Bug 219011 - www/shttpd does not work in inetd mode
Summary: www/shttpd does not work in inetd mode
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Daniel Engberg
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-02 04:57 UTC by Dan
Modified: 2022-04-04 18:30 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (valenok)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dan 2017-05-02 04:57:41 UTC
Overview: www/shttpd includes a switch to run under inetd(8), and a sample line for inetd.conf. When run from inetd, shttpd attempts to open a listening socket, instead of using stdin/stdout for communications, and sends an error message back to the browser.

Steps to reproduce:
- pkg install shttpd
- copy inetd.conf line from man page (http stream tcp nowait nobody /bin/shttpd shttpd -inetd 1 -root /var/www)
- place a text file in the webroot for shttpd to serve
- service inetd reload
- attempt to browse to web server (e.g., http://server.local/)

Actual results:
Web browser displays an error that should have gone to stderr. There's no HTTP headers, so this probably shouldn't go out on the wire. Also note that even if the actual port is changed (by replacing 'http' in the inetd.conf line with another service), shttpd still tries to open the default port 80. If you include a -ports ## switch in the inetd command line, it will attempt to open that port, and if the port is above 1024, you'll get a segfault instead (see additional info below.)
open_listening_port(80): Permission denied
cannot open port 80
Cannot initialize SHTTPD context

Expected results:
shttpd auto-generates a directory listing, or serves up the index.htm file, if it exists. Compare to non-inetd functionality: remove the inetd entry, run shttpd -root /var/www -ports 8080 (or run as root), and then access the server.

Build and hardware:
shttpd 1.42, FreeBSD 11.0-RELEASE-p10, amd64

Additional information:
This failure can also be provoked on the command line, by using echo 'GET / HTTP/1.1' | shttpd -inetd 1. I'm not too good with C, so I couldn't track it down myself, but in the source file shttpd.c, the similar-but-distinct set_opt() (line 1780) and shttpd_set_option() (line 1689) look like an option may not get properly set, depending on which version is used. Also, set_inetd() (line 1392) is asking for a segfault by setting ctx to NULL and then dereferencing it. This segfault can be observed by running from the command line, as above, and adding '-ports 8080', or any other unprivileged port.
Comment 1 Walter Schwarzenfeld freebsd_triage 2018-02-03 02:06:36 UTC
Feedback please!
Comment 2 Matthias Andree freebsd_committer freebsd_triage 2019-09-07 11:11:13 UTC
It would seem shttpd hasn't been maintained in 10+ years, and its web site also refers to Mongoose. 

Dan, Is the port useful outside inetd?

If it's not, I'd propose sunsetting it.
Comment 3 Dan 2019-12-13 16:39:00 UTC
It worked better outside inetd, but the short time I spent glancing over the code convinced me to move to the port of OpenBSD's httpd. I think sunsetting this port is a good idea.
Comment 4 commit-hook freebsd_committer freebsd_triage 2022-04-04 18:29:04 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=3837dd00cf97cbed54ee2454ca68fda0f7d83342

commit 3837dd00cf97cbed54ee2454ca68fda0f7d83342
Author:     Daniel Engberg <diizzy@FreeBSD.org>
AuthorDate: 2022-04-04 18:23:34 +0000
Commit:     Daniel Engberg <diizzy@FreeBSD.org>
CommitDate: 2022-04-04 18:27:53 +0000

    www/shttpd: Deprecate and set expiration date to 2022-04-31

    Hasn't been maintained in 12+ years and upstream moved on to create
    mongoose (www/mongoose in tree)

    PR:             219011
    Reported by:    dfenwick@fastmail.com, mandree

 www/shttpd/Makefile | 3 +++
 1 file changed, 3 insertions(+)