diff --git a/ChangeLog b/ChangeLog index 6bf2b618..9aef24e9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,8 @@ # $Id$ +2007-05-24 Benoit Grégoire + * wdctl_thread.c: Fix #324, again. Credit goes to Medea, I misunderstood his instructons. + * From David Bird libhttpd/: Fix #266 - don't process query string parameters and keep them in that request.path. + 2007-05-18 Benoit Grégoire * wdctl_thread.c: Fix #324 diff --git a/libhttpd/api.c b/libhttpd/api.c index 7a9f585f..2590b674 100644 --- a/libhttpd/api.c +++ b/libhttpd/api.c @@ -571,10 +571,15 @@ int httpdReadRequest(httpd *server, request *r) } } + +#if 0 + /* XXX: For WifiDog, we do not need to process any of the + post or query string parameters. So, lets keep the GET variables + in the request.path too! + */ /* ** Process and POST data */ -#if 0 if (r->request.contentLength > 0) { bzero(buf, HTTP_MAX_LEN); @@ -582,7 +587,6 @@ int httpdReadRequest(httpd *server, request *r) _httpd_storeData(r, buf); } -#endif /* ** Process any URL data @@ -594,6 +598,8 @@ int httpdReadRequest(httpd *server, request *r) cp++; _httpd_storeData(r, cp); } +#endif + return(0); } diff --git a/libhttpd/httpd.h b/libhttpd/httpd.h index 7ed71fcd..963d8069 100644 --- a/libhttpd/httpd.h +++ b/libhttpd/httpd.h @@ -98,14 +98,16 @@ typedef struct { contentLength, authLength; char path[HTTP_MAX_URL], - host[HTTP_MAX_URL], /* acv@acv.ca/wifidog: Added decoding + host[HTTP_MAX_URL], /* acv@acv.ca/wifidog: Added decoding of host: header if present. */ + ifModified[HTTP_MAX_URL]; +#if(0) userAgent[HTTP_MAX_URL], referer[HTTP_MAX_URL], - ifModified[HTTP_MAX_URL], contentType[HTTP_MAX_URL], authUser[HTTP_MAX_AUTH], authPassword[HTTP_MAX_AUTH]; +#endif } httpReq; diff --git a/src/fw_iptables.c b/src/fw_iptables.c index c73b50c2..c90033b9 100644 --- a/src/fw_iptables.c +++ b/src/fw_iptables.c @@ -276,7 +276,12 @@ iptables_fw_init(void) /* TCPMSS rule for PPPoE */ iptables_do_command("-t filter -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -m state --state INVALID -j DROP"); - iptables_do_command("-t filter -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -m state --state RELATED,ESTABLISHED -j ACCEPT"); + + /* XXX: Why this? it means that connections setup after authentication + stay open even after the connection is done... + iptables_do_command("-t filter -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -m state --state RELATED,ESTABLISHED -j ACCEPT");*/ + + if (ext_interface != NULL) { iptables_do_command("-t filter -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -i %s -m state --state NEW,INVALID -j DROP", ext_interface); iptables_do_command("-t filter -A " TABLE_WIFIDOG_WIFI_TO_INTERNET " -o %s -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu", ext_interface); diff --git a/src/wdctl_thread.c b/src/wdctl_thread.c index 53fcfeb0..2d9645cf 100644 --- a/src/wdctl_thread.c +++ b/src/wdctl_thread.c @@ -122,7 +122,8 @@ thread_wdctl(void *arg) } while (1) { - memset(&sa_un, 0, sizeof(sa_un)); + len = sizeof(sa_un); + memset(&sa_un, 0, len); if ((fd = accept(sock, (struct sockaddr *)&sa_un, &len)) == -1){ debug(LOG_ERR, "Accept failed on control socket: %s", strerror(errno));