thttpd源码分析
来源:互联网 发布:js window方法 编辑:程序博客网 时间:2024/05/16 15:27
http://www.cnblogs.com/aga-j/archive/2011/11/16/2251505.html
最近多了个看源码的嗜好
main函数已经分析好了,找时间分离好代码,待续...
thttpd Web Server模块
thttpd Web Server#include<stdio.h>#include<sys/socket.h>#include<stdlib.h>#include<arpa/inet.h>#include<string.h>#include<unistd.h>#include<time.h>#include<sys/time.h>#include<errno.h>#include<netdb.h>#include<sys/socket.h>#include<unistd.h>#include<sys/resource.h>typedef union{struct sockaddr sa;struct sockaddr_in sa_in;#ifdef USE_IPV6struct sockaddr_in6 sa_in6;struct sockaddr_storage sa_stor;#endif}httpd_sockaddr;typedef struct{char* server_hostname;char* binding_hostname;unsigned short port;int listen4_fd;int listen6_fd;}httpd_server;#define SPARE_FDS 10#define FDW_READ 0#define FDW_WRITE 1#ifndef MIN#define MIN(a,b) ((a)<(b)?(a):(b))#endifstatic int max_connects;static httpd_server* hs = (httpd_server*) 0;static int num_connects;static char* hostname;static int port;int terminate=0;#ifndef FDWATCHER#define FDWATCHER/** fdwatcher **///fdwatcher用于和多种IO复用方式协作完成IO复用,抽象出IO复用的使用接口//IO复用使用宏定义加预编译define形式实现多种IO复用形式的选择class FdWatcher{private:static FdWatcher *fd;public://可以监听的最大fd数int nfiles;//计数WATCH的调用次数,辅助统计信息long nwatches;//使用定长数组,slot map,存放对应fd的rw标志和data//read的fd和write的fd在IO复用中有不同的执行方式,所以需要标志int* fd_rw;//client的数据,可以是网络数据或者辅助数据void** fd_data;//nreturned表示WATCH得到的被激活fd数目//next_ridx表示WATCH得到的被激活fd数组的下一个fd(static int* select_rfdidx;)int nreturned, next_ridx;private:FdWatcher(){nfiles=0;nwatches=0;fd_rw=0;fd_data=0;nreturned=next_ridx=0;}public:static FdWatcher *getFdWatcherInstance();int fdwatch_get_nfiles();void fdwatch_add_fd(int fd, void* client_data,int rw);void fdwatch_del_fd(int fd){}int fdwatch_check_fd(int fd){}int fdwatch(long timeout_msecs){}};FdWatcher* FdWatcher::fd=NULL;FdWatcher* FdWatcher::getFdWatcherInstance(){if(fd==NULL)fd=new FdWatcher();return fd;}#define HAVE_SELECT#ifdef HAVE_SELECTstatic fd_set master_rfdset;static fd_set master_wfdset;static fd_set working_rfdset;static fd_set working_wfdset;static int* select_fds;static int* select_fdidx;static int* select_rfdidx;static int nselect_fds;static int maxfd;static int maxfd_changed;#define ADD_FD( fd, rw ) select_add_fd( fd, rw )static void select_add_fd( int fd, int rw ){FdWatcher *fdw=FdWatcher::getFdWatcherInstance();if ( nselect_fds >= fdw->nfiles ){//syslog( LOG_ERR, "too many fds in select_add_fd!" );return;}select_fds[nselect_fds] = fd;switch ( rw ){case FDW_READ: FD_SET( fd, &master_rfdset ); break;case FDW_WRITE: FD_SET( fd, &master_wfdset ); break;default: break;}if ( fd > maxfd )maxfd = fd;select_fdidx[fd] = nselect_fds;++nselect_fds;}#else#ifdef HAVE_POLL#endif#endifint FdWatcher::fdwatch_get_nfiles(){int i;//FdWatcher* fd=fdw;//返回一个进程能打开的最大文件数fd->nfiles=getdtablesize();//如果可以使用rlimit,则使用rlimit获取更精确的limitstruct rlimit rl;if( getrlimit(RLIMIT_NOFILE,&rl)==0 ){if( rl.rlim_max== RLIM_INFINITY)rl.rlim_cur=8192;else if (rl.rlim_max>rl.rlim_cur)rl.rlim_cur=rl.rlim_max;//尝试设置limit为最大,如果不行就放弃setrlimit(RLIMIT_NOFILE,&rl);fd->nfiles=rl.rlim_cur;}#if defined(HAVE_SELECT) && !