1/* config.h - configuration defines for thttpd and libhttpd 2** 3** Copyright �� 1995,1998,1999,2000,2001 by Jef Poskanzer <jef@mail.acme.com>. 4** All rights reserved. 5** 6** Redistribution and use in source and binary forms, with or without 7** modification, are permitted provided that the following conditions 8** are met: 9** 1. Redistributions of source code must retain the above copyright 10** notice, this list of conditions and the following disclaimer. 11** 2. Redistributions in binary form must reproduce the above copyright 12** notice, this list of conditions and the following disclaimer in the 13** documentation and/or other materials provided with the distribution. 14** 15** THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16** ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18** ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19** FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20** DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21** OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22** HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23** LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24** OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25** SUCH DAMAGE. 26*/ 27 28#ifndef _CONFIG_H_ 29#define _CONFIG_H_ 30 31 32/* The following configuration settings are sorted in order of decreasing 33** likelihood that you'd want to change them - most likely first, least 34** likely last. 35** 36** In case you're not familiar with the convention, "#ifdef notdef" 37** is a Berkeleyism used to indicate temporarily disabled code. 38** The idea here is that you re-enable it by just moving it outside 39** of the ifdef. 40*/ 41 42/* CONFIGURE: CGI programs must match this pattern to get executed. It's 43** a simple shell-style wildcard pattern, with * meaning any string not 44** containing a slash, ** meaning any string at all, and ? meaning any 45** single character; or multiple such patterns separated by |. The 46** patterns get checked against the filename part of the incoming URL. 47** 48** Restricting CGI programs to a single directory lets the site administrator 49** review them for security holes, and is strongly recommended. If there 50** are individual users that you trust, you can enable their directories too. 51** 52** You can also specify a CGI pattern on the command line, with the -c flag. 53** Such a pattern overrides this compiled-in default. 54** 55** If no CGI pattern is specified, neither here nor on the command line, 56** then CGI programs cannot be run at all. If you want to disable CGI 57** as a security measure that's how you do it, just don't define any 58** pattern here and don't run with the -c flag. 59*/ 60#ifdef notdef 61/* Some sample patterns. Allow programs only in one central directory: */ 62#define CGI_PATTERN "/cgi-bin/*" 63/* Allow programs in a central directory, or anywhere in a trusted 64** user's tree: */ 65#define CGI_PATTERN "/cgi-bin/*|/jef/**" 66/* Allow any program ending with a .cgi: */ 67#define CGI_PATTERN "**.cgi" 68/* When virtual hosting, enable the central directory on every host: */ 69#define CGI_PATTERN "/*/cgi-bin/*" 70#endif 71 72/* CONFIGURE: How many seconds to allow CGI programs to run before killing 73** them. This is in case someone writes a CGI program that goes into an 74** infinite loop, or does a massive database lookup that would take hours, 75** or whatever. If you don't want any limit, comment this out, but that's 76** probably a really bad idea. 77*/ 78//#define CGI_TIMELIMIT 30 79 80/* CONFIGURE: Maximum number of simultaneous CGI programs allowed. 81** If this many are already running, then attempts to run more will 82** return an HTTP 503 error. If this is not defined then there's 83** no limit (and you'd better have a lot of memory). This can also be 84** set in the runtime config file. 85*/ 86#ifdef notdef 87#define CGI_LIMIT 50 88#endif 89 90/* CONFIGURE: How many seconds to allow for reading the initial request 91** on a new connection. 92*/ 93#define IDLE_READ_TIMELIMIT 60 94 95/* CONFIGURE: How many seconds before an idle connection gets closed. 