| Age | Commit message (Collapse) | Author |
|---|
|
If cgi-bin/ prefix is seen, do not test the rest for existence,
whether it's a dir, and such.
function old new delta
handle_incoming_and_exit 2200 2212 +12
Reported here:
https://lists.zx2c4.com/pipermail/cgit/2023-March/004825.html
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
chdir_or_warn - 37 +37
send_cgi_and_exit 720 711 -9
xchdir 27 15 -12
setup_environment 233 217 -16
fork_job 449 433 -16
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/4 up/down: 37/-53) Total: -16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
send_headers 713 701 -12
send_headers_and_exit 20 34 +14
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
send_headers 701 713 +12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
range_start was staying -1, and comparison meant to detect
"is it the first sendfile that failed, or not the first?"
was making incorrect decision. The result: nothing is sent.
function old new delta
send_file_and_exit 865 877 +12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
BusyBox on Termux can't use ports less than 1024 it's patched to change default port for httpd to 8080 and telnetd to 8023.
https://github.com/termux/termux-packages/blob/master/packages/busybox/0011-networking-telnetd-default-port.patch
https://github.com/termux/termux-packages/blob/master/packages/busybox/0010-networking-httpd-default-port.patch
To avoid such patches we can make port configurable.
function old new delta
packed_usage 33920 33914 -6
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
error page
For one, an attacker can try to overload us by just opening and immediately
closing tons of connections - reduce our work to the minimum for this case.
function old new delta
handle_incoming_and_exit 2172 2200 +28
.rodata 103225 103246 +21
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 49/0) Total: 49 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2161 2172 +11
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
parse_conf 1325 1332 +7
handle_incoming_and_exit 2173 2161 -12
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 7/-12) Total: -5 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2172 2173 +1
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This makes proxy work for any type of requests.
function old new delta
handle_incoming_and_exit 2240 2172 -68
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2217 2240 +23
static.request_POST - 5 +5
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 28/0) Total: 28 bytes
Signed-off-by: Alexander Sack <asac@pantacor.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
fputs_stdout - 12 +12
zxc_vm_process 7237 7230 -7
yes_main 85 78 -7
write_block 380 373 -7
wrapf 305 298 -7
strings_main 437 430 -7
show_bridge 353 346 -7
rev_main 384 377 -7
put_prompt_custom 58 51 -7
put_cur_glyph_and_inc_cursor 168 161 -7
print_numbered_lines 152 145 -7
print_named_ascii 130 123 -7
print_name 135 128 -7
print_login_issue 386 379 -7
print_ascii 208 201 -7
powertop_main 1249 1242 -7
od_main 1789 1782 -7
logread_main 518 511 -7
head_main 804 797 -7
display_process_list 1319 1312 -7
cut_main 1002 995 -7
bb_dump_dump 1550 1543 -7
bb_ask_noecho 393 386 -7
baseNUM_main 702 695 -7
expand_main 755 745 -10
dumpleases_main 497 487 -10
write1 12 - -12
putcsi 37 23 -14
print_login_prompt 55 41 -14
paste_main 525 511 -14
cat_main 440 426 -14
print_it 245 230 -15
print_addrinfo 1188 1171 -17
print_rule 770 750 -20
print_linkinfo 842 822 -20
httpd_main 791 771 -20
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 0/34 up/down: 12/-341) Total: -329 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
FreeBSD is not exporting s6_addr32 by default, but has it.
Signed-off-by: Alex Samorukov <samm@os2.kiev.ua>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
If the Range: header is not present it the request,
the offset passed to sendfile is wrong,
and httpd falls back to the read-write loop.
function old new delta
send_file_and_exit 857 865 +8
handle_incoming_and_exit 2239 2230 -9
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-9) Total: -1 bytes
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
decode_base64 173 178 +5
read_base64 222 220 -2
decode_base32 186 182 -4
handle_incoming_and_exit 2263 2239 -24
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/3 up/down: 5/-30) Total: -25 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
decode_base64 195 180 -15
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Use decode_base64() from uuencode.c when uudecode/base64 applets are included.
That function is bigger than httpd's decodeBase64(), so we use the old one when
those applets are disabled. Bloat-o-meter when one of those is enabled:
function old new delta
handle_incoming_and_exit 2371 2265 -106
Signed-off-by: Xabier Oneca <xoneca@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
When disabled:
function old new delta
if_ip_denied_send_HTTP_FORBIDDEN_and_exit 52 - -52
handle_incoming_and_exit 2201 2097 -104
scan_ip 170 - -170
parse_conf 1365 1065 -300
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 0/2 up/down: 0/-626) Total: -626 bytes
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
If server responds with ETag then next time client can resend it via If-None-Match header.
Then httpd will check if file wasn't modified and if not return 304 Not Modified status code.
The ETag value is constructed from file's last modification date in unix epoch and it's size:
"hex(last_mod)-hex(file_size)" e.g. "5e132e20-417" (with quotes).
That means that it's not completely reliable as hash functions but fair enough.
The same form of ETag is used by Nginx so load balancing of static content is safe.
function old new delta
handle_incoming_and_exit 2135 2201 +66
http_response 88 96 +8
send_headers 676 683 +7
parse_conf 1362 1365 +3
http_response_type 22 24 +2
send_file_and_exit 847 841 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 5/1 up/down: 86/-6) Total: 80 bytes
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The Last-Modified header is used for caching.
The client (browser) will send back the received date to server via If-Modified-Since request header.
But both headers MUST be an RFC 1123 formatted string.
And the formatting consumes resources on request parsing and response generation.
Instead we can use ETag header.
