Comanche
Comanche is an extremely simple HTTP (web) server written entirely in Python. At present it does not support CGI or SSL and uses a simple fork-on-demand architecture. Read the detailed description for more information. Comanche is named after an American Indian tribe, like some other web servers you may have heard of (e.g. Apache, Cherokee). I don't really know anything about American Indians, but I know a surprising amount about helicopter gunships, which are sometimes named after tribes as well: I got the name Comanche from Boeing-Sikorsky's RAH-66 Comanche "stealth" armed reconnaissance chopper.
Requirements
Comanche depends only upon Python. It uses the fork system call, so I don't know if it will work on non-Unix systems.
License
Comanche is distributed under a standard 3-clause BSD license. It's as free as software gets.
Download
Download the latest version of Comanche, Comanche 20070627 (released 27 June, 2007).
You can also download older versions of Comanche, and see what has changed between versions, in the Old Versions section.
Detailed description
Comanche is a simple, forking web server written in Python. It was written primarily to teach me how to do socket programming in Python, not to be an industrial strength server you might use in the real world. However, I loved writing it and will continue to hack on it in the hopes that one day it will be an industrial strength server you might use in the real world. In the mean time, it is really only good for two things:
- You could read the code to learn about Python socket programming, the HTTP protocol and forking server architectures.
- You could use it to serve websites and files to an internal network where you know everyone can be trusted not to exploit security flaws and you won't lose face if sites go down.
For the love of Darwin, don't use Comanche to serve content to the outside world yet. My main aim was to get something that works and to learn some stuff in the process. Things like security, stability and performance were not priorities. There are probably situations under which it will break, and may be exploitable security holes with very nasty consequences.
Just so you don't download it and get disappointed, here is a big list of things that Comanche does not currently do:
- PUT, DELETE or TRACE method handling
- Pay attention to ``If'' conditions in GET, HEAD or POST methods
- Any kind of authentication
- Anything to do with cookies
- CGI
- SSL
I'd like to think it will do all of them one day.
Complete Instructions
Running Comanche requires just two things: setting some basic options by modifying the source file and then feeding the source file to the Python interpreter. At the moment, Comanche runs in the foreground (i.e. it is not a daemon) and prints logging details to standard output. Very simple.
Options are set in the source file by adjusting the values of a few global variables with names all in uppercase, defined on lines 38 through 45. By default, they look like this:
VERSION=20070624 BINDADDRESS="127.0.0.1" PORT=8080 QUEUELENGTH=10 DEFAULTTIMEOUT=3 DOCBASE="/var/www/htdocs/" INDEXFILES=["index.html"] VIRTUALHOSTING=False
These variables are fairly self-explanatory:
- VERSION is the Comanche version number reported in the headers of the HTTP responses your server will send out. You'd only have to change this if you wanted to lie to people's computers about what version of Comanche you are running.
- BINDADDRESS is the IP address you want Comanche to listen for requests on. It should be a standard Python string, so don't forget your quotes. The default value, "127.0.0.1", causes Comanche to listen on the local "loopback" interface only. This is probably a good idea until later versions of Comanche which implement some more security features.
- PORT is the port number you want Comanche to listen on. The standard port for HTTP servers is 80, but remember that to use a port number of 1024 or less requires you to be the superuser, root. Running Comanche as root is a bad idea for security reasons. A later version will support privilege dropping via setuid. For the time being, you should run Comanche as a non-root user with a higher port number. The default value of 8080 is a defacto standard for this sort of situation.
- QUEUELENGTH is the number of connection requests to keep queued up waiting to be handled before connections start to be refused. The default of 10 is entirely arbitrary. Unless you are using Comanche to serve high loads of requests, the value used here probably won't make much of a difference.
- DEFAULTTIMEOUT is the default amount of time, in seconds, to wait for a request before closing a connection which has been kept open after serving an earlier request. The default value of 3 seconds is recommended by HTTP RFC, I think.
- DOCBASE is the directory that files will be looked for relative to. E.g., for the default value of "/var/www/htdocs/", the file "http://hostname:port/foo/bar/baz.html" will be looked for at "/var/www/htdocs/foo/bar/baz.html".
- INDEXFILES is a list of strings representing the filenames which Comanche will use as the index page for a directory, in the order in which they will be searched. If none of the specified files are found in a directory, a list of all files in the directory will be generated and served.
- VIRTUALHSOTING is a Boolean value (True or False) indicating whether or not to do name-based virtual hosting. It is set to False by default. If set to True, whenver a request is received, Comanche will look at the "Host" header of the request (which is compulsory in HTTP 1.1) to find out the name of the host the user wants to request files from, and look for files relative to DOCBASE/{hostname}. This enables you to point two distinct hostnames at the same server, and keep separate websites in, e.g., /var/www/htdocs/www.hostnameone.com/ and /var/www/htdocs/www.hostnametwo.com/, with the site actually served determined by the hostname used by the user.
Old versions
The list below details all versions of Comanche which have ever been released, as well as summarising the changes between versions.