| @@ -1,608 +1,610 @@ | | | @@ -1,608 +1,610 @@ |
1 | .\" $NetBSD: bozohttpd.8,v 1.28 2011/04/24 07:17:02 jmmv Exp $ | | 1 | .\" $NetBSD: bozohttpd.8,v 1.29 2011/04/24 07:18:59 jmmv Exp $ |
2 | .\" | | 2 | .\" |
3 | .\" $eterna: bozohttpd.8,v 1.99 2010/09/20 22:26:28 mrg Exp $ | | 3 | .\" $eterna: bozohttpd.8,v 1.99 2010/09/20 22:26:28 mrg Exp $ |
4 | .\" | | 4 | .\" |
5 | .\" Copyright (c) 1997-2010 Matthew R. Green | | 5 | .\" Copyright (c) 1997-2010 Matthew R. Green |
6 | .\" All rights reserved. | | 6 | .\" All rights reserved. |
7 | .\" | | 7 | .\" |
8 | .\" Redistribution and use in source and binary forms, with or without | | 8 | .\" Redistribution and use in source and binary forms, with or without |
9 | .\" modification, are permitted provided that the following conditions | | 9 | .\" modification, are permitted provided that the following conditions |
10 | .\" are met: | | 10 | .\" are met: |
11 | .\" 1. Redistributions of source code must retain the above copyright | | 11 | .\" 1. Redistributions of source code must retain the above copyright |
12 | .\" notice, this list of conditions and the following disclaimer. | | 12 | .\" notice, this list of conditions and the following disclaimer. |
13 | .\" 2. Redistributions in binary form must reproduce the above copyright | | 13 | .\" 2. Redistributions in binary form must reproduce the above copyright |
14 | .\" notice, this list of conditions and the following disclaimer in the | | 14 | .\" notice, this list of conditions and the following disclaimer in the |
15 | .\" documentation and/or other materials provided with the distribution. | | 15 | .\" documentation and/or other materials provided with the distribution. |
16 | .\" | | 16 | .\" |
17 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | | 17 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
18 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | | 18 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
19 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | | 19 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
20 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | | 20 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
21 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | | 21 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
22 | .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | | 22 | .\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
23 | .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | | 23 | .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
24 | .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | | 24 | .\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, |
25 | .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 25 | .\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 26 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
27 | .\" SUCH DAMAGE. | | 27 | .\" SUCH DAMAGE. |
28 | .\" | | 28 | .\" |
29 | .Dd April 23, 2011 | | 29 | .Dd April 24, 2011 |
30 | .Dt HTTPD 8 | | 30 | .Dt HTTPD 8 |
31 | .Os | | 31 | .Os |
32 | .Sh NAME | | 32 | .Sh NAME |
33 | .Nm httpd | | 33 | .Nm httpd |
34 | .Nd hyper text transfer protocol version 1.1 daemon | | 34 | .Nd hyper text transfer protocol version 1.1 daemon |
35 | .Sh SYNOPSIS | | 35 | .Sh SYNOPSIS |
36 | .Nm | | 36 | .Nm |
37 | .Op Fl befHnrsuVX | | 37 | .Op Fl befHnrsuVX |
38 | .Op Fl C Ar suffix cgihandler | | 38 | .Op Fl C Ar suffix cgihandler |
39 | .Op Fl c Ar cgibin | | 39 | .Op Fl c Ar cgibin |
40 | .Op Fl I Ar port | | 40 | .Op Fl I Ar port |
41 | .Op Fl i Ar address | | 41 | .Op Fl i Ar address |
42 | .Op Fl M Ar suffix type encoding encoding11 | | 42 | .Op Fl M Ar suffix type encoding encoding11 |
43 | .Op Fl P Ar pidfile | | 43 | .Op Fl P Ar pidfile |
44 | .Op Fl p Ar pubdir | | 44 | .Op Fl p Ar pubdir |
45 | .Op Fl S Ar server_software | | 45 | .Op Fl S Ar server_software |
46 | .Op Fl t Ar chrootdir | | 46 | .Op Fl t Ar chrootdir |
47 | .Op Fl v Ar virtualroot | | 47 | .Op Fl v Ar virtualroot |
48 | .Op Fl x Ar index | | 48 | .Op Fl x Ar index |
49 | .Op Fl Z Ar cert privkey | | 49 | .Op Fl Z Ar cert privkey |
50 | .Ar slashdir | | 50 | .Ar slashdir |
51 | .Op Ar myname | | 51 | .Op Ar myname |
52 | .Sh DESCRIPTION | | 52 | .Sh DESCRIPTION |
53 | The | | 53 | The |
54 | .Nm | | 54 | .Nm |
55 | program reads a | | 55 | program reads a |
56 | .Em HTTP | | 56 | .Em HTTP |
57 | request from the standard input, and sends a reply to the standard output. | | 57 | request from the standard input, and sends a reply to the standard output. |
58 | Besides ~user translation and virtual hosting support (see below), all file | | 58 | Besides ~user translation and virtual hosting support (see below), all file |
59 | requests are from | | 59 | requests are from |
60 | .Ar slashdir | | 60 | .Ar slashdir |
61 | directory. | | 61 | directory. |
