And-httpd 0.99.11 review
DownloadAnd-httpd is an HTTP server that currently only maps URLs to files
|
|
And-httpd is an HTTP server that currently only maps URLs to files. In other words, in can take an incoming URL and map it to a file in a number of ways.
And-httpd cannot do CGI or other kinds of code execution. And-httpd cannot even dynamically create directory listings.
Design is a statemachine triggering off IO events, somewhat like thttpd and boa (among others).
Simple tests with ab show it to be about twice as fast as thttpd-2.20c (note that thttpd doesn't support keep-alive, which gives and-httpd a significant advantage -- mainly due to usage of Vstr).
Uses the following system utilities:
poll or epoll, multiplexing
multiple process support. for MP systems
sendfile or mmap, for file contents
LFS
TCP_CORK
TCP_DEFER_ACCEPT
posix_fadvise()
chroot, privilage de-escalation (can also easily be started as non-root)
does a bind mount for /dev/log when in a chroot.
socket filters
IP binding
Is HTTP/1.1 conditionally compliant, as far as I know (and I have tests to prove some of it :).
Supports optional HTTP/1.1 features:
Accept header for Content-Type.
0.9 HTTP compatability support
keep-alive, on by default for 1.1 and 1.0
virtual hosts (via. prefix directories and explicit configuration statements)
if-modified-since/if-unmodified-since
byte ranges (single and multipart/byteranges)
if-range
multipart/byteranges can also be limited to prevent DOS attacks.
accept-encoding/content-encoding for gzip/bzip2 (via. pre-generated files)
Also fully obeys identity
ETags
accept-language negotiation to serve multiple languages
Parses /etc/mime.types file plus extensions for disallowing certain file types.
Can be run "easily" Ie. "and-httpd foo" will start a web server listening on port 80 or 8008 (depending in if you are uid zero) serving the contents of the directory "foo".
Configuration file parser.
Also has optional "per request" configuration files (using the same code, and thus layout, as the main configuration files), allowing you to:
Generate explicit Content-Types.
Generate negotiated Content-Types for requests with multiple types.
Eg. http://www.and.org/vstr/examples/httpd.c is available as text/plain and text/html
Generate Content-MD5 data
Generate Content-Location data.
Generate Expires and Cache-Control data.
Generate all four types of redirect's.
Generate the usable types of error conditions.
Change the file object used to serve the data.
Has a native ACL configuration (can also use Linux socket filters).
All "configuration parameters" done through policies.
Change configuration policy based on ip address connections.
Change configuration policy based on many parameters of the request.
Automatically generate the "right" Vary header based on which fields of the request were tested.
includes init.d file, and allows "local controller" connections for soft restarts, status information etc.
Converter to make log files that look like apache-httpd combined log files.
DOES NOT:
Auto generate directory listings (see ex_dir_list2html in Vstr examples)
SSI, or other file contents parsing (see ex_ssi in Vstr examples)
Run programs (doesn't call exec at all, only calls fork() at startup for MP systems).
Call any i18n/gettext libc functions (will be fixed).
Parse or honor the Accept-Charset header.
Full date parser (not a problem, string matches work well).
And-httpd 0.99.11 keywords