Port mini_sendmail to -ng
authorFlorian Fainelli <florian@openwrt.org>
Sat, 5 Aug 2006 10:20:56 +0000 (10:20 +0000)
committerFlorian Fainelli <florian@openwrt.org>
Sat, 5 Aug 2006 10:20:56 +0000 (10:20 +0000)
SVN-Revision: 4465

12 files changed:
net/mini_httpd/Makefile [new file with mode: 0644]
net/mini_httpd/files/matrixssl_helper.c [new file with mode: 0644]
net/mini_httpd/files/matrixssl_helper.h [new file with mode: 0644]
net/mini_httpd/files/mini_httpd-ssl.conf [new file with mode: 0644]
net/mini_httpd/files/mini_httpd.conf [new file with mode: 0644]
net/mini_httpd/files/mini_httpd.default [new file with mode: 0644]
net/mini_httpd/files/mini_httpd.init [new file with mode: 0644]
net/mini_httpd/files/mini_httpd.pem [new file with mode: 0644]
net/mini_httpd/patches/001-cgi_path.patch [new file with mode: 0644]
net/mini_httpd/patches/500-matrixssl.patch [new file with mode: 0644]
net/mini_sendmail/Makefile [new file with mode: 0644]
net/mini_sendmail/patches/500-flags.patch [new file with mode: 0644]

diff --git a/net/mini_httpd/Makefile b/net/mini_httpd/Makefile
new file mode 100644 (file)
index 0000000..43f7793
--- /dev/null
@@ -0,0 +1,179 @@
+#
+# Copyright (C) 2006 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# $Id$
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mini-httpd
+PKG_VERSION:=1.19
+PKG_RELEASE:=1
+PKG_MD5SUM:=792a529dfe974355aad8ba6c80e54e7a
+
+PKG_SOURCE_URL:=http://www.acme.com/software/mini_httpd/
+PKG_SOURCE:=mini_httpd-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/mini_httpd-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mini-httpd
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=A small web server
+  DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\
+low or medium traffic sites it's quite adequate. It implements all the\\\
+basic features of an HTTP server, including:\\\
+\\\
+* GET, HEAD, and POST methods.\\\
+* CGI.\\\
+* Basic authentication.\\\
+* Security against ".." filename snooping.\\\
+* The common MIME types.\\\
+* Trailing-slash redirection.\\\
+* index.html, index.htm, index.cgi\\\
+* Directory listings.\\\
+* Multihoming / virtual hosting.\\\
+* Standard logging.\\\
+* Custom error pages.\\\
+\\\
+It can also be configured to do IPv6.\\\
+  URL:=http://www.acme.com/software/mini_httpd/
+endef
+
+define Package/mini-httpd-htpasswd
+  $(call Package/mini-httpd)
+  TITLE:=Utility to generate HTTP access files
+  DESCRIPTION:=This file generates .htaccess/.htpasswd files to use HTTP access authentication\\\
+endef
+
+define Package/mini-httpd-matrixssl
+  $(call Package/mini-httpd)
+  TITLE:=A small web server, built with SSL support using MatrixSSL
+  DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\
+low or medium traffic sites it's quite adequate. It implements all the\\\
+basic features of an HTTP server, including:\\\
+\\\
+* GET, HEAD, and POST methods.\\\
+* CGI.\\\
+* Basic authentication.\\\
+* Security against ".." filename snooping.\\\
+* The common MIME types.\\\
+* Trailing-slash redirection.\\\
+* index.html, index.htm, index.cgi\\\
+* Directory listings.\\\
+* Multihoming / virtual hosting.\\\
+* Standard logging.\\\
+* Custom error pages.\\\
+\\\
+It can also be configured to do SSL/HTTPS and IPv6.\\\
+endef
+
+define Package/mini-httpd-openssl
+  $(call BuildPackage,mini-httpd)
+  TITLE:=A small web server, built with SSL support using OpenSSL
+  DESCRIPTION:=mini_httpd is a small HTTP server. Its performance is not great, but for\\\
+low or medium traffic sites it's quite adequate. It implements all the\\\
+basic features of an HTTP server, including:\\\
+\\\
+* GET, HEAD, and POST methods.\\\
+* CGI.\\\
+* Basic authentication.\\\
+* Security against ".." filename snooping.\\\
+* The common MIME types.\\\
+* Trailing-slash redirection.\\\
+* index.html, index.htm, index.cgi\\\
+* Directory listings.\\\
+* Multihoming / virtual hosting.\\\
+* Standard logging.\\\
+* Custom error pages.\\\
+\\\
+It can also be configured to do SSL/HTTPS and IPv6.\\\
+endef
+
+define Build/Configure
+       $(CP) ./files/matrixssl_helper.{c,h} $(PKG_BUILD_DIR)/
+enddef
+
+define Build/Compile   
+       # with MatrixSSL
+ifneq ($(BR2_PACKAGE_MINI_HTTPD_MATRIXSSL),)
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               CC=$(TARGET_CC) \
+               OFLAGS="$(TARGET_CFLAGS)" \
+               SSL_DEFS="-DUSE_SSL -DHAVE_MATRIXSSL" \
+               SSL_INC="-I$(STAGING_DIR)/usr/include" \
+               SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lmatrixssl" \
+               SSL_OBJS="matrixssl_helper.o" \