62 | The server uses | | 62 | The server uses |
63 | .Ar myname | | 63 | .Ar myname |
64 | as its name, which defaults to the local hostname, obtained from | | 64 | as its name, which defaults to the local hostname, obtained from |
65 | .Xr gethostname 3 | | 65 | .Xr gethostname 3 |
66 | (but see the | | 66 | (but see the |
67 | .Fl v | | 67 | .Fl v |
68 | option for virtual hosting.) | | 68 | option for virtual hosting.) |
69 | .Nm | | 69 | .Nm |
70 | writes logs to | | 70 | writes logs to |
71 | .Xr syslog 3 | | 71 | .Xr syslog 3 |
72 | using the ftp facility (but see the | | 72 | using the ftp facility (but see the |
73 | .Fl s | | 73 | .Fl s |
74 | option for testing.) | | 74 | option for testing.) |
75 | .Nm | | 75 | .Nm |
76 | is designed to be small, simple and relatively featureless, | | 76 | is designed to be small, simple and relatively featureless, |
77 | hopefully increasing its security. | | 77 | hopefully increasing its security. |
78 | .Ss OPTIONS | | 78 | .Ss OPTIONS |
79 | The following options are available: | | 79 | The following options are available: |
80 | .Bl -tag -width xxxcgibin | | 80 | .Bl -tag -width xxxcgibin |
81 | .It Fl b | | 81 | .It Fl b |
82 | Enables daemon mode, where | | 82 | Enables daemon mode, where |
83 | .Nm | | 83 | .Nm |
84 | detaches from the current terminal, running in the background and | | 84 | detaches from the current terminal, running in the background and |
85 | servicing HTTP requests. | | 85 | servicing HTTP requests. |
86 | .It Fl C Ar suffix cgihandler | | 86 | .It Fl C Ar suffix cgihandler |
87 | Adds a new CGI handler program for a particular file type. | | 87 | Adds a new CGI handler program for a particular file type. |
88 | The | | 88 | The |
89 | .Ar suffix | | 89 | .Ar suffix |
90 | should be any normal file suffix, and the | | 90 | should be any normal file suffix, and the |
91 | .Ar cgihandler | | 91 | .Ar cgihandler |
92 | should be a full path to an interpreter. | | 92 | should be a full path to an interpreter. |
93 | This option is the only way to enable CGI programs that exist | | 93 | This option is the only way to enable CGI programs that exist |
94 | outside of the cgibin directory to be executed. | | 94 | outside of the cgibin directory to be executed. |
95 | Multiple | | 95 | Multiple |
96 | .Fl C | | 96 | .Fl C |
97 | options may be passed. | | 97 | options may be passed. |
98 | .It Fl c Ar cgibin | | 98 | .It Fl c Ar cgibin |
99 | Enables the CGI/1.1 interface. | | 99 | Enables the CGI/1.1 interface. |
100 | The | | 100 | The |
101 | .Ar cgibin | | 101 | .Ar cgibin |
102 | directory is expected to contain the CGI programs to be used. | | 102 | directory is expected to contain the CGI programs to be used. |
103 | .Nm | | 103 | .Nm |
104 | looks for URL's in the form of | | 104 | looks for URL's in the form of |
105 | .Em /cgi-bin/\*[Lt]scriptname\*[Gt] | | 105 | .Em /cgi-bin/\*[Lt]scriptname\*[Gt] |
106 | where | | 106 | where |
107 | .Aq scriptname | | 107 | .Aq scriptname |
108 | is a valid CGI program in the | | 108 | is a valid CGI program in the |
109 | .Ar cgibin | | 109 | .Ar cgibin |
110 | directory. | | 110 | directory. |
111 | In other words, all CGI URL's must begin with | | 111 | In other words, all CGI URL's must begin with |
112 | .Em \%/cgi-bin/ . | | 112 | .Em \%/cgi-bin/ . |
113 | Note that the CGI/1.1 interface is not available with | | 113 | Note that the CGI/1.1 interface is not available with |
114 | .Em ~user | | 114 | .Em ~user |
115 | translation. | | 115 | translation. |
116 | .It Fl e | | 116 | .It Fl e |
117 | Causes | | 117 | Causes |
118 | .Nm | | 118 | .Nm |
119 | to not clear the environment when used with either the | | 119 | to not clear the environment when used with either the |
120 | .Fl t | | 120 | .Fl t |
121 | or | | 121 | or |
122 | .Fl U | | 122 | .Fl U |
123 | options. | | 123 | options. |
124 | .It Fl f | | 124 | .It Fl f |
125 | Stops the | | 125 | Stops the |
126 | .Fl b | | 126 | .Fl b |
127 | flag from | | 127 | flag from |
128 | .Nm | | 128 | .Nm |
129 | detaching from the tty and going into the background. | | 129 | detaching from the tty and going into the background. |
130 | .It Fl H | | 130 | .It Fl H |
131 | Causes directory index mode to hide files and directories | | 131 | Causes directory index mode to hide files and directories |
132 | that start with a period, except for | | 132 | that start with a period, except for |
133 | .Pa .. . | | 133 | .Pa .. . |
134 | Also see | | 134 | Also see |
135 | .Fl X . | | 135 | .Fl X . |
136 | .It Fl I Ar port | | 136 | .It Fl I Ar port |
137 | Causes | | 137 | Causes |
138 | .Ar port | | 138 | .Ar port |
139 | to use used as the port to bind daemon mode. | | 139 | to use used as the port to bind daemon mode. |
140 | The default is the | | 140 | The default is the |
141 | .Dq http | | 141 | .Dq http |
142 | port. | | 142 | port. |
