Add simple cgi support +:

* read file byte after byte
* format code (syslog + err)
* move functions in utils.c

Makefile

@@ -2,13 +2,18 @@ PREFIX?=/usr/local/
 CFLAGS  += -pedantic -Wall -Wextra -Wmissing-prototypes \
            -Wstrict-prototypes -Wwrite-strings
 
+.SUFFIXES: .c .o
+
+.c.o:
+	${CC} ${CFLAGS} -c $<
+
 all: vger
 
 clean:
 	rm -f vger *.core *.o
 
-vger: main.o mimes.o opts.h
-	${CC} -o vger main.o mimes.o
+vger: main.o mimes.o utils.o opts.h
+	${CC} ${CFLAGS} -o $@ main.o mimes.o utils.o
 
 install: vger
 	install -o root -g wheel vger ${PREFIX}/bin/

README.md

@@ -55,7 +55,7 @@ without a `-d` parameter.
 - `-u username`: enable chroot to the data directory and drop privileges to `username`.
 - `-m MIME` : use MIME as default instead of "application/octet-stream".
 - `-i` : Enable auto index if no "index.gmi" file is found in a directory.
-
+- `-c CGI_PATH` : Exec CGI_PATH instead of serving it.
 
 
 # How to configure Vger using relayd and inetd

main.c

@@ -1,9 +1,11 @@
-#include <sys/stat.h>
 #include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
 
 #include <dirent.h>
 #include <err.h>
 #include <errno.h>
+#include <fcntl.h>
 #include <limits.h>
 #include <pwd.h>
 #include <stdarg.h>
@@ -15,6 +17,7 @@
 
 #include "mimes.h"
 #include "opts.h"
+#include "utils.h"
 
 #define GEMINI_PART	 9
 #define GEMINI_REQUEST_MAX 1024 /* see https://gemini.circumlunar.space/docs/specification.html */
@@ -22,45 +25,11 @@
 
 
 void        autoindex(const char *);
+void        cgi(const char *cgicmd);
 void 		display_file(const char *);
 void 		status(const int, const char *);
 void		status_redirect(const int, const char *);
 void 		drop_privileges(const char *, const char *);
-void        eunveil(const char *, const char *);
-size_t      estrlcat(char *, const char *, size_t);
-size_t      estrlcpy(char *, const char *, size_t);
-
-void
-eunveil(const char *path, const char *permissions)
-{
-	if (unveil(path, permissions) == -1) {
-		syslog(LOG_DAEMON, "unveil on %s failed", path);
-		err(1, "unveil");
-	}
-}
-
-size_t
-estrlcpy(char *dst, const char *src, size_t dstsize)
-{
-	size_t n = 0;
-
-	n = strlcpy(dst, src, dstsize);
-	if (n >= dstsize) {
-        err(1, "strlcyp failed for %s = %s", dst, src);
-	}
-
-	return n;
-}
-
-size_t
-estrlcat(char *dst, const char *src, size_t dstsize)
-{
-    size_t size;
-    if ((size = strlcat(dst, src, dstsize)) >= dstsize)
-        err(1, "strlcat on %s + %s", dst, src);
-
-    return size;
-}
 
 void
 drop_privileges(const char *user, const char *path)
@@ -76,31 +45,26 @@ drop_privileges(const char *user, const char *path)
 
