|
|
index.c - libgcgi - REST library for Gopher |
|
|
 |
git clone git://bitreich.org/libgcgi/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/libgcgi/ (git://bitreich.org) |
|
|
 |
Log |
|
|
|
Files |
|
|
|
Refs |
|
|
|
Tags |
|
|
|
README |
|
|
|
LICENSE |
|
|
|
--- |
|
|
|
index.c (1602B) |
|
|
|
--- |
|
|
|
1 #include <errno.h> |
|
|
|
2 #include <stddef.h> |
|
|
|
3 #include <stdio.h> |
|
|
|
4 #include <string.h> |
|
|
|
5 #include <unistd.h> |
|
|
|
6 |
|
|
|
7 #ifdef __linux__ |
|
|
|
8 #include <seccomp.h> |
|
|
|
9 #endif |
|
|
|
10 |
|
|
|
11 #include "libgcgi.h" |
|
|
|
12 |
|
|
|
13 static void |
|
|
|
14 page_not_found(char **matches) |
|
|
|
15 { |
|
|
|
16 struct gcgi_var_list vars = {0}; |
|
|
|
17 |
|
|
|
18 gcgi_read_var_list(&vars, "db/vars"); |
|
|
|
19 gcgi_set_var(&vars, "page", matches[0]); |
|
|
|
20 gcgi_template("gph/page_not_found.gph", &vars); |
|
|
|
21 } |
|
|
|
22 |
|
|
|
23 static struct gcgi_handler handlers[] = { |
|
|
|
24 { "*", page_not_found }, |
|
|
|
25 { NULL, NULL }, |
|
|
|
26 }; |
|
|
|
27 |
|
|
|
28 int |
|
|
|
29 main(int argc, char **argv) |
|
|
|
30 { |
|
|
|
31 |
|
|
|
32 #if defined(__OpenBSD__) |
|
|
|
33 if (unveil("gph", "r") == -1 || unveil("db", "rwc") == -1) |
|
|
|
34 gcgi_fatal("unveil failed: %s", strerror(errno)); |
|
|
|
35 if (pledge("stdio rpath wpath cpath", NULL) == -1) |
|
|
|
36 gcgi_fatal("pledge failed: %s", strerror(errno)); |
|
|
|
37 #elif defined(__linux__) |
|
|
|
38 scmp_filter_ctx ctx; |
|
|
|
39 if (chroot(".") == -1) |
|
|
|
40 gcgi_fatal("chroot failed"); |
|
|
|
41 if ((ctx = seccomp_init(SCMP_ACT_KILL)) == NULL) |
|
|
|
42 gcgi_fatal("seccomp_init failed: %s", strerror(errno)); |
|
|
|
43 if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0) < 0 |
|
|
|
44 || seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0) < 0 |
|
|
|
45 || seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0) < 0 |
|
|
|
46 || seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0) < 0 |
|
|
|
47 || seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1, |
|
|
|
48 SCMP_A0(SCMP_CMP_EQ, 0)) < 0) |
|
|
|
49 gcgi_fatal("seccomp_rule_add failed"); |
|
|
|
50 if (seccomp_load(ctx) < 0) |
|
|
|
51 gcgi_fatal("seccomp_load failed: %s", strerror(errno)); |
|
|
|
52 #else |
|
|
|
53 #warning "no syscall restriction enabled" |
|
|
|
54 #endif |
|
|
|
55 |
|
|
|
56 /* handle the request with the handlers */ |
|
|
|
57 gcgi_handle_request(handlers, argv, argc); |
|
|
|
58 return 0; |
|
|
|
59 } |
|