From: Florian Fainelli Date: Sat, 5 Aug 2006 10:20:56 +0000 (+0000) Subject: Port mini_sendmail to -ng X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;h=5608314997702fe509ba6e5439894bd83aa60ef2;hp=eb1c4a5540bc449b551a0f199469b92636e2122d Port mini_sendmail to -ng SVN-Revision: 4465 --- diff --git a/net/mini_httpd/Makefile b/net/mini_httpd/Makefile new file mode 100644 index 0000000000..43f7793bcb --- /dev/null +++ b/net/mini_httpd/Makefile @@ -0,0 +1,179 @@ +# +# Copyright (C) 2006 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +# $Id$ + +include $(TOPDIR)/rules.mk + +PKG_NAME:=mini-httpd +PKG_VERSION:=1.19 +PKG_RELEASE:=1 +PKG_MD5SUM:=792a529dfe974355aad8ba6c80e54e7a + +PKG_SOURCE_URL:=http://www.acme.com/software/mini_httpd/ +PKG_SOURCE:=mini_httpd-$(PKG_VERSION).tar.gz +PKG_CAT:=zcat + +PKG_BUILD_DIR:=$(BUILD_DIR)/mini_httpd-$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk + +define Package/mini-httpd + SECTION:=net + CATEGORY:=Network + SUBMENU:=A small web server + DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\ +low or medium traffic sites it's quite adequate. It implements all the\\\ +basic features of an HTTP server, including:\\\ +\\\ +* GET, HEAD, and POST methods.\\\ +* CGI.\\\ +* Basic authentication.\\\ +* Security against ".." filename snooping.\\\ +* The common MIME types.\\\ +* Trailing-slash redirection.\\\ +* index.html, index.htm, index.cgi\\\ +* Directory listings.\\\ +* Multihoming / virtual hosting.\\\ +* Standard logging.\\\ +* Custom error pages.\\\ +\\\ +It can also be configured to do IPv6.\\\ + URL:=http://www.acme.com/software/mini_httpd/ +endef + +define Package/mini-httpd-htpasswd + $(call Package/mini-httpd) + TITLE:=Utility to generate HTTP access files + DESCRIPTION:=This file generates .htaccess/.htpasswd files to use HTTP access authentication\\\ +endef + +define Package/mini-httpd-matrixssl + $(call Package/mini-httpd) + TITLE:=A small web server, built with SSL support using MatrixSSL + DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\ +low or medium traffic sites it's quite adequate. It implements all the\\\ +basic features of an HTTP server, including:\\\ +\\\ +* GET, HEAD, and POST methods.\\\ +* CGI.\\\ +* Basic authentication.\\\ +* Security against ".." filename snooping.\\\ +* The common MIME types.\\\ +* Trailing-slash redirection.\\\ +* index.html, index.htm, index.cgi\\\ +* Directory listings.\\\ +* Multihoming / virtual hosting.\\\ +* Standard logging.\\\ +* Custom error pages.\\\ +\\\ +It can also be configured to do SSL/HTTPS and IPv6.\\\ +endef + +define Package/mini-httpd-openssl + $(call BuildPackage,mini-httpd) + TITLE:=A small web server, built with SSL support using OpenSSL + DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\ +low or medium traffic sites it's quite adequate. It implements all the\\\ +basic features of an HTTP server, including:\\\ +\\\ +* GET, HEAD, and POST methods.\\\ +* CGI.\\\ +* Basic authentication.\\\ +* Security against ".." filename snooping.\\\ +* The common MIME types.\\\ +* Trailing-slash redirection.\\\ +* index.html, index.htm, index.cgi\\\ +* Directory listings.\\\ +* Multihoming / virtual hosting.\\\ +* Standard logging.\\\ +* Custom error pages.\\\ +\\\ +It can also be configured to do SSL/HTTPS and IPv6.\\\ +endef + +define Build/Configure + $(CP) ./files/matrixssl_helper.