 		/* is root? */
 		if (getuid() != 0) {
-			syslog(LOG_DAEMON, "chroot requires program to be run as root");
-			errx(1, "chroot requires root user");
+			errlog("chroot requires program to be run as root");
 		}
 		/* search user uid from name */
 		if ((pw = getpwnam(user)) == NULL) {
-			syslog(LOG_DAEMON, "the user %s can't be found on the system", user);
-			err(1, "finding user");
+			errlog("the user %s can't be found on the system", user);
 		}
 		/* chroot worked? */
 		if (chroot(path) != 0) {
-			syslog(LOG_DAEMON, "the chroot_dir %s can't be used for chroot", path);
-			err(1, "chroot");
+			errlog("the chroot_dir %s can't be used for chroot", path);
 		}
 		chrooted = 1;
 		if (chdir("/") == -1) {
-			syslog(LOG_DAEMON, "failed to chdir(\"/\")");
-			err(1, "chdir");
+			errlog("failed to chdir(\"/\")");
 		}
 		/* drop privileges */
 		if (setgroups(1, &pw->pw_gid) ||
 		    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
 		    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
-			syslog(LOG_DAEMON, "dropping privileges to user %s (uid=%i) failed",
+			errlog("dropping privileges to user %s (uid=%i) failed",
 			       user, pw->pw_uid);
-			err(1, "Can't drop privileges");
 		}
 	}
 #ifdef __OpenBSD__
@@ -112,13 +76,20 @@ drop_privileges(const char *user, const char *path)
 	} else {
 		eunveil(path, "r");
 	}
+	if (strlen(cgibin) > 0) {
+		char cgifullpath[PATH_MAX] = {'\0'};
+		estrlcpy(cgifullpath, path, sizeof(cgifullpath));
+		estrlcat(cgifullpath, cgibin, sizeof(cgifullpath));
+		eunveil(cgifullpath, "rx");
+	}
 	/*
 	 * prevent system calls other parsing queryfor fread file and
 	 * write to stdio
 	 */
-	if (pledge("stdio rpath", NULL) == -1) {
-		syslog(LOG_DAEMON, "pledge call failed");
-		err(1, "pledge");
+	if (strlen(cgibin) > 0) {
+		epledge("stdio rpath exec proc", NULL);
+	} else {
+		epledge("stdio rpath", NULL);
 	}
 #endif
 }
@@ -168,8 +139,8 @@ display_file(const char *uri)
 		if (fp[strlen(fp) -1 ] != '/') {
 			/* no ending "/", redirect to "path/" */
 			char new_uri[PATH_MAX] = {'\0'};
-			estrlcpy(new_uri, uri, sizeof(fp));
-			estrlcat(new_uri, "/", sizeof(fp));
+			estrlcpy(new_uri, uri,  sizeof(new_uri));
+			estrlcat(new_uri, "/", sizeof(new_uri));
 			status_redirect(31, new_uri);
 			return;
 
@@ -199,8 +170,8 @@ display_file(const char *uri)
 	status(20, file_mime);
 
 	/* read the file and write it to stdout */
-	while ((nread = fread(buffer, sizeof(char), sizeof(buffer), fd)) != 0)
-		fwrite(buffer, sizeof(char), nread, stdout);
+	while ((nread = fread(buffer, 1, sizeof(buffer), fd)) != 0)
+		fwrite(buffer, 1, nread, stdout);
 	goto closefd;
 	syslog(LOG_DAEMON, "path served %s", fp);
 
@@ -257,6 +228,59 @@ autoindex(const char *path)
 	closedir(fd);
 }
 
+void
+cgi(const char *cgicmd)
+{
+
+	int pipedes[2] = {0};
+	pid_t pid;
+
+	if (pipe(pipedes) != 0) {
+		err(1, "pipe failed");
+	}
+
+	pid = fork();
+
+	if (pid < 0) {
+		close(pipedes[0]);
+		close(pipedes[1]);
+		err(1, "fork failed");
+	}
+
+	if (pid > 0) { /* parent */
+		char buf[3];
+		size_t nread = 0;
+		FILE *output = NULL;
+
+		close(pipedes[1]); /* make sure entry is closed so fread() gets EOF */
+
+		/* use fread/fwrite because are buffered */
+		output = fdopen(pipedes[0], "r");
+		if (output == NULL) {
+			err(1, "fdopen failed");
+		}
+
+		/* read pipe output */
+		while ((nread = fread(buf, 1, sizeof(buf), output)) != 0) {
+			fwrite(buf, 1, nread, stdout);
+		}
+		close(pipedes[0]);
+		fclose(output);
+
+		wait(NULL); /* wait for child to terminate */
+
+		exit(0);
+
+	} else if (pid == 0) { /* child */
+		dup2(pipedes[1], STDOUT_FILENO); /* set pipe output equal to stdout */
+		close(pipedes[1]); /* no need this file descriptor : it is now stdout */
+		execlp(cgicmd, cgicmd, NULL);
+		/* if execlp is ok, this will never be reached */
+		status(42, "text/plain");
+		errlog("error when trying to execlp %s", cgicmd);
+	}
+}
+
 int
 main(int argc, char **argv)
 {
@@ -268,7 +292,7 @@ main(int argc, char **argv)
 	int 		option = 0;
 	char        *pos = NULL;
 
-	while ((option = getopt(argc, argv, ":d:l:m:u:vi")) != -1) {
+	while ((option = getopt(argc, argv, ":d:l:m:u:c:vi")) != -1) {
 		switch (option) {
 		case 'd':
 			estrlcpy(chroot_dir, optarg, sizeof(chroot_dir));
@@ -283,6 +307,9 @@ main(int argc, char **argv)
 		case 'u':
 			estrlcpy(user, optarg, sizeof(user));
 			break;
+		case 'c':
+			estrlcpy(cgibin, optarg, sizeof(cgibin));
+			break;
 		case 'v':
 			virtualhost = 1;
 			break;
@@ -303,8 +330,7 @@ main(int argc, char **argv)
 	 */
 	if (fgets(request, GEMINI_REQUEST_MAX, stdin) == NULL) {
 		status(59, "request is too long (1024 max)");
-		syslog(LOG_DAEMON, "request is too long (1024 max): %s", request);
-		exit(1);
+		errlog("request is too long (1024 max): %s", request);
 	}
 