+               all
+       (cd $(PKG_BUILD_DIR); mv mini_httpd mini_httpd-matrixssl; )
+       $(MAKE) -C $(PKG_BUILD_DIR) clean
+endif
+       # with OpenSSL
+ifneq ($(BR2_PACKAGE_MINI_HTTPD_OPENSSL),)
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               CC=$(TARGET_CC) \
+               OFLAGS="$(TARGET_CFLAGS)" \
+               SSL_DEFS="-DUSE_SSL -DHAVE_OPENSSL" \
+               SSL_INC="-I$(STAGING_DIR)/usr/include" \
+               SSL_LIBS="-L$(STAGING_DIR)/usr/lib -lssl -lcrypto" \
+               all
+       (cd $(PKG_BUILD_DIR); mv mini_httpd mini_httpd-openssl; )
+       $(MAKE) -C $(PKG_BUILD_DIR) clean
+endif
+       # without SSL
+ifneq ($(BR2_PACKAGE_MINI_HTTPD),)
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               CC=$(TARGET_CC) \
+               OFLAGS="$(TARGET_CFLAGS)" \
+               all
+endif
+       touch $@
+
+$(IPKG_MINI_HTTPD):
+       install -d -m0755 $(IDIR_MINI_HTTPD)/etc
+       install -m0644 ./files/mini_httpd.conf $(IDIR_MINI_HTTPD)/etc/mini_httpd.conf
+       install -d -m0755 $(IDIR_MINI_HTTPD)/etc/default
+       install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD)/etc/default/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD)/etc/init.d
+       install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD)/etc/init.d/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/mini_httpd $(IDIR_MINI_HTTPD)/usr/sbin/
+       $(RSTRIP) $(IDIR_MINI_HTTPD)
+       $(IPKG_BUILD) $(IDIR_MINI_HTTPD) $(PACKAGE_DIR)
+
+$(IPKG_MINI_HTTPD_HTPASSWD):
+       install -d -m0755 $(IDIR_MINI_HTTPD_HTPASSWD)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/htpasswd $(IDIR_MINI_HTTPD_HTPASSWD)/usr/sbin/
+       $(RSTRIP) $(IDIR_MINI_HTTPD_HTPASSWD)
+       $(IPKG_BUILD) $(IDIR_MINI_HTTPD_HTPASSWD) $(PACKAGE_DIR)
+
+$(IPKG_MINI_HTTPD_MATRIXSSL):
+       install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc
+       install -m0644 ./files/mini_httpd-ssl.conf $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/mini_httpd.conf
+       install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/
+       install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/default
+       install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/default/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/init.d
+       install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD_MATRIXSSL)/etc/init.d/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD_MATRIXSSL)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/mini_httpd-matrixssl $(IDIR_MINI_HTTPD_MATRIXSSL)/usr/sbin/mini_httpd
+       $(RSTRIP) $(IDIR_MINI_HTTPD_MATRIXSSL)
+       $(IPKG_BUILD) $(IDIR_MINI_HTTPD_MATRIXSSL) $(PACKAGE_DIR)
+
+$(IPKG_MINI_HTTPD_OPENSSL):
+       install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc
+       install -m0644 ./files/mini_httpd-ssl.conf $(IDIR_MINI_HTTPD_OPENSSL)/etc/mini_httpd.conf
+       install -m0600 ./files/mini_httpd.pem $(IDIR_MINI_HTTPD_OPENSSL)/etc/
+       install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc/default
+       install -m0644 ./files/mini_httpd.default $(IDIR_MINI_HTTPD_OPENSSL)/etc/default/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/etc/init.d
+       install -m0755 ./files/mini_httpd.init $(IDIR_MINI_HTTPD_OPENSSL)/etc/init.d/mini_httpd
+       install -d -m0755 $(IDIR_MINI_HTTPD_OPENSSL)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/mini_httpd-openssl $(IDIR_MINI_HTTPD_OPENSSL)/usr/sbin/mini_httpd
+       $(RSTRIP) $(IDIR_MINI_HTTPD_OPENSSL)
+       $(IPKG_BUILD) $(IDIR_MINI_HTTPD_OPENSSL) $(PACKAGE_DIR)
diff --git a/net/mini_httpd/files/matrixssl_helper.c b/net/mini_httpd/files/matrixssl_helper.c
new file mode 100644 (file)
index 0000000..e3fe334
--- /dev/null
@@ -0,0 +1,455 @@
+/*
+ * MatrixSSL helper functions
+ *
+ * Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * Portions borrowed from MatrixSSL example code
+ *
+ */
+
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <arpa/inet.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#include "matrixssl_helper.h"
+
+#define SSL_SOCKET_EOF  0x0001
+#define SSL_SOCKET_CLOSE_NOTIFY  0x0002
+
+#define min(a, b)  ( (a) < (b) ) ? (a) : (b)
+
+static int _ssl_read(SSL *ssl, char *buf, int len);
+static int _ssl_write(SSL *ssl, char *buf, int len);
+static void _ssl_setSocketBlock(int fd);
+static void _ssl_setSocketNonblock(int fd);
+static void _ssl_closeSocket(int fd);
+
+
+SSL * SSL_new(sslKeys_t *keys)
+{
+       SSL * ssl;
+       ssl = (SSL *)malloc(sizeof(SSL));
+       
+       if (!ssl) return 0;
+       
+       ssl->keys = keys;
