OTP-9094: [httpc] Add support for upload body streaming (PUT and POST).

	  Filipe David Manana

OTP-9114: [ftp] Added (type) spec for all exported functions.

OTP-9123: mod_esi:deliver/2 made to accept binary data.
	  Bernard Duggan

OTP-9124: [httpd] Prevent XSS in error pages.
	  Michael Santos

OTP-9131: [httpd] Wrong security property names used in documentation.
	  Garrett Smith

OTP-9157: [httpd] Improved error messages.
	  Ricardo Catalinas Jim�nez

OTP-9158: [httpd] Fix timeout message generated by mod_esi.
	  Bernard Duggan

OTP-9202: [httpd] Extended support for file descriptors.
	  Attila Rajmund Nohl

OTP-9230: The default ssl kind has now been changed to essl.

OTP-9246: [httpc] httpc manager crash because of a handler retry
	  race condition.

Merge branch 'bmk/inets/inet56_integration' into dev

6 files changed, 66 insertions, 54 deletions

diff --git a/lib/inets/src/http_server/httpd_file.erl b/lib/inets/src/http_server/httpd_file.erl
index 7e21d9e158..ccc1f7874a 100644
--- a/lib/inets/src/http_server/httpd_file.erl
+++ b/lib/inets/src/http_server/httpd_file.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %% 
-%% Copyright Ericsson AB 2006-2010. All Rights Reserved.
+%% Copyright Ericsson AB 2006-2011. All Rights Reserved.
 %% 
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -26,22 +26,21 @@
 
 
 handle_error(eacces, Op, ModData, Path) ->
-    handle_error(403, Op, ModData, Path,"Forbidden");
+    handle_error(403, Op, ModData, Path, ": Forbidden");
 handle_error(enoent, Op, ModData, Path) ->
-    handle_error(404, Op, ModData, Path,"File not found");
+    handle_error(404, Op, ModData, Path, ": File not found");
 handle_error(enotdir, Op, ModData, Path) ->
     handle_error(404, Op, ModData, Path,
-	       ": A component of the file name is not a directory");
+	         ": A component of the file name is not a directory");
 handle_error(emfile, Op, _ModData, Path) ->
     handle_error(500, Op, none, Path, ": To many open files");
 handle_error({enfile,_}, Op, _ModData, Path) ->
     handle_error(500, Op, none, Path, ": File table overflow");
 handle_error(_Reason, Op, ModData, Path) ->
-    handle_error(404, Op, ModData, Path, "File not found").
-	    
-handle_error(StatusCode, Op, none, Path, Reason) ->
-    {StatusCode, none, ?NICE("Can't " ++ Op ++ Path ++ Reason)};
+    handle_error(404, Op, ModData, Path, ": File not found").
 
+handle_error(StatusCode, Op, none, Path, Reason) ->
+    {StatusCode, none, ?NICE("Can't " ++ Op ++ " " ++ Path ++ Reason)};
 handle_error(StatusCode, Op, ModData, Path, Reason) ->
     {StatusCode, ModData#mod.request_uri,
-     ?NICE("Can't " ++ Op ++ Path ++ Reason)}.
+     ?NICE("Can't " ++ Op ++ " " ++ Path ++ Reason)}.
diff --git a/lib/inets/src/http_server/httpd_log.erl b/lib/inets/src/http_server/httpd_log.erl
index f3ea3aa0e2..db1e2c627a 100644
--- a/lib/inets/src/http_server/httpd_log.erl
+++ b/lib/inets/src/http_server/httpd_log.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %% 
-%% Copyright Ericsson AB 2008-2009. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2011. All Rights Reserved.
 %% 
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -113,7 +113,7 @@ do_error_entry(ConfigDB, RemoteHost, undefined, Date, Reason) ->
 do_error_entry(ConfigDB, RemoteHost, URI, Date, Reason) ->
     case httpd_util:lookup(ConfigDB, error_log_format, pretty) of
 	pretty ->
-	   io_lib:format("[~s] access to ~s failed for ~s reason: ~n~p~n",
+	   io_lib:format("[~s] access to ~s failed for ~s, reason: ~n~p~n",
 			 [Date, URI, RemoteHost, Reason]);
 	compact ->
 	   io_lib:format( "[~s] access to ~s failed for ~s, reason: ~w~n", 
diff --git a/lib/inets/src/http_server/httpd_request_handler.erl b/lib/inets/src/http_server/httpd_request_handler.erl
index a9db6e2058..c3b47ce390 100644
--- a/lib/inets/src/http_server/httpd_request_handler.erl
+++ b/lib/inets/src/http_server/httpd_request_handler.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1997-2010. All Rights Reserved.
+%% Copyright Ericsson AB 1997-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -240,13 +240,13 @@ handle_info({ssl_error, _, _} = Reason, State) ->
 
