o add search-word support for CGI
o fix a security issue in CGI suffix handler support which would
allow remote code execution, from shm@netbsd.org
o -C option supports now CGI scripts only
will be included in the HTTP reply. We define this as we are about to
add an authentication method that may need to have a conversation with
the client.
- don't call getpwuid(0) if we don't need to, or fail it it fails,
and remove the 'username' member of bozohttpd_t since it is not
used outside of bozo_setup().
- bozostrdup() gains a request parameter, and uses it to determine
what sort of error handling is required
- bozo_strdup() dies
- size_arrays() reduced slightly, pushing error handling into the caller
- convert to size_t for some array indices
- bozo_set_pref() and bozo_init_prefs() gain httpd parameters
- apply a bunch of manual CSE to vastly reduce the number of times the
string "request->hr_httpd" appears.
- CGI parse_header() takes a request not httpd now
XXX: lua glue updated to call bozo_init_prefs() with htttpd parameter,
but i'm only guessing here.
code duplication.
Note that bozo_strdup is different that bozostrdup; the _ routines exit
loging error to syslog or stderr, whereas the non _ routines send error
responses to the http client.
Stop using Lua builtin print function and replace them with http.* ones.
httpd.print and http.write wraps SSL support when needed.
Print http headers, without them browser may interpret page as raw text.
No need to hardcode prefix path in the form.
Add comments for a user with tips how to use this script.
Patch by Travis Paul
Closes PR misc/50502
free it. Allocating from the stack does not return null, and freeing it
will have unpredictable results. use malloc instead.
- now we are using malloc remove -Wno-stack-protector kludge
* add redirects to ~user translation
* fix bugs around ~user translation
* add schema detection for absolute redirects
* fixed few memory leaks
* bunch of minor tweaks
* removed -r support
* smarter redirects
OK mrg@
Therefore, storing the value in the superblock and reading it out
again is silly and offers the opportunity for it to become corrupted.
So, don't do that (most of the code already didn't) and use the
existing constant instead. Initialize new 32-bit superblocks with
the value for the sake of old userland programs, but don't keep the
value in the 64-bit superblock at all.
(approved by Margo Seltzer)
This prevents regressions in the ulfs code when switching to the new
accessors. Note that while adding byteswapping to the other accessors
is straightforward, I haven't done it yet; and that also is not enough
to make LFS_EI work, because there are places lying around that bypass
the accessors for one reason and another and all of them need to be
updated. That is going to have to wait for a later day as LFS_EI is
not on the critical path right now.
