Commit graph

47 commits

Author SHA1 Message Date
Anders Kaseorg
3115eb4995 sslSNICallback: Properly disallow invalid characters
Completely discard hostnames containing invalid characters, instead of
merely replacing the invalid characters with uninitialized memory.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2012-03-30 13:12:22 -07:00
Jay Weisskopf
8630c134a8 Check for null pointers from gethostbyname_r() to prevent seg faults. 2012-03-30 13:12:21 -07:00
zodiac@gmail.com
1867125c3b Second try :-)
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@239 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-10-02 23:54:49 +00:00
zodiac@gmail.com
1a33fc8127 The server could sometimes end up listening for events even though it
was not really interested in them. This could result in inefficient I/O
behavior and most noticably it broke the ability to interrupt long running
output with CTRL-C.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@238 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-10-02 23:40:24 +00:00
zodiac@gmail.com
2c2389fe30 Some more research on the web suggests the Apple ships their operating
systems with an implementation of poll() that isn't completely POSIX
compliant. We now fall back on calling select() instead. That's not our
first choice, but it is presumably the best that MacOS X can do.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@236 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-10-02 01:54:29 +00:00
zodiac@gmail.com
301823036a Some changes to improve compatibility with MacOS X.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@231 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-09-29 06:28:58 +00:00
zodiac@gmail.com
13d0448fc6 Fix a pointer aliasing violation by explicitly breaking aliasing with a
call to memcpy().


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@220 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-09-03 19:17:11 +00:00
zodiac@gmail.com
e8c241583d Fixed a check() failure that was caused by incorrect handling of partially
processed buffers. I believe, this could only be triggered by clients that
enabled HTTP pipelining. That might explain why we haven't seen bug reports
any earlier.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@216 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-08-27 22:22:15 +00:00
zodiac@gmail.com
d1df9b6441 Fixed a NULL pointer dereference that can occur when hostnames
do not resolve. Thanks to <vmagerya> for pointing out this problem.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@206 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-07-02 19:00:33 +00:00
zodiac@gmail.com
9b0a937e35 Started working on support for WebSockets.
Fixed some compiler warnings when compiling with -Wextra

Thanks to Jan Jaeger's excellent bug report, made some changes
that should make it easier to build ShellInABox for OpenWRT.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@202 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2010-03-29 16:40:17 +00:00
zodiac@gmail.com
e17458375d Removed compiler warning when building without SSL support.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@187 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-11-22 03:05:09 +00:00
zodiac@gmail.com
fe5a28f992 Some minor tweaks to make newer versions of gcc and glibc compile without warnings.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@181 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-11-18 17:17:56 +00:00
zodiac
15e91a32f7 Internet Explorer still doesn't properly support CSS. In particular, it has
problems dealing with "inherit" styles. This prevented proper switching
between color and monochrome.

Implemented a work-around.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@172 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-08-16 05:20:09 +00:00
zodiac
161e848e23 Simplify the code that compresses HTTP replies. This also gives us the ability
to manipulate headers more easily. We now add "Connection: close" in more cases
where we force a closing of the connection.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@171 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-08-15 22:55:02 +00:00
zodiac
71ba8641c1 Fixed support for Swedish keyboards
Some more tweaks for IE6 support. Overall, IE6 is still pretty
broken. Not sure if we can do much about this.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@166 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-08-11 18:37:12 +00:00
zodiac
13263e1737 Make 'update' warn about merge conflicts
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@147 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-07-08 20:11:40 +00:00
zodiac
8920606f6f Optionally compress large responses, if the browser accepts deflate compression. This mainly improves start up time.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@142 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-07-08 08:33:36 +00:00
zodiac
ca18a5346f Run-time testing for availability of libpthread functions does not
work reliably on some platforms. So, avoid doing so on anything other
than Linux/i386. For all other platforms, assume that the code is not
linked against libpthread. For ShellInABox, this is always the correct
assumption. But if the code gets embedded into other projects, this
might have to be changed.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@141 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-07-07 00:40:51 +00:00
zodiac
bb4dbaa5f5 Making it easier to host the terminal on non-root URLs by always redirecting to a URL that includes a trailing slash.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@140 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-07-06 16:27:11 +00:00
zodiac
cedb046244 Fixed a null pointer dereference that could be triggered by using non-standard
service definitions.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@136 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-07-04 08:46:28 +00:00
zodiac@gmail.com
5ec8c4c19b Added new "--localhost-only" command line option.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@125 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-06-21 19:55:20 +00:00
zodiac@gmail.com
2c090c8beb Respect "Connection: close" if sent by the browser.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@123 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-06-21 18:51:14 +00:00
zodiac@gmail.com
db631d5e35 Added SSL support for OpenBSD
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@122 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-05-25 06:03:26 +00:00
zodiac
41fd8f3ea5 Fixed various issues with building on OpenBSD
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@119 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-05-21 07:50:22 +00:00
zodiac
3bacdb002b - Make the code actually do, what the comments say (i.e. skip PAM account
management, if we don't have the privileges to do so, anyway)
- Make ssl.h compile again, even if OpenSSL is not found at compile time.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@115 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-04-16 20:54:08 +00:00
zodiac
0258d46926 - Add support for commands that want to read before they write anything.
- A couple of changes to avoid false error messages in valgrind.
- Fixed a bug that could potentially lead to a double-free()


