TLS + disabling the execution of CGI didn't work under OpenBSD. - geomyidae - A small C-based gopherd. HTML git clone git://bitreich.org/geomyidae/ git://enlrupgkhuxnvlhsf6lc3fziv5h2hhfrinws65d7roiv6bfj7d652fid.onion/geomyidae/ DIR Log DIR Files DIR Refs DIR Tags DIR README DIR LICENSE --- DIR commit e35d04d03d5c4c8ddc88e73c5c3f092e3d309a40 DIR parent 72253bb02d112a5287ce7b72af7e599da5436236 HTML Author: Julian Schweinsberg <pazz0@0xfa.de> Date: Mon, 21 Aug 2023 08:51:36 +0000 TLS + disabling the execution of CGI didn't work under OpenBSD. For fork() the pledge "proc" is needed, this wasn't pledge if nocgi was set. Signed-off-by: Christoph Lohmann <20h@r-36.net> Diffstat: M main.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- DIR diff --git a/main.c b/main.c @@ -963,9 +963,10 @@ main(int argc, char *argv[]) #ifdef __OpenBSD__ snprintf(promises, sizeof(promises), - "rpath inet stdio %s %s", - nocgi ? "" : "proc exec", - revlookup ? "dns" : ""); + "rpath inet stdio %s %s %s", + !nocgi || dotls ? "proc" : "", + nocgi ? "" : "exec", + revlookup ? "dns" : ""); if (pledge(promises, NULL) == -1) { perror("pledge"); exit(1);