aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/uhttpd
Commit message (Collapse)AuthorAgeFilesLines
* uhttpd: make organization (O=) of the cert configurable via uciMartin Schiller2021-06-202-3/+4
| | | | | | | | Make the organization (O=) of the cert configurable via uci. If not configured, use a combination of "OpenWrt" and an unique id like it was done before. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* package: fix cmake packages build with ninjaRosen Penev2021-06-121-1/+1
| | | | | | | | += is needed for CMAKE_OPTIONS. mt76 needs Ninja disabled as the kernel stuff uses normal make. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* uhttpd: update to git HEADHauke Mehrtens2021-03-211-4/+4
| | | | | | 15346de client: Always close connection with request body in case of error Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uhttpd: Execute uci commit and reload_config onceHauke Mehrtens2021-03-211-4/+6
| | | | | | | | Instead of doing uci commit and reload_config for each setting do it only once when one of these options was changed. This should make it a little faster when both conditions are taken. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uhttpd: Reload config after uhttpd-mod-ubus was addedHauke Mehrtens2021-03-212-1/+3
| | | | | | | | | | | | Without this change the config is only committed, but the uhttpd daemon is not reloaded. This reload is needed to apply the config. Without the reload of uhttpd, the ubus server is not available over http and returns a Error 404. This caused problems when installing luci on the snapshots and accessing it without reloading uhttpd. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uhttpd: don't redirect to HTTPS by defaultPetr Štetiar2020-12-201-1/+1
| | | | | | | | | | | | | | | | | | | So we can ship px5g-wolfssl by default in the release image, but still make the HTTPS for LuCI optional. This small change with addition of `CONFIG_PACKAGE_px5g-wolfssl=y` into the buildbot's seed config for the next release should provide optional HTTPS in the next release. Disabling the current default automatic uhttpd's redirect to HTTPS should make the HTTPS optional. That's it, user would either need to switch to HTTPS by manually switching to https:// protocol in the URL or by issuing the following commands to make the HTTPS automatic redirect permanent: $ uci set uhttpd.main.redirect_https=1 $ uci commit uhttpd $ service uhttpd reload Signed-off-by: Petr Štetiar <ynezz@true.cz>
* uhttpd: update to git HEADDaniel Golle2020-11-231-4/+4
| | | | | | f53a639 ubus: fix uhttpd crash Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uhttpd: use P-256 for certsPaul Spooren2020-11-091-2/+2
| | | | | | | | | | | | The uhttpd package takes care of creating self-signed certificates if px5g is installed. This improves the security of router management as it encrypts the LuCI connection. The EC P-256 curve is faster than RSA which which improves the user experience on embedded devices. EC P-256 is support for as old devices as Android 4.4. Signed-off-by: Paul Spooren <mail@aparcar.org>
* uhttpd: adapt defaults for changes ubus.sock pathDaniel Golle2020-10-223-2/+7
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uhttpd: update to latest Git HEADJo-Philipp Wich2020-10-041-3/+3
| | | | | | | | | | | | | 14a3cb4 ubus: fix legacy empty reply format 0f38b03 client: fix spurious keepalive connection timeouts 88ba2fa client: really close connection on timeout c186212 ubus: support GET method with CORS requests Fixes: FS#3369 Fixes: https://github.com/openwrt/luci/issues/4467 Fixes: https://github.com/openwrt/luci/issues/4470 Fixes: https://github.com/openwrt/luci/issues/4479 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to the latest masterRafał Miłecki2020-09-181-3/+3
| | | | | | 47c34bd ubus: add ACL support for "subscribe" request Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uhttpd: update to the latest masterRafał Miłecki2020-09-151-3/+3
| | | | | | | | 1172357 ubus: add new RESTful API fe1888f ubus: fix blob_buf initialization Fixes: 3d167ed805a9 ("uhttpd: update to the latest master") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uhttpd: update to the latest masterRafał Miłecki2020-08-051-3/+3
| | | | | | | | | | 212f836 ubus: rename JSON-RPC format related functions 628341f ubus: use local "blob_buf" in uh_ubus_handle_request_object() 9d663e7 ubus: use BLOBMSG_TYPE_UNSPEC for "params" JSON attribute 77d345e ubus: drop unused "obj" arguments 8d9e1fc ubus: parse "call" method params only for relevant call Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uhttpd: fix script timeoutDaniel Golle2020-06-031-3/+3
| | | | | | 939c281 proc: do not cancel script killing after writing headers Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* uhttpd: bump to latest Git HEADJo-Philipp Wich2020-03-251-3/+3
| | | | | | | 5e9c23c client: allow keep-alive for POST requests 5fc551d tls: support specifying accepted TLS ciphers Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to latest Git HEADJo-Philipp Wich2020-02-121-4/+4
| | | | | | 2ee323c file: poke ustream after starting deferred program Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: add enable instance optionFlorian Eckert2020-01-152-1/+5
| | | | | | | | With this change it is now possible to switch off single instances of the uhttpd config. Until now it was only possible to switch all instances of uhttpd on or off. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* uhttpd: Activate PIE by defaultHauke Mehrtens2020-01-131-0/+1