143 | This option is only valid with the | | 143 | This option is only valid with the |
144 | .Fl b | | 144 | .Fl b |
145 | option. | | 145 | option. |
146 | .It Fl i Ar address | | 146 | .It Fl i Ar address |
147 | Causes | | 147 | Causes |
148 | .Ar address | | 148 | .Ar address |
149 | to use used as the address to bind daemon mode. | | 149 | to use used as the address to bind daemon mode. |
150 | If otherwise unspecified, the address used to bind is derived from the | | 150 | If otherwise unspecified, the address used to bind is derived from the |
151 | .Ar myname , | | 151 | .Ar myname , |
152 | which defaults to the name returned by | | 152 | which defaults to the name returned by |
153 | .Xr gethostname 3 . | | 153 | .Xr gethostname 3 . |
154 | Only the last | | 154 | Only the last |
155 | .Fl i | | 155 | .Fl i |
156 | option is used. | | 156 | option is used. |
157 | This option is only valid with the | | 157 | This option is only valid with the |
158 | .Fl b | | 158 | .Fl b |
159 | option. | | 159 | option. |
160 | .It Fl M Ar suffix type encoding encoding11 | | 160 | .It Fl M Ar suffix type encoding encoding11 |
161 | Adds a new entry to the table that converts file suffixes to | | 161 | Adds a new entry to the table that converts file suffixes to |
162 | content type and encoding. | | 162 | content type and encoding. |
163 | This option takes four additional arguments containing | | 163 | This option takes four additional arguments containing |
164 | the file prefix, its | | 164 | the file prefix, its |
165 | .Dq Content-Type , | | 165 | .Dq Content-Type , |
166 | .Dq Content-Encoding , | | 166 | .Dq Content-Encoding , |
167 | and | | 167 | and |
168 | .Dq Content-Encoding | | 168 | .Dq Content-Encoding |
169 | for HTTP/1.1 connections, respectively. | | 169 | for HTTP/1.1 connections, respectively. |
170 | If any of these are a single dash | | 170 | If any of these are a single dash |
171 | .Pq Dq - , | | 171 | .Pq Dq - , |
172 | the empty string is used instead. | | 172 | the empty string is used instead. |
173 | Multiple | | 173 | Multiple |
174 | .Fl M | | 174 | .Fl M |
175 | options may be passed. | | 175 | options may be passed. |
176 | .It Fl n | | 176 | .It Fl n |
177 | Stops | | 177 | Stops |
178 | .Nm | | 178 | .Nm |
179 | from doing IP address to name resolution of hosts for setting the | | 179 | from doing IP address to name resolution of hosts for setting the |
180 | .Ev REMOTE_HOST | | 180 | .Ev REMOTE_HOST |
181 | variable before running a CGI program. | | 181 | variable before running a CGI program. |
182 | This option has no effect without the | | 182 | This option has no effect without the |
183 | .Fl c | | 183 | .Fl c |
184 | option. | | 184 | option. |
185 | .It Fl P Ar pidfile | | 185 | .It Fl P Ar pidfile |
186 | Causes | | 186 | Causes |
187 | .Nm | | 187 | .Nm |
188 | to create a pid file in | | 188 | to create a pid file in |
189 | .Ar pidfile | | 189 | .Ar pidfile |
190 | when run in daemon mode with the | | 190 | when run in daemon mode with the |
191 | .Fl b | | 191 | .Fl b |
192 | option. | | 192 | option. |
193 | .It Fl p Ar pubdir | | 193 | .It Fl p Ar pubdir |
194 | Changes the default user directory for | | 194 | Changes the default user directory for |
195 | .Em /~user/ | | 195 | .Em /~user/ |
196 | translations from | | 196 | translations from |
197 | .Dq public_html | | 197 | .Dq public_html |
198 | to | | 198 | to |
199 | .Ar pubdir . | | 199 | .Ar pubdir . |
200 | .It Fl r | | 200 | .It Fl r |
201 | Forces pages besides the | | 201 | Forces pages besides the |
202 | .Dq index.html | | 202 | .Dq index.html |
203 | (see the | | 203 | (see the |
204 | .Fl X | | 204 | .Fl X |
205 | option) page to require that the Referrer: header be present and | | 205 | option) page to require that the Referrer: header be present and |
206 | refer to this web server, otherwise a redirect to the | | 206 | refer to this web server, otherwise a redirect to the |
207 | .Dq index.html | | 207 | .Dq index.html |
208 | page will be returned instead. | | 208 | page will be returned instead. |
209 | .It Fl S Ar server_software | | 209 | .It Fl S Ar server_software |
210 | Sets the internal server version to | | 210 | Sets the internal server version to |
211 | .Ar server_software . | | 211 | .Ar server_software . |
212 | .It Fl s | | 212 | .It Fl s |
213 | Forces logging to be set to stderr always. | | 213 | Forces logging to be set to stderr always. |
214 | .It Fl t Ar chrootdir | | 214 | .It Fl t Ar chrootdir |
215 | Makes | | 215 | Makes |
216 | .Nm | | 216 | .Nm |
217 | chroot to the specified directory | | 217 | chroot to the specified directory |
218 | before answering requests. | | 218 | before answering requests. |
219 | Every other path should be specified relative | | 219 | Every other path should be specified relative |
