Download - LSA2 - 03 Http apache nginx
WEB?
HTTPApacheNginx
HTTP
Text based protocl defined in 1991
V0.9 defined default port 80
uses TCP/IP connection but should be able to run on any connection oriented protocol
RFCs 2616, 5785, 6266, 6585, 3986, 6874
HTTP vs. Gopher
HTTP defines HTML as formatting for documents
Gopher defines menu style format
HTTP does not define any easy for searching and indexing pages
Trough its simple structure, gopher allows easy search and indexing
HTTP80rfc2616 Gopher70rfc1436
Gopher defined the URI standard
HTTP
Methods
Requests
Responses
Headers
URI/URL
CGI
HTTP Methods
Method URI Proto GET /lib/ana/sex.txtHTTP/1.0
GET
HEAD
POST
OPTIONS
TRACE
PUT
DELETE
HTTP Requests
Method URI Proto + CRLFHEADER + CRLFHEADER + CRLFCRLFGET /pics/ana/naked.jpg HTTP/1.0 + CRLFRange: 2400-2600,2900-3200 + CRLFCRLF
HTTP Responses
GET /pics/ana/naked.jpg HTTP/1.0 + CRLFRange:
2400-2600,2900-3200 + CRLFCRLF
ProtoStatusReasonHTTP/1.0200OK + CRLFResponse headers +
CRLFCRLF.... binary data here .....
HTTP proto differences
HTTP/1.0close connection after each request
HTTP/1.1Host header
Connection: keep-alive
CONNECT method
Uniform Resource Identifier
(URI)
UR Locator - URL
Protocols: file, http, https, ftp, ftps, mailto, telnet, ssh, smb, irc
proto :// user:pass @ host : port / path ? params
params: param=value & param=value
Common Gateway Interface
(CGI)
CGI is not Computer Generated Imagery :)
Web ServerDynamic Content Generator(CGI script)
SERVER_SOFTWARESERVER_NAMEGATEWAY_INTERFACE
SERVER_PROTOCOLSERVER_PORTREQUEST_METHODPATH_INFO - request pathPATH_TRANSLATED - full fs pathSCRIPT_NAME - request pathQUERY_STRINGREMOTE_HOSTREMOTE_ADDRAUTH_TYPEREMOTE_USERREMOTE_IDENTCONTENT_TYPECONTENT_LENGTH
Common Gateway Interface
(CGI)
CGI is not Computer Generated Imagery :)
Web ServerDynamic Content Generator(CGI script)
/bin/sh + special environment variables1. Create a new environment2. Create a new shell process3. Execute the scriptNote: the script must be executable and must be able to produce the required output.
Responses must start with: Content-type: some-type + CRLF
Responses may include Status codes:
200 OK + CRLF
Apache
Documentation
Module architecture
Multi-processing Modules (MPMs)
Additional Modules
MPMs - Prefork
mpm_common
Prefork
Worker
Event
Child
ChildChild
MemoryMemoryMemoryMemoryMainProcess
MPMs - Worker
mpm_common
Prefork
Worker
Event
ChildChildChildMain Process
Memory
MPMs - event
mpm_common
Prefork
Worker
Event
desc_ready = select(1, &rfds, NULL, NULL, &tv);for (i=0; i 0; ++i) {
VS.
for (;;) { nfds = epoll_wait(epollfd, events, MAX_EVENTS, -1);
Module structure - Startup
Pre-Config
Test Configuration
Post Configuration
Open Logs
Child Init
Note that all of these are performed at least two times!
Module structure - Request
Pre-Connection
Create Connection
Process Connection
Create Request
Post-Read Request
Header Parse
HTTP Scheme
Default Port
Quick Handler
Translate Name
Map to Storage
Check Access
Verify User ID
Verify User Access
Check Type
Fixups
Insert Filters
Content Handlers
Logging
Insert Errors
Apache - Content handlers
module_namemodule_filemime_typepriority
cgi_modulemod_cgi.c.cgi .pl .sh10
php_modulemod_php.c.php .php510
perl_modulemod_perl.c.pl .pm10
Apache - CGI execution
Apache
Child
mod_php
Child
mod_cgi
root
nobody
nobody
Child
mod_cgi
Child
mod_suphp
index.phpindex.phpsuexecindex.php/bin/sh/bin/sh
suphpindex.php/bin/sh
user
user
Apache - CGI execution
Apache
Child
mod_fcgid
Child
mod_fcgid
root
nobody
user
index.phpFastCGIdaemonchildchildchild
index.phpindex.php
suexec
Apache structure
bin/httpd - the server
ab - Apache Bench
apxs - externel module builder
htpasswd
suexec
conf/httpd.conf
mime.typs + magic
modules/ (libexec on 1.3)
logs/