+       if ( matrixSslNewSession(&(ssl->ssl), ssl->keys, NULL, SSL_FLAGS_SERVER) < 0 ) {
+       }
+       
+       ssl->insock.size = 1024;
+       ssl->insock.buf = ssl->insock.start = ssl->insock.end =
+               (unsigned char *)malloc(ssl->insock.size);
+       
+       ssl->outsock.size = 1024;
+       ssl->outsock.buf = ssl->outsock.start = ssl->outsock.end = 
+               (unsigned char *)malloc(ssl->outsock.size);
+       
+       ssl->inbuf.size = 0;
+       ssl->inbuf.buf = ssl->inbuf.start = ssl->inbuf.end = NULL;
+       
+       return ssl;
+}
+
+
+int SSL_accept(SSL *ssl) {
+
+       unsigned char buf[1024];
+       int status, rc;
+       
+readMore:
+       rc = _ssl_read(ssl, buf, sizeof(buf));
+       if (rc == 0) {
+               if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
+                       SSL_free(ssl);
+                       return -1;
+               }
+               if (matrixSslHandshakeIsComplete(ssl->ssl) == 0) {
+                       goto readMore;
+               }
+       } else if (rc > 0) {
+               return 0;
+       } else {
+               SSL_free(ssl);
+               return -1;
+       }
+       
+       return 1;
+}
+
+
+void SSL_set_fd(SSL *ssl, int fd) {
+       ssl->fd = fd;
+}
+
+
+int SSL_read(SSL *ssl, char *buf, int len) {
+       int rc;
+readMore:
+       rc = _ssl_read(ssl, buf, len);
+       if (rc <= 0) {
+               if (rc < 0 || ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
+                       _ssl_closeSocket(ssl->fd);
+                       return rc;
+               }
+               goto readMore;
+       }
+       return rc;
+}
+
+
+int SSL_write(SSL *ssl, char *buf, int len) {
+       int rc;
+writeMore:
+       rc = _ssl_write(ssl, buf, len);
+       if (rc <= 0) {
+               if (rc < 0) {
+                       return rc;
+               }
+               goto writeMore;
+       }
+       return rc;
+}
+
+
+void SSL_free(SSL * ssl)
+{
+       matrixSslDeleteSession(ssl->ssl);
+       if (ssl->insock.buf) {
+               free(ssl->insock.buf);
+       }
+       if (ssl->outsock.buf) {
+               free(ssl->outsock.buf);
+       }
+       if (ssl->inbuf.buf) {
+               free(ssl->inbuf.buf);
+       }
+       free(ssl);
+}
+
+
+
+static void _ssl_setSocketBlock(int fd)
+{
+       fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK);
+       fcntl(fd, F_SETFD, FD_CLOEXEC);
+}
+
+
+static void _ssl_setSocketNonblock(int fd)
+{
+       fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) | O_NONBLOCK);
+}
+
+
+static void _ssl_closeSocket(int fd)
+{
+       char buf[32];
+
+       if (fd != -1) {
+               _ssl_setSocketNonblock(fd);
+               if (shutdown(fd, 1) >= 0) {
+                       while (recv(fd, buf, sizeof(buf), 0) > 0);
+               }
+               close(fd);
+       }
+}
+
+
+static int _ssl_read(SSL *ssl, char *buf, int len)
+{
+       int bytes, rc, remaining;
+       unsigned char error, alertLevel, alertDescription, performRead;
+
+       ssl->status = 0;
+
+       if (ssl->ssl == NULL || len <= 0) {
+               return -1;
+       }
+/*
+       If inbuf is valid, then we have previously decoded data that must be
+       returned, return as much as possible.  Once all buffered data is
+       returned, free the inbuf.
+*/
+       if (ssl->inbuf.buf) {
+               if (ssl->inbuf.start < ssl->inbuf.end) {
+                       remaining = (int)(ssl->inbuf.end - ssl->inbuf.start);
+                       bytes = (int)min(len, remaining);
+                       memcpy(buf, ssl->inbuf.start, bytes);
+                       ssl->inbuf.start += bytes;
+                       return bytes;
+               }
+               free(ssl->inbuf.buf);
+               ssl->inbuf.buf = NULL;
+       }
+/*
+       Pack the buffered socket data (if any) so that start is at zero.
+*/
+       if (ssl->insock.buf < ssl->insock.start) {
+               if (ssl->insock.start == ssl->insock.end) {
+                       ssl->insock.start = ssl->insock.end = ssl->insock.buf;
+               } else {
+                       memmove(ssl->insock.buf, ssl->insock.start, ssl->insock.end - ssl->insock.start);
+                       ssl->insock.end -= (ssl->insock.start - ssl->insock.buf);
+                       ssl->insock.start = ssl->insock.buf;
+               }
+       }
+/*
+       Read up to as many bytes as there are remaining in the buffer.  We could
+       Have encrypted data already cached in conn->insock, but might as well read more
+       if we can.
