aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/services/uhttpd
Commit message (Collapse)AuthorAgeFilesLines
* uhttpd: use sha256 when generating certificates with openssl (FS#512)Felix Fietkau2017-02-171-1/+1
| | | | | | Patch from attachment to FS#512 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: drop uhttpd-mod-tls, it has been useless for yearsFelix Fietkau2016-12-221-39/+0
| | | | | | | | | Before the rewrite, uhttpd-mod-tls used to contain a tls plugin. Afterwards it was left in for compatibility reasons, but given how much has changed, and that we're about to change the default SSL implementation again, it's better to just drop this now Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up and unify PKG_VERSION for git based downloadsFelix Fietkau2016-12-221-5/+3
| | | | | | Also use default defintions for PKG_SOURCE_SUBDIR, PKG_SOURCE Signed-off-by: Felix Fietkau <nbd@nbd.name>
* treewide: clean up download hashesFelix Fietkau2016-12-161-1/+1
| | | | | | Replace *MD5SUM with *HASH, replace MD5 hashes with SHA256 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: Add Basic Auth configDaniel Dickinson2016-10-312-1/+38
| | | | | | | | | | | | | | | | | We add an 'httpauth' section type that contains the options: prefix: What virtual or real URL is being protected username: The username for the Basic Auth dialogue password: Hashed (crypt()) or plaintext password for the Basic Auth dialogue httpauth section names are given included as list items to the instances to which they are to be applied. Further any existing httpd.conf file (really whatever is configured in the instance, but default of /etc/httpd.conf) is appended to the per-instance httpd.conf Signed-off-by: Daniel Dickinson <lede@cshore.thecshore.com>
* uhttpd: create self-signed certificates with unique subjectsHannu Nyman2016-10-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Add a partially random O= item to the certificate subject in order to make the automatically generated certificates' subjects unique. Firefox has problems when several self-signed certificates with CA:true attribute and identical subjects have been seen (and stored) by the browser. Reference to upstream bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=1147544 https://bugzilla.mozilla.org/show_bug.cgi?id=1056341 https://bugzilla.redhat.com/show_bug.cgi?id=1204670#c34 Certificates created by the OpenSSL one-liner fall into that category. Avoid identical certificate subjects by including a new 'O=' item with CommonName + a random part (8 chars). Example: /CN=LEDE/O=LEDEb986be0b/L=Unknown/ST=Somewhere/C=ZZ That ensures that the browser properly sees the accumulating certificates as separate items and does not spend time trying to form a trust chain from them. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: prefer px5g for certificate creationHannu Nyman2016-10-261-2/+2
| | | | | | | Prefer the old default 'px5g' for certificate creation as Firefox seems to dislike OpenSSL-created certs. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: fix handling of special "/" prefix when matching handlersJo-Philipp Wich2016-10-251-3/+3
| | | | | | | | | | The special prefix of "/" should match any url by definition but the final assertion which ensures that the matched prefix ends in '\0' or '/' is causing matches against the "/" prefix to fail. Update to current HEAD in order to fix this particular case. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: update to the latest version, adds a small json handler fixFelix Fietkau2016-10-081-3/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* source: Switch to xz for packages and tools where possibleDaniel Engberg2016-10-061-1/+2
| | | | | | | | | | | * Change git packages to xz * Update mirror checksums in packages where they are used * Change a few source tarballs to xz if available upstream * Remove unused lines in packages we're touching, requested by jow- and blogic * We're relying more on xz-utils so add official mirror as primary source, master site as secondary. * Add SHA256 checksums to multiple git tarball packages Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* uhttpd: rename certificate defaults sectionJo-Philipp Wich2016-10-061-2/+2
| | | | | | | Now that the uhttpd init script can generate certificates using openssl as well, update the section name and related comment to be more generic. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: support using OpenSSL for certificate generationHannu Nyman2016-10-052-3/+8
