Azreyo/Carbon
1
1
Fork 0
Code Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source 
Changed compiling method with make
Updated and checked status of development
Added Prerequisites
Better understanding
This commit is contained in:
Azreyo
2025-02-12 19:51:14 +01:00
committed by GitHub
parent 921663a19c
commit 77e1cbbd07
1 changed files with 112 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
README.md
View File

@@ -1,191 +1,150 @@
# Carbon HTTP Server # Carbon HTTP Server
This is a simple HTTP server for linux operating system written in C. It supports basic HTTP requests, logging, etc. A high-performance HTTP/HTTPS server written in C for Linux systems, featuring advanced security, caching, and async I/O.
NOTE: This program is being used as a fun projects to see limits of C. I'll be not responsible for any vulnerabilities.
If you find vulnerabilities please report them.
## Features ## Core Features
* Handles GET requests for static files. - ✅ Multi-threaded HTTP/HTTPS server with epoll-based async I/O
* Supports a control menu for managing server status, logging, and configuration (currently basic). - ✅ SSL/TLS support with automatic HTTP to HTTPS redirection
* Uses pthreads for concurrent client handling. - ✅ Advanced rate limiting and DDoS protection
* Includes basic logging functionality with timestamps. - ✅ File caching system for improved performance
* Configuration is loaded from a JSON file (`server.json`). - ✅ Thread pooling for efficient connection handling
- ✅ Comprehensive security headers and MIME type detection
- ✅ JSON-based configuration
- ✅ Detailed logging system with rotation
## Future development ## Security Features
This section outlines potential features and improvements planned for future releases of the server. - ✅ Buffer overflow prevention
- ✅ Path traversal protection
- ✅ Input sanitization
- ✅ SSL/TLS with modern cipher suites
- ✅ Security headers (CSP, HSTS, X-Frame-Options, etc.)
- ✅ Rate limiting per IP
- ✅ Automatic HTTPS redirection
### Prioraty features ## Performance Features
| Enhancement | Description | Priority | Completion | - ✅ Epoll-based asynchronous I/O
|-----------------------------|--------------------------------------------------|-----------|----------------------| - ✅ Thread pool for connection handling
| **Basic HTTP and HTTPS server Functionality** | Switching from HTTP to HTTPS | Medium | ✅ | - ✅ File caching system
| **Logging Mechanism** | Add logging mechanism for better error handleling | Low | ✅ | - ✅ SendFile() optimization for file transfers
| **SSL/TLS Support** | Implement SSL/TLS Support for HTTP/s | High | ✅ | - ✅ Keep-alive connection support
- ✅ TCP optimization (NODELAY, buffer sizes)
### Planned Features
| Enhancement | Description | Priority | Completion |
|-----------------------------|--------------------------------------------------|-----------|----------------------|
| **WebSocket Support** | Implement WebSocket protocol for real-time communication. | Medium | ❌ |
| **Rate Limiting** | Add rate limiting to prevent abuse and DDoS attacks. | High | ❌ |
| **User Authentication** | Implement user authentication for secure access to certain endpoints. | High | ❌|
| **API Documentation** | Create comprehensive API documentation using Swagger or similar tools. | Medium | ❌ |
| **Load Balancing** | Support for load balancing across multiple server instances. | Low | ❌ |
### Performance Improvements
| Enhancement | Description | Priority | Completion |
|-----------------------------|--------------------------------------------------|-----------|----------------------|
| **Connecting Pooling** | Implement connection pooling to improve performance under load. | High | ❌ |
| **Asynchronous I/O** | Use asynchronous I/O to handle more connections efficiently. | Medium | ❌|
| **Caching Mechanism** | Introduce caching for static resources to reduce server load. | Medium | ❌ |
### Security Enhancements
| Enhancement | Description | Priority | Completion |
|-----------------------------|--------------------------------------------------|-----------|----------------------|
| **Buffer Overflow Prevention** | Implement comprehensive input validation to prevent injection attacks. | High | ❌ |
| **HTTPS Redirect** | Automatically redirect HTTP traffic to HTTPS. | High | ✅|
| **Security Audits** | Conduct regular security audits and vulnerability assessments. | Medium | ❌ |
### Community Contributions
| Contribution Area | Description | Priority | Notes |
|-----------------------------|--------------------------------------------------|-----------|----------------------|
| **Documentation** | Improve and expand documentation for developers and users. | Medium | Open for contributions |
