mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-11-24 00:56:14 +02:00
Add mini_httpd package
git-svn-id: svn://svn.openwrt.org/openwrt/trunk/openwrt@1267 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
554242631b
commit
428aafa72a
@ -48,6 +48,7 @@ source "package/kismet/Config.in"
|
||||
source "package/l2tpd/Config.in"
|
||||
source "package/lighttpd/Config.in"
|
||||
source "package/maradns/Config.in"
|
||||
source "package/mini_httpd/Config.in"
|
||||
source "package/ndisc/Config.in"
|
||||
source "package/net-snmp/Config.in"
|
||||
source "package/nfs-server/Config.in"
|
||||
|
@ -62,6 +62,7 @@ package-$(BR2_PACKAGE_MARADNS) += maradns
|
||||
package-$(BR2_PACKAGE_MATRIXSSL) += matrixssl
|
||||
package-$(BR2_PACKAGE_MICROCOM) += microcom
|
||||
package-$(BR2_PACKAGE_MICROPERL) += microperl
|
||||
package-$(BR2_PACKAGE_MINI_HTTPD) += mini_httpd
|
||||
package-$(BR2_PACKAGE_MONIT) += monit
|
||||
package-$(BR2_PACKAGE_MYSQL) += mysql
|
||||
package-$(BR2_PACKAGE_NCURSES) += ncurses
|
||||
@ -149,6 +150,7 @@ libgd-compile: libpng-compile
|
||||
libnet-compile: libpcap-compile
|
||||
libnids-compile: libnet-compile
|
||||
lighttpd-compile: openssl-compile pcre-compile
|
||||
mini_httpd-compile: matrixssl-compile
|
||||
mysql-compile: ncurses-compile zlib-compile
|
||||
net-snmp-compile: libelf-compile
|
||||
nfs-server-compile: portmap-compile
|
||||
|
24
package/mini_httpd/Config.in
Normal file
24
package/mini_httpd/Config.in
Normal file
@ -0,0 +1,24 @@
|
||||
config BR2_PACKAGE_MINI_HTTPD
|
||||
tristate "mini-httpd - A small web server"
|
||||
default m if CONFIG_DEVEL
|
||||
help
|
||||
mini_httpd is a small HTTP server. Its performance is not great, but for
|
||||
low or medium traffic sites it's quite adequate. It implements all the
|
||||
basic features of an HTTP server, including:
|
||||
|
||||
* GET, HEAD, and POST methods.
|
||||
* CGI.
|
||||
* Basic authentication.
|
||||
* Security against ".." filename snooping.
|
||||
* The common MIME types.
|
||||
* Trailing-slash redirection.
|
||||
* index.html, index.htm, index.cgi
|
||||
* Directory listings.
|
||||
* Multihoming / virtual hosting.
|
||||
* Standard logging.
|
||||
* Custom error pages.
|
||||
|
||||
It can also be configured to do SSL/HTTPS and IPv6.
|
||||
|
||||
http://www.acme.com/software/mini_httpd/
|
||||
|
45
package/mini_httpd/Makefile
Normal file
45
package/mini_httpd/Makefile
Normal file
@ -0,0 +1,45 @@
|
||||
# $Id$
|
||||
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=mini-httpd
|
||||
PKG_VERSION:=1.19
|
||||
PKG_RELEASE:=1
|
||||
PKG_MD5SUM:=792a529dfe974355aad8ba6c80e54e7a
|
||||
|
||||
PKG_SOURCE_URL:=http://www.acme.com/software/mini_httpd/
|
||||
PKG_SOURCE:=mini_httpd-$(PKG_VERSION).tar.gz
|
||||
PKG_CAT:=zcat
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/mini_httpd-$(PKG_VERSION)
|
||||
|
||||
include $(TOPDIR)/package/rules.mk
|
||||
|
||||
$(eval $(call PKG_template,MINI_HTTPD,mini-httpd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH)))
|
||||
|
||||
|
||||
$(PKG_BUILD_DIR)/.configured:
|
||||
cp -f ./files/matrixssl_helper.{c,h} $(PKG_BUILD_DIR)/
|
||||
touch $@
|
||||
|
||||
$(PKG_BUILD_DIR)/.built:
|
||||
$(MAKE) -C $(PKG_BUILD_DIR) \
|
||||
CC=$(TARGET_CC) \
|
||||
OFLAGS="$(TARGET_CFLAGS)" \
|
||||
SSL_INC="-I$(STAGING_DIR)/usr/include" \
|
||||
SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lmatrixssl" \
|
||||
all
|
||||
touch $@
|
||||
|
||||
$(IPKG_MINI_HTTPD):
|
||||
install -d -m0755 $(IDIR_MINI_HTTPD)/etc
|
||||
install -m0644 ./files/mini_httpd.conf $(IDIR_MINI_HTTPD)/etc/
|
||||
install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD)/etc/
|
||||
