ksgi

index.xml
463 строки · 20.9 Кб
Перенос по словам
1
<!DOCTYPE html>
2
<html lang="en" prefix="og: http://ogp.me/ns#">
3
	<head>
4
		<meta name="viewport" content="width=device-width, initial-scale=1" />
5
		<meta charset="utf-8" /> 
6
		<title>kcgi | minimal CGI and FastCGI library for C/C++</title>
7
		<link rel="alternate" href="atom.xml" type="application/atom+xml" title="kcgi version feed" />
8
		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css" />
9
		<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Alegreya+Sans:400,400italic,500,700" />
10
		<link rel="stylesheet" href="https://bsd.lv/css/style.css" />
11
		<link rel="stylesheet" href="index.css" />
12
		<meta property="og:title" content="kcgi: minimal CGI and FastCGI library for C/C++" />
13
		<meta property="og:description" 
14
		 content="A C/C++ library for security-oriented web applications." />
15
	 	<meta property="og:url" content="https://kristaps.bsd.lv/kcgi/index.html" />
16
		<meta property="og:type" content="website" />
17
		<meta name="description" 
18
		 content="A C/C++ library for security-oriented web applications." />
19
	</head>
20
	<body itemscope="itemscope" itemtype="http://schema.org/SoftwareApplication">
21
		<header>
22
			<section id="breadcrumbs" class="text">
23
				<a href="https://www.bsd.lv">BSD.lv</a> tools for <a href="https://learnbchs.org">BCHS</a>: 
24
				<a href="https://kristaps.bsd.lv/kcgi">kcgi</a>, 
25
				<a href="https://kristaps.bsd.lv/sqlbox">sqlbox</a>, 
26
				<a href="https://kristaps.bsd.lv/openradtool">ort</a>
27
			</section>
28
			<section id="header" class="text">
29
				<h1>
30
					<a href="index.html" itemprop="name" class="nm">kcgi</a> 
31
					&#8211; 
32
					<span itemprop="description" class="nd">minimal CGI and FastCGI library for C/C++</span>
33
				</h1>
34
				<nav>
35
					<span class="version">
36
						Version 
37
						<nav data-sblg-nav="1" data-sblg-navtag="version" 
38
						 data-sblg-navsz="1" data-sblg-navxml="1">
39
							${sblg-titletext}
40
						</nav>
41
					</span>
42
					<a title="Source code" itemprop="downloadURL" href="snapshots/kcgi.tgz">
43
						<i class="fa fa-fw fa-gears"></i>
44
					</a>
45
					<a title="Source fingerprint" href="snapshots/kcgi.tgz.sha512">
46
						<i class="fa fa-fw fa-lock"></i>
47
					</a>
48
					<a title="Source archive" href="snapshots">
49
						<i class="fa fa-fw fa-archive"></i>
50
					</a>
51
					<a title="Source repository" href="https://www.github.com/kristapsdz/kcgi">
52
						<i class="fa fa-fw fa-github"></i>
53
					</a>
54
					<a title="Version feed" href="atom.xml">
55
						<i class="fa fa-fw fa-rss"></i>
56
					</a>
57
				</nav>
58
			</section>
59
		</header>
60
		<section class="text">
61
			<p id="intro">
62
				<span class="nm">kcgi</span> is an <a href="http://opensource.org/licenses/ISC" rel="license">open
63
					source</a> CGI and FastCGI <span itemprop="applicationCategory">library for C/C++ web
64
					applications</span>.
65
				It is minimal, secure, and auditable.
66
			</p>
67
			<p>
68
				To start, <a href="#install">install</a> the library.
69
				Then read the <a href="#deploying">deployment</a> and <a href="#usage">usage</a> guides.
70
				Use the <a href="https://github.com/kristapsdz/kcgi">GitHub</a> tracker for questions or comments,
71
				or find contact information there for direct contact.
72
			</p>
73
		</section>
74
		<figure id="sample">
75
			<input type="radio" name="sample-show" value="0" id="show-nocomments" checked="checked" />
76
			<input type="radio" name="sample-show" value="1" id="show-comments" />
77
			<nav class="text">
78
				<label id="label-nocomments" for="show-nocomments">
79
					<i class="fa fa-fw fa-comments-o"></i> Hide source comments
80
				</label>
81
				<label id="label-comments" for="show-comments">
82
					<i class="fa fa-fw fa-comments"></i> Show source comments
83
				</label>
84
			</nav>
85
			<figcaption class="text">
86
				The following echoes <q>Hello, World!</q> as an HTTP response to a CGI request.
87
			</figcaption>
88
			<pre id="nocomments" class="text prettyprint"><span class="cpp">#include</span> <span class="literal">&lt;sys/types.h&gt;</span> /* size_t, ssize_t */
89
<span class="cpp">#include</span> <span class="literal">&lt;stdarg.h&gt;</span> /* va_list */
90
<span class="cpp">#include</span> <span class="literal">&lt;stddef.h&gt;</span> /* NULL */
91
<span class="cpp">#include</span> <span class="literal">&lt;stdint.h&gt;</span> /* int64_t */
92
<span class="cpp">#include</span> <span class="literal">&lt;<a href="kcgi.3.html">kcgi.h</a>&gt;</span>
93

