2012-02-16 20:18:17 -07:00
|
|
|
Eris HTTPD is a part of Dirtbags Capture The Flag
|
|
|
|
(http://dirtbags.net/ctf/). As I was adding more and more patches
|
2012-02-21 17:11:46 -07:00
|
|
|
against fnord 1.10 (http://www.fefe.de/), I decided to fork fnord into
|
|
|
|
a new project. Fnord's author approved of the fork.
|
2012-02-16 20:18:17 -07:00
|
|
|
|
2012-02-21 17:11:46 -07:00
|
|
|
Significant differences between eris and fnord are:
|
2012-02-16 20:18:17 -07:00
|
|
|
|
|
|
|
* command-line arguments instead of compile-time defines
|
|
|
|
* eliminated use of libowfat
|
|
|
|
* no build dependency of dietlibc
|
|
|
|
* elimination of "old style symlink handling"
|
2012-02-21 17:11:46 -07:00
|
|
|
* elimination of user switching (you can use tcpserver -[ug])
|
|
|
|
* elimination of chroot code (you can use chroot)
|
|
|
|
* several bugfixes (sent to the fnord mail list)
|
|
|
|
* removal of (non-functional) content-negotiation
|
2012-02-16 20:18:17 -07:00
|
|
|
|
|
|
|
----
|
|
|
|
|
2011-08-16 14:36:11 -06:00
|
|
|
Usage:
|
|
|
|
|
|
|
|
tcpserver -v -RHl localhost -u 1234 -g 1234 0 80 ./httpd
|
|
|
|
|
|
|
|
Will log to stderr in the form
|
|
|
|
|
|
|
|
127.0.0.1 200 23 localhost Links_(0.96;_Unix) none /index.html
|
|
|
|
|
|
|
|
where 127.0.0.1 is the client IP, 200 is the HTTP exit code, 23 is the
|
|
|
|
size of the content that was served (or 0 for unsuccessful exit codes),
|
|
|
|
localhost is the Host: header (the virtual host), the next token is the
|
|
|
|
user agent with spaces replaced by underscores, the next token (none) is
|
|
|
|
the Referer HTTP header or "none" if none was given, and the rest of
|
|
|
|
each line is the decoded requested URL.
|
|
|
|
|
2012-02-21 17:11:46 -07:00
|
|
|
eris does simple virtual hosting. If the Host: HTTP header is there,
|
|
|
|
eris will try to chdir to a directory of that name, i.e. if the client
|
|
|
|
asks for "/" on host "www.fefe.de", eris will look for
|
|
|
|
"www.fefe.de/index.html". Eris will also try the directory "default"
|
|
|
|
if no specific directory for the virtual host was there. If the
|
|
|
|
directory is a dangling symlink, eris will redirect the whole site.
|
|
|
|
Examples:
|
2011-08-16 14:36:11 -06:00
|
|
|
|
2012-02-21 17:11:46 -07:00
|
|
|
lrwxrwxrwx 1 leitner users 19 May 5 01:09 www.foo.de -> http://www.baz.de/
|
|
|
|
lrwxrwxrwx 1 leitner users 20 May 5 01:12 www.bar.de -> =http://www.baz.de/
|
2011-08-16 14:36:11 -06:00
|
|
|
|
|
|
|
http://www.foo.de/blub.html will be redirected to http://www.baz.de/blub.html.
|
|
|
|
http://www.bar.de/blub.html will be redirected to http://www.baz.de/.
|
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
eris implements el-cheapo HTTP ranges (only byte ranges and only of the
|
2011-08-16 14:36:11 -06:00
|
|
|
form x-y, not multiple ranges).
|
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
eris implements content type matching and Accepts: parsing, but the
|
2011-08-16 14:36:11 -06:00
|
|
|
content type table is compiled in, i.e. to change it, you have to change
|
|
|
|
the source code. Shouldn't be a problem because you _have_ the source
|
|
|
|
code ;)
|
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
eris implements HTTP redirection. If a file is not found, but a
|
|
|
|
dangling symlink is there under the same name, eris will issue a
|
2011-08-16 14:36:11 -06:00
|
|
|
redirection to the contents of that symlink. To be RFC compliant, the
|
|
|
|
symlink must point to a full URL, i.e.
|
|
|
|
|
|
|
|
ln -s ftp://foobar.math.fu-berlin.de/pub/dietlibc/dietlibc-0.11.tar.bz2 dietlibc-0.11.tar.bz2
|
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
eris will change dots at the start of file or directory names to colons
|
2011-08-16 14:36:11 -06:00
|
|
|
in the query before trying to answer them.
|
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
eris understands and implements keep-alive connections.
|
2011-08-16 14:36:11 -06:00
|
|
|
|
2012-02-21 17:11:46 -07:00
|
|
|
eris will use sendfile on Linux to enable zero-copy TCP.
|
|
|
|
|
|
|
|
If eris is given the -a option, it look for a file named ".http-auth"
|
|
|
|
in the root of the host directory. If it's found, eris will run it as
|
|
|
|
".http-auth $host $url" with the environment variable
|
|
|
|
"HTTP_AUTHORIZATION" set to the "Authorization" header sent by the
|
|
|
|
client. If the program returns 0, access will be granted; if it
|
|
|
|
returns 1, eris will return a 401 response.
|
2011-08-16 14:36:11 -06:00
|
|
|
|
2012-02-16 20:18:17 -07:00
|
|
|
If eris is given the -c option, it will regard files
|
2011-08-16 14:36:11 -06:00
|
|
|
whose names end with ".cgi" as CGI programs and try to execute them.
|
|
|
|
CGI programs starting with "nph-" will be handled as no-parse-header
|
|
|
|
CGIs. Please see http://hoohoo.ncsa.uiuc.edu/cgi/interface.html for the
|
|
|
|
CGI specification.
|