220 | to the new root, if this option is used. | | 220 | to the new root, if this option is used. |
221 | Note that the current environment | | 221 | Note that the current environment |
222 | is normally replaced with an empty environment with this option, unless the | | 222 | is normally replaced with an empty environment with this option, unless the |
223 | .Fl e | | 223 | .Fl e |
224 | option is also used. | | 224 | option is also used. |
225 | .It Fl U Ar username | | 225 | .It Fl U Ar username |
226 | Causes | | 226 | Causes |
227 | .Nm | | 227 | .Nm |
228 | to switch to the user and the groups of | | 228 | to switch to the user and the groups of |
229 | .Ar username | | 229 | .Ar username |
230 | after initialization. | | 230 | after initialization. |
231 | This option, like | | 231 | This option, like |
232 | .Fl t | | 232 | .Fl t |
233 | above, causes | | 233 | above, causes |
234 | .Nm | | 234 | .Nm |
235 | to clear the environment unless the | | 235 | to clear the environment unless the |
236 | .Fl e | | 236 | .Fl e |
237 | option is given. | | 237 | option is given. |
238 | .It Fl u | | 238 | .It Fl u |
239 | Enables the transformation of Uniform Resource Locators of | | 239 | Enables the transformation of Uniform Resource Locators of |
240 | the form | | 240 | the form |
241 | .Em /~user/ | | 241 | .Em /~user/ |
242 | into the directory | | 242 | into the directory |
243 | .Pa ~user/public_html | | 243 | .Pa ~user/public_html |
244 | (but see the | | 244 | (but see the |
245 | .Fl p | | 245 | .Fl p |
246 | option above). | | 246 | option above). |
247 | .It Fl V | | 247 | .It Fl V |
248 | Sets the default virtual host directory to | | 248 | Sets the default virtual host directory to |
249 | .Ar slashdir . | | 249 | .Ar slashdir . |
250 | If no directory exists in | | 250 | If no directory exists in |
251 | .Ar virtualroot | | 251 | .Ar virtualroot |
252 | for the request, then | | 252 | for the request, then |
253 | .Ar slashdir | | 253 | .Ar slashdir |
254 | will be used. | | 254 | will be used. |
255 | The default behaviour is to return 404 (Not Found.) | | 255 | The default behaviour is to return 404 (Not Found.) |
256 | .It Fl v Ar virtualroot | | 256 | .It Fl v Ar virtualroot |
257 | Enables virtual hosting support. | | 257 | Enables virtual hosting support. |
258 | Directories in | | 258 | Directories in |
259 | .Ar virtualroot | | 259 | .Ar virtualroot |
260 | will be searched for a matching virtual host name, when parsing | | 260 | will be searched for a matching virtual host name, when parsing |
261 | the HTML request. | | 261 | the HTML request. |
262 | If a matching name is found, it will be used | | 262 | If a matching name is found, it will be used |
263 | as both the server's real name, | | 263 | as both the server's real name, |
264 | .Op Ar myname , | | 264 | .Op Ar myname , |
265 | and as the | | 265 | and as the |
266 | .Ar slashdir . | | 266 | .Ar slashdir . |
267 | See the | | 267 | See the |
268 | .Sx EXAMPLES | | 268 | .Sx EXAMPLES |
269 | section for an example of using this option. | | 269 | section for an example of using this option. |
270 | .It Fl X | | 270 | .It Fl X |
271 | Enables directory indexing. | | 271 | Enables directory indexing. |
272 | A directory index will be generated only when the default file (i.e. | | 272 | A directory index will be generated only when the default file (i.e. |
273 | .Pa index.html | | 273 | .Pa index.html |
274 | normally) is not present. | | 274 | normally) is not present. |
275 | .It Fl x Ar index | | 275 | .It Fl x Ar index |
276 | Changes the default file read for directories from | | 276 | Changes the default file read for directories from |
277 | .Dq index.html | | 277 | .Dq index.html |
278 | to | | 278 | to |
279 | .Ar index . | | 279 | .Ar index . |
280 | .It Fl Z Ar certificate_path privatekey_path | | 280 | .It Fl Z Ar certificate_path privatekey_path |
281 | Sets the path to the server certificate file and the private key file | | 281 | Sets the path to the server certificate file and the private key file |
282 | in pem format. | | 282 | in pem format. |
283 | It also causes | | 283 | It also causes |
284 | .Nm | | 284 | .Nm |
285 | to start SSL mode. | | 285 | to start SSL mode. |
286 | .El | | 286 | .El |
287 | .Pp | | 287 | .Pp |
288 | Note that in | | 288 | Note that in |
289 | .Nm | | 289 | .Nm |
290 | versions 20031005 and prior that supported the | | 290 | versions 20031005 and prior that supported the |
291 | .Fl C | | 291 | .Fl C |
292 | and | | 292 | and |
293 | .Fl M | | 293 | .Fl M |
294 | options, they took a single space-separated argument that was parsed. | | 294 | options, they took a single space-separated argument that was parsed. |
295 | since version 20040828, they take multiple options (2 in the case of | | 295 | since version 20040828, they take multiple options (2 in the case of |
296 | .Fl C | | 296 | .Fl C |