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@114 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-04-16 05:33:05 +00:00
zodiac
3e0241dde3 Added initial revision of demo application
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@93 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-30 08:41:48 +00:00
zodiac
c19ed2f3ca Fix some corner cases, where partial matches would not be found.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@92 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-30 07:23:40 +00:00
zodiac
3edcc43298 Avoid closing the certificate file twice. Tweak make-chained-cert.sh script to
generate long-lasting certificates no matter the system defaults.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@91 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-29 22:20:59 +00:00
zodiac
1ea698ad72 Add support for chained SSL certificates.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@90 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-29 21:52:18 +00:00
zodiac
abba562359 Work-around for an IE6 bug when doing HTTPS through proxies.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@86 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-21 19:09:05 +00:00
zodiac
e1863d0a47 More IE6 tweaks. Allow root to listen on privileged ports.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@80 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-03-18 18:15:28 +00:00
zodiac
84dcc33650 Allow "configure" to explicitly disable OpenSSL and PAM support. Also, allow
OpenSSL and PAM libraries to be optionally linked as regular shared libraries
instead of being searched for and loaded at run-time.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@65 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-02-17 04:13:47 +00:00
zodiac
cc8979092c Fixed FreeBSD support. We now find both /bin/login and /usr/bin/login. We
provide our own conversation function, if PAM misc is not available. We
rely on login_tty to set up the terminal for us. And we avoid a few other
API uses that turned out to be Linux specific extensions.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@63 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-02-17 00:51:41 +00:00
zodiac
11d1a710f2 Work-around for compilers that turn on "-Wformat=2" by default. This is an
ill-advised choice, as this particular compiler options has a tendency to
generate a lot of false positives.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@62 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-02-15 20:01:53 +00:00
zodiac
1e27276feb Use a config.h file, instead of passing configuration options on the compiler's
command line.

Fix fatal compilation warning when building without SSL support.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@59 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-02-11 23:25:15 +00:00
zodiac
90d9d492b7 Added better compatibility with different versions of compilers and libaries.
In particular, work around a problem with gcc complaining about NULL format
strings. And added additional system header files that might be required on
some platforms.

This should fix some of the problems reported when compiling on BSD-style
systems. But we are still using SysV style session management code. This
probably needs to be rewritten before ShellInABox can be run on BSD-style
system.

In particular, we rely on grantpt(), we use the utmpx API, and we access
/dev/urandom.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@55 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-02-02 00:55:15 +00:00
zodiac
949d763498 Unexport sslGenerateCertificate() which is only needed by ssl.c internally.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@47 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-21 23:35:20 +00:00
zodiac
e40a555cbf Allow SSL certificate and key to be passed in through a file handle.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@46 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-17 03:37:20 +00:00
zodiac
1db2a6f7c6 Be more conservative in testing for TLSEXT support.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@44 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-15 03:14:24 +00:00
zodiac
7504fc886e - We should check OPENSSL_NO_TLSEXT to see whether TLSEXT support is available.
- Minor clean ups.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@33 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-08 00:36:12 +00:00
zodiac
799169b020 Fixed a printf format error when compiling in 64bit mode.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@30 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-07 23:35:40 +00:00
zodiac
48a3768baa Found a work-around for gcc warning about type-punning.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@29 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-05 20:42:07 +00:00
zodiac
046a9305c9 Updated copyright notice.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@25 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-02 06:09:13 +00:00
zodiac
35aa1a7881 - Tightened setuid operation to not allow any user or group changes.
- Added support for --cgi mode.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@22 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2009-01-01 05:53:04 +00:00
zodiac
09f12aa890 Add better support for old versions of OpenSSL that did not yet understand SNI.
git-svn-id: https://shellinabox.googlecode.com/svn/trunk@20 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2008-12-30 02:42:45 +00:00
zodiac
aab20f5ed0 First public release of the version 2.0 rewrite. This is the
first release of ShellInABox that supports an AJAX interface
instead of the original Java applet.


git-svn-id: https://shellinabox.googlecode.com/svn/trunk@2 0da03de8-d603-11dd-86c2-0f8696b7b6f9
2008-12-29 23:57:07 +00:00