 %% Timeouts
 handle_info(timeout, #state{mod = ModData, mfa = {_, parse, _}} = State) ->
-    error_log("No request received on keep-alive connection" 
+    error_log("No request received on keep-alive connection "
 	      "before server side timeout", ModData),
     %% No response should be sent!
     {stop, normal, State#state{response_sent = true}}; 
 handle_info(timeout, #state{mod = ModData} = State) ->
     httpd_response:send_status(ModData, 408, "Request timeout"),
-    error_log("The client did not send the whole request before the"
+    error_log("The client did not send the whole request before the "
 	      "server side timeout", ModData),
     {stop, normal, State#state{response_sent = true}};
 
diff --git a/lib/inets/src/http_server/httpd_sup.erl b/lib/inets/src/http_server/httpd_sup.erl
index f94e5459c1..d028a19bf0 100644
--- a/lib/inets/src/http_server/httpd_sup.erl
+++ b/lib/inets/src/http_server/httpd_sup.erl
@@ -90,7 +90,7 @@ id(Address, Port) ->
 %%%  Supervisor callback
 %%%=========================================================================
 init([HttpdServices]) ->
-    ?hdrd("starting", []),
+    ?hdrd("starting", [{httpd_service, HttpdServices}]),
     RestartStrategy = one_for_one,
     MaxR = 10,
     MaxT = 3600,
@@ -182,24 +182,32 @@ httpd_child_spec(ConfigFile, AcceptTimeout, Debug) ->
 	    Error
     end.
 
-httpd_child_spec(Config, AcceptTimeout, Debug, Addr, 0) ->
-	case start_listen(Addr, 0, Config) of
-	    {Pid, {NewPort, NewConfig, ListenSocket}} ->
-		Name      = {httpd_instance_sup, Addr, NewPort},
-		StartFunc = {httpd_instance_sup, start_link,
-			     [NewConfig, AcceptTimeout, 
-			      {Pid, ListenSocket}, Debug]},
-		Restart   = permanent, 
-		Shutdown  = infinity,
-		Modules   = [httpd_instance_sup],
-		Type      = supervisor,
-		{Name, StartFunc, Restart, Shutdown, Type, Modules};
-	    {Pid, {error, Reason}}  ->
-		exit(Pid, normal),
-		{error, Reason}
-	end;
-		    
 httpd_child_spec(Config, AcceptTimeout, Debug, Addr, Port) ->
+    case Port == 0 orelse proplists:is_defined(fd, Config) of
+	true ->
+	    httpd_child_spec_listen(Config, AcceptTimeout, Debug, Addr, Port);
+	false ->
+	    httpd_child_spec_nolisten(Config, AcceptTimeout, Debug, Addr, Port)
+    end.
+
+httpd_child_spec_listen(Config, AcceptTimeout, Debug, Addr, Port) ->
+    case start_listen(Addr, Port, Config) of
+	{Pid, {NewPort, NewConfig, ListenSocket}} ->
+	    Name      = {httpd_instance_sup, Addr, NewPort},
+	    StartFunc = {httpd_instance_sup, start_link,
+			 [NewConfig, AcceptTimeout, 
+			  {Pid, ListenSocket}, Debug]},
+	    Restart   = permanent, 
+	    Shutdown  = infinity,
+	    Modules   = [httpd_instance_sup],
+	    Type      = supervisor,
+	    {Name, StartFunc, Restart, Shutdown, Type, Modules};
+	{Pid, {error, Reason}}  ->
+	    exit(Pid, normal),
+	    {error, Reason}
+    end.
+		    
+httpd_child_spec_nolisten(Config, AcceptTimeout, Debug, Addr, Port) ->
     Name = {httpd_instance_sup, Addr, Port},
     StartFunc = {httpd_instance_sup, start_link,
 		 [Config, AcceptTimeout, Debug]},
@@ -224,7 +232,8 @@ listen(Address, Port, Config)  ->
     SocketType = proplists:get_value(socket_type, Config, ip_comm), 
     case http_transport:start(SocketType) of
 	ok ->
-	    case http_transport:listen(SocketType, Address, Port) of
+	    Fd = proplists:get_value(fd, Config), 
+	    case http_transport:listen(SocketType, Address, Port, Fd) of
 		{ok, ListenSocket} ->
 		    NewConfig = proplists:delete(port, Config),
 		    {ok, NewPort} = inet:port(ListenSocket),
diff --git a/lib/inets/src/http_server/httpd_util.erl b/lib/inets/src/http_server/httpd_util.erl
index 789f12652b..c1aff65d5e 100644
--- a/lib/inets/src/http_server/httpd_util.erl
+++ b/lib/inets/src/http_server/httpd_util.erl
@@ -181,7 +181,7 @@ message(304, _URL,_) ->
 message(400,none,_) ->
     "Your browser sent a query that this server could not understand.";
 message(400,Msg,_) ->
-    "Your browser sent a query that this server could not understand. "++ maybe_encode(Msg);
+    "Your browser sent a query that this server could not understand. "++ http_util:html_encode(Msg);
 message(401,none,_) ->
     "This server could not verify that you
 are authorized to access the document you
@@ -190,48 +190,48 @@ credentials (e.g., bad password), or your
 browser doesn't understand how to supply
 the credentials required.";
 message(403,RequestURI,_) ->
-    "You don't have permission to access "++ maybe_encode(RequestURI) ++" on this server.";
+    "You don't have permission to access "++ http_util:html_encode(RequestURI) ++" on this server.";
 message(404,RequestURI,_) ->
-    "The requested URL " ++ maybe_encode(RequestURI) ++ " was not found on this server.";
+    "The requested URL " ++ http_util:html_encode(RequestURI) ++ " was not found on this server.";
 message(408, Timeout, _) ->
     Timeout;
 message(412,none,_) ->
-    "The requested preconditions where false";
+    "The requested preconditions were false";
 message(413, Reason,_) ->
-    "Entity: " ++ Reason;
+    "Entity: " ++ http_util:html_encode(Reason);
 message(414,ReasonPhrase,_) ->
-    "Message "++ ReasonPhrase ++".";
+    "Message "++ http_util:html_encode(ReasonPhrase) ++".";
 message(416,ReasonPhrase,_) ->
-    ReasonPhrase;
+    http_util:html_encode(ReasonPhrase);
 
