box.matto.nl
Enjoying Open Source Software

Posted:

CGI with Awk on OpenBSD httpd

Remember that for httpd OpenBSD chroots to /var/www.

To run an Awk CGI-script on OpenBSD httpd:

  • set up configurations file(s)
  • put your script in /var/www/cgi-bin/
  • populate the chroot (meaning: /var/www/) with the needed binaries and libraries.

Prepare /etc/httpd

Below follows some content for /etc/httpd, with some lines for SSL certificate through the acme-client. For security, we included some simple basic authentication with htpasswd.

ext_ip = "10.0.0.4"

server "www.example.com" {
        listen on $ext_ip port 80
        listen on $ext_ip tls port 443
        root "/htdocs/www.example.com/"
        directory { index "index.html" }
        location "/.well-known/acme-challenge/*" {
                root "/acme"
                request strip 2
        }
        location "/cgi-bin/*" {
                authenticate MySecretRealm with "/data/htpasswd"
                fastcgi
                root "/"
        }
        tls {
                certificate     "/etc/ssl/www.example.com.crt"
                key             "/etc/ssl/private/www.example.com.key"
        }
}

Check the file for syntax errors with: httpd -n

Off course you can start with http only. leaving out the port 443 and the tls-part.

Setup htpasswd

mkdir /var/www/data
htpasswd /var/www/data/htpasswd UserName
chown -R :www /var/www/data

Create a CGI-script

Here is a nice example script:

#!/bin/awk -f

BEGIN {
    printf("Status: 200 OK\n");
    printf("Content-type: text/plain\n\n");

    for ( key in ENVIRON ) {
        print key " : " ENVIRON[key];
    }
}

Put this script in /var/www/cgi-bin/test.awk

Populate the chroot

Create a sub directory for bin and lib files Use ldd to determine. which lib files are needed.

mkdir -p /var/www/usr/{bin,lib,libexec}
cd /var/www/usr/bin/
cp /usr/bin/awk .
ldd /var/www/usr/bin/awk

And copy the lib files

cp /usr/lib/libm.so* /var/www/usr/lib/
cp /usr/lib/libc.so* /var/www/usr/lib/
cp /usr/libexec/ld.so /var/www/usr/libexec/ld.so

Enable and start slowcgi and httpd

rcctl enable slowcgi
rcctl enable httpd
rcctl start slowcgi
rcctl start httpd

Now, point your browser to:

  • http://www.example.com/cgi-bin/test.awk
  • http://www.example.com/cgi-bin/test.awk?abc=123

and enjoy :)

When in trouble, look for error messages in your log files in /var/www/logs/.

Another possibility is to run /usr/sbin/httpd -dvvv and see if this turns up some helpful messages.

Tags:

⇽ Tmux Yank to copy to X clipboard Open external URL in Vim vsplit with w3m ⇾