Attachment #38618 for bug #61065

View | Details | Raw Unified | Return to bug 61065
Collapse All | Expand All




#

PORTNAME=	pserv
PORTVERSION=	3.0.b3
CATEGORIES=	www
MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR=	${PORTNAME}
DISTNAME=	${PORTNAME}-08-Jan-04
EXTRACT_SUFX=	.tar.Z

MAINTAINER=	sysadmin@alexdupre.com
COMMENT=	A portable and small webserver written in C

WRKSRC=		${WRKDIR}/${PORTNAME}
BUILD_WRKSRC=	${WRKSRC}/sources
USE_REINPLACE=	yes

post-patch:
	@${REINPLACE_CMD} "s|%%PREFIX%%|${PREFIX}|g;s|%%LOCALBASE%%|${LOCALBASE}|g" \
		${WRKSRC}/defaults/pserv.conf

do-install:
	${INSTALL_PROGRAM} ${WRKSRC}/sources/pserv ${PREFIX}/sbin/
	${INSTALL_DATA} ${WRKSRC}/defaults/mime_types.dat ${PREFIX}/etc/mime.types
	${INSTALL_DATA} ${WRKSRC}/defaults/pserv.conf ${PREFIX}/etc/
	${INSTALL_SCRIPT} ${FILESDIR}/pserv.sh ${PREFIX}/etc/rc.d/

.include <bsd.port.mk>

Line 1 Link Here

(-)pserv/distinfo (-1 / +1 lines)
1	MD5 (pserv-20-Oct-03.tar.Z) = 1b38238b8de0704b03ae245271f4899e	1	MD5 (pserv-08-Jan-04.tar.Z) = 716795e74babdf70daeb7b93dbb7f47b

Lines 1-12 Link Here

(-)pserv/files/patch-Makefile (-6 / +6 lines)
1	--- Makefile.orig Tue Oct 21 00:05:55 2003	1	--- sources/Makefile.orig Thu Oct 23 12:43:08 2003
2	+++ Makefile Tue Oct 21 00:07:34 2003	2	+++ sources/Makefile Thu Jan 8 12:37:57 2004
3	@@ -1,11 +1,11 @@	3	@@ -1,11 +1,11 @@
4	#Change the following to your needs	4	#Change the following to your needs
5	-CC = gcc	5	-CC = cc
		6	-#insert here flags, eg. optimizations
		7	-CFLAGS = -Wall
6	+CC ?= gcc	8	+CC ?= gcc
7	#insert here flags, eg. optimizations	9	LIBS =
8	-CFLAGS = -Wall -O3
9	-LIBS =
10	SRCS = main.c handlers.c mime.c log.c	10	SRCS = main.c handlers.c mime.c log.c
11	OBJS = main.o handlers.o mime.o log.o	11	OBJS = main.o handlers.o mime.o log.o
12	PROGRAM = pserv	12	PROGRAM = pserv

Lines 1-5 Link Here

(-)pserv/files/patch-handlers.c (-19 / +2 lines)
1	--- handlers.c.orig Mon Oct 20 10:27:32 2003	1	--- sources/handlers.c.orig Mon Oct 20 10:27:32 2003
2	+++ handlers.c Tue Oct 21 00:13:59 2003	2	+++ sources/handlers.c Tue Oct 21 00:13:59 2003
3	@@ -24,6 +24,7 @@	3	@@ -24,6 +24,7 @@
4	#endif	4	#endif
5		5
Lines 295-314 Link Here
295	fatal = NO;	295	fatal = NO;
296	retry = NO;	296	retry = NO;
297	while(!feof(inFile) && !fatal)	297	while(!feof(inFile) && !fatal)
298	@@ -408,11 +659,11 @@
299	if (howMany > 0)
300	{
301	#ifdef ON_THE_FLY_CONVERSION
302	- {
303	- int i;
304	- for (i = 0; i < howMany; i++)
305	- if(outBuff[i] == '\r') outBuff[i] = '\n';
306	- }
307	+ {
308	+ int i;
309	+ for (i = 0; i < howMany; i++)
310	+ if(outBuff[i] == '\r') outBuff[i] = '\n';
311	+ }
312	#endif
313	if (send(sock, outBuff, howMany, 0) < 0)
314	{

Lines 1-5 Link Here

(-)pserv/files/patch-handlers.h (-2 / +2 lines)
1	--- handlers.h.orig Wed Oct 15 17:06:59 2003	1	--- sources/handlers.h.orig Wed Oct 15 17:06:59 2003
2	+++ handlers.h Wed Oct 15 17:07:08 2003	2	+++ sources/handlers.h Wed Oct 15 17:07:08 2003
3	@@ -19,6 +19,7 @@	3	@@ -19,6 +19,7 @@
4		4
5	/* handlers.c */	5	/* handlers.c */




