* limitations under the License.
*/
+#define _BSD_SOURCE
+#define _GNU_SOURCE
+#define _XOPEN_SOURCE 700
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <libubox/usock.h>
#include "uhttpd.h"
+#include "tls.h"
+char uh_buf[4096];
static int run_server(void)
{
return 0;
}
-static void add_listener_arg(char *arg, bool tls)
+static void uh_config_parse(void)
+{
+ const char *path = conf.file;
+ FILE *c;
+ char line[512];
+ char *col1;
+ char *col2;
+ char *eol;
+
+ if (!path)
+ path = "/etc/httpd.conf";
+
+ c = fopen(path, "r");
+ if (!c)
+ return;
+
+ memset(line, 0, sizeof(line));
+
+ while (fgets(line, sizeof(line) - 1, c)) {
+ if ((line[0] == '/') && (strchr(line, ':') != NULL)) {
+ if (!(col1 = strchr(line, ':')) || (*col1++ = 0) ||
+ !(col2 = strchr(col1, ':')) || (*col2++ = 0) ||
+ !(eol = strchr(col2, '\n')) || (*eol++ = 0))
+ continue;
+
+ uh_auth_add(line, col1, col2);
+ } else if (!strncmp(line, "I:", 2)) {
+ if (!(col1 = strchr(line, ':')) || (*col1++ = 0) ||
+ !(eol = strchr(col1, '\n')) || (*eol++ = 0))
+ continue;
+
+ uh_index_add(strdup(col1));
+ } else if (!strncmp(line, "E404:", 5)) {
+ if (!(col1 = strchr(line, ':')) || (*col1++ = 0) ||
+ !(eol = strchr(col1, '\n')) || (*eol++ = 0))
+ continue;
+
+ conf.error_handler = strdup(col1);
+ }
+ else if ((line[0] == '*') && (strchr(line, ':') != NULL)) {
+ if (!(col1 = strchr(line, '*')) || (*col1++ = 0) ||
+ !(col2 = strchr(col1, ':')) || (*col2++ = 0) ||
+ !(eol = strchr(col2, '\n')) || (*eol++ = 0))
+ continue;
+
+ uh_interpreter_add(col1, col2);
+ }
+ }
+
+ fclose(c);
+}
+
+static int add_listener_arg(char *arg, bool tls)
{
char *host = NULL;
char *port = arg;
port = s + 1;
*s = 0;
}
- uh_socket_bind(host, port, tls);
+
+ return uh_socket_bind(host, port, tls);
}
static int usage(const char *name)
{
- fprintf(stderr, "Usage: %s -p <port>\n", name);
+ fprintf(stderr,
+ "Usage: %s -p [addr:]port -h docroot\n"
+ " -f Do not fork to background\n"
+ " -c file Configuration file, default is '/etc/httpd.conf'\n"
+ " -p [addr:]port Bind to specified address and port, multiple allowed\n"
+#ifdef HAVE_TLS
+ " -s [addr:]port Like -p but provide HTTPS on this port\n"
+ " -C file ASN.1 server certificate file\n"
+ " -K file ASN.1 server private key file\n"
+#endif
+ " -h directory Specify the document root, default is '.'\n"
+ " -E string Use given virtual URL as 404 error handler\n"
+ " -I string Use given filename as index for directories, multiple allowed\n"
+ " -S Do not follow symbolic links outside of the docroot\n"
+ " -D Do not allow directory listings, send 403 instead\n"
+ " -R Enable RFC1918 filter\n"
+ " -n count Maximum allowed number of concurrent requests\n"
+#ifdef HAVE_LUA
+ " -l string URL prefix for Lua handler, default is '/lua'\n"
+ " -L file Lua handler script, omit to disable Lua\n"
+#endif
+#ifdef HAVE_UBUS
+ " -u string URL prefix for HTTP/JSON handler\n"
+ " -U file Override ubus socket path\n"
+#endif
+ " -x string URL prefix for CGI handler, default is '/cgi-bin'\n"
+ " -i .ext=path Use interpreter at path for files with the given extension\n"
+ " -t seconds CGI, Lua and UBUS script timeout in seconds, default is 60\n"
+ " -T seconds Network timeout in seconds, default is 30\n"
+ " -d string URL decode given string\n"
+ " -r string Specify basic auth realm\n"
+ " -m string MD5 crypt given string\n"
+ "\n", name
+ );
return 1;
}
static void init_defaults(void)
{
+ conf.script_timeout = 60;
conf.network_timeout = 30;
- conf.http_keepalive = 0; /* fixme */
+ conf.http_keepalive = 20;
+ conf.max_requests = 3;
+ conf.realm = "Protected Area";
+ conf.cgi_prefix = "/cgi-bin";
+ conf.cgi_path = "/sbin:/usr/sbin:/bin:/usr/bin";
uh_index_add("index.html");
uh_index_add("index.htm");
uh_index_add("default.htm");
}
+static void fixup_prefix(char *str)
+{
+ int len;
+
+ if (!str || !str[0])
+ return;
+
+ len = strlen(str) - 1;
+
+ while (len > 0 && str[len] == '/')