{c,h} $(PKG_BUILD_DIR)/ +enddef + +define Build/Compile + # with MatrixSSL +ifneq ($(BR2_PACKAGE_MINI_HTTPD_MATRIXSSL),) + $(MAKE) -C $(PKG_BUILD_DIR) \ + CC=$(TARGET_CC) \ + OFLAGS="$(TARGET_CFLAGS)" \ + SSL_DEFS="-DUSE_SSL -DHAVE_MATRIXSSL" \ + SSL_INC="-I$(STAGING_DIR)/usr/include" \ + SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lmatrixssl" \ + SSL_OBJS="matrixssl_helper.o" \ + all + (cd $(PKG_BUILD_DIR); mv mini_httpd mini_httpd-matrixssl; ) + $(MAKE) -C $(PKG_BUILD_DIR) clean +endif + # with OpenSSL +ifneq ($(BR2_PACKAGE_MINI_HTTPD_OPENSSL),) + $(MAKE) -C $(PKG_BUILD_DIR) \ + CC=$(TARGET_CC) \ + OFLAGS="$(TARGET_CFLAGS)" \ + SSL_DEFS="-DUSE_SSL -DHAVE_OPENSSL" \ + SSL_INC="-I$(STAGING_DIR)/usr/include" \ + SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lssl -lcrypto" \ + all + (cd $(PKG_BUILD_DIR); mv mini_httpd mini_httpd-openssl; ) + $(MAKE) -C $(PKG_BUILD_DIR) clean +endif + # without SSL +ifneq ($(BR2_PACKAGE_MINI_HTTPD),) + $(MAKE) -C $(PKG_BUILD_DIR) \ + CC=$(TARGET_CC) \ + OFLAGS="$(TARGET_CFLAGS)" \ + all +endif + touch $@ + +$(IPKG_MINI_HTTPD): + install -d -m0755 $(IDIR_MINI_HTTPD)/etc + install -m0644 ./files/mini_httpd.conf $(IDIR_MINI_HTTPD)/etc/mini_httpd.conf + install -d -m0755 $(IDIR_MINI_HTTPD)/etc/default + install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD)/etc/default/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD)/etc/init.d + install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD)/etc/init.d/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/mini_httpd $(IDIR_MINI_HTTPD)/usr/sbin/ + $(RSTRIP) $(IDIR_MINI_HTTPD) + $(IPKG_BUILD) $(IDIR_MINI_HTTPD) $(PACKAGE_DIR) + +$(IPKG_MINI_HTTPD_HTPASSWD): + install -d -m0755 $(IDIR_MINI_HTTPD_HTPASSWD)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/htpasswd $(IDIR_MINI_HTTPD_HTPASSWD)/usr/sbin/ + $(RSTRIP) $(IDIR_MINI_HTTPD_HTPASSWD) + $(IPKG_BUILD) $(IDIR_MINI_HTTPD_HTPASSWD) $(PACKAGE_DIR) + +$(IPKG_MINI_HTTPD_MATRIXSSL): + install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc + install -m0644 ./files/mini_httpd-ssl.conf $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/mini_httpd.conf + install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/ + install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/default + install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/default/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/init.d + install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/init.d/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/mini_httpd-matrixssl $(IDIR_MINI_HTTPD_MATRIXSSL)/usr/sbin/mini_httpd + $(RSTRIP) $(IDIR_MINI_HTTPD_MATRIXSSL) + $(IPKG_BUILD) $(IDIR_MINI_HTTPD_MATRIXSSL) $(PACKAGE_DIR) + +$(IPKG_MINI_HTTPD_OPENSSL): + install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc + install -m0644 ./files/mini_httpd-ssl.conf $(IDIR_MINI_HTTPD_OPENSSL)/etc/mini_httpd.conf + install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD_OPENSSL)/etc/ + install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc/default + install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD_OPENSSL)/etc/default/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc/init.d + install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD_OPENSSL)/etc/init.d/mini_httpd + install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/mini_httpd-openssl $(IDIR_MINI_HTTPD_OPENSSL)/usr/sbin/mini_httpd + $(RSTRIP) $(IDIR_MINI_HTTPD_OPENSSL) + $(IPKG_BUILD) $(IDIR_MINI_HTTPD_OPENSSL) $(PACKAGE_DIR) diff --git a/net/mini_httpd/files/matrixssl_helper.c b/net/mini_httpd/files/matrixssl_helper.c new file mode 100644 index 0000000000..e3fe3346c2 --- /dev/null +++ b/net/mini_httpd/files/matrixssl_helper.c @@ -0,0 +1,455 @@ +/* + * MatrixSSL helper functions + * + * Copyright (C) 2005 Nicolas Thill + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * Portions borrowed from MatrixSSL example code + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "matrixssl_helper.h" + +#define SSL_SOCKET_EOF 0x0001 +#define SSL_SOCKET_CLOSE_NOTIFY 0x0002 + +#define min(a, b) ( (a) < (b) ) ? (a) : (b) + +static int _ssl_read(SSL *ssl, char *buf, int len); +static