install -d -m0755 $(IDIR_MINI_HTTPD)/etc/default
|
||||
install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD)/etc/default/mini_httpd
|
||||
install -d -m0755 $(IDIR_MINI_HTTPD)/etc/init.d
|
||||
install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD)/etc/init.d/mini_httpd
|
||||
install -d -m0755 $(IDIR_MINI_HTTPD)/usr/sbin
|
||||
install -m0755 $(PKG_BUILD_DIR)/mini_httpd $(IDIR_MINI_HTTPD)/usr/sbin/
|
||||
$(RSTRIP) $(IDIR_MINI_HTTPD)
|
||||
$(IPKG_BUILD) $(IDIR_MINI_HTTPD) $(PACKAGE_DIR)
|
455
package/mini_httpd/files/matrixssl_helper.c
Normal file
455
package/mini_httpd/files/matrixssl_helper.c
Normal file
@ -0,0 +1,455 @@
|
||||
/*
|
||||
* MatrixSSL helper functions
|
||||
*
|
||||
* Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* Portions borrowed from MatrixSSL example code
|
||||
*
|
||||
*/
|
||||
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <netinet/tcp.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "matrixssl_helper.h"
|
||||
|
||||
#define SSL_SOCKET_EOF 0x0001
|
||||
#define SSL_SOCKET_CLOSE_NOTIFY 0x0002
|
||||
|
||||
#define min(a, b) ( (a) < (b) ) ? (a) : (b)
|
||||
|
||||
static int _ssl_read(SSL *ssl, char *buf, int len);
|
||||
static int _ssl_write(SSL *ssl, char *buf, int len);
|
||||
static void _ssl_setSocketBlock(int fd);
|
||||
static void _ssl_setSocketNonblock(int fd);
|
||||
static void _ssl_closeSocket(int fd);
|
||||
|
||||
|
||||
SSL * SSL_new(sslKeys_t *keys)
|
||||
{
|
||||
SSL * ssl;
|
||||
ssl = (SSL *)malloc(sizeof(SSL));
|
||||
|
||||
if (!ssl) return 0;
|
||||
|
||||
ssl->keys = keys;
|
||||
if ( matrixSslNewSession(&(ssl->ssl), ssl->keys, NULL, SSL_FLAGS_SERVER) < 0 ) {
|
||||
}
|
||||
|
||||
ssl->insock.size = 1024;
|
||||
ssl->insock.buf = ssl->insock.start = ssl->insock.end =
|
||||
(unsigned char *)malloc(ssl->insock.size);
|
||||
|
||||
ssl->outsock.size = 1024;
|
||||
ssl->outsock.buf = ssl->outsock.start = ssl->outsock.end =
|
||||
(unsigned char *)malloc(ssl->outsock.size);
|
||||
|
||||
ssl->inbuf.size = 0;
|
||||
ssl->inbuf.buf = ssl->inbuf.start = ssl->inbuf.end = NULL;
|
||||
|
||||
return ssl;
|
||||
}
|
||||
|
||||
|
||||
int SSL_accept(SSL *ssl) {
|
||||
|
||||
unsigned char buf[1024];
|
||||
int status, rc;
|
||||
|
||||
readMore:
|
||||
rc = _ssl_read(ssl, buf, sizeof(buf));
|
||||
if (rc == 0) {
|
||||
if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
|
||||
SSL_free(ssl);
|
||||
return -1;
|
||||
}
|
||||
if (matrixSslHandshakeIsComplete(ssl->ssl) == 0) {
|
||||
goto readMore;
|
||||
}
|
||||
} else if (rc > 0) {
|
||||
return 0;
|
||||
} else {
|
||||
SSL_free(ssl);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
void SSL_set_fd(SSL *ssl, int fd) {
|
||||
ssl->fd = fd;
|
||||
}
|
||||
|
||||
|
||||
int SSL_read(SSL *ssl, char *buf, int len) {
|
||||
int rc;
|
||||
readMore:
|
||||
rc = _ssl_read(ssl, buf, len);
|
||||
if (rc <= 0) {
|
||||
if (rc < 0 || ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
|
||||
_ssl_closeSocket(ssl->fd);
|
||||
return rc;
|
||||
}
|
||||
goto readMore;
|
||||
}
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
int SSL_write(SSL *ssl, char *buf, int len) {
|
||||
int rc;
|
||||
writeMore:
|
||||
rc = _ssl_write(ssl, buf, len);
|
||||
if (rc <= 0) {
|
||||
if (rc < 0) {
|
||||
return rc;
|
||||
}
|
||||
goto writeMore;
|
||||
}
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
void SSL_free(SSL * ssl)
|
||||
{
|
||||
matrixSslDeleteSession(ssl->ssl);
|
||||
if (ssl->insock.buf) {
|
||||
free(ssl->insock.buf);
|
||||
}
|
||||
if (ssl->outsock.buf) {
|
||||
free(ssl->outsock.buf);
|
||||
}
|
||||
if (ssl->inbuf.buf) {
|
||||
free(ssl->inbuf.buf);
|
||||
}
|
||||
free(ssl);
|
||||
}
|
||||
