GopherProxy

	index.c - libgcgi - REST library for Gopher
	git clone git://bitreich.org/libgcgi git://hg6vgqziawt5s4dj.onion/libgcgi
	Log
	Files
	Refs
	Tags
	README
	LICENSE
	---
	index.c (1602B)
	---
	1 #include <errno.h>
	2 #include <stddef.h>
	3 #include <stdio.h>
	4 #include <string.h>
	5 #include <unistd.h>
	6
	7 #ifdef __linux__
	8 #include <seccomp.h>
	9 #endif
	10
	11 #include "libgcgi.h"
	12
	13 static void
	14 page_not_found(char **matches)
	15 {
	16 struct gcgi_var_list vars = {0};
	17
	18 gcgi_read_var_list(&vars, "db/vars");
	19 gcgi_set_var(&vars, "page", matches[0]);
	20 gcgi_template("gph/page_not_found.gph", &vars);
	21 }
	22
	23 static struct gcgi_handler handlers[] = {
	24 { "*", page_not_found },
	25 { NULL, NULL },
	26 };
	27
	28 int
	29 main(int argc, char **argv)
	30 {
	31
	32 #if defined(__OpenBSD__)
	33 if (unveil("gph", "r") == -1 \|\| unveil("db", "rwc") == -1)
	34 gcgi_fatal("unveil failed: %s", strerror(errno));
	35 if (pledge("stdio rpath wpath cpath", NULL) == -1)
	36 gcgi_fatal("pledge failed: %s", strerror(errno));
	37 #elif defined(__linux__)
	38 scmp_filter_ctx ctx;
	39 if (chroot(".") == -1)
	40 gcgi_fatal("chroot failed");
	41 if ((ctx = seccomp_init(SCMP_ACT_KILL)) == NULL)
	42 gcgi_fatal("seccomp_init failed: %s", strerror(errno));
	43 if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), 0) < 0
	44 \|\| seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0) < 0
	45 \|\| seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 0) < 0
	46 \|\| seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(read), 0) < 0
	47 \|\| seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1,
	48 SCMP_A0(SCMP_CMP_EQ, 0)) < 0)
	49 gcgi_fatal("seccomp_rule_add failed");
	50 if (seccomp_load(ctx) < 0)
	51 gcgi_fatal("seccomp_load failed: %s", strerror(errno));
	52 #else
	53 #warning "no syscall restriction enabled"
	54 #endif
	55
	56 /* handle the request with the handlers */
	57 gcgi_handle_request(handlers, argv, argc);
	58 return 0;
	59 }