Very small HTTP/1.1 server requiring inetd or tcpsvd
Go to file
Neale Pickett 1394cb3e87 fix REQUEST_METHOD, add tomfoolery tests 2012-03-08 15:29:04 -07:00
CHANGES Static files + directory indexing 2012-03-07 18:10:16 -07:00
COPYING Import upstream 1.10 2011-08-16 14:36:11 -06:00
Makefile start CGI (does not compile) 2012-03-07 20:55:27 -07:00
README found another fnord bug 2012-02-24 17:03:09 -07:00
TODO remove libowfat (will not compile) 2012-02-13 17:06:42 -07:00
break-fnord.sh Fix 302 bug, found another fnord bug 2012-02-27 22:07:22 -07:00
cgi.c CGI passing some tests 2012-03-07 22:16:02 -07:00
eris.c fix REQUEST_METHOD, add tomfoolery tests 2012-03-08 15:29:04 -07:00
fuzz.sh add a fuzzer 2012-02-24 21:09:33 -07:00
mime.c start CGI (does not compile) 2012-03-07 20:55:27 -07:00
strings.c fix REQUEST_METHOD, add tomfoolery tests 2012-03-08 15:29:04 -07:00
test.sh fix REQUEST_METHOD, add tomfoolery tests 2012-03-08 15:29:04 -07:00
time.c start CGI (does not compile) 2012-03-07 20:55:27 -07:00

README

Eris HTTPD is a part of Dirtbags Capture The Flag
(http://dirtbags.net/ctf/).  As I was adding more and more patches
against fnord 1.10 (http://www.fefe.de/), I decided to fork fnord into
a new project.  Fnord's author approved of the fork.

Significant differences between eris and fnord are:

* command-line arguments instead of compile-time defines
* eliminated use of libowfat
* no build dependency of dietlibc
* elimination of "old style symlink handling"
* elimination of user switching (you can use tcpserver -[ug])
* elimination of chroot code (you can use chroot)
* several bugfixes (sent to the fnord mail list)
* ignores Accept header (fnord does too)

----

Usage:

	tcpserver -v -RHl localhost -u 1234 -g 1234 0 80 ./httpd

Will log to stderr in the form

  127.0.0.1 200 23 localhost Links_(0.96;_Unix) none /index.html

where 127.0.0.1 is the client IP, 200 is the HTTP exit code, 23 is the
size of the content that was served (or 0 for unsuccessful exit codes),
localhost is the Host: header (the virtual host), the next token is the
user agent with spaces replaced by underscores, the next token (none) is
the Referer HTTP header or "none" if none was given, and the rest of
each line is the decoded requested URL.

eris does simple virtual hosting.  If the Host:  HTTP header is there,
eris will try to chdir to a directory of that name, i.e. if the client
asks for "/" on host "www.fefe.de", eris will look for
"www.fefe.de/index.html".  Eris will also try the directory "default"
if no specific directory for the virtual host was there.  If the
directory is a dangling symlink, eris will redirect the whole site. 
Examples:

  lrwxrwxrwx    1 leitner  users          19 May  5 01:09 www.foo.de -> http://www.baz.de/
  lrwxrwxrwx    1 leitner  users          20 May  5 01:12 www.bar.de -> =http://www.baz.de/

http://www.foo.de/blub.html will be redirected to http://www.baz.de/blub.html.
http://www.bar.de/blub.html will be redirected to http://www.baz.de/.

eris implements el-cheapo HTTP ranges (only byte ranges and only of the
form x-y, not multiple ranges).

eris implements content type matching and Accepts: parsing, but the
content type table is compiled in, i.e. to change it, you have to change
the source code.  Shouldn't be a problem because you _have_ the source
code ;)

eris implements HTTP redirection.  If a file is not found, but a
dangling symlink is there under the same name, eris will issue a
redirection to the contents of that symlink.  To be RFC compliant, the
symlink must point to a full URL, i.e.

  ln -s ftp://foobar.math.fu-berlin.de/pub/dietlibc/dietlibc-0.11.tar.bz2 dietlibc-0.11.tar.bz2

eris will change dots at the start of file or directory names to colons
in the query before trying to answer them.

eris understands and implements keep-alive connections.

eris will use sendfile on Linux to enable zero-copy TCP.

If eris is given the -a option, it look for a file named ".http-auth"
in the root of the host directory.  If it's found, eris will run it as
".http-auth $host $url" with the environment variable
"HTTP_AUTHORIZATION" set to the "Authorization" header sent by the
client.  If the program returns 0, access will be granted; if it
returns 1, eris will return a 401 response.

If eris is given the -c option, it will regard files
whose names end with ".cgi" as CGI programs and try to execute them.
CGI programs starting with "nph-" will be handled as no-parse-header
CGIs.  Please see http://hoohoo.ncsa.uiuc.edu/cgi/interface.html for the
CGI specification.