--- sources/main.c.orig	Sat Dec 20 11:16:21 2003
+++ sources/main.c	Thu Jan  8 12:27:13 2004
@@ -23,6 +23,7 @@
 char defaultFileName[MAX_PATH_LEN+1];
 char logFileName[MAX_PATH_LEN+1];

 char cgiRoot[MAX_PATH_LEN+1]; /* root for CGI scripts exec */
 struct timeval sockTimeVal;
 mimeData *mimeArray; /* here we will hold all MIME data, inited once, never to be changed */
@@ -316,10 +317,13 @@
         reqStruct->keepAlive = YES;
     int readLines;
     int tokenEnd;
-   
-    /* we copy the header lines to an array for easier parsing */ 
+
+    /* we copy the header lines to an array for easier parsing */
     /* but first we make sure that our string has a newline and an end */
-    req[BUFFER_SIZE] = '\0';    
+    req[BUFFER_SIZE] = '\0';
     reqSize = strlen(req);
     req[reqSize] = '\n';
     reqSize++;
@@ -230,7 +231,7 @@
     for (k = 0; k < readLines; k++)
         printf("%d - |%s|\n", k, reqArray[k]);
 #endif
-    
+
     /* first line: method, path and protocol version */
     /* we copy to a temporary buffer to be more secure against overflows */
     i = j = 0;
@@ -246,7 +247,7 @@
     else
         tokenEnd = NO;
     i++;
-    
+
     /* we look for the document address */
     j = 0;
     reqStruct->documentAddress[0] = '\0';
@@ -259,14 +260,14 @@
         else
             token[j] = '\0';      /* to make sure we have a string */
         /* now we need to convert some escapings from the path like %20 */
-	convertPercents(token, j);
+        convertPercents(token, j);
         strcpy(reqStruct->documentAddress, token);  /* copy back */
         if (reqArray[0][i] == '\0')
             tokenEnd = YES;
         else
             tokenEnd = NO;
         i++;
-    
+
         /* we need now to separate path from query string ("?" separated) */
         if (reqArray[0][i-1] == '?')
         {
@@ -282,7 +283,7 @@
             i++;
         }
     }
-    
+
     /* we analyze the HTTP protocol version */
     /* default is 0.9 since that version didn't report itself */
     strcpy(reqStruct->protocolVersion, "HTTP/0.9");
@@ -306,10 +307,13 @@
     else if (!strncmp(reqArray[1], "Connection: Keep-Alive", strlen("Connection: keep-alive")))
         reqStruct->keepAlive = YES;
 
-    /* user-agent, content-length and else */
+    /* user-agent, content-length, content-type, cookie and else */
     i = 1;

     while (i < readLines)
     {
         if (!strncmp(reqArray[i], "User-Agent:", strlen("User-Agent:")))
@@ -327,14 +331,28 @@
             strncpy(reqStruct->userAgent, &reqArray[i][strlen("User-Agent: ")], USER_AGENT_LEN - 1);
             reqStruct->userAgent[USER_AGENT_LEN] = '\0';
         }

+        {
+            strcpy(token, &reqArray[i][strlen("Content-length: ")]);
+            sscanf(token, "%ld", &(reqStruct->contentLength));
+#ifdef PRINTF_DEBUG
-	    printf("content length %ld\n", reqStruct->contentLength);
+            printf("content length %ld\n", reqStruct->contentLength);
+#endif
-	}
+        }
+        else if (!strncmp(reqArray[i], "Content-Type:", strlen("Content-type:")) || !strncmp(reqArray[i], "Content-type:", strlen("Content-type:")))
+        {

+        else if (!strncmp(reqArray[i], "Cookie:", strlen("Cookie:")))
+        {
+            strncpy(reqStruct->cookie, &reqArray[i][strlen("Cookie: ")], MAX_COOKIE_LEN - 1);
 #ifdef PRINTF_DEBUG
-	    printf("content length %ld\n", reqStruct->contentLength);
+            printf("cookie %s\n", reqStruct->cookie);
 #endif
-	}
+        }
         i++;
     }
     /* if we didn't find a User-Agent we fill in a (N)ot(R)ecognized */
@@ -431,18 +449,39 @@
                     /* we append the default file name */
                     strcat(completeFilePath, defaultFileName);
                     analyzeExtension(mimeType, completeFilePath);

             }
         }
     } else if (!strcmp(req.method, "HEAD"))
@@ -511,7 +550,14 @@
                 strcat(completeFilePath, defaultFileName);
             }
             analyzeExtension(mimeType, completeFilePath);

         }
     } else if (!strcmp(req.method, "POST"))
     {
@@ -525,13 +571,6 @@
         int readFinished;
         
         printf("Handling of POST method\n");

 #ifdef PRINTF_DEBUG
         printf ("begin of post handling\n");
 
