X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/56d71638dbf48b8e4885e1e5ed5d0f1859674541..89854bcd73c321bcea574e0443360bbf170de781:/package/uhttpd/src/uhttpd.c diff --git a/package/uhttpd/src/uhttpd.c b/package/uhttpd/src/uhttpd.c index a7db794a5..2f77a32a9 100644 --- a/package/uhttpd/src/uhttpd.c +++ b/package/uhttpd/src/uhttpd.c @@ -42,6 +42,11 @@ static void uh_sigterm(int sig) run = 0; } +static void uh_sigchld(int sig) +{ + while( waitpid(-1, NULL, WNOHANG) > 0 ) { } +} + static void uh_config_parse(const char *path) { FILE *c; @@ -66,8 +71,8 @@ static void uh_config_parse(const char *path) if( !uh_auth_add(line, user, pass) ) { fprintf(stderr, - "Can not manage more than %i basic auth realms, " - "will skip the rest\n", UH_LIMIT_AUTHREALMS + "Notice: No password set for user %s, ignoring " + "authentication on %s\n", user, line ); break; @@ -155,6 +160,7 @@ static int uh_socket_bind( /* add socket to server fd set */ FD_SET(sock, serv_fds); + fd_cloexec(sock); *max_fd = max(*max_fd, sock); bound++; @@ -404,40 +410,54 @@ int main (int argc, char **argv) struct sigaction sa; struct config conf; + /* signal mask */ + sigset_t ss; + /* maximum file descriptor number */ int new_fd, cur_fd, max_fd = 0; +#ifdef HAVE_TLS int tls = 0; int keys = 0; +#endif + int bound = 0; int nofork = 0; /* args */ - char opt; + int opt; char bind[128]; char *port = NULL; - /* library handles */ - void *tls_lib; - void *lua_lib; +#if defined(HAVE_TLS) || defined(HAVE_LUA) + /* library handle */ + void *lib; +#endif /* clear the master and temp sets */ FD_ZERO(&used_fds); FD_ZERO(&serv_fds); FD_ZERO(&read_fds); - /* handle SIGPIPE, SIGCHILD */ + /* handle SIGPIPE, SIGINT, SIGTERM, SIGCHLD */ sa.sa_flags = 0; sigemptyset(&sa.sa_mask); sa.sa_handler = SIG_IGN; sigaction(SIGPIPE, &sa, NULL); + + sa.sa_handler = uh_sigchld; sigaction(SIGCHLD, &sa, NULL); sa.sa_handler = uh_sigterm; sigaction(SIGINT, &sa, NULL); sigaction(SIGTERM, &sa, NULL); + /* defer SIGCHLD */ + sigemptyset(&ss); + sigaddset(&ss, SIGCHLD); + sigprocmask(SIG_BLOCK, &ss, NULL); + /* prepare addrinfo hints */ memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; @@ -450,7 +470,7 @@ int main (int argc, char **argv) #ifdef HAVE_TLS /* load TLS plugin */ - if( ! (tls_lib = dlopen("uhttpd_tls.so", RTLD_LAZY | RTLD_GLOBAL)) ) + if( ! (lib = dlopen("uhttpd_tls.so", RTLD_LAZY | RTLD_GLOBAL)) ) { fprintf(stderr, "Notice: Unable to load TLS plugin - disabling SSL support! " @@ -460,14 +480,14 @@ int main (int argc, char **argv) else { /* resolve functions */ - if( !(conf.tls_init = dlsym(tls_lib, "uh_tls_ctx_init")) || - !(conf.tls_cert = dlsym(tls_lib, "uh_tls_ctx_cert")) || - !(conf.tls_key = dlsym(tls_lib, "uh_tls_ctx_key")) || - !(conf.tls_free = dlsym(tls_lib, "uh_tls_ctx_free")) || - !(conf.tls_accept = dlsym(tls_lib, "uh_tls_client_accept")) || - !(conf.tls_close = dlsym(tls_lib, "uh_tls_client_close")) || - !(conf.tls_recv = dlsym(tls_lib, "uh_tls_client_recv")) || - !(conf.tls_send = dlsym(tls_lib, "uh_tls_client_send")) + if( !(conf.tls_init = dlsym(lib, "uh_tls_ctx_init")) || + !(conf.tls_cert = dlsym(lib, "uh_tls_ctx_cert")) || + !(conf.tls_key = dlsym(lib, "uh_tls_ctx_key")) || + !(conf.tls_free = dlsym(lib, "uh_tls_ctx_free")) || + !(conf.tls_accept = dlsym(lib, "uh_tls_client_accept")) || + !(conf.tls_close = dlsym(lib, "uh_tls_client_close")) || + !(conf.tls_recv = dlsym(lib, "uh_tls_client_recv")) || + !