Compare commits
	
		
			7 Commits
		
	
	
		
			9eaa644fa1
			...
			v4.5
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| cd3bc9aa90 | |||
| 6ab65abec9 | |||
| 7d6fa4682d | |||
| 6f4cbb6e24 | |||
| 174865b71c | |||
| 4a002d6c31 | |||
| 2a3f74e825 | 
							
								
								
									
										33
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										33
									
								
								README.md
									
									
									
									
									
								
							| @@ -5,6 +5,7 @@ Necronda web server | ||||
| ## Features | ||||
|  | ||||
| * Full IPv4 and IPv6 support | ||||
| * TLS Server Name Inspection (SNI) | ||||
| * Serving local files via HTTP and HTTPS | ||||
|   * File compression ([gzip](https://www.gzip.org/), [Brotli](https://www.brotli.org/)) and disk cache for compressed files | ||||
| * Reverse proxy for other HTTP and HTTPS servers | ||||
| @@ -22,23 +23,25 @@ See [docs/example.conf](docs/example.conf) for more details. | ||||
|  | ||||
| ### Global directives | ||||
|  | ||||
| * `certificate` - path to SSL certificate (or certificate chain) | ||||
| * `private_key` - path to SSL private key | ||||
| * `geoip_dir` (optional) - path to a directory containing GeoIP databases | ||||
| * `dns_server` (optional) - address of a DNS server | ||||
|  | ||||
|  | ||||
| ### Virtual host configuration | ||||
| ### Configuration | ||||
|  | ||||
| * `[<host>]` - begins section for the virtual host `<host>` | ||||
| * Local | ||||
|     * `webroot` - path to the root directory | ||||
|     * `dir_mode` - specify the behaviour for directories without an `index.html` or `index.php` | ||||
|         * `forbidden` - the server will respond with `403 Forbidden` | ||||
|         * `info` - try passing *path info* to an upper `.php` file. | ||||
|         * `list` - list contents of directory (**not implemented yet**) | ||||
| * Reverse proxy | ||||
|     * `hostname` - hostname of server to be reverse proxy of | ||||
|     * `port` - port to be used | ||||
|     * `http` - use HTTP to communicate with server | ||||
|     * `https` - use HTTPS to communicate with server | ||||
| * `[cert <cert-name]` - begins section for a certificate | ||||
|   * `certificate` - path to SSL certificate (or certificate chain) | ||||
|   * `private_key` - path to SSL private key | ||||
| * `[host <host>]` - begins section for the virtual host `<host>` | ||||
|   * `cert` - the name of the certificate to use | ||||
|   * Local | ||||
|       * `webroot` - path to the root directory | ||||
|       * `dir_mode` - specify the behaviour for directories without an `index.html` or `index.php` | ||||
|           * `forbidden` - the server will respond with `403 Forbidden` | ||||
|           * `info` - try passing *path info* to an upper `.php` file. | ||||
|           * `list` - list contents of directory (**not implemented yet**) | ||||
|   * Reverse proxy | ||||
|       * `hostname` - hostname of server to be reverse proxy of | ||||
|       * `port` - port to be used | ||||
|       * `http` - use HTTP to communicate with server | ||||
|       * `https` - use HTTPS to communicate with server | ||||
|   | ||||
| @@ -37,6 +37,10 @@ host_config *get_host_config(const char *host) { | ||||
|         host_config *hc = &config->hosts[i]; | ||||
|         if (hc->type == CONFIG_TYPE_UNSET) break; | ||||
|         if (strcmp(hc->name, host) == 0) return hc; | ||||
|         if (hc->name[0] == '*' && hc->name[1] == '.') { | ||||
|             const char *pos = strstr(host, hc->name + 1); | ||||
|             if (pos != NULL && strlen(pos) == strlen(hc->name + 1)) return hc; | ||||
|         } | ||||
|     } | ||||
|     return NULL; | ||||
| } | ||||
| @@ -568,7 +572,7 @@ int client_request_handler(sock *client, unsigned long client_num, unsigned int | ||||
|             char *rev_proxy_doc = ""; | ||||
|             if (conf != NULL && conf->type == CONFIG_TYPE_REVERSE_PROXY) { | ||||
|                 const http_status *status = http_get_status(ctx.status); | ||||
|                 char stat_str[4]; | ||||
|                 char stat_str[8]; | ||||
|                 sprintf(stat_str, "%03i", ctx.status); | ||||
|                 sprintf(msg_pre_buf_2, http_rev_proxy_document, | ||||
|                         " success", | ||||
|   | ||||
| @@ -68,8 +68,9 @@ int config_load(const char *filename) { | ||||
|     fseek(file, 0, SEEK_END); | ||||
|     unsigned long len = ftell(file); | ||||
|     fseek(file, 0, SEEK_SET); | ||||
|     char *conf = malloc(len); | ||||
|     char *conf = alloca(len + 1); | ||||
|     fread(conf, 1, len, file); | ||||
|     conf[len] = 0; | ||||
|     fclose(file); | ||||
|  | ||||
|     t_config *tmp_config = malloc(sizeof(t_config)); | ||||
| @@ -77,16 +78,28 @@ int config_load(const char *filename) { | ||||
|  | ||||
|     int i = 0; | ||||
