I telnet the server port listened by asmhttpd and after sending the first line of http request, and the error response got:
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
GET / HTTP/1.1
HTTP/1.1 400 Bad Request
Server: asmttpd/0.4.5

But when I send http request by curl, the response is ok.
$ curl "http://127.0.0.1:8081/" -v

• Trying 127.0.0.1:8081...
• TCP_NODELAY set
• Connected to 127.0.0.1 (127.0.0.1) port 8081 (#0)

GET / HTTP/1.1
Host: 127.0.0.1:8081
User-Agent: curl/7.65.3
Accept: /

• Mark bundle as not supporting multiuse
  < HTTP/1.1 200 OK
  < Server: asmttpd/0.4.5
  < Accept-Ranges: bytes
  < Content-Length: 78
  < Content-Type: text/html
  <

hello world

was this project abandoned ?

I wanted to test it, but it isn't working. I tried to use the release version but I'm getting the same error and no verbose debug information. What should I do?

sudo ./asmttpd web_root/
asmttpd - 0.4

Using Document Root: web_root/
Segmentation fault (core dumped)

https://github.com/TechEmpower/FrameworkBenchmarks

For simplest benches requirements are easy: just set couple headers and return cashed in memory JSON or plain text resource.

Full list of requirements: http://frameworkbenchmarks.readthedocs.org/en/latest/Project-Information/Framework-Tests/#specific-test-requirements

I have cloned this project and have followed the installation instructions as mentioned in the Readme file.

Now when I run following command:

sudo ./asmttpd web_root

It exits without displaying exactly what had happened:

asmttpd - 0.08

Using Document Root: web_root
An error has occured, exiting

FYI, I've yasm 1.1.0.2352 installed on my Ubuntu 12.04 machine.

In order to achieve better portability it's better to use 'as' instead, it can be installed on ARM64, POWER9, MIPS, most OS supported.
Most GNU/Linux distros have gcc by default, but not yasm.

Need to improve performance of header creation.

Make a concat function that takes in an offset of destination string.

This way it wont need to calculate the length every time it adds a header.

It returns the new length already, so we can easily keep track of the length as creation happens.

How to replicate:
Place large file in the web root open firefox start download then pres the abort sign.
The server then quits with the return value 141

for example:

$ wget -O - http://localhost
--2014-07-07 20:56:51--  http://localhost/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:80... failed: Connection refused.
Connecting to localhost (localhost)|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/octet-stream]
Saving to: ‘STDOUT’

The result is 0 bytes. Firefox interprets this as a bin file with a random name. If I specify http://localhost/index.html then it works perfectly.

Please could you add a "default document" feature in the future?

I compiled it with nasm
nasm -f elf64 main.asm -o main.o
Then run
ld -m elf_x86_64 main.o -o asmttpd
Then on Ubuntu Subsystem Linux for Windows 10
after i chmod on it
chmod -R 777 ./asmttpd
I run it
./asmttpd web_root 8000
It gracefully try to bypass firewall by showing a pop up
with option of Public and Private network. However it gives me
segmentation fault (core dumped). And i can't curl on it,
curl on localhost port 8000 connection refused.
How to fix this?

~ > curl --head http://my_host/
HTTP/1.1 200 OK
Server: asmttpd/0.3
Accept-Ranges: bytes
Content-Length: 9223372036854775807                <- ERROR
Content-Type: application/octet-stream

index.html:

hello

Display directory contents when URL is a directory.

• VERSION: 0.4.4
• REPRODUCE:
  with two file in the root directory:
  /x.js -> 200 OK
  /x.min.js -> 404 Not Found

I'm thinking about tinkering with the Raspberry and this httpd with such a small footprint seems to be a perfect thing to experiment with in this environment. Just wondering if anyone has done anything on the Pi and any advice?

Only a very trivial issue however code comments seem a bit inconsistent. Should we standardize on:

mov rax, rbx ; This is a comment

Space after ';' and start with capital letter?

The server crashes if a request of more than 0xFF bytes length is issued. I've identified three independent bugs causing such problems. They might be exploitable to execute arbitrary code.

First, RAX holds the length of the request path and is not explicitly zeroed out before the worker_thread_append_directory_path loop. Since LODSB only overwrites AL, the RAX=0 condition is never met and the loop will never terminate the request path is longer than 0xFF bytes and therefore a bit of AH is set.

Zeroing out RAX before worker_thread_append_directory_path (e.g. xor rax,rax) fixes this issue.

Test case: $ curl -v http://192.168.0.21/m$(perl -e'print "/"x300' )

Second, an off-by-two bug when leads to a crash if the request is more than 8192 bytes long. The sys_recv call fills the buffer with 8192 bytes in this case, and returns 8192 in RAX. However, RAX is then copied to r11, incremented and used as an array index to write the 0x00 byte to (mov BYTE [rdi], 0x00). This will overwrite buffer[8193], while the last allocated buffer byte was buffer[8191].