96*/ 97#define IDLE_SEND_TIMELIMIT 300 98 99/* CONFIGURE: The syslog facility to use. Using this you can set up your 100** syslog.conf so that all thttpd messages go into a separate file. Note 101** that even if you use the -l command line flag to send logging to a 102** file, errors still get sent via syslog. 103*/ 104#define LOG_FACILITY LOG_DAEMON 105 106/* CONFIGURE: Tilde mapping. Many URLs use ~username to indicate a 107** user's home directory. thttpd provides two options for mapping 108** this construct to an actual filename. 109** 110** 1) Map ~username to <prefix>/username. This is the recommended choice. 111** Each user gets a subdirectory in the main chrootable web tree, and 112** the tilde construct points there. The prefix could be something 113** like "users", or it could be empty. See also the makeweb program 114** for letting users create their own web subdirectories. 115** 116** 2) Map ~username to <user's homedir>/<postfix>. The postfix would be 117** the name of a subdirectory off of the user's actual home dir, something 118** like "public_html". This is what Apache and other servers do. The problem 119** is, you can't do this and chroot() at the same time, so it's inherently 120** a security hole. This is strongly dis-recommended, but it's here because 121** some people really want it. Use at your own risk. 122** 123** You can also leave both options undefined, and thttpd will not do 124** anything special about tildes. Enabling both options is an error. 125*/ 126//#ifdef notdef 127//#define TILDE_MAP_1 "users" 128//#define TILDE_MAP_2 "public_html" 129//#endif 130 131/* CONFIGURE: The file to use for authentication. If this is defined then 132** thttpd checks for this file in the local directory before every fetch. 133** If the file exists then authentication is done, otherwise the fetch 134** proceeds as usual. 135** 136** If you undefine this then thttpd will not implement authentication 137** at all and will not check for auth files, which saves a bit of CPU time. 138*/ 139//#define AUTH_FILE ".htpasswd" 140 141/* CONFIGURE: The default character set name to use with text MIME types. 142** This gets substituted into the MIME types where they have a "%s". 143** 144** You can override this in the config file with the "charset" setting, 145** or on the command like with the -T flag. 146*/ 147#define DEFAULT_CHARSET "iso-8859-1" 148 149 150/* Most people won't want to change anything below here. */ 151 152/* CONFIGURE: This controls the SERVER_NAME environment variable that gets 153** passed to CGI programs. By default thttpd does a gethostname(), which 154** gives the host's canonical name. If you want to always use some other name 155** you can define it here. 156** 157** Alternately, if you want to run the same thttpd binary on multiple 158** machines, and want to build in alternate names for some or all of 159** them, you can define a list of canonical name to altername name 160** mappings. thttpd seatches the list and when it finds a match on 161** the canonical name, that alternate name gets used. If no match 162** is found, the canonical name gets used. 163** 164** If both SERVER_NAME and SERVER_NAME_LIST are defined here, thttpd searches 165** the list as above, and if no match is found then SERVER_NAME gets used. 166** 167** In any case, if thttpd is started with the -h flag, that name always 168** gets used. 169*/ 170#ifdef notdef 171#define SERVER_NAME "your.hostname.here" 172#define SERVER_NAME_LIST \ 173 "canonical.name.here/alternate.name.here", \ 174 "canonical.name.two/alternate.name.two" 175#endif 176 177/* CONFIGURE: Undefine this if you want thttpd to hide its specific version 178** when returning into to browsers. Instead it'll just say "thttpd" with 179** no version. 