Blob

Date:
Message:
implementing CGI – NOT READY YET! This is a first try at implementing CGI scripting. The idea is that, if CGI is explicitly enabled by the user, when a user requires an executable file instead of serving it to the client, that file will be executed and its output fed to the client. There are various pieces that are still lacking, the firsts that comes to mind are: - performance: the handle_cgi just loops ignoring the WANT_POLLIN/POLLOUT and blocking if the child process hasn’t outputted anything. - we don’t parse query variable (yet) - we need to set more variables in the child environment side question: it’s better to set the variables using setenv() or by providing an explicit environment? - document what environment the CGI script will get - improve the horrible unveil/pledge(cgi ? …) but now I can serve “hello-world”-tier script from gmid!
Actions:
History | Blame | Raw File
2 # NAME

4 **gmid** - dead simple zero configuration gemini server

6 # SYNOPSIS

8 **gmid**

9 \[**-hx**]

10 \[**-c** *cert.pem*]

11 \[**-d** *docs*]

12 \[**-k** *key.pem*]

13 \[**-l** *access.log*]

15 # DESCRIPTION

17 **gmid**

18 is a very simple and minimal gemini server.

19 It only supports serving static content, and strive to be as simple as

20 possible.

22 **gmid**

23 will strip any sequence of

24 *../*

25 or trailing

26 *..*

27 in the requests made by clients, so it's impossible to serve content

28 outside the

29 *docs*

30 directory by mistake, and will also refuse to follow symlink.

31 Furthermore, on

32 OpenBSD,

33 pledge(2)

34 and

35 unveil(2)

36 are used to ensure that

37 **gmid**

38 dosen't do anything else than read files from the given directory and

39 accept network connections.

41 It should be noted that

42 **gmid**

43 is very simple in its implementation, and so it may not be appropriate

44 for serving site with lots of users.

45 After all, the code is single threaded and use a single process

46 (multiple requests are handled concurrently thanks to async I/O.)

48 If a user request path is a directory,

49 **gmid**

50 will try to serve a

51 *index.gmi*

52 file inside that directory.

53 If not found, it will return an error 51 (not found) to the user.

55 The options are as follows:

57 **-c** *cert.pem*

59 > The certificate to use, by default is

60 > *cert.pem*.

62 **-d** *docs*

64 > The root directory to serve.

65 > **gmid**

66 > won't serve any file that is outside that directory.

68 **-h**

70 > Print the usage and exit.

72 **-k** *key.pem*

74 > The key for the certificate, by default is

75 > *key.pem*.

77 **-l** *access.log*

79 > log to the given file instead of the standard error.

81 **-x**

83 > Enable CGI scripts.

85 # CGI

87 If CGI scripts are enabled, when a file requested by a client is

88 marked as executable it is executed and its output fed to the client.

90 Note that since this give the chance to anybody to execute possibly

91 **any file**

92 in the served directory, this option is disabled by default.

94 # EXAMPLES

96 To quickly getting started

98 	$ # generate a cert and a key

99 	$ openssl req -x509 -newkey rsa:4096 -keyout key.pem \

100 	        -out cert.pem -days 365 -nodes

101 	$ mkdir docs

102 	$ cat <<EOF > docs/index.gmi

103 	# Hello world

104 	test paragraph...

105 	EOF

106 	$ gmid -c cert.pem -k key.pem -d docs

108 now you can visit gemini://localhost/ with your preferred gemini client.

110 # CAVEATS

112 *	it doesn't support virtual hosts: the host part of the request URL is

113 	completely ignored.

115 *	it doesn't fork in the background or anything like that.