+*/
+       performRead = 0;
+readMore:
+       if (ssl->insock.end == ssl->insock.start || performRead) {
+               performRead = 1;
+               bytes = recv(ssl->fd, (char *)ssl->insock.end, 
+                       (int)((ssl->insock.buf + ssl->insock.size) - ssl->insock.end), MSG_NOSIGNAL);
+               if (bytes == -1) {
+                       ssl->status = errno;
+                       return -1;
+               }
+               if (bytes == 0) {
+                       ssl->status = SSL_SOCKET_EOF;
+                       return 0;
+               }
+               ssl->insock.end += bytes;
+       }
+/*
+       Define a temporary sslBuf
+*/
+       ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = (unsigned char *)malloc(len);
+       ssl->inbuf.size = len;
+/*
+       Decode the data we just read from the socket
+*/
+decodeMore:
+       error = 0;
+       alertLevel = 0;
+       alertDescription = 0;
+
+       rc = matrixSslDecode(ssl->ssl, &ssl->insock, &ssl->inbuf, &error, &alertLevel, 
+               &alertDescription);
+       switch (rc) {
+/*
+       Successfully decoded a record that did not return data or require a response.
+*/
+       case SSL_SUCCESS:
+               return 0;
+/*
+       Successfully decoded an application data record, and placed in tmp buf
+*/
+       case SSL_PROCESS_DATA:
+/*
+               Copy as much as we can from the temp buffer into the caller's buffer
+               and leave the remainder in conn->inbuf until the next call to read
+               It is possible that len > data in buffer if the encoded record
+               was longer than len, but the decoded record isn't!
+*/
+               rc = (int)(ssl->inbuf.end - ssl->inbuf.start);
+               rc = min(rc, len);
+               memcpy(buf, ssl->inbuf.start, rc);
+               ssl->inbuf.start += rc;
+               return rc;
+/*
+       We've decoded a record that requires a response into tmp
+       If there is no data to be flushed in the out buffer, we can write out
+       the contents of the tmp buffer.  Otherwise, we need to append the data 
+       to the outgoing data buffer and flush it out.
+*/
+       case SSL_SEND_RESPONSE:
+               bytes = send(ssl->fd, (char *)ssl->inbuf.start, 
+                       (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
+               if (bytes == -1) {
+                       ssl->status = errno;
+                       if (ssl->status != EAGAIN) {
+                               goto readError;
+                       }
+                       ssl->status = 0;
+               }
+               ssl->inbuf.start += bytes;
+               if (ssl->inbuf.start < ssl->inbuf.end) {
+/*
+                       This must be a non-blocking socket since it didn't all get sent
+                       out and there was no error.  We want to finish the send here
+                       simply because we are likely in the SSL handshake.
+*/
+                       _ssl_setSocketBlock(ssl->fd);
+                       bytes = send(ssl->fd, (char *)ssl->inbuf.start, 
+                               (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
+                       if (bytes == -1) {
+                               ssl->status = errno;
+                               goto readError;
+                       }
+                       ssl->inbuf.start += bytes;
+/*
+                       Can safely set back to non-blocking because we wouldn't
+                       have got here if this socket wasn't non-blocking to begin with.
+*/
+                       _ssl_setSocketNonblock(ssl->fd);
+               }
+               ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf;
+               return 0;
+/*
+       There was an error decoding the data, or encoding the out buffer.
+       There may be a response data in the out buffer, so try to send.
+       We try a single hail-mary send of the data, and then close the socket.
+       Since we're closing on error, we don't worry too much about a clean flush.
+*/
+       case SSL_ERROR:
+               if (ssl->inbuf.start < ssl->inbuf.end) {
+                       _ssl_setSocketNonblock(ssl->fd);
+                       bytes = send(ssl->fd, (char *)ssl->inbuf.start, 
+                               (int)(ssl->inbuf.end - ssl->inbuf.start), MSG_NOSIGNAL);
+               }
+               goto readError;
+/*
+       We've decoded an alert.  The level and description passed into
+       matrixSslDecode are filled in with the specifics.
+*/
+       case SSL_ALERT:
+               if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) {
+                       ssl->status = SSL_SOCKET_CLOSE_NOTIFY;
+                       goto readZero;
+               }
+               goto readError;
+/*
+       We have a partial record, we need to read more data off the socket.
+       If we have a completely full conn->insock buffer, we'll need to grow it
+       here so that we CAN read more data when called the next time.
+*/
+       case SSL_PARTIAL:
+               if (ssl->insock.start == ssl->insock.buf && ssl->insock.end == 
+                               (ssl->insock.buf + ssl->insock.size)) {
+                       if (ssl->insock.size > SSL_MAX_BUF_SIZE) {
+                               goto readError;
+                       }
+                       ssl->insock.size *= 2;
+                       ssl->insock.start = ssl->insock.buf = 
+                               (unsigned char *)realloc(ssl->insock.buf, ssl->insock.size);
+                       ssl->insock.end = ssl->insock.buf + (ssl->insock.size / 2);
+               }
+               if (!performRead) {
+                       performRead = 1;
+                       free(ssl->inbuf.buf);
+                       ssl->inbuf.buf = NULL;
+                       goto readMore;
+               } else {
+                       goto readZero;
+               }
+/*
+       The out buffer is too small to fit the decoded or response
+       data.  Increase the size of the buffer and call decode again
+*/
+       case SSL_FULL:
+               ssl->inbuf.size *= 2;
+               if (ssl->inbuf.buf != (unsigned char*)buf) {
+                       free(ssl->inbuf.buf);
+                       ssl->inbuf.buf = NULL;
+               }
+               ssl->inbuf.start = ssl->inbuf.end = ssl->inbuf.buf = 
+                       (unsigned char *)malloc(ssl->inbuf.size);
+               goto decodeMore;
+       }
+/*
+       We consolidated some of the returns here because we must ensure
+       that conn->inbuf is cleared if pointing at caller's buffer, otherwise
+       it will be freed later on.