@@ -625,7 +664,77 @@
         totalRead = 0;
         stuckCounter = 0;
         timeOutCounter = 0;
-        while (!readFinished)
-        {
-            howMany = recv(newSocket, tempBuff, BUFFER_SIZE, 0);
+
+        /* SECURITY: Avoid malicious Content-Length -- check \r\n\r\n\0 also */
+        if (req.contentLength < 0 || req.contentLength >= BUFFER_SIZE-5) {
+                sayError(sock, 500, "", req);
+                return -1;
+        }
+
+        /* SECURITY: Remove loop to prevent buffer overflow */
+            howMany = recv(newSocket, tempBuff, req.contentLength+5, 0);
 	    tempBuff[howMany] = '\0'; /* seems that some Unices need this */
 #ifdef PRINTF_DEBUG
         printf ("read: %d\n%s\n", howMany, tempBuff);
@@ -579,16 +624,15 @@
 	    	if (howMany == req.contentLength)
 		    readFinished = YES;
             }
-    }
 #ifdef PRINTF_DEBUG
-    printf("total read %d\n", totalRead);
+        printf("total read %d\n", totalRead);
 #endif
-    if (totalRead == 0)
-    {
-        printf("Request read error\n");
-    } else
-    {
-        if (buff[totalRead - 1] != '\n') /* we need a trailing \n or the script will wait forever */
+        if (totalRead == 0)
+        {
+            printf("Request read error\n");
+        } else
+        {
+            if (buff[totalRead - 1] != '\n') /* we need a trailing \n or the script will wait forever */
             {
                 buff[totalRead++] = '\n';
                 buff[totalRead] = '\0';
@@ -596,7 +640,77 @@
 #ifdef PRINTF_DEBUG
             printf("buff: |%s|\n", buff);
 #endif

         }
     } else
     {
@@ -654,7 +763,7 @@
     f = fopen(configFile, "r");
     if (f == NULL)
     {

         *serverPort = DEFAULT_PORT;
         *maxChildren = DEFAULT_MAX_CHILDREN;
         strcpy(homePath, DEFAULT_DOCS_LOCATION);
@@ -663,7 +772,9 @@
         sockTimeVal.tv_usec = DEFAULT_USEC_TO;
         strcpy(logFileName, DEFAULT_LOG_FILE);
         strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);

         return -1;
     }
     if (!feof(f)) fscanf(f, "%s %s", str1, str2);
@@ -764,11 +875,25 @@
         if (mimeTypesFileName == NULL)
         {
             strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);

     }
     if (!feof(f)) fscanf(f, "%s %s", str1, str2);
     if (str1 != NULL && str2 != NULL && !strcmp(str1, "cgiRoot"))
@@ -775,6 +905,7 @@
     int readFinished;
     struct request gottenReq;
     int isKeepAlive;
+    int bool;
     struct sockaddr_in listenName;           /* data struct for the listen port */
     struct sockaddr_in acceptedSockStruct;   /* sockaddr for the internetworking */
     int acceptedSocketLen;                   /* size of the structure */
@@ -808,9 +939,16 @@
         printf("socket creation error occoured\n");
         return -1;
     }
+    bool = 1;
+    error = setsockopt (theSocket, SOL_SOCKET, SO_REUSEADDR, &bool, sizeof(bool));
+    if (error == -1)
+    {   if (errno == EADDRINUSE)
+        printf("set socket option error occoured\n");
+        return -1;
+    }
     error = bind (theSocket, (struct sockaddr*)  &listenName, sizeof(listenName));
     if (error == -1)
-    {
+    {   if (errno == EADDRINUSE)
         printf("socket binding error occoured\n");
         return -2;
     }




--- sources/main.h.orig	Sat Dec 20 11:16:21 2003
+++ sources/main.h	Thu Jan  8 12:31:15 2004
@@ -27,12 +27,13 @@
 
 
 /* --- CPP parsing options --- */
-#define PRINTF_DEBUG          /* enable this to print some debugging messages */
+#undef PRINTF_DEBUG          /* enable this to print some debugging messages */
 #undef ON_THE_FLY_CONVERSION /* enable this for line ending conversion */
 #define BRAIN_DEAD_CAST       /* if your compiler is brainwashed and does not cast standard types.h structures */
 #define FORKING_SERVER        /* enables to fork for every request */
 #define AUTO_INDEX            /* enables auto-index of directories */
 #define SOCKADDR_REUSE        /* enables reuse oth the socket (quick relaunch) */
+#define PHP                   /* enables transparent PHP support */
 
 
 /* --- Configure options --- */
@@ -44,18 +45,19 @@
@@ -42,19 +43,19 @@
 #define MIME_TYPE_DEFAULT "application/octet-stream"
 
 /* configuration file location */
-#define DEFAULT_CONFIG_LOCATION "/home/multix/pserv/defaults/"
-//#define DEFAULT_CONFIG_LOCATION "/Users/multix/Documents/code/pserv/"
+#define DEFAULT_CONFIG_LOCATION "/usr/local/etc/"
 
 /* hard-wired defaults, if loading of config file fails */

 #define DEFAULT_FILE_NAME "index.html"
 #define DEFAULT_SEC_TO 1
 #define DEFAULT_USEC_TO 100
-#define DEFAULT_LOG_FILE "/home/multix/pserv/pserv.log"
-#define DEFAULT_MIME_FILE "/home/multix/pserv/mime_types.dat"
-#define DEFAULT_CGI_ROOT "/home/multix/public_html/cgi-bin"
+#define DEFAULT_LOG_FILE "/var/log/pserv.log"
+#define DEFAULT_MIME_FILE "/usr/local/etc/mime.types"
+#define DEFAULT_PHP_FILE "/usr/local/bin/php"

 #define DEFAULT_SERVER_NAME "localhost"
 