Test case: $ curl -v http://192.168.0.21/m$(perl -e'print "/"x9999' )

Third, the remaining space of the receive buffer is reused to build the file system path from the request path without any boundary checking. This leads to an out-of-boundary write and possible heap corruption if the space remaining in the receive buffer is less than the length of the request path (i.e. if the request path is longer than ~4096 bytes) but the request as a whole still fits into the receive buffer (so it ends with \r\n\r\n and is still considered a valid request).

Test case: $ curl -v http://192.168.0.21/m$(perl -e'print "/"x4242' )

File system can be accessed outside of document root by using ../ in URL.

https://en.m.wikipedia.org/wiki/Memory_barrier#Multithreaded_programming_and_memory_visibility

You need mfence/lfence/sfence before mutex_lock() returns, and before unlock() returns.

create packages and ebuild for gentoo, add them to repositories.

How would you feel about a FASM (flat assembler) version of asmttpd? I would be interested in creating and maintaining one.

as the title

The whole Project has no single Documentation File besides README and Comments in the Source Code. I want to understand this project, but without Documentation, this task gets even harder.

When you start the server without root privileges the output is:

Error - Bind() failed. Check if port is in use.

Maybe you can add that there can also be a permission problem

C:\Users\shaba>curl -I http://localhost:8080/
HTTP/1.1 200 OK
Server: asmttpd/0.4.4
Accept-Ranges: bytes
Content-Length: 17905
Content-Type: text/html

C:\Users\shaba>curl -I http://localhost:8080/plans
HTTP/1.1 200 OK
Server: asmttpd/0.4.4
Accept-Ranges: bytes
Content-Length: 9223372036854775807
Content-Type: application/octet-stream

C:\Users\shaba>curl -I http://localhost:8080/plans/index.html
HTTP/1.1 200 OK
Server: asmttpd/0.4.4
Accept-Ranges: bytes
Content-Length: 22342
Content-Type: text/html

C:\Users\shaba>curl -I http://localhost:8080/support/
HTTP/1.1 200 OK
Server: asmttpd/0.4.4
Accept-Ranges: bytes
Content-Length: 9223372036854775807
Content-Type: application/octet-stream

C:\Users\shaba>curl -I http://localhost:8080/support/index.html
HTTP/1.1 200 OK
Server: asmttpd/0.4.4
Accept-Ranges: bytes
Content-Length: 33833
Content-Type: text/html

Appears to be a scenario where the base domain automatically routes to index.html but everything else gets treated as application/octet-stream. Seems similar to #13

http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/bsd/kern/syscalls.master

can we put another commandline argument to specify port？

It currently serves an SVG but it sends it as a download. So the image never loads.

Listening socket isn't closed when program exists.

Why do a byte-wise comparison of these? Some can be DWORD compares, and all of them could be a cmpsb loop instead of being manually unrolled.

Implement HEAD request handling.

https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html

My current plan for handling 10k+ connections, will edit as it's improved.
Comments are welcome :)

Idea: Don't block on anything until it's ready. When waiting for I/O, accept more connections.
+Asynchronous I/O.
+Non-blocking sockets.
+Multi-threaded.
+Self contained threads.
+Single thread can handle multiple connections, more threads = more connections
+Only one thread design needed
+No synchronization of threads needed
+Self load balancing threads. ie. Threads with more free cycles will call accept more often.
-/+ One connection will use about 10 KB of memory.
-More complicated (but more awesome too).
-Will likely be a tad slower on many small requests.

struct Data = socket fd, file fd, send_offset, length, 8KB buf(recv, path, url) =
8 + 8 + 8 + 8 + 8192 + 104 + 2000 = 10328 bytes

Storing pointer to struct in epoll user data, no need for extra data structure.

worker-thread pseudocode

top:
accept
    epol_ctl( socket fd, read )

epoll_wait ( socket recv, send fds, and file read fds )
    socket recv ( if file fd == 0 ):
        allocate data mem & add socket fd to data
        recv
        parse for file & open, store fd in data & create header.
        epoll_ctl( file fd, read )
    socket send:
        send
        if done, free data, epoll_ctl delete else inc offset
    file read ( if file fd != 0 ):
        get info from Data struct: offset, length
        read()
        update Data, if done remove&close file fd, add socket send fd
goto top

Hi, newbie here. I'd like to use asmttpd serving on port 5552 (decimal) which in hex is 0x15B0. I've changed LISTEN_PORT in main.asm accordingly, but it wont load. I suspect it is something about the hex value format, the default is 0x5000 for port 80 and not 0x50 as expected (by me). 0x15B000 doesn't work also. Also, how can I run it without sudo?

Are there any plans on supporting secure connections? They are already possible by proxying through nginx to add a certificate for https. But when I have nginx running I don't need asmttpd to serve static content.

I have a kubernetes ingress controller in front of this. It seems it only works if I disable http/2. Can this be implemented?