 	/* remove \r\n at the end of string */
@@ -318,9 +344,8 @@ main(int argc, char **argv)
 	 */
 	if (strncmp(request, "gemini://", GEMINI_PART) != 0) {
 		/* error code url malformed */
-		syslog(LOG_DAEMON, "request «%s» doesn't match gemini://",
+		errlog("request «%s» doesn't match gemini://",
 		       request);
-		exit(1);
 	}
 	syslog(LOG_DAEMON, "request %s", request);
 
@@ -364,8 +389,47 @@ main(int argc, char **argv)
 		estrlcpy(uri, new_uri, sizeof(uri));
 	}
 
-	/* open file and send it to stdout */
-	display_file(uri);
+	/* check if uri is cgibin */
+	if ((strlen(cgibin) > 0) && 
+		(strncmp(uri, cgibin, strlen(cgibin)) == 0)
+		) {
+		char cgipath[PATH_MAX] = {'\0'};
+		estrlcpy(cgipath, chroot_dir, sizeof(cgipath));
+		estrlcat(cgipath, uri, sizeof(cgipath));
+		/* set env variables for CGI */
+		/* see https://lists.orbitalfox.eu/archives/gemini/2020/000315.html */
+		esetenv("GATEWAY_INTERFACE", "CGI/1.1", 1);
+		esetenv("SERVER_PROTOCOL", "GEMINI", 1);
+		esetenv("SERVER_SOFTWARE", "vger/1", 1);
+
+		/* look for "?" to set query */
+		pos = strchr(cgipath, '?');
+		if (pos != NULL) {
+			char query[PATH_MAX] = {'\0'};
+			estrlcpy(query, pos+1, sizeof(query));
+			esetenv("QUERY_STRING", query, 1);
+			pos[0] = '\0';
+		}
+		/* look for an extension to find PATH_INFO */
+		pos = strrchr(cgipath, '.');
+		if (pos != NULL) {
+			/* found a dot */
+			pos = strchr(pos, '/');
+			if (pos != NULL) {
+				setenv("PATH_INFO", pos, 1);
+				pos[0] = '\0'; /* keep only script name */
+			}
+		}
+		esetenv("SCRIPT_NAME", cgipath, 1);
+		esetenv("SERVER_NAME", hostname, 1);
+
+		cgi(cgipath);
+
+	} else {
+		//TODO: percent decoding here 
+		/* open file and send it to stdout */
+		display_file(uri);
+	}
 
 	return (0);
 }

opts.h

@@ -6,7 +6,8 @@
 #define DEFAULT_AUTOIDX  0
 
  /* longest is 56 so 64 should be enough */
-static char            default_mime[64] = DEFAULT_MIME;
+static char            default_mime[64]     = DEFAULT_MIME;
 static char            chroot_dir[PATH_MAX] = DEFAULT_CHROOT;
-static char            lang[16]          = DEFAULT_LANG;
-static unsigned int    doautoidx        = DEFAULT_AUTOIDX;
+static char            lang[16]             = DEFAULT_LANG;
+static unsigned int    doautoidx            = DEFAULT_AUTOIDX;
+static char            cgibin[PATH_MAX]     = {'\0'};

tests/test.sh

@@ -72,7 +72,19 @@ if ! [ $OUT = "874f5e1af67eff6b93bedf8ac8033066" ] ; then echo "error" ; exit 1
 
 # auto index in directory
 OUT=$(printf "gemini://host.name/autoidx/\r\n" | ../vger -d var/gemini/ -i | tee /dev/stderr | $MD5)
-if ! [ $OUT = "770a987b8f5cf7169e6bc3c6563e1570" ] ; then echo "error" ; exit 1 ; fi
+if ! [ $OUT = "9cb7ef77cbcd74dadafdbff47d864152" ] ; then echo "error" ; exit 1 ; fi
+
+# cgi simple script
+OUT=$(printf "gemini://host.name/cgi-bin/test.cgi\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | $MD5)
+if ! [ $OUT = "ed3552892cf7edac4f81178467f6c48a" ] ; then echo "error" ; exit 1 ; fi
+
+# cgi with use of variables
+OUT=$(printf "gemini://host.name/cgi-bin/who.cgi?user=jean-mi\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | $MD5)
+if ! [ $OUT = "06f710962d6504b19cdfe77f5fcff29e" ] ; then echo "error" ; exit 1 ; fi
+
+# cgi with error
+OUT=$(printf "gemini://host.name/cgi-bin/nope\r\n" | ../vger -d var/gemini/ -c /cgi-bin | tee /dev/stderr | $MD5)
+if ! [ $OUT = "babaa82d5b2bd4e8d21ab412e060c890" ] ; then echo "error" ; exit 1 ; fi
 