+*/
+readZero:
+       if (ssl->inbuf.buf == (unsigned char*)buf) {
+               ssl->inbuf.buf = NULL;
+       }
+       return 0;
+readError:
+       if (ssl->inbuf.buf == (unsigned char*)buf) {
+               ssl->inbuf.buf = NULL;
+       }
+       return -1;
+}
+
+
+int _ssl_write(SSL *ssl, char *buf, int len)
+{
+       int             rc;
+
+       ssl->status = 0;
+/*
+       Pack the buffered socket data (if any) so that start is at zero.
+*/
+       if (ssl->outsock.buf < ssl->outsock.start) {
+               if (ssl->outsock.start == ssl->outsock.end) {
+                       ssl->outsock.start = ssl->outsock.end = ssl->outsock.buf;
+               } else {
+                       memmove(ssl->outsock.buf, ssl->outsock.start, ssl->outsock.end - ssl->outsock.start);
+                       ssl->outsock.end -= (ssl->outsock.start - ssl->outsock.buf);
+                       ssl->outsock.start = ssl->outsock.buf;
+               }
+       }
+/*
+       If there is buffered output data, the caller must be trying to
+       send the same amount of data as last time.  We don't support 
+       sending additional data until the original buffered request has
+       been completely sent.
+*/
+       if (ssl->outBufferCount > 0 && len != ssl->outBufferCount) {
+               return -1;
+       }
+/*
+       If we don't have buffered data, encode the caller's data
+*/
+       if (ssl->outBufferCount == 0) {
+retryEncode:
+               rc = matrixSslEncode(ssl->ssl, (unsigned char *)buf, len, &ssl->outsock);
+               switch (rc) {
+               case SSL_ERROR:
+                       return -1;
+               case SSL_FULL:
+                       if (ssl->outsock.size > SSL_MAX_BUF_SIZE) {
+                               return -1;
+                       }
+                       ssl->outsock.size *= 2;
+                       ssl->outsock.buf = 
+                               (unsigned char *)realloc(ssl->outsock.buf, ssl->outsock.size);
+                       ssl->outsock.end = ssl->outsock.buf + (ssl->outsock.end - ssl->outsock.start);
+                       ssl->outsock.start = ssl->outsock.buf;
+                       goto retryEncode;
+               }
+       }
+/*
+       We've got data to send.
+*/
+       rc = send(ssl->fd, (char *)ssl->outsock.start, 
+               (int)(ssl->outsock.end - ssl->outsock.start), MSG_NOSIGNAL);
+       if (rc == -1) {
+               ssl->status = errno;
+               return -1;
+       }
+       ssl->outsock.start += rc;
+/*
+       If we wrote it all return the length, otherwise remember the number of
+       bytes passed in, and return 0 to be called again later.
+*/
+       if (ssl->outsock.start == ssl->outsock.end) {
+               ssl->outBufferCount = 0;
+               return len;
+       }
+       ssl->outBufferCount = len;
+       return 0;
+}
+
diff --git a/net/mini_httpd/files/matrixssl_helper.h b/net/mini_httpd/files/matrixssl_helper.h
new file mode 100644 (file)
index 0000000..e5854df
--- /dev/null
@@ -0,0 +1,39 @@
+/*
+ * MatrixSSL helper functions
+ *
+ * Copyright (C) 2005 Nicolas Thill <nthill@free.fr>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ */
+
+#ifndef __MATRIXSSL_HELPER_H__
+#define __MATRIXSSL_HELPER_H__
+
+#include <matrixSsl/matrixSsl.h>
+
+typedef struct __SSL {
+  int fd;
+  ssl_t *ssl;
+  sslKeys_t *keys;
+  sslBuf_t insock, outsock, inbuf;
+  int outBufferCount;
+  int partial;
+  int status;
+} SSL;
+
+SSL * SSL_new(sslKeys_t *keys);
+void SSL_set_fd(SSL *ssl, int fd);
+int SSL_accept(SSL *ssl);
+int SSL_read(SSL *ssl, char *b, int len);
+int SSL_write(SSL *ssl, char *buf, int len);
+void SSL_free(SSL *ssl);
+
+#endif /* __MATRIXSSL_HELPER_H__ */
diff --git a/net/mini_httpd/files/mini_httpd-ssl.conf b/net/mini_httpd/files/mini_httpd-ssl.conf
new file mode 100644 (file)
index 0000000..1cd7022
--- /dev/null
@@ -0,0 +1,7 @@
+cgipat=cgi-bin/**|**.sh
+dir=/www
+nochroot
+pidfile=/var/run/mini_httpd.pid
+user=root
+ssl
+certfile=/etc/mini_httpd.pem
diff --git a/net/mini_httpd/files/mini_httpd.conf b/net/mini_httpd/files/mini_httpd.conf
new file mode 100644 (file)
index 0000000..d636a43
--- /dev/null
@@ -0,0 +1,5 @@
+cgipat=cgi-bin/**|**.sh
+dir=/www
+nochroot
+pidfile=/var/run/mini_httpd.pid
+user=root
diff --git a/net/mini_httpd/files/mini_httpd.default b/net/mini_httpd/files/mini_httpd.default
new file mode 100644 (file)
index 0000000..85b229e
--- /dev/null
@@ -0,0 +1 @@
+OPTIONS="-C /etc/mini_httpd.conf"
diff --git a/net/mini_httpd/files/mini_httpd.init b/net/mini_httpd/files/mini_httpd.init
new file mode 100644 (file)
index 0000000..77bd6fd
--- /dev/null
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+BIN=mini_httpd
+DEFAULT=/etc/default/$BIN
+RUN_D=/var/run
+PID_F=$RUN_D/$BIN.pid
+[ -f $DEFAULT ] && . $DEFAULT
+
+case $1 in
+ start)
+  [ -d $RUN_D ] || mkdir -p $RUN_D
+  $BIN $OPTIONS 2>/dev/null
+  ;;
+ stop)
+  [ -f $PID_F ] && kill $(cat $PID_F)
+  ;;
+ restart)
+  $0 stop
+  $0 start
+  ;;
+ *)
+  echo "usage: $0 (start|stop|restart)"
+  exit 1
+esac
+
+exit $?
