summaryrefslogtreecommitdiff
path: root/networking
diff options
context:
space:
mode:
Diffstat (limited to 'networking')
-rw-r--r--networking/Config.in9
-rw-r--r--networking/Makefile.in7
-rw-r--r--networking/httpd.c64
-rw-r--r--networking/inetd.c24
4 files changed, 88 insertions, 16 deletions
diff --git a/networking/Config.in b/networking/Config.in
index 406b991..0bd17fb 100644
--- a/networking/Config.in
+++ b/networking/Config.in
@@ -58,6 +58,13 @@ config CONFIG_FEATURE_HTTPD_BASIC_AUTH
Utilizes password settings from /etc/httpd.conf for basic
authentication on a per url basis.
+config CONFIG_FEATURE_HTTPD_AUTH_MD5
+ bool " Enable support MD5 crypted password for httpd.conf"
+ default n
+ depends on CONFIG_FEATURE_HTTPD_BASIC_AUTH
+ help
+ Please help my - send patch for set this help message
+
if !CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
config CONFIG_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP
@@ -105,7 +112,7 @@ config CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
config CONFIG_FEATURE_HTTPD_SET_CGI_VARS_TO_ENV
bool " Enable setting of CGI_varname=value environment vars for CGI"
- default y
+ default n
depends on CONFIG_FEATURE_HTTPD_CGI
help
This option parses POST or GET arguments from a form and
diff --git a/networking/Makefile.in b/networking/Makefile.in
index 7d0d0b8..7748d06 100644
--- a/networking/Makefile.in
+++ b/networking/Makefile.in
@@ -53,6 +53,13 @@ NETWORKING-$(CONFIG_WGET) += wget.o
libraries-y+=$(NETWORKING_DIR)$(NETWORKING_AR)
+needcrypt-y:=
+needcrypt-$(CONFIG_FEATURE_HTTPD_AUTH_MD5) := y
+
+ifeq ($(needcrypt-y),y)
+ LIBRARIES += -lcrypt
+endif
+
$(NETWORKING_DIR)$(NETWORKING_AR): $(patsubst %,$(NETWORKING_DIR)%, $(NETWORKING-y))
$(AR) -ro $@ $(patsubst %,$(NETWORKING_DIR)%, $(NETWORKING-y))
diff --git a/networking/httpd.c b/networking/httpd.c
index d3d88fc..d58414b 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -153,12 +153,14 @@ static const char home[] = "./";
/* Config options, disable this for do very small module */
//#define CONFIG_FEATURE_HTTPD_CGI
//#define CONFIG_FEATURE_HTTPD_BASIC_AUTH
+//#define CONFIG_FEATURE_HTTPD_AUTH_MD5
#ifdef HTTPD_STANDALONE
/* standalone, enable all features */
#undef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
/* unset config option for remove warning as redefined */
#undef CONFIG_FEATURE_HTTPD_BASIC_AUTH
+#undef CONFIG_FEATURE_HTTPD_AUTH_MD5
#undef CONFIG_FEATURE_HTTPD_SET_CGI_VARS_TO_ENV
#undef CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
#undef CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
@@ -168,6 +170,7 @@ static const char home[] = "./";
#undef CONFIG_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP
/* enable all features now */
#define CONFIG_FEATURE_HTTPD_BASIC_AUTH
+#define CONFIG_FEATURE_HTTPD_AUTH_MD5
#define CONFIG_FEATURE_HTTPD_SET_CGI_VARS_TO_ENV
#define CONFIG_FEATURE_HTTPD_ENCODE_URL_STR
#define CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV
@@ -425,11 +428,11 @@ static void parse_conf(const char *path, int flag)
}
while((f = fopen(cf, "r")) == NULL) {
- if(flag != FIRST_PARSE) {
+ if(flag == SUBDIR_PARSE || flag == FIND_FROM_HTTPD_ROOT) {
/* config file not found, no changes to config */
return;
}
- if(config->configFile) /* if -c option given */
+ if(config->configFile && flag == FIRST_PARSE) /* if -c option given */
bb_perror_msg_and_die("%s", cf);
flag = FIND_FROM_HTTPD_ROOT;
cf = httpd_conf;
@@ -1326,10 +1329,38 @@ static int checkPerm(const char *path, const char *request)
if(strncmp(p0, path, l) == 0 &&
(l == 1 || path[l] == '/' || path[l] == 0)) {
/* path match found. Check request */
+
+ /* for check next /path:user:password */
+ prev = p0;
