Running 6.4 (-stable, via openup/mtier).
I have bgpd(8) talking to my border router, acting as a route collector.
That part seems fine.
I now have httpd(8) configured trivially to run bgplg(8) (per the
bgplg(8) manpage) but it's not working, and I can't tell why. **EDIT:
yes, I can, see below**
httpd.conf:
===start===
server "*" {
listen on * port 80
location "/cgi-bin/*" {
fastcgi
root ""
}
}
===end===
On the client end, I get:
bgpmirror# wget -v http://localhost/cgi-bin/bgplg
--2019-01-11 10:12:05-- http://localhost/cgi-bin/bgplg
Resolving localhost (localhost)... 127.0.0.1, ::1
Connecting to localhost (localhost)|127.0.0.1|:80... connected.
HTTP request sent, awaiting response... 200 No headers, assuming
HTTP/0.9
Length: unspecified
Saving to: 'bgplg'
(it never completes until I kill it)
Ktrace'ing slowcgi and httpd in -d mode reveals that bgplg execve's
properly, loads, spits out "invalid character in input" and dies.
Slowcgi and/or httpd do not handle this... well, at all, really. That
error message also does not get logged anywhere nor is visible anywhere
except ktrace logs.
Looking at the bgplg source code, this means there's something funky in
its environment that it doesn't like. Ah. It looks like it's the "*"
in server_name, as passed in by slowcgi:
slowcgi: env[18], SERVER_NAME=*
Yup. That's the problem, all right: /usr/src/usr.bin/bgplg/bgplg.c:115
excludes '*'. But I want my looking glass to be accessible from at
least two different hostnames, and I really would prefer to not have to
define them all manually in httpd.conf(5).
The naive local fix is trivial (adding '*' to the strchr call in line
115), but what else might I be breaking or letting in? Clearly this is
supposed to ensure the environment is sanitized before continuing, but
is "*" forbidden because it's unsafe, or simply because it never
occurred to anyone?
Thoughts / suggestions ?
Thanks,
-Adam
