aboutsummaryrefslogtreecommitdiffstats
path: root/www/pserv
diff options
context:
space:
mode:
Diffstat (limited to 'www/pserv')
-rw-r--r--www/pserv/Makefile3
-rw-r--r--www/pserv/distinfo6
-rw-r--r--www/pserv/files/patch-handlers.c97
-rw-r--r--www/pserv/files/patch-main.c93
4 files changed, 94 insertions, 105 deletions
diff --git a/www/pserv/Makefile b/www/pserv/Makefile
index 4039f8679ee6..a42c39d69ffa 100644
--- a/www/pserv/Makefile
+++ b/www/pserv/Makefile
@@ -6,10 +6,11 @@
#
PORTNAME= pserv
-PORTVERSION= 3.3
+PORTVERSION= 3.4
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
+EXTRACT_SUFX= .tar.Z
MAINTAINER= ale@FreeBSD.org
COMMENT= A portable and small webserver written in C
diff --git a/www/pserv/distinfo b/www/pserv/distinfo
index 813a9266b829..632e2b64d35f 100644
--- a/www/pserv/distinfo
+++ b/www/pserv/distinfo
@@ -1,3 +1,3 @@
-MD5 (pserv-3.3.tar.gz) = fa8c5f18af5b7bab277f5dab2ad2a48e
-SHA256 (pserv-3.3.tar.gz) = b5b51bf641d0e2d6918cc826e9ef65dbf86dbd2848ea4e6defb9c22ac8c3417e
-SIZE (pserv-3.3.tar.gz) = 105048
+MD5 (pserv-3.4.tar.Z) = 65c31088ac3ac74fc1986b4de04c1391
+SHA256 (pserv-3.4.tar.Z) = 6a37e3056504db4e5623ce59fda95a759f7692f67dcb174ceb32d340b3441977
+SIZE (pserv-3.4.tar.Z) = 178760
diff --git a/www/pserv/files/patch-handlers.c b/www/pserv/files/patch-handlers.c
index 93f4a73df9c8..ec95ce6bdfc4 100644
--- a/www/pserv/files/patch-handlers.c
+++ b/www/pserv/files/patch-handlers.c
@@ -1,5 +1,5 @@
---- sources/handlers.c.orig Tue May 17 00:03:16 2005
-+++ sources/handlers.c Mon May 30 11:44:23 2005
+--- sources/handlers.c.orig 2005-06-01 12:36:18.000000000 +0200
++++ sources/handlers.c 2008-09-03 14:25:41.000000000 +0200
@@ -25,6 +25,7 @@
#endif
@@ -8,22 +8,38 @@
extern int port; /* server port */
extern char defaultFileName[MAX_PATH_LEN+1]; /* default name for index, default or similar file */
-@@ -269,6 +270,14 @@
+@@ -261,6 +262,17 @@
i = 0;
/* beware of not overfilling this array, check MAX_ENVP_LEN */
+ if (req.contentLength != -1)
+ {
++ newEnvp[i] = (char *) calloc(35, sizeof(char));
+ sprintf(newEnvp[i++], "CONTENT_LENGTH=%ld", req.contentLength);
++ newEnvp[i] = (char *) calloc(CONTENT_TYPE_LEN + 14, sizeof(char));
+ strcpy(newEnvp[i], "CONTENT_TYPE=");
+ strcat(newEnvp[i++], req.contentType);
+ }
++ newEnvp[i] = (char *) calloc(strlen(DEFAULT_SERVER_NAME) + 13, sizeof(char));
+ strcpy(newEnvp[i], "SERVER_NAME=");
+ strcat(newEnvp[i++], DEFAULT_SERVER_NAME);
+ newEnvp[i] = (char *) calloc(128, sizeof(char));
strcpy(newEnvp[i], "SERVER_SOFTWARE=");
strcat(newEnvp[i], SERVER_SOFTWARE_STR);
- strcat(newEnvp[i], "/");
-@@ -326,8 +335,233 @@
+@@ -293,6 +305,12 @@
+ completedPath[MAX_PATH_LEN]='\0';
+ strcpy(newEnvp[i], "SCRIPT_FILENAME=");
+ strcat(newEnvp[i++], completedPath);