|
||||
|
||||
|
||||
static void _ssl_setSocketBlock(int fd)
|
||||
{
|
||||
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK);
|
||||
fcntl(fd, F_SETFD, FD_CLOEXEC);
|
||||
}
|
||||
|
||||
|
||||
static void _ssl_setSocketNonblock(int fd)
|
||||
{
|
||||
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
|
||||
}
|
||||
|
||||
|
||||
static void _ssl_closeSocket(int fd)
|
||||
{
|
||||
char buf[32];
|
||||
|
||||
if (fd != -1) {
|
||||
_ssl_setSocketNonblock(fd);
|
||||
if (shutdown(fd, 1) >= 0) {
|
||||
while (recv(fd, buf, sizeof(buf), 0) > 0);
|
||||
}
|
||||
close(fd);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
static int _ssl_read(SSL *ssl, char *buf, int len)
|
||||
{
|
||||
int bytes, rc, remaining;
|
||||
unsigned char error, alertLevel, alertDescription, performRead;
|
||||
|
||||
ssl->status = 0;
|
||||
|
||||
if (ssl->ssl == NULL || len <= 0) {
|
||||
return -1;
|
||||
}
|
||||
/*
|
||||
If inbuf is valid, then we have previously decoded data that must be
|
||||
returned, return as much as possible. Once all buffered data is
|
||||
returned, free the inbuf.
|
||||
*/
|
||||
if (ssl->inbuf.buf) {
|
||||
if (ssl->inbuf.start < ssl->inbuf.end) {
|
||||
remaining = (int)(ssl->inbuf.end - ssl->inbuf.start);
|
||||
bytes = (int)min(len, remaining);
|
||||
memcpy(buf, ssl->inbuf.start, bytes);
|
||||
ssl->inbuf.start += bytes;
|
||||
return bytes;
|
||||
}
|
||||
free(ssl->inbuf.buf);
|
||||
ssl->inbuf.buf = NULL;
|
||||
}
|
||||
/*
|
||||
Pack the buffered socket data (if any) so that start is at zero.
|
||||
*/
|
||||
if (ssl->insock.buf < ssl->insock.start) {
|
||||
if (ssl->insock.start == ssl->insock.end) {
|
||||
ssl->insock.start = ssl->insock.end = ssl->insock.buf;
|
||||
} else {
|
||||
memmove(ssl->insock.buf, ssl->insock.start, ssl->insock.end - ssl->insock.start);
|
||||
ssl->insock.end -= (ssl->insock.start - ssl->insock.buf);
|
||||
ssl->insock.start = ssl->insock.buf;
|
||||
}
|
||||
}
|
||||
/*
|
||||
Read up to as many bytes as there are remaining in the buffer. We could
|
||||
Have encrypted data already cached in conn->insock, but might as well read more
|
||||
if we can.
|
||||
*/
|
||||
performRead = 0;
|
||||
readMore:
|
||||
if (ssl->insock.end == ssl->insock.start || performRead) {
|
||||
performRead = 1;
|
||||
bytes = recv(ssl->fd, (char *)ssl->insock.end,
|
||||
(int)((ssl->insock.buf + ssl->insock.size) - ssl->insock.end), MSG_NOSIGNAL);
|
||||
if (bytes == -1) {
|
||||
ssl->status = errno;
|
||||
return -1;
|
||||
}
|
||||
if (bytes == 0) {
|
||||
ssl->status = SSL_SOCKET_EOF;
|
||||
return 0;
|
||||
}
|
||||
ssl->insock.end += bytes;
|
||||
}
|
||||
/*
|
||||
Define a temporary sslBuf
|
||||
*/
|
||||
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = (unsigned char *)malloc(len);
|
||||
ssl->inbuf.size = len;
|
||||
/*
|
||||
Decode the data we just read from the socket
|
||||
*/
|
||||
decodeMore:
|
||||
error = 0;
|
||||
alertLevel = 0;
|
||||
alertDescription = 0;
|
||||
|
||||
rc = matrixSslDecode(ssl->ssl, &ssl->insock, &ssl->inbuf, &error, &alertLevel,
|
||||
&alertDescription);
|
||||
switch (rc) {
|
||||
/*
|
||||
Successfully decoded a record that did not return data or require a response.
|
||||
*/
|
||||
case SSL_SUCCESS:
|
||||
return 0;
|
||||
/*
|
||||
Successfully decoded an application data record, and placed in tmp buf
|
||||
*/
|
||||
case SSL_PROCESS_DATA:
|
||||
/*
|
||||
Copy as much as we can from the temp buffer into the caller's buffer
|
||||
and leave the remainder in conn->inbuf until the next call to read
|
||||
It is possible that len > data in buffer if the encoded record
|
||||
was longer than len, but the decoded record isn't!
