minimal CGI and FastCGI library in C
C CSS Makefile Other
Latest commit 22bb89c Mar 11, 2017 kristaps This will soon go away...
Permalink
Failed to load latest commit information.
afl Add an AFL program for fuzzing the template engine. Mar 12, 2017
man Note file-system requirements. Mar 12, 2017
regress More compiling on Linux. (32-bit time_t and broken arc4random_uniform.) Nov 25, 2016
GNUmakefile Version bump. Mar 12, 2017
LICENSE.md Adding GitHub license. Jan 25, 2016
README.md Update language a bit. Oct 18, 2016
archive.css Clean up fonts (using google fonts). Oct 17, 2016
archive.xml Clean up fonts (using google fonts). Oct 17, 2016
auth.c Use the correct format specifier for size_t as hex. Noted by #13 -- t… Nov 1, 2016
child.c Add some more documentation. Nov 25, 2016
compat-memmem.c Compilation support on Linux. May 14, 2014
compat-reallocarray.c Compilation support on Linux. May 14, 2014
compat-strlcat.c Compilation support on Linux. May 14, 2014
compat-strlcpy.c Compilation support on Linux. May 14, 2014
compat-strtonum.c Compilation support on Linux. May 14, 2014
config.h.post Compilation support on Linux. May 14, 2014
config.h.pre Working seccomp filter for Linux. Jul 7, 2015
configure Add test for arc4random instead of testing for __linux__. Mar 15, 2016
datetime.c Add in experimental function for converting into UTC date strings. Dec 15, 2016
extending01-a.dot Adding extension documentation. Mar 15, 2016
extending01-b.dot Adding extension documentation. Mar 15, 2016
extending01-c.dot Adding extension documentation. Mar 15, 2016
extending01-d.dot Adding extension documentation. Mar 15, 2016
extending01.xml Have all BSD.lv links use https, fix OpenBSD manpage links, use proper Jun 15, 2016
extern.h Fix misspellings, #17 Dec 30, 2016
fcgi.c Spelling errors from #14 (no functional change) -- thanks! Nov 2, 2016
figure1.dot Lots of documentation improvements, especially in www. May 13, 2015
figure2-cgi-naked.tsv Add new performance measurements. Aug 6, 2015
figure2-cgi.tsv Add new performance measurements. Aug 6, 2015
figure2-fcgi.tsv Add new performance measurements. Aug 6, 2015
figure2-static.tsv Add new performance measurements. Aug 6, 2015
figure2.gnuplot Add new performance measurements. Aug 6, 2015
figure4.dot Regress PHONY (thanks to Baptiste Daroussin) and some documentation. Jul 19, 2015
functions.xml Clean up fonts (using google fonts). Oct 17, 2016
genindex.sh Add a function index. Oct 12, 2016
httpauth.c Fix check for NULL instead of string boundary. Jan 25, 2016
index.css Clean up fonts (using google fonts). Oct 17, 2016
index.xml Add asiabsdcon 2017. Mar 12, 2017
kcgi.c Add a facility (proposed by Ross Richardson) for falling back to a ge… Mar 12, 2017
kcgi.h Add a facility (proposed by Ross Richardson) for falling back to a ge… Mar 12, 2017
kcgihtml.c Spelling errors from #14 (no functional change) -- thanks! Nov 2, 2016
kcgihtml.h Properly type textarea as a phrase element, not a flow. Noted by Ross… Oct 4, 2016
kcgijson.c Required header for va_list. Oct 12, 2016
kcgijson.h Portability: Linux systems don't (always?) have __BEGIN_DECLS defined… Mar 10, 2016
kcgiregress.c Spelling errors from #14 (no functional change) -- thanks! Nov 2, 2016
kcgiregress.h Portability: Linux systems don't (always?) have __BEGIN_DECLS defined… Mar 10, 2016
kcgixml.c Allow for compilation on musl: add compat headers and fix some inclusion Jul 7, 2015
kcgixml.h Portability: Linux systems don't (always?) have __BEGIN_DECLS defined… Mar 10, 2016
kfcgi.c Have SIGCHLD report the proper error when caught. Prior to this check… Apr 19, 2016
logging.c Add extra logging functions. Oct 31, 2016
mandoc.css Add CSS. Jun 15, 2016
md5.c Get compiling on Alpine Linux. Motivated by Vitaliy T.--thanks! Mar 10, 2016
md5.h Add HTTP digest support. This was [mostly] pulled in from kcaldav. Jan 7, 2016
output.c Buffer HTTP header output in both CGI and FastCGI. Apr 14, 2016
parent.c Copyright fixes. Mar 16, 2016
sample-cgi.c Clean up the sample CGI source. Mar 15, 2016
sample-fcgi.c Required header for va_list. Oct 12, 2016
sample.c Bring up to date with kcgihtml. Oct 12, 2016
sandbox-capsicum.c Finalise FreeBSD capsicum sandbox. Mar 16, 2016
sandbox-darwin.c Initial attempt at putting control socket into a sandbox. Jul 19, 2015
sandbox-pledge.c Split apart a SAND_CONTROL with SAND_CONTROL_OLD and SAND_CONTROL_NEW, Mar 15, 2016
sandbox-seccomp-filter.c Questionable addition to seccomp sandbox... Mar 16, 2016
sandbox-systrace.c This will soon go away... Mar 12, 2017
sandbox.c Spelling errors from #14 (no functional change) -- thanks! Nov 2, 2016
template.xml Push remote host into input.c. Nov 23, 2014
test-arc4random.c Prevent test from returning !0. Mar 15, 2016
test-capsicum.c Capsicum support contributed by Baptiste Daroussin. Thanks! Nov 21, 2014
test-memmem.c Add minimal configure script (from mandoc). Apr 16, 2014
test-pledge.c Note pledge(2) replacement. Nov 12, 2015
test-reallocarray.c Big bump: split out reading of network sensitive data into input.c. May 10, 2014
test-sandbox_init.c Integrate sandbox model. May 12, 2014
test-seccomp-filter.c Enabling seccomp (work in progress). Jul 7, 2015
test-strlcat.c Actually use strl tests. Jul 13, 2014
test-strlcpy.c Update kcgijson(3) a bit. Dec 15, 2014
test-strtonum.c Fix up for OpenBSD. Apr 16, 2014
test-systrace.c More preparation of systrace protection. May 14, 2014
test-zlib.c Rename khtml_close to khtml_closeleem. Apr 27, 2015
tutorial.xml Clean up fonts (using google fonts). Oct 17, 2016
tutorial0.xml Some grammar and spelling typos found by Svyatoslav Mishyn --- thanks! Nov 25, 2016
tutorial1.xml Have a bit better security handling and use a correct expires. Oct 10, 2016
tutorial2.xml Fix path as noted by #5 -- thanks! Aug 25, 2016
tutorial3.xml Add a new tutorial for custom validation. Aug 19, 2016
tutorial4.xml Install regression framework as well. I guess nobody was using it... Oct 7, 2016
versions.xml Version notes updated. Mar 12, 2017
wrappers.c Copyright fixes. Mar 16, 2016

