Add pledge support for OpenBSD, with help from Quentin Rameau - geomyidae - A small C-based gopherd.
(HTM) git clone git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/geomyidae/
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) Tags
(DIR) README
(DIR) LICENSE
---
(DIR) commit 65f998fa79fc979a3862d0ae8c0a7c46f7891383
(DIR) parent d42bd360c1ae7700c0b197e4e017e5f2a5ae8a3c
(HTM) Author: Solene Rapenne <solene@perso.pw>
Date: Fri, 22 Jun 2018 22:10:22 +0200
Add pledge support for OpenBSD, with help from Quentin Rameau
Signed-off-by: Christoph Lohmann <20h@r-36.net>
Diffstat:
M ind.c | 2 +-
M main.c | 17 +++++++++++++++++
2 files changed, 18 insertions(+), 1 deletion(-)
---
(DIR) diff --git a/ind.c b/ind.c
@@ -66,7 +66,7 @@ pendingbytes(int sock)
pending = 0;
rval = 0;
-#ifdef TIOCOUTQ
+#if defined(TIOCOUTQ) && !defined(__OpenBSD__)
rval = ioctl(sock, TIOCOUTQ, &pending);
#else
#ifdef SIOCOUTQ
(DIR) diff --git a/main.c b/main.c
@@ -537,6 +537,15 @@ main(int argc, char *argv[])
initsignals();
cltlen = sizeof(clt);
+
+#ifdef __OpenBSD__
+ char promises[30];
+ snprintf(promises, sizeof(promises), "rpath inet stdio proc exec %s %s",
+ revlookup ? "dns" : "",
+ dofork ? "tty" : "");
+ pledge(promises, NULL);
+#endif /* __OpenBSD__ */
+
while (1) {
sock = accept(listfd, (struct sockaddr *)&clt, &cltlen);
if (sock < 0) {
@@ -575,6 +584,14 @@ main(int argc, char *argv[])
signal(SIGTERM, SIG_DFL);
signal(SIGALRM, SIG_DFL);
+#ifdef __OpenBSD__
+ char client_promises[25];
+ snprintf(client_promises, sizeof(client_promises),
+ "rpath inet stdio %s",
+ nocgi ? "" : "proc exec" );
+ pledge(client_promises, NULL);
+#endif /* __OpenBSD__ */
+
handlerequest(sock, base, ohost, sport, clienth,
clientp, nocgi);