SecBSD/src
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sync code with last fixes and improvements from OpenBSD

Browse source
This commit is contained in:
purplerain 2023-07-20 23:56:46 +00:00
parent f57be82572
commit 58b04bcee7
Signed by: purplerain
GPG key ID: F42C07F07E2E35B7
468 changed files with 9958 additions and 7882 deletions
Download patch file Download diff file Expand all files Collapse all files

5
usr.sbin/httpd/httpd.h
View file

@ -1,4 +1,4 @@
/* $OpenBSD: httpd.h,v 1.162 2022/10/24 15:02:01 jmc Exp $ */
/* $OpenBSD: httpd.h,v 1.163 2023/07/12 12:37:27 tb Exp $ */
/*
* Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@ -45,7 +45,7 @@
#define CONF_FILE "/etc/httpd.conf"
#define HTTPD_USER "www"
#define HTTPD_SERVERNAME "Windows 3.11"
#define HTTPD_SERVERNAME "Tezcatlipoca"
#define HTTPD_DOCROOT "/htdocs"
#define HTTPD_ERRDOCTEMPLATE "err" /* 3-char name */
#define HTTPD_ERRDOCROOT_MAX (PATH_MAX - sizeof("000.html"))
@ -352,6 +352,7 @@ struct client {
int clt_inflight;
struct range_data clt_ranges;
struct fcgi_data clt_fcgi;
const char *clt_fcgi_error;
char *clt_remote_user;
struct evbuffer *clt_srvevb;

7
usr.sbin/httpd/server.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: server.c,v 1.126 2021/07/14 13:33:57 kn Exp $ */
/* $OpenBSD: server.c,v 1.127 2023/07/12 12:37:27 tb Exp $ */
/*
* Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@ -1300,6 +1300,11 @@ server_close(struct client *clt, const char *msg)
{
struct server *srv = clt->clt_srv;
if (clt->clt_fcgi_error != NULL) {
clt->clt_fcgi_error = msg;
return;
}
SPLAY_REMOVE(client_tree, &srv->srv_clients, clt);
/* free the HTTP descriptors incl. headers */

13
usr.sbin/httpd/server_fcgi.c
View file

@ -1,4 +1,4 @@
/* $OpenBSD: server_fcgi.c,v 1.95 2022/08/15 12:29:17 claudio Exp $ */
/* $OpenBSD: server_fcgi.c,v 1.96 2023/07/12 12:37:28 tb Exp $ */
/*
* Copyright (c) 2014 Florian Obser <florian@openbsd.org>
@ -372,7 +372,18 @@ server_fcgi(struct httpd *env, struct client *clt)
srv_conf->timeout.tv_sec, srv_conf->timeout.tv_sec);
bufferevent_enable(clt->clt_srvbev, EV_READ|EV_WRITE);
if (clt->clt_toread != 0) {
/*
* XXX - Work around UAF: server_read_httpcontent() can call
* server_close(), normally freeing clt. If clt->clt_fcgi_error
* changed, call server_close() via server_abort_http().
*/
clt->clt_fcgi_error = "";
server_read_httpcontent(clt->clt_bev, clt);
errstr = clt->clt_fcgi_error;
clt->clt_fcgi_error = NULL;
if (errstr[0] != '\0')
goto fail;
errstr = NULL;
bufferevent_enable(clt->clt_bev, EV_READ);
} else {
bufferevent_disable(clt->clt_bev, EV_READ);