http://www.cgi101.com/book/ch3/text.html
http://php.net/manual/ru/security.cgi-bin.force-redirect.php
http://lists.mysql.com/mysql/67397
http://stackoverflow.com/questions/4760819/thttpd-and-php-in-cgi-mode#8922731
thttpd, поставляемый разработчиками, не собирается сразу. Выдаёт ошибку:
htpasswd.c:52: error: conflicting types for 'getline'
Проблема заключается в том, что в файле htpasswd.c вводится функция getline, а это имя уже объявлено ранее в <stdio.h>. Таким образом возникает конфликт. Решить его можно1) заменой имени getline в файле htpasswd.c на любое другое; например, на my_getline. Главное - сделать это во всём файле, чтобы не пытаться вызвать не ту функцию, которая определена.
При простой сборке из исходников по процедуре configure && make && make install можно просто вручную отредактировать этот файл. Для сборки же пакета под Дебиан гораздо лучше создать заплату2).
wget -c 'http://www.acme.com/software/thttpd/thttpd-2.25b.tar.gz' cp thttpd-2.25b.tar.gz thttpd_2.25b.orig.tar.gz tar -xvf thttpd-2.25b.tar.gz cp -r thttpd-2.25b thttpd-2.25b.orig
Внесём некоторые исправления, необходимые для сборки под Дебиан, и создадим заплаты.
Отредактировать нужно файлы Makefile.in, extras/Makefile.in и extras/htpasswd.c так, как видно в созданных мной заплатах ниже. Сами же эти заплаты генерируются следующим образом3):
diff -Nuar thttpd-2.25b.orig/extras/htpasswd.c thttpd-2.25b/extras/htpasswd.c > 01-htpasswd.c-getline.diff diff -Nuar thttpd-2.25b.orig/Makefile.in thttpd-2.25b/Makefile.in > 02-Makefiles.diff diff -Nuar thttpd-2.25b.orig/extras/Makefile.in thttpd-2.25b/extras/Makefile.in >> 02-Makefiles.diff
В результате чего получаем 2 файла:
--- thttpd-2.25b.orig/extras/htpasswd.c 2001-12-19 02:08:08.000000000 +0200 +++ thttpd-2.25b/extras/htpasswd.c 2014-07-19 02:26:58.129794578 +0300 @@ -49,7 +49,7 @@ while((line[y++] = line[x++])); } -static int getline(char *s, int n, FILE *f) { +static int my_getline(char *s, int n, FILE *f) { register int i=0; while(1) { @@ -189,7 +189,7 @@ strcpy(user,argv[2]); found = 0; - while(!(getline(line,MAX_STRING_LEN,f))) { + while(!(my_getline(line,MAX_STRING_LEN,f))) { if(found || (line[0] == '#') || (!line[0])) { putline(tfp,line); continue;
--- thttpd-2.25b.orig/Makefile.in 2005-06-29 20:52:54.000000000 +0300 +++ thttpd-2.25b/Makefile.in 2014-07-19 02:23:34.709786163 +0300 @@ -34,12 +34,12 @@ # Pathname of directory to install the man page. MANDIR = @mandir@ # Pathname of directory to install the CGI programs. -WEBDIR = $(prefix)/www +WEBDIR = $(prefix)/lib/thttpd # CONFIGURE: The group that the web directory belongs to. This is so that # the makeweb program can be installed set-group-id to that group, and make # subdirectories. If you're not going to use makeweb, ignore this. -WEBGROUP = www +WEBGROUP = www-data # CONFIGURE: Directory for CGI executables. CGIBINDIR = $(WEBDIR)/cgi-bin @@ -121,9 +121,9 @@ cd $$i ; \ pwd ; \ $(MAKE) $(MFLAGS) \ - WEBDIR=$(WEBDIR) \ - CGIBINDIR=$(CGIBINDIR) \ - MANDIR=$(MANDIR) \ + WEBDIR=$(DESTDIR)$(WEBDIR) \ + CGIBINDIR=$(DESTDIR)$(CGIBINDIR) \ + MANDIR=$(DESTDIR)$(MANDIR) \ WEBGROUP=$(WEBGROUP) \ install \ ) ; done --- thttpd-2.25b.orig/extras/Makefile.in 