README.md

Synopsis

kcgi is an open source CGI and FastCGI library for C web applications. It is minimal, secure, and auditable; and fits within your BCHS software stack. This repository is consists of bleeding-edge code between versions: to keep up to date with the current stable release of kcgi, visit the kcgi website.

To get started with a kcgi project, see kcgi-framework for a set of files to get your project going.

Code Example

Implementing a CGI or FastCGI application with kcgi is easy (for values of easy greater than "knows C"). One usually specifies the pages recognised by the application and the known form inputs. kcgi then parses the request.

#include <stdarg.h> /* va_list */
#include <stdint.h> /* int64_t */
#include <stdlib.h>
#include <unistd.h> /* ssize_t */
#include <kcgi.h>
 
int main(void) {
  struct kreq r;
  const char *page = "index";
  if (KCGI_OK != khttp_parse(&r, NULL, 0, &page, 1, 0))
	return(EXIT_FAILURE);
  khttp_head(&r, kresps[KRESP_STATUS],
	"%s", khttps[KHTTP_200]);
  khttp_head(&r, kresps[KRESP_CONTENT_TYPE], 
	"%s", kmimetypes[r.mime]);
  khttp_body(&r);
  khttp_puts(&r, "Hello, world!\n");
  khttp_free(&r);
  return(EXIT_SUCCESS);
}

Installation

kcgi works out-of-the-box with modern UNIX systems. Simply download the latest version's source archive (or download the project from GitHub), compile with make, then sudo make install (or using doas). Your operating system might already have kcgi as one of its third-party libraries: check to make sure!

API Reference

See the kcgi(3) manpage for complete library documentation. You can also browse all functions.

Tests

The system contains a full regression suite and is also built to work with AFL. See the kcgi website for details on how to deploy (or write) tests.

License

All sources use the ISC (like OpenBSD) license. See the LICENSE.md file for details.