 /* amount of connections queued in listening */
@@ -127,8 +129,10 @@
 #define ADDRESS_LEN 16
 #define METHOD_LEN 16
 #define PROTOCOL_LEN 16

 
 /* the maximum path name of your system should be available in MAXNAMLEN 
    defined in dirent.h. If not, set a reasonable value like 1024 */
@@ -143,7 +147,9 @@
     char protocolVersion[PROTOCOL_LEN+1];
     int keepAlive;
     char userAgent[USER_AGENT_LEN+1];

Lines 1-5 Link Here

(-)pserv/files/patch-mime.c (-2 / +2 lines)
1	--- mime.c.orig Thu Sep 18 15:26:55 2003	1	--- sources/mime.c.orig Thu Sep 18 15:26:55 2003
2	+++ mime.c Wed Oct 15 18:38:42 2003	2	+++ sources/mime.c Wed Oct 15 18:38:42 2003
3	@@ -43,8 +43,8 @@	3	@@ -43,8 +43,8 @@
4	f = fopen(mimeTypesFileName, "r");	4	f = fopen(mimeTypesFileName, "r");
5	if (f == NULL)	5	if (f == NULL)

Lines 1-5 Link Here

(-)pserv/files/patch-mime_types.dat (-2 / +2 lines)
1	--- mime_types.dat.orig Wed Oct 15 15:57:08 2003	1	--- defaults/mime_types.dat.orig Wed Oct 15 15:57:08 2003
2	+++ mime_types.dat Wed Oct 15 15:57:22 2003	2	+++ defaults/mime_types.dat Wed Oct 15 15:57:22 2003
3	@@ -14,3 +14,4 @@	3	@@ -14,3 +14,4 @@
4	tar application/x-tar	4	tar application/x-tar
5	lha application/octet-stream	5	lha application/octet-stream

Lines 1-8 Link Here

(-)pserv/files/patch-pserv.conf (-5 / +5 lines)
1	--- pserv.conf.orig Sun Oct 19 16:51:27 2003	1	--- defaults/pserv.conf.orig Sat Dec 20 01:22:10 2003
2	+++ pserv.conf Tue Oct 21 00:22:07 2003	2	+++ defaults/pserv.conf Thu Jan 8 12:33:51 2004
3	@@ -1,9 +1,10 @@	3	@@ -1,9 +1,10 @@
4	-port 80	4	-port 8080
5	+port 80	5	+port 80
6	maxChildren 4	6	maxChildren 4
7	-documentsPath /home/multix/public_html	7	-documentsPath /home/multix/public_html
8	+documentsPath %%PREFIX%%/www/data	8	+documentsPath %%PREFIX%%/www/data
Lines 10-16 Link Here
10	secTimeout 1	10	secTimeout 1
11	uSecTimeout 100000	11	uSecTimeout 100000
12	-logFile /home/multix/pserv/pserv.log	12	-logFile /home/multix/pserv/pserv.log
13	-mimeTypesFile /home/multix/pserv/mime_types.dat	13	-mimeTypesFile /home/multix/pserv/defaults/mime_types.dat
14	-cgiRoot /home/multix/public_html/cgi-bin	14	-cgiRoot /home/multix/public_html/cgi-bin
15	+logFile /var/log/pserv.log	15	+logFile /var/log/pserv.log
16	+mimeTypesFile %%PREFIX%%/etc/mime.types	16	+mimeTypesFile %%PREFIX%%/etc/mime.types

Return to bug 61065

Lines 6-32 Link Here

(-)pserv/Makefile (-6 / +7 lines)
6	#	6	#
7		7
8	PORTNAME= pserv	8	PORTNAME= pserv
9	PORTVERSION= 3.0.b2	9	PORTVERSION= 3.0.b3
10	CATEGORIES= www	10	CATEGORIES= www
11	MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}	11	MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
12	MASTER_SITE_SUBDIR= ${PORTNAME}	12	MASTER_SITE_SUBDIR= ${PORTNAME}
13	DISTNAME= ${PORTNAME}-20-Oct-03	13	DISTNAME= ${PORTNAME}-08-Jan-04
14	EXTRACT_SUFX= .tar.Z	14	EXTRACT_SUFX= .tar.Z
15		15
16	MAINTAINER= sysadmin@alexdupre.com	16	MAINTAINER= sysadmin@alexdupre.com
17	COMMENT= A portable and small webserver written in C	17	COMMENT= A portable and small webserver written in C
18		18
19	WRKSRC= ${WRKDIR}/${PORTNAME}	19	WRKSRC= ${WRKDIR}/${PORTNAME}
		20	BUILD_WRKSRC= ${WRKSRC}/sources
20	USE_REINPLACE= yes	21	USE_REINPLACE= yes
21		22
22	post-patch:	23	post-patch:
23	@${REINPLACE_CMD} "s\|%%PREFIX%%\|${PREFIX}\|g;s\|%%LOCALBASE%%\|${LOCALBASE}\|g" \	24	@${REINPLACE_CMD} "s\|%%PREFIX%%\|${PREFIX}\|g;s\|%%LOCALBASE%%\|${LOCALBASE}\|g" \
24	${WRKSRC}/pserv.conf	25	${WRKSRC}/defaults/pserv.conf
25		26
26	do-install:	27	do-install:
27	${INSTALL_PROGRAM} ${WRKSRC}/pserv ${PREFIX}/sbin/	28	${INSTALL_PROGRAM} ${WRKSRC}/sources/pserv ${PREFIX}/sbin/
28	${INSTALL_DATA} ${WRKSRC}/mime_types.dat ${PREFIX}/etc/mime.types	29	${INSTALL_DATA} ${WRKSRC}/defaults/mime_types.dat ${PREFIX}/etc/mime.types
29	${INSTALL_DATA} ${WRKSRC}/pserv.conf ${PREFIX}/etc/	30	${INSTALL_DATA} ${WRKSRC}/defaults/pserv.conf ${PREFIX}/etc/
30	${INSTALL_SCRIPT} ${FILESDIR}/pserv.sh ${PREFIX}/etc/rc.d/	31	${INSTALL_SCRIPT} ${FILESDIR}/pserv.sh ${PREFIX}/etc/rc.d/
31		32
32	.include <bsd.port.mk>	33	.include <bsd.port.mk>