int _ssl_write(SSL *ssl, char *buf, int len); +static void _ssl_setSocketBlock(int fd); +static void _ssl_setSocketNonblock(int fd); +static void _ssl_closeSocket(int fd); + + +SSL * SSL_new(sslKeys_t *keys) +{ + SSL * ssl; + ssl = (SSL *)malloc(sizeof(SSL)); + + if (!ssl) return 0; + + ssl->keys = keys; + if ( matrixSslNewSession(&(ssl->ssl), ssl->keys, NULL, SSL_FLAGS_SERVER) < 0 ) { + } + + ssl->insock.size = 1024; + ssl->insock.buf = ssl->insock.start = ssl->insock.end = + (unsigned char *)malloc(ssl->insock.size); + + ssl->outsock.size = 1024; + ssl->outsock.buf = ssl->outsock.start = ssl->outsock.end = + (unsigned char *)malloc(ssl->outsock.size); + + ssl->inbuf.size = 0; + ssl->inbuf.buf = ssl->inbuf.start = ssl->inbuf.end = NULL; + + return ssl; +} + + +int SSL_accept(SSL *ssl) { + + unsigned char buf[1024]; + int status, rc; + +readMore: + rc = _ssl_read(ssl, buf, sizeof(buf)); + if (rc == 0) { + if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) { + SSL_free(ssl); + return -1; + } + if (matrixSslHandshakeIsComplete(ssl->ssl) == 0) { + goto readMore; + } + } else if (rc > 0) { + return 0; + } else { + SSL_free(ssl); + return -1; + } + + return 1; +} + + +void SSL_set_fd(SSL *ssl, int fd) { + ssl->fd = fd; +} + + +int SSL_read(SSL *ssl, char *buf, int len) { + int rc; +readMore: + rc = _ssl_read(ssl, buf, len); + if (rc <= 0) { + if (rc < 0 || ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) { + _ssl_closeSocket(ssl->fd); + return rc; + } + goto readMore; + } + return rc; +} + + +int SSL_write(SSL *ssl, char *buf, int len) { + int rc; +writeMore: + rc = _ssl_write(ssl, buf, len); + if (rc <= 0) { + if (rc < 0) { + return rc; + } + goto writeMore; + } + return rc; +} + + +void SSL_free(SSL * ssl) +{ + matrixSslDeleteSession(ssl->ssl); + if (ssl->insock.buf) { + free(ssl->insock.buf); + } + if (ssl->outsock.buf) { + free(ssl->outsock.buf); + } + if (ssl->inbuf.buf) { + free(ssl->inbuf.buf); + } + free(ssl); +} + + + +static void _ssl_setSocketBlock(int fd) +{ + fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK); + fcntl(fd, F_SETFD, FD_CLOEXEC); +} + + +static void _ssl_setSocketNonblock(int fd) +{ + fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK); +} + + +static void _ssl_closeSocket(int fd) +{ + char buf[32]; + + if (fd != -1) { + _ssl_setSocketNonblock(fd); + if (shutdown(fd, 1) >= 0) { + while (recv(fd, buf, sizeof(buf), 0) > 0); + } + close(fd); + } +} + + +static int _ssl_read(SSL *ssl, char *buf, int len) +{ + int bytes, rc, remaining; + unsigned char error, alertLevel, alertDescription, performRead; + + ssl->status = 0; + + if (ssl->ssl == NULL || len <= 0) { + return -1; + } +/* + If inbuf is valid, then we have previously decoded data that must be + returned, return as much as possible. Once all buffered data is + returned, free the inbuf. +*/ + if (ssl->inbuf.buf) { + if (ssl->inbuf.start < ssl->inbuf.end) { + remaining = (int)(ssl->inbuf.end - ssl->inbuf.start); + bytes = (int)min(len, remaining); + memcpy(buf, ssl->inbuf.start, bytes); + ssl->inbuf.start += bytes; + return bytes; + } + free(ssl->inbuf.buf); + ssl->inbuf.buf = NULL; + } +/* + Pack the buffered socket data (if any) so that start is at zero. +*/ + if (ssl->insock.buf < ssl->insock.start) { + if (ssl->insock.start == ssl->insock.end) { + ssl->insock.start = ssl->insock.end = ssl->insock.buf; + } else { + memmove(ssl->insock.buf, ssl->insock.start, ssl->insock.end - ssl->insock.start); + ssl->insock.end -= (ssl->insock.start - ssl->insock.buf); + ssl->insock.start = ssl->insock.buf; + } + } +/* + Read up to as many bytes as there are remaining in the buffer. We could + Have encrypted data already cached in conn->insock, but might as well read more + if we can. +*/ + performRead = 0; +readMore: + if (ssl->insock.end == ssl->insock.start || performRead) { + performRead = 1; + bytes = recv(ssl->fd, (char *)ssl->insock.end, + (int)((ssl->insock.buf + ssl->insock.size) - ssl->insock.end), MSG_NOSIGNAL); + if (bytes == -1) { + ssl->status = errno; + return -1; + } + if (bytes == 0) { + ssl->status = SSL_SOCKET_EOF; + return 0; + } + ssl->insock.end += bytes; + } +/* + Define a temporary sslBuf +*/ + ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = (unsigned char *)malloc(len); + ssl->inbuf.size = len; +/* + Decode the data we just read from the socket +*/ +decodeMore: + error = 0; + alertLevel = 0; + alertDescription = 0; + + rc = matrixSslDecode(ssl->ssl, &ssl->insock, &ssl->inbuf, &error, &alertLevel, + &alertDescription); + switch (rc) { +/* + Successfully decoded a record that did not return data or require a response. +*/ + case SSL_SUCCESS: + return 0; +/* + Successfully decoded an application data record, and placed in tmp buf +*/ + case SSL_PROCESS_DATA: +/* + Copy as much as we can from the temp buffer into the caller's buffer + and leave the remainder in conn->inbuf until the next call to read + It is possible that len > data in buffer if the encoded record + was longer than len, but the decoded record isn't! +*/ + rc = (int)(ssl->inbuf.end - ssl->inbuf.start); + rc = min(rc, len); + memcpy(buf, ssl->inbuf.start, rc); + ssl->inbuf.start += rc; + return rc; +/* + We've decoded a record that requires a response into tmp + If there is no data to be flushed in the out buffer, we can write out + the contents of the tmp buffer. Otherwise, we need to append the data + to the outgoing data buffer and flush it out. +*/ + case SSL_SEND_RESPONSE: + bytes = send(ssl->fd, (char *)ssl->inbuf.start, + (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL); + if (bytes == -1) { + ssl->status = errno; + if (ssl->status != EAGAIN) { + goto readError; + } + ssl->status = 0; + } + ssl->inbuf.start += bytes; + if (ssl->inbuf.start < ssl->inbuf.end) { +/* + This must be a non-blocking socket since it didn't all get sent + out and there was no error. We want to finish the send here + simply because we are likely in the SSL handshake. +*/ + _ssl_setSocketBlock(ssl->fd); + bytes = send(ssl->fd, (char *)ssl->inbuf.start, + (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL); + if (bytes == -1) { + ssl->status = errno; + goto readError; + } + ssl->inbuf.start += bytes; +/* + Can safely set back to non-blocking because we wouldn't + have got here if this socket wasn't non-blocking to begin with. +*/ + _ssl_setSocketNonblock(ssl->fd); + } + ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf; + return 0; +/* + There was an error decoding the data, or encoding the out buffer. + There may be a response data in the out buffer, so try to send. + We try a single hail-mary send of the data, and then close the socket. + Since we're closing on error, we don't worry too much about a clean flush. +*/ + case SSL_ERROR: + if (ssl->inbuf.start < ssl->inbuf.end) { + _ssl_setSocketNonblock(ssl->fd); + bytes = send(ssl->fd, (char *)ssl->inbuf.start, + (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL); + } + goto readError; +/* + We've decoded an alert. The level and description passed into + matrixSslDecode are filled in with the specifics. +*/ + case SSL_ALERT: + if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) { + ssl->status = SSL_SOCKET_CLOSE_NOTIFY; + goto readZero; + } + goto readError; +/* + We have a partial record, we need to read more data off the socket. + If we have a completely full conn->insock buffer, we'll need to grow it + here so that we CAN read more data when called the next time. +*/ + case SSL_PARTIAL: + if (ssl->insock.start == ssl->insock.buf && ssl->insock.end == + (ssl->insock.buf + ssl->insock.size)) { + if (ssl->insock.size > SSL_MAX_BUF_SIZE) { + goto readError; + } + ssl->insock.size *= 2; + ssl->insock.start = ssl->insock.buf = + (unsigned char *)realloc(ssl->insock.buf, ssl->insock.size); + ssl->insock.end = ssl->insock.buf + (ssl->insock.size / 2); + } + if (!performRead) { + performRead = 1; + free(ssl->inbuf.buf); + ssl->inbuf.buf = NULL; + goto readMore; + } else { + goto readZero; + } +/* + The out buffer is too small to fit the decoded or response + data. Increase the size of the buffer and call decode again +*/ + case SSL_FULL: + ssl->inbuf.size *= 2; + if (ssl->inbuf.buf != (unsigned char*)buf) { + free(ssl->inbuf.buf); + ssl->inbuf.buf = NULL; + } + ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = + (unsigned char *)malloc(ssl->inbuf.size); + goto decodeMore; + } +/* + We consolidated some of the returns here because we must ensure + that conn->inbuf is cleared if pointing at caller's buffer, otherwise + it will be freed later on. +*/ +readZero: + if (ssl->inbuf.buf == (unsigned char*)buf) { + ssl->inbuf.buf = NULL; + } + return 0; +readError: + if (ssl->inbuf.buf == (unsigned char*)buf) { + ssl->inbuf.buf = NULL; + } + return -1; +} + + +int _ssl_write(SSL *ssl, char *buf, int len) +{ + int rc; + + ssl->status = 0; +/* + Pack the buffered socket data (if any) so that start is at zero. +*/ + if (ssl->outsock.buf < ssl->outsock.start) { + if (ssl->outsock.start == ssl->outsock.end) { + ssl->outsock.start = ssl->outsock.end = ssl->outsock.buf; + } else { + memmove(ssl->outsock.buf, ssl->outsock.start, ssl->outsock.end - ssl->outsock.start); + ssl->outsock.end -= (ssl->outsock.start - ssl->outsock.buf); + ssl->outsock.start = ssl->outsock.buf; + } + } +/* + If there is buffered output data, the caller must be trying to + send the same amount of data as last time. We don't support + sending additional data until the original buffered request has + been completely sent. +*/ + if (ssl->outBufferCount > 0 && len != ssl->outBufferCount) { + return -1; + } +/* + If we don't have buffered data, encode the caller's data +*/ + if (ssl->outBufferCount == 0) { +retryEncode: + rc = matrixSslEncode(ssl->ssl, (unsigned char *)buf, len, &ssl->outsock); + switch (rc) { + case SSL_ERROR: + return -1; + case SSL_FULL: + if (ssl->outsock.size > SSL_MAX_BUF_SIZE) { + return -1; + } + ssl->outsock.size *= 2; + ssl->outsock.buf = + (unsigned char *)realloc(ssl->outsock.buf, ssl->outsock.size); + ssl->outsock.end = ssl->outsock.buf + (ssl->outsock.end - ssl->outsock.start); + ssl->outsock.start = ssl->outsock.buf; + goto retryEncode; + } + } +/* + We've got data to send. +*/ + rc = send(ssl->fd, (char *)ssl->outsock.start, + (int)(ssl->outsock.end - ssl->outsock.start), MSG_NOSIGNAL); + if (rc == -1) { + ssl->status = errno; + return -1; + } + ssl->outsock.start += rc; +/* + If we wrote it all return the length, otherwise remember the number of + bytes passed in, and return 0 to be called again later. +*/ + if (ssl->outsock.start == ssl->outsock.end) { + ssl->outBufferCount = 0; + return len; + } + ssl->outBufferCount = len; + return 0; +} + diff --git a/net/mini_httpd/files/matrixssl_helper.h b/net/mini_httpd/files/matrixssl_helper.h new file mode 100644 index 0000000000..e5854df64a --- /dev/null +++ b/net/mini_httpd/files/matrixssl_helper.h @@ -0,0 +1,39 @@ +/* + * MatrixSSL helper functions + * + * Copyright (C) 2005 Nicolas Thill + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef __MATRIXSSL_HELPER_H__ +#define __MATRIXSSL_HELPER_H__ + +#include + +typedef struct __SSL { + int fd; + ssl_t *ssl; + sslKeys_t *keys; + sslBuf_t insock, outsock, inbuf; + int outBufferCount; + int partial; + int status; +} SSL; + +SSL * SSL_new(sslKeys_t *keys); +void SSL_set_fd(SSL *ssl, int