| | | | | | | | | | | | | | | | | | Support the usage of the OpenSSL command-line tool for generating the SSL certificate for uhttpd. Traditionally 'px5g' based on PolarSSL (or mbedTLS in LEDE), has been used for the creation. uhttpd init script is enhanced by adding detection of an installed openssl command-line binary (provided by 'openssl-util' package), and if found, the tool is used for certificate generation. Note: After this patch the script prefers to use the OpenSSL tool if both it and px5g are installed. This enables creating a truly OpenSSL-only version of LuCI without dependency to PolarSSL/mbedTLS based px5g. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* uhttpd: update to the latest version, adds some extensions to handler script ↵Felix Fietkau2016-06-161-2/+2
| | | | | | support Signed-off-by: Felix Fietkau <nbd@nbd.name>
* package/*: update git urls for project reposJohn Crispin2016-06-131-1/+1
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* treewide: replace jow@openwrt.org with jo@mein.ioJo-Philipp Wich2016-06-071-1/+1
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uhttpd: use configured distribution name for SSL certificate CNFelix Fietkau2016-05-212-1/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* branding: add LEDE brandingJohn Crispin2016-03-242-3/+3
| | | | Signed-off-by: John Crispin <blogic@openwrt.org>
* package/uhttpd: generate 2048 bit RSA keyFelix Fietkau2016-01-252-2/+2
| | | | | | | | | | RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> SVN-Revision: 48494
* uhttpd: fix typo in default config for px5gFelix Fietkau2016-01-191-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48385
* uhttpd: add option for mbedtlsFelix Fietkau2016-01-191-0/+4
| | | | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org> SVN-Revision: 48343
* uhttpd: move to git.openwrt.orgFelix Fietkau2016-01-041-1/+1
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 48122
* uhttpd: add support for configuration option ubus_corsLuka Perkov2015-11-101-0/+1
| | | | | | Signed-off-by: Luka Perkov <luka@openwrt.org> SVN-Revision: 47448
* uhttpd: update to the latest version, adds support for redirect helper scriptsFelix Fietkau2015-11-082-3/+7
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 47419
* uhttpd: update to latest git HEADJohn Crispin2015-10-201-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 47240
* uhttpd: update to latest git revisionJohn Crispin2015-10-192-2/+7
| | | | | | | | adds URL alias support Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 47206
* uhttpd: fix keep-alive bug (#20607, #20661)Jo-Philipp Wich2015-10-072-7/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | The two commits 5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291 "allow request handlers to disable chunked reponses" and 618493e378e2239f0d30902e47adfa134e649fdc "file: disable chunked encoding for file responses" broke the chunked transfer encoding handling for proc responses in keep-alive connections that followed a file response with http status 204 or 304. The effect of this bug is that cgi responses following a 204 or 304 one where sent neither in chunked encoding nor with a content-length header, causing browsers to stall until the keep alive timeout was reached. Fix the logic flaw by inverting the chunk prevention flag in the client state and by testing the chunked encoding preconditions every time instead of once upon client (re-)initialization. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 47161
* uhttpd: update to the latest version, fixes deferred cgi script processing ↵Felix Fietkau2015-09-071-2/+2
| | | | | | | | (#20458) Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 46807
* uhttpd: we don't know where the device is located, so reflect that in the certImre Kaloz2015-08-191-3/+3
| | | | | | Signed-off-by: Imre Kaloz <kaloz@openwrt.org> SVN-Revision: 46688
* uhttpd: pass X-HTTP-Method-Override header to cgi scriptsJo-Philipp Wich2015-08-171-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 46677
* uhttpd: use 307 for HTTPS redirections to retain request methodJo-Philipp Wich2015-05-301-1/+1
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45853
* uhttpd: add support for enforcing httpsJo-Philipp Wich2015-05-303-2/+7
| | | | | | | | Also set HTTPS environment variable for CGI programs on SSL connections. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45852
* uhttpd: inhibit chunked transfer encoding for static file responsesJo-Philipp Wich2015-05-301-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 45850
