Howdy,
First I would like to say hello to everyone in this list.
I'm running kernel 2.4.10 (Intel), and performing experiments with the
khttpd server compiled as a module. I am writing to this list concerning a
couple of things I noticed in khttpd, and offering a fix. I already sent this e-mail
to the list, but not with a standard subject.
Problem description:
-----------------------------
I began noticing that it crashed with a oops or hanging the
machine when apache was not running. When the machine survived, it also
returned a 403 error, with a "Permission denied" message.
The hack:
------------------
Upon source investigation, I noticed that at
/usr/src/linux/net/khttpd/userspace.c, at the function Userspace, in the
place where's the user-daemon no present case is coded, a structure element
is not released.
After correction, I have also changed the 403 error (permission denied), to
a 503 Service Unavailable, as I believe it's more correct. If the khttpd
daemon can't call Apache (or other userspace daemon) when it's not capable
of processing the request, it's better to give a 503 message than a 403,
for my and the users' sanity sake.
So, in the 2.4.10 kernel source tree, in the already mentioned
/usr/src/linux/net/khttpd/userspace.c, at line 114, you can make the
following changes:
Send403(CurrentRequest->sock); to Send50x(CurrentRequest-sock);
Append the following lines after the Send50x:
sock_release(CurrentRequest->sock);
CurrentRequest->sock=NULL;
This patch has already been tested by another two persorns.
A diff file is included as an attachment.
Regards,
--
Rui Ribeiro
Network and Security consultant
http://www.case.pt
P.S. A copy of this message has already been sent to khttpd users list.