Module Name: src
Committed By: wiz
Date: Tue Nov 28 12:22:27 UTC 2017
Modified Files:
src/libexec/httpd: bozohttpd.8
Log Message:
Document script handler issues with httpd(8).
>From martin@, addressing PR 52194.
While here, use American spelling consistently and upper-case some
abbreviations.
Bump date.
To generate a diff of this commit:
cvs rdiff -u -r1.67 -r1.68 src/libexec/httpd/bozohttpd.8
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/bozohttpd.8
diff -u src/libexec/httpd/bozohttpd.8:1.67 src/libexec/httpd/bozohttpd.8:1.68
--- src/libexec/httpd/bozohttpd.8:1.67 Fri Jul 7 07:05:49 2017
+++ src/libexec/httpd/bozohttpd.8 Tue Nov 28 12:22:27 2017
@@ -1,4 +1,4 @@
-.\" $NetBSD: bozohttpd.8,v 1.67 2017/07/07 07:05:49 mrg Exp $
+.\" $NetBSD: bozohttpd.8,v 1.68 2017/11/28 12:22:27 wiz Exp $
.\"
.\" $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $
.\"
@@ -26,7 +26,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd February 1, 2017
+.Dd November 28, 2017
.Dt BOZOHTTPD 8
.Os
.Sh NAME
@@ -219,7 +219,7 @@ option.
.It Fl P Ar pidfile
Causes
.Nm
-to create a pid file in
+to create a PID file in
.Ar pidfile
when run in daemon mode with the
.Fl b
@@ -284,7 +284,7 @@ If no directory exists in
for the request, then
.Ar slashdir
will be used.
-The default behaviour is to return 404 (Not Found.)
+The default behavior is to return 404 (Not Found.)
.It Fl v Ar virtualroot
Enables virtual hosting support.
Directories in
@@ -314,7 +314,7 @@ Sets the list of SSL ciphers (see
.Xr SSL_CTX_set_cipher_list 3 ) .
.It Fl Z Ar certificate_path privatekey_path
Sets the path to the server certificate file and the private key file
-in pem format.
+in PEM format.
It also causes
.Nm
to start SSL mode.
@@ -388,9 +388,9 @@ Lua support (NO_LUA_SUPPORT),
and SSL support (NO_SSL_SUPPORT)
by defining the listed macros when building
.Nm .
-.Ss HTTP BASIC AUTHORISATION
+.Ss HTTP BASIC AUTHORIZATION
.Nm
-has support for HTTP Basic Authorisation.
+has support for HTTP Basic Authorization.
If a file named
.Pa .htpasswd
exists in the directory of the current request,
@@ -406,7 +406,7 @@ This does not recursively protect any su
The
.Pa .htpasswd
file contains lines delimited with a colon containing
-usernames and passwords hashed with
+user names and passwords hashed with
.Xr crypt 3 ,
for example:
.Bd -literal
@@ -424,7 +424,7 @@ While
.Nm
distributed with
.Nx
-has support for HTTP Basic Authorisation enabled by default,
+has support for HTTP Basic Authorization enabled by default,
in the portable distribution it is excluded.
Compile
.Nm
@@ -458,7 +458,7 @@ looks for a couple of special files in d
to be provided on a per-directory basis.
In addition to the
.Pa .htpasswd
-used by HTTP basic authorisation,
+used by HTTP basic authorization,
if a
.Pa .bzdirect
file is found (contents are irrelevant)
@@ -478,7 +478,7 @@ If a
.Pa .bzabsredirect
symbolic link is found,
.Nm
-will redirect to the absolute url pointed to by this symlink.
+will redirect to the absolute URL pointed to by this symlink.
This is useful to redirect to different servers.
Two forms of redirection are supported - symbolic link without schema will use
.Em http://
@@ -514,6 +514,29 @@ Typically this will be like:
.Bd -literal
httpd -C .php /usr/pkg/bin/php-cgi /var/www
.Ed
+.Pp
+Note that a plain script interpreter can not be used directly as a cgihandler,
+as there are no command line options passed from
+.Nm
+to avoid security issues.
+.Pp
+If no CGI-aware wrapper exists, a simple shell script like the following
+might do.
+.Pp
+It would be invoked like:
+.Bd -literal
+httpd -C .pl /www-scripts/bin/run.perl /var/www
+.Ed
+and the script could look like:
+.Bd -literal
+#! /bin/sh
+
+if [ -r "$SCRIPT_FILENAME" -a -x "$SCRIPT_FILENAME" ]; then
+ exec /usr/pkg/bin/perl "$SCRIPT_FILENAME"
+fi
+
+exit 1
+.Ed
.Sh SEE ALSO
.Xr inetd.conf 5 ,
.Xr inetd 8
@@ -606,11 +629,11 @@ provided cgi-bin enhancements
.It
.An Nicolas Jombart
.Aq Mt [email protected]
-provided fixes for HTTP basic authorisation support
+provided fixes for HTTP basic authorization support
.It
.An Antti Kantee
.Aq Mt [email protected]
-provided fixes for HTTP basic authorisation support
+provided fixes for HTTP basic authorization support
.It
.An Thomas Klausner
.Aq Mt [email protected]
@@ -644,7 +667,7 @@ option (pidfile support) and provided so
.An Luke Mewburn
.Aq Mt [email protected]
provided many various fixes, including cgi-bin fixes and enhancements,
-HTTP basic authorisation support and much code clean up
+HTTP basic authorization support and much code clean up
.It
.An Rajeev V. Pillai
.Aq Mt [email protected]
@@ -686,7 +709,7 @@ provided a man page fix
.It
.An Holger Weiss
.Aq Mt [email protected]
-provided http authorisation fixes
+provided http authorization fixes
.It
.Aq Mt [email protected]
provided chroot and change-to-user support, and other various fixes
