Change the behavior of docroot, which is now used as a prefix path for
all file operations related to static files. And add chrootdir, which is
just the old docroot behavior and allows to control the path into which
quark will chroot.
Not having properly distinct configuration variables for chroot,
document root and CGI root was specially annoying since commit 2822488
which allowed users to retrieve the CGI script or binary by just
guessing its path, since quark was chrooting into docroot before
anything else, and thus the CGI script/binary was in the user accessible
path.
This is implemented by moving the reqbuf buffer in the middle of a
bigger buffer, reqpath. That buffer contains the value of docroot at its
beginning and reqbuf simply points to the first byte after this value.
This reverts commit 68f51ac37a.
The idea is good, but we just didn't yet get the right format
for the reading-cycle, which effectively keeps offset at 0
when it's all done in one read.
Let's call it a day and get back to the drawing-boards
tomorrow.
CGI applications can specify a HTTP status to output with the Status:
header. For simplicity the CGI application must use this header on the
first line. With this change cloning git repositories over HTTP with
cgit works.
in config.mk specify _GNU_SOURCE and _POSIX_C_SOURCE instead of
_GNU_SOURCE, this is for getline().
- set some more environment variables (PATH_INFO for example is used by
cgit). Also set REMOTE_ADDR, SERVER_PORT, SERVER_SOFTWARE.
- when a file is requested in cgi mode serve it, if it doesn't exist,
pass it to the CGI script (needed for cgit image/CSS).
If the client decides not to listen, it's not that much of a problem.
Don't flood the logs with "Broken pipe"-messages by silently letting
this "error" pass.
Streaming a file (through mplayer for instance), the socket would
block, because mplayer fills its buffer sequentially.
We would've never gotten to a write(.., n) == n.
Instead, do it like we read from files and accept the fact clients
can accept data chunk-wise, too.
The reason why this error went unnoticed is that I added a faulty
printf-directive (%ls for ssize_t), which silently produced
no output.
Thanks to sin for fixing the %ls -> %zd error, as it made me look
at the code again.
When the client requests a hidden file, we forbid access.
401 is mostly used when a login is required and hasn't been provided.
Thus, given we don't offer a login-prompt to access hidden and bogus
files but categorically reject them, 403 makes more sense here.
Compiling quark against musl slowed down request-times considerably.
After further analysis, I found out that the library does a DNS-
request on each address passed to getnameinfo.
Given we chroot into a folder, the /etc/resolv.conf was missing,
which led to the really long response-times (~3-5s).
After hardlinking the /etc/resolv.conf inside the chroot, the
times dropped to ~200ms, as now the library knew which NS to
contact directly.
This obviously isn't fast enough.
Thanks to Hiltjo's useful tips I rewrote the section using
inet_ntop (POSIX 2001).
Now the response-times are back to 1-2ms and we don't need
to copy /etc/resolv.conf everywhere we go.
FYI: This is not a bug in musl, but rather different behaviour.
Now it should work. It doesn't make much sense to tweak the default
mime-type, given octet-stream is the default and there are
no real alternatives which would make sense.
Thanks Hiltjo and sin!
For a server, a solid logging-facility is very important.
Reading quark's logs isn't very pleasant, given it prints out
more vocabulary than necessary.
This patch fixes this problem by bringing the logs into a
readable and even parsable form:
-timestamp- -keyword- [-message-]
Keywords now take the role as carriers of information.
Instead of writing that we're redirecting, we just
print a line with a status 304 and what the requested
location was. The subsequent 200-response shows the
redirected location.
This also makes clearer what happens in the background.
The tab-separation allows easy parsing.