94
<span class="ident">int</span> main(<span class="ident">void</span>) {
95
    <span class="ident">struct</span> kreq r;
96
    <span class="ident">const char</span> *page = <span class="literal">"index"</span>;
97
    <span class="flow">if</span> (<a href="khttp_parse.3.html">khttp_parse</a>(&amp;r, NULL, 0, &amp;page, 1, 0) != KCGI_OK)
98
        return 1;
99
    <a href="khttp_head.3.html">khttp_head</a>(&amp;r, kresps[KRESP_STATUS], 
100
        <span class="literal">"%s"</span>, khttps[KHTTP_200]);
101
    khttp_head(&amp;r, kresps[KRESP_CONTENT_TYPE], 
102
        <span class="literal">"%s"</span>, kmimetypes[KMIME_TEXT_PLAIN]);
103
    <a href="khttp_body.3.html">khttp_body</a>(&amp;r);
104
    <a href="khttp_write.3.html">khttp_puts</a>(&amp;r, <span class="literal">"Hello, world!"</span>);
105
    <a href="khttp_free.3.html">khttp_free</a>(&amp;r);
106
    <span class="flow">return</span> 0;
107
}</pre>
108
				<pre id="comments" class="text prettyprint"><span class="cpp">#include</span> <span class="literal">&lt;sys/types.h&gt;</span> /* size_t, ssize_t */
109
<span class="cpp">#include</span> <span class="literal">&lt;stdarg.h&gt;</span> /* va_list */
110
<span class="cpp">#include</span> <span class="literal">&lt;stddef.h&gt;</span> /* NULL */
111
<span class="cpp">#include</span> <span class="literal">&lt;stdint.h&gt;</span> /* int64_t */
112
<span class="cpp">#include</span> <span class="literal">&lt;<a href="kcgi.3.html">kcgi.h</a>&gt;</span>
113

114
<span class="ident">int</span> main(<span class="ident">void</span>) {
115
    <span class="ident">struct</span> kreq r;
116
    <span class="ident">const char</span> *page = <span class="literal">"index"</span>;
117
  
118
    /*
119
     * Parse the HTTP environment.
120
     * We only know a single page, "index", which is also
121
     * the default page if none is supplied.
122
     * (We don't validate any input fields.)
123
     */
124
  
125
    <span class="flow">if</span> (<a href="khttp_parse.3.html">khttp_parse</a>(&amp;r, NULL, 0, &amp;page, 1, 0) != KCGI_OK)
126
        return 1;
127
  
128
    /* 
129
     * Ordinarily, here I'd switch on the method (OPTIONS, etc.,
130
     * defined in the <q>method</q> variable) then switch on which
131
     * page was requested (<q>page</q> variable).
132
     * But for brevity's sake, just output a response: HTTP 200.
133
     */
134
  
135
    <a href="khttp_head.3.html">khttp_head</a>(&amp;r, kresps[KRESP_STATUS], 
136
        <span class="literal">"%s"</span>, khttps[KHTTP_200]);
137
  
138
    /* 
139
     * Show content-type unilaterally as text/plain.
140
     * This would usually be set from r.mime.
141
     */
142
  
143
    khttp_head(&amp;r, kresps[KRESP_CONTENT_TYPE], 
144
        <span class="literal">"%s"</span>, kmimetypes[KMIME_TEXT_PLAIN]);
145
  