180*/ 181//#define SHOW_SERVER_VERSION 182 183/* CONFIGURE: Define this if you want to always chroot(), without having 184** to give the -r command line flag. Some people like this as a security 185** measure, to prevent inadvertant exposure by accidentally running without -r. 186** You can still disable it at runtime with the -nor flag. 187*/ 188#ifdef notdef 189#define ALWAYS_CHROOT 190#endif 191 192/* CONFIGURE: Define this if you want to always do virtual hosting, without 193** having to give the -v command line flag. You can still disable it at 194** runtime with the -nov flag. 195*/ 196#ifdef notdef 197#define ALWAYS_VHOST 198#endif 199 200/* CONFIGURE: If you're using the vhost feature and you have a LOT of 201** virtual hostnames (like, hundreds or thousands), you will want to 202** enable this feature. It avoids a problem with most Unix filesystems, 203** where if there are a whole lot of items in a directory then name lookup 204** becomes very slow. This feature makes thttpd use subdirectories 205** based on the first characters of each hostname. You can set it to use 206** from one to three characters. If the hostname starts with "www.", that 207** part is skipped over. Dots are also skipped over, and if the name isn't 208** long enough then "_"s are used. Here are some examples of how hostnames 209** would get turned into directory paths, for each different setting: 210** 1: www.acme.com -> a/www.acme.com 211** 1: foobar.acme.com -> f/foobar.acme.com 212** 2: www.acme.com -> a/c/www.acme.com 213** 2: foobar.acme.com -> f/o/foobar.acme.com 214** 3: www.acme.com -> a/c/m/www.acme.com 215** 3: foobar.acme.com -> f/o/o/foobar.acme.com 216** 3: m.tv -> m/t/v/m.tv 217** 4: m.tv -> m/t/v/_/m.tv 218** Note that if you compile this setting in but then forget to set up 219** the corresponding subdirectories, the only error indication you'll 220** get is a "404 Not Found" when you try to visit a site. So be careful. 221*/ 222#ifdef notdef 223#define VHOST_DIRLEVELS 1 224#define VHOST_DIRLEVELS 2 225#define VHOST_DIRLEVELS 3 226#endif 227 228/* CONFIGURE: Define this if you want to always use a global passwd file, 229** without having to give the -P command line flag. You can still disable 230** it at runtime with the -noP flag. 231*/ 232#ifdef notdef 233#define ALWAYS_GLOBAL_PASSWD 234#endif 235 236/* CONFIGURE: When started as root, the default username to switch to after 237** initializing. If this user (or the one specified by the -u flag) does 238** not exist, the program will refuse to run. 239*/ 240#define DEFAULT_USER "nobody" 241 242/* CONFIGURE: When started as root, the program can automatically chdir() 243** to the home directory of the user specified by -u or DEFAULT_USER. 244** An explicit -d still overrides this. 245*/ 246#ifdef notdef 247#define USE_USER_DIR 248#endif 249 250/* CONFIGURE: If this is defined, some of the built-in error pages will 251** have more explicit information about exactly what the problem is. 252** Some sysadmins don't like this, for security reasons. 253*/ 254#define EXPLICIT_ERROR_PAGES 255 256/* CONFIGURE: Subdirectory for custom error pages. The error filenames are 257** $WEBDIR/$ERR_DIR/err%d.html - if virtual hosting is enabled then 258** $WEBDIR/hostname/$ERR_DIR/err%d.html is searched first. This allows 259** different custom error pages for each virtual hosting web server. If 260** no custom page for a given error can be found, the built-in error page 261** is generated. If ERR_DIR is not defined at all, only the built-in error 262** pages will be generated. 263*/ 264#define ERR_DIR "errors" 265 266/* CONFIGURE: Define this if you want a standard HTML tail containing 267** $SERVER_SOFTWARE and $SERVER_ADDRESS to be appended to the custom error 268** pages. (It is always appended to the built-in error pages.) 269*/ 270#define ERR_APPEND_SERVER_INFO 271 272/* CONFIGURE: nice(2) value to use for CGI programs. If this is undefined, 273** CGI programs run at normal priority. 274*/ 275//#define CGI_NICE 10 276 277/* CONFIGURE: $PATH to use for CGI programs. 278*/ 279#define CGI_PATH "/usr/local/bin:/usr/ucb:/bin:/usr/bin" 280 281/* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs. 282*/ 283#ifdef notdef 284#define CGI_LD_LIBRARY_PATH "/usr/local/lib:/usr/lib" 285#endif 286 287/* CONFIGURE: How often to run the occasional cleanup job. 288*/ 289#define OCCASIONAL_TIME 120 290 291/* CONFIGURE: Seconds between stats syslogs. If this is undefined then 292** no stats are accumulated and no stats syslogs are done. 293*/ 294#define STATS_TIME 3600 295 296/* CONFIGURE: The mmap cache tries to keep the total number of mapped 297** files below this number, so you don't run out of kernel file descriptors. 