++ if (req.cookie[0] != '\0')
++ {
++ newEnvp[i] = (char *) calloc(MAX_COOKIE_LEN+13, sizeof(char));
++ strcpy(newEnvp[i], "HTTP_COOKIE=");
++ strcat(newEnvp[i++], req.cookie);
++ }
+
+ /* extracting PATH env variable */
+ envPath = getenv("PATH");
+@@ -333,8 +351,236 @@
}
#endif /* ENABLE_CGI */
@@ -38,7 +54,7 @@
+{
+ char *envPath; /* pointer to the envrionment PATH variable */
+ char *relativePath;
-+ char scriptWorkingDir[MAX_PATH_LEN+1];
++ char scriptWorkingDir[2*MAX_PATH_LEN+1];
+ char **newArgv;
+ char **newEnvp;
+ int i;
@@ -57,17 +73,13 @@
+ /* first we create the pipes needed for stdout redirection */
+ if (pipe(outStdPipe))
+ {
-+#ifdef PRINTF_DEBUG
-+ printf("Pipe creation error\n");
++ DBGPRINTF(("Pipe creation error\n"));
+ return -1;
-+#endif
+ }
+ if (pipe(inStdPipe))
+ {
-+#ifdef PRINTF_DEBUG
-+ printf("Pipe creation error\n");
++ DBGPRINTF(("Pipe creation error\n"));
+ return -1;
-+#endif
+ }
+
+
@@ -77,25 +89,24 @@
+ { /* this is the parent process */
+ if (pid < 0)
+ { /* we check for creation error */
-+ printf ("Forking error during cgi exec: %d\n", errno);
++ DBGPRINTF(("Forking error during cgi exec: %d\n", errno));
+ return -1;
+ }
+ /* we close the unused end of the pipe */
+ close(outStdPipe[WRITE]);
+ close(inStdPipe[READ]);
+
-+ if (!strcmp(req.method, "POST")) /* we have to feed the stdin of the script */
++ if (req.method[0]=='P' && req.method[1]=='O' && req.method[2]=='S' && req.method[3]=='T' && req.method[4]=='\0')
+ {
++ /* we have to feed the stdin of the script */
+ if(!strlen(postStr))
+ {
-+#ifdef PRINTF_DEBUG
-+ printf("cannot post empty data\n");
-+#endif
++ DBGPRINTF(("cannot post empty data\n"));
+ return -1;
+ }
+ howMany = write(inStdPipe[WRITE], postStr, strlen(postStr));
+ if (howMany < 0)
-+ printf("Error during script pipe read.\n");
++ DBGPRINTF(("Error during script pipe read (POST).\n"));
+ }
+ totalSentFromPipe = 0;
+ fatal = NO;
@@ -103,16 +114,14 @@
+ while (howMany > 0 && !fatal)
+ {
+ howMany = read(outStdPipe[READ], pipeReadBuf, PIPE_READ_BUF);
-+ if (howMany < 0)
-+ printf("Error during script pipe read.\n");
-+ else if (!howMany)
-+ printf("Nothing read from script pipe.\n");
-+ else {
++ if (howMany > 0)
++ {
+ if (sendChunk(sock, pipeReadBuf, howMany) < 0)
+ fatal = YES;
+ else
+ totalSentFromPipe += howMany;
-+ }
++ } else
++ fatal = YES; /* it may be EOF too */
+ }
+ /* now we finished and we clean up */
+ wait(&i);
@@ -132,13 +141,6 @@
+ }
+
+ newEnvp = (char **)calloc(MAX_ENVP_LEN + 1, sizeof(char*));
-+ for (i = 0; i < MAX_ENVP_LEN + 1; i++)
-+ {
-+ newEnvp[i] = calloc(MAX_PATH_LEN, sizeof(char));
-+ }
-+
-+ /* extract PATH env variable */
-+ envPath = getenv("PATH");
+
+ i = 0;