2005-06-29 20:53:20.000000000 +0300 +++ thttpd-2.25b/extras/Makefile.in 2014-07-19 02:25:58.965792130 +0300 @@ -66,12 +66,13 @@ install: all - rm -f $(BINDIR)/makeweb $(BINDIR)/htpasswd $(BINDIR)/syslogtocern - cp makeweb $(BINDIR)/makeweb - chgrp $(WEBGROUP) $(BINDIR)/makeweb - chmod 2755 $(BINDIR)/makeweb - cp htpasswd $(BINDIR)/htpasswd - cp syslogtocern $(BINDIR)/syslogtocern + rm -f $(DESTDIR)$(BINDIR)/makeweb $(DESTDIR)$(BINDIR)/htpasswd $(DESTDIR)$(BINDIR)/syslogtocern + cp makeweb $(DESTDIR)$(BINDIR)/makeweb + chgrp $(WEBGROUP) $(DESTDIR)$(BINDIR)/makeweb + chmod 2755 $(DESTDIR)$(BINDIR)/makeweb + cp htpasswd $(DESTDIR)$(BINDIR)/htpasswd + cp syslogtocern $(DESTDIR)$(BINDIR)/syslogtocern + -mkdir -p $(MANDIR)/man1 rm -f $(MANDIR)/man1/makeweb.1 cp makeweb.1 $(MANDIR)/man1/makeweb.1 rm -f $(MANDIR)/man1/htpasswd.1
После этого входим в каталог с исходниками и создаём все необходимые для сборки пакета конфигурационные файлы:
cd thttpd-2.25b mkdir debian mcedit debian/control
Source: thttpd Maintainer: Wombat <wombat@wombat.org.ua> Section: web Priority: optional Homepage: http://www.acme.com/software/thttpd/ Build-Depends: libc6-dev (>= 2.5-5) Package: thttpd Architecture: amd64 Depends: libc6 (>= 2.5-5) Suggests: thttpd-util, logrotate Conflicts: logcheck-database (<< 1.2.62) Provides: httpd, httpd-cgi Description: tiny/turbo/throttling HTTP server thttpd is a small, fast secure webserver. It features CGI support, URL-traffic-based throttling and basic authentication. thttpd has a very small memory footprint as it only forks itself in order to execute CGI scripts. It is designed to be as fast as fully featured web-servers and it performs extremely well under high load. . This package contains the thttpd server. For thttpd support programs see the thttpd-util package.
dch --create -v 2.25b-1 --package thttpd
thttpd (2.25b-1) UNRELEASED; urgency=low * Initial release. (Closes: #XXXXXX) -- Wombat <wombat@wombat.org.ua> Fri, 18 Jul 2014 23:41:40 +0300
mcedit debian/rules
#!/usr/bin/make -f
INSTALL = install
INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644
INSTALL_DIR = $(INSTALL) -p -d -o root -g root -m 755
INSTALL_SCRIPT = $(INSTALL) -p -o root -g root -m 755
%:
dh $@
override_dh_auto_install:
$(INSTALL_DIR) debian/tmp \
debian/tmp/etc \
debian/tmp/etc/thttpd \
debian/tmp/etc/logcheck/ignore.d.server \
debian/tmp/etc/logcheck/ignore.d.workstation \
debian/tmp/etc/init.d \
debian/tmp/etc/logrotate.d
$(INSTALL_FILE) debian/throttle.conf debian/tmp/etc/thttpd/throttle.conf
$(INSTALL_FILE) debian/thttpd.conf debian/tmp/etc/thttpd/thttpd.conf
$(INSTALL_FILE) debian/ignore.d.server/thttpd debian/tmp/etc/logcheck/ignore.d.server/thttpd
$(INSTALL_FILE) debian/ignore.d.workstation/thttpd debian/tmp/etc/logcheck/ignore.d.workstation/thttpd
$(INSTALL_FILE) debian/logrotate.d/thttpd debian/tmp/etc/logrotate.d/thttpd
$(INSTALL_SCRIPT) debian/init.d/thttpd debian/tmp/etc/init.d/thttpd
dh_auto_install
mkdir debian/patch cp -t debian/patch/ ../01-htpasswd.c-getline.diff ../02-Makefiles.diff
Стоит отметить, что все заплаты, находящиеся в папке debian/patches применяются сборщиком автоматически.