( defined(HAVE_POLL) || defined(HAVE_DEVPOLL) || defined(HAVE_KQUEUE) )//如果使用select,则nfile不能超过FD_SETSIZEfd->nfiles= MIN(fd->nfiles,FD_SETSIZE);#endif//然后初始化和fdwatch相关的数据成员fd->nwatches=0;fd->fd_rw=(int*)malloc(sizeof(int)*fd->nfiles);fd->fd_data=(void**)malloc(sizeof(void*)*fd->nfiles);if(fd->fd_rw==(int*)0 || fd->fd_data==(void**)0 )return -1;for( i=0;i<fd->nfiles;++i)fd->fd_rw[i]=-1;}void FdWatcher::fdwatch_add_fd(int fd, void* client_data,int rw){if(fd<0 || fd>=nfiles || fd_rw[fd]!=-1 ){//errorreturn;}//根据预定义的处理方式选择不同的ADD_FD方法ADD_FD(fd,rw);//使用fd_rw和fd_data两个bitmap数组,对应slot上存放对应fd的rw标志和cdfd_rw[fd]=rw;fd_data[fd]=client_data;}/** fdwatcher **/#endif/** tool function **/static void lookup_hostname( httpd_sockaddr* sa4P, size_t sa4_len, int* gotv4P, httpd_sockaddr* sa6P, size_t sa6_len, int* gotv6P ){#ifdef USE_IPV6//...#else //IPV4//hostent结构体,gethostbyname返回值类型,数据成员包括(主机规范名,主机别名,主机ip地址类型,ip地址长度,网络字节序的主机ip地址)struct hostent *he;//表示不使用v6版本*gotv6P=0;(void)memset(sa4P,0,sa4_len);sa4P->sa.sa_family=AF_INET;//没有指定监听hostname,则绑定到所有接口if( hostname==(char*)0 )sa4P->sa_in.sin_addr.s_addr=htonl(INADDR_ANY);else{//如果指定了hostname,那要通过gethostbyname获取ip等信息。sa4P->sa_in.sin_addr.s_addr=inet_addr(hostname);if( (int)sa4P->sa_in.sin_addr.s_addr==-1){he=gethostbyname(hostname);if(he == (struct hostent*)0 ){//errorexit(1);}if( he->h_addrtype!=AF_INET){//errorexit(1);}(void) memmove(&sa4P->sa_in.sin_addr.s_addr , he->h_addr, he->h_length);}}sa4P->sa_in.sin_port=htons(port);*gotv4P=1;#endif}long tmr_mstimeout(struct timeval* nowP){return 0;}/** tool function **//** httpd_initialize **/#ifdef SERVER_NAME_LISTstatic char*hostname_map( char* hostname ) { int len, n; static char* list[] = { SERVER_NAME_LIST }; len = strlen( hostname ); for ( n = sizeof(list) / sizeof(*list) - 1; n >= 0; --n )if ( strncasecmp( hostname, list[n], len ) == 0 ) if ( list[n][len] == '/' ) /* check in case of a substring match */return &list[n][len + 1]; return (char*) 0; }#endif /* SERVER_NAME_LIST */static int initialize_listen_socket(httpd_sockaddr* sap){}static void free_httpd_server(httpd_server* hs){}httpd_server* httpd_initialize(char *hostname,httpd_sockaddr* sa4p, httpd_sockaddr *sa6p,unsigned short port){httpd_server *hs=(httpd_server*)malloc(sizeof(httpd_server));static char ghnbuf[256];if(hs==(httpd_server*)0){printf("out of memory for allocating httpd_server \n");return (httpd_server*)0;}//在此之前有调用gethostbyname等操作if(hostname!