fd); +int SSL_accept(SSL *ssl); +int SSL_read(SSL *ssl, char *b, int len); +int SSL_write(SSL *ssl, char *buf, int len); +void SSL_free(SSL *ssl); + +#endif /* __MATRIXSSL_HELPER_H__ */ diff --git a/net/mini_httpd/files/mini_httpd-ssl.conf b/net/mini_httpd/files/mini_httpd-ssl.conf new file mode 100644 index 0000000000..1cd7022d54 --- /dev/null +++ b/net/mini_httpd/files/mini_httpd-ssl.conf @@ -0,0 +1,7 @@ +cgipat=cgi-bin/**|**.sh +dir=/www +nochroot +pidfile=/var/run/mini_httpd.pid +user=root +ssl +certfile=/etc/mini_httpd.pem diff --git a/net/mini_httpd/files/mini_httpd.conf b/net/mini_httpd/files/mini_httpd.conf new file mode 100644 index 0000000000..d636a4378b --- /dev/null +++ b/net/mini_httpd/files/mini_httpd.conf @@ -0,0 +1,5 @@ +cgipat=cgi-bin/**|**.sh +dir=/www +nochroot +pidfile=/var/run/mini_httpd.pid +user=root diff --git a/net/mini_httpd/files/mini_httpd.default b/net/mini_httpd/files/mini_httpd.default new file mode 100644 index 0000000000..85b229e889 --- /dev/null +++ b/net/mini_httpd/files/mini_httpd.default @@ -0,0 +1 @@ +OPTIONS="-C /etc/mini_httpd.conf" diff --git a/net/mini_httpd/files/mini_httpd.init b/net/mini_httpd/files/mini_httpd.init new file mode 100644 index 0000000000..77bd6fd3b7 --- /dev/null +++ b/net/mini_httpd/files/mini_httpd.init @@ -0,0 +1,26 @@ +#!/bin/sh + +BIN=mini_httpd +DEFAULT=/etc/default/$BIN +RUN_D=/var/run +PID_F=$RUN_D/$BIN.pid +[ -f $DEFAULT ] && . $DEFAULT + +case $1 in + start) + [ -d $RUN_D ] || mkdir -p $RUN_D + $BIN $OPTIONS 2>/dev/null + ;; + stop) + [ -f $PID_F ] && kill $(cat $PID_F) + ;; + restart) + $0 stop + $0 start + ;; + *) + echo "usage: $0 (start|stop|restart)" + exit 1 +esac + +exit $? diff --git a/net/mini_httpd/files/mini_httpd.pem b/net/mini_httpd/files/mini_httpd.pem new file mode 100644 index 0000000000..8a1241a767 --- /dev/null +++ b/net/mini_httpd/files/mini_httpd.pem @@ -0,0 +1,29 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQC5rFJOQakwMmF9aoVnAXaQLOOPoYOEk19/ls9VZt1ZqfzQuTbG +GGrgMIDclB0kHMFvSbzeiVjMnrSdQTNe1gOQAGtHhHiqugrLqH9m3wqOerbf/Yir +hic9U6X9RaWC6BzNgcYU1QtPn1sDtbMNFAB6jzF3W76EIlHEobgMtfqtxwIDAQAB +AoGBAKJst9eToyDxgc1ICQlSA1kem7eDUF0C2xDvadLI2KxegzZIQD1NEPmsFJ5h +x5hWu3TSabG3LwJZd6D1b63vxE6QRMhcDG3idb7kXzhOOZyfnlnrBtJ3VJC/UH5H +O1pMMBxcu2fXrua+h7BW0gMoZhchvsArDoWaZPjNUNHiNRYBAkEA3Ngnge7njqlf +/UlLkQHHfxgorQ78GjOzrrUvz86pFtW8RKCjAv55HIqAhWrSgxWF4yXkPO2XOHC9 +KTeVKccjAQJBANc63r3M3yP817cPzyo/8BJQD9nAzmolrsBf1YMxML20UmEbObax +QdmxoYu/a8tOD4gT6EZDkauJU0yS69HGeMcCQQCvRmbkuuXQ1iC29+sfpVfeSSBP +aaswaIRdTrQprA2LcAtCNHPsNmeM/WfPe96j5vsiMrqYmMECLIgVJGYgiEoBAkEA +kzg1e+ZTC667bwBlWCT79crFzNDRYFH+QqBKz74p9NkPMFULGSgOPvX95jU9aocu +oInda5J0Zb09OTeWDpuPqQJAUIeY36WUst7NaW40mZXkMjjR2QtWi7P4cmv7nLp0 +WdPQzkUW1Bv4sSUQ7svQqpmZPaFiyhXL1VSa1M5MPd3tbA== +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIICOTCCAaKgAwIBAgIJANRuTbnzy8ObMA0GCSqGSIb3DQEBBAUAMFMxCzAJBgNV +BAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoT +B015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRlcjAeFw0wNTAxMTQwMjQzMjdaFw0w +NjAxMTQwMjQzMjdaMFMxCzAJBgNVBAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwG +A1UEBxMFUGFyaXMxEDAOBgNVBAoTB015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRl +cjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuaxSTkGpMDJhfWqFZwF2kCzj +j6GDhJNff5bPVWbdWan80Lk2xhhq4DCA3JQdJBzBb0m83olYzJ60nUEzXtYDkABr +R4R4qroKy6h/Zt8Kjnq23/2Iq4YnPVOl/UWlgugczYHGFNULT59bA7WzDRQAeo8x +d1u+hCJRxKG4DLX6rccCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqG +SIb3DQEBBAUAA4GBAErI3QmcZVzjxKcoPTO3z8cRJV87SVFp0qbIjbYCBDUWB1QY +/bMkQPr2zJyfJmUYLEs4iKgHrmlaUCMHy9NZKOg9ZxrW42BtQ5QnOtDm3UifwzJW +oCFC3uPWfTYsZn/FrUXlErds+xXXT63VJzBe6DdXwHcdcdxzl05oIyL9JIzI +-----END CERTIFICATE----- diff --git a/net/mini_httpd/patches/001-cgi_path.patch