 message(500,_,ConfigDB) ->
     ServerAdmin=lookup(ConfigDB,server_admin,"unknown@unknown"),
     "The server encountered an internal error or "
 	"misconfiguration and was unable to complete "
 	"your request.<P>Please contact the server administrator "
-	++ ServerAdmin ++ ", and inform them of the time the error occurred "
+	++ http_util:html_encode(ServerAdmin) ++ ", and inform them of the time the error occurred "
 	"and anything you might have done that may have caused the error.";
 
 message(501,{Method, RequestURI, HTTPVersion}, _ConfigDB) ->
     if
 	is_atom(Method) ->
-	    atom_to_list(Method)++
-		" to "++ maybe_encode(RequestURI)++" ("++HTTPVersion++") not supported.";
+        http_util:html_encode(atom_to_list(Method))++
+		" to "++ http_util:html_encode(RequestURI)++" ("++ http_util:html_encode(HTTPVersion)++") not supported.";
 	is_list(Method) ->
-	    Method++
-		" to "++ maybe_encode(RequestURI)++" ("++HTTPVersion++") not supported."
+	    http_util:html_encode(Method)++
+		" to "++ http_util:html_encode(RequestURI)++" ("++ http_util:html_encode(HTTPVersion)++") not supported."
     end;
 
 message(503, String, _ConfigDB) ->
-    "This service in unavailable due to: "++String.
+    "This service in unavailable due to: "++ http_util:html_encode(String).
 
 maybe_encode(URI) ->
-    case lists:member($%, URI) of
-	true ->
-	    URI;
-	false ->
-	    http_uri:encode(URI)
-    end.
+    Decoded = try http_uri:decode(URI) of
+	N -> N
+    catch
+	error:_ -> URI
+    end,
+    http_uri:encode(Decoded).
 
 %%convert_rfc_date(Date)->{{YYYY,MM,DD},{HH,MIN,SEC}}
 
diff --git a/lib/inets/src/http_server/mod_esi.erl b/lib/inets/src/http_server/mod_esi.erl
index 929185a67a..e36c33b282 100644
--- a/lib/inets/src/http_server/mod_esi.erl
+++ b/lib/inets/src/http_server/mod_esi.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 1997-2010. All Rights Reserved.
+%% Copyright Ericsson AB 1997-2011. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -415,7 +415,7 @@ deliver_webpage_chunk(#mod{config_db = Db} = ModData, Pid, Timeout) ->
 	    end;
 	timeout ->
 	    ?hdrv("deliver_webpage_chunk - timeout", []),
-	    send_headers(ModData, {504, "Timeout"},[{"connection", "close"}]),
+	    send_headers(ModData, 504, [{"connection", "close"}]),
 	    httpd_socket:close(ModData#mod.socket_type, ModData#mod.socket),
 	    process_flag(trap_exit,false),
 	    {proceed,[{response, {already_sent, 200, 0}} | ModData#mod.data]}
@@ -452,6 +452,10 @@ handle_body(Pid, ModData, Body, Timeout, Size, IsDisableChunkedSend) ->
     ?hdrt("handle_body - send chunk", [{timeout, Timeout}, {size, Size}]),
     httpd_response:send_chunk(ModData, Body, IsDisableChunkedSend),
     receive 
+	{esi_data, Data} when is_binary(Data) ->
+	    ?hdrt("handle_body - received binary data (esi)", []),
+	    handle_body(Pid, ModData, Data, Timeout, Size + byte_size(Data),
+			IsDisableChunkedSend);
 	{esi_data, Data} ->
 	    ?hdrt("handle_body - received data (esi)", []),
 	    handle_body(Pid, ModData, Data, Timeout, Size + length(Data),