* uhttpd: properly handle return codesJohn Crispin2015-03-301-2/+2
| | | | | | Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 45153
* packages: more (e)glibc fixes after r44701Nicolas Thill2015-03-161-0/+4
| | | | | | | | _GNU_SOURCE has been declared "deprecated" in favor of _DEFAULT_SOURCE in glibc Signed-off-by: Nicolas Thill <nico@openwrt.org> SVN-Revision: 44843
* uhttpd: make generating SSL keys more reliable against interrupted bootsFelix Fietkau2015-03-151-2/+5
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 44772
* uhttp: update to latest git HEADJohn Crispin2015-03-111-2/+2
| | | | | | | | this add json-c 0.12, sorry forgot to push this earlier today Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 44682
* uhttpd: relay stderr to syslogJo-Philipp Wich2015-02-262-1/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44548
* uhttpd: fix another remaining relro issue in the Lua pluginJo-Philipp Wich2015-01-251-2/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44143
* uhttpd: fix time_t type mismatch on 32bit systemsJo-Philipp Wich2015-01-251-2/+2
| | | | | | | | | | | | The previous update introducing LFS support unconditionally changed the sprintf() pattern used to print the file modification time to use PRIx64. Explicitely convert the st_mtime member of the stat struct to uint64_t in order to avoid type mismatch errors when building for non-64bit targets. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44138
* uhttpd: fix crash with enabled relro, memory leak in dirlists and lfsJo-Philipp Wich2015-01-251-3/+3
| | | | | | | | | | | | * Fix the ubus plugin to not make its uhttpd_plugin entry symbol constant as uhttpd needs to modify its list_head member * Make sure that uhttpd supports large files by using 64bit ints where appropriate and by passing _FILE_OFFSET_BITS=64 to the build * Plug a possible memleak in the directory listing code Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44135
* uhttpd: fix exit code of mod-ubus postinstall scriptJo-Philipp Wich2015-01-251-0/+2
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44132
* license info - revert r43155John Crispin2014-11-031-3/+0
| | | | | | | | turns out that r43155 adds duplicate info. Signed-off-by: John Crispin <blogic@openwrt.org> SVN-Revision: 43167
* Add more license tags with SPDX identifiersJohn Crispin2014-11-031-0/+3
| | | | | | | | | | | | | | | | | | Note, that licensing stuff is a nightmare: many packages does not clearly state their licenses, and often multiple source files are simply copied together - each with different licensing information in the file headers. I tried hard to ensure, that the license information extracted into the OpenWRT's makefiles fit the "spirit" of the packages, e.g. such small packages which come without a dedicated source archive "inherites" the OpenWRT's own license in my opinion. However, I can not garantee that I always picked the correct information and/or did not miss license information. Signed-off-by: Michael Heimpold <mhei@heimpold.de> SVN-Revision: 43155
* Add a few SPDX tagsSteven Barth2014-11-021-0/+1
| | | | | | Signed-off-by: Steven Barth <steven@midlink.org> SVN-Revision: 43151
* uhttpd: fix HTTP incompatibilities in file handlerJo-Philipp Wich2014-10-271-2/+2
| | | | | | | | | | | * Fixes sending an extraneous message body for 204 and 304 resoponses which breaks Chrome in keep-alive mode. * Adds mimetypes for JSON and JSONP. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43078
* uhttpd: do not configure TLS parameters if libustream-ssl is not presentJo-Philipp Wich2014-08-252-3/+3
| | | | | | | | | | | | A quite frequent problem after sysupgrading from an older, SSL enabled build is that ustream-ssl is not installed so uhttpd fails to come up again due to https listening directives in the preserved configuration. Skip key/cert and ssl listen options when libustream-ssl.so is not present. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 42284
* uhttpd: also bind to IPv6 by defaultSteven Barth2014-06-112-3/+3
| | | | SVN-Revision: 41114
* uhttpd: update to the latest version, fixes musl compile issuesFelix Fietkau2014-06-091-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 41057
* uhttpd: update to the latest version, fixes cgi path handling issuesFelix Fietkau2014-05-091-2/+2
| | | | | | Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 40743
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 09:20:25 +0000