This simplifies logic and the only downside is that in JavaScript the document.lastModified will return null.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
RFC 2616 sec. 14.18 says that server MUST send Date header.
But in fact the header make sense only for Cache-Control and can be omitted.
In the same time the Date eats power, CPU and network resources which are critical for embedded systems.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
HTTP v1.1 was released in 1999 year and it's time to update BB HTTPD.
Browsers may behave badly with HTTP/1.0
E.g. Chrome does not send the If-None-Match header with ETag.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Commit d1b75e184 (httpd: permit non-default home directory with NOMMU
enabled) only works when used with the '-f' (foreground) option.
When '-f' isn't specified and NOMMU is enabled bb_daemonize_or_rexec()
is called to daemonize the server. Since the server process has been
re-execed the previous patch results in the xchdir() not being called.
Fix this by resetting the re_execed variable in this case.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
When BusyBox is compiled with NOMMU enabled running httpd with
the '-h' option fails even if the specified directory exists:
$ ls -d www
www
$ busybox httpd -fvvvp 8080 -h www
...
... try to access http://localhost:8080/www
...
httpd: can't change directory to 'www': No such file or directory
The parent process executes xchdir("www"). When a connection is accepted
it's handled by re-executing httpd in inetd mode. The child process
inherits the current directory "www" and tries to change directory again
to "www", which fails.
Omit the call to xchdir() when httpd is re-executed.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Back in 2007, commit 0c97c9d43707 ("'simple' error message functions by
Loic Grenie") introduced bb_simple_perror_msg() to allow for a lower
overhead call to bb_perror_msg() when only a string was being printed
with no parameters. This saves space for some CPU architectures because
it avoids the overhead of a call to a variadic function. However there
has never been a simple version of bb_error_msg(), and since 2007 many
new calls to bb_perror_msg() have been added that only take a single
parameter and so could have been using bb_simple_perror_message().
This changeset introduces 'simple' versions of bb_info_msg(),
bb_error_msg(), bb_error_msg_and_die(), bb_herror_msg() and
bb_herror_msg_and_die(), and replaces all calls that only take a
single parameter, or use something like ("%s", arg), with calls to the
corresponding 'simple' version.
Since it is likely that single parameter calls to the variadic functions
may be accidentally reintroduced in the future a new debugging config
option WARN_SIMPLE_MSG has been introduced. This uses some macro magic
which will cause any such calls to generate a warning, but this is
turned off by default to avoid use of the unpleasant macros in normal
circumstances.
This is a large changeset due to the number of calls that have been
replaced. The only files that contain changes other than simple
substitution of function calls are libbb.h, libbb/herror_msg.c,
libbb/verror_msg.c and libbb/xfuncs_printf.c. In miscutils/devfsd.c,
networking/udhcp/common.h and util-linux/mdev.c additonal macros have
been added for logging so that single parameter and multiple parameter
logging variants exist.
The amount of space saved varies considerably by architecture, and was
found to be as follows (for 'defconfig' using GCC 7.4):
Arm: -92 bytes
MIPS: -52 bytes
PPC: -1836 bytes
x86_64: -938 bytes
Note that for the MIPS architecture only an exception had to be made
disabling the 'simple' calls for 'udhcp' (in networking/udhcp/common.h)
because it made these files larger on MIPS.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Firefox needs this to execute .js
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Vicente Jimenez Aguilar <googuy@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2362 2369 +7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2379 2362 -17
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-17) Total: -17 bytes
text data bss dec hex filename
981787 485 7296 989568 f1980 busybox_old
981779 485 7296 989560 f1978 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Pass the Authorization header to CGI if not of type Basic. This will
make it possible for CGI to verify authorization headers of type
Bearer <token>.
function old new delta
handle_incoming_and_exit 2370 2379 +9
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Today for gzipped content httpd is using a header with name
Transfer-Length. However I can't find a header with that name in the
standards. Instead use Content-Length.
function old new delta
.rodata 157940 157936 -4
send_headers 980 939 -41
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-45) Total: -45 bytes
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2398 2370 -28
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2385 2398 +13
if_ip_denied_send_HTTP_FORBIDDEN_and_exit 51 54 +3
get_line 110 106 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 16/-4) Total: 12 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
handle_incoming_and_exit 2566 2385 -181
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Set up environment variables before running the CGI script.
The variables will be named HTTP_<filtered_name> where the <filtered_name>
is the header name capitalized and all characters not matching
[a-z] | [A-Z] | [0-9] replaced with '_'.
function old new delta
http_response 80 88 +8
http_response_type 20 22 +2
send_headers 718 715 -3
parse_conf 1481 1478 -3
get_line 128 110 -18
cgi_io_loop_and_exit 599 569 -30
send_cgi_and_exit 882 738 -144
handle_incoming_and_exit 2793 2592 -201
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/6 up/down: 10/-399) Total: -389 bytes
text data bss dec hex filename
982178 485 7296 989959 f1b07 busybox_old
981675 485 7296 989456 f1910 busybox_unstripped
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The proxying is documented as follows:
P:/url:[http://]hostname[:port]/new/path
Howeverm urlcopy is not a true copy anymore when it is fdprint'ed
to proxy_fd, this is because percent_decode_in_place() is called
after the copy is created.
This breaks reverse proxying all URIs containing percent
encoded spaces, e.g. - because a decoded URI will be printed out
to proxy_fd instead of the original.
The fix keeps the logic in place to canonicalize the uri first,
before reverse proxying (one could argue that the uri
should be proxied completely unaltered, except for the prefix
rewrite).
function old new delta
handle_incoming_and_exit 2752 2792 +40
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