+ strcpy(newArgv[i++], phpFileName); /* here we should pass the phppath */
@@ -180,51 +182,68 @@
+ /* beware of not overfilling this array, check MAX_ENVP_LEN */
+ if (req.contentLength != -1)
+ {
++ newEnvp[i] = (char *) calloc(35, sizeof(char));
+ sprintf(newEnvp[i++], "CONTENT_LENGTH=%ld", req.contentLength);
++ newEnvp[i] = (char *) calloc(CONTENT_TYPE_LEN + 14, sizeof(char));
+ strcpy(newEnvp[i], "CONTENT_TYPE=");
+ strcat(newEnvp[i++], req.contentType);
+ }
++ newEnvp[i] = (char *) calloc(strlen(DEFAULT_SERVER_NAME) + 13, sizeof(char));
+ strcpy(newEnvp[i], "SERVER_NAME=");
+ strcat(newEnvp[i++], DEFAULT_SERVER_NAME);
++ newEnvp[i] = (char *) calloc(128, sizeof(char));
+ strcpy(newEnvp[i], "SERVER_SOFTWARE=");
+ strcat(newEnvp[i], SERVER_SOFTWARE_STR);
+ strcat(newEnvp[i], "/");
+ strcat(newEnvp[i++], SERVER_VERSION_STR);
++ newEnvp[i] = (char *) calloc(METHOD_LEN+16, sizeof(char));
+ strcpy(newEnvp[i], "REQUEST_METHOD=");
+ strcat(newEnvp[i++], req.method);
++ newEnvp[i] = (char *) calloc(MAX_PATH_LEN+16, sizeof(char));
+ strcpy(newEnvp[i], "SCRIPT_NAME=");
+ strcat(newEnvp[i++], req.documentAddress);
++ newEnvp[i] = (char *) calloc(32, sizeof(char));
+ strcpy(newEnvp[i], "GATEWAY_INTERFACE=");
+ strcat(newEnvp[i++], CGI_VERSION);
++ newEnvp[i] = (char *) calloc(18, sizeof(char));
+ sprintf(newEnvp[i++], "SERVER_PORT=%d", port);
++ newEnvp[i] = (char *) calloc(MAX_QUERY_STRING_LEN+16, sizeof(char));
+ strcpy(newEnvp[i], "QUERY_STRING=");
+ strcat(newEnvp[i++], req.queryString);
++ newEnvp[i] = (char *) calloc(PROTOCOL_LEN+17, sizeof(char));
+ strcpy(newEnvp[i], "SERVER_PROTOCOL=");
+ strcat(newEnvp[i++], req.protocolVersion);
++ newEnvp[i] = (char *) calloc(ADDRESS_LEN+13, sizeof(char));
+ strcpy(newEnvp[i], "REMOTE_ADDR=");
+ strcat(newEnvp[i++], req.address);
++ newEnvp[i] = (char *) calloc(USER_AGENT_LEN+17, sizeof(char));
+ strcpy(newEnvp[i], "HTTP_USER_AGENT=");
+ strcat(newEnvp[i++], req.userAgent);
++ newEnvp[i] = (char *) calloc(MAX_PATH_LEN+17, sizeof(char));
++ completedPath[MAX_PATH_LEN]='\0';
+ strcpy(newEnvp[i], "SCRIPT_FILENAME=");
+ strcat(newEnvp[i++], completedPath);
+ if (req.cookie[0] != '\0')
+ {
++ newEnvp[i] = (char *) calloc(MAX_COOKIE_LEN+13, sizeof(char));
+ strcpy(newEnvp[i], "HTTP_COOKIE=");
+ strcat(newEnvp[i++], req.cookie);
+ }
-+ if (envPath != NULL)
-+ {
-+ strcpy(newEnvp[i], "PATH=");
-+ strcat(newEnvp[i++], envPath);
-+ }
++
++ /* extracting PATH env variable */
++ envPath = getenv("PATH");
++ /* we get the path from the env itself so we assume it safe */
++ newEnvp[i] = (char *) calloc(MAX_PATH_LEN+16, sizeof(char));
++ strcpy(newEnvp[i], "PATH=");
++ strcat(newEnvp[i++], envPath);
++
++ /* terminate the array */
+ newEnvp[i] = NULL;
+