|
||||
*/
|
||||
rc = (int)(ssl->inbuf.end - ssl->inbuf.start);
|
||||
rc = min(rc, len);
|
||||
memcpy(buf, ssl->inbuf.start, rc);
|
||||
ssl->inbuf.start += rc;
|
||||
return rc;
|
||||
/*
|
||||
We've decoded a record that requires a response into tmp
|
||||
If there is no data to be flushed in the out buffer, we can write out
|
||||
the contents of the tmp buffer. Otherwise, we need to append the data
|
||||
to the outgoing data buffer and flush it out.
|
||||
*/
|
||||
case SSL_SEND_RESPONSE:
|
||||
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
|
||||
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
|
||||
if (bytes == -1) {
|
||||
ssl->status = errno;
|
||||
if (ssl->status != EAGAIN) {
|
||||
goto readError;
|
||||
}
|
||||
ssl->status = 0;
|
||||
}
|
||||
ssl->inbuf.start += bytes;
|
||||
if (ssl->inbuf.start < ssl->inbuf.end) {
|
||||
/*
|
||||
This must be a non-blocking socket since it didn't all get sent
|
||||
out and there was no error. We want to finish the send here
|
||||
simply because we are likely in the SSL handshake.
|
||||
*/
|
||||
_ssl_setSocketBlock(ssl->fd);
|
||||
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
|
||||
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
|
||||
if (bytes == -1) {
|
||||
ssl->status = errno;
|
||||
goto readError;
|
||||
}
|
||||
ssl->inbuf.start += bytes;
|
||||
/*
|
||||
Can safely set back to non-blocking because we wouldn't
|
||||
have got here if this socket wasn't non-blocking to begin with.
|
||||
*/
|
||||
_ssl_setSocketNonblock(ssl->fd);
|
||||
}
|
||||
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf;
|
||||
return 0;
|
||||
/*
|
||||
There was an error decoding the data, or encoding the out buffer.
|
||||
There may be a response data in the out buffer, so try to send.
|
||||
We try a single hail-mary send of the data, and then close the socket.
|
||||
Since we're closing on error, we don't worry too much about a clean flush.
|
||||
*/
|
||||
case SSL_ERROR:
|
||||
if (ssl->inbuf.start < ssl->inbuf.end) {
|
||||
_ssl_setSocketNonblock(ssl->fd);
|
||||
bytes = send(ssl->fd, (char *)ssl->inbuf.start,
|
||||
(int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
|
||||
}
|
||||
goto readError;
|
||||
/*
|
||||
We've decoded an alert. The level and description passed into
|
||||
matrixSslDecode are filled in with the specifics.
|
||||
*/
|
||||
case SSL_ALERT:
|
||||
if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) {
|
||||
ssl->status = SSL_SOCKET_CLOSE_NOTIFY;
|
||||
goto readZero;
|
||||
}
|
||||
goto readError;
|
||||
/*
|
||||
We have a partial record, we need to read more data off the socket.
|
||||
If we have a completely full conn->insock buffer, we'll need to grow it
|
||||
here so that we CAN read more data when called the next time.
|
||||
*/
|
||||
case SSL_PARTIAL:
|
||||
if (ssl->insock.start == ssl->insock.buf && ssl->insock.end ==
|
||||
(ssl->insock.buf + ssl->insock.size)) {
|
||||
if (ssl->insock.size > SSL_MAX_BUF_SIZE) {
|
||||
goto readError;
|
||||
}
|
||||
ssl->insock.size *= 2;
|
||||
ssl->insock.start = ssl->insock.buf =
|
||||
(unsigned char *)realloc(ssl->insock.buf, ssl->insock.size);
|
||||
ssl->insock.end = ssl->insock.buf + (ssl->insock.size / 2);
|
||||
}
|
||||
if (!performRead) {
|
||||
performRead = 1;
|
||||
free(ssl->inbuf.buf);
|
||||
ssl->inbuf.buf = NULL;
|
||||
goto readMore;
|
||||
} else {
|
||||
goto readZero;
|
||||
}
|
||||
/*
|
||||
The out buffer is too small to fit the decoded or response
|
||||
data. Increase the size of the buffer and call decode again
|
||||
*/
|
||||
case SSL_FULL:
|
||||
ssl->inbuf.size *= 2;
|
||||
if (ssl->inbuf.buf != (unsigned char*)buf) {
|
||||
free(ssl->inbuf.buf);
|
||||
ssl->inbuf.buf = NULL;
|
||||
}
|
||||
ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf =
|
||||
(unsigned char *)malloc(ssl->inbuf.size);
|
||||
goto decodeMore;
|
||||
}
|
||||
/*
|
||||
We consolidated some of the returns here because we must ensure
|
||||
that conn->inbuf is cleared if pointing at caller's buffer, otherwise
|
||||
it will be freed later on.
