The username for the Basic Auth dialogue password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue httpauth section names are given included as list items to the instances to which they are to be applied. Further any existing httpd.conf file (really whatever is configured in the instance, but default of /etc/httpd.conf) is appended to the per-instance httpd.conf Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
* uhttpd: create self-signed certificates with unique subjectsHannu Nyman2016-10-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Add a partially random O= item to the certificate subject in order to make the automatically generated certificates' subjects unique. Firefox has problems when several self-signed certificates with CA:true attribute and identical subjects have been seen (and stored) by the browser. Reference to upstream bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1147544 https://bugzilla.mozilla.org/show_bug.cgi?id=1056341 https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34 Certificates created by the OpenSSL one-liner fall into that category. Avoid identical certificate subjects by including a new 'O=' item with CommonName + a random part (8 chars). Example: /CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ That ensures that the browser properly sees the accumulating certificates as separate items and does not spend time trying to form a trust chain from them. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: prefer px5g for certificate creationHannu Nyman2016-10-261-2/+2
| | | | | | | Prefer the old default 'px5g' for certificate creation as Firefox seems to dislike OpenSSL-created certs. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: fix handling of special "/" prefix when matching handlersJo-Philipp Wich2016-10-251-3/+3
| | | | | | | | | | The special prefix of "/" should match any url by definition but the final assertion which ensures that the matched prefix ends in '\0' or '/' is causing matches against the "/" prefix to fail. Update to current HEAD in order to fix this particular case. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to the latest version, adds a small json handler fixFelix Fietkau2016-10-081-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* source: Switch to xz for packages and tools where possibleDaniel Engberg2016-10-061-1/+2
| | | | | | | | | | | * Change git packages to xz * Update mirror checksums in packages where they are used * Change a few source tarballs to xz if available upstream * Remove unused lines in packages we're touching, requested by jow- and blogic * We're relying more on xz-utils so add official mirror as primary source, master site as secondary. * Add SHA256 checksums to multiple git tarball packages Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uhttpd: rename certificate defaults sectionJo-Philipp Wich2016-10-061-2/+2
| | | | | | | Now that the uhttpd init script can generate certificates using openssl as well, update the section name and related comment to be more generic. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: support using OpenSSL for certificate generationHannu Nyman2016-10-052-3/+8
| | | | | | | | | | | | | | | | | | Support the usage of the OpenSSL command-line tool for generating the SSL certificate for uhttpd. Traditionally 'px5g' based on PolarSSL (or mbedTLS in LEDE), has been used for the creation. uhttpd init script is enhanced by adding detection of an installed openssl command-line binary (provided by 'openssl-util' package), and if found, the tool is used for certificate generation. Note: After this patch the script prefers to use the OpenSSL tool if both it and px5g are installed. This enables creating a truly OpenSSL-only version of LuCI without dependency to PolarSSL/mbedTLS based px5g. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: update to the latest version, adds some extensions to handler script ↵Felix Fietkau2016-06-161-2/+2
| | | | | | support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* package/*: update git urls for project reposJohn Crispin2016-06-131-1/+1
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-071-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: use configured distribution name for SSL certificate CNFelix Fietkau2016-05-212-1/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* branding: add LEDE brandingJohn Crispin2016-03-242-3/+3
| | | | Signed-off-by: John Crispin <blogic@openwrt.org>
* package/uhttpd: generate 2048 bit RSA keyFelix Fietkau2016-01-252-2/+2
| | | | | | | | | | RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> SVN-Revision: 48494
* uhttpd: fix typo in default config for px5gFelix Fietkau2016-01-191-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48385
* uhttpd: add option for mbedtlsFelix Fietkau2016-01-191-0/+4
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48343
* uhttpd: move to git.openwrt.orgFelix Fietkau2016-01-041-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48122
* uhttpd: add support for configuration option ubus_corsLuka Perkov2015-11-101-0/+1
| | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 47448
* uhttpd: update to the latest version, adds support for redirect helper scriptsFelix Fietkau2015-11-082-3/+7
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 47419
* uhttpd: update to latest git HEADJohn Crispin2015-10-201-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 47240
* uhttpd: update to latest git revisionJohn Crispin2015-10-192-2/+7
| | | | | | | | adds URL alias support Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 47206
* uhttpd: fix keep-alive bug (#20607, #20661)Jo-Philipp Wich2015-10-072-7/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | The two commits 5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291 "allow request handlers to disable chunked reponses" and 618493e378e2239f0d30902e47adfa134e649fdc "file: disable chunked encoding for file responses" broke the chunked transfer encoding handling for proc responses in keep-alive connections that followed a file response with http status 204 or 304. The effect of this bug is that cgi responses following a 204 or 304 one where sent neither in chunked encoding nor with a content-length header, causing browsers to stall until the keep alive timeout was reached. Fix the logic flaw by inverting the chunk prevention flag in the client state and by testing the chunked encoding preconditions every time instead of once upon client (re-)initialization. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 47161
* uhttpd: update to the latest version, fixes deferred cgi script processing ↵Felix Fietkau2015-09-071-2/+2
| | | | | | | | (#20458) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 46807
* uhttpd: we don't know where the device is located, so reflect that in the certImre Kaloz2015-08-191-3/+3
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 46688
* uhttpd: pass X-HTTP-Method-Override header to cgi scriptsJo-Philipp Wich2015-08-171-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 46677
* uhttpd: use 307 for HTTPS redirections to retain request methodJo-Philipp Wich2015-05-301-1/+1
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45853
* uhttpd: add support for enforcing httpsJo-Philipp Wich2015-05-303-2/+7
| | | | | | | | Also set HTTPS environment variable for CGI programs on SSL connections. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45852
* uhttpd: inhibit chunked transfer encoding for static file responsesJo-Philipp Wich2015-05-301-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45850
* uhttpd: properly handle return codesJohn Crispin2015-03-301-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45153
* packages: more (e)glibc fixes after r44701Nicolas Thill2015-03-161-0/+4
| | | | | | | | _GNU_SOURCE has been declared "deprecated" in favor of _DEFAULT_SOURCE in glibc Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44843