+ /* we change the current working directory to the scripts one */
+ if(chdir(scriptWorkingDir))
+ {
-+#ifdef PRINTF_DEBUG
-+ printf("error while changing PWD in script execution: %d\n", errno);
-+#endif
++ DBGPRINTF(("error while changing PWD in script execution: %d\n", errno));
+ }
+
+ close(outStdPipe[READ]); /* we close the unused end*/
diff --git a/www/pserv/files/patch-main.c b/www/pserv/files/patch-main.c
index e299755b5bc7..d3be8f83dd11 100644
--- a/www/pserv/files/patch-main.c
+++ b/www/pserv/files/patch-main.c
@@ -1,6 +1,6 @@
---- sources/main.c.orig Mon May 16 23:13:18 2005
-+++ sources/main.c Sat May 28 10:42:47 2005
-@@ -23,6 +23,7 @@
+--- sources/main.c.orig 2005-06-01 12:36:18.000000000 +0200
++++ sources/main.c 2008-09-03 13:13:27.000000000 +0200
+@@ -27,6 +27,7 @@
char defaultFileName[MAX_PATH_LEN+1];
char logFileName[MAX_PATH_LEN+1];
char mimeTypesFileName[MAX_PATH_LEN+1];
@@ -8,7 +8,7 @@
char cgiRoot[MAX_PATH_LEN+1]; /* root for CGI scripts exec */
struct timeval sockTimeVal;
mimeData *mimeArray; /* here we will hold all MIME data, inited once, never to be changed */
-@@ -314,10 +315,13 @@
+@@ -302,10 +303,13 @@
reqStruct->keepAlive = YES;
else if (!strncmp(reqArray[1], "Connection: keep-alive", strlen("Connection: keep-alive")))
reqStruct->keepAlive = YES;
@@ -23,7 +23,7 @@
while (i < readLines)
{
if (!strncmp(reqArray[i], "User-Agent:", strlen("User-Agent:")))
-@@ -332,6 +336,20 @@
+@@ -320,6 +324,20 @@
#ifdef PRINTF_DEBUG
printf("content length %ld\n", reqStruct->contentLength);
#endif
@@ -44,7 +44,7 @@
}
i++;
}
-@@ -442,18 +460,39 @@
+@@ -433,18 +451,39 @@
* we append the default file name */
strcat(completeFilePath, defaultFileName);
analyzeExtension(mimeType, completeFilePath);
@@ -86,8 +86,16 @@
+#endif
}
}
- } else if (!strcmp(req.method, "HEAD"))
-@@ -485,7 +524,14 @@
+ } else if (req.method[0]=='H' && req.method[1]=='E' && req.method[2]=='A' && req.method[3]=='D' && req.method[4]=='\0')
+@@ -461,6 +500,7 @@
+ {
+ strcpy(completeFilePath, homePath);
+ strcat(completeFilePath, req.documentAddress);
++
+ /* now we check if the given file is a directory or a plain file */
+ stat(completeFilePath, &fileStats);
+ if ((fileStats.st_mode & S_IFDIR) == S_IFDIR)
+@@ -475,7 +515,14 @@
strcat(completeFilePath, defaultFileName);
}
analyzeExtension(mimeType, completeFilePath);
@@ -101,12 +109,12 @@
+ phpHandler(port, sock, phpFileName, completeFilePath, req, NULL);
+#endif
}
- } else if (!strcmp(req.method, "POST"))
+ } else if (req.method[0]=='P' && req.method[1]=='O' && req.method[2]=='S' && req.method[3]=='T' && req.method[4]=='\0')
{
-@@ -499,13 +545,6 @@
- int readFinished;
+@@ -488,13 +535,6 @@
+ int ch;
- printf("Handling of POST method\n");
+ DBGPRINTF(("Handling of POST method\n"));
