@@ -232,6 +232,7 @@ static bool tls_redirect_check(struct client *cl)
{
int rem, port;
struct blob_attr *cur;
+ struct no_tls_redirect *no_tls_redirect;
char *ptr, *url = NULL, *host = NULL;
if (cl->tls || !conf.tls_redirect)
@@ -254,6 +255,11 @@ static bool tls_redirect_check(struct client *cl)
if (!url || !host)
return true;
+ if (!list_empty(&conf.no_tls_redirect)) list_for_each_entry(no_tls_redirect, &conf.no_tls_redirect, list) {
+ if(strncmp(url, no_tls_redirect->path, strlen(no_tls_redirect->path)) == 0)
+ return true;
+ }
+
if ((ptr = strchr(host, ']')) != NULL)
*(ptr+1) = 0;
else if ((ptr = strchr(host, ':')) != NULL)
@@ -135,6 +135,7 @@ static int usage(const char *name)
" -C file ASN.1 server certificate file\n"
" -K file ASN.1 server private key file\n"
" -q Redirect all HTTP requests to HTTPS\n"
+ " -Q path Exception to '-q'\n"
#endif
" -h directory Specify the document root, default is '.'\n"
" -E string Use given virtual URL as 404 error handler\n"
@@ -179,6 +180,9 @@ static void init_defaults_pre(void)
conf.cgi_prefix = "/cgi-bin";
conf.cgi_path = "/sbin:/usr/sbin:/bin:/usr/bin";
INIT_LIST_HEAD(&conf.cgi_alias);
+#ifdef HAVE_TLS
+ INIT_LIST_HEAD(&conf.no_tls_redirect);
+#endif
}
static void init_defaults_post(void)
@@ -222,6 +226,7 @@ int main(int argc, char **argv)
int cur_fd;
int bound = 0;
#ifdef HAVE_TLS
+ struct no_tls_redirect *no_tls_redirect;
int n_tls = 0;
const char *tls_key = NULL, *tls_crt = NULL;
#endif
@@ -232,7 +237,7 @@ int main(int argc, char **argv)
init_defaults_pre();
signal(SIGPIPE, SIG_IGN);
- while ((ch = getopt(argc, argv, "A:aC:c:Dd:E:fh:H:I:i:K:k:L:l:m:N:n:p:qRr:Ss:T:t:U:u:Xx:y:")) != -1) {
+ while ((ch = getopt(argc, argv, "A:aC:c:Dd:E:fh:H:I:i:K:k:L:l:m:N:n:p:qQ:Rr:Ss:T:t:U:u:Xx:y:")) != -1) {
switch(ch) {
#ifdef HAVE_TLS
case 'C':
@@ -247,6 +252,16 @@ int main(int argc, char **argv)
conf.tls_redirect = 1;
break;
+ case 'Q':
+ no_tls_redirect = calloc(1, sizeof(*no_tls_redirect));
+ if (!no_tls_redirect) {
+ fprintf(stderr, "Error: failed to allocate no_tls_redirect\n");
+ exit(1);
+ }
+ no_tls_redirect->path = strdup(optarg);
+ list_add(&no_tls_redirect->list, &conf.no_tls_redirect);
+ break;
+
case 's':
n_tls++;
/* fall through */
@@ -254,6 +269,7 @@ int main(int argc, char **argv)
case 'C':
case 'K':
case 'q':
+ case 'Q':
case 's':
fprintf(stderr, "uhttpd: TLS support not compiled, "
"ignoring -%c\n", ch);
@@ -52,6 +52,13 @@ struct alias {
char *path;
};
+#ifdef HAVE_TLS
+struct no_tls_redirect {
+ struct list_head list;
+ char *path;
+};
+#endif
+
struct config {
const char *docroot;
const char *realm;
@@ -68,7 +75,9 @@ struct config {
int no_dirlists;
int network_timeout;
int rfc1918_filter;
+#ifdef HAVE_TLS
int tls_redirect;
+#endif
int tcp_keepalive;
int max_script_requests;
int max_connections;
@@ -78,6 +87,9 @@ struct config {
int ubus_cors;
int cgi_prefix_len;
struct list_head cgi_alias;
+#ifdef HAVE_TLS
+ struct list_head no_tls_redirect;
+#endif
};
struct auth_realm {