./www/bozohttpd, Bozotic HTTP server; small and secure

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 20181215, Package name: bozohttpd-20181215, Maintainer: mrg

bozohttpd is a small and secure HTTP version 1.1 server. Its main
feature is the lack of features, reducing the code size and improving
verifiability.

It supports CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
virtual hosting support, as well as multiple IP-based servers on a
single machine. It is capable of servicing pages via the IPv6 protocol.
It has SSL support. It has no configuration file by design.


Required to build:
[pkgtools/cwrappers]

Master sites: (Expand)

SHA1: 5ada449a216463952ad13cb23bb0a207c11fa411
RMD160: 41789ac10c2a595b360607a308eab052ec0e4ba2
Filesize: 59.078 KB

Version history: (Expand)


CVS history: (Expand)


   2018-12-19 13:52:29 by matthew green | Files touched by this commit (2) | Package updated
Log message:
update to bozohttpd 20181215.  changes include:

  o  fix .htpasswd bypass for authenticated users.  reported by JP,
     from leot@netbsd.org
  o  avoid possible null dereference when receiving a big request that
     timeout.  reported by maya@netbsd.org, from leot@netbsd.org
  o  fix handling of -T option, from leot@netbsd.org
  o  cleanups and portability improvements, from maya@netbsd.org
  o  change directory indexing to use html tables, from
     rajeev_v_pillai@yahoo.com
   2018-11-26 00:46:38 by matthew green | Files touched by this commit (2) | Package updated
Log message:
update to bozohttpd 20181125: fix the -X/-x options.
   2018-11-24 19:42:43 by matthew green | Files touched by this commit (2)
Log message:
upgrade to 20181124.  fixes -i bug, and minor compile issues.
   2018-11-23 22:30:27 by matthew green | Files touched by this commit (5) | Package updated
Log message:
update to bozohttpd 20181123.  changes include:

o  add url remap support via .bzremap file, from martin@netbsd.org
o  handle redirections for any protocol, not just http:
o  fix a denial of service attack against header contents, which
   is now bounded at 16KiB.  reported by JP
o  reduce default timeouts, and add expand timeouts to handle the
   initial line, each header, and the total time spent
o  add -T option to expose new timeout settings
o  minor RFC fixes related to timeout handling
o  fix special file (.htpasswd, .bz*) bypass.  reported by JP.

anyone using .htpasswd files should update ASAP.
   2017-02-05 14:32:16 by Leonardo Taccari | Files touched by this commit (3) | Package updated
Log message:
Adjust SERVER_SOFTWARE to intended version

Bump PKGREVISION

Requested by <mrg>
   2017-02-01 14:05:36 by matthew green | Files touched by this commit (2) | Package updated
Log message:
update to bozohttpd 20170201.  from CHANGES:
	o  fix an infinite loop in cgi processing
	o  fixes and clean up for the testsuite
	o  no longer sends encoding header for compressed formats
   2016-06-08 12:16:57 by Jonathan Perkin | Files touched by this commit (89)
Log message:
Remove the stability entity, it has no meaning outside of an official context.
   2016-06-08 12:02:27 by Jonathan Perkin | Files touched by this commit (44)
Log message:
Change the service_bundle name to "export" to reduce diffs between the
original manifest.xml file and the output from "svccfg export".