break-fnord.sh work with busybox expr

fix punctuation and typo; fixes #1

CHANGES

@@ -1,3 +1,14 @@
+	fix punctuation and typo
+
+4.4:
+	Also log when called from stunnel
+
+4.3.1:
+	Add .webm mime type
+
+4.3:
+	Very stupid CONNECT handling mechanism.
+
 4.2:
 	Remove some bugs in CGI's "Status:" code (reported by Alyssa Milburn).
 	Make extract_header_field less fragile (reported by Alyssa Milburn).
@@ -146,7 +157,7 @@
 	Olaf: I changed my initial CGI-interface to NOT use the filesystem but
 		two pipes.
 	Add whole-host redirect (see README)
-	Olaf: added direcory-lists and "index.cgi" support (normal CGI only !
+	Olaf: added directory-lists and "index.cgi" support (normal CGI only !
 		"nph-index.cgi" is not supported). Fixed some problematic parts in the
 		CGI-interface (\n -> \r\n converter for http-header and CGI crash
 		handling)

Dockerfile

@@ -0,0 +1,21 @@
+FROM alpine
+
+RUN apk --no-cache add s6-networking
+
+RUN apk --no-cache add build-base
+COPY . /usr/local/src/eris
+RUN make -C /usr/local/src/eris
+RUN cp /usr/local/src/eris/eris /usr/bin
+RUN rm -rf /usr/local/src/eris
+RUN apk --no-cache del build-base
+
+RUN addgroup -S -g 800 www
+RUN adduser -S -u 800 -G www www
+
+RUN mkdir /www
+WORKDIR /www
+
+EXPOSE 80
+
+CMD ["s6-tcpserver", "-u", "80", "-g", "80", "0.0.0.0", "80", "/usr/bin/eris", "-."]
+

HTTPS.md

@@ -0,0 +1,34 @@
+SSL with eris
+=============
+
+Eris does not care what transport is in use: that job is left to the invoking
+program (e.g. tcpserver).
+
+In the past you could use `sslio` with `tcpsvd`,
+but `sslio` has not been updated in a long time,
+and won't work with (at least) Chrome 39.
+
+I recommend using stunnel,
+which also works with IPv6.
+You can invoke it like so:
+
+	#! /bin/sh
+	cd /srv/www
+	HTTPS=enabled; export HTTPS
+
+	exec stunnel -fd 3 3<<EOD
+	foreground = yes
+	setuid = http
+	setgid = http
+	debug = 4
+
+	[https]
+	accept = ::443
+	cert = /path/to/yourserver.crt
+	key = /path/to/yourserver.key
+	exec = /path/to/eris
+	execargs = eris -c
+	EOD
+
+I set the `HTTPS` environment variable,
+so CGI can tell whether or not its connection is secure.

README.SSL

@@ -1,26 +0,0 @@
-SSL with eris
-=============
-
-Eris does not care what transport is in use: that job is left to the invoking
-program (eg. tcpserver).
-
-Gerrit Pape's `ipsvd` package comes with two programs for running SSL daemons:
-`sslsvd` and `sslio`.  At the time of this writing, however, Gerrit's `ipsvd`
-has no support for IPv6.  Busybox `ipsvd`, and `ucspi-tcp-ipv6`, both do
-support IPv6.
-
-Here is how you can support SSL *and* IPv6:
-
-    cd /srv/www
-    HTTPS=enabled; export HTTPS
-    exec tcpserver -H -R 0 443 \
-        /usr/bin/sslio -u nobody:ssl-cert -U www-data \
-            -C /path/to/mydomain.crt -K /path/to/mydomain.key \
-        /service/httpd/eris -c
-
-This uses `tcpserver` to listen for and accept TCP4 and TCP6 connections.
-These connections are then handed to `sslio`, which drops permissions to
-`nobody:ssl-cert` and starts speaking SSL to `eris` running as `www-data`.
-
-I like to set the `HTTPS` environment variable also, so CGI can tell whether or
-not its connection is secure.

README.md

@@ -49,7 +49,7 @@ Start with:
 	tcpserver -v -RHl localhost -u 1234 -g 1234 0 80 ./eris
 
 There are many other ways to start eris.
-For example, you can run an HTTPS server using tcpsvd and sslio.
+For example, you can run an HTTPS server with stunnel.
 
 You just need something that launches eris with stdin and stdout connected to the client.
 
