v4.6

Author: Colum Paget

CHANGELOG

@@ -0,0 +1,142 @@
+v4.6 (2025-03-10)
+  * bundled libUseful dir now named libUseful-bundled to prevent confusion with any installed libUseful
+  * Upgrade to libUseful-5, this should fix issues with rotating logfiles
+
+v4.5 (2022-04-04)
+  * Use locale timezone. 
+  * Added -pfs and PerfectForwardSecrecy options to command-line and config file
+  * add  Settings.Timezone
+  * fix XML returned on PROPFIND 404
+
+v4.4 (2020-11-30)
+  * Fix for uninitialized pidfile path error
+  * Add -P command-line option and PidFile= config file option
+  * Fix for bug introduced by 'unshare' feature that disables 'ChHome' feature
+
+v4.1 (2020-10-09)
+  * fastopen now only enabled in https by default. added TCPFastOpen and ListenQueue config options
+
+v4.0 (2020-10-09)
+  * added REUSEPORT and namespaces
+  * added namespaces support
+  * handle chroot better when server not running as root
+  * Fix for pipes being held open by other processes that shouldn't even have them
+
+v3.2 (2020-04-24)
+  * fix for vpath directory traversals
+
+v3.1 (2020-04-23)
+  * Handle being used through a proxy or frontend that is encrypting for us. 
+  * Added 'Upload' events support.
+  * Don't display 'move selected' and 'delete selected' if interactive mode not enabled.
+
+v3.0 (2020-04-12)
+  * Support HTTPS/HTTP on same port. 
+  * Added SOCKS service support.  
+  * Fix CGI bug for slow .cgi scripts. 
+  * Add proxy allow/deny config.
+
+v2.3 (2019-10-29)
+  * Fix for silly 'missing return' issue that leaves directory listing broken on some systems, while miraculously working on others
+
+v2.2 (2019-10-18)
+  * fix for autoconf check for xattr. Only use this feature if asked
+  * Fix for SIGPIPE issues. 
+  * Added 'local' vpath type (for use with let's encrypt).
+
+v2.1 (2016-04-06)
+  * Fixed slow cgi scripts. 
+  * Fixed 'UTC only' in cgi scripts
+  * bugfix: fix crash when permission denied on reading a media file into an m3u listing
+
+v2.0 (2016-03-25)
+  * Added -sslv command-line option. 
+  * Fixing some problems with KeepAlive/Session Reuse
+  * Added 'password' option to VPaths
+  * bugfixes for PROXY VPaths
+  * multiple bugfixes, including one relating to authentication
+  * fix for cookie-header problem. 
+  * Fixes for POST to cgi programs
+  * Session Cookie Authentication added. 
+  * Connection: Keep-Alive is now on by default
+  * Bigger default memory resources due to experience with php. 
+  * VPaths can now take 'user=' and 'group=' arguments to specify which user to switch to when accessing a vpath
+  * read resolution of image files. So far only works for BMP!
+  * cache-age can now be set against a VPath. Better handling of child processes and the sockets they talk on. The 'send directory as tar' option can now support a selection of files, and user-defined package types using external programs like tar, rar or zip.
+  * pam-account checking added
+  * Initial Websockets work
+  * added REMOTE_MAC support
+  * log to file (event logfile) now works
+  * Better handling of POST requests
+  * upgraded libUseful. Fixed handling of form data containing HTTP entites.
+  * MkDir now works with folders that have a spaces within the name.
+  * Access tokens can now be generated on a file's Edit/Details page. General fixes for compiler warnings.
+  * Only supply access tokens in .m3u files if access token authentication is enabled
+  * Authentication cleanups, Fix for 'deny' mode not working if pam not enabled
+  * Fix for paths containing single-quotes
+  * MaxLogSize setting can now take k,M,G suffixes
+  * Fixed stray \r bug for cgi scripts (added 'StripTrailingWhitespace'), 
+  * Added Resource Limits
+  * Events framework extended to work with response codes, even from within chroot. 
+  * Changes to ensure exit if SSL negotation fails
+  * Anti-shellshock changes with the 'SetEnvironmentVariable' function that cleans occurances of '()' out of CGI envornment variables. 
+  * changes to prevent 'endless loop' when reading ID3 tags
+  * More changes to access tokens to allow their use in less trusted environments, and removal of insistance on HTTP Method, so an access token now grants permission to HEAD, GET, OPTIONS, but never PUT or POST
+  * Added X-Media headers
+  * added timezone setting
+  * File properties stored in .prop file or xattr. 
+  * Added secret key for access token authentication
+  * Safari has issues with http keep-alive, so that feature can now be turned on or off as required
+  * Run Event scripts as a non-root user
+
+v1.3 
+  * Support for client certificates. 
+  * Support for Perfect Forward Secrecy. 
+
+v1.2 
+  * IPv6 support added. 
+  * Capabilities support added: most capabilities dropped at startup. 
+
+v1.1 
+  * Proxy support working again. 
+  * 'UserAgentSettings' added. 
+  * Digest Authentication added (READ THE 'README'!). 
+  * Ability to log out of HTTP session by going to a fake url. 
+
+v1.0.4 
+  * Support for custom headers to be added from config-file.  
+  * Added 'LookupClientHost' option to allow turning client hostname lookups on/off.
+
+v1.0.1
+  *  Anti-cross-site-scripting system added.
+
+v1.0.0
+  * Numerous minor bugfixes, 
+
+v0.0.11 
+  * Added security hash for cgi scripts. 
+  * Added specifiable interpreters for scripting languages. 
+  * Added support for 'chained' certificates bundled in a .pem format file.
+
+v0.0.10 
+  * webdav 'COPY' implemented
+
+v0.0.9 
+  * enhanced directory listings added.
+
+v0.0.8
+  * proxy POST added. 
+
+v0.0.7
+  * Gzip compression added for downloads. 
+
+v0.0.6
+  * Authentication 'realm' now set to hostname and overridable via commandline/config file options. 
+
+v0.0.5
+  * Rudimentary proxy server support added ('CONNECT' method and proxy 'GET' method). 
+
+v0.0.4
+  * Fixes to PROPFIND to work with cyberduck
+  * -allowed and -denied switches added to command-line-args
+

