TLS + disabling the execution of CGI didn't work under OpenBSD. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)
(HTM) git clone git://r-36.net/geomyidae
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit e35d04d03d5c4c8ddc88e73c5c3f092e3d309a40
(DIR) parent 72253bb02d112a5287ce7b72af7e599da5436236
(HTM) Author: Julian Schweinsberg <pazz0@0xfa.de>
Date: Mon, 21 Aug 2023 08:51:36 +0000
TLS + disabling the execution of CGI didn't work under OpenBSD.
For fork() the pledge "proc" is needed, this wasn't pledge if nocgi was
set.
Signed-off-by: Christoph Lohmann <20h@r-36.net>
Diffstat:
M main.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
---
(DIR) diff --git a/main.c b/main.c
@@ -963,9 +963,10 @@ main(int argc, char *argv[])
#ifdef __OpenBSD__
snprintf(promises, sizeof(promises),
- "rpath inet stdio %s %s",
- nocgi ? "" : "proc exec",
- revlookup ? "dns" : "");
+ "rpath inet stdio %s %s %s",
+ !nocgi || dotls ? "proc" : "",
+ nocgi ? "" : "exec",
+ revlookup ? "dns" : "");
if (pledge(promises, NULL) == -1) {
perror("pledge");
exit(1);