diff --git a/net/mini_httpd/files/mini_httpd.pem b/net/mini_httpd/files/mini_httpd.pem
new file mode 100644 (file)
index 0000000..8a1241a
--- /dev/null
@@ -0,0 +1,29 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQC5rFJOQakwMmF9aoVnAXaQLOOPoYOEk19/ls9VZt1ZqfzQuTbG
+GGrgMIDclB0kHMFvSbzeiVjMnrSdQTNe1gOQAGtHhHiqugrLqH9m3wqOerbf/Yir
+hic9U6X9RaWC6BzNgcYU1QtPn1sDtbMNFAB6jzF3W76EIlHEobgMtfqtxwIDAQAB
+AoGBAKJst9eToyDxgc1ICQlSA1kem7eDUF0C2xDvadLI2KxegzZIQD1NEPmsFJ5h
+x5hWu3TSabG3LwJZd6D1b63vxE6QRMhcDG3idb7kXzhOOZyfnlnrBtJ3VJC/UH5H
+O1pMMBxcu2fXrua+h7BW0gMoZhchvsArDoWaZPjNUNHiNRYBAkEA3Ngnge7njqlf
+/UlLkQHHfxgorQ78GjOzrrUvz86pFtW8RKCjAv55HIqAhWrSgxWF4yXkPO2XOHC9
+KTeVKccjAQJBANc63r3M3yP817cPzyo/8BJQD9nAzmolrsBf1YMxML20UmEbObax
+QdmxoYu/a8tOD4gT6EZDkauJU0yS69HGeMcCQQCvRmbkuuXQ1iC29+sfpVfeSSBP
+aaswaIRdTrQprA2LcAtCNHPsNmeM/WfPe96j5vsiMrqYmMECLIgVJGYgiEoBAkEA
+kzg1e+ZTC667bwBlWCT79crFzNDRYFH+QqBKz74p9NkPMFULGSgOPvX95jU9aocu
+oInda5J0Zb09OTeWDpuPqQJAUIeY36WUst7NaW40mZXkMjjR2QtWi7P4cmv7nLp0
+WdPQzkUW1Bv4sSUQ7svQqpmZPaFiyhXL1VSa1M5MPd3tbA==
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICOTCCAaKgAwIBAgIJANRuTbnzy8ObMA0GCSqGSIb3DQEBBAUAMFMxCzAJBgNV
+BAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoT
+B015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRlcjAeFw0wNTAxMTQwMjQzMjdaFw0w
+NjAxMTQwMjQzMjdaMFMxCzAJBgNVBAYTAkZSMQ4wDAYDVQQIEwVQYXJpczEOMAwG
+A1UEBxMFUGFyaXMxEDAOBgNVBAoTB015IEhvbWUxEjAQBgNVBAMTCU15IFJvdXRl
+cjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuaxSTkGpMDJhfWqFZwF2kCzj
+j6GDhJNff5bPVWbdWan80Lk2xhhq4DCA3JQdJBzBb0m83olYzJ60nUEzXtYDkABr
+R4R4qroKy6h/Zt8Kjnq23/2Iq4YnPVOl/UWlgugczYHGFNULT59bA7WzDRQAeo8x
+d1u+hCJRxKG4DLX6rccCAwEAAaMVMBMwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqG
+SIb3DQEBBAUAA4GBAErI3QmcZVzjxKcoPTO3z8cRJV87SVFp0qbIjbYCBDUWB1QY
+/bMkQPr2zJyfJmUYLEs4iKgHrmlaUCMHy9NZKOg9ZxrW42BtQ5QnOtDm3UifwzJW
+oCFC3uPWfTYsZn/FrUXlErds+xXXT63VJzBe6DdXwHcdcdxzl05oIyL9JIzI
+-----END CERTIFICATE-----
diff --git a/net/mini_httpd/patches/001-cgi_path.patch b/net/mini_httpd/patches/001-cgi_path.patch
new file mode 100644 (file)
index 0000000..c847d94
--- /dev/null
@@ -0,0 +1,16 @@
+diff -ruN mini_httpd-1.19-old/mini_httpd.c mini_httpd-1.19-new/mini_httpd.c
+--- mini_httpd-1.19-old/mini_httpd.c   2005-10-19 01:11:24.000000000 +0200
++++ mini_httpd-1.19-new/mini_httpd.c   2005-10-19 01:13:05.000000000 +0200
+@@ -138,10 +138,10 @@
+ #define CGI_NICE 10
+ #endif /* CGI_NICE */
+ #ifndef CGI_PATH
+-#define CGI_PATH "/usr/local/bin:/usr/ucb:/bin:/usr/bin"
++#define CGI_PATH "/usr/bin:/bin:/usr/sbin:/sbin"
+ #endif /* CGI_PATH */
+ #ifndef CGI_LD_LIBRARY_PATH
+-#define CGI_LD_LIBRARY_PATH "/usr/local/lib:/usr/lib"
++#define CGI_LD_LIBRARY_PATH "/usr/lib:/lib"
+ #endif /* CGI_LD_LIBRARY_PATH */
+ #ifndef AUTH_FILE
+ #define AUTH_FILE ".htpasswd"
diff --git a/net/mini_httpd/patches/500-matrixssl.patch b/net/mini_httpd/patches/500-matrixssl.patch
new file mode 100644 (file)
index 0000000..0ab8d68
--- /dev/null
@@ -0,0 +1,161 @@
+diff -ruN mini_httpd-1.19-orig/Makefile mini_httpd-1.19-3/Makefile
+--- mini_httpd-1.19-orig/Makefile      2002-11-02 00:02:57.000000000 +0100
++++ mini_httpd-1.19-3/Makefile 2005-03-09 08:52:21.000000000 +0100
+@@ -14,17 +14,30 @@
+ # http://www.openssl.org/  Make sure the SSL_TREE definition points to the
+ # tree with your OpenSSL installation - depending on how you installed it,
+ # it may be in /usr/local instead of /usr/local/ssl.