b/net/mini_httpd/patches/001-cgi_path.patch new file mode 100644 index 0000000000..c847d948b4 --- /dev/null +++ b/net/mini_httpd/patches/001-cgi_path.patch @@ -0,0 +1,16 @@ +diff -ruN mini_httpd-1.19-old/mini_httpd.c mini_httpd-1.19-new/mini_httpd.c +--- mini_httpd-1.19-old/mini_httpd.c 2005-10-19 01:11:24.000000000 +0200 ++++ mini_httpd-1.19-new/mini_httpd.c 2005-10-19 01:13:05.000000000 +0200 +@@ -138,10 +138,10 @@ + #define CGI_NICE 10 + #endif /* CGI_NICE */ + #ifndef CGI_PATH +-#define CGI_PATH "/usr/local/bin:/usr/ucb:/bin:/usr/bin" ++#define CGI_PATH "/usr/bin:/bin:/usr/sbin:/sbin" + #endif /* CGI_PATH */ + #ifndef CGI_LD_LIBRARY_PATH +-#define CGI_LD_LIBRARY_PATH "/usr/local/lib:/usr/lib" ++#define CGI_LD_LIBRARY_PATH "/usr/lib:/lib" + #endif /* CGI_LD_LIBRARY_PATH */ + #ifndef AUTH_FILE + #define AUTH_FILE ".htpasswd" diff --git a/net/mini_httpd/patches/500-matrixssl.patch b/net/mini_httpd/patches/500-matrixssl.patch new file mode 100644 index 0000000000..0ab8d68331 --- /dev/null +++ b/net/mini_httpd/patches/500-matrixssl.patch @@ -0,0 +1,161 @@ +diff -ruN mini_httpd-1.19-orig/Makefile mini_httpd-1.19-3/Makefile +--- mini_httpd-1.19-orig/Makefile 2002-11-02 00:02:57.000000000 +0100 ++++ mini_httpd-1.19-3/Makefile 2005-03-09 08:52:21.000000000 +0100 +@@ -14,17 +14,30 @@ + # http://www.openssl.org/ Make sure the SSL_TREE definition points to the + # tree with your OpenSSL installation - depending on how you installed it, + # it may be in /usr/local instead of /usr/local/ssl. ++ ++# OpenSSL + #SSL_TREE = /usr/local/ssl + #SSL_DEFS = -DUSE_SSL + #SSL_INC = -I${SSL_TREE}/include + #SSL_LIBS = -L${SSL_TREE}/lib -lssl -lcrypto ++#SSL_OBJS = ++ ++# MatrixSSL ++#SSL_TREE = ++#SSL_DEFS = -DUSE_SSL -DHAVE_MATRIXSSL ++#SSL_INC = ++#SSL_LIBS = -lmatrixssl ++#SSL_OBJS = matrixssl_helper.o + + +-BINDIR = /usr/local/sbin +-MANDIR = /usr/local/man ++DESTDIR = ++ ++BINDIR = $(DESTDIR)/usr/sbin ++MANDIR = $(DESTDIR)/usr/share/man + CC = gcc + CDEFS = ${SSL_DEFS} ${SSL_INC} +-CFLAGS = -O ${CDEFS} ++OFLAGS = -O ++CFLAGS = ${OFLAGS} ${CDEFS} + #CFLAGS = -g ${CDEFS} +-LDFLAGS = -s ++LDFLAGS = + #LDFLAGS = -g +@@ -32,12 +45,15 @@ + + all: mini_httpd htpasswd + +-mini_httpd: mini_httpd.o match.o tdate_parse.o +- ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${LDLIBS} -o mini_httpd ++mini_httpd: mini_httpd.o match.o tdate_parse.o ${SSL_OBJS} ++ ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${SSL_OBJS} ${LDLIBS} -o mini_httpd + + mini_httpd.o: mini_httpd.c version.h port.h match.h tdate_parse.h mime_encodings.h mime_types.h + ${CC} ${CFLAGS} -c mini_httpd.c + ++matrixssl_helper.o: matrixssl_helper.c ++ ${CC} ${CFLAGS} -c matrixssl_helper.c ++ + match.o: match.c match.h + ${CC} ${CFLAGS} -c match.c + +@@ -71,16 +87,18 @@ + chmod 600 mini_httpd.pem + + +-install: all +- rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd ++install: all uninstall + -mkdir -p ${BINDIR} + cp mini_httpd htpasswd ${BINDIR} +- rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1 + -mkdir -p ${MANDIR}/man8 + cp mini_httpd.8 ${MANDIR}/man8 + -mkdir -p ${MANDIR}/man1 + cp htpasswd.1 ${MANDIR}/man1 + ++uninstall: ++ rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd ++ rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1 ++ + clean: + rm -f mini_httpd mime_encodings.h mime_types.h htpasswd mini_httpd.rnd *.o core core.