+#ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
+ {
+ char *cipher;
+ char *pp;
+ char *u = strchr(request, ':');
+
+ if(u == NULL) {
+ /* bad request, ':' required */
+ continue;
+ }
+ if(strncmp(p, request, u-request) != 0) {
+ /* user uncompared */
+ continue;
+ }
+ pp = strchr(p, ':');
+ if(pp && pp[1] == '$' && pp[2] == '1' &&
+ pp[3] == '$' && pp[4]) {
+ pp++;
+ cipher = pw_encrypt(u+1, pp);
+ if (strcmp(cipher, pp) == 0)
+ return 1; /* Ok */
+ /* unauthorized */
+ continue;
+ }
+ }
+#endif
if (strcmp(p, request) == 0)
return 1; /* Ok */
- /* unauthorized, but check next /path:user:password */
- prev = p0;
+ /* unauthorized */
}
}
} /* for */
@@ -1731,7 +1762,12 @@ static const char httpd_opts[]="c:d:h:"
#endif
#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
"r:"
-#define OPT_INC_2 1
+# ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
+ "m:"
+# define OPT_INC_2 2
+# else
+# define OPT_INC_2 1
+#endif
#else
#define OPT_INC_2 0
#endif
@@ -1740,14 +1776,15 @@ static const char httpd_opts[]="c:d:h:"
#ifdef CONFIG_FEATURE_HTTPD_SETUID
"u:"
#endif
-#endif
+#endif /* CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY */
;
#define OPT_CONFIG_FILE (1<<0)
#define OPT_DECODE_URL (1<<1)
#define OPT_HOME_HTTPD (1<<2)
#define OPT_ENCODE_URL (1<<(2+OPT_INC_1))
-#define OPT_REALM (1<<(2+OPT_INC_1+OPT_INC_2))
+#define OPT_REALM (1<<(3+OPT_INC_1))
+#define OPT_MD5 (1<<(4+OPT_INC_1))
#define OPT_PORT (1<<(3+OPT_INC_1+OPT_INC_2))
#define OPT_DEBUG (1<<(4+OPT_INC_1+OPT_INC_2))
#define OPT_SETUID (1<<(5+OPT_INC_1+OPT_INC_2))
@@ -1778,6 +1815,10 @@ int httpd_main(int argc, char *argv[])
long uid = -1;
#endif
+#ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
+ const char *pass;
+#endif
+
config = xcalloc(1, sizeof(*config));
#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
config->realm = "Web Server Authentication";
@@ -1796,6 +1837,9 @@ int httpd_main(int argc, char *argv[])
#endif
#ifdef CONFIG_FEATURE_HTTPD_BASIC_AUTH
, &(config->realm)
+# ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
+ , &pass
+# endif
#endif
#ifndef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
, &s_port
@@ -1815,6 +1859,12 @@ int httpd_main(int argc, char *argv[])
return 0;
}
#endif
+#ifdef CONFIG_FEATURE_HTTPD_AUTH_MD5
+ if(opt & OPT_MD5) {
+ printf("%s\n", pw_encrypt(pass, "$1$"));
+ return 0;
+ }
+#endif
#ifndef CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY
if(opt & OPT_PORT)
config->port = bb_xgetlarg(s_port, 10, 1, 0xffff);
diff --git a/networking/inetd.c b/networking/inetd.c
index 33b97ba..af262c3 100644
--- a/networking/inetd.c
+++ b/networking/inetd.c
@@ -806,7 +806,9 @@ inetd_main(int argc, char *argv[])
struct passwd *pwd;
struct group *grp = NULL;
struct sigaction sa;
- int ch, pid;
+ int pid;
+ unsigned long opt;
+ char *sq;
gid_t gid;
#ifdef INETD_UNSUPPORT_BILTIN
@@ -828,14 +830,21 @@ inetd_main(int argc, char *argv[])
LastArg = environ[-1] + strlen(environ[-1]);
#endif
- while ((ch = getopt(argc, argv, "q:")) != EOF)
- switch(ch) {
- case 'q':
+#if defined(__uClinux__)
+ opt = bb_getopt_ulflags(argc, argv, "q:f", &sq);
+ if (!(opt & 4)) {
+ daemon(0, 0);
+ /* reexec for vfork() do continue parent */
+ vfork_daemon_rexec(argc, argv, "-f");
+ }
+#else
+ opt = bb_getopt_ulflags(ac, av, "q:", &sq);
+ daemon(0, 0);
+#endif /* uClinux */
+
+ if(opt & 1) {
global_queuelen = atoi(optarg);
if (global_queuelen < 8) global_queuelen=8;
- break;
- default:
- bb_show_usage(); // "[-q len] [conf]"
}
argc -= optind;
argv += optind;
@@ -843,7 +852,6 @@ inetd_main(int argc, char *argv[])
if (argc > 0)
CONFIG = argv[0];
- daemon(0, 0);
openlog(bb_applet_name, LOG_PID | LOG_NOWAIT, LOG_DAEMON);
{
FILE *fp;