Lines 1-5 Link Here

(-)pserv/files/patch-main.c (-146 / +19 lines)
1	--- main.c.orig Mon Sep 22 10:39:24 2003	1	--- sources/main.c.orig Sat Dec 20 11:16:21 2003
2	+++ main.c Thu Oct 16 14:00:02 2003	2	+++ sources/main.c Thu Jan 8 12:27:13 2004
3	@@ -23,6 +23,7 @@	3	@@ -23,6 +23,7 @@
4	char defaultFileName[MAX_PATH_LEN+1];	4	char defaultFileName[MAX_PATH_LEN+1];
5	char logFileName[MAX_PATH_LEN+1];	5	char logFileName[MAX_PATH_LEN+1];
Lines 8-75 Link Here
8	char cgiRoot[MAX_PATH_LEN+1]; /* root for CGI scripts exec */	8	char cgiRoot[MAX_PATH_LEN+1]; /* root for CGI scripts exec */
9	struct timeval sockTimeVal;	9	struct timeval sockTimeVal;
10	mimeData mimeArray; / here we will hold all MIME data, inited once, never to be changed */	10	mimeData mimeArray; / here we will hold all MIME data, inited once, never to be changed */
11	@@ -206,10 +207,10 @@	11	@@ -316,10 +317,13 @@
12	int reqSize;	12	reqStruct->keepAlive = YES;
13	int readLines;
14	int tokenEnd;
15	-
16	- /* we copy the header lines to an array for easier parsing */
17	+
18	+ /* we copy the header lines to an array for easier parsing */
19	/* but first we make sure that our string has a newline and an end */
20	- req[BUFFER_SIZE] = '\0';
21	+ req[BUFFER_SIZE] = '\0';
22	reqSize = strlen(req);
23	req[reqSize] = '\n';
24	reqSize++;
25	@@ -230,7 +231,7 @@
26	for (k = 0; k < readLines; k++)
27	printf("%d - \|%s\|\n", k, reqArray[k]);
28	#endif
29	-
30	+
31	/* first line: method, path and protocol version */
32	/* we copy to a temporary buffer to be more secure against overflows */
33	i = j = 0;
34	@@ -246,7 +247,7 @@
35	else
36	tokenEnd = NO;
37	i++;
38	-
39	+
40	/* we look for the document address */
41	j = 0;
42	reqStruct->documentAddress[0] = '\0';
43	@@ -259,14 +260,14 @@
44	else
45	token[j] = '\0'; /* to make sure we have a string */
46	/* now we need to convert some escapings from the path like %20 */
47	- convertPercents(token, j);
48	+ convertPercents(token, j);
49	strcpy(reqStruct->documentAddress, token); /* copy back */
50	if (reqArray[0][i] == '\0')
51	tokenEnd = YES;
52	else
53	tokenEnd = NO;
54	i++;
55	-
56	+
57	/* we need now to separate path from query string ("?" separated) */
58	if (reqArray[0][i-1] == '?')
59	{
60	@@ -282,7 +283,7 @@
61	i++;
62	}
63	}
64	-
65	+
66	/* we analyze the HTTP protocol version */
67	/* default is 0.9 since that version didn't report itself */
68	strcpy(reqStruct->protocolVersion, "HTTP/0.9");
69	@@ -306,10 +307,13 @@
70	else if (!strncmp(reqArray[1], "Connection: Keep-Alive", strlen("Connection: keep-alive")))	13	else if (!strncmp(reqArray[1], "Connection: Keep-Alive", strlen("Connection: keep-alive")))
71	reqStruct->keepAlive = YES;	14	reqStruct->keepAlive = YES;
72
73	- /* user-agent, content-length and else */	15	- /* user-agent, content-length and else */
74	+ /* user-agent, content-length, content-type, cookie and else */	16	+ /* user-agent, content-length, content-type, cookie and else */
75	i = 1;	17	i = 1;
Lines 81-87 Link Here
81	while (i < readLines)	23	while (i < readLines)
82	{	24	{
83	if (!strncmp(reqArray[i], "User-Agent:", strlen("User-Agent:")))	25	if (!strncmp(reqArray[i], "User-Agent:", strlen("User-Agent:")))
84	@@ -317,14 +321,28 @@	26	@@ -327,14 +331,28 @@
85	strncpy(reqStruct->userAgent, &reqArray[i][strlen("User-Agent: ")], USER_AGENT_LEN - 1);	27	strncpy(reqStruct->userAgent, &reqArray[i][strlen("User-Agent: ")], USER_AGENT_LEN - 1);