* *.core + +diff -ruN mini_httpd-1.19-orig/mini_httpd.c mini_httpd-1.19-3/mini_httpd.c +--- mini_httpd-1.19-orig/mini_httpd.c 2003-12-03 19:27:22.000000000 +0100 ++++ mini_httpd-1.19-3/mini_httpd.c 2005-03-09 08:46:28.000000000 +0100 +@@ -66,8 +66,14 @@ + #endif /* HAVE_SENDFILE */ + + #ifdef USE_SSL ++# ifdef HAVE_OPENSSL + #include + #include ++# else /* HAVE_OPENSSL */ ++# ifdef HAVE_MATRIXSSL ++# include "matrixssl_helper.h" ++# endif /* HAVE_MATRIXSSL */ ++# endif /* HAVE_OPENSSL */ + #endif /* USE_SSL */ + + extern char* crypt( const char* key, const char* setting ); +@@ -193,7 +199,13 @@ + static int do_ssl; + static char* certfile; + static char* cipher; ++#ifdef HAVE_OPENSSL + static SSL_CTX* ssl_ctx; ++#else /* HAVE_OPENSSL */ ++ #ifdef HAVE_MATRIXSSL ++static sslKeys_t* keys; ++ #endif /* HAVE_MATRIXSSL */ ++#endif /* HAVE_OPENSSL */ + #endif /* USE_SSL */ + static char cwd[MAXPATHLEN]; + static int got_hup; +@@ -540,6 +552,7 @@ + #ifdef USE_SSL + if ( do_ssl ) + { ++# ifdef HAVE_OPENSSL + SSL_load_error_strings(); + SSLeay_add_ssl_algorithms(); + ssl_ctx = SSL_CTX_new( SSLv23_server_method() ); +@@ -559,6 +572,17 @@ + exit( 1 ); + } + } ++# else /* HAVE_OPENSSL */ ++# ifdef HAVE_MATRIXSSL ++ matrixSslOpen(); ++ if ( matrixSslReadKeys( &keys, certfile, certfile, NULL, NULL ) < 0 ) ++ { ++ syslog( LOG_CRIT, "can't load certificate and/or private key\n"); ++ (void) fprintf( stderr, "%s: can't load certificate and/or private key\n", argv0 ); ++ exit( 1 ); ++ } ++# endif /* HAVE_MATRIXSSL */ ++# endif /* HAVE_OPENSSL */ + } + #endif /* USE_SSL */ + +@@ -1174,6 +1198,7 @@ + #ifdef USE_SSL + if ( do_ssl ) + { ++# ifdef HAVE_OPENSSL + ssl = SSL_new( ssl_ctx ); + SSL_set_fd( ssl, conn_fd ); + if ( SSL_accept( ssl ) == 0 ) +@@ -1181,6 +1206,16 @@ + ERR_print_errors_fp( stderr ); + exit( 1 ); + } ++# else /* HAVE_OPENSSL */ ++# ifdef HAVE_MATRIXSSL ++ ssl = SSL_new(keys); ++ SSL_set_fd( ssl, conn_fd ); ++ if ( SSL_accept( ssl ) <= 0 ) ++ { ++ perror( "SSL_accept" ); ++ } ++# endif /* HAVE_MATRIXSSL */ ++# endif /* HAVE_OPENSSL */ + } + #endif /* USE_SSL */ + diff --git a/net/mini_sendmail/Makefile b/net/mini_sendmail/Makefile new file mode 100644 index 0000000000..f2411ed482 --- /dev/null +++ b/net/mini_sendmail/Makefile @@ -0,0 +1,48 @@ +# +# Copyright (C) 2006 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +# $Id$ + +include $(TOPDIR)/rules.mk + +PKG_NAME:=mini-sendmail +PKG_VERSION:=1.3.5 +PKG_RELEASE:=1 +PKG_MD5SUM:=fff344184e98cff0ea4d817da9d29383 + +PKG_SOURCE_URL:=http://www.acme.com/software/mini_sendmail/ +PKG_SOURCE:=mini_sendmail-$(PKG_VERSION).tar.gz +PKG_CAT:=zcat + +PKG_BUILD_DIR:=$(BUILD_DIR)/mini_sendmail-$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk + +define Package/mini-sendmail + SECTION:=net + CATEGORY:=Network + TITLE:=A small sendmail-compatible mail forwarder + DESCRIPTION:=mini_sendmail reads its standard input up to an end-of-file and sends a\\\ +copy of the message found there to all of the addresses listed.\\\ +The message is sent by connecting to a local SMTP server. This means\\\ +mini_sendmail can be used to send email from inside a chroot(2) area.\\\ + URL:=http://www.acme.com/software/mini_sendmail/ +endef + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR) \ + CC=$(TARGET_CC) \ + OFLAGS="$(TARGET_CFLAGS)" \ + all +endef + +define Package/mini-sendmail/install + install -d -m0755 $(1)/usr/sbin + install -m0755 $(PKG_BUILD_DIR)/mini_sendmail $(1)/usr/sbin/ + ln -sf mini_sendmail $(1)/usr/sbin/sendmail +endef + +$(eval $(call BuildPackage,mini-sendmail)) diff --git a/net/mini_sendmail/patches/500-flags.patch b/net/mini_sendmail/patches/500-flags.patch new file mode 100644 index 0000000000..eb5d65a1a9 --- /dev/null +++ b/net/mini_sendmail/patches/500-flags.patch @@ -0,0 +1,15 @@ +--- mini_sendmail-1.3.5/Makefile.orig 2002-01-04 07:05:25.000000000 +0100 ++++ mini_sendmail-1.3.5/Makefile 2005-06-17 01:57:06.000000000 +0200 +@@ -7,9 +7,10 @@ + BINDIR = /usr/local/sbin + MANDIR = /usr/local/man + CC = gcc +-CFLAGS = -O ++OFLAGS = -O ++CFLAGS = $(OFLAGS) + #CFLAGS = -g +-LDFLAGS = -s -static ++LDFLAGS = + #LDFLAGS = -g -static + LDLIBS = $(SYSV_LIBS) +