- /* first we check if the path contains the directory selected for cgi's and in case handle it */
- if (strncmp(req.documentAddress, CGI_MATCH_STRING, strlen(CGI_MATCH_STRING)))
- {
@@ -115,21 +123,21 @@
- return -1;
- }
#ifdef ENABLE_CGI
- #ifdef PRINTF_DEBUG
- printf ("begin of post handling\n");
-@@ -522,7 +561,7 @@
+ DBGPRINTF(("begin of post handling\n"));
+ buff[0] = '\0';
+@@ -507,7 +547,7 @@
return -1;
- } else if (req.contentLength >= BUFFER_SIZE)
+ } else if (req.contentLength >= POST_BUFFER_SIZE)
{
- sayError(sock, BUFFER_OVERFLOW, "", req);
+ sayError(sock, POST_BUFFER_OVERFLOW, "", req);
return -1;
}
while (!readFinished)
-@@ -601,7 +640,77 @@
- #ifdef PRINTF_DEBUG
- printf("buff: |%s|\n", buff);
- #endif
+@@ -557,7 +597,38 @@
+ buff[totalRead] = '\0';
+ }
+ DBGPRINTF(("buff: |%s|\n", buff));
- cgiHandler(port, sock, req, buff);
+ if (!strncmp(req.documentAddress, CGI_MATCH_STRING, strlen(CGI_MATCH_STRING)))
+ {
@@ -139,45 +147,6 @@
+#ifdef PHP
+ strcpy(completeFilePath, homePath);
+ strcat(completeFilePath, req.documentAddress);
-+ /* now we check if the given path tries to get out of the root */
-+ {
-+ int i,j;
-+ int sL;
-+ char dirName[MAX_PATH_LEN+1];
-+ int depthCount = 0;
-+
-+ sL = strlen(req.documentAddress);
-+ dirName[0] = '\0';
-+ if (sL > 3) {
-+ dirName[0] = req.documentAddress[1];
-+ dirName[1] = req.documentAddress[2];
-+ dirName[2] = req.documentAddress[3];
-+ dirName[3] ='\0';
-+ if (!strcmp(dirName, "../"))
-+ {
-+ sayError(sock, FORBIDDEN, req.documentAddress, req);
-+ return -1;
-+ }
-+ }
-+ j = 0;
-+ for (i = 1; i < sL; i++) {
-+ if (req.documentAddress[i] == '/')
-+ {
-+ dirName[j] = '\0';
-+ if (strcmp(dirName, ".."))
-+ depthCount ++;
-+ else
-+ depthCount--;
-+ j = 0;
-+ } else
-+ dirName[j++] = req.documentAddress[i];
-+ }
-+ if (depthCount < 0)
-+ {
-+ sayError(sock, FORBIDDEN, req.documentAddress, req);
-+ return -1;
-+ }
-+ }
+ /* now we check if the given file is a directory or a plain file */
+ stat(completeFilePath, &fileStats);
+ if ((fileStats.st_mode & S_IFDIR) == S_IFDIR)
@@ -205,7 +174,7 @@
}
#endif /* ENABLE_CGI */
#ifndef ENABLE_CGI
-@@ -637,7 +746,7 @@
+@@ -593,7 +664,7 @@
f = fopen(configFile, "r");
if (f == NULL)
{
@@ -214,7 +183,7 @@
*serverPort = DEFAULT_PORT;
*maxChildren = DEFAULT_MAX_CHILDREN;
strcpy(homePath, DEFAULT_DOCS_LOCATION);
-@@ -646,7 +755,9 @@
+@@ -602,7 +673,9 @@
sockTimeVal.tv_usec = DEFAULT_USEC_TO;
strcpy(logFileName, DEFAULT_LOG_FILE);
strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);
@@ -224,7 +193,7 @@
return -1;
}
if (!feof(f)) fscanf(f, "%s %s", str1, str2);
-@@ -747,11 +858,25 @@
+@@ -703,11 +776,25 @@
if (mimeTypesFileName == NULL)
{
strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);