+++ /dev/null
-
- Copyright (C) 2006 OpenWrt.org
-
---- a/networking/httpd.c
-+++ b/networking/httpd.c
-@@ -1700,21 +1700,32 @@ static int check_user_passwd(const char
-
- if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
- char *md5_passwd;
-+ int user_len_p1;
-
- md5_passwd = strchr(cur->after_colon, ':');
-- if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
-+ user_len_p1 = md5_passwd + 1 - cur->after_colon;
-+ if (md5_passwd && !strncmp(md5_passwd + 1, "$p$", 3)) {
-+ struct passwd *pwd = NULL;
-+
-+ pwd = getpwnam(&md5_passwd[4]);
-+ if(!pwd->pw_passwd || !pwd->pw_passwd[0] || pwd->pw_passwd[0] == '!')
-+ return 1;
-+
-+ md5_passwd = pwd->pw_passwd;
-+ goto check_md5_pw;
-+ } else if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
- && md5_passwd[3] == '$' && md5_passwd[4]
- ) {
- char *encrypted;
-- int r, user_len_p1;
-+ int r;
-
- md5_passwd++;
-- user_len_p1 = md5_passwd - cur->after_colon;
- /* comparing "user:" */
- if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
- continue;
- }
-
-+check_md5_pw:
- encrypted = pw_encrypt(
- user_and_passwd + user_len_p1 /* cleartext pwd from user */,
- md5_passwd /*salt */, 1 /* cleanup */);
+++ /dev/null
---- a/networking/httpd.c
-+++ b/networking/httpd.c
-@@ -105,6 +105,7 @@
- //usage: IF_FEATURE_HTTPD_BASIC_AUTH(" [-r REALM]")
- //usage: " [-h HOME]\n"
- //usage: "or httpd -d/-e" IF_FEATURE_HTTPD_AUTH_MD5("/-m") " STRING"
-+//usage: " [-R <path> [-H <host>]]"
- //usage:#define httpd_full_usage "\n\n"
- //usage: "Listen for incoming HTTP requests\n"
- //usage: "\n -i Inetd mode"
-@@ -121,6 +122,8 @@
- //usage: "\n -m STRING MD5 crypt STRING")
- //usage: "\n -e STRING HTML encode STRING"
- //usage: "\n -d STRING URL decode STRING"
-+//usage: "\n -R PATH Redirect target path"
-+//usage: "\n -H HOST Redirect target host"
-
- #include "libbb.h"
- #if ENABLE_FEATURE_HTTPD_USE_SENDFILE
-@@ -272,6 +275,8 @@ struct globals {
-
- const char *found_mime_type;
- const char *found_moved_temporarily;
-+ const char *redirect_path;
-+ const char *redirect_host;
- Htaccess_IP *ip_a_d; /* config allow/deny lines */
-
- IF_FEATURE_HTTPD_BASIC_AUTH(const char *g_realm;)
-@@ -322,6 +327,8 @@ struct globals {
- #define index_page (G.index_page )
- #define found_mime_type (G.found_mime_type )
- #define found_moved_temporarily (G.found_moved_temporarily)
-+#define redirect_path (G.redirect_path )
-+#define redirect_host (G.redirect_host )
- #define last_mod (G.last_mod )
- #define ip_a_d (G.ip_a_d )
- #define g_realm (G.g_realm )
-@@ -956,8 +963,11 @@ static void send_headers(int responseNum
- }
- #endif
- if (responseNum == HTTP_MOVED_TEMPORARILY) {
-- len += sprintf(iobuf + len, "Location: %s/%s%s\r\n",
-+ len += sprintf(iobuf + len, "Location: %s%s%s%s%s%s\r\n",
-+ (redirect_host ? "http://" : ""),
-+ (redirect_host ? redirect_host : ""),
- found_moved_temporarily,
-+ (redirect_host ? "" : "/"),
- (g_query ? "?" : ""),
- (g_query ? g_query : ""));
- }
-@@ -1925,8 +1935,12 @@ static void handle_incoming_and_exit(con
- } while (*++tptr);
- *++urlp = '\0'; /* terminate after last character */
-
-+ /* redirect active */
-+ if (redirect_path && (strncmp(urlcopy, redirect_path, strlen(redirect_path)) != 0))
-+ found_moved_temporarily = redirect_path;
-+
- /* If URL is a directory, add '/' */
-- if (urlp[-1] != '/') {
-+ if (!redirect_path && (urlp[-1] != '/')) {
- if (is_directory(urlcopy + 1, 1, NULL)) {
- found_moved_temporarily = urlcopy;
- }
-@@ -2283,7 +2297,9 @@ static void sighup_handler(int sig UNUSE
- }
-
- enum {
-- c_opt_config_file = 0,
-+ R_opt_redirect_path = 0,
-+ H_opt_redirect_host,
-+ c_opt_config_file,
- d_opt_decode_url,
- h_opt_home_httpd,
- IF_FEATURE_HTTPD_ENCODE_URL_STR(e_opt_encode_url,)
-@@ -2332,12 +2348,13 @@ int httpd_main(int argc UNUSED_PARAM, ch
- /* We do not "absolutize" path given by -h (home) opt.
- * If user gives relative path in -h,
- * $SCRIPT_FILENAME will not be set. */
-- opt = getopt32(argv, "c:d:h:"
-+ opt = getopt32(argv, "R:H:c:d:h:"
- IF_FEATURE_HTTPD_ENCODE_URL_STR("e:")
- IF_FEATURE_HTTPD_BASIC_AUTH("r:")
- IF_FEATURE_HTTPD_AUTH_MD5("m:")
- IF_FEATURE_HTTPD_SETUID("u:")
- "p:ifv",
-+ &redirect_path, &redirect_host,
- &opt_c_configFile, &url_for_decode, &home_httpd
- IF_FEATURE_HTTPD_ENCODE_URL_STR(, &url_for_encode)
- IF_FEATURE_HTTPD_BASIC_AUTH(, &g_realm)
+++ /dev/null
---- a/networking/httpd.c
-+++ b/networking/httpd.c
-@@ -1222,10 +1222,10 @@ static NOINLINE void cgi_io_loop_and_exi
- if (full_write(STDOUT_FILENO, HTTP_200, sizeof(HTTP_200)-1) != sizeof(HTTP_200)-1)
- break;
- }
-- /* Commented out:
-- if (!strstr(rbuf, "ontent-")) {
-- full_write(s, "Content-type: text/plain\r\n\r\n", 28);
-+ if (!strstr(rbuf, "ontent-") && !strstr(rbuf, "ocation:")) {
-+ full_write(1, "Content-type: text/plain\r\n\r\n", 28);
- }
-+ /* Previously commented out:
- * Counter-example of valid CGI without Content-type:
- * echo -en "HTTP/1.0 302 Found\r\n"
- * echo -en "Location: http://www.busybox.net\r\n"
projects / openwrt.git / commitdiff