common.c

@@ -6,7 +6,7 @@
 #include "Authenticate.h"
 
 TSettings Settings;
-char *Version="4.5";
+char *Version="4.6";
 
 void SetTimezoneEnv()
 {

config.log

@@ -4,7 +4,7 @@ running configure, to aid debugging if configure makes a mistake.
 It was created by configure, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
-  $ ./configure --enable-ssl --without-libuseful
+  $ ./configure --enable-ssl
 
 ## --------- ##
 ## Platform. ##
@@ -27,14 +27,19 @@ uname -v = #135-Ubuntu SMP Fri Sep 27 13:53:58 UTC 2024
 /usr/bin/oslevel       = unknown
 /bin/universe          = unknown
 
-PATH: /usr/prebin/
 PATH: /home/colum/.local/bin/
 PATH: /home/colum/bin/
+PATH: /usr/prebin/
+PATH: ~/bin/
+PATH: /usr/local/sbin/
 PATH: /usr/local/bin/
+PATH: /usr/sbin/
 PATH: /usr/bin/
+PATH: /sbin/
 PATH: /bin/
-PATH: /usr/local/games/
 PATH: /usr/games/
+PATH: /usr/local/games/
+PATH: /snap/bin/
 
 
 ## ----------- ##
@@ -243,8 +248,8 @@ configure:4075: $? = 0
 configure:4085: result: yes
 configure:4097: checking for EVP_CIPHER_CTX_init in -lcrypto
 configure:4120: gcc -o conftest -g -O2   conftest.c -lcrypto  -lcrypt -lz  >&5
-/usr/bin/ld: /tmp/ccToJYpf.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/conftest.c:20: undefined reference to `EVP_CIPHER_CTX_init'
+/usr/bin/ld: /tmp/ccQclzmI.o: in function `main':
+/home/colum/work/alaya-next/conftest.c:20: undefined reference to `EVP_CIPHER_CTX_init'
 collect2: error: ld returned 1 exit status
 configure:4120: $? = 1
 configure: failed program was:
@@ -278,8 +283,8 @@ configure:4167: $? = 0
 configure:4177: result: yes
 configure:4191: checking for SSL_library_init in -lssl
 configure:4214: gcc -o conftest -g -O2   conftest.c -lssl  -lcrypto -lcrypt -lz  >&5
-/usr/bin/ld: /tmp/cclKosdI.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/conftest.c:21: undefined reference to `SSL_library_init'
+/usr/bin/ld: /tmp/ccDSqKVp.o: in function `main':
+/home/colum/work/alaya-next/conftest.c:21: undefined reference to `SSL_library_init'
 collect2: error: ld returned 1 exit status
 configure:4214: $? = 1
 configure: failed program was:
@@ -334,8 +339,8 @@ generated by GNU Autoconf 2.71.  Invocation command line was
 on colum-HP-ProDesk-400-G1-SFF
 
 config.status:720: creating Makefile
-configure:5749: === configuring in libUseful-bundled (/home/colum/alaya-test/alaya-ooe/libUseful-bundled)
-configure:5810: running /bin/bash ./configure --disable-option-checking '--prefix=/usr/local'  '--enable-ssl' '--without-libuseful' --cache-file=/dev/null --srcdir=.
+configure:5749: === configuring in libUseful-bundled (/home/colum/work/alaya-next/libUseful-bundled)
+configure:5810: running /bin/bash ./configure --disable-option-checking '--prefix=/usr/local'  '--enable-ssl' --cache-file=/dev/null --srcdir=.
 