146
    /* No more HTTP headers: start the HTTP document body. */
147
  
148
    <a href="khttp_body.3.html">khttp_body</a>(&amp;r);
149
    
150
    /*
151
     * We can put any content below here: JSON, HTML, etc.
152
     * Usually we'd switch on our MIME type.
153
     * However, we're just going to put the literal string as noted&#8230;
154
     */
155
  
156
    <a href="khttp_write.3.html">khttp_puts</a>(&amp;r, <span class="literal">"Hello, world!"</span>);
157
  
158
    /* Flush the document and free resources. */
159
  
160
    <a href="khttp_free.3.html">khttp_free</a>(&amp;r);
161
    <span class="flow">return</span> 0;
162
}</pre>
163
		</figure>
164
		<section class="text">
165
			<p>
166
				For a fuller example, see <a href="sample.c.html">sample.c</a>, or jump to the <a href="#usage">Documentation</a> section.
167
				(Want a C++ version?  See <a href="samplepp.cc.html">samplepp.cc</a>.)
168
			</p>
169
			<p>
170
				<i>kcgi</i> supports many features: auto-compression, handling of all HTTP input operations (query strings,
171
				cookies, page bodies, multipart) with validation, authentication, configurable output caching, request
172
				debugging, and so on.
173
				Its strongest differentiating feature is using sandboxing and process separation for handling the untrusted
174
				input path.
175
			</p>
176
		</section>
177
		<section id="version">
178
			<div class="text">
179
				<h2>
180
					current release
181
				</h2>
182
				<nav data-sblg-nav="1" data-sblg-navtag="version" data-sblg-navsz="1" data-sblg-navcontent="1">
183
					<div>
184
						<div class="title">
185
							Version <span class="version">${sblg-title}</span>:
186
							<time datetime="${sblg-date}">${sblg-date}</time>
187
						</div>
188
						<div class="content">${sblg-aside}</div>
189
					</div>
190
				</nav>
191
				<p class="archive">
192
					(<a href="archive.html">release archive</a>)
193
				</p>
194
			</div>
195
		</section>
196
		<section id="install" class="text">
197
			<h2>
198
				installation
199
			</h2>
200
			<p>
201
				First, check if <span class="nm">kcgi</span> isn't already packaged for your system, such as
202
				for <a href="https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/kcgi/">OpenBSD</a>, <a
203
					href="https://svnweb.freebsd.org/ports/head/www/kcgi/">FreeBSD</a>,
204
				<a href="https://aur.archlinux.org/packages/kcgi/">Arch Linux</a>, and so on.
205
				(If it is, make sure it's up to date!)
206
				If so, install using that system.
207
			</p>
208
			<p>
209
				If not, you'll need a modern <span itemprop="operatingSystem">UNIX</span> system.  
210
				To date, <span class="nm">kcgi</span> has been built and run on 
211
				GNU/<a href="https://www.linux.org" itemprop="operatingSystem">Linux</a> machines 
212
				(musl and glibc), BSD 
213
				(<a href="https://www.openbsd.org" itemprop="operatingSystem">OpenBSD</a>, 
214
				<a href="https://www.netbsd.org" itemprop="operatingSystem">NetBSD</a>, 
215
				<a href="https://www.freebsd.org" itemprop="operatingSystem">FreeBSD</a>),
216
				<a href="https://www.oracle.com/solaris/solaris11" itemprop="operatingSystem">Solaris</a>,
217
				<a href="https://omniosce.org" itemprop="operatingSystem">OmniOS</a>, and 
218
				<a href="https://www.apple.com/osx" itemprop="operatingSystem">Mac OS X</a> 
219
				(only Mojave and newer!) on i386, amd64, powerpc, arm64, and sparc64.
220
				It has been deployed under <a href="https://httpd.apache.org/">Apache</a>, <a
221
					href="https://nginx.org">nginx</a>, and OpenBSD's <a
222
					href="https://man.openbsd.org/httpd.8">httpd(8)</a>
223
				(the latter two natively over FastCGI and via the <code>slowcgi</code> wrapper).
224
				The only hard dependency is BSD make (<code>bmake</code> on Linux).
225
				If you're running the regression tests (see <a href="#testing">Testing</a>), you'll need <a
226