++
++# OpenSSL
+ #SSL_TREE =   /usr/local/ssl
+ #SSL_DEFS =   -DUSE_SSL
+ #SSL_INC =    -I${SSL_TREE}/include
+ #SSL_LIBS =   -L${SSL_TREE}/lib -lssl -lcrypto
++#SSL_OBJS =
++
++# MatrixSSL
++#SSL_TREE =
++#SSL_DEFS =   -DUSE_SSL -DHAVE_MATRIXSSL
++#SSL_INC =
++#SSL_LIBS =   -lmatrixssl
++#SSL_OBJS =   matrixssl_helper.o
+-BINDIR =      /usr/local/sbin
+-MANDIR =      /usr/local/man
++DESTDIR =
++
++BINDIR =      $(DESTDIR)/usr/sbin
++MANDIR =      $(DESTDIR)/usr/share/man
+ CC =          gcc
+ CDEFS =               ${SSL_DEFS} ${SSL_INC}
+-CFLAGS =      -O ${CDEFS}
++OFLAGS =      -O
++CFLAGS =      ${OFLAGS} ${CDEFS}
+ #CFLAGS =     -g ${CDEFS}
+-LDFLAGS =     -s
++LDFLAGS =
+ #LDFLAGS =    -g
+@@ -32,12 +45,15 @@
+ all:          mini_httpd htpasswd
+-mini_httpd:   mini_httpd.o match.o tdate_parse.o
+-      ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${LDLIBS} -o mini_httpd
++mini_httpd:   mini_httpd.o match.o tdate_parse.o ${SSL_OBJS}
++      ${CC} ${CFLAGS} ${LDFLAGS} mini_httpd.o match.o tdate_parse.o ${SSL_OBJS} ${LDLIBS} -o mini_httpd
+ mini_httpd.o: mini_httpd.c version.h port.h match.h tdate_parse.h mime_encodings.h mime_types.h
+       ${CC} ${CFLAGS} -c mini_httpd.c
++matrixssl_helper.o: matrixssl_helper.c
++      ${CC} ${CFLAGS} -c matrixssl_helper.c
++      
+ match.o:      match.c match.h
+       ${CC} ${CFLAGS} -c match.c
+@@ -71,16 +87,18 @@
+       chmod 600 mini_httpd.pem
+-install:      all
+-      rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
++install:      all uninstall
+       -mkdir -p ${BINDIR}
+       cp mini_httpd htpasswd ${BINDIR}
+-      rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
+       -mkdir -p ${MANDIR}/man8
+       cp mini_httpd.8 ${MANDIR}/man8
+       -mkdir -p ${MANDIR}/man1
+       cp htpasswd.1 ${MANDIR}/man1
++uninstall:
++      rm -f ${BINDIR}/mini_httpd ${BINDIR}/htpasswd
++      rm -f ${MANDIR}/man8/mini_httpd.8 ${MANDIR}/man1/htpasswd.1
++
+ clean:
+       rm -f mini_httpd mime_encodings.h mime_types.h htpasswd mini_httpd.rnd *.o core core.* *.core
+diff -ruN mini_httpd-1.19-orig/mini_httpd.c mini_httpd-1.19-3/mini_httpd.c
+--- mini_httpd-1.19-orig/mini_httpd.c  2003-12-03 19:27:22.000000000 +0100
++++ mini_httpd-1.19-3/mini_httpd.c     2005-03-09 08:46:28.000000000 +0100
+@@ -66,8 +66,14 @@
+ #endif /* HAVE_SENDFILE */
+ #ifdef USE_SSL
++# ifdef HAVE_OPENSSL
+ #include <openssl/ssl.h>
+ #include <openssl/err.h>
++# else /* HAVE_OPENSSL */
++#  ifdef HAVE_MATRIXSSL
++#   include "matrixssl_helper.h"
++#  endif /* HAVE_MATRIXSSL */
++# endif /* HAVE_OPENSSL */
+ #endif /* USE_SSL */
+ extern char* crypt( const char* key, const char* setting );
+@@ -193,7 +199,13 @@
+ static int do_ssl;
+ static char* certfile;
+ static char* cipher;
++#ifdef HAVE_OPENSSL
+ static SSL_CTX* ssl_ctx;
++#else /* HAVE_OPENSSL */
++ #ifdef HAVE_MATRIXSSL
++static sslKeys_t* keys;
++ #endif /* HAVE_MATRIXSSL */
++#endif /* HAVE_OPENSSL */
+ #endif /* USE_SSL */
+ static char cwd[MAXPATHLEN];
+ static int got_hup;
+@@ -540,6 +552,7 @@
+ #ifdef USE_SSL
+     if ( do_ssl )
+       {
++# ifdef HAVE_OPENSSL
+       SSL_load_error_strings();
+       SSLeay_add_ssl_algorithms();
+       ssl_ctx = SSL_CTX_new( SSLv23_server_method() );
+@@ -559,6 +572,17 @@
+               exit( 1 );