=(char*)0){//设置hs的bindinghostname和serverhostnamehs->binding_hostname=strdup(hostname);if( hs->binding_hostname==(char*)0 ){printf("out of memory copying hostname\n");return (httpd_server*)0;}hs->server_hostname=hs->binding_hostname;}else{hs->binding_hostname=(char*)0;hs->server_hostname=(char*)0;//得到主机名if(gethostname(ghnbuf,sizeof(ghnbuf))<0)ghnbuf[0]='\0';#ifdef SERVER_NAME_LISTif ( ghnbuf[0]!='\0')hs->server_hostname=hostname_map(ghnbuf);#endifif ( hs->server_hostname==(char*)0){#ifdef SERVER_NAMEhs->server_hostname=SERVER_NAME;#elseif(ghnbuf[0]!='\0')hs->server_hostname=ghnbuf;#endif}}hs->port=port;//initialize_listen_socket,就是socket bind listenif( sa6p == (httpd_sockaddr*)0)hs->listen6_fd=-1;elsehs->listen6_fd=initialize_listen_socket(sa6p);if( sa4p == (httpd_sockaddr*)0)hs->listen4_fd=-1;elsehs->listen4_fd=initialize_listen_socket(sa4p);if(hs->listen4_fd==-1 && hs->listen6_fd==-1){free_httpd_server(hs);return (httpd_server*)0;}}/** httpd_initialize **/int main(){hostname=0;port=51423;struct timeval tv;//初始化sockaddr_inhttpd_sockaddr sa4;httpd_sockaddr sa6;int gotv4, gotv6;lookup_hostname(&sa4,sizeof(sa4),&gotv4,&sa6,sizeof(sa6),&gotv6);//计算系统允许的fd数,初始化fdwatch,io复用模式相关的FdWatcher *fdw=FdWatcher::getFdWatcherInstance();max_connects=fdw->fdwatch_get_nfiles();if(max_connects < 0){printf("fdwatch init failure\n");exit(1);}max_connects -= SPARE_FDS;//真正做network相关的。做hs初始化和socket,bind,listenhs=httpd_initialize(hostname,gotv4?&sa4:(httpd_sockaddr*)0,gotv6?&sa6:(httpd_sockaddr*)0,port);if(hs != (httpd_server*)0){if (hs->listen4_fd!=-1)//注册监听fdfdw->fdwatch_add_fd(hs->listen4_fd,(void*)0,FDW_READ);if (hs->listen6_fd!=-1)fdw->fdwatch_add_fd(hs->listen6_fd,(void*)0,FDW_READ);}int num_ready;(void) gettimeofday( &tv, (struct timezone*) 0 );while( (!terminate)||num_connects>0 ){num_ready=fdw->fdwatch(tmr_mstimeout(&tv));if(num_ready<0){if( errno==EINTR || errno==EAGAIN)continue;exit(1);}(void) gettimeofday( &tv, (struct timezone*) 0 );if(num_ready==0){//tmr_run(&tv);continue;}//num_ready>0//accept并加入listen setif ( hs != (httpd_server*) 0 && hs->listen6_fd != -1 && fdw->fdwatch_check_fd( hs->listen6_fd ) ) {//if ( handle_newconnect( &tv, hs->listen6_fd ) )continue; }if ( hs != (httpd_server*) 0 && hs->listen4_fd != -1 && fdw->fdwatch_check_fd( hs->listen4_fd ) ) {//if ( handle_newconnect( &tv, hs->listen4_fd ) )continue; }/*while*///tmr_run(&tv);/*if( !terminate){terminate=1;if (hs!=(httpd_server*)0){if (hs->listen4_fd!=-1)fdw->fdwatch_del_fd(hs->listen4_fd);if (hs->listen6_fd!=-1)fdw->fdwatch_del_fd(hs->listen6_fd);//httpd_unlisten(hs);}}*/}//end while//shut_down();exit(0);}
Chroot安全模块
chroot
