1 |
/* config.h - configuration defines for thttpd and libhttpd |
2 |
** |
3 |
** Copyright © 1995,1998,1999,2000,2001 by Jef Poskanzer <jef@acme.com>. |
4 |
** All rights reserved. |
5 |
** |
6 |
** Redistribution and use in source and binary forms, with or without |
7 |
** modification, are permitted provided that the following conditions |
8 |
** are met: |
9 |
** 1. Redistributions of source code must retain the above copyright |
10 |
** notice, this list of conditions and the following disclaimer. |
11 |
** 2. Redistributions in binary form must reproduce the above copyright |
12 |
** notice, this list of conditions and the following disclaimer in the |
13 |
** documentation and/or other materials provided with the distribution. |
14 |
** |
15 |
** THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND |
16 |
** ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
17 |
** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
18 |
** ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
19 |
** FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
20 |
** DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
21 |
** OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
22 |
** HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
23 |
** LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
24 |
** OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
25 |
** SUCH DAMAGE. |
26 |
*/ |
27 |
|
28 |
#ifndef _CONFIG_H_ |
29 |
#define _CONFIG_H_ |
30 |
|
31 |
|
32 |
/* The following configuration settings are sorted in order of decreasing |
33 |
** likelihood that you'd want to change them - most likely first, least |
34 |
** likely last. |
35 |
** |
36 |
** In case you're not familiar with the convention, "#ifdef notdef" |
37 |
** is a Berkeleyism used to indicate temporarily disabled code. |
38 |
** The idea here is that you re-enable it by just moving it outside |
39 |
** of the ifdef. |
40 |
*/ |
41 |
|
42 |
/* CONFIGURE: CGI programs must match this pattern to get executed. It's |
43 |
** a simple shell-style wildcard pattern, with * meaning any string not |
44 |
** containing a slash, ** meaning any string at all, and ? meaning any |
45 |
** single character; or multiple such patterns separated by |. The |
46 |
** patterns get checked against the filename part of the incoming URL. |
47 |
** |
48 |
** Restricting CGI programs to a single directory lets the site administrator |
49 |
** review them for security holes, and is strongly recommended. If there |
50 |
** are individual users that you trust, you can enable their directories too. |
51 |
** |
52 |
** You can also specify a CGI pattern on the command line, with the -c flag. |
53 |
** Such a pattern overrides this compiled-in default. |
54 |
** |
55 |
** If no CGI pattern is specified, neither here nor on the command line, |
56 |
** then CGI programs cannot be run at all. If you want to disable CGI |
57 |
** as a security measure that's how you do it, just don't define any |
58 |
** pattern here and don't run with the -c flag. |
59 |
*/ |
60 |
#ifdef notdef |
61 |
/* Some sample patterns. Allow programs only in one central directory: */ |
62 |
#define CGI_PATTERN "/cgi-bin/*" |
63 |
/* Allow programs in a central directory, or anywhere in a trusted |
64 |
** user's tree: */ |
65 |
#define CGI_PATTERN "/cgi-bin/*|/jef/**" |
66 |
/* Allow any program ending with a .cgi: */ |
67 |
#define CGI_PATTERN "**.cgi" |
68 |
/* When virtual hosting, enable the central directory on every host: */ |
69 |
#define CGI_PATTERN "/*/cgi-bin/*" |
70 |
#endif |
71 |
|
72 |
/* CONFIGURE: How many seconds to allow CGI programs to run before killing |
73 |
** them. This is in case someone writes a CGI program that goes into an |
74 |
** infinite loop, or does a massive database lookup that would take hours, |
75 |
** or whatever. If you don't want any limit, comment this out, but that's |
76 |
** probably a really bad idea. |
77 |
*/ |
78 |
#define CGI_TIMELIMIT 30 |
79 |
|
80 |
/* CONFIGURE: How many seconds to allow for reading the initial request |
81 |
** on a new connection. |
82 |
*/ |
83 |
#define IDLE_READ_TIMELIMIT 60 |
84 |
|
85 |
/* CONFIGURE: How many seconds before an idle connection gets closed. |
86 |
*/ |
87 |
#define IDLE_SEND_TIMELIMIT 300 |
88 |
|
89 |
/* CONFIGURE: The syslog facility to use. Using this you can set up your |
90 |
** syslog.conf so that all thttpd messages go into a separate file. Note |
91 |