					href="https://curl.haxx.se/libcurl/">libcurl</a>.
227
			</p>
228
			<p>
229
				Download <a href="snapshots/kcgi.tgz">kcgi.tgz</a> and verify the archive with <a
230
					href="snapshots/kcgi.tgz.sha512">kcgi.tgz.sha512</a>.
231
				Configure with <code>./configure</code>, compile with <code>make</code> (or <code>bmake</code>
232
				on Linux systems).
233
				Finally, install the software using <code>make install</code>. 
234
				Optionally override default paths with a <code>configure.local</code> file (see the 
235
				<a href="https://github.com/kristapsdz/kcgi/blob/master/configure">configure</a> script 
236
				for details) prior to configuration.
237
			</p>
238
			<p>
239
				If <span class="nm">kcgi</span> doesn't compile, please send me the <span class="file">config.log</span>
240
				file and the output of the failed compilation.
241
				Along with all of your operating system information of course.
242
			</p>
243
			<p>
244
				To run bleeding-edge code between releases, the CVS repository is mirrored on 
245
				<a href="https://github.com/kristapsdz/kcgi">GitHub</a>.  Installation instructions tracking the repository
246
				version may be found on that page.
247
			</p>
248
		</section>
249
		<section id="deploying" class="text">
250
			<h2>
251
				deployment
252
			</h2>
253
			<p>
254
				To compile <span class="nm">kcgi</span> applications, use the package configuration.
255
				Linking is similarly normative.
256
			</p>
257
			<pre class="prettyprint">% cc `pkg-config --cflags kcgi` -c yourprog.c
258
% cc yourprog.o `pkg-config --libs kcgi`</pre>
259
			<p>
260
				Well-deployed web servers, such as the default <a href="https://www.openbsd.org">OpenBSD</a> server, by
261
				default are deployed within a <a
262
					href="https://man.openbsd.org/chroot.2">chroot(2)</a>.  If
263
				this is the case, you'll need to statically link your binary.
264
			</p>
265
			<pre class="prettyprint">% cc -static yourprog.o `pkg-config --static --libs kcgi`</pre>
266
			<p>
267
				FastCGI applications may either be started directly by the web server (which is popular with <a
268
					href="https://httpd.apache.org/">Apache</a>) or <q>externally</q> given a socket and <a
269
					href="kfcgi.8.html">kfcgi(8)</a> (this method is normative for OpenBSD's <a
270
					href="https://man.openbsd.org/httpd.8">httpd(8)</a> and
271
				suggested for the security precautions taken by the wrapper).
272
			</p>
273
		</section>
274
		<section id="usage" class="text">
275
			<h2>
276
				documentation
277
			</h2>
278
			<p>
279
				The <span class="nm">kcgi</span> manpages, starting with <a href="kcgi.3.html">kcgi(3)</a>, are the
280
				canonical source of documentation.  
281
				The following is a list of all manpages:
282
			</p>
283
			<nav id="mannav" data-sblg-nav="1" data-sblg-navtag="man" data-sblg-navcontent="1" data-sblg-navsort="title">
284
				<a href="${sblg-stripbase}.html">${sblg-title}</a>
285
			</nav>
286
			<p>
287
				If it's easier to start by example, you can use 
288
				<a href="https://github.com/kristapsdz/kcgi-framework">kcgi-framework</a> as an initial boilerplate to
289
				start your project.
290
				The following are introductory materials to the system.
291
			</p>
292
			<nav data-sblg-nav="1" data-sblg-navtag="tutorial" data-sblg-navcontent="1" data-sblg-navsort="rdate">
293
				<h3><a href="${sblg-base}.html">${sblg-titletext}</a></h3>
294
				${sblg-aside}
295
			</nav>
296
			<p>
297
				In addition to these resources, the following conference sessions have referenced <span class="nm">kcgi</span>.
298
			</p>
299
			<ul>
300
				<li> 
301
					Dzonsons, Kristaps. <i>Role-based Access Control in BCHS Web Applications</i>. 
302
					Proceedings of <a href="https://2018.asiabsdcon.org">AsiaBSDCon</a>, Tokyo, Japan, March 2018.
303
					(<a href="https://kristaps.bsd.lv/absdcon2018">Slides</a>,
304
					<a href="https://www.youtube.com/watch?v=FzF9e4jrnJ4">video</a>.)
