-# $OpenBSD: httpd.conf,v 1.8 2014/08/04 17:50:48 reyk Exp $
+# $OpenBSD: httpd.conf,v 1.9 2014/08/05 18:01:10 reyk Exp $
#
# Macros
# An HTTPS server using SSL/TLS
server "secure.example.com" {
listen on 127.0.0.1 port 443 ssl
+
+ # Define server-specific log files relative to /logs
+ log { access "secure-access.log", error "secure-error.log" }
+
+ # Increase connection limits to extend the lifetime
+ connection { max requests 500, timeout 3600 }
+
root "/htdocs/secure.example.com"
}
-/* $OpenBSD: config.c,v 1.18 2014/08/05 15:36:59 reyk Exp $ */
+/* $OpenBSD: config.c,v 1.19 2014/08/05 18:01:10 reyk Exp $ */
/*
* Copyright (c) 2011 - 2014 Reyk Floeter <reyk@openbsd.org>
sizeof(srv_conf->errorlog));
}
+ memcpy(&srv_conf->timeout, &srv->srv_conf.timeout,
+ sizeof(srv_conf->timeout));
+ srv_conf->maxrequests = srv->srv_conf.maxrequests;
+
DPRINTF("%s: %s %d location \"%s\", "
"parent \"%s\", flags: %s",
__func__, ps->ps_title[privsep_process], ps->ps_instance,
-.\" $OpenBSD: httpd.conf.5,v 1.25 2014/08/05 17:13:16 reyk Exp $
+.\" $OpenBSD: httpd.conf.5,v 1.26 2014/08/05 18:01:10 reyk Exp $
.\"
.\" Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
.\"
.Ar name
and include one or more lines of the following syntax:
.Bl -tag -width Ds
+.It Ic connection Ar option
+Set the specified options and limits for HTTP connections.
+Valid options are:
+.Bl -tag -width Ds
+.It Ic max requests Ar number
+Set the maximum number of requests per persistent HTTP connection.
+Persistent connections are negotiated using the Keep-Alive header in
+HTTP/1.0 and enabled by default in HTTP/1.1.
+The default maximum number of requests per connection is
+.Ar 100 .
+.It Ic timeout Ar seconds
+Specify the inactivity timeout in seconds for accepted sessions.
+The default timeout is 600 seconds (10 minutes).
+The maximum is 2147483647 seconds (68 years).
+.El
.It Ic directory Ar option
Set the specified options when serving or accessing directories.
Valid options are:
The
.Ar path
argument will be matched against the URL path with shell globbing rules.
-A location section may include all of the server configuration rules
+A location section may include most of the server configuration rules
except
+.Ic connection ,
.Ic listen on ,
.Ic location
and
-/* $OpenBSD: httpd.h,v 1.45 2014/08/05 16:30:35 reyk Exp $ */
+/* $OpenBSD: httpd.h,v 1.46 2014/08/05 18:01:10 reyk Exp $ */
/*
* Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
off_t clt_toread;
size_t clt_headerlen;
- int clt_persist;
+ u_int clt_persist;
int clt_line;
int clt_done;
int clt_chunk;
in_port_t port;
struct sockaddr_storage ss;
- struct timeval timeout;
int prefixlen;
+ struct timeval timeout;
+ u_int32_t maxrequests;
u_int16_t flags;
u_int8_t tcpflags;
-/* $OpenBSD: parse.y,v 1.27 2014/08/05 17:03:21 reyk Exp $ */
+/* $OpenBSD: parse.y,v 1.28 2014/08/05 18:01:10 reyk Exp $ */
/*
* Copyright (c) 2007 - 2014 Reyk Floeter <reyk@openbsd.org>
%}
%token ACCESS AUTO BACKLOG BUFFER CHROOT COMMON COMBINED CONNECTION
-%token DIRECTORY ERR FCGI INDEX IP LISTEN LOCATION LOG NO NODELAY ON PORT
-%token PREFORK ROOT SACK SERVER SOCKET SSL STYLE SYSLOG TCP TYPES
+%token DIRECTORY ERR FCGI INDEX IP LISTEN LOCATION LOG MAXIMUM NO NODELAY
+%token ON PORT PREFORK REQUESTS ROOT SACK SERVER SOCKET SSL STYLE SYSLOG
+%token TCP TIMEOUT TYPES
%token ERROR INCLUDE
%token <v.string> STRING
%token <v.number> NUMBER
%type <v.port> port
%type <v.number> optssl
+%type <v.tv> timeout
%%
sizeof(s->srv_conf.errorlog));
s->srv_conf.id = ++last_server_id;
s->srv_conf.timeout.tv_sec = SERVER_TIMEOUT;
+ s->srv_conf.maxrequests = SERVER_MAXREQUESTS;
s->srv_conf.flags |= SRVFLAG_LOG;
s->srv_conf.logformat = LOG_FORMAT_COMMON;
yyerror("tcp flags inside location");
YYERROR;
}
- } tcpflags
- | TCP {
+ } tcpip
+ | CONNECTION {
if (parentsrv != NULL) {
- yyerror("tcp flags inside location");
+ yyerror("connection options inside location");
YYERROR;
}
- } '{' tcpflags_l '}'
+ } connection
| ROOT STRING {
if (strlcpy(srv->srv_conf.root, $2,
sizeof(srv->srv_conf.root)) >=
}
;
+connection : '{' conflags_l '}'
+ | conflags
+ ;
+
+conflags_l : conflags comma conflags_l
+ | conflags
+ ;
+
+conflags : TIMEOUT timeout {
+ memcpy(&srv_conf->timeout, &$2,
+ sizeof(struct timeval));
+ }
+ | MAXIMUM REQUESTS NUMBER {
+ srv_conf->maxrequests = $3;
+ }
+ ;
+
dirflags_l : dirflags comma dirflags_l
| dirflags
;
}
;
+tcpip : '{' tcpflags_l '}'
+ | tcpflags
+ ;
+
tcpflags_l : tcpflags comma tcpflags_l
| tcpflags
;
}
;
+timeout : NUMBER
+ {
+ if ($1 < 0) {
+ yyerror("invalid timeout: %d\n", $1);
+ YYERROR;
+ }
+ $$.tv_sec = $1;
+ $$.tv_usec = 0;
+ }
+ ;
+
comma : ','
| nl
| /* empty */
{ "listen", LISTEN },
{ "location", LOCATION },
{ "log", LOG },
+ { "max", MAXIMUM },
{ "no", NO },
{ "nodelay", NODELAY },
{ "on", ON },
{ "port", PORT },
{ "prefork", PREFORK },
+ { "requests", REQUESTS },
{ "root", ROOT },
{ "sack", SACK },
{ "server", SERVER },
{ "style", STYLE },
{ "syslog", SYSLOG },
{ "tcp", TCP },
+ { "timeout", TIMEOUT },
{ "types", TYPES }
};
const struct keywords *p;
-/* $OpenBSD: server_http.c,v 1.38 2014/08/05 16:30:36 reyk Exp $ */
+/* $OpenBSD: server_http.c,v 1.39 2014/08/05 18:01:10 reyk Exp $ */
/*
* Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org>
clt->clt_persist = 0;
}
- if (clt->clt_persist >= SERVER_MAXREQUESTS)
+ if (clt->clt_persist >= srv_conf->maxrequests)
clt->clt_persist = 0;
/*
projects / openbsd / commitdiff