297 | and 4 in the case of | | 297 | and 4 in the case of |
298 | .Fl M . ) | | 298 | .Fl M . ) |
299 | .Ss INETD CONFIGURATION | | 299 | .Ss INETD CONFIGURATION |
300 | As | | 300 | As |
301 | .Nm | | 301 | .Nm |
302 | uses | | 302 | uses |
303 | .Xr inetd 8 | | 303 | .Xr inetd 8 |
304 | by default to process incoming TCP connections for HTTP requests | | 304 | by default to process incoming TCP connections for HTTP requests |
305 | (but see the | | 305 | (but see the |
306 | .Fl b | | 306 | .Fl b |
307 | option), | | 307 | option), |
308 | .Nm | | 308 | .Nm |
309 | has little internal networking knowledge. | | 309 | has little internal networking knowledge. |
310 | (Indeed, you can run it on the command line with little change of functionality.) | | 310 | (Indeed, you can run it on the command line with little change of functionality.) |
311 | A typical | | 311 | A typical |
312 | .Xr inetd.conf 5 | | 312 | .Xr inetd.conf 5 |
313 | entry would be: | | 313 | entry would be: |
314 | .Bd -literal | | 314 | .Bd -literal |
315 | http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd /var/www | | 315 | http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd /var/www |
316 | http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www | | 316 | http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www |
317 | .Ed | | 317 | .Ed |
318 | .Pp | | 318 | .Pp |
319 | This would serve web pages from | | 319 | This would serve web pages from |
320 | .Pa /var/www | | 320 | .Pa /var/www |
321 | on both IPv4 and IPv6 ports. | | 321 | on both IPv4 and IPv6 ports. |
322 | The | | 322 | The |
323 | .Em :600 | | 323 | .Em :600 |
324 | changes the | | 324 | changes the |
325 | requests per minute to 600, up from the | | 325 | requests per minute to 600, up from the |
326 | .Xr inetd 8 | | 326 | .Xr inetd 8 |
327 | default of 40. | | 327 | default of 40. |
328 | .Pp | | 328 | .Pp |
329 | Using the | | 329 | Using the |
330 | .Nx | | 330 | .Nx |
331 | .Xr inetd 8 , | | 331 | .Xr inetd 8 , |
332 | you can provide multiple IP-address based HTTP servers by having multiple | | 332 | you can provide multiple IP-address based HTTP servers by having multiple |
333 | listening ports with different configurations. | | 333 | listening ports with different configurations. |
334 | .Ss NOTES | | 334 | .Ss NOTES |
335 | This server supports the | | 335 | This server supports the |
336 | .Em HTTP/0.9 , | | 336 | .Em HTTP/0.9 , |
337 | .Em HTTP/1.0 , | | 337 | .Em HTTP/1.0 , |
338 | and | | 338 | and |
339 | .Em HTTP/1.1 | | 339 | .Em HTTP/1.1 |
340 | standards. | | 340 | standards. |
341 | Support for these protocols is very minimal and many optional features are | | 341 | Support for these protocols is very minimal and many optional features are |
342 | not supported. | | 342 | not supported. |
343 | .Pp | | 343 | .Pp |
344 | .Nm | | 344 | .Nm |
345 | can be compiled without CGI support (NO_CGIBIN_SUPPORT), user | | 345 | can be compiled without CGI support (NO_CGIBIN_SUPPORT), user |
346 | transformations (NO_USER_SUPPORT), directory index support (NO_DIRINDEX_SUPPORT), | | 346 | transformations (NO_USER_SUPPORT), directory index support (NO_DIRINDEX_SUPPORT), |
347 | daemon mode support (NO_DAEMON_MODE), and dynamic MIME content | | 347 | daemon mode support (NO_DAEMON_MODE), and dynamic MIME content |
348 | (NO_DYNAMIC_CONTENT), and SSL support (NO_SSL_SUPPORT) by defining the listed | | 348 | (NO_DYNAMIC_CONTENT), and SSL support (NO_SSL_SUPPORT) by defining the listed |
349 | macros when building | | 349 | macros when building |
350 | .Nm . | | 350 | .Nm . |
351 | .Ss HTTP BASIC AUTHORISATION | | 351 | .Ss HTTP BASIC AUTHORISATION |
352 | .Nm | | 352 | .Nm |
353 | has support for HTTP Basic Authorisation. | | 353 | has support for HTTP Basic Authorisation. |
354 | If a file named | | 354 | If a file named |
355 | .Pa .htpasswd | | 355 | .Pa .htpasswd |
356 | exists in the directory of the current request, | | 356 | exists in the directory of the current request, |
357 | .Nm | | 357 | .Nm |
358 | will restrict access to documents in that directory | | 358 | will restrict access to documents in that directory |
359 | using the RFC 2617 HTTP | | 359 | using the RFC 2617 HTTP |
360 | .Dq Basic | | 360 | .Dq Basic |
361 | authentication scheme. | | 361 | authentication scheme. |
362 | .Pp | | 362 | .Pp |
363 | Note: | | 363 | Note: |
364 | This does not recursively protect any sub-directories. | | 364 | This does not recursively protect any sub-directories. |
365 | .Pp | | 365 | .Pp |
366 | The | | 366 | The |
367 | .Pa .htpasswd | | 367 | .Pa .htpasswd |
368 | file contains lines delimited with a colon containing | | 368 | file contains lines delimited with a colon containing |
369 | usernames and passwords hashed with | | 369 | usernames and passwords hashed with |
370 | .Xr crypt 3 , | | 370 | .Xr crypt 3 , |
371 | for example: | | 371 | for example: |