|
||||
*/
|
||||
readZero:
|
||||
if (ssl->inbuf.buf == (unsigned char*)buf) {
|
||||
ssl->inbuf.buf = NULL;
|
||||
}
|
||||
return 0;
|
||||
readError:
|
||||
if (ssl->inbuf.buf == (unsigned char*)buf) {
|
||||
ssl->inbuf.buf = NULL;
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int _ssl_write(SSL *ssl, char *buf, int len)
|
||||
{
|
||||
int rc;
|
||||
|
||||
ssl->status = 0;
|
||||
/*
|
||||
Pack the buffered socket data (if any) so that start is at zero.
|
||||
*/
|
||||
if (ssl->outsock.buf < ssl->outsock.start) {
|
||||
if (ssl->outsock.start == ssl->outsock.end) {
|
||||
ssl->outsock.start = ssl->outsock.end = ssl->outsock.buf;
|
||||
} else {
|
||||
memmove(ssl->outsock.buf, ssl->outsock.start, ssl->outsock.end - ssl->outsock.start);
|
||||
ssl->outsock.end -= (ssl->outsock.start - ssl->outsock.buf);
|
||||
ssl->outsock.start = ssl->outsock.buf;
|
||||
}
|
||||
}
|
||||
/*
|
||||
If there is buffered output data, the caller must be trying to
|
||||
send the same amount of data as last time. We don't support
|
||||
sending additional data until the original buffered request has
|
||||
been completely sent.
|
||||
*/
|
||||
if (ssl->outBufferCount > 0 && len != ssl->outBufferCount) {
|
||||
return -1;
|
||||
}
|
||||
/*
|
||||
If we don't have buffered data, encode the caller's data
|
||||
*/
|
||||
if (ssl->outBufferCount == 0) {
|
||||
retryEncode:
|
||||
rc = matrixSslEncode(ssl->ssl, (unsigned char *)buf, len, &ssl->outsock);
|
||||
switch (rc) {
|
||||
case SSL_ERROR:
|
||||
return -1;
|
||||
case SSL_FULL:
|
||||
if (ssl->outsock.size > SSL_MAX_BUF_SIZE) {
|
||||
return -1;
|
||||
}
|
||||
ssl->outsock.size *= 2;
|
||||
ssl->outsock.buf =
|
||||
(unsigned char *)realloc(ssl->outsock.buf, ssl->outsock.size);
|
||||
ssl->outsock.end = ssl->outsock.buf + (ssl->outsock.end - ssl->outsock.start);
|
||||
ssl->outsock.start = ssl->outsock.buf;
|
||||
goto retryEncode;
|
||||
}
|
||||
}
|
||||
/*
|
||||
We've got data to send.
|
||||
*/
|
||||
rc = send(ssl->fd, (char *)ssl->outsock.start,
|
||||
(int)(ssl->outsock.end - ssl->outsock.start), MSG_NOSIGNAL);
|
||||
if (rc == -1) {
|
||||
ssl->status = errno;
|
||||
return -1;
|
||||
}
|
||||
ssl->outsock.start += rc;
|
||||
/*
|
||||
If we wrote it all return the length, otherwise remember the number of
|
||||
bytes passed in, and return 0 to be called again later.
|
||||
*/
|
||||
if (ssl->outsock.start == ssl->outsock.end) {
|
||||
ssl->outBufferCount = 0;
|
||||
return len;
|
||||
}
|
||||
ssl->outBufferCount = len;
|
||||
return 0;
|
||||
}
|
||||
|
39
package/mini_httpd/files/matrixssl_helper.h
Normal file
39
package/mini_httpd/files/matrixssl_helper.h
Normal file
@ -0,0 +1,39 @@
|
||||
/*
|
||||
* MatrixSSL helper functions
|
||||
*
|
||||
* Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; either version 2
|
||||
* of the License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*/
|
||||
|
||||
#ifndef __MATRIXSSL_HELPER_H__
|
||||
#define __MATRIXSSL_HELPER_H__
|
||||
|
||||
#include <matrixSsl/matrixSsl.h>
|
||||
|
||||
typedef struct __SSL {
|
||||
int fd;
|
||||
ssl_t *ssl;
|
||||
sslKeys_t *keys;
|
||||
sslBuf_t insock, outsock, inbuf;
|
||||
int outBufferCount;
|
||||
int partial;
|
||||
int status;
|
||||
} SSL;
|
||||
|
||||
SSL * SSL_new(sslKeys_t *keys);
|
||||
void SSL_set_fd(SSL *ssl, int fd);
|
||||
int SSL_accept(SSL *ssl);
|
||||
int SSL_read(SSL *ssl, char *b, int len);
|
||||
int SSL_write(SSL *ssl, char *buf, int len);
|
||||
void SSL_free(SSL *ssl);
|
||||
|
||||
#endif /* __MATRIXSSL_HELPER_H__ */
|
7
package/mini_httpd/files/mini_httpd.conf
Normal file
7
package/mini_httpd/files/mini_httpd.conf
Normal file
@ -0,0 +1,7 @@
|
||||
cgipat=cgi-bin/*
|
||||
dir=/www
|
||||
nochroot
|
||||
pidfile=/var/run/mini_httpd.pid
|
||||
user=root
|
||||
ssl
|
||||
certfile=/etc/mini_httpd.pem
|
1
package/mini_httpd/files/mini_httpd.default
Normal file
1
package/mini_httpd/files/mini_httpd.default
Normal file
@ -0,0 +1 @@
|
||||
OPTIONS="-C /etc/mini_httpd.conf"
|
21
package/mini_httpd/files/mini_httpd.init
Normal file
21
package/mini_httpd/files/mini_httpd.init
Normal file
@ -0,0 +1,21 @@
|
||||
#!/bin/sh
|
||||
|
||||
DEFAULT=/etc/default/mini_httpd
|
||||
RUN_D=/var/run
|
||||
PID_F=$RUN_D/mini_httpd.pid
|
||||
[ -f $DEFAULT ] && . $DEFAULT
|
||||
|
||||
case $1 in
|
||||
start)
|
||||
[ -d $RUN_D ] || mkdir -p $RUN_D
|
||||
mini_httpd $OPTIONS
|
||||
;;
|
||||
stop)
|
||||
[ -f $PID_F ] && kill $(cat $PID_F)
|
||||
;;
|
||||
*)
|
||||
echo "usage: $0 (start|stop)"
|
||||
exit 1
|
||||
esac
|
||||
|
||||
exit $?