Поскольку для работы веб-сервера предпочтительнее, чтобы он запускался с правами специального пользователя, при установке пакета необходимо проконтролировать существование такого пользователя в системе. Для этого можно воспользоваться сценарием, выполняемым после установки:
#!/bin/sh set -e # creating www group if it isn't already there if ! getent group www-data >/dev/null; then addgroup --system www-data fi # creating thttpd user if he isn't already there if ! getent passwd www-data >/dev/null; then adduser --system --ingroup www-data --no-create-home --home /var/www \ --gecos "Web server" --shell /usr/sbin/nologin www-data fi
На этом этапе пакет уже готов к сборке, но приведём ещё содержимое файлов, предназначенных для каталога /etc, так как они не входят в архив с исходниками программы, и взяты отсюда.
Можно скачать архив моей папки debian, содержащей все эти конфигурационные файлы и заплаты вместе: debian.tar.gz
# /etc/thttpd/throttle.conf: thttpd throttle file # This file is for thttpd processes created by /etc/init.d/thttpd. # Please note that by default, no throttling takes place. That is, thttpd # transfers files as fast as possible. The THROTTLING section of the thttpd(8) # manpage details on the syntax of this file, and includes the following example # (here commented out): # # <PATTERN> [<MIN B/s>-]<MAX B/s> # ** 2000-100000 # limit total web usage to 2/3 of our # # T1, but never go below 2000 B/s # **.jpg|**.gif 50000 # limit images to 1/3 of our T1 # **.mpg 20000 # and movies to even less # jef/** 20000 # jef's pages are too popular
# /etc/thttpd/thttpd.conf: thttpd configuration file # This file is for thttpd processes created by /etc/init.d/thttpd. # Commentary is based closely on the thttpd(8) 2.25b manpage, by Jef Poskanzer. # Specifies an alternate port number to listen on. port=80 # Specifies a directory to chdir() to at startup. This is merely a convenience - # you could just as easily do a cd in the shell script that invokes the program. dir=/var/www # Do a chroot() at initialization time, restricting file access to the program's # current directory. If chroot is the compiled-in default (not the case on # Debian), then nochroot disables it. See thttpd(8) for details. #nochroot chroot # Specifies a directory to chdir() to after chrooting. If you're not chrooting, # you might as well do a single chdir() with the dir option. If you are # chrooting, this lets you put the web files in a subdirectory of the chroot # tree, instead of in the top level mixed in with the chroot files. #data_dir= # Don't do explicit symbolic link checking. Normally, thttpd explicitly expands # any symbolic links in filenames, to check that the resulting path stays within# the original document tree. If you want to turn off this check and save some # CPU time, you can use the nosymlinks option, however this is not # recommended. Note, though, that if you are using the chroot option, the # symlink checking is unnecessary and is turned off, so the safe way to save # those CPU cycles is to use chroot. #symlinks #nosymlinks # Do el-cheapo virtual hosting. If vhost is the compiled-in default (not the # case on Debian), then novhost disables it. See thttpd(8) for details. #vhost #novhost # Use a global passwd file. This means that every file in the entire document # tree is protected by the single .htpasswd file at the top of the tree. # Otherwise the semantics of the .htpasswd file are the same. If this option is # set but there is no .htpasswd file in the top-level directory, then thttpd # proceeds as if the option was not set - first looking for a local .htpasswd # file, and if that doesn't exist either then serving the file without any # password. If globalpasswd is the compiled-in default (not the case on Debian), # then noglobalpasswd disables it. #globalpasswd #noglobalpasswd # Specifies what user to switch to after initialization when started as root. user=www-data # Specifies a wildcard