mirror of https://github.com/nealey/eris.git
Neale Pickett 78ec64f506 | ||
---|---|---|
CHANGES | ||
COPYING | ||
Makefile | ||
README | ||
TODO | ||
break-fnord.sh | ||
eris.c | ||
fuzz.sh | ||
test.sh |
README
Eris HTTPD is a part of Dirtbags Capture The Flag (http://dirtbags.net/ctf/). As I was adding more and more patches against fnord 1.10 (http://www.fefe.de/), I decided to fork fnord into a new project. Fnord's author approved of the fork. Significant differences between eris and fnord are: * command-line arguments instead of compile-time defines * eliminated use of libowfat * no build dependency of dietlibc * elimination of "old style symlink handling" * elimination of user switching (you can use tcpserver -[ug]) * elimination of chroot code (you can use chroot) * several bugfixes (sent to the fnord mail list) * ignores Accept header (fnord does too) ---- Usage: tcpserver -v -RHl localhost -u 1234 -g 1234 0 80 ./httpd Will log to stderr in the form 127.0.0.1 200 23 localhost Links_(0.96;_Unix) none /index.html where 127.0.0.1 is the client IP, 200 is the HTTP exit code, 23 is the size of the content that was served (or 0 for unsuccessful exit codes), localhost is the Host: header (the virtual host), the next token is the user agent with spaces replaced by underscores, the next token (none) is the Referer HTTP header or "none" if none was given, and the rest of each line is the decoded requested URL. eris does simple virtual hosting. If the Host: HTTP header is there, eris will try to chdir to a directory of that name, i.e. if the client asks for "/" on host "www.fefe.de", eris will look for "www.fefe.de/index.html". Eris will also try the directory "default" if no specific directory for the virtual host was there. If the directory is a dangling symlink, eris will redirect the whole site. Examples: lrwxrwxrwx 1 leitner users 19 May 5 01:09 www.foo.de -> http://www.baz.de/ lrwxrwxrwx 1 leitner users 20 May 5 01:12 www.bar.de -> =http://www.baz.de/ http://www.foo.de/blub.html will be redirected to http://www.baz.de/blub.html. http://www.bar.de/blub.html will be redirected to http://www.baz.de/. eris implements el-cheapo HTTP ranges (only byte ranges and only of the form x-y, not multiple ranges). eris implements content type matching and Accepts: parsing, but the content type table is compiled in, i.e. to change it, you have to change the source code. Shouldn't be a problem because you _have_ the source code ;) eris implements HTTP redirection. If a file is not found, but a dangling symlink is there under the same name, eris will issue a redirection to the contents of that symlink. To be RFC compliant, the symlink must point to a full URL, i.e. ln -s ftp://foobar.math.fu-berlin.de/pub/dietlibc/dietlibc-0.11.tar.bz2 dietlibc-0.11.tar.bz2 eris will change dots at the start of file or directory names to colons in the query before trying to answer them. eris understands and implements keep-alive connections. eris will use sendfile on Linux to enable zero-copy TCP. If eris is given the -a option, it look for a file named ".http-auth" in the root of the host directory. If it's found, eris will run it as ".http-auth $host $url" with the environment variable "HTTP_AUTHORIZATION" set to the "Authorization" header sent by the client. If the program returns 0, access will be granted; if it returns 1, eris will return a 401 response. If eris is given the -c option, it will regard files whose names end with ".cgi" as CGI programs and try to execute them. CGI programs starting with "nph-" will be handled as no-parse-header CGIs. Please see http://hoohoo.ncsa.uiuc.edu/cgi/interface.html for the CGI specification.