** that even if you use the -l command line flag to send logging to a |
92 |
** file, errors still get sent via syslog. |
93 |
*/ |
94 |
#define LOG_FACILITY LOG_DAEMON |
95 |
|
96 |
/* CONFIGURE: Tilde mapping. Many URLs use ~username to indicate a |
97 |
** user's home directory. thttpd provides two options for mapping |
98 |
** this construct to an actual filename. |
99 |
** |
100 |
** 1) Map ~username to <prefix>/username. This is the recommended choice. |
101 |
** Each user gets a subdirectory in the main chrootable web tree, and |
102 |
** the tilde construct points there. The prefix could be something |
103 |
** like "users", or it could be empty. See also the makeweb program |
104 |
** for letting users create their own web subdirectories. |
105 |
** |
106 |
** 2) Map ~username to <user's homedir>/<postfix>. The postfix would be |
107 |
** the name of a subdirectory off of the user's actual home dir, something |
108 |
** like "public_html". This is what Apache and other servers do. The problem |
109 |
** is, you can't do this and chroot() at the same time, so it's inherently |
110 |
** a security hole. This is strongly dis-recommended, but it's here because |
111 |
** some people really want it. Use at your own risk. |
112 |
** |
113 |
** You can also leave both options undefined, and thttpd will not do |
114 |
** anything special about tildes. Enabling both options is an error. |
115 |
*/ |
116 |
#ifdef notdef |
117 |
#define TILDE_MAP_1 "users" |
118 |
#define TILDE_MAP_2 "public_html" |
119 |
#endif |
120 |
|
121 |
/* CONFIGURE: The file to use for authentication. If this is defined then |
122 |
** thttpd checks for this file in the local directory before every fetch. |
123 |
** If the file exists then authentication is done, otherwise the fetch |
124 |
** proceeds as usual. |
125 |
** |
126 |
** If you undefine this then thttpd will not implement authentication |
127 |
** at all and will not check for auth files, which saves a bit of CPU time. |
128 |
*/ |
129 |
#define AUTH_FILE ".htpasswd" |
130 |
|
131 |
/* CONFIGURE: The default character set name to use with text MIME types. |
132 |
** This gets substituted into the MIME types where they have a "%s". |
133 |
** |
134 |
** You can override this in the config file with the "charset" setting, |
135 |
** or on the command like with the -T flag. |
136 |
*/ |
137 |
#define DEFAULT_CHARSET "iso-8859-1" |
138 |
|
139 |
|
140 |
/* Most people won't want to change anything below here. */ |
141 |
|
142 |
/* CONFIGURE: This controls the SERVER_NAME environment variable that gets |
143 |
** passed to CGI programs. By default thttpd does a gethostname(), which |
144 |
** gives the host's canonical name. If you want to always use some other name |
145 |
** you can define it here. |
146 |
** |
147 |
** Alternately, if you want to run the same thttpd binary on multiple |
148 |
** machines, and want to build in alternate names for some or all of |
149 |
** them, you can define a list of canonical name to altername name |
150 |
** mappings. thttpd seatches the list and when it finds a match on |
151 |
** the canonical name, that alternate name gets used. If no match |
152 |
** is found, the canonical name gets used. |
153 |
** |
154 |
** If both SERVER_NAME and SERVER_NAME_LIST are defined here, thttpd searches |
155 |
** the list as above, and if no match is found then SERVER_NAME gets used. |
156 |
** |
157 |
** In any case, if thttpd is started with the -h flag, that name always |
158 |
** gets used. |
159 |
*/ |
160 |
#ifdef notdef |
161 |
#define SERVER_NAME "your.hostname.here" |
162 |
#define SERVER_NAME_LIST \ |
163 |
"canonical.name.here/alternate.name.here", \ |
164 |
"canonical.name.two/alternate.name.two" |
165 |
#endif |
166 |
|
167 |
/* CONFIGURE: Undefine this if you want thttpd to hide its specific version |
168 |
** when returning into to browsers. Instead it'll just say "thttpd" with |
169 |
** no version. |
170 |
*/ |
171 |
#define SHOW_SERVER_VERSION |
172 |
|
173 |
/* CONFIGURE: Define this if you want to always chroot(), without having |
174 |
** to give the -r command line flag. Some people like this as a security |
175 |
** measure, to prevent inadvertant exposure by accidentally running without -r. |
176 |
** You can still disable it at runtime with the -nor flag. |
177 |
*/ |
178 |
#ifdef notdef |
179 |
#define ALWAYS_CHROOT |
180 |
#endif |
181 |
|
182 |
/* CONFIGURE: Define this if you want to always do virtual hosting, without |