 # must fail only on OpenBSD !
 # try to escape from unveil

tests/var/gemini/cgi-bin/test.cgi

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+echo "20 cgi_test"
+
+echo "env vars:"
+echo $GATEWAY_INTERFACE
+echo $SERVER_SOFTWARE
+echo $PATH_INFO
+echo $QUERY_STRING

tests/var/gemini/cgi-bin/who.cgi

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+echo "20 cgi_test"
+u=""
+if [ -n "${QUERY_STRING}" ]; then
+	u="$(printf "%s" "${QUERY_STRING}" | cut -d'=' -f2)" #yeah, it's awful..
+fi
+
+echo "hello $u"

utils.c

@@ -0,0 +1,78 @@
+#include <err.h>
+#include <errno.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <syslog.h>
+#include <unistd.h>
+
+#include "utils.h"
+
+void
+eunveil(const char *path, const char *permissions)
+{
+	if (unveil(path, permissions) == -1) {
+		syslog(LOG_DAEMON, "unveil on %s failed", path);
+		err(1, "unveil on %s failed", path);
+	}
+}
+
+void
+epledge(const char *promises, const char *execpromises)
+{
+	if (pledge(promises, execpromises) == -1) {
+		syslog(LOG_DAEMON, "pledge failed for: %s", promises);
+		err(1, "pledge failed for: %s", promises);
+	}
+}
+
+size_t
+estrlcpy(char *dst, const char *src, size_t dstsize)
+{
+	size_t n = 0;
+
+	n = strlcpy(dst, src, dstsize);
+	if (n >= dstsize) {
+        err(1, "strlcyp failed for %s = %s", dst, src);
+	}
+
+	return n;
+}
+
+size_t
+estrlcat(char *dst, const char *src, size_t dstsize)
+{
+    size_t size;
+    if ((size = strlcat(dst, src, dstsize)) >= dstsize)
+        err(1, "strlcat on %s + %s", dst, src);
+
+    return size;
+}
+
+int
+esetenv(const char *name, const char *value, int overwrite)
+{
+	int ret = 0;
+	ret = setenv(name, value, overwrite);
+
+	if (ret != 0) {
+		err(1, "setenv %s:%s", name, value);
+	}
+
+	return ret;
+}
+
+void
+errlog(const char *format, ...)
+{
+	char e[1024] = {'\0'};
+    va_list ap;
+
+    va_start(ap, format);
+    vsnprintf(e, sizeof(e), format, ap);
+    va_end(ap);
+
+	syslog(LOG_DAEMON, "%s", e);
+	err(1, "%s", e);
+}

utils.h

@@ -0,0 +1,6 @@
+void        epledge(const char *, const char *);
+void        errlog(const char *format, ...);
+void        eunveil(const char *, const char *);
+int         esetenv(const char *, const char *, int);
+size_t      estrlcat(char *, const char *, size_t);
+size_t      estrlcpy(char *, const char *, size_t);

vger.8

@@ -9,6 +9,7 @@
 .Op Fl l Ar lang
 .Op Fl v
 .Op Fl i
+.Op Fl c Ar cgi_path
 .Op Fl d Ar path
 .Op Fl u Ar username
 .Op Fl m Ar mimetype
@@ -40,6 +41,22 @@ Enable virtualhost support, the hostname in the query will be considered as a di
 As example, for request gemini://hostname.example/file.gmi
 .Nm
 will read the file /var/gemini/hostname.example/file.gmi
+.It Op Fl c
+Enable CGI support.
+.Ar cgi_path
+will be executed as a cgi script. This path is relative to the served capsule. As example, for a request gemini://hostname.example/cgi-bin/hello.cgi, one must set:
+.Bd -literal -offset indent
+vger -c /cgi-bin/hello.cgi
+.Ed
+.Pp
+In this case,
+.Xr pledge 2
+promises are set to "stdio proc exec"
+and an additional
+.Xr unveil 2
+permission on the cgi script is set to "rx".
+.Pp
+Be very careful on how you write your CGI, it can read outside the chroot.
 .It Op Fl m Ar mimetype
 Use
 .Ar mimetype