Althttpd

Timeline
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

50 most recent check-ins

2022-01-26
14:21
Reset the content length for every HTTP request. ... (Leaf check-in: fded041a3e user: drh tags: trunk)
2022-01-25
15:43
Do not log an error if the first line of an HTTP request never arrives. ... (check-in: 97b589c68b user: drh tags: trunk)
15:39
Give unique error numbers to all 500-level Malfunction() calls. ... (check-in: d312c6e32c user: drh tags: trunk)
2022-01-19
05:59
Added contrib/docker as a convenient method of building a fully/properly-static althttpd. ... (check-in: 6f6cf2d5a5 user: stephan tags: trunk)
04:42
Reformulated the version-related CPPFLAGS in such a way which should (or might) be compatible with more Make variants, namely BSD Make. ... (check-in: 0736e5f6e5 user: stephan tags: trunk)
2022-01-18
16:06
Add an earlier check for running as root without the -user flag and fail before establishing the network listener. Part of the /forumpost/1e536f9fb0bf5310 discussion. ... (check-in: 57fce9cebf user: stephan tags: trunk)
04:49
Added static-althttpd target for build via docker, but unfortunately have to check it in in order to test it. ... (check-in: 0ebfe20459 user: stephan tags: trunk)
2022-01-17
16:06
Renamed --cert builtin to --cert unsafe-builtin for symmetry with Fossil, per /chat discussion. ... (check-in: 3ed898e622 user: stephan tags: trunk)
16:01
Swapped HTTP-mode-only restriction on the HSTS header to HTTPS-mode-only. That restriction was a misunderstanding on my part. ... (Leaf check-in: 27f227c075 user: stephan tags: strict-transport-security)
14:56
Initial impl of adding a HTTP Strict-Transport-Security header via a new directive in the -auth file. ... (check-in: 6cc1a66706 user: stephan tags: strict-transport-security)
2022-01-16
20:24
Document how to run HTTPS from XINETD. ... (check-in: 546e540753 user: drh tags: trunk)
13:43
Only include the OpenSSL version information in the SERVER_SOFTWARE CGI variable when althttpd is itself handling the TLS. ... (check-in: 9936a7eb71 user: drh tags: trunk)
13:28
Include the OpenSSL version information in SERVER_SOFTWARE for TLS-enabled builds. ... (check-in: 5304d7e035 user: drh tags: trunk)
12:37
Minor comment and documentation fixes. Increase the buffer size for althttp_printf() to 10K. ... (check-in: 3693df13df user: drh tags: trunk)
12:06
Make the default version number 2.0, even if the version number is not set by the Makefile. Avoid an unnecessary memory allocation. ... (check-in: da83441048 user: drh tags: trunk)
03:25
Removed manual tracking of SSL is-EOF (unnecessary), call Malfunction() if tls_gets() fails, and remove dangling tls_close_conn() calls after Redirect() calls, as those broke TLS redirects. ... (check-in: 0a03b61432 user: stephan tags: trunk)
02:58
Default zHttpScheme to "http" so that redirects from /dir/ to /dir/index work in HTTP mode. Those same redirects in HTTPS are breaking with SSL errors ("invalid response") with or without this change. ... (check-in: f89d874075 user: stephan tags: trunk)
01:22
Added version-related #defines, the SERVER_SOFTWARE CGI var, and the --version CLI flag. ... (check-in: b28a5df461 user: stephan tags: trunk)
2022-01-15
22:18
Allow a keep-alive HTTP response when using TLS. ... (check-in: d21ce864c1 user: drh tags: trunk)
22:03
Combine duplicate variables zHttp and zHttpScheme. Use just the latter. Other similar simplifications. ... (check-in: ce9ca4c2e0 user: drh tags: trunk)
20:05
Ensure that the HTTPS and HTTP_SCHEME CGI variables are sent to SCGI programs. ... (check-in: f09e4e9bbd user: drh tags: trunk)
19:26
Simplify POST data handling. POST data is now held exclusively in memory. The /tmp/-post-data-XXXXX temporary files are no longer needed. ... (check-in: 8b26e73486 user: drh tags: trunk)
17:29
Markdown typo fix. ... (check-in: ac0938b0d1 user: stephan tags: trunk)
17:25
Added contrib/dir-browser-cgi, a basic directory-browsing CGI for althttpd. ... (check-in: ec77434469 user: stephan tags: trunk)
16:20
Initial go at adding a version number via a generated header and setting SERVER_SOFTWARE based on that header. Whether we want this approach or to pass all of this state along in the CPPFLAGS is as yet undecided. ... (Closed-Leaf check-in: 7242ebbe3e user: stephan tags: add-version)