183 |
** having to give the -v command line flag. You can still disable it at |
184 |
** runtime with the -nov flag. |
185 |
*/ |
186 |
#ifdef notdef |
187 |
#define ALWAYS_VHOST |
188 |
#endif |
189 |
|
190 |
/* CONFIGURE: If you're using the vhost feature and you have a LOT of |
191 |
** virtual hostnames (like, hundreds or thousands), you will want to |
192 |
** enable this feature. It avoids a problem with most Unix filesystems, |
193 |
** where if there are a whole lot of items in a directory then name lookup |
194 |
** becomes very slow. This feature makes thttpd use subdirectories |
195 |
** based on the first characters of each hostname. You can set it to use |
196 |
** from one to three characters. If the hostname starts with "www.", that |
197 |
** part is skipped over. Dots are also skipped over, and if the name isn't |
198 |
** long enough then "_"s are used. Here are some examples of how hostnames |
199 |
** would get turned into directory paths, for each different setting: |
200 |
** 1: www.acme.com -> a/www.acme.com |
201 |
** 1: foobar.acme.com -> f/foobar.acme.com |
202 |
** 2: www.acme.com -> a/c/www.acme.com |
203 |
** 2: foobar.acme.com -> f/o/foobar.acme.com |
204 |
** 3: www.acme.com -> a/c/m/www.acme.com |
205 |
** 3: foobar.acme.com -> f/o/o/foobar.acme.com |
206 |
** 3: m.tv -> m/t/v/m.tv |
207 |
** 4: m.tv -> m/t/v/_/m.tv |
208 |
** Note that if you compile this setting in but then forget to set up |
209 |
** the corresponding subdirectories, the only error indication you'll |
210 |
** get is a "404 Not Found" when you try to visit a site. So be careful. |
211 |
*/ |
212 |
#ifdef notdef |
213 |
#define VHOST_DIRLEVELS 1 |
214 |
#define VHOST_DIRLEVELS 2 |
215 |
#define VHOST_DIRLEVELS 3 |
216 |
#endif |
217 |
|
218 |
/* CONFIGURE: Define this if you want to always use a global passwd file, |
219 |
** without having to give the -P command line flag. You can still disable |
220 |
** it at runtime with the -noP flag. |
221 |
*/ |
222 |
#ifdef notdef |
223 |
#define ALWAYS_GLOBAL_PASSWD |
224 |
#endif |
225 |
|
226 |
/* CONFIGURE: When started as root, the default username to switch to after |
227 |
** initializing. If this user (or the one specified by the -u flag) does |
228 |
** not exist, the program will refuse to run. |
229 |
*/ |
230 |
#define DEFAULT_USER "nobody" |
231 |
|
232 |
/* CONFIGURE: When started as root, the program can automatically chdir() |
233 |
** to the home directory of the user specified by -u or DEFAULT_USER. |
234 |
** An explicit -d still overrides this. |
235 |
*/ |
236 |
#ifdef notdef |
237 |
#define USE_USER_DIR |
238 |
#endif |
239 |
|
240 |
/* CONFIGURE: If this is defined, some of the built-in error pages will |
241 |
** have more explicit information about exactly what the problem is. |
242 |
** Some sysadmins don't like this, for security reasons. |
243 |
*/ |
244 |
#define EXPLICIT_ERROR_PAGES |
245 |
|
246 |
/* CONFIGURE: Subdirectory for custom error pages. The error filenames are |
247 |
** $WEBDIR/$ERR_DIR/err%d.html - if virtual hosting is enabled then |
248 |
** $WEBDIR/hostname/$ERR_DIR/err%d.html is searched first. This allows |
249 |
** different custom error pages for each virtual hosting web server. If |
250 |
** no custom page for a given error can be found, the built-in error page |
251 |
** is generated. If ERR_DIR is not defined at all, only the built-in error |
252 |
** pages will be generated. |
253 |
*/ |
254 |
#define ERR_DIR "errors" |
255 |
|
256 |
/* CONFIGURE: Define this if you want a standard HTML tail containing |
257 |
** $SERVER_SOFTWARE and $SERVER_ADDRESS to be appended to the custom error |
258 |
** pages. (It is always appended to the built-in error pages.) |
259 |
*/ |
260 |
#define ERR_APPEND_SERVER_INFO |
261 |
|
262 |
/* CONFIGURE: nice(2) value to use for CGI programs. If this is undefined, |
263 |
** CGI programs run at normal priority. |
264 |
*/ |
265 |
#define CGI_NICE 10 |
266 |
|
267 |
/* CONFIGURE: $PATH to use for CGI programs. |
268 |
*/ |
269 |
#define CGI_PATH "/usr/local/bin:/usr/ucb:/bin:/usr/bin" |
270 |
|
271 |
/* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs. |
272 |
*/ |
273 |
#ifdef notdef |
274 |
#define CGI_LD_LIBRARY_PATH "/usr/local/lib:/usr/lib" |
275 |
#endif |
276 |
|
277 |
/* CONFIGURE: How often to run the occasional cleanup job. |
278 |
*/ |
279 |
#define OCCASIONAL_TIME 300 |
280 |
|
281 |
/* CONFIGURE: Seconds between stats syslogs. If this is undefined then |