86	reqStruct->userAgent[USER_AGENT_LEN] = '\0';	28	reqStruct->userAgent[USER_AGENT_LEN] = '\0';
87	}	29	}
Lines 93-103 Link Here
93	+ {	35	+ {
94	+ strcpy(token, &reqArray[i][strlen("Content-length: ")]);	36	+ strcpy(token, &reqArray[i][strlen("Content-length: ")]);
95	+ sscanf(token, "%ld", &(reqStruct->contentLength));	37	+ sscanf(token, "%ld", &(reqStruct->contentLength));
96	#ifdef PRINTF_DEBUG	38	+#ifdef PRINTF_DEBUG
97	- printf("content length %ld\n", reqStruct->contentLength);
98	+ printf("content length %ld\n", reqStruct->contentLength);	39	+ printf("content length %ld\n", reqStruct->contentLength);
99	#endif	40	+#endif
100	- }
101	+ }	41	+ }
102	+ else if (!strncmp(reqArray[i], "Content-Type:", strlen("Content-type:")) \|\| !strncmp(reqArray[i], "Content-type:", strlen("Content-type:")))	42	+ else if (!strncmp(reqArray[i], "Content-Type:", strlen("Content-type:")) \|\| !strncmp(reqArray[i], "Content-type:", strlen("Content-type:")))
103	+ {	43	+ {
Lines 109-122 Link Here
109	+ else if (!strncmp(reqArray[i], "Cookie:", strlen("Cookie:")))	49	+ else if (!strncmp(reqArray[i], "Cookie:", strlen("Cookie:")))
110	+ {	50	+ {
111	+ strncpy(reqStruct->cookie, &reqArray[i][strlen("Cookie: ")], MAX_COOKIE_LEN - 1);	51	+ strncpy(reqStruct->cookie, &reqArray[i][strlen("Cookie: ")], MAX_COOKIE_LEN - 1);
112	+#ifdef PRINTF_DEBUG	52	#ifdef PRINTF_DEBUG
		53	- printf("content length %ld\n", reqStruct->contentLength);
113	+ printf("cookie %s\n", reqStruct->cookie);	54	+ printf("cookie %s\n", reqStruct->cookie);
114	+#endif	55	#endif
		56	- }
115	+ }	57	+ }
116	i++;	58	i++;
117	}	59	}
118	/* if we didn't find a User-Aget we fill in a (N)ot(R)ecognized */	60	/* if we didn't find a User-Agent we fill in a (N)ot(R)ecognized */
119	@@ -414,18 +432,39 @@	61	@@ -431,18 +449,39 @@
120	/* we append the default file name */	62	/* we append the default file name */
121	strcat(completeFilePath, defaultFileName);	63	strcat(completeFilePath, defaultFileName);
122	analyzeExtension(mimeType, completeFilePath);	64	analyzeExtension(mimeType, completeFilePath);
Lines 159-165 Link Here
159	}	101	}
160	}	102	}
161	} else if (!strcmp(req.method, "HEAD"))	103	} else if (!strcmp(req.method, "HEAD"))
162	@@ -494,7 +533,14 @@	104	@@ -511,7 +550,14 @@
163	strcat(completeFilePath, defaultFileName);	105	strcat(completeFilePath, defaultFileName);
164	}	106	}
165	analyzeExtension(mimeType, completeFilePath);	107	analyzeExtension(mimeType, completeFilePath);
Lines 175-181 Link Here
175	}	117	}
176	} else if (!strcmp(req.method, "POST"))	118	} else if (!strcmp(req.method, "POST"))
177	{	119	{
178	@@ -507,13 +553,6 @@	120	@@ -525,13 +571,6 @@
179	int readFinished;	121	int readFinished;
180		122
181	printf("Handling of POST method\n");	123	printf("Handling of POST method\n");
Lines 189-238 Link Here
189	#ifdef PRINTF_DEBUG	131	#ifdef PRINTF_DEBUG
190	printf ("begin of post handling\n");	132	printf ("begin of post handling\n");
191		133
192	@@ -523,9 +562,15 @@	134	@@ -625,7 +664,77 @@
193	totalRead = 0;
194	stuckCounter = 0;
195	timeOutCounter = 0;
196	- while (!readFinished)
197	- {
198	- howMany = recv(newSocket, tempBuff, BUFFER_SIZE, 0);
199	+
200	+ /* SECURITY: Avoid malicious Content-Length -- check \r\n\r\n\0 also */
201	+ if (req.contentLength < 0 \|\| req.contentLength >= BUFFER_SIZE-5) {
202	+ sayError(sock, 500, "", req);
203	+ return -1;
204	+ }
205	+
206	+ /* SECURITY: Remove loop to prevent buffer overflow */