@@ -96,7 +96,7 @@ Please see <http://hoohoo.ncsa.uiuc.edu/cgi/interface.html> for the CGI specific
 About The Name
 ==============
 
-[Eris](http://en.wikipedia.org/wiki/Eris_(dwarf_planet%29)
+[Eris](http://en.wikipedia.org/wiki/Eris_%28dwarf_planet%29)
 is the most massive (heaviest) dwarf planet in the solar system.
 It's heavier than Pluto!
 

break-fnord.sh

@@ -1,9 +1,9 @@
 #! /bin/sh
 
-## Breaking fnord 1.10
+## Breaking fnord 1.11
 
 if [ "$1" = "clean" ]; then
-    rm -rf fnord-1.10
+    rm -rf fnord-1.11
 fi
 
 # Set HTTPD= to test something else
@@ -14,6 +14,7 @@ case ${HTTPD:=./fnord} in
         ;;
 esac
 
+tests=0
 title() {
     printf "%-50s: " "$1"
     tests=$(expr $tests + 1)
@@ -36,16 +37,16 @@ d () {
 }
 
 
-if [ ! -f fnord-1.10.tar.bz2 ]; then
-    wget http://www.fefe.de/fnord/fnord-1.10.tar.bz2
+if [ ! -f fnord-1.11.tar.bz2 ]; then
+    wget http://www.fefe.de/fnord/fnord-1.11.tar.bz2
 fi
 
-if [ ! -f fnord-1.10/httpd.c ]; then
-    rm -rf fnord-1.10
-    bzcat fnord-1.10.tar.bz2 | tar xf -
+if [ ! -f fnord-1.11/httpd.c ]; then
+    rm -rf fnord-1.11
+    bzcat fnord-1.11.tar.bz2 | tar xf -
 fi
 
-cd fnord-1.10
+cd fnord-1.11
 
 # Comment this out if you want to build with diet libc
 make DIET=

contrib/README

@@ -5,5 +5,5 @@ a little easier.
 Quite a lot of web software these days is written to work with
 Apache and nothing else.  PHP is a notable example: even PHP-CGI,
 as shipped on Debian, requires special environment variables that
-only Apache sets, and doesn't work with eg. mathopd, boa, busybox
+only Apache sets, and doesn't work with, e.g. mathopd, boa, busybox
 httpd, or eris.

mime.c

@@ -19,6 +19,7 @@ static struct mimeentry {
     "jpeg", "image/jpeg"}, {
     "jpg", "image/jpeg"}, {
     "svg", "image/svg+xml"}, {
+	"webm", "video/webm"}, {
     "mpeg", "video/mpeg"}, {
     "mpg", "video/mpeg"}, {
     "avi", "video/x-msvideo"}, {

test.sh

@@ -4,6 +4,10 @@
 : ${HTTPD_CGI:=./eris -c}
 : ${HTTPD_IDX:=./eris -d}
 
+tests=0
+successes=0
+failures=0
+
 H () {
     section="$*"
     printf "\n%-20s " "$*"
@@ -138,6 +142,10 @@ title "Logging busybox"
 (printf 'GET /index.html HTTP/1.1\r\nHost: host\r\n\r\n' | 
     PROTO=TCP TCPREMOTEADDR=[::1]:8765 $HTTPD >/dev/null) 2>&1 | grep -Fxq '[::1]:8765 200 6 host (null) (null) /index.html' && pass || fail
 
+title "Logging stunnel"
+(printf 'GET /index.html HTTP/1.1\r\nHost: host\r\n\r\n' | 
+    REMOTE_HOST=::1 REMOTE_PORT=8765 $HTTPD >/dev/null) 2>&1 | grep -Fxq '::1:8765 200 6 host (null) (null) /index.html' && pass || fail
+
 
 
 H "Options"
@@ -266,6 +274,11 @@ title "Read timeout"
 (sleep 2.1; printf 'GET / HTTP/1.0\r\n\r\n') | $HTTPD 2>/dev/null | grep -q '.' && fail || pass
 
 
+H "CONNECT handler"
+
+title "Basic test"
+printf 'CONNECT /etc HTTP/1.1\r\n\r\n' | $HTTPD -o /bin/ls | grep -q passwd && pass || fail
+
 
 H "fnord bugs"
 

timerfc.c

@@ -40,9 +40,6 @@
 #include <string.h>
 #include "timerfc.h"
 
-static const char days[] = "SunMonTueWedThuFriSat";
-static const char months[] = "JanFebMarAprMayJunJulAugSepOctNovDec";
-
 time_t
 timerfc(const char *s)
 {