--- fnord-1.10-20090206fwb/httpd.c.pythonphpnobinfmt	2009-02-07 20:40:23.000000000 +0100
+++ fnord-1.10-20090206fwb/httpd.c	2009-02-08 01:40:10.000000000 +0100
@@ -81,8 +81,9 @@
 #define TARPIT
 
 /* uncomment the following line to make fnord chroot to the current
- * working directory and drop privileges */
+ * working directory and drop privileges
 #define CHROOT
+*/
 
 /* uncomment the following line to make fnord support connection
  * keep-alive */
@@ -123,6 +124,11 @@
 #endif
 
 enum { UNKNOWN, GET, HEAD, POST } method;
+#ifdef CGI
+enum { CGINONE, CGICGI, CGIPHP, CGIPYTHON } cgimethod;
+static const char phpinterpreter[]="/usr/bin/php-cgi";
+static const char pythoninterpreter[]="/usr/bin/python";
+#endif
 
 #ifdef TCP_CORK
 static int corked;
@@ -464,10 +470,12 @@
 
   /* argv */
   if (args && (args[str_chr(args,'=')]==0)) {
-    int n=3;
+    int n=4;
     for (i=0;args[i];++i) if (args[i]=='+') ++n;
     cgi_arg=alloca(n*sizeof(char*));
-    cgi_arg[n=1]=args;
+    if(cgimethod>CGICGI) n=2;
+    else n=1;
+    cgi_arg[n]=args;
     for (i=0;args[i];++i) {
       if (args[i]=='+') {
 	args[i]=0;
@@ -477,17 +485,30 @@
     }
     cgi_arg[++n]=0;
   } else {
-    cgi_arg=alloca(2*sizeof(char*));
+    cgi_arg=alloca(3*sizeof(char*));
     cgi_arg[1]=0;
+    cgi_arg[2]=0;
   }
 
   i=strrchr(url,'/')-url;
-  strncpy(tmp,url+1,i);
-  tmp[i]=0;
-  chdir(tmp);
+  if (i) {   /* no wasted time for syscall chdir("") */
+    strncpy(tmp,url+1,i);
+    tmp[i]=0;
+    chdir(tmp);
+  }
 
   /* program name */
-  cgi_arg[0]=tmp;
+  if (cgimethod==CGIPHP) {
+    cgi_arg[0]=(char*)phpinterpreter;
+    cgi_arg[1]=tmp;
+  } else {
+    if (cgimethod==CGIPYTHON) {
+      cgi_arg[0]=(char*)pythoninterpreter;
+      cgi_arg[1]=tmp;
+    } else {
+      cgi_arg[0]=tmp;
+    }
+  }
   tmp[0]='.';
   tmp[str_copy(tmp+1,url+i)+1]=0;
 
@@ -824,7 +845,6 @@
   if (c[6]==',') c+=8; else {
     c+=4;
     for (i=0; i<12; ++i) {
-//      fprintf(stderr,"comparing %s to %.3s\n",c,months+i*3);
       if (!strncasecmp(c,months+i*3,3)) {
 	x.tm_mon=i; break;
       }
@@ -1127,12 +1147,14 @@
 
 #ifdef CGI
 static int findcgi(const char* c) {
-  return (c[0]=='.' && c[1]=='c' &&
-          c[2]=='g' && c[3]=='i' &&
-          (c[4]=='/' || c[4]==0)) ||
-         (c[0]=='.' && c[1]=='p' &&
-          c[2]=='h' && c[3]=='p' &&
-          (c[4]=='/' || c[4]==0));
+  if (c[0]!='.') return CGINONE;
+  if (c[1]=='p' && c[2]=='h' && c[3]=='p' &&
+      (c[4]=='/' || c[4]==0)) return CGIPHP;
+  if (c[1]=='c' && c[2]=='g' && c[3]=='i' &&
+      (c[4]=='/' || c[4]==0)) return CGICGI;
+  if (c[1]=='p' && c[2]=='y' &&
+      (c[3]=='/' || c[3]==0)) return CGIPYTHON;
+  return CGINONE;
 }
 #endif
 
@@ -1480,7 +1502,6 @@
 hostb0rken:
 	badrequest(400,"Bad Request","<title>Bad Request</title>Bullshit Host header");
     if (host[0]=='.') goto hostb0rken;
-//    fprintf(stderr,"host %s\n",host);
 #ifdef KEEPALIVE
     if (keepalive>0) {
       if ((rootdir=open(".",O_RDONLY))<0)
@@ -1567,17 +1588,20 @@
     nurl=url+i;
   }
 #ifdef CGI
-  nurl-=3;
+  nurl-=1;
   {
     char* tmp,* pathinfo;
+    cgimethod=CGINONE;
     pathinfo=0;
-    for (tmp=url; tmp<nurl; ++tmp)
-      if (findcgi(tmp)) {
+    for (tmp=url; tmp<nurl; ++tmp) {
+      cgimethod=findcgi(tmp);
+      if (cgimethod) {
 	nurl=tmp;
 	if (tmp[4]=='/')
 	  pathinfo=tmp+4;
 	break;
       }
+    }
     if (pathinfo) {
       int len=str_len(pathinfo)+1;
       tmp=alloca(len);
@@ -1585,7 +1609,7 @@
       *pathinfo=0;
       pathinfo=tmp;
     }
-    if (findcgi(nurl)) {
+    if (cgimethod) {
       int i;
       if ((method==HEAD)) badrequest(400,"Bad Request","Illegal HTTP method for Gateway call.");
 #ifdef TCP_CORK