| **Testing** | Create unit tests and integration tests for better coverage. | High | Contributions welcome |
| **Feature Requests** | Encourage users to submit feature requests and suggestions. | Low | Use GitHub Issues |
## Build Instructions ## Build Instructions
1. **Prerequisites:** ### Prerequisites
* GCC compiler
* Make (recommended)
* OpenSSL libraries (`libssl`, `libcrypto`)
* pthreads library
* cJSON library
2. **Clone the repository (optional):** ```bash
# Install required dependencies
sudo apt-get update
sudo apt-get install -y \
build-essential \
libssl-dev \
libcjson-dev \
libmagic-dev \
pkg-config
```
```bash ### Compilation
git clone https://github.com/Azreyo/Carbon
cd Carbon/
```
3. **Compile:** ```bash
# Using Make (recommended)
make # Normal build
make debug # Debug build
make release # Optimized release build
```bash # Manual compilation
gcc server.c config_parser.c server_config.c -o server -lssl -lcrypto -lpthread -pthread -lcjson -lcjson -I/usr/include/cjson gcc server.c config_parser.c server_config.c -o server \
``` -D_GNU_SOURCE \
Compile it in gcc -Wall -Wextra -O2 \
-lssl -lcrypto -lpthread -lmagic -lcjson
```
### SSL Certificate Setup
```bash ```bash
make # Create certificates directory
``` mkdir -p certs
This command will use the provided `Makefile` to compile the source files, link the necessary libraries, and create the executable in the `bin` directory. # Generate self-signed certificate
openssl req -x509 -newkey rsa:2048 \
-keyout certs/key.pem \
-out certs/cert.pem \
-days 365 -nodes
```
```bash ### Configuration
make clean
```
Cleanup of the unnecessary files after compiling. Create `server.json`:
4. **Create `www` directory:** ```json
{
```bash "port": 8080,
mkdir www "use_https": true,
``` "log_file": "/var/log/carbon-server/server.log",
"verbose": true,
Place your HTML files (e.g., `index.html`) inside the `www` directory. "max_threads": 32,
"cache_size": 100,
5. **Create `server.json`:** "rate_limit": {
"window": 60,
Create a `server.json` file in the same directory as the executable with the following structure: "max_requests": 100
```json
{
"port": 8080,
"use_https": false,
"log_file": "server.log",
"max_threads": 4,
"running": true
} }
``` }
Adjust the values as needed. `use_https` is not yet implemented.
5. **Create systemd automatic startup**
```bash
#!/bin/bash
server_path=$(jq -r '.server_path' server.json)
config_path=$(jq -r 'config_path' server.json)
if [ ! -x "$server_path" ]; then
echo "Error: Server executable not found or not executable: $server_path"
exit 1
fi
if [ ! -f "$config_path" ]; then
echo "Error: Config file not found $config_path"
exit 1
fi
nohup "$server_path" --config "$config_path" &> server.log &
echo "Server started in the background. Check server.log for output"
exit 0
```
Code for automatic startup.
```bash
chmod +x start_server.sh
./start_server.sh
``` ```
Permissions `+x`. ### Directory Structure
## Run Instructions
1. **Get IP address of your device that the program will run on:**
```bash
ip address
```
2. **Enable port 8080 for ufw**
```bash ```bash
sudo ufw allow 8080 # 8080 is the default port mkdir -p www/{css,js,images}
``` ```
3. **Run it and enjoy** ## Running the Server
```bash ```bash
./bin/server # Run the executable from the bin directory # Allow ports
sudo ufw allow 8080/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
# Run the server
./server
``` ```
## Planned Features
## For using HTTP/s | Feature | Priority | Status |
|---------|----------|--------|
| WebSocket Support | Medium | ❌ |
| User Authentication | High | ❌ |
| API Documentation | Medium | ❌ |
| Load Balancing | Low | ❌ |
| Security Audits | Medium | ❌ |
```bash ## Contributing
mkdir certs # Create certs folder
cd certs
```
Create certs folder to create certificates to it. 1. Fork the repository
2. Create your feature branch
3. Commit your changes
4. Push to the branch
5. Create a Pull Request
```bash ## License
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes
```
Generating pairs of keys `key.pem and` and `cert.pem` for 365 days. This project is licensed under the MIT License - see the LICENSE file for details.
Note: its only self-signed browser may get Potential Security Risk.
For further use on domains is recommended Let's encrypt. ## Security
While this server implements various security measures, it's recommended to:
- Use a reverse proxy (like Nginx) in production
- Obtain proper SSL certificates (Let's Encrypt)
- Regularly update dependencies
- Monitor server logs
- Conduct security audits
## Acknowledgments
- OpenSSL for SSL/TLS support
- cJSON for configuration parsing
- libmagic for MIME type detection