(conf.tls_send = dlsym(lib, "uh_tls_client_send")) ) { fprintf(stderr, "Error: Failed to lookup required symbols " @@ -485,7 +505,7 @@ int main (int argc, char **argv) } #endif - while( (opt = getopt(argc, argv, "fC:K:p:s:h:c:l:L:d:r:m:x:")) > 0 ) + while( (opt = getopt(argc, argv, "fSC:K:p:s:h:c:l:L:d:r:m:x:t:T:")) > 0 ) { switch(opt) { @@ -508,6 +528,7 @@ int main (int argc, char **argv) port = optarg; } +#ifdef HAVE_TLS if( opt == 's' ) { if( !conf.tls ) @@ -521,6 +542,7 @@ int main (int argc, char **argv) tls = 1; } +#endif /* bind sockets */ bound += uh_socket_bind( @@ -528,6 +550,7 @@ int main (int argc, char **argv) &hints, (opt == 's'), &conf ); + memset(bind, 0, sizeof(bind)); break; #ifdef HAVE_TLS @@ -574,6 +597,11 @@ int main (int argc, char **argv) } break; + /* don't follow symlinks */ + case 'S': + conf.no_symlinks = 1; + break; + #ifdef HAVE_CGI /* cgi prefix */ case 'x': @@ -593,6 +621,18 @@ int main (int argc, char **argv) break; #endif +#if defined(HAVE_CGI) || defined(HAVE_LUA) + /* script timeout */ + case 't': + conf.script_timeout = atoi(optarg); + break; +#endif + + /* network timeout */ + case 'T': + conf.network_timeout = atoi(optarg); + break; + /* no fork */ case 'f': nofork = 1; @@ -638,6 +678,7 @@ int main (int argc, char **argv) " -K file ASN.1 server private key file\n" #endif " -h directory Specify the document root, default is '.'\n" + " -S Do not follow symbolic links outside of the docroot\n" #ifdef HAVE_LUA " -l string URL prefix for Lua handler, default is '/lua'\n" " -L file Lua handler script, omit to disable Lua\n" @@ -645,6 +686,10 @@ int main (int argc, char **argv) #ifdef HAVE_CGI " -x string URL prefix for CGI handler, default is '/cgi-bin'\n" #endif +#if defined(HAVE_CGI) || defined(HAVE_LUA) + " -t seconds CGI and Lua script timeout in seconds, default is 60\n" +#endif + " -T seconds Network timeout in seconds, default is 30\n" " -d string URL decode given string\n" " -r string Specify basic auth realm\n" " -m string MD5 crypt given string\n" @@ -684,6 +729,16 @@ int main (int argc, char **argv) /* config file */ uh_config_parse(conf.file); + /* default network timeout */ + if( conf.network_timeout <= 0 ) + conf.network_timeout = 30; + +#if defined(HAVE_CGI) || defined(HAVE_LUA) + /* default script timeout */ + if( conf.script_timeout <= 0 ) + conf.script_timeout = 60; +#endif + #ifdef HAVE_CGI /* default cgi prefix */ if( ! conf.cgi_prefix ) @@ -692,7 +747,7 @@ int main (int argc, char **argv) #ifdef HAVE_LUA /* load Lua plugin */ - if( ! (lua_lib = dlopen("uhttpd_lua.so", RTLD_LAZY | RTLD_GLOBAL)) ) + if( ! (lib = dlopen("uhttpd_lua.so", RTLD_LAZY | RTLD_GLOBAL)) ) { fprintf(stderr, "Notice: Unable to load Lua plugin - disabling Lua support! " @@ -702,9 +757,9 @@ int main (int argc, char **argv) else { /* resolve functions */ - if( !(conf.lua_init = dlsym(lua_lib, "uh_lua_init")) || - !(conf.lua_close = dlsym(lua_lib, "uh_lua_close")) || - !(conf.lua_request = dlsym(lua_lib, "uh_lua_request")) + if( !(conf.lua_init = dlsym(lib, "uh_lua_init")) || + !(conf.lua_close = dlsym(lib, "uh_lua_close")) || + !(conf.lua_request = dlsym(lib, "uh_lua_request")) ) { fprintf(stderr, "Error: Failed to lookup required symbols " @@ -794,6 +849,7 @@ int main (int argc, char **argv) /* add client socket to global fdset */ FD_SET(new_fd, &used_fds); + fd_cloexec(new_fd); max_fd = max(max_fd, new_fd); }