|     int j = 0; | ||||
|     int line = 0; | ||||
|     int mode = 0; | ||||
|     char section = 0; | ||||
|     char *ptr = NULL; | ||||
|     char *source, *target; | ||||
|     while ((ptr = strtok(ptr == NULL ? conf :  NULL, "\n")) != NULL) { | ||||
|     while ((ptr = strsep(&conf, "\r\n")) != NULL) { | ||||
|         line++; | ||||
|         char *comment = strchr(ptr, '#'); | ||||
|         if (comment != NULL) comment[0] = 0; | ||||
|  | ||||
|         len = strlen(ptr); | ||||
|         char *end_ptr = ptr + len - 1; | ||||
|         while (end_ptr[0] == ' ' || end_ptr[0] == '\t') { | ||||
|             end_ptr[0] = 0; | ||||
|             end_ptr--; | ||||
|         } | ||||
|         len = strlen(ptr); | ||||
|         if (len == 0) continue; | ||||
|  | ||||
|         if (ptr[0] == '[') { | ||||
|             if (ptr[len - 1] != ']') goto err; | ||||
|             ptr++; | ||||
|             int l = 0; | ||||
|             if (strncmp(ptr, "host", 4) == 0 && (ptr[4] == ' ' || ptr[4] == '\t')) { | ||||
|                 ptr += 4; | ||||
| @@ -115,6 +128,8 @@ int config_load(const char *filename) { | ||||
|             } else if (len > 11 && strncmp(ptr, "dns_server", 10) == 0 && (ptr[10] == ' ' || ptr[10] == '\t')) { | ||||
|                 source = ptr + 10; | ||||
|                 target = dns_server; | ||||
|             } else { | ||||
|                 goto err; | ||||
|             } | ||||
|         } else if (section == 'c') { | ||||
|             cert_config *cc = &tmp_config->certs[j - 1]; | ||||
| @@ -124,6 +139,8 @@ int config_load(const char *filename) { | ||||
|             } else if (len > 12 && strncmp(ptr, "private_key", 11) == 0 && (ptr[11] == ' ' || ptr[11] == '\t')) { | ||||
|                 source = ptr + 11; | ||||
|                 target = cc->priv_key; | ||||
|             } else { | ||||
|                 goto err; | ||||
|             } | ||||
|         } else if (section == 'h') { | ||||
|             host_config *hc = &tmp_config->hosts[i - 1]; | ||||
| @@ -180,21 +197,21 @@ int config_load(const char *filename) { | ||||
|                     hc->rev_proxy.enc = 1; | ||||
|                 } | ||||
|                 continue; | ||||
|             } else { | ||||
|                 goto err; | ||||
|             } | ||||
|         } else { | ||||
|             goto err; | ||||
|         } | ||||
|         char *end_ptr = source + strlen(source) - 1; | ||||
|  | ||||
|         while (source[0] == ' ' || source[0] == '\t') source++; | ||||
|         while (end_ptr[0] == ' ' || end_ptr[0] == '\t') end_ptr--; | ||||
|         if (end_ptr <= source) { | ||||
|         if (strlen(source) == 0) { | ||||
|             err: | ||||
|             free(conf); | ||||
|             free(tmp_config); | ||||
|             fprintf(stderr, ERR_STR "Unable to parse config file" CLR_STR "\n"); | ||||
|             fprintf(stderr, ERR_STR "Unable to parse config file (line %i)" CLR_STR "\n", line); | ||||
|             return -2; | ||||
|         } | ||||
|         end_ptr[1] = 0; | ||||
|  | ||||
|         if (target != NULL) { | ||||
|             strcpy(target, source); | ||||
|         } else if (mode == 1) { | ||||
| @@ -211,7 +228,6 @@ int config_load(const char *filename) { | ||||
|             tmp_config->hosts[i - 1].rev_proxy.port = (unsigned short) strtoul(source, NULL, 10); | ||||
|         } | ||||
|     } | ||||
|     free(conf); | ||||
|  | ||||
|     for (int k = 0; k < i; k++) { | ||||
|         host_config *hc = &tmp_config->hosts[k]; | ||||
|   | ||||
| @@ -50,14 +50,8 @@ void openssl_init() { | ||||
| static int ssl_servername_cb(SSL *ssl, int *ad, void *arg) { | ||||
|     const char *servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); | ||||
|     if (servername != NULL) { | ||||
|         for (int i = 0; i < CONFIG_MAX_HOST_CONFIG; i++) { | ||||
|             const host_config *conf = &config->hosts[i]; | ||||
|             if (conf->type == CONFIG_TYPE_UNSET) break; | ||||
|             if (strcmp(conf->name, servername) == 0) { | ||||
|                 SSL_set_SSL_CTX(ssl, contexts[conf->cert]); | ||||
|                 break; | ||||
|             } | ||||
|         } | ||||
|         const host_config *conf = get_host_config(servername); | ||||
|         if (conf != NULL) SSL_set_SSL_CTX(ssl, contexts[conf->cert]); | ||||
|     } | ||||
|     return SSL_TLSEXT_ERR_OK; | ||||
| } | ||||
|   | ||||
| @@ -8,7 +8,7 @@ | ||||
| #ifndef NECRONDA_SERVER_NECRONDA_H | ||||
| #define NECRONDA_SERVER_NECRONDA_H | ||||
|  | ||||
| #define NECRONDA_VERSION "4.4" | ||||
| #define NECRONDA_VERSION "4.5" | ||||
| #define SERVER_STR "Necronda/" NECRONDA_VERSION | ||||
| #define SERVER_STR_HTML "Necronda web server " NECRONDA_VERSION | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user