Busybox`s httpd have the defect (from born):
ip 1.2.3.1 have true comparing also with
1.2.3.10-1.2.3.19 and 1.2.3.100-1.2.3.199.
Last patch removed this bug and added feature:
allow/deny rule can support network/netmask
example: 1.2.3.0/255.255.255.128
or
network/mask_bits
example: 1.2.3.0/25
now; old format
1
1.2
1.2.3
1.2.3.4
too support and converted to
1/8 1.2/16 1.2.3/24 1.2.3.4/32
automaticaly.
Also, current CVS have small problem: ignores
A:IP, (loses 'A', 'a' only work). Corrected.
Hi.
Last patch have new libbb function
vfork_rexec() for can use daemon() to uClinux system.
This patched daemons: syslog, klogd, inetd, crond.
This not tested! I havn`t this systems.
Also. Previous patch for feature request MD5 crypt password for
httpd don`t sended to this mailist on 07/15/03
(mailist have Pytom module problem?).
The previous patch included, and have testing.
--w
vodz
Hello, I think the test for an unconfigured httpd is wrong in
the CVS (busybox-unstable-20030620.tar.bz2)
flg_deny_all is default 0
vodz then wrote:
Oops. You are right.
Also, this mistake haved from two place.
Last patch rewroted to my new get_ularg() function for overcompensate size
from this error found ;-)
- more comments
- larger allowed number of CGI script variables
- ifdefs for regression test hooks
- default to ./ rather than /www (if unspecified) for compatibility with
earlier versions.
- Allow ip: as a synomym for A: rules for compatibility with earlier
versions.
- Setting of CGI_ARGLIST_ when automatic setting of env vars for form
scripting is utilized. This helps with minimal systems like openap.