305
					<a href="https://kristaps.bsd.lv/absdcon2018/paper.pdf">paper</a>.)
306
				</li>
307
				<li> 
308
					Dzonsons, Kristaps. <i>Secure BSD Web Applications in C: Practical Strategies</i>. 
309
					Proceedings of <a href="https://2017.asiabsdcon.org">AsiaBSDCon</a>, Tokyo, Japan, March 2017.
310
					(<a href="https://kristaps.bsd.lv/absdcon2017">Slides</a>.)
311
				</li>
312
				<li> 
313
					Dzonsons, Kristaps. <i>Secure BSD Web Application Development in C</i>. 
314
					Proceedings of <a href="https://2016.asiabsdcon.org">AsiaBSDCon</a>, Tokyo, Japan, March 2016.
315
					(<a href="https://kristaps.bsd.lv/absdcon2016">Slides</a>.)
316
				</li>
317
				<li> 
318
					Dzonsons, Kristaps. <i>kcgi: securing CGI applications in C</i>. 
319
					Proceedings of <a href="https://2015.asiabsdcon.org">AsiaBSDCon</a>, Tokyo, Japan, March 2015.
320
					(<a href="https://kristaps.bsd.lv/absdcon2015/talk.pdf">Slides</a>,
321
					 <a href="https://kristaps.bsd.lv/absdcon2015/paper.pdf">paper</a>.)
322
				</li>
323
			</ul>
324
			<p>
325
				And the following relate to extending standards:
326
			</p>
327
			<ul>
328
				<li>
329
					Dzonsons, Kristaps.  <a href="extending01.html">FastCGI Extensions for Management Control</a>.  March
330
					2016.
331
				</li>
332
			</ul>
333
		</section>
334
		<section id="features" class="text">
335
			<h2>
336
				implementation details
337
			</h2>
338
			<p>
339
				The bulk of <span class="nm">kcgi</span>'s CGI handling lies in <a
340
					href="khttp_parse.3.html">khttp_parse(3)</a>, which fully parses the HTTP request.
341
				Application developers must invoke this function before all others.
342
				For FastCGI, this function is split between <a href="khttp_fcgi_init.3.html">khttp_fcgi_init(3)</a>, which
343
				initialises context; and <a href="khttp_fcgi_parse.3.html">khttp_fcgi_parse(3)</a>, which receives new
344
				parsed requests.
345
				In either case, requests must be freed by <a href="khttp_free.3.html">khttp_free(3)</a>.
346
			</p>
347
			<p>
348
				All functions isolate the parsing and validation of untrusted network data within a <i>sandboxed</i>
349
				child process.
350
				Sandboxes limit the environment available to a process, so exploitable errors in the parsing process (or
351
				validation with third-party libraries) cannot touch the system environment.
352
				This parsed data is returned to the parent process over a socket.
353
				In the following, the <i>HTTP parser</i> and <i>input validator</i> manage a single HTTP request, while
354
				<i>connection delegator</i> accepts new HTTP requests and passes them along.
355
			</p>
356
			<figure>
357
				<img src="figure1.svg" alt="Implementation Details" />
358
				<img src="figure4.svg" alt="Implementation Details" />
359
			</figure>
360
			<p>
361
				This method of sandboxing the untrusted parsing process follows <a
362
					href="http://www.openssh.org">OpenSSH</a>, and requires special handling for each operating
363
				system:
364
			</p>
365
			<dl>
366
				<dt>
367
					<a href="http://man7.org/linux/man-pages/man2/seccomp.2.html">seccomp(2)</a>
368
					(Linux)
369
				</dt>
370
				<dd>
371
					This requires a seccomp-enabled Linux kernel and a recognised hardware architecture.
372
					It is supplemented by <code>setrlimit(2)</code> limiting.
373
				</dd>
374
				<dt>
375
					<a href="https://man.openbsd.org/pledge.2">pledge(2)</a>
376
					(<a href="https://www.openbsd.org">OpenBSD</a>)
377
				</dt>
378
				<dd>
379
					This will only work on OpenBSD &gt;5.8.
380
				</dd>
381
				<dt>
382
					<a href="https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man3/sandbox_init.3.html">sandbox_init(3)</a>
383
					(<a href="https://www.apple.com/osx/">Apple OSX</a>)
384
				</dt>
385
				<dd>
386
					This uses the sandboxing profile for <q>pure computation</q> as provided in Mac OS X Leopard and