15:21
Remove the forceClose=1 from ProcessOneRequest() in TLS mode (seems to have no effect). Call Malfunction() if tls_read_server() has a read error. ... (check-in: ef1ffc3607 user: stephan tags: trunk)
14:54
Add "/index" to the list of known index/home pages/CGIs, per /chat discussion. ... (check-in: d59cf0a83e user: stephan tags: trunk)
14:42
Omit the --tls flag. Achieve the same functionality using "--cert builtin". ... (check-in: e3659060a9 user: drh tags: trunk)
14:39
Refactor and simplify CGI handling such that as much work as possible is shifted into the child process, and in particular so that the parent process does not mess with file descriptors 0 or 1 (as doing so can confuse OpenSSL). ... (check-in: 09b97157ff user: drh tags: trunk)
13:40
Removed stderr debug output. ... (check-in: 8edc94a656 user: stephan tags: trunk)
13:35
tls_read_server() now loops over its input, as SSL_read() only reads in, at most, 16kb chunks. Resolves truncated POST data issue. ... (check-in: 10301148a9 user: stephan tags: trunk)
06:39
Internal API doc correction. ... (Closed-Leaf check-in: e280f903b8 user: stephan tags: cert-builtin-flag)
06:31
--cert builtin is now used to explicitly enable the builtin self-signed cert. Removed now-redundant -tls 1 flag. Corrected StartResponse() to use HTTP/1.1 as a response prefix when it would otherwise be NULL due to Malfunction() being called during certificate initialization. ... (check-in: b7e8f6c8a3 user: stephan tags: cert-builtin-flag)
03:47
s/ENABLE_SSL/ENABLE_TLS/ ... (check-in: c8e4f08536 user: stephan tags: trunk)
2022-01-14
18:52
Add TLS support. ... (check-in: f3ab410243 user: drh tags: trunk)
16:22
Update the documentation for the latest changes. ... (Closed-Leaf check-in: cac7c08dbe user: drh tags: tls-support)
15:43
Rename the --tls-cert-file option to just --cert. Add the new --pkey option that gives the ability to keep the private key in a separate file. ... (check-in: 78a747ad91 user: drh tags: tls-support)
14:22
Minor comment and code formatting cleanup. ... (check-in: 2f7c76d9fe user: drh tags: tls-support)
2022-01-10
07:22
Replaced a call to SSL_CTX_use_certificate_file() with SSL_CTX_use_certificate_chain_file(), per fossil forum post 054f637e002683e3. ... (check-in: 83196564d0 user: stephan tags: tls-support)
2022-01-08
17:12
Close the input FILE handle for NPH CGIs, as is done for non-NPH CGIs. ... (check-in: 222d466acc user: stephan tags: tls-support)
15:01
Minor doc/comment updates. ... (check-in: 4b7b64c356 user: stephan tags: tls-support)
14:50
Removed some dead code. Doc updates. tls_gets() now sets the atEof flag if it reaches EOF, as tsl_read_server() does. ... (check-in: 11781d0061 user: stephan tags: tls-support)
10:30
Removed the MARKER debug bits. Added some comments. ... (check-in: 0370441d4f user: stephan tags: tls-support)
09:52
Minor doc addition. ... (check-in: 035e0ca106 user: stephan tags: tls-support)
09:50
Fixed non-parsed-header CGI output to work in TLS mode. ... (check-in: 788d45bd22 user: stephan tags: tls-support)
09:38
Removed an unused var which was part of the popen2() bits. ... (check-in: 82f7f775fb user: stephan tags: tls-support)
08:17
Seem to have found the magic needed to POST over the SSL connection, by propagating the socket ID from http_server() through to ProcessOneRequest() to pass it on to the SSL connection init. Untested with SCGI and fails for unknown reasons (SSL-specific error) for nph- scripts (but that might be my own misuse of that format). Removed superfluous popen2() bits. ... (check-in: dcc654cf3e user: stephan tags: tls-support)
00:38
Ported in popen2() from fossil as an alternative way to launch CGIs, but the behavior is identical: TLS writes to POSTed CGIs fail with a bad file descriptor error. ... (check-in: c9216a6a82 user: stephan tags: tls-support)
2022-01-07
20:49
Removed some dead code. Re-added static qualifier to Malfunction(). ... (check-in: deba23006a user: stephan tags: tls-support)
19:48
Changed %Z to GMT in Rfc822Date(), per forum dicussion c2777e3a72516e80. It is not changed in the log file because that one is not consumed by 3rd-party apps which dislike "UTC" as the %Z string. Addresses ticket [e5a308564b4af739]. ... (check-in: c9214e8e48 user: stephan tags: tls-support)