282 |
** no stats are accumulated and no stats syslogs are done. |
283 |
*/ |
284 |
#define STATS_TIME 3600 |
285 |
|
286 |
/* CONFIGURE: The mmap cache tries to keep the total number of mapped |
287 |
** files below this number, so you don't run out of kernel file descriptors. |
288 |
** If you have reconfigured your kernel to have more descriptors, you can |
289 |
** raise this and thttpd will keep more maps cached. However it's not |
290 |
** a hard limit, thttpd will go over it if you really are accessing |
291 |
** a whole lot of files. |
292 |
*/ |
293 |
#define DESIRED_MAX_MAPPED_FILES 2000 |
294 |
|
295 |
/* CONFIGURE: Minimum and maximum intervals between child-process reaping, |
296 |
** in seconds. |
297 |
*/ |
298 |
#define MIN_REAP_TIME 30 |
299 |
#define MAX_REAP_TIME 900 |
300 |
|
301 |
|
302 |
/* You almost certainly don't want to change anything below here. */ |
303 |
|
304 |
/* CONFIGURE: When throttling CGI programs, we don't know how many bytes |
305 |
** they send back to the client because it would be inefficient to |
306 |
** interpose a counter. CGI programs are much more expensive than |
307 |
** regular files to serve, so we set an arbitrary and high byte count |
308 |
** that gets applied to all CGI programs for throttling purposes. |
309 |
*/ |
310 |
#define CGI_BYTECOUNT 50000 |
311 |
|
312 |
/* CONFIGURE: The default port to listen on. 80 is the standard HTTP port. |
313 |
*/ |
314 |
#define DEFAULT_PORT 80 |
315 |
|
316 |
/* CONFIGURE: A list of index filenames to check. The files are searched |
317 |
** for in this order. |
318 |
*/ |
319 |
#define INDEX_NAMES "index.html", "index.htm", "Default.htm", "index.cgi" |
320 |
|
321 |
/* CONFIGURE: If this is defined then thttpd will automatically generate |
322 |
** index pages for directories that don't have an explicit index file. |
323 |
** If you want to disable this behavior site-wide, perhaps for security |
324 |
** reasons, just undefine this. Note that you can disable indexing of |
325 |
** individual directories by merely doing a "chmod 711" on them - the |
326 |
** standard Unix file permission to allow file access but disable "ls". |
327 |
*/ |
328 |
#define GENERATE_INDEXES |
329 |
|
330 |
/* CONFIGURE: Whether to log unknown request headers. Most sites will not |
331 |
** want to log them, which will save them a bit of CPU time. |
332 |
*/ |
333 |
#ifdef notdef |
334 |
#define LOG_UNKNOWN_HEADERS |
335 |
#endif |
336 |
|
337 |
/* CONFIGURE: Time between updates of the throttle table's rolling averages. */ |
338 |
#define THROTTLE_TIME 60 |
339 |
|
340 |
/* CONFIGURE: Time until a blocked host can access the server again. */ |
341 |
#define DEFAULT_BLOCKTIME 3600 |
342 |
|
343 |
/* CONFIGURE: Maximum numbers of hosts that get blocked. */ |
344 |
#define BLOCKLIST_LENGTH 1000 |
345 |
|
346 |
/* CONFIGURE: The listen() backlog queue length. The 1024 doesn't actually |
347 |
** get used, the kernel uses its maximum allowed value. This is a config |
348 |
** parameter only in case there's some OS where asking for too high a queue |
349 |
** length causes an error. Note that on many systems the maximum length is |
350 |
** way too small - see http://www.acme.com/software/thttpd/notes.html |
351 |
*/ |
352 |
#define LISTEN_BACKLOG 1024 |
353 |
|
354 |
/* CONFIGURE: Maximum number of throttle patterns that any single URL can |
355 |
** be included in. This has nothing to do with the number of throttle |
356 |
** patterns that you can define, which is unlimited. |
357 |
*/ |
358 |
#define MAXTHROTTLENUMS 10 |
359 |
|
360 |
/* CONFIGURE: Number of file descriptors to reserve for uses other than |
361 |
** connections. Currently this is 10, representing one for the listen fd, |
362 |
** one for dup()ing at connection startup time, one for reading the file, |
363 |
** one for syslog, and possibly one for the regular log file, which is |
364 |
** five, plus a factor of two for who knows what. |
365 |
*/ |
366 |
#define SPARE_FDS 10 |
367 |
|
368 |
/* CONFIGURE: How many seconds to leave a connection open while doing a |
369 |
** lingering close. |
370 |
*/ |
371 |
#define LINGER_TIME 2 |
372 |
|
373 |
/* CONFIGURE: Maximum number of symbolic links to follow before |
374 |
** assuming there's a loop. |
375 |
*/ |
376 |
#define MAX_LINKS 32 |
377 |
|
378 |
/* CONFIGURE: You don't even want to know. |
379 |
*/ |
380 |
#define MIN_WOULDBLOCK_DELAY 100L |
381 |
|
382 |
#endif /* _CONFIG_H_ */ |