1 #include <err.h> /* err(3) */ 2 #include <stdlib.h> /* EXIT_xxxx */ 3 #include <stdio.h> /* puts(3) */ 4 #include <unistd.h> /* pledge(2) */ 5 6 int 7 main(void) 8 { 9 if (pledge("stdio", NULL) == -1) 10 err(EXIT_FAILURE, "pledge"); 11 puts("Status: 200 OK\r"); 12 puts("Content-Type: text/html\r"); 13 puts("\r"); 14 puts("Hello, world!\n"); 15 return EXIT_SUCCESS; 16 }
This is your code. Read it: it’s exactly what’s going to happen. No mysticism.
What’s going on? pledge(2) makes sure you’re only doing what you want to do: work with existing descriptors. The rest is just HTTP. Don’t want to work with HTTP? Use kcgi(3) or equivalent.
Want more examples? See Secure CGI Applications in C on BSD and Secure CGI.
1 ext_addr="*" 2 3 server "localhost" { 4 listen on $ext_addr port 80 5 location "/cgi-bin/*" { 6 fastcgi 7 root "/" 8 } 9 }
httpd.conf(5) is so… simple. Server tells us the name. Listen tells us to listen. Location tells us a location. Where we have FastCGI. Relative to the root.
Don’t like FastCGI? Neither do we. But we’re not using it for this example: in the next snippet, we’ll use slowcgi(8) to invoke our CGI. So relax.
Want more examples? See Secure CGI Applications in C on BSD and Secure CGI.
1 #! /bin/sh 2 cc -static -g -W -Wall -Wextra -o cgi cgi.c 3 doas install -o www -g www -m 0500 cgi /var/www/cgi-bin 4 doas rcctl enable slowcgi 5 doas rcctl start slowcgi 6 doas rcctl check slowcgi 7 doas rcctl restart httpd
Wow. Very configure. Compiles the script. Installs it. Makes sure slowcgi(8) and of course httpd(8) are running. Done.
Want more examples? See Secure CGI Applications in C on BSD and Secure CGI.