TLS + disabling the execution of CGI didn't work under OpenBSD. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae) (HTM) git clone git://r-36.net/geomyidae (DIR) Log (DIR) Files (DIR) Refs (DIR) README (DIR) LICENSE --- (DIR) commit e35d04d03d5c4c8ddc88e73c5c3f092e3d309a40 (DIR) parent 72253bb02d112a5287ce7b72af7e599da5436236 (HTM) Author: Julian Schweinsberg <pazz0@0xfa.de> Date: Mon, 21 Aug 2023 08:51:36 +0000 TLS + disabling the execution of CGI didn't work under OpenBSD. For fork() the pledge "proc" is needed, this wasn't pledge if nocgi was set. Signed-off-by: Christoph Lohmann <20h@r-36.net> Diffstat: M main.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- (DIR) diff --git a/main.c b/main.c @@ -963,9 +963,10 @@ main(int argc, char *argv[]) #ifdef __OpenBSD__ snprintf(promises, sizeof(promises), - "rpath inet stdio %s %s", - nocgi ? "" : "proc exec", - revlookup ? "dns" : ""); + "rpath inet stdio %s %s %s", + !nocgi || dotls ? "proc" : "", + nocgi ? "" : "exec", + revlookup ? "dns" : ""); if (pledge(promises, NULL) == -1) { perror("pledge"); exit(1);