|
29
package/mini_httpd/files/mini_httpd.pem
Normal file
29
package/mini_httpd/files/mini_httpd.pem
Normal file
@ -0,0 +1,29 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXgIBAAKBgQC5rFJOQakwMmF9aoVnAXaQLOOPoYOEk19/ls9VZt1ZqfzQuTbG
|
||||
GGrgMIDclB0kHMFvSbzeiVjMnrSdQTNe1gOQAGtHhHiqugrLqH9m3wqOerbf/Yir
|
||||
hic9U6X9RaWC6BzNgcYU1QtPn1sDtbMNFAB6jzF3W76EIlHEobgMtfqtxwIDAQAB
|
||||
AoGBAKJst9eToyDxgc1ICQlSA1kem7eDUF0C2xDvadLI2KxegzZIQD1NEPmsFJ5h
|
||||
x5hWu3TSabG3LwJZd6D1b63vxE6QRMhcDG3idb7kXzhOOZyfnlnrBtJ3VJC/UH5H
|
||||
O1pMMBxcu2fXrua+h7BW0gMoZhchvsArDoWaZPjNUNHiNRYBAkEA3Ngnge7njqlf
|
||||
/UlLkQHHfxgorQ78GjOzrrUvz86pFtW8RKCjAv55HIqAhWrSgxWF4yXkPO2XOHC9
|
||||
KTeVKccjAQJBANc63r3M3yP817cPzyo/8BJQD9nAzmolrsBf1YMxML20UmEbObax
|
||||
QdmxoYu/a8tOD4gT6EZDkauJU0yS69HGeMcCQQCvRmbkuuXQ1iC29+sfpVfeSSBP
|
||||
aaswaIRdTrQprA2LcAtCNHPsNmeM/WfPe96j5vsiMrqYmMECLIgVJGYgiEoBAkEA
|
||||
kzg1e+ZTC667bwBlWCT79crFzNDRYFH+QqBKz74p9NkPMFULGSgOPvX95jU9aocu
|
||||
oInda5J0Zb09OTeWDpuPqQJAUIeY36WUst7NaW40mZXkMjjR2QtWi7P4cmv7nLp0
|
||||
WdPQzkUW1Bv4sSUQ7svQqpmZPaFiyhXL1VSa1M5MPd3tbA==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICOTCCAaKgAwIBAgIJANRuTbnzy8ObMA0GCSqGSIb3DQEBBAUAMFMxCzAJBgNV
|
||||
BAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoT
|
||||
B015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRlcjAeFw0wNTAxMTQwMjQzMjdaFw0w
|
||||
NjAxMTQwMjQzMjdaMFMxCzAJBgNVBAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwG
|
||||
A1UEBxMFUGFyaXMxEDAOBgNVBAoTB015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRl
|
||||
cjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuaxSTkGpMDJhfWqFZwF2kCzj
|
||||
j6GDhJNff5bPVWbdWan80Lk2xhhq4DCA3JQdJBzBb0m83olYzJ60nUEzXtYDkABr
|
||||
R4R4qroKy6h/Zt8Kjnq23/2Iq4YnPVOl/UWlgugczYHGFNULT59bA7WzDRQAeo8x
|
||||
d1u+hCJRxKG4DLX6rccCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqG
|
||||
SIb3DQEBBAUAA4GBAErI3QmcZVzjxKcoPTO3z8cRJV87SVFp0qbIjbYCBDUWB1QY
|
||||
/bMkQPr2zJyfJmUYLEs4iKgHrmlaUCMHy9NZKOg9ZxrW42BtQ5QnOtDm3UifwzJW
|
||||
oCFC3uPWfTYsZn/FrUXlErds+xXXT63VJzBe6DdXwHcdcdxzl05oIyL9JIzI
|
||||
-----END CERTIFICATE-----
|
3
package/mini_httpd/ipkg/mini-httpd.conffiles
Normal file
3
package/mini_httpd/ipkg/mini-httpd.conffiles
Normal file
@ -0,0 +1,3 @@
|
||||
/etc/default/mini_httpd
|
||||
/etc/mini_httpd.conf
|
||||
/etc/mini_httpd.pem
|
9
package/mini_httpd/ipkg/mini-httpd.control
Normal file
9
package/mini_httpd/ipkg/mini-httpd.control
Normal file
@ -0,0 +1,9 @@
|
||||
Package: mini-httpd
|
||||
Priority: optional
|
||||
Section: net
|
||||
Version: [TBDL]
|
||||
Architecture: [TBDL]
|
||||
Maintainer: OpenWrt Developers Team <bugs@openwrt.org>
|
||||
Source: http://openwrt.org/cgi-bin/viewcvs.cgi/openwrt/package/mini_httpd/
|
||||
Description: A small HTTP server, built with SSL support using MatrixSSL.
