Happy for you to try and break it, hopefully with something more interesting than a DoS though :) Please let me know if you find any issues.
Happy for you to try and break it, hopefully with something more interesting than a DoS though :) Please let me know if you find any issues.
Which is fine, unless the first call returns NULL, because there was no period in the name, and then the program will crash.
Here's str_rchr() which uses the offset of the terminating NUL as the returned sentinel value:
* https://github.com/jdebp/djbwares/blob/trunk/source/str_rchr...
And here's it being used (by publicfile's httpd and indeed other programs) to find the basename's extension in order to infer a content type:
* https://github.com/jdebp/djbwares/blob/trunk/source/filetype...
The extension is always a non-NULL string, that can always be passed to str_equal(). It is just sometimes a zero-length string.
It's possible, but a bit clunky, to achieve the same effect with two successive calls to Standard C/C++ strrchr(), or strchr(), the second being:
if (!result) result = std::strchr(s, '\0');
* https://github.com/jdebp/nosh/blob/c8d635c284b41b483067d5f58...
One can get very lost in the weeds on the comparative merits on different instruction architectures of compiler intrinsics, explicit loop unrolling, whole program optimization, and whatnot. (-:
PS. You may be unaware that your shortened domain name 'benren' from your whois-available real name means "stupid person" in Mandarin. Only noted because there is a company registered with the same name since 1999. On the off chance it's yours, probably not the best marketing in a global world. Just throwing it out there.
Also, Pinyin is more susceptible to accidental interpretations than most writing systems due to ambiguity and tonality. For example, “mana” can be parsed into 32 different syllable-tone combinations (man/a or ma/na times 4x4 tone combinations for each syllable), and while most aren’t meaningful, that still gives you a ton of potential words to match against.
Harsh? Maybe, but you’re posting this to a site with some of the most talented developers on planet. Real talk, sorry.
Harsh? Maybe, but you're posting this to a site with some of the most jaded developers on the planet. Not sorry.
1) Run it in a container
2) Isolate it through a reverse proxy, probably nginx
Also I’m curious how a bonnet can get through a container … outgoing connections should be blocked by default
// it doesn't seem to love piping or redirecting output without this, even
// with the newlines above
fflush(stdout);
setvbuf(stdout, NULL, _IOLBF, BUFSIZ);
On the whole, it actually almost implements the minimally required amount of HTTP/1.1: I would suggest adding support for HEAD requests, it's just a single flag that you need to set in the try_parse_request_path(), and check in generate_response(). Also, probably check that the request path is followed by "HTTP/1." before sending the response? And I'd really recommend finishing reading out all of the request from the socket (that is, until you've seen "\r\n\r\n"), or you may run into the problem of your clients not being sent the complete response [0].
But other than that, yeah, it is an HTTP server. The HTTP protocol is decently well thought out so that you can be oblivious of most of the features you don't want to support.
[0] https://blog.netherlabs.nl/articles/2009/01/18/the-ultimate-... — the tl;dr is that if you do close() on a socket that still has the data from the client you haven't recv()d, the client will be sent an RST.
> This server follows almost none of that.
This made me chuckle :-)
> Readers MUST NOT hold this against the project, and SHOULD use this as motivation to keep some of their own side projects fun and short.
That's comedy gold, right there. (Tip: RFC-2119)
joncfoo•5mo ago
GSGBen•5mo ago
eyjafjallajokul•5mo ago
201984•5mo ago
Too many simultaneous connections for his router maybe? Or too much bandwidth for his internet connection?
binaryturtle•5mo ago
cat /proc/sys/net/netfilter/nf_conntrack_max
Should give some details.
201984•5mo ago
binaryturtle•5mo ago
It's done via /etc/sysctl.conf
> net.netfilter.nf_conntrack_max=32768
Afterwards "sysctl -p" to apply/ reload the config file. But increasing blindly is a bad idea… it needs to be done with ip_conntrack_buckets in sync for proper balance (memory use, CPU usage). Best to read upon it.
But just going from 16K to 32K shouldn't be any problem for most routers these days.
1vuio0pswjnm7•5mo ago
Fewer source IPs
GSGBen•5mo ago
GSGBen•5mo ago
Source is here btw: https://github.com/GSGBen/unsafehttp/blob/main/src/main.c
Retr0id•5mo ago