| | | | | | | | | | | | | | | | | | | This activates PIE ASLR support by default when the regular option is selected. This increases the binary size by 39% uncompressed and 21% compressed on MIPS BE. old: 33,189 /usr/sbin/uhttpd 23,016 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk new: 46,212 /usr/sbin/uhttpd 27,979 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Petr Štetiar <ynezz@true.cz>
* uhttpd: reset PKG_RELEASEJo-Philipp Wich2019-12-221-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to latest Git HEADJo-Philipp Wich2019-12-221-3/+3
| | | | | | 5f9ae57 client: fix invalid data access through invalid content-length values Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: add support to generate EC keysEneas U de Queiroz2019-09-013-2/+14
| | | | | | | | This adds the key_type and ec_curve options to enable the generation of EC keys during initialization, using openssl or the new options added to px5g. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* uhttpd: update to latest Git HEADJo-Philipp Wich2019-08-181-3/+3
| | | | | | 6b03f96 ubus: increase maximum ubus request size to 64KB Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: add direct dependency on libjson-cJo-Philipp Wich2019-06-201-1/+1
| | | | | | | | | | | The OpenWrt buildroot ABI version rebuild tracker does not handle transient dependencies, therefor add all libraries linked by uhttpd as direct dependencies to the corresponding binary package definition. This ensures that uhttpd is automatically rebuilt and relinked if any of these libraries has its ABI_VERSION updated in the future. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: Fix format string build problemsHauke Mehrtens2019-06-161-3/+3
| | | | | | | | 91fcac34ac uhttpd: Fix multiple format string problems Fixes: fc454ca15305 libubox: update to latest git HEAD Reported-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Revert "uhttpd: disable concurrent requests by default"Jo-Philipp Wich2019-04-232-2/+2
| | | | | | | | | | This reverts commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf. Further testing has revealed that we will need to allow concurrent requests after all, especially for situations where CGI processes initiate further HTTP requests to the local host. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: disable concurrent requests by defaultJo-Philipp Wich2019-01-302-2/+2
| | | | | | | | In order to avoid straining CPU and memory resources on lower end devices, avoid running multiple CGI requests in parallel. Ref: https://forum.openwrt.org/t/high-load-fix-on-openwrt-luci/29006 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to latest Git headJo-Philipp Wich2018-11-281-3/+3
| | | | | | | | | | cdfc902 cgi: escape url in 403 error output 0bba1ce uhttpd: fix building without TLS and Lua support 2ed3341 help: document -A option fa5fd45 file: fix CPP syntax error 77b774b build: avoid redefining _DEFAULT_SOURCE Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: support multiple Lua prefixesJo-Philipp Wich2018-08-233-21/+32
| | | | | | | | | | | | | | | | | | | Update to latest git HEAD in order to support configuring multiple concurrent Lua prefixes in a single uhttpd instance: b741dec lua: support multiple Lua prefixes Additionally rework the init script and update the default configuration example to treat the lua_prefix option as key=value uci list, similar to the interpreter extension mapping. Support for the old "option lua_prefix" plus "option lua_handler" notation is still present. Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling files belonging to other packages. Since Lua prefixes have precedence over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which will only become active if both luci-base and uhttpd-mod-lua is installed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to latest Git headJo-Philipp Wich2018-08-211-3/+3
| | | | | | | 952bf9d build: use _DEFAULT_SOURCE 30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to latest Git headJo-Philipp Wich2018-07-031-3/+3
| | | | | | | | | | db86175 lua: honour size argument in recv() function d3b9560 utils: add uh_htmlescape() helper 8109b95 file: escape strings in HTML output 393b59e proc: expose HTTP Origin header in process environment 796d42b client: flush buffered SSL output when tearing down client ustream Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace LEDE_GIT with PROJECT_GITJo-Philipp Wich2018-01-101-1/+1
| | | | | | | Remove LEDE_GIT references in favor to the new name-agnostic PROJECT_GIT variable. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: fix PKG_CONFIG_DEPENDS (FS#1189)Hans Dedecker2017-12-151-3/+1
| | | | | | | Remove PACKAGE_uhttpd_debug config as this is an unused leftover Add CONFIG_uhttpd_lua to PKG_CONFIG_DEPENDS Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* merge: uhttpd: update cert generation to match system defaultsZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* merge: packages: update branding in core packagesZoltan HERPAI2017-12-081-1/+1
| | | | Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* uhttpd: fix query string handlingJo-Philipp Wich2017-11-071-3/+3
| | | | | | | | | | Update to latest Git in order to fix potential memory corruption and invalid memory access when handling query strings in conjunction with active basic authentication. a235636 2017-11-04 file: fix query string handling Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttp: update to latest versionAdrian Panella2017-09-211-4/+4