372 | .Bd -literal | | 372 | .Bd -literal |
373 | heather:$1$pZWI4tH/$DzDPl63i6VvVRv2lJNV7k1 | | 373 | heather:$1$pZWI4tH/$DzDPl63i6VvVRv2lJNV7k1 |
374 | jeremy:A.xewbx2DpQ8I | | 374 | jeremy:A.xewbx2DpQ8I |
375 | .Ed | | 375 | .Ed |
376 | .Pp | | 376 | .Pp |
377 | On | | 377 | On |
378 | .Nx , | | 378 | .Nx , |
379 | the | | 379 | the |
380 | .Xr pwhash 1 | | 380 | .Xr pwhash 1 |
381 | utility may be used to generate hashed passwords. | | 381 | utility may be used to generate hashed passwords. |
382 | .Pp | | 382 | .Pp |
383 | While | | 383 | While |
384 | .Nm | | 384 | .Nm |
385 | distributed with | | 385 | distributed with |
386 | .Nx | | 386 | .Nx |
387 | has support for HTTP Basic Authorisation enabled by default, | | 387 | has support for HTTP Basic Authorisation enabled by default, |
388 | in the portable distribution it is excluded. | | 388 | in the portable distribution it is excluded. |
389 | Compile | | 389 | Compile |
390 | .Nm | | 390 | .Nm |
391 | with | | 391 | with |
392 | .Dq -DDO_HTPASSWD | | 392 | .Dq -DDO_HTPASSWD |
393 | on the compiler command line to enable this support. | | 393 | on the compiler command line to enable this support. |
394 | It may require linking with the crypt library, using | | 394 | It may require linking with the crypt library, using |
395 | .Dq -lcrypt . | | 395 | .Dq -lcrypt . |
396 | .Ss SSL SUPPORT | | 396 | .Ss SSL SUPPORT |
397 | .Nm | | 397 | .Nm |
398 | has support for SSLv2, SSLv3, and TLSv1 protocols that is included by | | 398 | has support for SSLv2, SSLv3, and TLSv1 protocols that is included by |
399 | default. | | 399 | default. |
400 | It requires linking with the crypto and ssl library, using | | 400 | It requires linking with the crypto and ssl library, using |
401 | .Dq -lcrypto -lssl . | | 401 | .Dq -lcrypto -lssl . |
402 | To disable SSL SUPPORT compile | | 402 | To disable SSL SUPPORT compile |
403 | .Nm | | 403 | .Nm |
404 | with | | 404 | with |
405 | .Dq -DNO_SSL_SUPPORT | | 405 | .Dq -DNO_SSL_SUPPORT |
406 | on the compiler command line. | | 406 | on the compiler command line. |
407 | .Sh FILES | | 407 | .Sh FILES |
408 | .Nm | | 408 | .Nm |
409 | looks for a couple of special files in directories that allow certain features | | 409 | looks for a couple of special files in directories that allow certain features |
410 | to be provided on a per-directory basis. | | 410 | to be provided on a per-directory basis. |
411 | In addition to the | | 411 | In addition to the |
412 | .Pa .htpasswd | | 412 | .Pa .htpasswd |
413 | used by HTTP basic authorisation, | | 413 | used by HTTP basic authorisation, |
414 | if a | | 414 | if a |
415 | .Pa .bzdirect | | 415 | .Pa .bzdirect |
416 | file is found (contents are irrelevant) | | 416 | file is found (contents are irrelevant) |
417 | .Nm | | 417 | .Nm |
418 | will allow direct access even with the | | 418 | will allow direct access even with the |
419 | .Fl r | | 419 | .Fl r |
420 | option. | | 420 | option. |
421 | If a | | 421 | If a |
422 | .Pa .bzredirect | | 422 | .Pa .bzredirect |
423 | symbolic link is found, | | 423 | symbolic link is found, |
424 | .Nm | | 424 | .Nm |
425 | will perform a smart redirect to the target of this symlink. | | 425 | will perform a smart redirect to the target of this symlink. |
426 | The target is assumed to live on the same server. | | 426 | The target is assumed to live on the same server. |
427 | If a | | 427 | If a |
428 | .Pa .bzabsredirect | | 428 | .Pa .bzabsredirect |
429 | symbolic link is found, | | 429 | symbolic link is found, |
430 | .Nm | | 430 | .Nm |
431 | will redirect to the absolute url pointed to by this symlink. | | 431 | will redirect to the absolute url pointed to by this symlink. |
432 | This is useful to redirect to different servers. | | 432 | This is useful to redirect to different servers. |
433 | .Sh EXAMPLES | | 433 | .Sh EXAMPLES |
434 | To configure set of virtual hosts, one would use an | | 434 | To configure set of virtual hosts, one would use an |
435 | .Xr inetd.conf 5 | | 435 | .Xr inetd.conf 5 |
436 | entry like: | | 436 | entry like: |
437 | .Bd -literal | | 437 | .Bd -literal |
438 | http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www | | 438 | http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www |
439 | .Ed | | 439 | .Ed |
440 | .Pp | | 440 | .Pp |
441 | and inside | | 441 | and inside |
442 | .Pa /var/vroot | | 442 | .Pa /var/vroot |
443 | create a directory (or a symlink to a directory) with the same name as | | 443 | create a directory (or a symlink to a directory) with the same name as |
444 | the virtual host, for each virtual host. | | 444 | the virtual host, for each virtual host. |
445 | Lookups for these names are done in a case-insensitive manner. | | 445 | Lookups for these names are done in a case-insensitive manner. |
446 | .Pp | | 446 | .Pp |