1 /* 2 chroot是一个系统调用,将程序的可见文件视图限制到当前目录及其下面的其他目录。这样其他远程user就无法访问初始目录外的文件。 3 子进程也会有这样的属性,所以CGI文件也会有这样的效果。 4 但是只有root才可以调用chroot,所以这意味程序只能由root启动,但是thttpd中最后root可以转换为其他user,也保证了这点。 5 1.限制被CHROOT的使用者所能执行的程序 6 2.防止使用者存取某些特定档案,如/etc/passwd。 7 3.防止入侵者/bin/rm -rf /。 8 4.提供Guest服务以及处罚恶意的使用者。 9 5.增进系统的安全。 10 文章:http://hi.baidu.com/alsrt/blog/item/de74f8389c36a32796ddd8be.html 11 http://hi.baidu.com/alsrt/blog/item/04ccce43711280159213c6bd.html 12 http://blog.csdn.net/hfw_1987/article/details/5362078 13 */ 14 #include<pwd.h> 15 #include<sys/types.h> 16 #include<unistd.h> 17 #include<stdlib.h> 18 #include<sys/file.h> 19 #include<string.h> 20 #include<sys/types.h> 21 #include<grp.h> 22 #include<stdio.h> 23 #include<errno.h> 24 25 #define DEFAULT_USER "nobody" 26 #ifndef MAXPATHLEN 27 #define MAXPATHLEN 1024 28 #endif 29 30 void printCwd(char* cwd) 31 { 32 memset(cwd,0,sizeof(cwd)); 33 (void) getcwd(cwd,sizeof(cwd)-1); 34 if(cwd[strlen(cwd)-1]!='/') 35 (void) strcat(cwd,"/"); 36 printf("%s\n",cwd); 37 } 38 int main() 39 { 40 char* user=(char *)"aga"; //DEFAULT_USER 41 struct passwd* pwd; 42 uid_t uid=32767; 43 gid_t gid=32767; 44 45 //如果是root权限,获取将要托管的user的uid和pid 46 if( getuid()==0) 47 { 48 pwd=getpwnam(user); 49 if(pwd==(struct passwd*)0) 50 { 51 //error 52 printf("error pwd\n"); 53 exit(1); 54 } 55 uid=pwd->pw_uid; 56 gid=pwd->pw_gid; 57 } 58 59 #ifdef USE_USER_DIR 60 if( getuid()==0) 61 { 62 if( chdir(pwd->pw_dir)<0 ) 63 { 64 //error 65 printf("error chdir\n"); 66 exit(1); 67 } 68 } 69 #endif 70 71 //当前工作目录 72 char cwd[MAXPATHLEN+1]; 73 printCwd(cwd); 74 75 //系统的目录结构将以指定的位置作为'/'的位置 76 //作用: 77 //增加了系统安全性,新根下访问不到旧根目录和文件 78 //建立一个与原系统隔离的系统目录结构,方便用户开发 79 //引导linux系统启动以及急救系统等 80 //详细见IBM文章 81 if(chroot(cwd)<0) 82 //将当前程序的工作目录作为新的文件夹root,成功后getcwd变为"/" 83 { 84 printf("error chroot\n"); 85 exit(1); 86 } 87 88 //当前的工作目录变为"/" 89 printCwd(cwd); 90 91 //在新的"/"目录下跳转到a文件夹 92 if ( chdir( "a" ) < 0 ) 93 { 94 //error 95 printf("error chdir2\n,%s",strerror(errno)); 96 exit( 1 ); 97 } 98 99 //路径 "/a/"100 printCwd(cwd);101 102 //root完成chroot调用后,转换身份103 if ( getuid() == 0 )104 {105 /*106 // Set aux groups to null. 107 if ( setgroups( 0, (const gid_t*) 0 ) < 0 )108 {109 printf("error setgroups\n");110 exit( 1 );111 }112 */ 113 114 if ( setgid( gid ) < 0 )115 {116 printf("error setgid\n");117 exit( 1 );118 }119 120 #ifdef HAVE_SETLOGIN121 (void) setlogin( user );122 #endif123 124 if ( setuid( uid ) < 0 )125 {126 printf("error syslog\n");127 exit( 1 );128 }129 }130 }
其他模块
- thttpd源码分析
- thttpd源码分析
- thttpd源码分析
- thttpd源码分析
- thttpd源码分析
- thttpd 2.25b源码分析
- thttpd 2.25b源码分析
- thttpd 2.25b源码分析
- thttpd源码分析-----http协议头部检测
- thttpd源码小分析之Reactor pattern
- thttpd源码小分析之Reactor pattern
- thttpd源码
- thttpd源码剖析
- thttpd.Timer.c分析
- thttpd源码解析 定时器模块
- thttpd源码解析 定时器模块
- thttpd源码解析 定时器模块
- thttpd
- Apple 微软 Google 都在竞购一家创业公司
- opennebula context iso 的生成过程及其主要功能
- asp.net中利用Jquery+Ajax+Json实现无刷新分页
- 组件笔记(二)
- HGE中的Texture操作
- thttpd源码分析
- 组件笔记(一)
- 来自 Dropbox 的可扩展性设计经验
- 链
- 程序面100题(38)-输出1到最大的N数位
- 封装,一种简洁的美
- (转)epoll源码分析
- linux下epoll如何实现高效处理
- (转)Linux IO多路复用之epoll网络编程