387
					later.
388
					This is supplemented by resource limiting via <code>setrlimit(2)</code>.
389
				</dd>
390
				<dt>
391
					<a href="https://www.freebsd.org/cgi/man.cgi?query=capsicum&amp;sektion=4">capsicum(4)</a>
392
					(<a href="https://www.freebsd.org">FreeBSD</a>)
393
				</dt>
394
				<dd>
395
					Uses the capabilities facility on <a href="https://www.freebsd.org">FreeBSD</a> 10 and later.
396
					This is supplemented by resource limiting with <code>setrlimit(2)</code>.
397
				</dd>
398
			</dl>
399
			<p>
400
				Since validation occurs within the sandbox, special care must be taken that validation routines don't
401
				access the environment (e.g., by opening files, network connections, etc.), as the child
402
				<strong>might</strong> be abruptly killed by the sandbox facility.
403
				(Not all sandboxes do this.)
404
				If required, this kind of validation can take place after the parse validation sequence.
405
			</p>
406
			<p>
407
				The connection delegator is similar, but has different sandboxing rules, as it must manage an open
408
				socket connection and respond to new requests.
409
			</p>
410
		</section>
411
		<section class="text">
412
			<h2 id="testing">
413
				testing
414
			</h2>
415
			<p>
416
				<span class="nm">kcgi</span> is shipped with a fully automated testing framework executed with
417
				<code>make regress</code>.
418
				To test your own applications, use the <a href="kcgiregress.3.html">kcgiregress(3)</a> library.
419
				This framework acts as a mini-webserver, listening on a local port, translating an HTTP document into a
420
				minimal CGI request, and passing the request to a <span class="nm">kcgi</span> CGI client.
421
				For internal tests, test requests are constructed with <a
422
					href="https://curl.haxx.se/libcurl/">libcurl</a>.
423
				The binding local port is fixed: if you plan on running the regression suite, you may need to
424
				tweak its access port.
425
			</p>
426
			<p>
427
				Another testing framework exists for use with the <a href="http://lcamtuf.coredump.cx/afl/">American
428
					fuzzy lop</a>.
429
				To use this, you'll need to compile the <code>make afl</code> target with your compiler of choice, e.g.,
430
				<code>make clean</code>, then <code>make afl CC=afl-gcc</code>.
431
				Then run the <code>afl-fuzz</code> tool on the <code>afl-multipart</code>, <code>afl-plain</code>, and
432
				<code>afl-urlencoded</code> binaries using the test cases (and dictionaries, for the first) provided.
433
			</p>
434
		</section>
435
		<section class="text">
436
			<h2>
437
				performance
438
			</h2>
439
			<p>
440
				Security comes at a price&#8212;but not a stiff price.
441
				By design, <span class="nm">kcgi</span> incurs overhead in three ways: first, spawning a child to
442
				process the untrusted network data; second, enacting the sandbox framework; and third, passing parsed
443
				pairs back to the parent context.
444
				In the case of running CGI scripts, <span class="nm">kcgi</span> performance is bound to the operating
445
				system's ability to spawn and reap processes.
446
				For FastCGI, the bottleneck becomes the transfer of data.
447
			</p>
448
		</section>
449
		<footer>
450
			<div>
451
				&#169; 2014&#8211;2020
452
				<a rel="author" href="https://github.com/kristapsdz">Kristaps Dzonsons</a>
453
			</div>
454
			<div>
455
				<a href="snapshots/kcgi.tgz"><i class="fa fa-fw fa-gears"></i></a>
456
				<a href="snapshots/kcgi.tgz.sha512"><i class="fa fa-fw fa-lock"></i></a>
457
				<a href="snapshots"><i class="fa fa-fw fa-archive"></i></a>
458
				<a href="https://www.github.com/kristapsdz/kcgi"><i class="fa fa-fw fa-github"></i></a>
459
				<span>Built with <a href="https://kristaps.bsd.lv/sblg">sblg</a> on <a href="https://www.openbsd.org">OpenBSD</a></span>
460
			</div>
461
		</footer>
462
	</body>
463
</html>
464
ksgi

Использование cookies