207	+ howMany = recv(newSocket, tempBuff, req.contentLength+5, 0);
208	tempBuff[howMany] = '\0'; /* seems that some Unices need this */
209	#ifdef PRINTF_DEBUG
210	printf ("read: %d\n%s\n", howMany, tempBuff);
211	@@ -579,16 +624,15 @@
212	if (howMany == req.contentLength)
213	readFinished = YES;
214	}
215	- }
216	#ifdef PRINTF_DEBUG
217	- printf("total read %d\n", totalRead);
218	+ printf("total read %d\n", totalRead);
219	#endif
220	- if (totalRead == 0)
221	- {
222	- printf("Request read error\n");
223	- } else
224	- {
225	- if (buff[totalRead - 1] != '\n') /* we need a trailing \n or the script will wait forever */
226	+ if (totalRead == 0)
227	+ {
228	+ printf("Request read error\n");
229	+ } else
230	+ {
231	+ if (buff[totalRead - 1] != '\n') /* we need a trailing \n or the script will wait forever */
232	{
233	buff[totalRead++] = '\n';
234	buff[totalRead] = '\0';
235	@@ -596,7 +640,77 @@
236	#ifdef PRINTF_DEBUG	135	#ifdef PRINTF_DEBUG
237	printf("buff: \|%s\|\n", buff);	136	printf("buff: \|%s\|\n", buff);
238	#endif	137	#endif
Lines 311-317 Link Here
311	}	210	}
312	} else	211	} else
313	{	212	{
314	@@ -625,7 +739,7 @@	213	@@ -654,7 +763,7 @@
315	f = fopen(configFile, "r");	214	f = fopen(configFile, "r");
316	if (f == NULL)	215	if (f == NULL)
317	{	216	{
Lines 320-326 Link Here
320	*serverPort = DEFAULT_PORT;	219	*serverPort = DEFAULT_PORT;
321	*maxChildren = DEFAULT_MAX_CHILDREN;	220	*maxChildren = DEFAULT_MAX_CHILDREN;
322	strcpy(homePath, DEFAULT_DOCS_LOCATION);	221	strcpy(homePath, DEFAULT_DOCS_LOCATION);
323	@@ -634,7 +748,9 @@	222	@@ -663,7 +772,9 @@
324	sockTimeVal.tv_usec = DEFAULT_USEC_TO;	223	sockTimeVal.tv_usec = DEFAULT_USEC_TO;
325	strcpy(logFileName, DEFAULT_LOG_FILE);	224	strcpy(logFileName, DEFAULT_LOG_FILE);
326	strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);	225	strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);
Lines 330-336 Link Here
330	return -1;	229	return -1;
331	}	230	}
332	if (!feof(f)) fscanf(f, "%s %s", str1, str2);	231	if (!feof(f)) fscanf(f, "%s %s", str1, str2);
333	@@ -735,11 +851,25 @@	232	@@ -764,11 +875,25 @@
334	if (mimeTypesFileName == NULL)	233	if (mimeTypesFileName == NULL)
335	{	234	{
336	strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);	235	strcpy(mimeTypesFileName, DEFAULT_MIME_FILE);
Lines 358-386 Link Here
358	}	257	}
359	if (!feof(f)) fscanf(f, "%s %s", str1, str2);	258	if (!feof(f)) fscanf(f, "%s %s", str1, str2);
360	if (str1 != NULL && str2 != NULL && !strcmp(str1, "cgiRoot"))	259	if (str1 != NULL && str2 != NULL && !strcmp(str1, "cgiRoot"))
361	@@ -775,6 +905,7 @@
362	int readFinished;
363	struct request gottenReq;
364	int isKeepAlive;
365	+ int bool;
366	struct sockaddr_in listenName; /* data struct for the listen port */
367	struct sockaddr_in acceptedSockStruct; /* sockaddr for the internetworking */
368	int acceptedSocketLen; /* size of the structure */
369	@@ -808,9 +939,16 @@
370	printf("socket creation error occoured\n");
371	return -1;
372	}
373	+ bool = 1;
374	+ error = setsockopt (theSocket, SOL_SOCKET, SO_REUSEADDR, &bool, sizeof(bool));
375	+ if (error == -1)
376	+ { if (errno == EADDRINUSE)
377	+ printf("set socket option error occoured\n");
378	+ return -1;
379	+ }
380	error = bind (theSocket, (struct sockaddr*) &listenName, sizeof(listenName));
381	if (error == -1)
382	- {
383	+ { if (errno == EADDRINUSE)
384	printf("socket binding error occoured\n");
385	return -2;
386	}