+ len--;
+
+ str[len + 1] = 0;
+}
+
int main(int argc, char **argv)
{
- int ch;
+ const char *tls_key, *tls_crt;
+ bool nofork = false;
+ char *port;
+ int opt, ch;
+ int cur_fd;
+ int bound = 0;
+ int n_tls = 0;
+
+ BUILD_BUG_ON(sizeof(uh_buf) < PATH_MAX);
+ uh_dispatch_add(&cgi_dispatch);
init_defaults();
signal(SIGPIPE, SIG_IGN);
- while ((ch = getopt(argc, argv, "sp:h:")) != -1) {
+ while ((ch = getopt(argc, argv, "fSDRC:K:E:I:p:s:h:c:l:L:d:r:m:n:x:i:t:T:A:u:U:")) != -1) {
bool tls = false;
+
switch(ch) {
case 's':
+ n_tls++;
tls = true;
+ /* fall through */
case 'p':
- add_listener_arg(optarg, tls);
+ bound += add_listener_arg(optarg, tls);
break;
case 'h':
- /* docroot */
- if (!realpath(optarg, conf.docroot)) {
+ if (!realpath(optarg, uh_buf)) {
fprintf(stderr, "Error: Invalid directory %s: %s\n",
optarg, strerror(errno));
exit(1);
}
+ conf.docroot = strdup(uh_buf);
+ break;
+
+ case 'E':
+ if (optarg[0] != '/') {
+ fprintf(stderr, "Error: Invalid error handler: %s\n",
+ optarg);
+ exit(1);
+ }
+ conf.error_handler = optarg;
+ break;
+
+ case 'I':
+ if (optarg[0] == '/') {
+ fprintf(stderr, "Error: Invalid index page: %s\n",
+ optarg);
+ exit(1);
+ }
+ uh_index_add(optarg);
+ break;
+
+ case 'S':
+ conf.no_symlinks = 1;
+ break;
+
+ case 'D':
+ conf.no_dirlists = 1;
+ break;
+
+ case 'R':
+ conf.rfc1918_filter = 1;
+ break;
+
+ case 'n':
+ conf.max_requests = atoi(optarg);
+ break;
+
+ case 'x':
+ fixup_prefix(optarg);
+ conf.cgi_prefix = optarg;
+ break;
+
+ case 'i':
+ port = strchr(optarg, '=');
+ if (optarg[0] != '.' || !port) {
+ fprintf(stderr, "Error: Invalid interpreter: %s\n",
+ optarg);
+ exit(1);
+ }
+
+ *port++ = 0;
+ uh_interpreter_add(optarg, port);
break;
+
+ case 't':
+ conf.script_timeout = atoi(optarg);
+ break;
+
+ case 'T':
+ conf.network_timeout = atoi(optarg);
+ break;
+
+ case 'A':
+ conf.tcp_keepalive = atoi(optarg);
+ break;
+
+ case 'f':
+ nofork = 1;
+ break;
+
+ case 'd':
+ port = alloca(strlen(optarg) + 1);
+ if (!port)
+ return -1;
+
+ /* "decode" plus to space to retain compat */
+ for (opt = 0; optarg[opt]; opt++)
+ if (optarg[opt] == '+')
+ optarg[opt] = ' ';
+
+ /* opt now contains strlen(optarg) -- no need to re-scan */
+ if (uh_urldecode(port, opt, optarg, opt) < 0) {
+ fprintf(stderr, "uhttpd: invalid encoding\n");
+ return -1;
+ }
+
+ printf("%s", port);
+ break;
+
+ /* basic auth realm */
+ case 'r':
+ conf.realm = optarg;
+ break;
+
+ /* md5 crypt */
+ case 'm':
+ printf("%s\n", crypt(optarg, "$1$"));
+ return 0;
+ break;
+
+ /* config file */
+ case 'c':
+ conf.file = optarg;
+ break;
+
+ case 'C':
+ tls_crt = optarg;
+ break;
+
+ case 'K':
+ tls_key = optarg;
+ break;
+#ifdef HAVE_LUA
+ case 'l':
+ conf.lua_prefix = optarg;
+ break;
+
+ case 'L':
+ conf.lua_handler = optarg;
+ break;
+#endif
default:
return usage(argv[0]);
}
}
+ uh_config_parse();
+
+ if (!bound) {
+ fprintf(stderr, "Error: No sockets bound, unable to continue\n");
+ return 1;
+ }
+
+ if (n_tls) {
+ if (!tls_crt || !tls_key) {
+ fprintf(stderr, "Please specify a certificate and "
+ "a key file to enable SSL support\n");
+ return 1;
+ }
+
+#ifdef HAVE_TLS
+ if (uh_tls_init(tls_key, tls_crt))
+ return 1;
+#else
+ fprintf(stderr, "Error: TLS support not compiled in.\n");
+ return 1;
+#endif
+ }
+
+#ifdef HAVE_LUA
+ if (conf.lua_handler || conf.lua_prefix) {
+ if (!conf.lua_handler || !conf.lua_prefix) {
+ fprintf(stderr, "Need handler and prefix to enable Lua support\n");
+ return 1;
+ }
+ if (uh_plugin_init("uhttpd_lua.so"))
+ return 1;
+ }
+#endif
+
+ /* fork (if not disabled) */
+ if (!nofork) {
+ switch (fork()) {
+ case -1:
+ perror("fork()");
+ exit(1);
+
+ case 0:
+ /* daemon setup */
+ if (chdir("/"))
+ perror("chdir()");
+
+ cur_fd = open("/dev/null", O_WRONLY);
+ if (cur_fd > 0) {
+ dup2(cur_fd, 0);
+ dup2(cur_fd, 1);
+ dup2(cur_fd, 2);
+ }
+
+ break;
+
+ default:
+ exit(0);
+ }
+ }
+
return run_server();
}