|
||||
Depends: libmatrixssl
|
161
package/mini_httpd/patches/500-matrixssl.patch
Normal file
161
package/mini_httpd/patches/500-matrixssl.patch
Normal file
@ -0,0 +1,161 @@
|
||||
diff -ruN mini_httpd-1.19-orig/Makefile mini_httpd-1.19-3/Makefile
|
||||
--- mini_httpd-1.19-orig/Makefile 2002-11-02 00:02:57.000000000 +0100
|
||||
+++ mini_httpd-1.19-3/Makefile 2005-03-09 08:52:21.000000000 +0100
|
||||
@@ -14,17 +14,30 @@
|
||||
# http://www.openssl.org/ Make sure the SSL_TREE definition points to the
|
||||
# tree with your OpenSSL installation - depending on how you installed it,
|
||||
# it may be in /usr/local instead of /usr/local/ssl.
|
||||
+
|
||||
+# OpenSSL
|
||||
#SSL_TREE = /usr/local/ssl
|
||||
#SSL_DEFS = -DUSE_SSL
|
||||
#SSL_INC = -I${SSL_TREE}/include
|
||||
#SSL_LIBS = -L${SSL_TREE}/lib -lssl -lcrypto
|
||||
+#SSL_OBJS =
|
||||
+
|
||||
+# MatrixSSL
|
||||
+SSL_TREE =
|
||||
+SSL_DEFS = -DUSE_SSL -DHAVE_MATRIXSSL
|
||||
+SSL_INC =
|
||||
+SSL_LIBS = -lmatrixssl
|
||||
+SSL_OBJS = matrixssl_helper.o
|
||||
|
||||
|
||||
-BINDIR = /usr/local/sbin
|
||||
-MANDIR = /usr/local/man
|
||||
+DESTDIR =
|
||||
+
|
||||
+BINDIR = $(DESTDIR)/usr/sbin
|
||||
+MANDIR = $(DESTDIR)/usr/share/man
|
||||
CC = gcc
|
||||
CDEFS = ${SSL_DEFS} ${SSL_INC}
|
||||
-CFLAGS = -O ${CDEFS}
|
||||
+OFLAGS = -O
|
||||
+CFLAGS = ${OFLAGS} ${CDEFS}
|
||||
#CFLAGS = -g ${CDEFS}
|
||||
-LDFLAGS = -s
|
||||
+LDFLAGS =
|
||||
#LDFLAGS = -g
|
||||
@@ -32,12 +45,15 @@
|
||||
|
||||
all: mini_httpd htpasswd
|
||||
|
||||
-mini_httpd: mini_httpd.o match.o tdate_parse.o
|
||||
- ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${LDLIBS} -o mini_httpd
|
||||
+mini_httpd: mini_httpd.o match.o tdate_parse.o ${SSL_OBJS}
|
||||
+ ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${SSL_OBJS} ${LDLIBS} -o mini_httpd
|
||||
|
||||
mini_httpd.o: mini_httpd.c version.h port.h match.h tdate_parse.h mime_encodings.h mime_types.h
|
||||
${CC} ${CFLAGS} -c mini_httpd.c
|
||||
|
||||
+matrixssl_helper.o: matrixssl_helper.c
|
||||
+ ${CC} ${CFLAGS} -c matrixssl_helper.c
|
||||
+
|
||||
match.o: match.c match.h
|
||||
${CC} ${CFLAGS} -c match.c
|
||||
|
||||
@@ -71,16 +87,18 @@
|
||||
chmod 600 mini_httpd.pem
|
||||
|
||||
|
||||
-install: all
|
||||
- rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
|
||||
+install: all uninstall
|
||||
-mkdir -p ${BINDIR}
|
||||
cp mini_httpd htpasswd ${BINDIR}
|
||||
- rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
|
||||
-mkdir -p ${MANDIR}/man8
|
||||
cp mini_httpd.8 ${MANDIR}/man8
|
||||
-mkdir -p ${MANDIR}/man1
|
||||
cp htpasswd.1 ${MANDIR}/man1
|
||||
|
||||
+uninstall:
|
||||
+ rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
|
||||
+ rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