+               }
+           }
++# else /* HAVE_OPENSSL */
++#  ifdef HAVE_MATRIXSSL
++      matrixSslOpen();
++      if ( matrixSslReadKeys( &keys, certfile, certfile, NULL, NULL ) < 0 )
++          {
++          syslog( LOG_CRIT, "can't load certificate and/or private key\n");
++          (void) fprintf( stderr, "%s: can't load certificate and/or private key\n", argv0 );
++          exit( 1 );
++          }
++#  endif /* HAVE_MATRIXSSL */
++# endif /* HAVE_OPENSSL */
+       }
+ #endif /* USE_SSL */
+@@ -1174,6 +1198,7 @@
+ #ifdef USE_SSL
+     if ( do_ssl )
+       {
++# ifdef HAVE_OPENSSL
+       ssl = SSL_new( ssl_ctx );
+       SSL_set_fd( ssl, conn_fd );
+       if ( SSL_accept( ssl ) == 0 )
+@@ -1181,6 +1206,16 @@
+           ERR_print_errors_fp( stderr );
+           exit( 1 );
+           }
++# else /* HAVE_OPENSSL */
++#  ifdef HAVE_MATRIXSSL
++      ssl = SSL_new(keys);
++      SSL_set_fd( ssl, conn_fd );
++      if ( SSL_accept( ssl ) <= 0 )
++          {
++          perror( "SSL_accept" );
++          }
++#  endif /* HAVE_MATRIXSSL */
++# endif /* HAVE_OPENSSL */
+       }
+ #endif /* USE_SSL */
diff --git a/net/mini_sendmail/Makefile b/net/mini_sendmail/Makefile
new file mode 100644 (file)
index 0000000..f2411ed
--- /dev/null
@@ -0,0 +1,48 @@
+#
+# Copyright (C) 2006 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+# $Id$
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mini-sendmail
+PKG_VERSION:=1.3.5
+PKG_RELEASE:=1
+PKG_MD5SUM:=fff344184e98cff0ea4d817da9d29383
+
+PKG_SOURCE_URL:=http://www.acme.com/software/mini_sendmail/
+PKG_SOURCE:=mini_sendmail-$(PKG_VERSION).tar.gz
+PKG_CAT:=zcat
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/mini_sendmail-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/mini-sendmail
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=A small sendmail-compatible mail forwarder
+  DESCRIPTION:=mini_sendmail reads its standard input up to an end-of-file and sends a\\\
+copy of the message found there to all of the addresses listed.\\\
+The message is sent by connecting to a local SMTP server. This means\\\
+mini_sendmail can be used to send email from inside a chroot(2) area.\\\
+  URL:=http://www.acme.com/software/mini_sendmail/
+endef
+
+define Build/Compile   
+       $(MAKE) -C $(PKG_BUILD_DIR) \
+               CC=$(TARGET_CC) \
+               OFLAGS="$(TARGET_CFLAGS)" \
+               all
+endef
+
+define Package/mini-sendmail/install   
+       install -d -m0755 $(1)/usr/sbin
+       install -m0755 $(PKG_BUILD_DIR)/mini_sendmail $(1)/usr/sbin/
+       ln -sf mini_sendmail $(1)/usr/sbin/sendmail
+endef
+
+$(eval $(call BuildPackage,mini-sendmail))
diff --git a/net/mini_sendmail/patches/500-flags.patch b/net/mini_sendmail/patches/500-flags.patch
new file mode 100644 (file)
index 0000000..eb5d65a
--- /dev/null
@@ -0,0 +1,15 @@
+--- mini_sendmail-1.3.5/Makefile.orig  2002-01-04 07:05:25.000000000 +0100
++++ mini_sendmail-1.3.5/Makefile       2005-06-17 01:57:06.000000000 +0200
+@@ -7,9 +7,10 @@
+ BINDIR =      /usr/local/sbin
+ MANDIR =      /usr/local/man
+ CC =          gcc
+-CFLAGS =      -O
++OFLAGS =      -O
++CFLAGS =      $(OFLAGS)
+ #CFLAGS =     -g
+-LDFLAGS =     -s -static
++LDFLAGS =
+ #LDFLAGS =    -g -static
+ LDLIBS =      $(SYSV_LIBS)