 ## ---------------- ##
 ## Cache variables. ##

config.status

@@ -410,7 +410,7 @@ $config_files
 
 Report bugs to the package provider."
 
-ac_cs_config='--enable-ssl --without-libuseful'
+ac_cs_config='--enable-ssl'
 ac_cs_version="\
 config.status
 configured by ./configure, generated by GNU Autoconf 2.71,
@@ -420,7 +420,7 @@ Copyright (C) 2021 Free Software Foundation, Inc.
 This config.status script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it."
 
-ac_pwd='/home/colum/alaya-test/alaya-ooe'
+ac_pwd='/home/colum/work/alaya-next'
 srcdir='.'
 INSTALL='/usr/bin/install -c'
 test -n "$AWK" || AWK=awk
@@ -489,7 +489,7 @@ if $ac_cs_silent; then
 fi
 
 if $ac_cs_recheck; then
-  set X /bin/bash './configure'  '--enable-ssl' '--without-libuseful' $ac_configure_extra_args --no-create --no-recursion
+  set X /bin/bash './configure'  '--enable-ssl' $ac_configure_extra_args --no-create --no-recursion
   shift
   \printf "%s\n" "running CONFIG_SHELL=/bin/bash $*" >&6
   CONFIG_SHELL='/bin/bash'

libUseful-bundled/config.log

@@ -4,7 +4,7 @@ running configure, to aid debugging if configure makes a mistake.
 It was created by configure, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
-  $ ./configure --disable-option-checking --prefix=/usr/local --enable-ssl --without-libuseful --cache-file=/dev/null --srcdir=.
+  $ ./configure --disable-option-checking --prefix=/usr/local --enable-ssl --cache-file=/dev/null --srcdir=.
 
 ## --------- ##
 ## Platform. ##
@@ -27,14 +27,19 @@ uname -v = #135-Ubuntu SMP Fri Sep 27 13:53:58 UTC 2024
 /usr/bin/oslevel       = unknown
 /bin/universe          = unknown
 
-PATH: /usr/prebin/
 PATH: /home/colum/.local/bin/
 PATH: /home/colum/bin/
+PATH: /usr/prebin/
+PATH: ~/bin/
+PATH: /usr/local/sbin/
 PATH: /usr/local/bin/
+PATH: /usr/sbin/
 PATH: /usr/bin/
+PATH: /sbin/
 PATH: /bin/
-PATH: /usr/local/games/
 PATH: /usr/games/
+PATH: /usr/local/games/
+PATH: /snap/bin/
 