|
||||
+
|
||||
clean:
|
||||
rm -f mini_httpd mime_encodings.h mime_types.h htpasswd mini_httpd.rnd *.o core core.* *.core
|
||||
|
||||
diff -ruN mini_httpd-1.19-orig/mini_httpd.c mini_httpd-1.19-3/mini_httpd.c
|
||||
--- mini_httpd-1.19-orig/mini_httpd.c 2003-12-03 19:27:22.000000000 +0100
|
||||
+++ mini_httpd-1.19-3/mini_httpd.c 2005-03-09 08:46:28.000000000 +0100
|
||||
@@ -66,8 +66,14 @@
|
||||
#endif /* HAVE_SENDFILE */
|
||||
|
||||
#ifdef USE_SSL
|
||||
+# ifdef HAVE_OPENSSL
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
+# else /* HAVE_OPENSSL */
|
||||
+# ifdef HAVE_MATRIXSSL
|
||||
+# include "matrixssl_helper.h"
|
||||
+# endif /* HAVE_MATRIXSSL */
|
||||
+# endif /* HAVE_OPENSSL */
|
||||
#endif /* USE_SSL */
|
||||
|
||||
extern char* crypt( const char* key, const char* setting );
|
||||
@@ -193,7 +199,13 @@
|
||||
static int do_ssl;
|
||||
static char* certfile;
|
||||
static char* cipher;
|
||||
+#ifdef HAVE_OPENSSL
|
||||
static SSL_CTX* ssl_ctx;
|
||||
+#else /* HAVE_OPENSSL */
|
||||
+ #ifdef HAVE_MATRIXSSL
|
||||
+static sslKeys_t* keys;
|
||||
+ #endif /* HAVE_MATRIXSSL */
|
||||
+#endif /* HAVE_OPENSSL */
|
||||
#endif /* USE_SSL */
|
||||
static char cwd[MAXPATHLEN];
|
||||
static int got_hup;
|
||||
@@ -540,6 +552,7 @@
|
||||
#ifdef USE_SSL
|
||||
if ( do_ssl )
|
||||
{
|
||||
+# ifdef HAVE_OPENSSL
|
||||
SSL_load_error_strings();
|
||||
SSLeay_add_ssl_algorithms();
|
||||
ssl_ctx = SSL_CTX_new( SSLv23_server_method() );
|
||||
@@ -559,6 +572,17 @@
|
||||
exit( 1 );
|
||||
}
|
||||
}
|
||||
+# else /* HAVE_OPENSSL */
|
||||
+# ifdef HAVE_MATRIXSSL
|
||||
+ matrixSslOpen();
|
||||
+ if ( matrixSslReadKeys( &keys, certfile, certfile, NULL, NULL < 0) )
|
||||
+ {
|
||||
+ syslog( LOG_CRIT, "can't load certificate and/or private key\n");
|
||||
+ (void) fprintf( stderr, "%s: can't load certificate and/or private key\n", argv0 );
|
||||
+ exit( 1 );
|
||||
+ }
|
||||
+# endif /* HAVE_MATRIXSSL */
|
||||
+# endif /* HAVE_OPENSSL */
|
||||
}
|
||||
#endif /* USE_SSL */
|
||||
|
||||
@@ -1174,6 +1198,7 @@
|
||||
#ifdef USE_SSL
|
||||
if ( do_ssl )
|
||||
{
|
||||
+# ifdef HAVE_OPENSSL
|
||||
ssl = SSL_new( ssl_ctx );
|
||||
SSL_set_fd( ssl, conn_fd );
|
||||
if ( SSL_accept( ssl ) == 0 )
|
||||
@@ -1181,6 +1206,16 @@
|
||||
ERR_print_errors_fp( stderr );
|
||||
exit( 1 );
|
||||
}
|
||||
+# else /* HAVE_OPENSSL */
|
||||
+# ifdef HAVE_MATRIXSSL
|
||||
+ ssl = SSL_new(keys);
|
||||
+ SSL_set_fd( ssl, conn_fd );
|
||||
+ if ( SSL_accept( ssl ) <= 0 )
|
||||
+ {
|
||||
+ perror( "SSL_accept" );
|
||||
+ }
|
||||
+# endif /* HAVE_MATRIXSSL */
|
||||
+# endif /* HAVE_OPENSSL */
|
||||
}
|
||||
#endif /* USE_SSL */
|
||||
|
Loading…
Reference in New Issue
Block a user