Lines 1-25 Link Here

(-)pserv/files/patch-main.h (-16 / +16 lines)
1	--- main.h.orig Sun Oct 19 17:22:03 2003	1	--- sources/main.h.orig Sat Dec 20 11:16:21 2003
2	+++ main.h Tue Oct 21 00:19:57 2003	2	+++ sources/main.h Thu Jan 8 12:31:15 2004
3	@@ -27,11 +27,12 @@	3	@@ -27,12 +27,13 @@
4		4
5		5
6	/* --- CPP parsing options --- */	6	/* --- CPP parsing options --- */
7	-#define PRINTF_DEBUG /* enable this to print some debugging messages */	7	-#define PRINTF_DEBUG /* enable this to print some debugging messages */
8	+#undef PRINTF_DEBUG /* enable this to print some debugging messages */	8	+#undef PRINTF_DEBUG /* enable this to print some debugging messages */
9	#undef ON_THE_FLY_CONVERSION /* enable this for line ending conversion */	9	#undef ON_THE_FLY_CONVERSION /* enable this for line ending conversion */
10	#undef BRAIN_DEAD_CAST /* if your compiler is brainwashed and does not cast standard types.h structures */	10	#define BRAIN_DEAD_CAST /* if your compiler is brainwashed and does not cast standard types.h structures */
11	#define FORKING_SERVER /* enables to fork for every request */	11	#define FORKING_SERVER /* enables to fork for every request */
12	#define AUTO_INDEX /* enables auto-index of directories */	12	#define AUTO_INDEX /* enables auto-index of directories */
13	+#define PHP /* enables transparent PHP support */	13	#define SOCKADDR_REUSE /* enables reuse oth the socket (quick relaunch) */
		14	+#define PHP /* enables transparent PHP support */
		15
14		16
15	/* --- Configure options --- */	17	/* --- Configure options --- */
16	#define CONFIG_FILE_NAME "pserv.conf"	18	@@ -44,18 +45,19 @@
17	@@ -42,19 +43,19 @@
18	#define MIME_TYPE_DEFAULT "application/octet-stream"	19	#define MIME_TYPE_DEFAULT "application/octet-stream"
19		20
20	/* configuration file location */	21	/* configuration file location */
21	-#define DEFAULT_CONFIG_LOCATION "/home/multix/pserv/"	22	-#define DEFAULT_CONFIG_LOCATION "/home/multix/pserv/defaults/"
22	-//#define DEFAULT_CONFIG_LOCATION "/Users/multix/Documents/code/pserv/"
23	+#define DEFAULT_CONFIG_LOCATION "/usr/local/etc/"	23	+#define DEFAULT_CONFIG_LOCATION "/usr/local/etc/"
24		24
25	/* hard-wired defaults, if loading of config file fails */	25	/* hard-wired defaults, if loading of config file fails */
Lines 31-39 Link Here
31	#define DEFAULT_FILE_NAME "index.html"	31	#define DEFAULT_FILE_NAME "index.html"
32	#define DEFAULT_SEC_TO 1	32	#define DEFAULT_SEC_TO 1
33	#define DEFAULT_USEC_TO 100	33	#define DEFAULT_USEC_TO 100
34	-#define DEFAULT_LOG_FILE "/export/home/multix/pserv/pserv.log"	34	-#define DEFAULT_LOG_FILE "/home/multix/pserv/pserv.log"
35	-#define DEFAULT_MIME_FILE "/export/home/multix/pserv/mime_types.dat"	35	-#define DEFAULT_MIME_FILE "/home/multix/pserv/mime_types.dat"
36	-#define DEFAULT_CGI_ROOT "/export/home/multix/public_html/cgi-bin"	36	-#define DEFAULT_CGI_ROOT "/home/multix/public_html/cgi-bin"
37	+#define DEFAULT_LOG_FILE "/var/log/pserv.log"	37	+#define DEFAULT_LOG_FILE "/var/log/pserv.log"
38	+#define DEFAULT_MIME_FILE "/usr/local/etc/mime.types"	38	+#define DEFAULT_MIME_FILE "/usr/local/etc/mime.types"
39	+#define DEFAULT_PHP_FILE "/usr/local/bin/php"	39	+#define DEFAULT_PHP_FILE "/usr/local/bin/php"
Lines 41-47 Link Here
41	#define DEFAULT_SERVER_NAME "localhost"	41	#define DEFAULT_SERVER_NAME "localhost"
42		42
43	/* amount of connections queued in listening */	43	/* amount of connections queued in listening */
44	@@ -123,8 +124,10 @@	44	@@ -127,8 +129,10 @@
45	#define ADDRESS_LEN 16	45	#define ADDRESS_LEN 16
46	#define METHOD_LEN 16	46	#define METHOD_LEN 16
47	#define PROTOCOL_LEN 16	47	#define PROTOCOL_LEN 16
Lines 52-58 Link Here
52		52
53	/* the maximum path name of your system should be available in MAXNAMLEN	53	/* the maximum path name of your system should be available in MAXNAMLEN
54	defined in dirent.h. If not, set a reasonable value like 1024 */	54	defined in dirent.h. If not, set a reasonable value like 1024 */
55	@@ -139,7 +142,9 @@	55	@@ -143,7 +147,9 @@
56	char protocolVersion[PROTOCOL_LEN+1];	56	char protocolVersion[PROTOCOL_LEN+1];
57	int keepAlive;	57	int keepAlive;
58	char userAgent[USER_AGENT_LEN+1];	58	char userAgent[USER_AGENT_LEN+1];