| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From:
Eivind Sarto <ivan@espial.com>
To:
"libmicrohttpd@gnu.org" <libmicrohttpd@gnu.org>
Date:
Today 09:32:21 pm
Spam Status: Spamassassin 0% probability of being spam.
Full report:
Probability=No, score=-2.6 required=7.0 tests=BAYES_00 autolearn=ham version=3.2.5-tuminfo_1
There appears to be a bug in MHD_create_response_from_fd_at_offset().
Calling this function with anything other than a zero offset will cause wrong data
or no data (sendfile fails if length < 0).
If you use this call with any application that uses ranges, this bug will trigger.
In src/daemon/daemon.c: send_param_adapter()
.....
/* can use sendfile */
offset = (off_t) connection->response_write_position + connection->response->fd_off;
#ifdef BUGFIX
/* correct */
left = connection->response->total_size - connection->response_write_position;
#else
left = connection->response->total_size - offset;
#endif
if (left > SSIZE_MAX)
left = SSIZE_MAX; /* cap at return value limit */
ret = sendfile (connection->socket_fd,
fd,
&offset,
left);
-eivind
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From:
Michael Wiegand <michael.wiegand@greenbone.net> (Greenbone Networks GmbH)
To:
christian@grothoff.org
Date:
Today 12:39:11 pm
Attachments:
microhttpd.texi-typo-fixes.patch
Hallo Christian,
ich habe ein paar Typos in der Doku von libmicrohttpd gefunden, siehe
angehängter Patch.
Oder nimmst du Patches lieber über die Liste? Habe mich jetzt auch endlich
angemeldet. :)
Grüße aus Osnabrück
Michael
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From:
Andreas Wehrmann <a.wehrmann@centersystems.com>
To:
libmicrohttpd@gnu.org
Date:
Today 08:58:43 am
Spam Status: Spamassassin 0% probability of being spam.
Full report:
Probability=No, score=-3.2 required=7.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.5-tuminfo_1
Hello!
I wrote a little testpage that I deliver using libmicrohttpd using
digest authentication.
The testpage consists of four files (framed page + image file).
When I initially connected to the webserver via the browser it correctly
challenged me
for my credentials. However, after entering the username and password
the index file
got loaded but it happened that the browser then challenged me again for
each
additional file to be loaded.
Since this is very annoying I tried increasing the nonce table size to 3000
(was default) but it was no good.
I then dug a little deeper and found out, that the hash algorithm to
determine the index
for a given nonce always returned zero thus overwriting other nonces.
The offending line is at check_nonce_nc() in digestauth.c:313:
off = (off << 8) | (*np & (off >> 24));
whereas is should be:
off = (off << 8) | (*np ^ (off >> 24));
Since "off" is initialized with zero and an unsigned integer
a logical AND returns zero which is not right obviously.
After this fix, the server challenged me only once and I got "random"
indices.
I found the problem in libmicrohttpd 0.9.5.
Best regards,
Andreas Wehrmann
--
Dipl.-Ing. (FH) Andreas Wehrmann
Software Development
--------------------------------------------------------------
Center Communication Systems GmbH
A-1210 Wien, Ignaz-Köck-Straße 19
Sitz in Wien
FN 796 88p, Firmenbuchgericht Wien
www.centersystems.com
Tel.: +43 (0) 190 199 - 3616
Mobile: +43 (0) 664 884 75916
Fax: +43 (0) 190 199 - 2110
E-Mail: a.wehrmann@centersystems.com
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
MHD_create_response_from_data
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