447 | To use | | 447 | To use |
448 | .Nm | | 448 | .Nm |
449 | with PHP, one must use the | | 449 | with PHP, one must use the |
450 | .Fl C | | 450 | .Fl C |
451 | option to specify a CGI handler for a particular file type. | | 451 | option to specify a CGI handler for a particular file type. |
452 | Typically this will be like: | | 452 | Typically this will be like: |
453 | .Bd -literal | | 453 | .Bd -literal |
454 | httpd -C .php /usr/pkg/bin/php /var/www | | 454 | httpd -C .php /usr/pkg/bin/php /var/www |
455 | .Ed | | 455 | .Ed |
456 | .Sh SEE ALSO | | 456 | .Sh SEE ALSO |
457 | .Xr inetd.conf 5 , | | 457 | .Xr inetd.conf 5 , |
458 | .Xr inetd 8 | | 458 | .Xr inetd 8 |
459 | .Sh HISTORY | | 459 | .Sh HISTORY |
460 | The | | 460 | The |
461 | .Nm | | 461 | .Nm |
462 | program is actually called | | 462 | program is actually called |
463 | .Dq bozohttpd . | | 463 | .Dq bozohttpd . |
464 | It was first written in perl, based on another perl http server | | 464 | It was first written in perl, based on another perl http server |
465 | called | | 465 | called |
466 | .Dq tinyhttpd . | | 466 | .Dq tinyhttpd . |
467 | It was then rewritten from scratch in perl, and then once again in C. | | 467 | It was then rewritten from scratch in perl, and then once again in C. |
468 | From | | 468 | From |
469 | .Dq bozohttpd | | 469 | .Dq bozohttpd |
470 | version 20060517, it has been integrated into | | 470 | version 20060517, it has been integrated into |
471 | .Nx . | | 471 | .Nx . |
472 | The focus has always been simplicity and security, with minimal features | | 472 | The focus has always been simplicity and security, with minimal features |
473 | and regular code audits. | | 473 | and regular code audits. |
474 | This manual documents | | 474 | This manual documents |
475 | .Nm | | 475 | .Nm |
476 | version 20100920. | | 476 | version 20100920. |
477 | .Sh AUTHORS | | 477 | .Sh AUTHORS |
478 | .Nm | | 478 | .Nm |
479 | was written by Matthew R. Green | | 479 | was written by Matthew R. Green |
480 | .Aq mrg@eterna.com.au . | | 480 | .Aq mrg@eterna.com.au . |
481 | .Pp | | 481 | .Pp |
482 | The large list of contributors includes: | | 482 | The large list of contributors includes: |
483 | .Bl -dash | | 483 | .Bl -dash |
484 | .It | | 484 | .It |
485 | Arnaud Lacombe | | 485 | Arnaud Lacombe |
486 | .Aq alc@netbsd.org | | 486 | .Aq alc@netbsd.org |
487 | provided some clean up for memory leaks | | 487 | provided some clean up for memory leaks |
488 | .It | | 488 | .It |
489 | Christoph Badura | | 489 | Christoph Badura |
490 | .Aq bad@bsd.de | | 490 | .Aq bad@bsd.de |
491 | provided Range: header support | | 491 | provided Range: header support |
492 | .It | | 492 | .It |
493 | Sean Boudreau | | 493 | Sean Boudreau |
494 | .Aq seanb@NetBSD.org | | 494 | .Aq seanb@NetBSD.org |
495 | provided a security fix for virtual hosting | | 495 | provided a security fix for virtual hosting |
496 | .It | | 496 | .It |
497 | Julian Coleman | | 497 | Julian Coleman |
498 | .Aq jdc@coris.org.uk | | 498 | .Aq jdc@coris.org.uk |
499 | provided an IPv6 bugfix | | 499 | provided an IPv6 bugfix |
500 | .It | | 500 | .It |
501 | Chuck Cranor | | 501 | Chuck Cranor |
502 | .Aq chuck@research.att.com | | 502 | .Aq chuck@research.att.com |
503 | provided cgi-bin support fixes, and more | | 503 | provided cgi-bin support fixes, and more |
504 | .It | | 504 | .It |
505 | DEGROOTE Arnaud | | 505 | DEGROOTE Arnaud |
506 | .Aq degroote@netbsd.org | | 506 | .Aq degroote@netbsd.org |
507 | provided a fix for daemon mode | | 507 | provided a fix for daemon mode |
508 | .It | | 508 | .It |
509 | Andrew Doran | | 509 | Andrew Doran |
510 | .Aq ad@netbsd.org | | 510 | .Aq ad@netbsd.org |
511 | provided directory indexing support | | 511 | provided directory indexing support |
512 | .It | | 512 | .It |
513 | Per Ekman | | 513 | Per Ekman |
514 | .Aq pek@pdc.kth.se | | 514 | .Aq pek@pdc.kth.se |
515 | provided a fix for a minor (non-security) buffer overflow condition | | 515 | provided a fix for a minor (non-security) buffer overflow condition |
516 | .It | | 516 | .It |
517 | Alistair G. Crooks | | 517 | Alistair G. Crooks |
518 | .Aq agc@netbsd.org | | 518 | .Aq agc@netbsd.org |
519 | cleaned up many internal interfaces, made bozohttpd linkable as a | | 519 | cleaned up many internal interfaces, made bozohttpd linkable as a |
520 | library and provided the lua binding. | | 520 | library and provided the lua binding. |
521 | .It | | 521 | .It |
522 | Jun-ichiro itojun Hagino, KAME | | 522 | Jun-ichiro itojun Hagino, KAME |
523 | .Aq itojun@iijlab.net | | 523 | .Aq itojun@iijlab.net |
524 | provided initial IPv6 support | | 524 | provided initial IPv6 support |
525 | .It | | 525 | .It |
526 | Martin Husemann | | 526 | Martin Husemann |
527 | .Aq martin@netbsd.org | | 527 | .Aq martin@netbsd.org |
528 | provided .bzabsredirect support | | 528 | provided .bzabsredirect support |
