Add pledge support for OpenBSD, with help from Quentin Rameau - geomyidae - A small C-based gopherd. HTML git clone git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/geomyidae/ DIR Log DIR Files DIR Refs DIR Tags DIR README DIR LICENSE --- DIR commit 65f998fa79fc979a3862d0ae8c0a7c46f7891383 DIR parent d42bd360c1ae7700c0b197e4e017e5f2a5ae8a3c HTML Author: Solene Rapenne <solene@perso.pw> Date: Fri, 22 Jun 2018 22:10:22 +0200 Add pledge support for OpenBSD, with help from Quentin Rameau Signed-off-by: Christoph Lohmann <20h@r-36.net> Diffstat: M ind.c | 2 +- M main.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) --- DIR diff --git a/ind.c b/ind.c @@ -66,7 +66,7 @@ pendingbytes(int sock) pending = 0; rval = 0; -#ifdef TIOCOUTQ +#if defined(TIOCOUTQ) && !defined(__OpenBSD__) rval = ioctl(sock, TIOCOUTQ, &pending); #else #ifdef SIOCOUTQ DIR diff --git a/main.c b/main.c @@ -537,6 +537,15 @@ main(int argc, char *argv[]) initsignals(); cltlen = sizeof(clt); + +#ifdef __OpenBSD__ + char promises[30]; + snprintf(promises, sizeof(promises), "rpath inet stdio proc exec %s %s", + revlookup ? "dns" : "", + dofork ? "tty" : ""); + pledge(promises, NULL); +#endif /* __OpenBSD__ */ + while (1) { sock = accept(listfd, (struct sockaddr *)&clt, &cltlen); if (sock < 0) { @@ -575,6 +584,14 @@ main(int argc, char *argv[]) signal(SIGTERM, SIG_DFL); signal(SIGALRM, SIG_DFL); +#ifdef __OpenBSD__ + char client_promises[25]; + snprintf(client_promises, sizeof(client_promises), + "rpath inet stdio %s", + nocgi ? "" : "proc exec" ); + pledge(client_promises, NULL); +#endif /* __OpenBSD__ */ + handlerequest(sock, base, ohost, sport, clienth, clientp, nocgi);