| | | | | | | | | | | | | | 3fd58e9 2017-08-19 uhttpd: add manifest support 88c0b4b 2017-07-09 file: fix basic auth regression 99957f6 2017-07-02 file: remove unused "auth" member from struct path_info c0a569d 2017-07-02 proc: expose HTTP_AUTH_USER and HTTP_AUTH_PASS ad93be7 2017-07-02 auth: store parsed username and password fa51d7f 2017-07-02 proc: do not declare empty process variables a8bf9c0 2017-01-26 uhttpd: Add TCP_FASTOPEN support e6cfc91 2016-10-25 lua: ensure that PATH_INFO starts with a slash Signed-off-by: Adrian Panella <ianchi74@outlook.com>
* uhttpd: Enable integrated Lua by defaultAnsuel Smith2017-05-162-4/+17
| | | | | | We enabled lua interpreter by default as it doesn't make any problem in the uhttpd config file and we modify the index page to use it. Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* uhttpd: use sha256 when generating certificates with openssl (FS#512)Felix Fietkau2017-02-171-1/+1
| | | | | | Patch from attachment to FS#512 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: drop uhttpd-mod-tls, it has been useless for yearsFelix Fietkau2016-12-221-39/+0
| | | | | | | | | Before the rewrite, uhttpd-mod-tls used to contain a tls plugin. Afterwards it was left in for compatibility reasons, but given how much has changed, and that we're about to change the default SSL implementation again, it's better to just drop this now Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-221-5/+3
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: Add Basic Auth configDaniel Dickinson2016-10-312-1/+38
| | | | | | | | | | | | | | | | | We add an 'httpauth' section type that contains the options: prefix: What virtual or real URL is being protected username: The username for the Basic Auth dialogue password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue httpauth section names are given included as list items to the instances to which they are to be applied. Further any existing httpd.conf file (really whatever is configured in the instance, but default of /etc/httpd.conf) is appended to the per-instance httpd.conf Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
* uhttpd: create self-signed certificates with unique subjectsHannu Nyman2016-10-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Add a partially random O= item to the certificate subject in order to make the automatically generated certificates' subjects unique. Firefox has problems when several self-signed certificates with CA:true attribute and identical subjects have been seen (and stored) by the browser. Reference to upstream bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1147544 https://bugzilla.mozilla.org/show_bug.cgi?id=1056341 https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34 Certificates created by the OpenSSL one-liner fall into that category. Avoid identical certificate subjects by including a new 'O=' item with CommonName + a random part (8 chars). Example: /CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ That ensures that the browser properly sees the accumulating certificates as separate items and does not spend time trying to form a trust chain from them. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: prefer px5g for certificate creationHannu Nyman2016-10-261-2/+2
| | | | | | | Prefer the old default 'px5g' for certificate creation as Firefox seems to dislike OpenSSL-created certs. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: fix handling of special "/" prefix when matching handlersJo-Philipp Wich2016-10-251-3/+3
| | | | | | | | | | The special prefix of "/" should match any url by definition but the final assertion which ensures that the matched prefix ends in '\0' or '/' is causing matches against the "/" prefix to fail. Update to current HEAD in order to fix this particular case. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to the latest version, adds a small json handler fixFelix Fietkau2016-10-081-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* source: Switch to xz for packages and tools where possibleDaniel Engberg2016-10-061-1/+2
| | | | | | | | | | | * Change git packages to xz * Update mirror checksums in packages where they are used * Change a few source tarballs to xz if available upstream * Remove unused lines in packages we're touching, requested by jow- and blogic * We're relying more on xz-utils so add official mirror as primary source, master site as secondary. * Add SHA256 checksums to multiple git tarball packages Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uhttpd: rename certificate defaults sectionJo-Philipp Wich2016-10-061-2/+2
| | | | | | | Now that the uhttpd init script can generate certificates using openssl as well, update the section name and related comment to be more generic. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: support using OpenSSL for certificate generationHannu Nyman2016-10-052-3/+8
| | | | | | | | | | | | | | | | | | Support the usage of the OpenSSL command-line tool for generating the SSL certificate for uhttpd. Traditionally 'px5g' based on PolarSSL (or mbedTLS in LEDE), has been used for the creation. uhttpd init script is enhanced by adding detection of an installed openssl command-line binary (provided by 'openssl-util' package), and if found, the tool is used for certificate generation. Note: After this patch the script prefers to use the OpenSSL tool if both it and px5g are installed. This enables creating a truly OpenSSL-only version of LuCI without dependency to PolarSSL/mbedTLS based px5g. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: update to the latest version, adds some extensions to handler script ↵Felix Fietkau2016-06-161-2/+2
| | | | | | support Signed-off-by: Felix Fietkau <nbd@nbd.name>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 13:27:40 +0000