 
 ## ----------- ##
@@ -166,8 +171,8 @@ configure:4011: $? = 0
 configure:4011: result: yes
 configure:4017: checking for htonll
 configure:4017: gcc -o conftest -g -O2   conftest.c -lc  >&5
-/usr/bin/ld: /tmp/cc5KGcwf.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:47: undefined reference to `htonll'
+/usr/bin/ld: /tmp/cc5y5k3T.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:47: undefined reference to `htonll'
 collect2: error: ld returned 1 exit status
 configure:4017: $? = 1
 configure: failed program was:
@@ -224,8 +229,8 @@ configure: failed program was:
 configure:4017: result: no
 configure:4023: checking for ntohll
 configure:4023: gcc -o conftest -g -O2   conftest.c -lc  >&5
-/usr/bin/ld: /tmp/ccfzOvL6.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:47: undefined reference to `ntohll'
+/usr/bin/ld: /tmp/ccVGScpp.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:47: undefined reference to `ntohll'
 collect2: error: ld returned 1 exit status
 configure:4023: $? = 1
 configure: failed program was:
@@ -370,8 +375,8 @@ configure:4364: $? = 0
 configure:4364: result: yes
 configure:4379: checking for EVP_CIPHER_CTX_init in -lcrypto
 configure:4402: gcc -o conftest -g -O2   conftest.c -lcrypto  -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccZBvb7x.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:52: undefined reference to `EVP_CIPHER_CTX_init'
+/usr/bin/ld: /tmp/ccw6ph5S.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:52: undefined reference to `EVP_CIPHER_CTX_init'
 collect2: error: ld returned 1 exit status
 configure:4402: $? = 1
 configure: failed program was:
@@ -437,8 +442,8 @@ configure:4449: $? = 0
 configure:4459: result: yes
 configure:4473: checking for SSL_library_init in -lssl
 configure:4496: gcc -o conftest -g -O2   conftest.c -lssl  -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccgQGnSy.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:53: undefined reference to `SSL_library_init'
+/usr/bin/ld: /tmp/ccLPhAP9.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:53: undefined reference to `SSL_library_init'
 collect2: error: ld returned 1 exit status
 configure:4496: $? = 1
 configure: failed program was:
@@ -505,8 +510,8 @@ configure:4543: $? = 0
 configure:4553: result: yes
 configure:4572: checking for OpenSSL_add_all_algorithms
 configure:4572: gcc -o conftest -g -O2   conftest.c -lssl -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccMIveIS.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:73: undefined reference to `OpenSSL_add_all_algorithms'
+/usr/bin/ld: /tmp/cc4oeujr.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:73: undefined reference to `OpenSSL_add_all_algorithms'
 collect2: error: ld returned 1 exit status
 configure:4572: $? = 1
 configure: failed program was:
@@ -589,8 +594,8 @@ configure: failed program was:
 configure:4572: result: no
 configure:4578: checking for EVP_MD_CTX_create
 configure:4578: gcc -o conftest -g -O2   conftest.c -lssl -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccHzqZdy.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:73: undefined reference to `EVP_MD_CTX_create'
+/usr/bin/ld: /tmp/ccUEzyG0.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:73: undefined reference to `EVP_MD_CTX_create'
 collect2: error: ld returned 1 exit status
 configure:4578: $? = 1
 configure: failed program was:
@@ -677,8 +682,8 @@ configure:4584: $? = 0
 configure:4584: result: yes
 configure:4590: checking for EVP_MD_CTX_destroy
 configure:4590: gcc -o conftest -g -O2   conftest.c -lssl -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccpxPt97.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:74: undefined reference to `EVP_MD_CTX_destroy'
+/usr/bin/ld: /tmp/ccaLP5Zt.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:74: undefined reference to `EVP_MD_CTX_destroy'
 collect2: error: ld returned 1 exit status
 configure:4590: $? = 1
 configure: failed program was:
@@ -770,8 +775,8 @@ configure:4602: $? = 0
 configure:4602: result: yes
 configure:4608: checking for SSL_set_tlsext_host_name
 configure:4608: gcc -o conftest -g -O2   conftest.c -lssl -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccfzjaCY.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:76: undefined reference to `SSL_set_tlsext_host_name'
+/usr/bin/ld: /tmp/ccJmPrTh.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:76: undefined reference to `SSL_set_tlsext_host_name'
 collect2: error: ld returned 1 exit status
 configure:4608: $? = 1
 configure: failed program was:
@@ -857,8 +862,8 @@ configure: failed program was:
 configure:4608: result: no
 configure:4614: checking for SSL_set_min_proto_version
 configure:4614: gcc -o conftest -g -O2   conftest.c -lssl -lcrypto -lc -lc -lc -lc  >&5
-/usr/bin/ld: /tmp/ccZDJ28C.o: in function `main':
-/home/colum/alaya-test/alaya-ooe/libUseful-bundled/conftest.c:76: undefined reference to `SSL_set_min_proto_version'
+/usr/bin/ld: /tmp/ccqnL2Uc.o: in function `main':
+/home/colum/work/alaya-next/libUseful-bundled/conftest.c:76: undefined reference to `SSL_set_min_proto_version'
 collect2: error: ld returned 1 exit status
 configure:4614: $? = 1
 configure: failed program was:

libUseful-bundled/config.status

@@ -410,7 +410,7 @@ $config_files
 
 Report bugs to the package provider."
 
-ac_cs_config='--disable-option-checking --prefix=/usr/local --enable-ssl --without-libuseful --cache-file=/dev/null --srcdir=.'
+ac_cs_config='--disable-option-checking --prefix=/usr/local --enable-ssl --cache-file=/dev/null --srcdir=.'
 ac_cs_version="\
 config.status
 configured by ./configure, generated by GNU Autoconf 2.71,
@@ -420,7 +420,7 @@ Copyright (C) 2021 Free Software Foundation, Inc.
 This config.status script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it."
 
-ac_pwd='/home/colum/alaya-test/alaya-ooe/libUseful-bundled'
+ac_pwd='/home/colum/work/alaya-next/libUseful-bundled'
 srcdir='.'
 test -n "$AWK" || AWK=awk
 # The default lists apply if the user does not specify any file.
@@ -488,7 +488,7 @@ if $ac_cs_silent; then
 fi
 
 if $ac_cs_recheck; then
-  set X /bin/bash './configure'  '--disable-option-checking' '--prefix=/usr/local' '--enable-ssl' '--without-libuseful' '--cache-file=/dev/null' '--srcdir=.' $ac_configure_extra_args --no-create --no-recursion
+  set X /bin/bash './configure'  '--disable-option-checking' '--prefix=/usr/local' '--enable-ssl' '--cache-file=/dev/null' '--srcdir=.' $ac_configure_extra_args --no-create --no-recursion
   shift
   \printf "%s\n" "running CONFIG_SHELL=/bin/bash $*" >&6
   CONFIG_SHELL='/bin/bash'