298** If you have reconfigured your kernel to have more descriptors, you can 299** raise this and thttpd will keep more maps cached. However it's not 300** a hard limit, thttpd will go over it if you really are accessing 301** a whole lot of files. 302*/ 303#define DESIRED_MAX_MAPPED_FILES 1000 304 305/* CONFIGURE: The mmap cache also tries to keep the total mapped bytes 306** below this number, so you don't run out of address space. Again 307** it's not a hard limit, thttpd will go over it if you really are 308** accessing a bunch of large files. 309*/ 310#define DESIRED_MAX_MAPPED_BYTES 1000000000 311 312/* You almost certainly don't want to change anything below here. */ 313 314/* CONFIGURE: When throttling CGI programs, we don't know how many bytes 315** they send back to the client because it would be inefficient to 316** interpose a counter. CGI programs are much more expensive than 317** regular files to serve, so we set an arbitrary and high byte count 318** that gets applied to all CGI programs for throttling purposes. 319*/ 320#define CGI_BYTECOUNT 25000 321 322/* CONFIGURE: The default port to listen on. 80 is the standard HTTP port. 323*/ 324#define DEFAULT_PORT 80 325 326/* CONFIGURE: A list of index filenames to check. The files are searched 327** for in this order. 328*/ 329//#define INDEX_NAMES "index.html", "index.htm", "index.xhtml", "index.xht", "Default.htm", "index.cgi" 330 331/* CONFIGURE: If this is defined then thttpd will automatically generate 332** index pages for directories that don't have an explicit index file. 333** If you want to disable this behavior site-wide, perhaps for security 334** reasons, just undefine this. Note that you can disable indexing of 335** individual directories by merely doing a "chmod 711" on them - the 336** standard Unix file permission to allow file access but disable "ls". 337*/ 338#define GENERATE_INDEXES 339 340/* CONFIGURE: Whether to log unknown request headers. Most sites will not 341** want to log them, which will save them a bit of CPU time. 342*/ 343//#ifdef notdef 344//#define LOG_UNKNOWN_HEADERS 345//#endif 346 347/* CONFIGURE: Whether to fflush() the log file after each request. If 348** this is turned off there's a slight savings in CPU cycles. 349*/ 350#define FLUSH_LOG_EVERY_TIME 351 352/* CONFIGURE: Time between updates of the throttle table's rolling averages. */ 353#define THROTTLE_TIME 2 354 355/* CONFIGURE: The listen() backlog queue length. The 1024 doesn't actually 356** get used, the kernel uses its maximum allowed value. This is a config 357** parameter only in case there's some OS where asking for too high a queue 358** length causes an error. Note that on many systems the maximum length is 359** way too small - see http://www.acme.com/software/thttpd/notes.html 360*/ 361#define LISTEN_BACKLOG 1024 362 363/* CONFIGURE: Maximum number of throttle patterns that any single URL can 364** be included in. This has nothing to do with the number of throttle 365** patterns that you can define, which is unlimited. 366*/ 367#define MAXTHROTTLENUMS 10 368 369/* CONFIGURE: Number of file descriptors to reserve for uses other than 370** connections. Currently this is 10, representing one for the listen fd, 371** one for dup()ing at connection startup time, one for reading the file, 372** one for syslog, and possibly one for the regular log file, which is 373** five, plus a factor of two for who knows what. 374*/ 375#define SPARE_FDS 10 376 377/* CONFIGURE: How many milliseconds to leave a connection open while doing a 378** lingering close. 379*/ 380#define LINGER_TIME 500 381 382/* CONFIGURE: Maximum number of symbolic links to follow before 383** assuming there's a loop. 384*/ 385#define MAX_LINKS 32 386 387/* CONFIGURE: You don't even want to know. 388*/ 389#define MIN_WOULDBLOCK_DELAY 100L 390 391#endif /* _CONFIG_H_ */ 392