pattern for CGI programs, for instance "**.cgi" or # "/cgi-bin/*". See thttpd(8) for details. cgipat=/cgi-bin/* # Specifies a file of throttle settings. See thttpd(8) for details. throttles=/etc/thttpd/throttle.conf # Specifies a hostname to bind to, for multihoming. The default is to bind to # all hostnames supported on the local machine. See thttpd(8) for details. #host= # Specifies a file for logging. If no logfile option is specified, thttpd logs # via syslog(). If logfile=/dev/null is specified, thttpd doesn't log at all. logfile=/var/log/thttpd.log # Specifies a file to write the process-id to. If no file is specified, no # process-id is written. You can use this file to send signals to thttpd. See # thttpd(8) for details. #pidfile= # Specifies the character set to use with text MIME types. #charset=iso-8859-1 # Specifies a P3P server privacy header to be returned with all responses. See # http://www.w3.org/P3P/ for details. Thttpd doesn't do anything at all with the # string except put it in the P3P: response header. #p3p= # Specifies the number of seconds to be used in a "Cache-Control: max-age" # header to be returned with all responses. An equivalent "Expires" header is # also generated. The default is no Cache-Control or Expires headers, which is # just fine for most sites. #max_age=
# thttpd prints statistics every hour.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: up [[:digit:]]+ seconds, stats for 3600 seconds:$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: thttpd - [[:digit:]]+ connections \([[:digit:].]+/sec\), [[:digit:]]+ max simultaneous, [[:digit:]]+ bytes \([[:digit:].]+/sec\), [[:digit:]]+ httpd_conns allocated$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: libhttpd - [[:digit:]]+ strings allocated, [[:digit:]]+ bytes \([[:digit:].]+ bytes/str\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: map cache - [[:digit:]]+ allocated, [[:digit:]]+ active \([[:digit:]]+ bytes\), [[:digit:]]+ free; hash size: [[:digit:]]+; expire age: [[:digit:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: fdwatch - [[:digit:]]+ selects \([[:digit:].]+/sec\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: timers - [[:digit:]]+ allocated, [[:digit:]]+ active, [[:digit:]]+ free$
# thttpd is listing a directory that has no index.html file.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ thttpd\[[[:digit:]]+\]: spawned indexing process [[:digit:]]+ for directory '.*'$
/var/log/thttpd.log
{
rotate 14
daily
compress
missingok
delaycompress
postrotate
if [ -x /usr/sbin/invoke-rc.d ]
then
invoke-rc.d thttpd force-reload > /dev/null 2>&1
else
/etc/init.d/thttpd force-reload > /dev/null 2>&1
fi
endscript
}
#!/bin/sh
### BEGIN INIT INFO
# Provides: thttpd
# Required-Start: $network
# Required-Stop: $network
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts tiny/turbo/throttling HTTP server
# Description: thttpd is a small, fast secure webserver.
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/thttpd
DESC="web server"
NAME=thttpd
CONFFILE=/etc/thttpd/thttpd.conf
PIDFILE=/var/run/thttpd.pid
OPTIONS="-C $CONFFILE -i $PIDFILE"
test -x $DAEMON || exit 0
test -f $CONFFILE || exit 1
set -e
case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon -S -q -p $PIDFILE -x $DAEMON -- $OPTIONS
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
if ps ax | grep "$(cat $PIDFILE)" | grep -qv grep
then
start-stop-daemon -K -q -p $PIDFILE -x $DAEMON --signal 10
fi
echo "$NAME."
;;
force-stop)
echo -n "Stopping $DESC: "
start-stop-daemon -K -q -p $PIDFILE -x $DAEMON
echo "$NAME."
;;
force-reload)
if start-stop-daemon -K -q -p $PIDFILE -x $DAEMON --test
then
$0 restart
fi
;;
restart)
echo -n "Restarting $DESC: "
start-stop-daemon -K -q -p $PIDFILE -x $DAEMON --signal 10
sleep 1
start-stop-daemon -S -q -p $PIDFILE -x $DAEMON -- $OPTIONS
echo "$NAME."
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|force-stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0