529 | .It | | 529 | .It |
530 | Arto Huusko | | 530 | Arto Huusko |
531 | .Aq arto.huusko@pp2.inet.fi | | 531 | .Aq arto.huusko@pp2.inet.fi |
532 | provided fixes cgi-bin | | 532 | provided fixes cgi-bin |
533 | .It | | 533 | .It |
534 | Roland Illig | | 534 | Roland Illig |
535 | .Aq roland.illig@gmx.de | | 535 | .Aq roland.illig@gmx.de |
536 | provided some off-by-one fixes | | 536 | provided some off-by-one fixes |
537 | .It | | 537 | .It |
538 | Zak Johnson | | 538 | Zak Johnson |
539 | .Aq zakj@nox.cx | | 539 | .Aq zakj@nox.cx |
540 | provided cgi-bin enhancements | | 540 | provided cgi-bin enhancements |
541 | .It | | 541 | .It |
542 | Nicolas Jombart | | 542 | Nicolas Jombart |
543 | .Aq ecu@ipv42.net | | 543 | .Aq ecu@ipv42.net |
544 | provided fixes for HTTP basic authorisation support | | 544 | provided fixes for HTTP basic authorisation support |
545 | .It | | 545 | .It |
546 | Thomas Klausner | | 546 | Thomas Klausner |
547 | .Aq wiz@danbala.ifoer.tuwien.ac.at | | 547 | .Aq wiz@danbala.ifoer.tuwien.ac.at |
548 | provided many fixes and enhancements for the man page | | 548 | provided many fixes and enhancements for the man page |
549 | .It | | 549 | .It |
550 | Johnny Lam | | 550 | Johnny Lam |
551 | .Aq jlam@netbsd.org | | 551 | .Aq jlam@netbsd.org |
552 | provided man page fixes | | 552 | provided man page fixes |
553 | .It | | 553 | .It |
554 | Luke Mewburn | | 554 | Luke Mewburn |
555 | .Aq lukem@netbsd.org | | 555 | .Aq lukem@netbsd.org |
556 | provided many various fixes, including cgi-bin fixes and enhancements, | | 556 | provided many various fixes, including cgi-bin fixes and enhancements, |
557 | HTTP basic authorisation support and much code clean up | | 557 | HTTP basic authorisation support and much code clean up |
558 | .It | | 558 | .It |
559 | Jeremy C. Reed | | 559 | Jeremy C. Reed |
560 | .Aq reed@netbsd.org | | 560 | .Aq reed@netbsd.org |
561 | provided several clean up fixes, and man page updates | | 561 | provided several clean up fixes, and man page updates |
562 | .It | | 562 | .It |
563 | Scott Reynolds | | 563 | Scott Reynolds |
564 | .Aq scottr@netbsd.org | | 564 | .Aq scottr@netbsd.org |
565 | provided various fixes | | 565 | provided various fixes |
566 | .It | | 566 | .It |
567 | Tyler Retzlaff | | 567 | Tyler Retzlaff |
568 | .Aq rtr@eterna.com.au | | 568 | .Aq rtr@eterna.com.au |
569 | provided SSL support, cgi-bin fixes and much other random other stuff | | 569 | provided SSL support, cgi-bin fixes and much other random other stuff |
570 | .It | | 570 | .It |
571 | rudolf | | 571 | rudolf |
572 | .Aq netbsd@eq.cz | | 572 | .Aq netbsd@eq.cz |
573 | provided minor compile fixes and a CGI content map fix | | 573 | provided minor compile fixes and a CGI content map fix |
574 | .It | | 574 | .It |
575 | Steve Rumble | | 575 | Steve Rumble |
576 | .Aq rumble@ephemeral.org | | 576 | .Aq rumble@ephemeral.org |
577 | provided the | | 577 | provided the |
578 | .Fl V | | 578 | .Fl V |
579 | option. | | 579 | option. |
580 | .It | | 580 | .It |
581 | Joerg Sonnenberger | | 581 | Joerg Sonnenberger |
582 | .Aq joerg@netbsd.org | | 582 | .Aq joerg@netbsd.org |
583 | implemented If-Modified-Since support | | 583 | implemented If-Modified-Since support |
584 | .It | | 584 | .It |
585 | ISIHARA Takanori | | 585 | ISIHARA Takanori |
586 | .Aq ishit@oak.dti.ne.jp | | 586 | .Aq ishit@oak.dti.ne.jp |
587 | provided a man page fix | | 587 | provided a man page fix |
588 | .It | | 588 | .It |
589 | Holger Weiss | | 589 | Holger Weiss |
590 | .Aq holger@CIS.FU-Berlin.DE | | 590 | .Aq holger@CIS.FU-Berlin.DE |
591 | provided http authorisation fixes | | 591 | provided http authorisation fixes |
592 | .It | | 592 | .It |
593 | .Aq xs@kittenz.org | | 593 | .Aq xs@kittenz.org |
594 | provided chroot and change-to-user support, and other various fixes | | 594 | provided chroot and change-to-user support, and other various fixes |
595 | .It | | 595 | .It |
596 | Coyote Point provided various CGI fixes | | 596 | Coyote Point provided various CGI fixes |
| | | 597 | .It |
| | | 598 | Julio Merino added pidfile support and provided some man page fixes |
597 | .El | | 599 | .El |
598 | .Pp | | 600 | .Pp |
599 | There are probably others I have forgotten (let me know if you care) | | 601 | There are probably others I have forgotten (let me know if you care) |
600 | .Pp | | 602 | .Pp |
601 | Please send all updates to | | 603 | Please send all updates to |
602 | .Nm | | 604 | .Nm |
603 | to | | 605 | to |
604 | .Aq mrg@eterna.com.au | | 606 | .Aq mrg@eterna.com.au |
605 | for inclusion in future releaases. | | 607 | for inclusion in future releaases. |
606 | .Sh BUGS | | 608 | .Sh BUGS |
607 | .Nm | | 609 | .Nm |
608 | does not handle HTTP/1.1 chunked input from the client yet. | | 610 | does not handle HTTP/1.1 chunked input from the client yet. |