Log on 304

CHANGES

@@ -1,3 +1,6 @@
+3.1.4:
+  Have 304 (Not Modified) responses generate a log entry
+
 3.1.3:
   Have directory indexes generate a log entry
   Remove nop -a option

README.SSL

@@ -0,0 +1,26 @@
+SSL with eris
+=============
+
+Eris does not care what transport is in use: that job is left to the invoking
+program (eg. tcpserver).
+
+Gerrit Pape's `ipsvd` package comes with two programs for running SSL daemons:
+`sslsvd` and `sslio`.  At the time of this writing, however, Gerrit's `ipsvd`
+has no support for IPv6.  Busybox `ipsvd`, and `ucspi-tcp-ipv6`, both do
+support IPv6.
+
+Here is how you can support SSL *and* IPv6:
+
+    cd /srv/www
+    HTTPS=enabled; export HTTPS
+    exec tcpserver -H -R 0 443 \
+        /usr/bin/sslio -u nobody:ssl-cert -U www-data \
+            -C /path/to/mydomain.crt -K /path/to/mydomain.key \
+        /service/httpd/eris -c
+
+This uses `tcpserver` to listen for and accept TCP4 and TCP6 connections.
+These connections are then handed to `sslio`, which drops permissions to
+`nobody:ssl-cert` and starts speaking SSL to `eris` running as `www-data`.
+
+I like to set the `HTTPS` environment variable also, so CGI can tell whether or
+not its connection is secure.

eris.c

@@ -553,6 +553,7 @@ serve_file(int fd, char *filename, struct stat *st)
     if (st->st_mtime <= ims) {
         header(304, "Not Changed");
         eoh();
+        dolog(304, 0);
         return;
     }
 

test.sh

@@ -175,6 +175,9 @@ printf 'GET / HTTP/1.0\r\nIf-Modified-Since: Sun Feb 27 12:12:12 2030\r\n\r\n' |
 title "ims persist"
 printf 'GET / HTTP/1.1\r\nIf-Modified-Since: %s\r\n\r\nGET / HTTP/1.0\r\n\r\n' "$ims" | $HTTPD 2>/dev/null | d | grep -q 'HTTP/1.. 304.*HTTP/1.. 200' && pass || fail
 
+title "Logging"
+(printf 'GET / HTTP/1.0\r\nIf-Modified-Since: %s\r\n\r\n' "$ims" | $HTTPD > /dev/null) 2>&1 | grep -q '304' && pass || fail
+
 
 
 H "Directory indexing"